Merge branch 'doc_keymgr_uid' into 'master'

doc: note of keymgr uid

Closes #633

See merge request knot/knot-dns!984

2 files changed, 14 insertions, 0 deletions

diff --git a/doc/man/keymgr.8in b/doc/man/keymgr.8in
index 7d03cd05e..0042bb9d4 100644
--- a/doc/man/keymgr.8in
+++ b/doc/man/keymgr.8in
@@ -73,6 +73,15 @@ configuration file.
 \fB\-d\fP, \fB\-\-dir\fP \fIpath\fP
 Use specified KASP database path and default configuration.
 .UNINDENT
+.sp
+\fBNOTE:\fP
+.INDENT 0.0
+.INDENT 3.5
+Keymgr runs with the same user privileges as configured for knotd. For example,
+if keymgr is run as root, but the configured user is knot,
+it won\(aqt be able to read files (PEM files, KASP db, ...) readable only by root.
+.UNINDENT
+.UNINDENT
 .SS Commands
 .INDENT 0.0
 .TP
diff --git a/doc/man_keymgr.rst b/doc/man_keymgr.rst
index b8452afd9..8e8c649d1 100644
--- a/doc/man_keymgr.rst
+++ b/doc/man_keymgr.rst
@@ -50,6 +50,11 @@ Config options
 **-d**, **--dir** *path*
   Use specified KASP database path and default configuration.
 
+.. NOTE::
+   Keymgr runs with the same user privileges as configured for knotd. For example,
+   if keymgr is run as root, but the configured :ref:`user<server_user>` is knot,
+   it won't be able to read files (PEM files, KASP db, ...) readable only by root.
+
 Commands
 ........