diff options
author | netblue30 <netblue30@yahoo.com> | 2017-02-09 09:03:35 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-02-09 09:03:35 -0500 |
commit | 85c8cc454d3df3a83667556f7ddfafe66a78d421 (patch) | |
tree | 959478baa7851914746796128dbb9bba732b645a /src/man/firejail-profile.txt | |
parent | firemon fix (diff) | |
download | firejail-85c8cc454d3df3a83667556f7ddfafe66a78d421.tar.gz firejail-85c8cc454d3df3a83667556f7ddfafe66a78d421.tar.zst firejail-85c8cc454d3df3a83667556f7ddfafe66a78d421.zip |
adding macro for include command in profile files
Diffstat (limited to 'src/man/firejail-profile.txt')
-rw-r--r-- | src/man/firejail-profile.txt | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 90dca19bf..aa1aec567 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -81,14 +81,20 @@ Include other.profile file. | |||
81 | 81 | ||
82 | Example: "include /etc/firejail/disable-common.inc" | 82 | Example: "include /etc/firejail/disable-common.inc" |
83 | 83 | ||
84 | other.profile file name can be prefixed with ${HOME}. This will force Firejail to look for the | 84 | The file name can be prefixed with a macro such as ${HOME} or ${CFG}. |
85 | file in user home directory. | 85 | ${HOME} is expanded as user home directory, and ${CFG} is expanded as |
86 | Firejail system configuration directory - in most cases /etc/firejail or | ||
87 | /usr/local/etc/firejail. | ||
86 | 88 | ||
87 | Example: "include ${HOME}/myprofiles/profile1" will load "~/myprofiles/profile1" file. | 89 | Example: "include ${HOME}/myprofiles/profile1" will load "~/myprofiles/profile1" file. |
88 | 90 | ||
89 | If the file is not found, and the file name does not end in ".local", the sandbox exist immediately | 91 | Example: "include ${CFG}/firefox.profile" will load "/etc/firejail/firefox.profile" file. |
90 | with an error printed on stderr. ".local" files can be used to customize the global configuration | 92 | |
91 | in /etc/firejail directory. These files are not overwritten during software install. | 93 | System configuration files in ${CFG} are overwritten during software installation. |
94 | Persistent configuration at system level is handled in ".local" files. For every | ||
95 | profile file in ${CFG} directory, the user can create a corresponding .local file | ||
96 | storing modifications to the persistent configuration. Persistent .local files | ||
97 | are included at the start of regular profile files. | ||
92 | 98 | ||
93 | .TP | 99 | .TP |
94 | \fBnoblacklist file_name | 100 | \fBnoblacklist file_name |