diff --git a/docs/operations.md b/docs/operations.md
index e5bcdd2f7..eadf35100 100644
--- a/docs/operations.md
+++ b/docs/operations.md
@@ -103,7 +103,9 @@ To generate a guardian key, install guardiand first. If you generate the key on
 compile guardiand only, without compiling the agent or installing it:
 
     make bridge
-    sudo setcap cap_ipc_lock=+ep ./build/bin/guardiand
+    sudo setcap cap_ipc_lock=+ep ./build/bin/
+
+Otherwise, use the same guardiand binary that you compiled using the regular instructions above.
 
 Generate a new key using the `keygen` subcommand:
 
@@ -113,7 +115,7 @@ The key file includes a human-readable part that includes the public key and the
 
 ## Deploying
 
-We strongly recommend a separate user and systemd services for both services.
+We strongly recommend a separate user and systemd services for the Wormhole services.
 
 Example systemd unit for `guardiand.service`, including the right capabilities and best-practice security mitigations: