man: corrections regarding --private-FOO options

Commit 0.9.60-1070-g40d3604f updated the man pages with respect to --private-opt, --private-etc, and --private-srv. It was made after testing firejail 0.9.52 (from Ubuntu 18.04). However, it unfortunately did not accurately reflect the the behavior of the current HEAD at the time, because commit 0.9.56-rc1-14-ga9242301 had previously slightly changed the behavior of these three options (after 0.9.52), and was released in 0.9.56. The man pages changes made in commit 40d3604f were therefore not entirely correct. This commit updates the man pages to describe the behavior as implemented in a9242301 (and is still the behavior as of the current HEAD: 0.9.64-737-g937815ba). Signed-off-by: Jeff Squyres <jsquyres@cisco.com>
author: Jeff Squyres <jsquyres@cisco.com> 2021-04-15 11:25:08 -0700
committer: Jeff Squyres <jsquyres@cisco.com> 2021-04-20 09:41:26 -0700
commit: 9e95a38fe1e96a5d4b9f2e79e65a689655f255b9 (patch)
tree: af0785bdec7c40dcd15edd7eeb70a00e38cc97ed /src/man/firejail-profile.txt
parent: profile fixes (diff)
download: firejail-9e95a38fe1e96a5d4b9f2e79e65a689655f255b9.tar.gz
firejail-9e95a38fe1e96a5d4b9f2e79e65a689655f255b9.tar.zst
firejail-9e95a38fe1e96a5d4b9f2e79e65a689655f255b9.zip
1 files changed, 9 insertions, 3 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index ee685da73..2bb57cee2 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -295,7 +295,9 @@ Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional res
 Build a new /etc in a temporary
 filesystem, and copy the files and directories in the list.
 The files and directories in the list must be expressed as relative to
-the /etc directory.
+the /etc directory, and must not contain the / character
+(e.g., /etc/foo must be expressed as foo, but /etc/foo/bar --
+expressed as foo/bar -- is disallowed).
 All modifications are discarded when the sandbox is closed.
 #ifdef HAVE_PRIVATE_HOME
 .TP
@@ -319,14 +321,18 @@ This feature is still under development, see \fBman 1 firejail\fR for some examp
 Build a new /opt in a temporary
 filesystem, and copy the files and directories in the list.
 The files and directories in the list must be expressed as relative to
-the /opt directory.
+the /opt directory, and must not contain the / character
+(e.g., /opt/foo must be expressed as foo, but /opt/foo/bar --
+expressed as foo/bar -- is disallowed).
 All modifications are discarded when the sandbox is closed.
 .TP
 \fBprivate-srv file,directory
 Build a new /srv in a temporary
 filesystem, and copy the files and directories in the list.
 The files and directories in the list must be expressed as relative to
-the /srv directory.
+the /srv directory, and must not contain the / character
+(e.g., /srv/foo must be expressed as foo, but /srv/foo/bar --
+expressed as foo/bar -- is disallowed).
 All modifications are discarded when the sandbox is closed.
 .TP
 \fBprivate-tmp
author	Jeff Squyres <jsquyres@cisco.com>	2021-04-15 11:25:08 -0700
committer	Jeff Squyres <jsquyres@cisco.com>	2021-04-20 09:41:26 -0700
commit	9e95a38fe1e96a5d4b9f2e79e65a689655f255b9 (patch)
tree	af0785bdec7c40dcd15edd7eeb70a00e38cc97ed /src/man/firejail-profile.txt
parent	profile fixes (diff)
download	firejail-9e95a38fe1e96a5d4b9f2e79e65a689655f255b9.tar.gz firejail-9e95a38fe1e96a5d4b9f2e79e65a689655f255b9.tar.zst firejail-9e95a38fe1e96a5d4b9f2e79e65a689655f255b9.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index ee685da73..2bb57cee2 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -295,7 +295,9 @@ Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional res
295	Build a new /etc in a temporary	295	Build a new /etc in a temporary
296	filesystem, and copy the files and directories in the list.	296	filesystem, and copy the files and directories in the list.
297	The files and directories in the list must be expressed as relative to	297	The files and directories in the list must be expressed as relative to
298	the /etc directory.	298	the /etc directory, and must not contain the / character
		299	(e.g., /etc/foo must be expressed as foo, but /etc/foo/bar --
		300	expressed as foo/bar -- is disallowed).
299	All modifications are discarded when the sandbox is closed.	301	All modifications are discarded when the sandbox is closed.
300	#ifdef HAVE_PRIVATE_HOME	302	#ifdef HAVE_PRIVATE_HOME
301	.TP	303	.TP
@@ -319,14 +321,18 @@ This feature is still under development, see \fBman 1 firejail\fR for some examp
319	Build a new /opt in a temporary	321	Build a new /opt in a temporary
320	filesystem, and copy the files and directories in the list.	322	filesystem, and copy the files and directories in the list.
321	The files and directories in the list must be expressed as relative to	323	The files and directories in the list must be expressed as relative to
322	the /opt directory.	324	the /opt directory, and must not contain the / character
		325	(e.g., /opt/foo must be expressed as foo, but /opt/foo/bar --
		326	expressed as foo/bar -- is disallowed).
323	All modifications are discarded when the sandbox is closed.	327	All modifications are discarded when the sandbox is closed.
324	.TP	328	.TP
325	\fBprivate-srv file,directory	329	\fBprivate-srv file,directory
326	Build a new /srv in a temporary	330	Build a new /srv in a temporary
327	filesystem, and copy the files and directories in the list.	331	filesystem, and copy the files and directories in the list.
328	The files and directories in the list must be expressed as relative to	332	The files and directories in the list must be expressed as relative to
329	the /srv directory.	333	the /srv directory, and must not contain the / character
		334	(e.g., /srv/foo must be expressed as foo, but /srv/foo/bar --
		335	expressed as foo/bar -- is disallowed).
330	All modifications are discarded when the sandbox is closed.	336	All modifications are discarded when the sandbox is closed.
331	.TP	337	.TP
332	\fBprivate-tmp	338	\fBprivate-tmp