diff options
author | netblue30 <netblue30@yahoo.com> | 2016-03-04 20:25:29 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-03-04 20:25:29 -0500 |
commit | 5b3f207558cb12a2ac15bded2c70214ffeb3a8fd (patch) | |
tree | 1e2231b1f6c72d758e675f8a25c8dd5341b793ce /src/man | |
parent | --ls (diff) | |
download | firejail-5b3f207558cb12a2ac15bded2c70214ffeb3a8fd.tar.gz firejail-5b3f207558cb12a2ac15bded2c70214ffeb3a8fd.tar.zst firejail-5b3f207558cb12a2ac15bded2c70214ffeb3a8fd.zip |
documentation
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 41 |
1 files changed, 17 insertions, 24 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 3a9b41330..56a768614 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -11,7 +11,7 @@ firejail [OPTIONS] [program and arguments] | |||
11 | Network traffic shaping for an existing sandbox: | 11 | Network traffic shaping for an existing sandbox: |
12 | .PP | 12 | .PP |
13 | .RS | 13 | .RS |
14 | firejail \-\-bandwidth={<name>|<PID>} bandwidth-command | 14 | firejail \-\-bandwidth={name|pid} bandwidth-command |
15 | .RE | 15 | .RE |
16 | .PP | 16 | .PP |
17 | Monitoring: | 17 | Monitoring: |
@@ -68,20 +68,8 @@ $ firejail [OPTIONS] firefox # starting Mozilla Firefox | |||
68 | \fB\-\- | 68 | \fB\-\- |
69 | Signal the end of options and disables further option processing. | 69 | Signal the end of options and disables further option processing. |
70 | .TP | 70 | .TP |
71 | \fB\-\-bandwidth=name | 71 | \fB\-\-bandwidth=name|pid |
72 | Set bandwidth limits for the sandbox identified by name, see \fBTRAFFIC SHAPING\fR section for more details. | 72 | Set bandwidth limits for the sandbox identified by name or PID, see \fBTRAFFIC SHAPING\fR section for more details. |
73 | .TP | ||
74 | \fB\-\-bandwidth=pid | ||
75 | Set bandwidth limits for the sandbox identified by PID, see \fBTRAFFIC SHAPING\fR section for more details. | ||
76 | .TP | ||
77 | \fB\-\-bind=dirname1,dirname2 | ||
78 | Mount-bind dirname1 on top of dirname2. This option is only available when running the sandbox as root. | ||
79 | .br | ||
80 | |||
81 | .br | ||
82 | Example: | ||
83 | .br | ||
84 | # firejail \-\-bind=/config/www,/var/www | ||
85 | .TP | 73 | .TP |
86 | \fB\-\-bind=filename1,filename2 | 74 | \fB\-\-bind=filename1,filename2 |
87 | Mount-bind filename1 on top of filename2. This option is only available when running as root. | 75 | Mount-bind filename1 on top of filename2. This option is only available when running as root. |
@@ -104,6 +92,8 @@ $ firejail \-\-blacklist=/sbin \-\-blacklist=/usr/sbin | |||
104 | $ firejail \-\-blacklist=~/.mozilla | 92 | $ firejail \-\-blacklist=~/.mozilla |
105 | .br | 93 | .br |
106 | $ firejail "\-\-blacklist=/home/username/My Virtual Machines" | 94 | $ firejail "\-\-blacklist=/home/username/My Virtual Machines" |
95 | .br | ||
96 | $ firejail \-\-blacklist=/home/username/My\\ Virtual\\ Machines | ||
107 | .TP | 97 | .TP |
108 | \fB\-c | 98 | \fB\-c |
109 | Execute command and exit. | 99 | Execute command and exit. |
@@ -1699,7 +1689,7 @@ Additional arguments passed to firejail executable upon login are declared in /e | |||
1699 | .SH EXAMPLES | 1689 | .SH EXAMPLES |
1700 | .TP | 1690 | .TP |
1701 | \f\firejail | 1691 | \f\firejail |
1702 | Start a regular /bin/bash session in sandbox. | 1692 | Sandbox a regular /bin/bash session. |
1703 | .TP | 1693 | .TP |
1704 | \f\firejail firefox | 1694 | \f\firejail firefox |
1705 | Start Mozilla Firefox. | 1695 | Start Mozilla Firefox. |
@@ -1707,17 +1697,20 @@ Start Mozilla Firefox. | |||
1707 | \f\firejail \-\-debug firefox | 1697 | \f\firejail \-\-debug firefox |
1708 | Debug Firefox sandbox. | 1698 | Debug Firefox sandbox. |
1709 | .TP | 1699 | .TP |
1710 | \f\firejail \-\-private | 1700 | \f\firejail \-\-private firefox |
1711 | Start a /bin/bash session with a new tmpfs home directory. | 1701 | Start Firefox with a new, empty home directory. |
1702 | .TP | ||
1703 | \f\firejail --net=none vlc | ||
1704 | Start VLC in an unconnected network namespace. | ||
1712 | .TP | 1705 | .TP |
1713 | \f\firejail \-\-net=br0 ip=10.10.20.10 | 1706 | \f\firejail \-\-net=eth0 firefox |
1714 | Start a /bin/bash session in a new network namespace. The session is | 1707 | Start Firefox in a new network namespace. An IP address is |
1715 | connected to the main network using br0 bridge device. An IP address | 1708 | assigned automatically. |
1716 | of 10.10.20.10 is assigned to the sandbox. | ||
1717 | .TP | 1709 | .TP |
1718 | \f\firejail \-\-net=br0 \-\-net=br1 \-\-net=br2 | 1710 | \f\firejail \-\-net=br0 \-\-ip=10.10.20.5 \-\-net=br1 \-\-net=br2 |
1719 | Start a /bin/bash session in a new network namespace and connect it | 1711 | Start a /bin/bash session in a new network namespace and connect it |
1720 | to br0, br1, and br2 host bridge devices. | 1712 | to br0, br1, and br2 host bridge devices. IP addresses are assigned |
1713 | automatically for the interfaces connected to br1 and b2 | ||
1721 | .TP | 1714 | .TP |
1722 | \f\firejail \-\-list | 1715 | \f\firejail \-\-list |
1723 | List all sandboxed processes. | 1716 | List all sandboxed processes. |