--build: save the resulting profile in a file

author: netblue30 <netblue30@yahoo.com> 2017-10-22 11:09:50 -0400
committer: netblue30 <netblue30@yahoo.com> 2017-10-22 11:09:50 -0400
commit: ba231088e6bd8e4c52e372f7a4d2928ee7bf223a (patch)
tree: 614f1fbcbdaa6ae5ac6a2148bd13cb6073b263e7 /src/man
parent: --build fixes (diff)
download: firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.gz
firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.zst
firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.zip
1 files changed, 14 insertions, 2 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 00481d4d3..2303a8bbd 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -146,7 +146,7 @@ $ firejail "\-\-blacklist=/home/username/My Virtual Machines"
 $ firejail \-\-blacklist=/home/username/My\\ Virtual\\ Machines
 .TP
 \fB\-\-build
-The command builds a whitelisted profile. If /usr/bin/strace is installed on the system, it also
+The command builds a whitelisted profile. The profile is printed on the screen. If /usr/bin/strace is installed on the system, it also
 builds a whitelisted seccomp profile. The program is run in a very relaxed sandbox,
 with only --caps.drop=all and --nonewprivs. Programs that raise user privileges are not supported
 in order to allow strace to run. Chromium and Chromium-based browsers will not work.
@@ -155,7 +155,19 @@ in order to allow strace to run. Chromium and Chromium-based browsers will not w
 .br
 Example:
 .br
-$ firejail --build vlc ~/Videos/test.mp4
+$ firejail --build=profile-file vlc ~/Videos/test.mp4
+.TP
+\fB\-\-build=profile-file
+The command builds a whitelisted profile, and saves it in profile-file. If /usr/bin/strace is installed on the system, it also
+builds a whitelisted seccomp profile. The program is run in a very relaxed sandbox,
+with only --caps.drop=all and --nonewprivs. Programs that raise user privileges are not supported
+in order to allow strace to run. Chromium and Chromium-based browsers will not work.
+.br
+.br
+Example:
+.br
+$ firejail --build=vlc.profile vlc ~/Videos/test.mp4
 .TP
 \fB\-c
 Execute command and exit.
author	netblue30 <netblue30@yahoo.com>	2017-10-22 11:09:50 -0400
committer	netblue30 <netblue30@yahoo.com>	2017-10-22 11:09:50 -0400
commit	ba231088e6bd8e4c52e372f7a4d2928ee7bf223a (patch)
tree	614f1fbcbdaa6ae5ac6a2148bd13cb6073b263e7 /src/man
parent	--build fixes (diff)
download	firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.gz firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.zst firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.zip

diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 00481d4d3..2303a8bbd 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -146,7 +146,7 @@ $ firejail "\-\-blacklist=/home/username/My Virtual Machines"
146	$ firejail \-\-blacklist=/home/username/My\\ Virtual\\ Machines	146	$ firejail \-\-blacklist=/home/username/My\\ Virtual\\ Machines
147	.TP	147	.TP
148	\fB\-\-build	148	\fB\-\-build
149	The command builds a whitelisted profile. If /usr/bin/strace is installed on the system, it also	149	The command builds a whitelisted profile. The profile is printed on the screen. If /usr/bin/strace is installed on the system, it also
150	builds a whitelisted seccomp profile. The program is run in a very relaxed sandbox,	150	builds a whitelisted seccomp profile. The program is run in a very relaxed sandbox,
151	with only --caps.drop=all and --nonewprivs. Programs that raise user privileges are not supported	151	with only --caps.drop=all and --nonewprivs. Programs that raise user privileges are not supported
152	in order to allow strace to run. Chromium and Chromium-based browsers will not work.	152	in order to allow strace to run. Chromium and Chromium-based browsers will not work.
@@ -155,7 +155,19 @@ in order to allow strace to run. Chromium and Chromium-based browsers will not w
155	.br	155	.br
156	Example:	156	Example:
157	.br	157	.br
158	$ firejail --build vlc ~/Videos/test.mp4	158	$ firejail --build=profile-file vlc ~/Videos/test.mp4
		159	.TP
		160	\fB\-\-build=profile-file
		161	The command builds a whitelisted profile, and saves it in profile-file. If /usr/bin/strace is installed on the system, it also
		162	builds a whitelisted seccomp profile. The program is run in a very relaxed sandbox,
		163	with only --caps.drop=all and --nonewprivs. Programs that raise user privileges are not supported
		164	in order to allow strace to run. Chromium and Chromium-based browsers will not work.
		165	.br
		166
		167	.br
		168	Example:
		169	.br
		170	$ firejail --build=vlc.profile vlc ~/Videos/test.mp4
159	.TP	171	.TP
160	\fB\-c	172	\fB\-c
161	Execute command and exit.	173	Execute command and exit.