diff options
author | netblue30 <netblue30@yahoo.com> | 2015-12-03 11:57:07 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-12-03 11:57:07 -0500 |
commit | fa88b858da3a412c0111185fc0576fc9ad3c4be3 (patch) | |
tree | f35513b863ddd2d0c05b7678f52d63cd9e175804 /README.md | |
parent | --tracelog (diff) | |
download | firejail-fa88b858da3a412c0111185fc0576fc9ad3c4be3.tar.gz firejail-fa88b858da3a412c0111185fc0576fc9ad3c4be3.tar.zst firejail-fa88b858da3a412c0111185fc0576fc9ad3c4be3.zip |
--tracelog
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -95,3 +95,19 @@ New profiles introduced in this version: unbound, dnscrypt-proxy | |||
95 | ### --whitelist | 95 | ### --whitelist |
96 | 96 | ||
97 | Whitelist command accepts files in user home, /dev, /media, /var, and /tmp directories. | 97 | Whitelist command accepts files in user home, /dev, /media, /var, and /tmp directories. |
98 | |||
99 | ### --tracelog | ||
100 | |||
101 | Tracelog command enables auditing blacklisted files and directories. A message | ||
102 | is sent to syslog in case the file or the directory is accessed. Example: | ||
103 | ````` | ||
104 | $ firejail --tracelog firefox | ||
105 | ````` | ||
106 | Syslog example: | ||
107 | ````` | ||
108 | $ sudo tail -f /var/log/syslog | ||
109 | [...] | ||
110 | Dec 3 11:43:25 debian firejail[70]: blacklist violation - sandbox 26370, exe iceweasel, syscall open64, path /etc/shadow | ||
111 | Dec 3 11:46:17 debian firejail[70]: blacklist violation - sandbox 26370, exe iceweasel, syscall opendir, path /boot | ||
112 | [...] | ||
113 | ````` \ No newline at end of file | ||