git: 6452fb1e87ed - main - protect.1: Document that protect(1) does not work in jails

The branch main has been updated by 0mp (doc, ports committer):

URL: https://cgit.FreeBSD.org/src/commit/?id=6452fb1e87ed9d00b52fa1e63e7c3a7516c9586c

commit 6452fb1e87ed9d00b52fa1e63e7c3a7516c9586c
Author:     Mateusz Piotrowski <0mp@FreeBSD.org>
AuthorDate: 2022-07-11 22:43:27 +0000
Commit:     Mateusz Piotrowski <0mp@FreeBSD.org>
CommitDate: 2022-07-11 22:47:58 +0000

    protect.1: Document that protect(1) does not work in jails
    
    The reason is that in order to protect a process procctl(2) needs
    the PRIV_VM_MADV_PROTECT privilege, which is currently denied in jails
    (see kern_jail.c).
    
    MFC after:      1 week
---
 usr.bin/protect/protect.1 | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/usr.bin/protect/protect.1 b/usr.bin/protect/protect.1
index 87a8169b1885..f67a8d9b59ea 100644
--- a/usr.bin/protect/protect.1
+++ b/usr.bin/protect/protect.1
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 7, 2022
+.Dd July 12, 2022
 .Dt PROTECT 1
 .Os
 .Sh NAME
@@ -112,6 +112,24 @@ bit is set to 1.
 All children of this process will also be protected if
 .Nm PI
 bit is set to 1.
+.Sh DIAGNOSTICS
+.Bl -diag
+.It "protect: procctl: Operation not permitted"
+The
+.Nm
+command does not have the required permissions to protect selected processes.
+There are many reasons why this could be the case, e.g.:
+.Bl -dash
+.It
+.Nm
+is not executed by root.
+.It
+.Nm
+is executed inside a
+.Xr jail 8 ,
+which is not supported at the moment.
+.El
+.El
 .Sh SEE ALSO
 .Xr ps 1 ,
 .Xr procctl 2 ,