diff options
author | smitsohu <smitsohu@gmail.com> | 2019-05-24 21:28:10 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-05-24 21:28:10 +0200 |
commit | 9314fff8cb801e3f2f7a2996764c12ca4e350bea (patch) | |
tree | 58416f0e3a01b43f8265ff785c255eaa97e73e65 /src/man | |
parent | add header guard to firecfg.h (diff) | |
parent | Add private-cwd option to control working directory within jail (diff) | |
download | firejail-9314fff8cb801e3f2f7a2996764c12ca4e350bea.tar.gz firejail-9314fff8cb801e3f2f7a2996764c12ca4e350bea.tar.zst firejail-9314fff8cb801e3f2f7a2996764c12ca4e350bea.zip |
Merge pull request #2712 from apmorton/features/private-cwd
Add private-cwd option to control working directory within jail
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/firejail-profile.txt | 6 | ||||
-rw-r--r-- | src/man/firejail.txt | 42 |
2 files changed, 48 insertions, 0 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index cbc745af7..d3a563abd 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -288,6 +288,12 @@ All modifications are discarded when the sandbox is closed. | |||
288 | \fBprivate-tmp | 288 | \fBprivate-tmp |
289 | Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix. | 289 | Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix. |
290 | .TP | 290 | .TP |
291 | \fBprivate-cwd | ||
292 | Set working directory inside jail to the home directory, and failing that, the root directory. | ||
293 | .TP | ||
294 | \fBprivate-cwd directory | ||
295 | Set working directory inside the jail. | ||
296 | .TP | ||
291 | \fBread-only file_or_directory | 297 | \fBread-only file_or_directory |
292 | Make directory or file read-only. | 298 | Make directory or file read-only. |
293 | .TP | 299 | .TP |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index fcc7f66d7..c4e8b9175 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1572,6 +1572,48 @@ drwx------ 2 nobody nogroup 4096 Apr 30 10:52 pulse-PKdhtXMmr18n | |||
1572 | drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix | 1572 | drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix |
1573 | .br | 1573 | .br |
1574 | 1574 | ||
1575 | .TP | ||
1576 | \fB\-\-private-cwd | ||
1577 | Set working directory inside jail to the home directory, and failing that, the root directory. | ||
1578 | .br | ||
1579 | Does not impact working directory of profile include paths. | ||
1580 | .br | ||
1581 | |||
1582 | .br | ||
1583 | Example: | ||
1584 | .br | ||
1585 | $ pwd | ||
1586 | .br | ||
1587 | /tmp | ||
1588 | .br | ||
1589 | $ firejail \-\-private-cwd | ||
1590 | .br | ||
1591 | $ pwd | ||
1592 | .br | ||
1593 | /home/user | ||
1594 | .br | ||
1595 | |||
1596 | .TP | ||
1597 | \fB\-\-private-cwd=directory | ||
1598 | Set working directory inside the jail. | ||
1599 | .br | ||
1600 | Does not impact working directory of profile include paths. | ||
1601 | .br | ||
1602 | |||
1603 | .br | ||
1604 | Example: | ||
1605 | .br | ||
1606 | $ pwd | ||
1607 | .br | ||
1608 | /tmp | ||
1609 | .br | ||
1610 | $ firejail \-\-private-cwd=/opt | ||
1611 | .br | ||
1612 | $ pwd | ||
1613 | .br | ||
1614 | /opt | ||
1615 | .br | ||
1616 | |||
1575 | 1617 | ||
1576 | .TP | 1618 | .TP |
1577 | \fB\-\-profile=filename_or_profilename | 1619 | \fB\-\-profile=filename_or_profilename |