diff options
author | netblue30 <netblue30@protonmail.com> | 2021-02-20 10:06:58 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-02-20 10:06:58 -0500 |
commit | 42e2db1275e37bf669a074c023ea9f9a8b40db43 (patch) | |
tree | 59169acd88cbce9160b1657a7016c789559e0e20 /src/man | |
parent | run sort.py (diff) | |
download | firejail-42e2db1275e37bf669a074c023ea9f9a8b40db43.tar.gz firejail-42e2db1275e37bf669a074c023ea9f9a8b40db43.tar.zst firejail-42e2db1275e37bf669a074c023ea9f9a8b40db43.zip |
jaitest - simple sandbox testing utility program
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/Makefile.in | 2 | ||||
-rw-r--r-- | src/man/jailtest.txt | 82 |
2 files changed, 83 insertions, 1 deletions
diff --git a/src/man/Makefile.in b/src/man/Makefile.in index 1c4444307..1a1f8ba08 100644 --- a/src/man/Makefile.in +++ b/src/man/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | all: firecfg.man firejail.man firejail-login.man firejail-users.man firejail-profile.man firemon.man | 1 | all: firecfg.man firejail.man firejail-login.man firejail-users.man firejail-profile.man firemon.man jailtest.man |
2 | include ../common.mk | 2 | include ../common.mk |
3 | 3 | ||
4 | %.man: %.txt | 4 | %.man: %.txt |
diff --git a/src/man/jailtest.txt b/src/man/jailtest.txt new file mode 100644 index 000000000..bc1999163 --- /dev/null +++ b/src/man/jailtest.txt | |||
@@ -0,0 +1,82 @@ | |||
1 | .TH JAILTEST 1 "MONTH YEAR" "VERSION" "JAILTEST man page" | ||
2 | .SH NAME | ||
3 | jailtest \- Simple utility program to test running sandboxes | ||
4 | .SH SYNOPSIS | ||
5 | sudo jailtest [OPTIONS] [directory] | ||
6 | .SH DESCRIPTION | ||
7 | WORK IN PROGRESS! | ||
8 | jailtest attaches itself to all sandboxes started by the user and performs some basic tests | ||
9 | on the sandbox filesystem: | ||
10 | .TP | ||
11 | \fB1. Virtual directories | ||
12 | jailtest extracts a list with the main virtual directories installed by the sandbox. | ||
13 | These directories are build by firejail at startup using --private* and --whitelist commands. | ||
14 | .TP | ||
15 | \fB2. Noexec test | ||
16 | jailtest inserts executable programs in /home/username, /tmp, and /var/tmp directories | ||
17 | and tries to run them form inside the sandbox, thus testing if the directory is executable or not. | ||
18 | .TP | ||
19 | \fB3. Read access test | ||
20 | jailtest creates test files in the directories specified by the user and tries to read | ||
21 | them from inside the sandbox. | ||
22 | |||
23 | .TP | ||
24 | The program is running as root exclusively under sudo. | ||
25 | |||
26 | .SH OPTIONS | ||
27 | .TP | ||
28 | \fB\-\-debug | ||
29 | Print debug messages | ||
30 | .TP | ||
31 | \fB\-?\fR, \fB\-\-help\fR | ||
32 | Print options end exit. | ||
33 | .TP | ||
34 | \fB\-\-version | ||
35 | Print program version and exit. | ||
36 | .TP | ||
37 | \fB[directory] | ||
38 | One or more directories in user home to test for read access. | ||
39 | |||
40 | .SH OUTPUT | ||
41 | For each sandbox detected we print the following line: | ||
42 | |||
43 | PID:USER:Sandbox Name:Command | ||
44 | |||
45 | It is followed by relevant sandbox information, such as the virtual directories and various warnings. | ||
46 | |||
47 | .SH EXAMPLE | ||
48 | |||
49 | .br | ||
50 | $ sudo jailtest ~/.ssh ~/.gnupg | ||
51 | .br | ||
52 | 1429:netblue::/usr/bin/firejail /opt/firefox/firefox | ||
53 | .br | ||
54 | Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, | ||
55 | .br | ||
56 | 5602:netblue::/usr/bin/firejail /usr/bin/ssh netblue@x.y.z.net | ||
57 | .br | ||
58 | Virtual dirs: /var/tmp, /dev, | ||
59 | .br | ||
60 | Warning: I can read ~/.ssh | ||
61 | .br | ||
62 | 5926:netblue::/usr/bin/firejail /usr/bin/gimp-2.10 | ||
63 | .br | ||
64 | Virtual dirs: /tmp, /var/tmp, /dev, | ||
65 | .br | ||
66 | Warning: I can run programs in /home/netblue | ||
67 | .br | ||
68 | 6394:netblue:libreoffice:/usr/bin/firejail libreoffice | ||
69 | .br | ||
70 | Virtual dirs: /tmp, /var/tmp, /dev, | ||
71 | .br | ||
72 | |||
73 | .SH LICENSE | ||
74 | This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. | ||
75 | .PP | ||
76 | Homepage: https://firejail.wordpress.com | ||
77 | .SH SEE ALSO | ||
78 | \&\flfirejail\fR\|(1), | ||
79 | \&\flfirecfg\fR\|(1), | ||
80 | \&\flfirejail-profile\fR\|(5), | ||
81 | \&\flfirejail-login\fR\|(5) | ||
82 | \&\flfirejail-users\fR\|(5) | ||