diff options
author | smitsohu <smitsohu@gmail.com> | 2018-06-12 03:39:52 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-06-12 03:39:52 +0200 |
commit | 991e9064904f2fc4d171b19342a08389bb7c7067 (patch) | |
tree | 735081a0d4be33af4a08df5782ad394e38f4b9f1 | |
parent | fix indentation (diff) | |
download | firejail-991e9064904f2fc4d171b19342a08389bb7c7067.tar.gz firejail-991e9064904f2fc4d171b19342a08389bb7c7067.tar.zst firejail-991e9064904f2fc4d171b19342a08389bb7c7067.zip |
update man page (private-cache)
-rw-r--r-- | src/firejail/fs.c | 6 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 4 | ||||
-rw-r--r-- | src/man/firejail.txt | 11 |
3 files changed, 18 insertions, 3 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 2546ab0bb..0e104699f 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -1350,15 +1350,15 @@ void fs_private_cache(void) { | |||
1350 | // check if ~/.cache is a valid destination | 1350 | // check if ~/.cache is a valid destination |
1351 | struct stat s; | 1351 | struct stat s; |
1352 | if (is_link(cache)) { | 1352 | if (is_link(cache)) { |
1353 | fwarning("~/.cache is a symbolic link, tmpfs not mounted\n"); | 1353 | fwarning("user .cache is a symbolic link, tmpfs not mounted\n"); |
1354 | return; | 1354 | return; |
1355 | } | 1355 | } |
1356 | if (stat(cache, &s) == -1 || !S_ISDIR(s.st_mode)) { | 1356 | if (stat(cache, &s) == -1 || !S_ISDIR(s.st_mode)) { |
1357 | fwarning("no ~/.cache directory found, tmpfs not mounted\n"); | 1357 | fwarning("no user .cache directory found, tmpfs not mounted\n"); |
1358 | return; | 1358 | return; |
1359 | } | 1359 | } |
1360 | if (s.st_uid != getuid()) { | 1360 | if (s.st_uid != getuid()) { |
1361 | fwarning("~/.cache is not owned by user, tmpfs not mounted\n"); | 1361 | fwarning("user .cache is not owned by current user, tmpfs not mounted\n"); |
1362 | return; | 1362 | return; |
1363 | } | 1363 | } |
1364 | 1364 | ||
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 7bfa3a019..ae7085f24 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -221,6 +221,10 @@ filesystem, and copy the files and directories in the list in the | |||
221 | new home. All modifications are discarded when the sandbox is | 221 | new home. All modifications are discarded when the sandbox is |
222 | closed. | 222 | closed. |
223 | .TP | 223 | .TP |
224 | \fBprivate-cache | ||
225 | Mount an empty temporary filesystem on top of the .cache directory in user home. All | ||
226 | modifications are discarded when the sandbox is closed. | ||
227 | .TP | ||
224 | \fBprivate-bin file,file | 228 | \fBprivate-bin file,file |
225 | Build a new /bin in a temporary filesystem, and copy the programs in the list. | 229 | Build a new /bin in a temporary filesystem, and copy the programs in the list. |
226 | The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin. | 230 | The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin. |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index aad678aa4..0ac5854f7 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1312,6 +1312,17 @@ Example: | |||
1312 | $ firejail \-\-private-home=.mozilla firefox | 1312 | $ firejail \-\-private-home=.mozilla firefox |
1313 | 1313 | ||
1314 | .TP | 1314 | .TP |
1315 | \fB\-\-private-cache | ||
1316 | Mount an empty temporary filesystem on top of the .cache directory in user home. All | ||
1317 | modifications are discarded when the sandbox is closed. | ||
1318 | .br | ||
1319 | |||
1320 | .br | ||
1321 | Example: | ||
1322 | .br | ||
1323 | $ firejail \-\-private-cache openbox | ||
1324 | |||
1325 | .TP | ||
1315 | \fB\-\-private-bin=file,file | 1326 | \fB\-\-private-bin=file,file |
1316 | Build a new /bin in a temporary filesystem, and copy the programs in the list. | 1327 | Build a new /bin in a temporary filesystem, and copy the programs in the list. |
1317 | If no listed file is found, /bin directory will be empty. | 1328 | If no listed file is found, /bin directory will be empty. |