diff options
author | The Fox in the Shell <KellerFuchs@hashbang.sh> | 2016-05-25 15:59:46 +0200 |
---|---|---|
committer | The Fox in the Shell <KellerFuchs@hashbang.sh> | 2016-05-25 15:59:46 +0200 |
commit | 10bf7d9418fb2d5aabaa5de6ffa8638e75bcbbdd (patch) | |
tree | 3484364bf5a830966be6c63f06812a9aaed04f63 | |
parent | Make `restricted-network` prevent use of netfilter (diff) | |
download | firejail-10bf7d9418fb2d5aabaa5de6ffa8638e75bcbbdd.tar.gz firejail-10bf7d9418fb2d5aabaa5de6ffa8638e75bcbbdd.tar.zst firejail-10bf7d9418fb2d5aabaa5de6ffa8638e75bcbbdd.zip |
Document the restricted-network change
-rw-r--r-- | README.md | 6 | ||||
-rw-r--r-- | etc/firejail.config | 4 | ||||
-rw-r--r-- | src/man/firejail-config.txt | 4 |
3 files changed, 7 insertions, 7 deletions
@@ -197,9 +197,9 @@ The following features can be enabled or disabled: | |||
197 | restricted-network | 197 | restricted-network |
198 | Enable or disable restricted network support, default disabled. | 198 | Enable or disable restricted network support, default disabled. |
199 | If enabled, networking features should also be enabled (network | 199 | If enabled, networking features should also be enabled (network |
200 | yes). Restricted networking grants access to --interface and | 200 | yes). Restricted networking grants access to --interface, |
201 | --net=ethXXX only to root user. Regular users are only allowed | 201 | --net=ethXXX and --netfilter only to root user. Regular users |
202 | --net=none. | 202 | are only allowed --net=none. Default disabled |
203 | 203 | ||
204 | secomp Enable or disable seccomp support, default enabled. | 204 | secomp Enable or disable seccomp support, default enabled. |
205 | 205 | ||
diff --git a/etc/firejail.config b/etc/firejail.config index 41cd08e68..fc09f1a0a 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -17,8 +17,8 @@ | |||
17 | 17 | ||
18 | # Enable or disable restricted network support, default disabled. If enabled, | 18 | # Enable or disable restricted network support, default disabled. If enabled, |
19 | # networking features should also be enabled (network yes). | 19 | # networking features should also be enabled (network yes). |
20 | # Restricted networking grants access to --interface and --net=ethXXX | 20 | # Restricted networking grants access to --interface, --net=ethXXX and |
21 | # only to root user. Regular users are only allowed --net=none. | 21 | # --netfilter only to root user. Regular users are only allowed --net=none. |
22 | # restricted-network no | 22 | # restricted-network no |
23 | 23 | ||
24 | # Enable or disable seccomp support, default enabled. | 24 | # Enable or disable seccomp support, default enabled. |
diff --git a/src/man/firejail-config.txt b/src/man/firejail-config.txt index fcf4109ee..de89ff3eb 100644 --- a/src/man/firejail-config.txt +++ b/src/man/firejail-config.txt | |||
@@ -33,8 +33,8 @@ Enable or disable networking features, default enabled. | |||
33 | \fBrestricted-network | 33 | \fBrestricted-network |
34 | Enable or disable restricted network support, default disabled. If enabled, | 34 | Enable or disable restricted network support, default disabled. If enabled, |
35 | networking features should also be enabled (network yes). | 35 | networking features should also be enabled (network yes). |
36 | Restricted networking grants access to --interface and --net=ethXXX | 36 | Restricted networking grants access to --interface, --net=ethXXX and |
37 | only to root user. Regular users are only allowed --net=none. | 37 | \-\-netfilter only to root user. Regular users are only allowed --net=none. |
38 | 38 | ||
39 | .TP | 39 | .TP |
40 | \fBsecomp | 40 | \fBsecomp |