seccomp filter update

author: netblue30 <netblue30@yahoo.com> 2016-07-09 09:48:17 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-07-09 09:48:17 -0400
commit: fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa (patch)
tree: 26424cc5b400f46d68134b3eef7bfb397bee39b3 /src/man/firejail-profile.txt
parent: fixes (diff)
download: firejail-fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa.tar.gz
firejail-fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa.tar.zst
firejail-fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa.zip
1 files changed, 1 insertions, 9 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 9c416b0f3..98fa17908 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -224,15 +224,7 @@ first argument to socket system call. Recognized values: \fBunix\fR,
 \fBinet\fR, \fBinet6\fR, \fBnetlink\fR and \fBpacket\fR.
 .TP
 \fBseccomp
-Enable seccomp filter and blacklist the syscalls in the default list. The default list is as follows:
+Enable seccomp filter and blacklist the syscalls in the default list. See man 1 firejail for more details.
-mount, umount2, ptrace, kexec_load, kexec_file_load, open_by_handle_at, init_module, finit_module, delete_module,
-iopl, ioperm, swapon, swapoff, syslog, process_vm_readv, process_vm_writev,
-sysfs,_sysctl, adjtimex, clock_adjtime, lookup_dcookie, perf_event_open, fanotify_init, kcmp,
-add_key, request_key, keyctl, uselib, acct, modify_ldt, pivot_root, io_setup,
-io_destroy, io_getevents, io_submit, io_cancel,
-remap_file_pages, mbind, get_mempolicy, set_mempolicy,
-migrate_pages, move_pages, vmsplice, perf_event_open, chroot,
-tuxcall, reboot, mfsservctl and get_kernel_syms.
 .TP
 \fBseccomp syscall,syscall,syscall
 Enable seccomp filter and blacklist the system calls in the list on top of default seccomp filter.
author	netblue30 <netblue30@yahoo.com>	2016-07-09 09:48:17 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-07-09 09:48:17 -0400
commit	fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa (patch)
tree	26424cc5b400f46d68134b3eef7bfb397bee39b3 /src/man/firejail-profile.txt
parent	fixes (diff)
download	firejail-fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa.tar.gz firejail-fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa.tar.zst firejail-fb2406ff02ea1e4fe6a5d5840e5e24ad303330aa.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 9c416b0f3..98fa17908 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -224,15 +224,7 @@ first argument to socket system call. Recognized values: \fBunix\fR,
224	\fBinet\fR, \fBinet6\fR, \fBnetlink\fR and \fBpacket\fR.	224	\fBinet\fR, \fBinet6\fR, \fBnetlink\fR and \fBpacket\fR.
225	.TP	225	.TP
226	\fBseccomp	226	\fBseccomp
227	Enable seccomp filter and blacklist the syscalls in the default list. The default list is as follows:	227	Enable seccomp filter and blacklist the syscalls in the default list. See man 1 firejail for more details.
228	mount, umount2, ptrace, kexec_load, kexec_file_load, open_by_handle_at, init_module, finit_module, delete_module,
229	iopl, ioperm, swapon, swapoff, syslog, process_vm_readv, process_vm_writev,
230	sysfs,_sysctl, adjtimex, clock_adjtime, lookup_dcookie, perf_event_open, fanotify_init, kcmp,
231	add_key, request_key, keyctl, uselib, acct, modify_ldt, pivot_root, io_setup,
232	io_destroy, io_getevents, io_submit, io_cancel,
233	remap_file_pages, mbind, get_mempolicy, set_mempolicy,
234	migrate_pages, move_pages, vmsplice, perf_event_open, chroot,
235	tuxcall, reboot, mfsservctl and get_kernel_syms.
236	.TP	228	.TP
237	\fBseccomp syscall,syscall,syscall	229	\fBseccomp syscall,syscall,syscall
238	Enable seccomp filter and blacklist the system calls in the list on top of default seccomp filter.	230	Enable seccomp filter and blacklist the system calls in the list on top of default seccomp filter.