usage.c cleanup

2 files changed, 7 insertions, 53 deletions

diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index c8866da3a..c7e5ba47b 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -33,15 +33,12 @@ static char *usage_str =
         "    --apparmor - enable AppArmor confinement.\n"
         "    --apparmor.print=name|pid - print apparmor status.\n"
         "    --appimage - sandbox an AppImage application.\n"
-        "    --audit[=test-program] - audit the sandbox.\n"
 #ifdef HAVE_NETWORK
         "    --bandwidth=name|pid - set bandwidth limits.\n"
 #endif
         "    --bind=dirname1,dirname2 - mount-bind dirname1 on top of dirname2.\n"
         "    --bind=filename1,filename2 - mount-bind filename1 on top of filename2.\n"
         "    --blacklist=filename - blacklist directory or file.\n"
-        "    --build - build a whitelisted profile for the application.\n"
-        "    --build=filename - build a whitelisted profile for the application.\n"
         "    -c - execute command and exit.\n"
         "    --caps - enable default Linux capabilities filter.\n"
         "    --caps.drop=all - drop all capabilities.\n"
@@ -49,9 +46,6 @@ static char *usage_str =
         "    --caps.keep=capability,capability - whitelist capabilities filter.\n"
         "    --caps.print=name|pid - print the caps filter.\n"
         "    --cgroup=tasks-file - place the sandbox in the specified control group.\n"
-#ifdef HAVE_CHROOT
-        "    --chroot=dirname - chroot into directory.\n"
-#endif
         "    --cpu=cpu-number,cpu-number - set cpu affinity.\n"
         "    --cpu.print=name|pid - print the cpus in use.\n"
         "    --debug - print sandbox debug messages.\n"
@@ -71,9 +65,6 @@ static char *usage_str =
         "    --dns.print=name|pid - print DNS configuration.\n"
         "    --env=name=value - set environment variable.\n"
         "    --fs.print=name|pid - print the filesystem log.\n"
-#ifdef HAVE_FILE_TRANSFER
-        "    --get=name|pid filename - get a file from sandbox container.\n"
-#endif
         "    --help, -? - this help screen.\n"
         "    --hostname=name - set sandbox hostname.\n"
         "    --hosts-file=file - use file as /etc/hosts.\n"
@@ -141,52 +132,22 @@ static char *usage_str =
         "    --novideo - disable video devices.\n"
         "    --nou2f - disable U2F devices.\n"
         "    --nowhitelist=filename - disable whitelist for file or directory .\n"
-        "    --output=logfile - stdout logging and log rotation.\n"
-        "    --output-stderr=logfile - stdout and stderr logging and log rotation.\n"
-        "    --overlay - mount a filesystem overlay on top of the current filesystem.\n"
-        "    --overlay-named=name - mount a filesystem overlay on top of the current\n"
-        "\tfilesystem, and store it in name directory.\n"
-        "    --overlay-tmpfs - mount a temporary filesystem overlay on top of the\n"
-        "\tcurrent filesystem.\n"
-        "    --overlay-clean - clean all overlays stored in $HOME/.firejail directory.\n"
         "    --private - temporary home directory.\n"
         "    --private=directory - use directory as user home.\n"
         "    --private-cache - temporary ~/.cache directory.\n"
-        "    --private-home=file,directory - build a new user home in a temporary\n"
-        "\tfilesystem, and copy the files and directories in the list in\n"
-        "\tthe new home.\n"
-        "    --private-bin=file,file - build a new /bin in a temporary filesystem,\n"
-        "\tand copy the programs in the list.\n"
         "    --private-dev - create a new /dev directory with a small number of\n"
         "\tcommon device files.\n"
-        "    --private-etc=file,directory - build a new /etc in a temporary\n"
-        "\tfilesystem, and copy the files and directories in the list.\n"
         "    --private-tmp - mount a tmpfs on top of /tmp directory.\n"
-        "    --private-opt=file,directory - build a new /opt in a temporary filesystem.\n"
-        "    --private-srv=file,directory - build a new /srv in a temporary filesystem.\n"
         "    --profile=filename - use a custom profile.\n"
         "    --profile.print=name|pid - print the name of profile file.\n"
         "    --profile-path=directory - use this directory to look for profile files.\n"
         "    --protocol=protocol,protocol,protocol - enable protocol filter.\n"
         "    --protocol.print=name|pid - print the protocol filter.\n"
-#ifdef HAVE_FILE_TRANSFER
-        "    --put=name|pid src-filename dest-filename - put a file in sandbox\n"
-        "\tcontainer.\n"
-#endif
         "    --quiet - turn off Firejail's output.\n"
         "    --read-only=filename - set directory or file read-only..\n"
         "    --read-write=filename - set directory or file read-write.\n"
         "    --rlimit-as=number - set the maximum size of the process's virtual memory\n"
         "\t(address space) in bytes.\n"
-        "    --rlimit-cpu=number - set the maximum CPU time in seconds.\n"
-        "    --rlimit-fsize=number - set the maximum file size that can be created\n"
-        "\tby a process.\n"
-        "    --rlimit-nofile=number - set the maximum number of files that can be\n"
-        "\topened by a process.\n"
-        "    --rlimit-nproc=number - set the maximum number of processes that can be\n"
-        "\tcreated for the real user ID of the calling process.\n"
-        "    --rlimit-sigpending=number - set the maximum number of pending signals\n"
-        "\tfor a process.\n"
         "    --rmenv=name - remove environment variable in the new sandbox.\n"
 #ifdef HAVE_NETWORK
         "    --scan - ARP-scan all the networks from inside a network namespace.\n"
@@ -210,9 +171,6 @@ static char *usage_str =
         "\thas elapsed.\n"
         "    --tmpfs=dirname - mount a tmpfs filesystem on directory dirname.\n"
         "    --top - monitor the most CPU-intensive sandboxes.\n"
-        "    --trace - trace open, access and connect system calls.\n"
-        "    --tracelog - add a syslog message for every access to files or\n"
-        "\tdirectories blacklisted by the security profile.\n"
         "    --tree - print a tree of all sandboxed processes.\n"
         "    --version - print program version and exit.\n"
 #ifdef HAVE_NETWORK
@@ -226,17 +184,6 @@ static char *usage_str =
         "\t/run/user/$UID/gnupg.\n"
         "    --writable-var - /var directory is mounted read-write.\n"
         "    --writable-var-log - use the real /var/log directory, not a clone.\n"
-#ifdef HAVE_X11
-        "    --x11 - enable X11 sandboxing. The software checks first if Xpra is\n"
-        "\tinstalled, then it checks if Xephyr is installed. If all fails, it will\n"
-        "\tattempt to use X11 security extension.\n"
-        "    --x11=none - disable access to X11 sockets.\n"
-        "    --x11=xephyr - enable Xephyr X11 server. The window size is 800x600.\n"
-        "    --x11=xorg - enable X11 security extension.\n"
-        "    --x11=xpra - enable Xpra X11 server.\n"
-        "    --x11=xvfb - enable Xvfb X11 server.\n"
-        "    --xephyr-screen=WIDTHxHEIGHT - set screen size for --x11=xephyr.\n"
-#endif
         "\n"
         "Examples:\n"
         "    $ firejail firefox\n"
diff --git a/status b/status
index 912ccf30c..b90124853 100644
--- a/status
+++ b/status
@@ -1,3 +1,10 @@
+possible cleanup: --cgroup, --fs.print, --timeout
+
+usage.c cleanup:
+        --audit, --build, --chroot, --output, --overlay-*, --rlimit*, --trace*, --x11*
+        --private-home, private-etc, private-bin, --private-lib, --private-opt, --private-srv
+
+
 main:14864, LTS 10890
 removed restricted-shell