diff options
author | smitsohu <smitsohu@gmail.com> | 2019-02-23 19:03:08 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-02-23 19:03:08 +0100 |
commit | 1934ff4a5e24e4932d2dcc1d47712738c4643366 (patch) | |
tree | 763a0eb09ccd1d59f31300ad6a20816a6e2fbda5 /src/man | |
parent | add whitelist support for /run/user/$uid (diff) | |
download | firejail-1934ff4a5e24e4932d2dcc1d47712738c4643366.tar.gz firejail-1934ff4a5e24e4932d2dcc1d47712738c4643366.tar.zst firejail-1934ff4a5e24e4932d2dcc1d47712738c4643366.zip |
documentation update
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 12 |
1 files changed, 1 insertions, 11 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 48d5c49bb..e6eaa1685 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1639,16 +1639,6 @@ Example: | |||
1639 | .br | 1639 | .br |
1640 | $ firejail \-\-read-only=~/.mozilla firefox | 1640 | $ firejail \-\-read-only=~/.mozilla firefox |
1641 | .br | 1641 | .br |
1642 | |||
1643 | .br | ||
1644 | A short note about mixing \-\-whitelist and \-\-read-only options. Whitelisted directories | ||
1645 | should be made read-only independently. Making a parent directory read-only, will not | ||
1646 | make the whitelist read-only. Example: | ||
1647 | .br | ||
1648 | |||
1649 | .br | ||
1650 | $ firejail --whitelist=~/work --read-only=~ --read-only=~/work | ||
1651 | |||
1652 | .TP | 1642 | .TP |
1653 | \fB\-\-read-write=dirname_or_filename | 1643 | \fB\-\-read-write=dirname_or_filename |
1654 | Set directory or file read-write. Only files or directories belonging to the current user are allowed for | 1644 | Set directory or file read-write. Only files or directories belonging to the current user are allowed for |
@@ -2212,7 +2202,7 @@ $ firejail \-\-net=br0 --veth-name=if0 | |||
2212 | Whitelist directory or file. A temporary file system is mounted on the top directory, and the | 2202 | Whitelist directory or file. A temporary file system is mounted on the top directory, and the |
2213 | whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent, | 2203 | whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent, |
2214 | everything else is discarded when the sandbox is closed. The top directory could be | 2204 | everything else is discarded when the sandbox is closed. The top directory could be |
2215 | user home, /dev, /etc, /media, /mnt, /opt, /srv, /sys/module, /usr/share, /var, and /tmp. | 2205 | user home, /dev, /etc, /media, /mnt, /opt, /run/user/$UID, /srv, /sys/module, /tmp, /usr/share and /var. |
2216 | .br | 2206 | .br |
2217 | 2207 | ||
2218 | .br | 2208 | .br |