diff options
author | netblue30 <netblue30@yahoo.com> | 2016-08-16 10:52:12 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-08-16 10:52:12 -0400 |
commit | cf70d33717a94af25ae250f0cf5ebda1f38bd27c (patch) | |
tree | dde3f541c968b8e190c7214b97857aabd77af5c6 /src/man/firejail.txt | |
parent | arg_zsh and arg_csh cleanup (diff) | |
download | firejail-cf70d33717a94af25ae250f0cf5ebda1f38bd27c.tar.gz firejail-cf70d33717a94af25ae250f0cf5ebda1f38bd27c.tar.zst firejail-cf70d33717a94af25ae250f0cf5ebda1f38bd27c.zip |
overlay etc.
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 3cc9a8401..732d14624 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -994,12 +994,13 @@ $ ls -l sandboxlog* | |||
994 | \fB\-\-overlay | 994 | \fB\-\-overlay |
995 | Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, | 995 | Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, |
996 | the system directories are mounted read-write. All filesystem modifications go into the overlay. | 996 | the system directories are mounted read-write. All filesystem modifications go into the overlay. |
997 | The overlay is stored in $HOME/.firejail/<PID> directory. This option is not available on Grsecurity systems. | 997 | The overlay is stored in $HOME/.firejail/<PID> directory. |
998 | .br | 998 | .br |
999 | 999 | ||
1000 | .br | 1000 | .br |
1001 | OverlayFS support is required in Linux kernel for this option to work. | 1001 | OverlayFS support is required in Linux kernel for this option to work. |
1002 | OverlayFS was officially introduced in Linux kernel version 3.18 | 1002 | OverlayFS was officially introduced in Linux kernel version 3.18. |
1003 | This option is not available on Grsecurity systems. | ||
1003 | .br | 1004 | .br |
1004 | 1005 | ||
1005 | .br | 1006 | .br |
@@ -1012,12 +1013,13 @@ $ firejail \-\-overlay firefox | |||
1012 | Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, | 1013 | Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, |
1013 | the system directories are mounted read-write. All filesystem modifications go into the overlay. | 1014 | the system directories are mounted read-write. All filesystem modifications go into the overlay. |
1014 | The overlay is stored in $HOME/.firejail/<NAME> directory. The created overlay can be reused between multiple | 1015 | The overlay is stored in $HOME/.firejail/<NAME> directory. The created overlay can be reused between multiple |
1015 | sessions. This option is not available on Grsecurity systems. | 1016 | sessions. |
1016 | .br | 1017 | .br |
1017 | 1018 | ||
1018 | .br | 1019 | .br |
1019 | OverlayFS support is required in Linux kernel for this option to work. | 1020 | OverlayFS support is required in Linux kernel for this option to work. |
1020 | OverlayFS was officially introduced in Linux kernel version 3.18 | 1021 | OverlayFS was officially introduced in Linux kernel version 3.18. |
1022 | This option is not available on Grsecurity systems. | ||
1021 | .br | 1023 | .br |
1022 | 1024 | ||
1023 | .br | 1025 | .br |
@@ -1030,12 +1032,12 @@ $ firejail \-\-overlay-named=jail1 firefox | |||
1030 | Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, | 1032 | Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, |
1031 | the system directories are mounted read-write. All filesystem modifications go into the overlay. | 1033 | the system directories are mounted read-write. All filesystem modifications go into the overlay. |
1032 | The overlay is stored in the specified path. The created overlay can be reused between multiple sessions. | 1034 | The overlay is stored in the specified path. The created overlay can be reused between multiple sessions. |
1033 | This option is not available on Grsecurity systems. | ||
1034 | .br | 1035 | .br |
1035 | 1036 | ||
1036 | .br | 1037 | .br |
1037 | OverlayFS support is required in Linux kernel for this option to work. | 1038 | OverlayFS support is required in Linux kernel for this option to work. |
1038 | OverlayFS was officially introduced in Linux kernel version 3.18 | 1039 | OverlayFS was officially introduced in Linux kernel version 3.18. |
1040 | This option is not available on Grsecurity systems. | ||
1039 | .br | 1041 | .br |
1040 | 1042 | ||
1041 | .br | 1043 | .br |
@@ -1046,12 +1048,13 @@ $ firejail \-\-overlay-path=~/jails/jail1 firefox | |||
1046 | .TP | 1048 | .TP |
1047 | \fB\-\-overlay-tmpfs | 1049 | \fB\-\-overlay-tmpfs |
1048 | Mount a filesystem overlay on top of the current filesystem. All filesystem modifications go into the overlay, | 1050 | Mount a filesystem overlay on top of the current filesystem. All filesystem modifications go into the overlay, |
1049 | and are discarded when the sandbox is closed. This option is not available on Grsecurity systems. | 1051 | and are discarded when the sandbox is closed. |
1050 | .br | 1052 | .br |
1051 | 1053 | ||
1052 | .br | 1054 | .br |
1053 | OverlayFS support is required in Linux kernel for this option to work. | 1055 | OverlayFS support is required in Linux kernel for this option to work. |
1054 | OverlayFS was officially introduced in Linux kernel version 3.18 | 1056 | OverlayFS was officially introduced in Linux kernel version 3.18. |
1057 | This option is not available on Grsecurity systems. | ||
1055 | .br | 1058 | .br |
1056 | 1059 | ||
1057 | .br | 1060 | .br |
@@ -1061,7 +1064,8 @@ $ firejail \-\-overlay-tmpfs firefox | |||
1061 | 1064 | ||
1062 | .TP | 1065 | .TP |
1063 | \fB\-\-overlay-clean | 1066 | \fB\-\-overlay-clean |
1064 | Clean all overlays stored in $HOME/.firejail directory. | 1067 | Clean all overlays stored in $HOME/.firejail directory. Overlays created with --overlay-path=path |
1068 | outside $HOME/.firejail will not be deleted. | ||
1065 | .br | 1069 | .br |
1066 | 1070 | ||
1067 | .br | 1071 | .br |