diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-08-28 19:07:03 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-08-28 21:14:23 -0300 |
commit | c78c2b4ec4557a210c78eaeaf6fc687fe3707eb2 (patch) | |
tree | 3082b641171ae855a19da9fc2771e96a9764dc40 /src/man | |
parent | docs: clarify symlink handling description in --whitelist (diff) | |
download | firejail-c78c2b4ec4557a210c78eaeaf6fc687fe3707eb2.tar.gz firejail-c78c2b4ec4557a210c78eaeaf6fc687fe3707eb2.tar.zst firejail-c78c2b4ec4557a210c78eaeaf6fc687fe3707eb2.zip |
docs: note that blacklist/whitelist follow symlinks
Make it more explicit that they do and add an example for each command.
Relates to #5338.
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail.txt | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 00393c434..1dd5508b3 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -191,6 +191,13 @@ Blacklist directory or file. File globbing is supported, see \fBFILE GLOBBING\fR | |||
191 | .br | 191 | .br |
192 | 192 | ||
193 | .br | 193 | .br |
194 | Symbolic link handling: Blacklisting a path that is a symbolic link will also | ||
195 | blacklist the path that it points to. | ||
196 | For example, if ~/foo is blacklisted and it points to /foo, then /foo will also | ||
197 | be blacklisted. | ||
198 | .br | ||
199 | |||
200 | .br | ||
194 | Example: | 201 | Example: |
195 | .br | 202 | .br |
196 | $ firejail \-\-blacklist=/sbin \-\-blacklist=/usr/sbin | 203 | $ firejail \-\-blacklist=/sbin \-\-blacklist=/usr/sbin |
@@ -2922,8 +2929,12 @@ all directories in /usr. | |||
2922 | .br | 2929 | .br |
2923 | 2930 | ||
2924 | .br | 2931 | .br |
2925 | Symbolic link handling: With the exception of the user home directory, both the | 2932 | Symbolic link handling: Whitelisting a path that is a symbolic link will also |
2926 | link and the real file should be in the same top directory. | 2933 | whitelist the path that it points to. |
2934 | For example, if ~/foo is whitelisted and it points to ~/bar, then ~/bar will | ||
2935 | also be whitelisted. | ||
2936 | Restrictions: With the exception of the user home directory, both the link and | ||
2937 | the real file should be in the same top directory. | ||
2927 | For symbolic links in the user home directory, both the link and the real file | 2938 | For symbolic links in the user home directory, both the link and the real file |
2928 | should be owned by the user. | 2939 | should be owned by the user. |
2929 | .br | 2940 | .br |