diff options
author | Азалия Смарагдова <charming.flurry@yandex.ru> | 2022-07-25 17:16:53 +0500 |
---|---|---|
committer | Азалия Смарагдова <charming.flurry@yandex.ru> | 2022-08-05 11:47:24 +0500 |
commit | 7f3b6c19a0a87bfd240af7c0c9d61ae907668ce6 (patch) | |
tree | 9bcc55b6dc49357f1b7330174be4524efbb1b45c /src/man | |
parent | RELNOTES: add build and ci items (diff) | |
download | firejail-7f3b6c19a0a87bfd240af7c0c9d61ae907668ce6.tar.gz firejail-7f3b6c19a0a87bfd240af7c0c9d61ae907668ce6.tar.zst firejail-7f3b6c19a0a87bfd240af7c0c9d61ae907668ce6.zip |
Add support for custom AppArmor profiles (--apparmor=)
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail-profile.txt | 6 | ||||
-rw-r--r-- | src/man/firejail.txt | 8 |
2 files changed, 12 insertions, 2 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index be1f55f0f..0b0c64ec6 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -478,7 +478,11 @@ Allow tools such as strace and gdb inside the sandbox by whitelisting system cal | |||
478 | #ifdef HAVE_APPARMOR | 478 | #ifdef HAVE_APPARMOR |
479 | .TP | 479 | .TP |
480 | \fBapparmor | 480 | \fBapparmor |
481 | Enable AppArmor confinement. | 481 | Enable AppArmor confinement with the "firejail-default" AppArmor profile. |
482 | .TP | ||
483 | \fBapparmor profile_name | ||
484 | Enable AppArmor confinement with a custom AppArmor profile. | ||
485 | Note that the profile in question must already be loaded into the kernel. | ||
482 | #endif | 486 | #endif |
483 | .TP | 487 | .TP |
484 | \fBcaps | 488 | \fBcaps |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 087d1c85a..b783795f2 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -122,7 +122,13 @@ $ firejail --allusers | |||
122 | #ifdef HAVE_APPARMOR | 122 | #ifdef HAVE_APPARMOR |
123 | .TP | 123 | .TP |
124 | \fB\-\-apparmor | 124 | \fB\-\-apparmor |
125 | Enable AppArmor confinement. For more information, please see \fBAPPARMOR\fR section below. | 125 | Enable AppArmor confinement with the "firejail-default" AppArmor profile. |
126 | For more information, please see \fBAPPARMOR\fR section below. | ||
127 | .TP | ||
128 | \fB\-\-apparmor=profile_name | ||
129 | Enable AppArmor confinement with a custom AppArmor profile. | ||
130 | Note that profile in question must already be loaded into the kernel. | ||
131 | For more information, please see \fBAPPARMOR\fR section below. | ||
126 | .TP | 132 | .TP |
127 | \fB\-\-apparmor.print=name|pid | 133 | \fB\-\-apparmor.print=name|pid |
128 | Print the AppArmor confinement status for the sandbox identified by name or by PID. | 134 | Print the AppArmor confinement status for the sandbox identified by name or by PID. |