--private-tmp

author: root <root@debian> 2016-01-26 08:38:54 -0500
committer: root <root@debian> 2016-01-26 08:38:54 -0500
commit: 3a8649e37789151f235c5f01e846b7228bac402b (patch)
tree: 9848db30a0657041821f608575c7957d6d34f1fe /src/man
parent: --tmpfs allowd only as root user (diff)
download: firejail-3a8649e37789151f235c5f01e846b7228bac402b.tar.gz
firejail-3a8649e37789151f235c5f01e846b7228bac402b.tar.zst
firejail-3a8649e37789151f235c5f01e846b7228bac402b.zip
2 files changed, 17 insertions, 3 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 2f17c3088..90c59d753 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -139,13 +139,13 @@ Mount new /root and /home/user directories in temporary
 filesystems. All modifications are discarded when the sandbox is
 closed.
 .TP
+\fBprivate directory
+Use directory as user home.
+.TP
 \fBprivate-bin file,file
 Build a new /bin in a temporary filesystem, and copy the programs in the list.
 The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
 .TP
-\fBprivate directory
-Use directory as user home.
-.TP
 \fBprivate-home file,directory
 Build a new user home in a temporary
 filesystem, and copy the files and directories in the list in the
@@ -160,6 +160,9 @@ Build a new /etc in a temporary
 filesystem, and copy the files and directories in the list.
 All modifications are discarded when the sandbox is closed.
 .TP
+\fBprivate-tmp
+Mount an empty temporary filesystem on top of /tmp directory.
+.TP
 \fBwhitelist file_or_directory
 Build a new user home in a temporary filesystem, and mount-bind file_or_directory.
 The modifications to file_or_directory are persistent, everything else is discarded
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 43572bb4b..877ee0ce5 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1004,6 +1004,17 @@ Example:
 $ firejail --private-etc=group,hostname,localtime, \\
 .br
 nsswitch.conf,passwd,resolv.conf
+.TP
+\fB\-\-private-tmp
+Mount an empty temporary filesystem on top of /tmp directory.
+.br
+.br
+Example:
+.br
+$ firejail \-\-private-tmp
 .TP
 \fB\-\-profile=filename
 Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path.
author	root <root@debian>	2016-01-26 08:38:54 -0500
committer	root <root@debian>	2016-01-26 08:38:54 -0500
commit	3a8649e37789151f235c5f01e846b7228bac402b (patch)
tree	9848db30a0657041821f608575c7957d6d34f1fe /src/man
parent	--tmpfs allowd only as root user (diff)
download	firejail-3a8649e37789151f235c5f01e846b7228bac402b.tar.gz firejail-3a8649e37789151f235c5f01e846b7228bac402b.tar.zst firejail-3a8649e37789151f235c5f01e846b7228bac402b.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 2f17c3088..90c59d753 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -139,13 +139,13 @@ Mount new /root and /home/user directories in temporary
139	filesystems. All modifications are discarded when the sandbox is	139	filesystems. All modifications are discarded when the sandbox is
140	closed.	140	closed.
141	.TP	141	.TP
		142	\fBprivate directory
		143	Use directory as user home.
		144	.TP
142	\fBprivate-bin file,file	145	\fBprivate-bin file,file
143	Build a new /bin in a temporary filesystem, and copy the programs in the list.	146	Build a new /bin in a temporary filesystem, and copy the programs in the list.
144	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.	147	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
145	.TP	148	.TP
146	\fBprivate directory
147	Use directory as user home.
148	.TP
149	\fBprivate-home file,directory	149	\fBprivate-home file,directory
150	Build a new user home in a temporary	150	Build a new user home in a temporary
151	filesystem, and copy the files and directories in the list in the	151	filesystem, and copy the files and directories in the list in the
@@ -160,6 +160,9 @@ Build a new /etc in a temporary
160	filesystem, and copy the files and directories in the list.	160	filesystem, and copy the files and directories in the list.
161	All modifications are discarded when the sandbox is closed.	161	All modifications are discarded when the sandbox is closed.
162	.TP	162	.TP
		163	\fBprivate-tmp
		164	Mount an empty temporary filesystem on top of /tmp directory.
		165	.TP
163	\fBwhitelist file_or_directory	166	\fBwhitelist file_or_directory
164	Build a new user home in a temporary filesystem, and mount-bind file_or_directory.	167	Build a new user home in a temporary filesystem, and mount-bind file_or_directory.
165	The modifications to file_or_directory are persistent, everything else is discarded	168	The modifications to file_or_directory are persistent, everything else is discarded


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 43572bb4b..877ee0ce5 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -1004,6 +1004,17 @@ Example:
1004	$ firejail --private-etc=group,hostname,localtime, \\	1004	$ firejail --private-etc=group,hostname,localtime, \\
1005	.br	1005	.br
1006	nsswitch.conf,passwd,resolv.conf	1006	nsswitch.conf,passwd,resolv.conf
		1007
		1008	.TP
		1009	\fB\-\-private-tmp
		1010	Mount an empty temporary filesystem on top of /tmp directory.
		1011	.br
		1012
		1013	.br
		1014	Example:
		1015	.br
		1016	$ firejail \-\-private-tmp
		1017
1007	.TP	1018	.TP
1008	\fB\-\-profile=filename	1019	\fB\-\-profile=filename
1009	Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path.	1020	Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path.