From 184f094ac0af896d6ed001f7d612d43cb2366782 Mon Sep 17 00:00:00 2001
From: Jonh Wendell <jonh.wendell@redhat.com>
Date: Thu, 27 Apr 2017 10:52:31 -0300
Subject: [PATCH] Add a rootless section to "spec" man page and command help

Signed-off-by: Jonh Wendell <jonh.wendell@redhat.com>
---
 man/runc-spec.8.md | 3 +++
 spec.go            | 9 +++++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/man/runc-spec.8.md b/man/runc-spec.8.md
index 3c69e231..4f8e9bb9 100644
--- a/man/runc-spec.8.md
+++ b/man/runc-spec.8.md
@@ -45,5 +45,8 @@ already running as root, you can use sudo to give runc root privilege. For
 example: "sudo runc start container1" will give runc root privilege to start the
 container on your host.
 
+Alternatively, you can start a rootless container, which has the ability to run without root privileges. For this to work, the specification file needs to be adjusted accordingly. You can pass the parameter --rootless to this command to generate a proper rootless spec file.
+
 # OPTIONS
    --bundle value, -b value     path to the root of the bundle directory
+   --rootless                   generate a configuration for a rootless container
diff --git a/spec.go b/spec.go
index 9024ad4c..a15c84e6 100644
--- a/spec.go
+++ b/spec.go
@@ -51,13 +51,18 @@ must be unique on your host.
 
 An alternative for generating a customized spec config is to use "oci-runtime-tool", the
 sub-command "oci-runtime-tool generate" has lots of options that can be used to do any
-customizations as you want, see [runtime-tools](https://github.com/opencontainers/runtime-tools)
+customizations as you want, see runtime-tools (https://github.com/opencontainers/runtime-tools)
 to get more information.
 
 When starting a container through runc, runc needs root privilege. If not
 already running as root, you can use sudo to give runc root privilege. For
 example: "sudo runc start container1" will give runc root privilege to start the
-container on your host.`,
+container on your host.
+
+Alternatively, you can start a rootless container, which has the ability to run
+without root privileges. For this to work, the specification file needs to be
+adjusted accordingly. You can pass the parameter --rootless to this command to
+generate a proper rootless spec file.`,
 	Flags: []cli.Flag{
 		cli.StringFlag{
 			Name:  "bundle, b",