Adding sys_admin related limitation to readme (#1143)

* Adding sys_admin related limitation to readme

.github/workflows/codespell.yml

@@ -20,5 +20,5 @@ jobs:
         with:
           check_filenames: true
           skip: ./.git,./.github/workflows/codespell.yml,.git,*.png,*.jpg,*.svg,*.sum,./vendor,go.sum,./NOTICE
-          ignore_words_list: filetest,dum,varius,KeyPair,keypair,ro,WRONLY,wronly
+          ignore_words_list: filetest,dum,varius,KeyPair,keypair,ro,WRONLY,wronly,AKS
           

README.md

@@ -189,8 +189,10 @@ Refer to 'docker' folder in this repo. It contains a sample 'Dockerfile'. If you
 
 ## Limitations
 - In case of BlockBlob accounts, ACLs are not supported by Azure Storage so Blobfuse2 will by default return success for 'chmod' operation. However it will work fine for Gen2 (DataLake) accounts.
+- When Blobfuse2 is mounted on a container, SYS_ADMIN privileges are required for it to interact with the fuse driver. If container is created without the privilege, mount will fail. Sample command to spawn a docker container is 
 
-
+    `docker run -it --rm --cap-add=SYS_ADMIN --device=/dev/fuse --security-opt apparmor:unconfined <environment variables> <docker image>`
+        
 ### Syslog security warning
 By default, Blobfuse2 will log to syslog. The default settings will, in some cases, log relevant file paths to syslog. 
 If this is sensitive information, turn off logging or set log-level to LOG_ERR.