diff options
author | Reiner Herrmann <reiner@reiner-h.de> | 2021-06-21 23:10:09 +0200 |
---|---|---|
committer | Reiner Herrmann <reiner@reiner-h.de> | 2021-06-21 23:10:09 +0200 |
commit | 0f0325459e211ff31895ed7cbbbaae6c2c6ae9a2 (patch) | |
tree | 0875693a6ceef54818511972601d587a09a1aab4 /src/man/firejail.txt | |
parent | style: grammer and codestyle improvements (diff) | |
parent | creating alpine.profile (#4350) (diff) | |
download | firejail-0f0325459e211ff31895ed7cbbbaae6c2c6ae9a2.tar.gz firejail-0f0325459e211ff31895ed7cbbbaae6c2c6ae9a2.tar.zst firejail-0f0325459e211ff31895ed7cbbbaae6c2c6ae9a2.zip |
Merge branch 'master' into kuesji/master
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index c72a1dbd8..d18811316 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -2568,14 +2568,13 @@ Kill the sandbox automatically after the time has elapsed. The time is specified | |||
2568 | $ firejail \-\-timeout=01:30:00 firefox | 2568 | $ firejail \-\-timeout=01:30:00 firefox |
2569 | .TP | 2569 | .TP |
2570 | \fB\-\-tmpfs=dirname | 2570 | \fB\-\-tmpfs=dirname |
2571 | Mount a writable tmpfs filesystem on directory dirname. This option is available only when running the sandbox as root. | 2571 | Mount a writable tmpfs filesystem on directory dirname. Directories outside user home or not owned by the user are not allowed. Sandboxes running as root are exempt from these restrictions. File globbing is supported, see \fBFILE GLOBBING\fR section for more details. |
2572 | File globbing is supported, see \fBFILE GLOBBING\fR section for more details. | ||
2573 | .br | 2572 | .br |
2574 | 2573 | ||
2575 | .br | 2574 | .br |
2576 | Example: | 2575 | Example: |
2577 | .br | 2576 | .br |
2578 | # firejail \-\-tmpfs=/var | 2577 | $ firejail \-\-tmpfs=~/.local/share |
2579 | .TP | 2578 | .TP |
2580 | \fB\-\-top | 2579 | \fB\-\-top |
2581 | Monitor the most CPU-intensive sandboxes, see \fBMONITORING\fR section for more details. | 2580 | Monitor the most CPU-intensive sandboxes, see \fBMONITORING\fR section for more details. |
@@ -2725,8 +2724,9 @@ $ firejail \-\-net=br0 --veth-name=if0 | |||
2725 | \fB\-\-whitelist=dirname_or_filename | 2724 | \fB\-\-whitelist=dirname_or_filename |
2726 | Whitelist directory or file. A temporary file system is mounted on the top directory, and the | 2725 | Whitelist directory or file. A temporary file system is mounted on the top directory, and the |
2727 | whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent, | 2726 | whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent, |
2728 | everything else is discarded when the sandbox is closed. The top directory could be | 2727 | everything else is discarded when the sandbox is closed. The top directory can be |
2729 | user home, /dev, /etc, /media, /mnt, /opt, /run/user/$UID, /srv, /sys/module, /tmp, /usr/share and /var. | 2728 | all directories in / (except /proc and /sys), /sys/module, /run/user/$UID, $HOME and |
2729 | all directories in /usr. | ||
2730 | .br | 2730 | .br |
2731 | 2731 | ||
2732 | .br | 2732 | .br |