diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-03-13 15:10:25 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2022-03-13 17:18:44 -0300 |
commit | 4c216c75b7ebedad74eb8379992fac667914ce2f (patch) | |
tree | 002d3fd41e76a49993e6dad076e2aa4e09068861 /src/man | |
parent | minor cleanups, no functional changes (#5040) (diff) | |
download | firejail-4c216c75b7ebedad74eb8379992fac667914ce2f.tar.gz firejail-4c216c75b7ebedad74eb8379992fac667914ce2f.tar.zst firejail-4c216c75b7ebedad74eb8379992fac667914ce2f.zip |
man: mention that the protocol command accumulates
As mentioned by @rusty-snake[1].
This amends commit 39654d016 ("adding netlink to --protocol list
(#4605)", 2022-01-21).
See also commit 75073e0e4 ("man: mention that private-bin and
private-etc are cumulative", 2022-01-22) and issue #4078.
[1] https://github.com/netblue30/firejail/pull/5042/files#r825477891
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail-profile.txt | 2 | ||||
-rw-r--r-- | src/man/firejail.txt | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index e962e18da..8c9c25311 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -505,7 +505,7 @@ There is no root account (uid 0) defined in the namespace. | |||
505 | Enable protocol filter. The filter is based on seccomp and checks the | 505 | Enable protocol filter. The filter is based on seccomp and checks the |
506 | first argument to socket system call. Recognized values: \fBunix\fR, | 506 | first argument to socket system call. Recognized values: \fBunix\fR, |
507 | \fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR, and \fBbluetooth\fR. | 507 | \fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR, and \fBbluetooth\fR. |
508 | Multiple protocol commands are allowed. | 508 | Multiple protocol commands are allowed and they accumulate. |
509 | .TP | 509 | .TP |
510 | \fBseccomp | 510 | \fBseccomp |
511 | Enable seccomp filter and blacklist the syscalls in the default list. See man 1 firejail for more details. | 511 | Enable seccomp filter and blacklist the syscalls in the default list. See man 1 firejail for more details. |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index f9deaeaa4..228d0c91c 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -2167,6 +2167,7 @@ $ firejail \-\-profile.print=browser | |||
2167 | \fB\-\-protocol=protocol,protocol,protocol | 2167 | \fB\-\-protocol=protocol,protocol,protocol |
2168 | Enable protocol filter. The filter is based on seccomp and checks the first argument to socket system call. | 2168 | Enable protocol filter. The filter is based on seccomp and checks the first argument to socket system call. |
2169 | Recognized values: unix, inet, inet6, netlink, packet, and bluetooth. This option is not supported for i386 architecture. | 2169 | Recognized values: unix, inet, inet6, netlink, packet, and bluetooth. This option is not supported for i386 architecture. |
2170 | Multiple protocol commands are allowed and they accumulate. | ||
2170 | .br | 2171 | .br |
2171 | 2172 | ||
2172 | .br | 2173 | .br |