merge update man pages (private-dev, noexec)

author: netblue30 <netblue30@yahoo.com> 2019-05-30 09:08:54 -0400
committer: netblue30 <netblue30@yahoo.com> 2019-05-30 09:08:54 -0400
commit: bb18e513ae92ebf78529bfbb89f33986b57240aa (patch)
tree: 42e0b4532c237b97e12d2c1bb45ab583298fce1a
parent: merging - man pages: add FIREJAIL_QUIET (diff)
download: firejail-bb18e513ae92ebf78529bfbb89f33986b57240aa.tar.gz
firejail-bb18e513ae92ebf78529bfbb89f33986b57240aa.tar.zst
firejail-bb18e513ae92ebf78529bfbb89f33986b57240aa.zip
3 files changed, 10 insertions, 9 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 92e95f165..36db61ed1 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -210,8 +210,9 @@ Mount an empty temporary filesystem on top of the .cache directory in user home.
 modifications are discarded when the sandbox is closed.
 .TP
 \fBprivate-dev
-Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx,
+Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx,
-random, snd, urandom, video, log and shm devices are available.
+random, snd, urandom, video, log, shm and usb devices are available.
+Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional restrictions.
 .TP
 \fBkeep-dev-shm
 /dev/shm directory is untouched (even with private-dev).
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index b8f8a22e9..fd1d4a6be 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1038,8 +1038,7 @@ $ firejail \-\-noexec=/tmp
 .br
 .br
-/etc and /var are noexec by default if the sandbox was started as a regular user. If there are more than one mount operation
+/etc and /var are noexec by default if the sandbox was started as a regular user.
-on the path of the file or directory, noexec should be applied to the last one. Always check if the change took effect inside the sandbox.
 .TP
 \fB\-\-nogroups
@@ -1215,7 +1214,8 @@ $ firejail \-\-private-cache openbox
 .TP
 \fB\-\-private-dev
-Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log and shm devices are available.
+Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log, shm and usb devices are available.
+Use the options --no3d, --nodvd, --nosound, --notv, --nou2f and --novideo for additional restrictions.
 .br
 .br
diff --git a/status b/status
index dce2452c6..3f1a4e7de 100644
--- a/status
+++ b/status
@@ -1,15 +1,15 @@
-un 29 test:
+Jun 29 test:
 TESTING: tar
 TESTING ERROR 4.2
 TESTING: DNS (test/environment/dns.exp)
 netblue@debian:~/work/github/LTSbase/test/environment$ TESTING ERROR 1.2
-todo May 23: add header guard to firecfg.h
+May 23: add header guard to firecfg.h
-todo May 18: man pages: add FIREJAIL_QUIET
+May 18: man pages: add FIREJAIL_QUIET
 todo May 17: Merge pull request #2688 from laomaiweng/nodbus-enhancements
 todo May 17: Merge pull request #2701 from smitsohu/opath - bring back support for Centos6
-todo May 4: update man pages (private-dev, noexec)
+May 4: update man pages (private-dev, noexec)
 todo April 21: typo
 todo April 20: typo and merges
 todo Mar 23: mount runtime seccomp files read-only
author	netblue30 <netblue30@yahoo.com>	2019-05-30 09:08:54 -0400
committer	netblue30 <netblue30@yahoo.com>	2019-05-30 09:08:54 -0400
commit	bb18e513ae92ebf78529bfbb89f33986b57240aa (patch)
tree	42e0b4532c237b97e12d2c1bb45ab583298fce1a
parent	merging - man pages: add FIREJAIL_QUIET (diff)
download	firejail-bb18e513ae92ebf78529bfbb89f33986b57240aa.tar.gz firejail-bb18e513ae92ebf78529bfbb89f33986b57240aa.tar.zst firejail-bb18e513ae92ebf78529bfbb89f33986b57240aa.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 92e95f165..36db61ed1 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -210,8 +210,9 @@ Mount an empty temporary filesystem on top of the .cache directory in user home.
210	modifications are discarded when the sandbox is closed.	210	modifications are discarded when the sandbox is closed.
211	.TP	211	.TP
212	\fBprivate-dev	212	\fBprivate-dev
213	Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx,	213	Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx,
214	random, snd, urandom, video, log and shm devices are available.	214	random, snd, urandom, video, log, shm and usb devices are available.
		215	Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional restrictions.
215	.TP	216	.TP
216	\fBkeep-dev-shm	217	\fBkeep-dev-shm
217	/dev/shm directory is untouched (even with private-dev).	218	/dev/shm directory is untouched (even with private-dev).


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index b8f8a22e9..fd1d4a6be 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -1038,8 +1038,7 @@ $ firejail \-\-noexec=/tmp
1038	.br	1038	.br
1039		1039
1040	.br	1040	.br
1041	/etc and /var are noexec by default if the sandbox was started as a regular user. If there are more than one mount operation	1041	/etc and /var are noexec by default if the sandbox was started as a regular user.
1042	on the path of the file or directory, noexec should be applied to the last one. Always check if the change took effect inside the sandbox.
1043		1042
1044	.TP	1043	.TP
1045	\fB\-\-nogroups	1044	\fB\-\-nogroups
@@ -1215,7 +1214,8 @@ $ firejail \-\-private-cache openbox
1215		1214
1216	.TP	1215	.TP
1217	\fB\-\-private-dev	1216	\fB\-\-private-dev
1218	Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log and shm devices are available.	1217	Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log, shm and usb devices are available.
		1218	Use the options --no3d, --nodvd, --nosound, --notv, --nou2f and --novideo for additional restrictions.
1219	.br	1219	.br
1220		1220
1221	.br	1221	.br


diff --git a/status b/status index dce2452c6..3f1a4e7de 100644 --- a/status +++ b/status
@@ -1,15 +1,15 @@
1	un 29 test:	1	Jun 29 test:
2	TESTING: tar	2	TESTING: tar
3	TESTING ERROR 4.2	3	TESTING ERROR 4.2
4	TESTING: DNS (test/environment/dns.exp)	4	TESTING: DNS (test/environment/dns.exp)
5	netblue@debian:~/work/github/LTSbase/test/environment$ TESTING ERROR 1.2	5	netblue@debian:~/work/github/LTSbase/test/environment$ TESTING ERROR 1.2
6		6
7		7
8	todo May 23: add header guard to firecfg.h	8	May 23: add header guard to firecfg.h
9	todo May 18: man pages: add FIREJAIL_QUIET	9	May 18: man pages: add FIREJAIL_QUIET
10	todo May 17: Merge pull request #2688 from laomaiweng/nodbus-enhancements	10	todo May 17: Merge pull request #2688 from laomaiweng/nodbus-enhancements
11	todo May 17: Merge pull request #2701 from smitsohu/opath - bring back support for Centos6	11	todo May 17: Merge pull request #2701 from smitsohu/opath - bring back support for Centos6
12	todo May 4: update man pages (private-dev, noexec)	12	May 4: update man pages (private-dev, noexec)
13	todo April 21: typo	13	todo April 21: typo
14	todo April 20: typo and merges	14	todo April 20: typo and merges
15	todo Mar 23: mount runtime seccomp files read-only	15	todo Mar 23: mount runtime seccomp files read-only