--private-etc option, issue #5

author: netblue30 <netblue30@yahoo.com> 2015-08-12 08:36:41 -0400
committer: netblue30 <netblue30@yahoo.com> 2015-08-12 08:36:41 -0400
commit: 46334f0039100403572d7a6144d3a082cb648a42 (patch)
tree: c7e9d600b3ce213158ea9f26b9a87e9610269afb /src/man
parent: tenative fix for issue 11 (diff)
download: firejail-46334f0039100403572d7a6144d3a082cb648a42.tar.gz
firejail-46334f0039100403572d7a6144d3a082cb648a42.tar.zst
firejail-46334f0039100403572d7a6144d3a082cb648a42.zip
2 files changed, 18 insertions, 0 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index f85e10171..60d9c47c5 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -81,6 +81,11 @@ closed.
 .TP
 \f\private-dev
 Create a new /dev directory. Only null, full, zero, tty, pts, ptmx, random, urandom and shm devices are available.
+.TP
+\f\private-etc file,directory
+Build a new /etc in a temporary
+filesystem, and copy the files and directories in the list.
+All modifications are discarded when the sandbox is closed.
 .SH Filters
 \fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples:
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 4e8d96d31..dbffe68ed 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -670,6 +670,19 @@ full  null  ptmx  pts  random  shm  tty  urandom  zero
 .br
 $
 .TP
+\fB\-\-private-etc=file,directory
+Build a new /etc in a temporary
+filesystem, and copy the files and directories in the list.
+All modifications are discarded when the sandbox is closed.
+.br
+.br
+Example:
+.br
+$ firejail --private-etc=group,hostname,localtime, \\
+.br
+nsswitch.conf,passwd,resolv.conf
+.TP
 \fB\-\-profile=filename
 Load a custom profile from filename. For filename use an absolute path or a path relative to the current path.
 For more information, see PROFILES section below.
author	netblue30 <netblue30@yahoo.com>	2015-08-12 08:36:41 -0400
committer	netblue30 <netblue30@yahoo.com>	2015-08-12 08:36:41 -0400
commit	46334f0039100403572d7a6144d3a082cb648a42 (patch)
tree	c7e9d600b3ce213158ea9f26b9a87e9610269afb /src/man
parent	tenative fix for issue 11 (diff)
download	firejail-46334f0039100403572d7a6144d3a082cb648a42.tar.gz firejail-46334f0039100403572d7a6144d3a082cb648a42.tar.zst firejail-46334f0039100403572d7a6144d3a082cb648a42.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index f85e10171..60d9c47c5 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -81,6 +81,11 @@ closed.
81	.TP	81	.TP
82	\f\private-dev	82	\f\private-dev
83	Create a new /dev directory. Only null, full, zero, tty, pts, ptmx, random, urandom and shm devices are available.	83	Create a new /dev directory. Only null, full, zero, tty, pts, ptmx, random, urandom and shm devices are available.
		84	.TP
		85	\f\private-etc file,directory
		86	Build a new /etc in a temporary
		87	filesystem, and copy the files and directories in the list.
		88	All modifications are discarded when the sandbox is closed.
84		89
85	.SH Filters	90	.SH Filters
86	\fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples:	91	\fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples:


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 4e8d96d31..dbffe68ed 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -670,6 +670,19 @@ full null ptmx pts random shm tty urandom zero
670	.br	670	.br
671	$	671	$
672	.TP	672	.TP
		673	\fB\-\-private-etc=file,directory
		674	Build a new /etc in a temporary
		675	filesystem, and copy the files and directories in the list.
		676	All modifications are discarded when the sandbox is closed.
		677	.br
		678
		679	.br
		680	Example:
		681	.br
		682	$ firejail --private-etc=group,hostname,localtime, \\
		683	.br
		684	nsswitch.conf,passwd,resolv.conf
		685	.TP
673	\fB\-\-profile=filename	686	\fB\-\-profile=filename
674	Load a custom profile from filename. For filename use an absolute path or a path relative to the current path.	687	Load a custom profile from filename. For filename use an absolute path or a path relative to the current path.
675	For more information, see PROFILES section below.	688	For more information, see PROFILES section below.