diff options
author | netblue30 <netblue30@protonmail.com> | 2022-05-25 07:36:42 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-05-25 07:36:42 -0400 |
commit | 880f2c98a1dee26228530875fc45d54db68ed1c8 (patch) | |
tree | efeda54d345b7bab410f4dd5e59575391e8c0e17 /src/man/firejail.txt | |
parent | build(deps): bump github/codeql-action from 2.1.10 to 2.1.11 (diff) | |
download | firejail-880f2c98a1dee26228530875fc45d54db68ed1c8.tar.gz firejail-880f2c98a1dee26228530875fc45d54db68ed1c8.tar.zst firejail-880f2c98a1dee26228530875fc45d54db68ed1c8.zip |
Removed IDS feature from the default build. To enable it, use --enable-ids at compile time.
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 366a4e061..420a96ab5 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -820,6 +820,7 @@ Example: | |||
820 | .br | 820 | .br |
821 | $ firejail \-\-hosts-file=~/myhosts firefox | 821 | $ firejail \-\-hosts-file=~/myhosts firefox |
822 | 822 | ||
823 | #ifdef HAVE_IDS | ||
823 | .TP | 824 | .TP |
824 | \fB\-\-ids-check | 825 | \fB\-\-ids-check |
825 | Check file hashes previously generated by \-\-ids-check. See INTRUSION DETECTION SYSTEM section for more details. | 826 | Check file hashes previously generated by \-\-ids-check. See INTRUSION DETECTION SYSTEM section for more details. |
@@ -839,6 +840,7 @@ Initialize file hashes. See INTRUSION DETECTION SYSTEM section for more details. | |||
839 | Example: | 840 | Example: |
840 | .br | 841 | .br |
841 | $ firejail \-\-ids-init | 842 | $ firejail \-\-ids-init |
843 | #endif | ||
842 | 844 | ||
843 | .TP | 845 | .TP |
844 | \fB\-\-ignore=command | 846 | \fB\-\-ignore=command |
@@ -3342,6 +3344,7 @@ $ firejail \-\-cat=mybrowser ~/.bashrc | |||
3342 | .br | 3344 | .br |
3343 | #endif | 3345 | #endif |
3344 | 3346 | ||
3347 | #ifdef HAVE_IDS | ||
3345 | .SH INTRUSION DETECTION SYSTEM (IDS) | 3348 | .SH INTRUSION DETECTION SYSTEM (IDS) |
3346 | The host-based intrusion detection system tracks down and audits user and system file modifications. | 3349 | The host-based intrusion detection system tracks down and audits user and system file modifications. |
3347 | The feature is configured using /etc/firejail/ids.config file, the checksums are stored in /var/lib/firejail/USERNAME.ids, | 3350 | The feature is configured using /etc/firejail/ids.config file, the checksums are stored in /var/lib/firejail/USERNAME.ids, |
@@ -3399,6 +3402,7 @@ New files and deleted files are also flagged. | |||
3399 | 3402 | ||
3400 | Currently while scanning the file system, symbolic links are not followed, and files the user doesn't have read access to are silently dropped. | 3403 | Currently while scanning the file system, symbolic links are not followed, and files the user doesn't have read access to are silently dropped. |
3401 | The program can also be run as root (sudo firejail --ids-init/--ids-check). | 3404 | The program can also be run as root (sudo firejail --ids-init/--ids-check). |
3405 | #endif | ||
3402 | 3406 | ||
3403 | .SH MONITORING | 3407 | .SH MONITORING |
3404 | Option \-\-list prints a list of all sandboxes. The format | 3408 | Option \-\-list prints a list of all sandboxes. The format |