From 80b9ff643608abf5e908e0c38cc015a401fc6f39 Mon Sep 17 00:00:00 2001
From: Seth Hoenig <shoenig@duck.com>
Date: Tue, 11 Jul 2023 13:06:46 -0500
Subject: [PATCH] docs: clarify using user on raw_exec driver (#17897)

---
 website/content/docs/drivers/raw_exec.mdx | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/website/content/docs/drivers/raw_exec.mdx b/website/content/docs/drivers/raw_exec.mdx
index b8b2db68e..06c9d1624 100644
--- a/website/content/docs/drivers/raw_exec.mdx
+++ b/website/content/docs/drivers/raw_exec.mdx
@@ -37,6 +37,9 @@ The `raw_exec` driver supports the following configuration in the job spec:
   variables](/nomad/docs/runtime/interpolation) will be interpreted before
   launching the task.
 
+~> The `task.user` field cannot be set on a Task using the `raw_exec` driver if
+the Nomad client has been hardened according to the [production][hardening] guide.
+
 ## Examples
 
 To run a binary present on the Node:
@@ -153,5 +156,6 @@ the process tree. Cgroups are used on Linux when Nomad is being run with
 appropriate privileges, the cgroup system is mounted and the operator hasn't
 disabled cgroups for the driver.
 
+[hardening]: /nomad/docs/install/production/requirements#user-permissions
 [plugin-options]: #plugin-options
 [plugin-block]: /nomad/docs/configuration/plugin