man pages and --help

3 files changed, 39 insertions, 19 deletions

diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index 5dde0bdbd..d8f6d6849 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -200,6 +200,10 @@ void usage(void) {
         
         printf("\t--protocol=protocol,protocol,protocol - enable protocol filter.\n");
         printf("\t\tProtocol values: unix, inet, inet6, netlink, packet.\n\n");
+        printf("\t--protocol.print=name - print the protocol filter for the sandbox\n");
+        printf("\t\tidentified by name.\n\n");
+        printf("\t--protocol.print=pid - print the protocol filter for the sandbox\n");
+        printf("\t\tidentified by PID.\n\n");
         
         printf("\t--quiet - turn off Firejail's output.\n\n");
         printf("\t--read-only=dirname_or_filename - set directory or file read-only.\n\n");
@@ -343,10 +347,6 @@ void usage(void) {
         printf("          start a regular /bin/bash session in sandbox\n");
         printf("   $ firejail firefox\n");
         printf("          start Mozilla Firefox\n");
-        printf("   $ firejail --seccomp firefox\n");
-        printf("          start Mozilla Firefox in a seccomp sandbox\n");
-        printf("   $ firejail --caps firefox\n");
-        printf("          start Mozilla Firefox in a Linux capabilities sandbox\n");
         printf("   $ firejail --debug firefox\n");
         printf("          debug Firefox sandbox\n");
         printf("   $ firejail --private\n");
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 00abc13db..d144fac10 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -61,11 +61,7 @@ $ firejail [OPTIONS]                # starting a /bin/bash shell
 .PP
 $ firejail [OPTIONS] firefox        # starting Mozilla Firefox
 .PP
-Multiple commands can be run in sandbox using regular bash logic operators:
-.PP
-# sudo firejail [OPTIONS] "/etc/init.d/nginx start && sleep inf"
-.PP
-In the previous example, "sleep inf" command is required in order to keep the session open for the daemon program.
+# sudo firejail [OPTIONS] /etc/init.d/nginx start
 
 .SH OPTIONS
 .TP
@@ -906,6 +902,37 @@ Example:
 .br
 $ firejail \-\-protocol=unix,inet,inet6 firefox
 .TP
+\fB\-\-protocol.print=name
+Print the protocol filter for the sandbox identified by name.
+.br
+
+.br
+Example:
+.br
+$ firejail \-\-name=mybrowser firefox &
+.br
+[...]
+.br
+$ firejail \-\-print.print=mybrowser
+.br
+unix,inet,inet6,netlink
+
+.TP
+\fB\-\-protocol.print=pid
+Print the protocol filter for a sandbox identified by PID.
+.br
+
+.br
+Example:
+.br
+$ firejail \-\-list
+.br
+3272:netblue:firejail \-\-private firefox
+.br
+$ firejail \-\-protocol.print=3272
+.br
+unix,inet,inet6,netlink
+.TP
 \fB\-\-quiet
 Turn off Firejail's output.
 .TP
@@ -1411,10 +1438,10 @@ Reading profile /home/netblue/.config/firejail/icecat.profile
 [...]
 .RE
 
-3. Use a default.profile file if the sandbox
-is started by a regular user, or a server.profile file if the sandbox
+3. Use default.profile file if the sandbox
+is started by a regular user, or server.profile file if the sandbox
 is started by root. Firejail looks for these files in ~/.config/firejail directory, followed by /etc/firejail directory.
-To disable default profile loading, use --noroot command option. Example:
+To disable default profile loading, use --noprofile command option. Example:
 .PP
 .RS
 $ firejail
@@ -1457,12 +1484,6 @@ Start a regular /bin/bash session in sandbox.
 \f\firejail firefox
 Start Mozilla Firefox.
 .TP
-\f\firejail \-\-seccomp firefox
-Start Mozilla Firefox in a seccomp sandbox.
-.TP
-\f\firejail \-\-caps firefox
-Start Mozilla Firefox in a Linux capabilities sandbox.
-.TP
 \f\firejail \-\-debug firefox
 Debug Firefox sandbox.
 .TP
diff --git a/todo b/todo
index edf8f0854..dad8b3e10 100644
--- a/todo
+++ b/todo
@@ -73,5 +73,4 @@ socat ABSTRACT-LISTEN:/tmp/dbus-awBoQTCc,fork UNIX-CONNECT:/tmp/mysock
 ./configure --enable-fatal-warnings --disable-chroot --prefix=/usr
 ./configure --enable-fatal-warnings --disable-bind --prefix=/usr
 
-12. help and man for all protocol commands