Merge pull request #5078 from kmk3/docs-mention-caps-man

docs: mention capabilities(7) on --caps
author: netblue30 <netblue30@protonmail.com> 2022-03-29 11:42:33 -0400
committer: GitHub <noreply@github.com> 2022-03-29 11:42:33 -0400
commit: 06c70b4b25f9505107ffc48d1f4b01cc54bcde11 (patch)
tree: 384a099fa3f24e41266ba103a72359e37e8fe1ca
parent: Merge pull request #5077 from kmk3/dc-add-pkcs11 (diff)
parent: docs: mention capabilities(7) on --caps (diff)
download: firejail-06c70b4b25f9505107ffc48d1f4b01cc54bcde11.tar.gz
firejail-06c70b4b25f9505107ffc48d1f4b01cc54bcde11.tar.zst
firejail-06c70b4b25f9505107ffc48d1f4b01cc54bcde11.zip
2 files changed, 2 insertions, 0 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 3dd339d94..0fe434fac 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -483,6 +483,7 @@ Enable AppArmor confinement.
 .TP
 \fBcaps
 Enable default Linux capabilities filter.
+See capabilities(7) for details.
 .TP
 \fBcaps.drop capability,capability,capability
 Blacklist given Linux capabilities.
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 41171a4e7..7cb1c7e89 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -216,6 +216,7 @@ not change the execution of firejail.
 Linux capabilities is a kernel feature designed to split up the root privilege into a set of distinct privileges.
 These privileges can be enabled or disabled independently, thus restricting what a process running
 as root can do in the system.
+See capabilities(7) for details.
 By default root programs run with all capabilities enabled. \-\-caps option disables the following capabilities:
 CAP_SYS_MODULE, CAP_SYS_RAWIO,
author	netblue30 <netblue30@protonmail.com>	2022-03-29 11:42:33 -0400
committer	GitHub <noreply@github.com>	2022-03-29 11:42:33 -0400
commit	06c70b4b25f9505107ffc48d1f4b01cc54bcde11 (patch)
tree	384a099fa3f24e41266ba103a72359e37e8fe1ca
parent	Merge pull request #5077 from kmk3/dc-add-pkcs11 (diff)
parent	docs: mention capabilities(7) on --caps (diff)
download	firejail-06c70b4b25f9505107ffc48d1f4b01cc54bcde11.tar.gz firejail-06c70b4b25f9505107ffc48d1f4b01cc54bcde11.tar.zst firejail-06c70b4b25f9505107ffc48d1f4b01cc54bcde11.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 3dd339d94..0fe434fac 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -483,6 +483,7 @@ Enable AppArmor confinement.
483	.TP	483	.TP
484	\fBcaps	484	\fBcaps
485	Enable default Linux capabilities filter.	485	Enable default Linux capabilities filter.
		486	See capabilities(7) for details.
486	.TP	487	.TP
487	\fBcaps.drop capability,capability,capability	488	\fBcaps.drop capability,capability,capability
488	Blacklist given Linux capabilities.	489	Blacklist given Linux capabilities.


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 41171a4e7..7cb1c7e89 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -216,6 +216,7 @@ not change the execution of firejail.
216	Linux capabilities is a kernel feature designed to split up the root privilege into a set of distinct privileges.	216	Linux capabilities is a kernel feature designed to split up the root privilege into a set of distinct privileges.
217	These privileges can be enabled or disabled independently, thus restricting what a process running	217	These privileges can be enabled or disabled independently, thus restricting what a process running
218	as root can do in the system.	218	as root can do in the system.
		219	See capabilities(7) for details.
219		220
220	By default root programs run with all capabilities enabled. \-\-caps option disables the following capabilities:	221	By default root programs run with all capabilities enabled. \-\-caps option disables the following capabilities:
221	CAP_SYS_MODULE, CAP_SYS_RAWIO,	222	CAP_SYS_MODULE, CAP_SYS_RAWIO,