diff --git a/nsjail.c b/nsjail.c
index b36c2a1..b1acb17 100644
--- a/nsjail.c
+++ b/nsjail.c
@@ -164,7 +164,7 @@ int main(int argc, char *argv[])
 		exit(1);
 	}
 	if (nsjconf.clone_newuser == false && geteuid() != 0) {
-		LOG_E("--disable_clone_newuser requires root() privs");
+		LOG_W("--disable_clone_newuser requires root() privs");
 	}
 	if (nsjconf.daemonize && (daemon(0, 0) == -1)) {
 		PLOG_F("daemon");
diff --git a/subproc.c b/subproc.c
index e9df469..ff16f96 100644
--- a/subproc.c
+++ b/subproc.c
@@ -227,7 +227,8 @@ void subprocRunChild(struct nsjconf_t *nsjconf, int fd_in, int fd_out, int fd_er
 	if (pid == -1) {
 		PLOG_E("clone(flags=%#x) failed. You probably need root privileges if your system "
 		       "doesn't support CLONE_NEWUSER. Alternatively, you might want to recompile your "
-		       "kernel with support for namespaces", flags);
+		       "kernel with support for namespaces or check the setting of the "
+		       "kernel.unprivileged_userns_clone sysctl", flags);
 		return;
 	}