diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2023-10-18 22:47:07 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-10-18 22:47:07 +0000 |
commit | 17590553045f40e8c7628608c8330b72412fd7f4 (patch) | |
tree | a1c5d0888101865866492269f5f194ce0ecffc3c /src/man/firejail.1.in | |
parent | steam.profile: Allow Baba Is You (#6054) (diff) | |
download | firejail-17590553045f40e8c7628608c8330b72412fd7f4.tar.gz firejail-17590553045f40e8c7628608c8330b72412fd7f4.tar.zst firejail-17590553045f40e8c7628608c8330b72412fd7f4.zip |
profiles: exchange private-opt with a whitelist (#6021)
* profiles: drop private-opt (existing whitelist)
* profiles: replace private-opt with whitelist
In most profiles.
Kept private-opt for enpass (~85MB), mate-dictionary (<20MB),
minecraft-launcher (~1.6MB) and ppsspp (~44MB). The only app I couldn't
check: xmr-stak.
* docs: note potential issues with private-opt
Diffstat (limited to 'src/man/firejail.1.in')
-rw-r--r-- | src/man/firejail.1.in | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/man/firejail.1.in b/src/man/firejail.1.in index 19fc94ebd..ee4adf5b8 100644 --- a/src/man/firejail.1.in +++ b/src/man/firejail.1.in | |||
@@ -2263,6 +2263,18 @@ All modifications are discarded when the sandbox is closed. | |||
2263 | Example: | 2263 | Example: |
2264 | .br | 2264 | .br |
2265 | $ firejail --private-opt=firefox /opt/firefox/firefox | 2265 | $ firejail --private-opt=firefox /opt/firefox/firefox |
2266 | .br | ||
2267 | |||
2268 | .br | ||
2269 | Note: Program installations in /opt tend to be relatively large and private-opt | ||
2270 | copies the entire path(s) into RAM, which may significantly increase RAM usage | ||
2271 | and break \fBfile-copy-limit\fR in firejail.config. | ||
2272 | Therefore, in general it is recommended to use "whitelist /opt/PATH" instead of | ||
2273 | "private-opt PATH". | ||
2274 | For details, see | ||
2275 | .UR https://github.com/netblue30/firejail/discussions/5307 | ||
2276 | #5307 | ||
2277 | .UE | ||
2266 | 2278 | ||
2267 | .TP | 2279 | .TP |
2268 | \fB\-\-private-srv=file,directory | 2280 | \fB\-\-private-srv=file,directory |