Adding sys_admin related limitation to readme (#1143)

* Adding sys_admin related limitation to readme

.github/workflows/codespell.yml

@@ -20,5 +20,5 @@ jobs:
         with:
           check_filenames: true
           skip: ./.git,./.github/workflows/codespell.yml,.git,*.png,*.jpg,*.svg,*.sum,./vendor,go.sum,./NOTICE
-          ignore_words_list: filetest,dum,varius,KeyPair,keypair,ro,WRONLY,wronly
+          ignore_words_list: filetest,dum,varius,KeyPair,keypair,ro,WRONLY,wronly,AKS
           

README.md

@@ -189,7 +189,9 @@ Refer to 'docker' folder in this repo. It contains a sample 'Dockerfile'. If you
 
 ## Limitations
 - In case of BlockBlob accounts, ACLs are not supported by Azure Storage so Blobfuse2 will by default return success for 'chmod' operation. However it will work fine for Gen2 (DataLake) accounts.
+- When Blobfuse2 is mounted on a container, SYS_ADMIN privileges are required for it to interact with the fuse driver. If container is created without the privilege, mount will fail. Sample command to spawn a docker container is 
 
+    `docker run -it --rm --cap-add=SYS_ADMIN --device=/dev/fuse --security-opt apparmor:unconfined <environment variables> <docker image>`
         
 ### Syslog security warning
 By default, Blobfuse2 will log to syslog. The default settings will, in some cases, log relevant file paths to syslog.