diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-05-25 07:36:42 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-05-25 07:36:42 -0400 |
| commit | 880f2c98a1dee26228530875fc45d54db68ed1c8 (patch) | |
| tree | efeda54d345b7bab410f4dd5e59575391e8c0e17 /src/man/firejail.txt | |
| parent | build(deps): bump github/codeql-action from 2.1.10 to 2.1.11 (diff) | |
| download | firejail-880f2c98a1dee26228530875fc45d54db68ed1c8.tar.gz firejail-880f2c98a1dee26228530875fc45d54db68ed1c8.tar.zst firejail-880f2c98a1dee26228530875fc45d54db68ed1c8.zip | |
Removed IDS feature from the default build. To enable it, use --enable-ids at compile time.
Diffstat (limited to 'src/man/firejail.txt')
| -rw-r--r-- | src/man/firejail.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 366a4e061..420a96ab5 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -820,6 +820,7 @@ Example: | |||
| 820 | .br | 820 | .br |
| 821 | $ firejail \-\-hosts-file=~/myhosts firefox | 821 | $ firejail \-\-hosts-file=~/myhosts firefox |
| 822 | 822 | ||
| 823 | #ifdef HAVE_IDS | ||
| 823 | .TP | 824 | .TP |
| 824 | \fB\-\-ids-check | 825 | \fB\-\-ids-check |
| 825 | Check file hashes previously generated by \-\-ids-check. See INTRUSION DETECTION SYSTEM section for more details. | 826 | Check file hashes previously generated by \-\-ids-check. See INTRUSION DETECTION SYSTEM section for more details. |
| @@ -839,6 +840,7 @@ Initialize file hashes. See INTRUSION DETECTION SYSTEM section for more details. | |||
| 839 | Example: | 840 | Example: |
| 840 | .br | 841 | .br |
| 841 | $ firejail \-\-ids-init | 842 | $ firejail \-\-ids-init |
| 843 | #endif | ||
| 842 | 844 | ||
| 843 | .TP | 845 | .TP |
| 844 | \fB\-\-ignore=command | 846 | \fB\-\-ignore=command |
| @@ -3342,6 +3344,7 @@ $ firejail \-\-cat=mybrowser ~/.bashrc | |||
| 3342 | .br | 3344 | .br |
| 3343 | #endif | 3345 | #endif |
| 3344 | 3346 | ||
| 3347 | #ifdef HAVE_IDS | ||
| 3345 | .SH INTRUSION DETECTION SYSTEM (IDS) | 3348 | .SH INTRUSION DETECTION SYSTEM (IDS) |
| 3346 | The host-based intrusion detection system tracks down and audits user and system file modifications. | 3349 | The host-based intrusion detection system tracks down and audits user and system file modifications. |
| 3347 | The feature is configured using /etc/firejail/ids.config file, the checksums are stored in /var/lib/firejail/USERNAME.ids, | 3350 | The feature is configured using /etc/firejail/ids.config file, the checksums are stored in /var/lib/firejail/USERNAME.ids, |
| @@ -3399,6 +3402,7 @@ New files and deleted files are also flagged. | |||
| 3399 | 3402 | ||
| 3400 | Currently while scanning the file system, symbolic links are not followed, and files the user doesn't have read access to are silently dropped. | 3403 | Currently while scanning the file system, symbolic links are not followed, and files the user doesn't have read access to are silently dropped. |
| 3401 | The program can also be run as root (sudo firejail --ids-init/--ids-check). | 3404 | The program can also be run as root (sudo firejail --ids-init/--ids-check). |
| 3405 | #endif | ||
| 3402 | 3406 | ||
| 3403 | .SH MONITORING | 3407 | .SH MONITORING |
| 3404 | Option \-\-list prints a list of all sandboxes. The format | 3408 | Option \-\-list prints a list of all sandboxes. The format |