diff options
| author |  netblue30 <netblue30@protonmail.com> | 2023-01-30 08:14:13 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2023-01-30 08:14:13 -0500 |
| commit | 5d5f554ab133bb56d22a58000d58e5a957ee37c5 (patch) | |
| tree | 0d7d01952cfae83af9d5ff6e99198c18a953e87a /src/man | |
| parent | Merge pull request #5626 from kmk3/mutt-reduce-mkdir (diff) | |
| download | firejail-5d5f554ab133bb56d22a58000d58e5a957ee37c5.tar.gz firejail-5d5f554ab133bb56d22a58000d58e5a957ee37c5.tar.zst firejail-5d5f554ab133bb56d22a58000d58e5a957ee37c5.zip | |
private-etc: moved group names to @group syntax; GUI group renamed as @x11 group; added nvidia and X11 directories to @x11 group.
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/firejail.txt | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index e60c139a5..a088d971a 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -2127,27 +2127,27 @@ cdrom cdrw dri dvd dvdrw full log null ptmx pts random shm snd sr0 | |||
| 2127 | .br | 2127 | .br |
| 2128 | $ | 2128 | $ |
| 2129 | .TP | 2129 | .TP |
| 2130 | \fB\-\-private-etc, \-\-private-etc=file,directory | 2130 | \fB\-\-private-etc, \-\-private-etc=file,directory,@group |
| 2131 | The files installed by \-\-private-etc are copies of the original system files from /etc directory. | 2131 | The files installed by \-\-private-etc are copies of the original system files from /etc directory. |
| 2132 | By default, the command brings in a skeleton of files and directories used by most console tools: | 2132 | By default, the command brings in a skeleton of files and directories used by most console tools: |
| 2133 | 2133 | ||
| 2134 | $ firejail --private-etc dig debian.org | 2134 | $ firejail --private-etc dig debian.org |
| 2135 | 2135 | ||
| 2136 | For X11/GTK/QT/Gnome/KDE programs add GUI group as a parameter. Example: | 2136 | For X11/GTK/QT/Gnome/KDE programs add @x11 group as a parameter. Example: |
| 2137 | 2137 | ||
| 2138 | $ firejail --private-etc=GUI,python* gimp | 2138 | $ firejail --private-etc=@x11,gcrypt,python* gimp |
| 2139 | 2139 | ||
| 2140 | /etc/python* directories are not part of the generic GUI group. | 2140 | gcrypt and /etc/python* directories are not part of the generic @x11 group. |
| 2141 | These directories are reuqired by Gimp plugin system. File globbing is supported. | 2141 | File globbing is supported. |
| 2142 | 2142 | ||
| 2143 | For games, add GAMES group: | 2143 | For games, add @games group: |
| 2144 | 2144 | ||
| 2145 | $ firejail --private-etc=GUI,GAMES warzone2100 | 2145 | $ firejail --private-etc=@games,@x11 warzone2100 |
| 2146 | 2146 | ||
| 2147 | Sound and networking files are included automatically, unless \-\-nosound or \-\-net=none are specified. | 2147 | Sound and networking files are included automatically, unless \-\-nosound or \-\-net=none are specified. |
| 2148 | Files for encrypted TLS/SSL protocol are in TLS-CA group. | 2148 | Files for encrypted TLS/SSL protocol are in @tls-ca group. |
| 2149 | 2149 | ||
| 2150 | $ firejail --private-etc=TLS-CA,wgetrc wget https://debian.org | 2150 | $ firejail --private-etc=@tls-ca,wgetrc wget https://debian.org |
| 2151 | 2151 | ||
| 2152 | 2152 | ||
| 2153 | Note: The easiest way to extract the list of /etc files accessed by your program is using strace utility: | 2153 | Note: The easiest way to extract the list of /etc files accessed by your program is using strace utility: |