diff options
| author |  Austin Morton <austinpmorton@gmail.com> | 2019-05-20 19:44:40 -0400 |
|---|---|---|
| committer | Austin Morton <austinpmorton@gmail.com> | 2019-05-23 18:45:44 -0400 |
| commit | 99a9f8d680ea5a613506d5f0a1804bf97a5d69f3 (patch) | |
| tree | f4fb77e96f9e2a3f08776ae4471b5db3f059831d /src/man | |
| parent | Create a profile for mp3splt-gtk (diff) | |
| download | firejail-99a9f8d680ea5a613506d5f0a1804bf97a5d69f3.tar.gz firejail-99a9f8d680ea5a613506d5f0a1804bf97a5d69f3.tar.zst firejail-99a9f8d680ea5a613506d5f0a1804bf97a5d69f3.zip | |
Add private-cwd option to control working directory within jail
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/firejail-profile.txt | 6 | ||||
| -rw-r--r-- | src/man/firejail.txt | 42 |
2 files changed, 48 insertions, 0 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 703fac30f..23007725a 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
| @@ -288,6 +288,12 @@ All modifications are discarded when the sandbox is closed. | |||
| 288 | \fBprivate-tmp | 288 | \fBprivate-tmp |
| 289 | Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix. | 289 | Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix. |
| 290 | .TP | 290 | .TP |
| 291 | \fBprivate-cwd | ||
| 292 | Set working directory inside jail to the home directory, and failing that, the root directory. | ||
| 293 | .TP | ||
| 294 | \fBprivate-cwd directory | ||
| 295 | Set working directory inside the jail. | ||
| 296 | .TP | ||
| 291 | \fBread-only file_or_directory | 297 | \fBread-only file_or_directory |
| 292 | Make directory or file read-only. | 298 | Make directory or file read-only. |
| 293 | .TP | 299 | .TP |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index e6826448b..1fa2a6546 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -1568,6 +1568,48 @@ drwx------ 2 nobody nogroup 4096 Apr 30 10:52 pulse-PKdhtXMmr18n | |||
| 1568 | drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix | 1568 | drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix |
| 1569 | .br | 1569 | .br |
| 1570 | 1570 | ||
| 1571 | .TP | ||
| 1572 | \fB\-\-private-cwd | ||
| 1573 | Set working directory inside jail to the home directory, and failing that, the root directory. | ||
| 1574 | .br | ||
| 1575 | Does not impact working directory of profile include paths. | ||
| 1576 | .br | ||
| 1577 | |||
| 1578 | .br | ||
| 1579 | Example: | ||
| 1580 | .br | ||
| 1581 | $ pwd | ||
| 1582 | .br | ||
| 1583 | /tmp | ||
| 1584 | .br | ||
| 1585 | $ firejail \-\-private-cwd | ||
| 1586 | .br | ||
| 1587 | $ pwd | ||
| 1588 | .br | ||
| 1589 | /home/user | ||
| 1590 | .br | ||
| 1591 | |||
| 1592 | .TP | ||
| 1593 | \fB\-\-private-cwd=directory | ||
| 1594 | Set working directory inside the jail. | ||
| 1595 | .br | ||
| 1596 | Does not impact working directory of profile include paths. | ||
| 1597 | .br | ||
| 1598 | |||
| 1599 | .br | ||
| 1600 | Example: | ||
| 1601 | .br | ||
| 1602 | $ pwd | ||
| 1603 | .br | ||
| 1604 | /tmp | ||
| 1605 | .br | ||
| 1606 | $ firejail \-\-private-cwd=/opt | ||
| 1607 | .br | ||
| 1608 | $ pwd | ||
| 1609 | .br | ||
| 1610 | /opt | ||
| 1611 | .br | ||
| 1612 | |||
| 1571 | 1613 | ||
| 1572 | .TP | 1614 | .TP |
| 1573 | \fB\-\-profile=filename_or_profilename | 1615 | \fB\-\-profile=filename_or_profilename |