git: 21d9bc1629e0 - stable/14 - cap_net.3: Clarify monotonic reduction in permitted operations

The branch stable/14 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=21d9bc1629e0f8dfe83766a2c814d6b77513e641

commit 21d9bc1629e0f8dfe83766a2c814d6b77513e641
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2026-05-20 20:27:49 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2026-05-25 13:37:06 +0000

    cap_net.3: Clarify monotonic reduction in permitted operations
    
    Reviewed by:    markj, oshogbo
    Sponsored by:   The FreeBSD Foundation
    Differential Revision: https://reviews.freebsd.org/D57141
    
    (cherry picked from commit 59601a75d6fb1300b1aec2977eaa6adeb0300684)
    (cherry picked from commit 414617d82c8a4e10c8bdfc9ea50f3b3fde7cec0d)
---
 lib/libcasper/services/cap_net/cap_net.3 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/libcasper/services/cap_net/cap_net.3 b/lib/libcasper/services/cap_net/cap_net.3
index e322222e866f..2e3777337d60 100644
--- a/lib/libcasper/services/cap_net/cap_net.3
+++ b/lib/libcasper/services/cap_net/cap_net.3
@@ -203,7 +203,8 @@ will consume and apply the limits.
 .Pp
 Once a set of limits is applied, subsequent calls to
 .Fn cap_net_limit
-will fail unless the new set is a subset of the current set.
+may only further restrict the service.
+Any call that would grant operations not currently permitted will fail.
 .Pp
 If the
 .Fn cap_net_limit