diff options
author | netblue30 <netblue30@protonmail.com> | 2022-08-29 07:36:08 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-29 07:36:08 -0400 |
commit | 57f35e5f7f3d5c6d5f6f6f245c99bde462edfebc (patch) | |
tree | c49bbfe43c4493f194162b5885223508aea3c765 | |
parent | Merge pull request #5345 from netblue30/dependabot/github_actions/github/code... (diff) | |
parent | docs: note that blacklist/whitelist follow symlinks (diff) | |
download | firejail-57f35e5f7f3d5c6d5f6f6f245c99bde462edfebc.tar.gz firejail-57f35e5f7f3d5c6d5f6f6f245c99bde462edfebc.tar.zst firejail-57f35e5f7f3d5c6d5f6f6f245c99bde462edfebc.zip |
Merge pull request #5344 from kmk3/docs-symlink-handling
docs: note that blacklist/whitelist follow symlinks
-rw-r--r-- | src/man/firejail.txt | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 2d8adb0b7..1dd5508b3 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -191,6 +191,13 @@ Blacklist directory or file. File globbing is supported, see \fBFILE GLOBBING\fR | |||
191 | .br | 191 | .br |
192 | 192 | ||
193 | .br | 193 | .br |
194 | Symbolic link handling: Blacklisting a path that is a symbolic link will also | ||
195 | blacklist the path that it points to. | ||
196 | For example, if ~/foo is blacklisted and it points to /foo, then /foo will also | ||
197 | be blacklisted. | ||
198 | .br | ||
199 | |||
200 | .br | ||
194 | Example: | 201 | Example: |
195 | .br | 202 | .br |
196 | $ firejail \-\-blacklist=/sbin \-\-blacklist=/usr/sbin | 203 | $ firejail \-\-blacklist=/sbin \-\-blacklist=/usr/sbin |
@@ -2922,8 +2929,14 @@ all directories in /usr. | |||
2922 | .br | 2929 | .br |
2923 | 2930 | ||
2924 | .br | 2931 | .br |
2925 | Symbolic link handling: with the exception of user home, both the link and the real file should be in | 2932 | Symbolic link handling: Whitelisting a path that is a symbolic link will also |
2926 | the same top directory. For user home, both the link and the real file should be owned by the user. | 2933 | whitelist the path that it points to. |
2934 | For example, if ~/foo is whitelisted and it points to ~/bar, then ~/bar will | ||
2935 | also be whitelisted. | ||
2936 | Restrictions: With the exception of the user home directory, both the link and | ||
2937 | the real file should be in the same top directory. | ||
2938 | For symbolic links in the user home directory, both the link and the real file | ||
2939 | should be owned by the user. | ||
2927 | .br | 2940 | .br |
2928 | 2941 | ||
2929 | .br | 2942 | .br |