diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2020-08-05 15:14:34 +0300 |
---|---|---|
committer | Topi Miettinen <toiwoton@gmail.com> | 2020-08-05 15:35:05 +0300 |
commit | 262e6517dbc1c97ab31a27376aeba1af1fe3ca4a (patch) | |
tree | 5331df21ad8269a1648d8ffd603607408a4cc1d4 /src/man/firejail-profile.txt | |
parent | Support to ingore a include foobar.inc (diff) | |
download | firejail-262e6517dbc1c97ab31a27376aeba1af1fe3ca4a.tar.gz firejail-262e6517dbc1c97ab31a27376aeba1af1fe3ca4a.tar.zst firejail-262e6517dbc1c97ab31a27376aeba1af1fe3ca4a.zip |
seccomp: logging
Allow `log` as an alternative seccomp error action instead of killing
or returning an errno code.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Diffstat (limited to 'src/man/firejail-profile.txt')
-rw-r--r-- | src/man/firejail-profile.txt | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 7b5653942..0784e7fd7 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -433,8 +433,10 @@ Enable seccomp filter and whitelist the system calls in the list. | |||
433 | \fBseccomp.32.keep syscall,syscall,syscall | 433 | \fBseccomp.32.keep syscall,syscall,syscall |
434 | Enable seccomp filter and whitelist the system calls in the list for 32 bit system calls on a 64 bit architecture system. | 434 | Enable seccomp filter and whitelist the system calls in the list for 32 bit system calls on a 64 bit architecture system. |
435 | .TP | 435 | .TP |
436 | \fBseccomp-error-action kill | ERRNO | 436 | \fBseccomp-error-action kill | log | ERRNO |
437 | Return a different error instead of EPERM to the process or kill it when an attempt is made to call a blocked system call. | 437 | Return a different error instead of EPERM to the process, kill it when |
438 | an attempt is made to call a blocked system call, or allow but log the | ||
439 | attempt. | ||
438 | .TP | 440 | .TP |
439 | \fBx11 | 441 | \fBx11 |
440 | Enable X11 sandboxing. | 442 | Enable X11 sandboxing. |