trim excess whitespace

author: a1346054 <36859588+a1346054@users.noreply.github.com> 2021-08-31 12:21:43 +0000
committer: a1346054 <36859588+a1346054@users.noreply.github.com> 2021-09-25 19:09:14 +0000
commit: 6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2 (patch)
tree: c533c541f1a6b48967e193060041705a616bba73 /src/man
parent: private-lib fixup (diff)
download: firejail-6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2.tar.gz
firejail-6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2.tar.zst
firejail-6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2.zip
3 files changed, 21 insertions, 21 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index a768829a1..a76fd3765 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -78,7 +78,7 @@ in your desktop environment copy the profile file in ~/.config/firejail director
 Several command line options can be passed to the program using
 profile files. Firejail chooses the profile file as follows:
-\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in  /etc/firejail directory. Profile names do not include the .profile suffix.
+\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix.
 Example:
 .PP
 .RS
@@ -324,16 +324,16 @@ Remount the file or the directory noexec, nodev and nosuid.
 #ifdef HAVE_OVERLAYFS
 .TP
 \fBoverlay
-Mount  a  filesystem  overlay  on top of the current filesystem.
+Mount a filesystem overlay on top of the current filesystem.
-The overlay is stored in $HOME/.firejail/<PID>  directory.
+The overlay is stored in $HOME/.firejail/<PID> directory.
 .TP
 \fBoverlay-named name
-Mount  a  filesystem  overlay  on top of the current filesystem.
+Mount a filesystem overlay on top of the current filesystem.
-The overlay is stored in $HOME/.firejail/name  directory.
+The overlay is stored in $HOME/.firejail/name directory.
 .TP
 \fBoverlay-tmpfs
-Mount  a  filesystem  overlay  on top of the current filesystem.
+Mount a filesystem overlay on top of the current filesystem.
-All filesystem  modifications are discarded when the sandbox is closed.
+All filesystem modifications are discarded when the sandbox is closed.
 #endif
 .TP
 \fBprivate
@@ -487,12 +487,12 @@ does not result in an increase of privilege.
 #ifdef HAVE_USERNS
 .TP
 \fBnoroot
-Use this command  to enable an user namespace. The namespace has only one user, the current user.
+Use this command to enable an user namespace. The namespace has only one user, the current user.
 There is no root account (uid 0) defined in the namespace.
 #endif
 .TP
 \fBprotocol protocol1,protocol2,protocol3
-Enable protocol filter. The filter is based on seccomp and  checks the
+Enable protocol filter. The filter is based on seccomp and checks the
 first argument to socket system call. Recognized values: \fBunix\fR,
 \fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR and \fBbluetooth\fR.
 .TP
@@ -873,8 +873,8 @@ a DHCP client and releasing the lease manually.
 .TP
 \fBiprange address,address
-Assign  an  IP address in the provided range to the last network
+Assign an IP address in the provided range to the last network
-interface defined by  a  net command.  A  default  gateway  is assigned by default.
+interface defined by a net command.  A default gateway is assigned by default.
 .br
 .br
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 0462705c0..2883ab257 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -45,7 +45,7 @@ firejail {\-? | \-\-debug-caps | \-\-debug-errnos | \-\-debug-syscalls | \-\-deb
 #ifdef HAVE_LTS
 This is Firejail long-term support (LTS), an enterprise focused version of the software,
 LTS is usually supported for two or three years.
-During this time  only bugs and the occasional documentation problems are fixed.
+During this time only bugs and the occasional documentation problems are fixed.
 The attack surface of the SUID executable was greatly reduced by removing some of the features.
 .br
@@ -109,7 +109,7 @@ ptrace system call allows a full bypass of the seccomp filter.
 .br
 Example:
 .br
-$ firejail  --allow-debuggers --profile=/etc/firejail/firefox.profile strace -f firefox
+$ firejail --allow-debuggers --profile=/etc/firejail/firefox.profile strace -f firefox
 .TP
 \fB\-\-allusers
 All directories under /home are visible inside the sandbox. By default, only current user home directory is visible.
@@ -947,7 +947,7 @@ $ firejail \-\-net=eth0 \-\-\iprange=192.168.1.100,192.168.1.150
 .TP
 \fB\-\-ipc-namespace
-Enable  a new IPC namespace if the sandbox was started as a regular user. IPC namespace is enabled by default
+Enable a new IPC namespace if the sandbox was started as a regular user. IPC namespace is enabled by default
 for sandboxes started as root.
 .br
@@ -1014,7 +1014,7 @@ $ sudo firejail --join-network=browser /sbin/iptables -vL
 .br
 .br
-# verify  IP addresses
+# verify IP addresses
 .br
 $ sudo firejail --join-network=browser ip addr
 .br
@@ -2134,7 +2134,7 @@ Use k(ilobyte), m(egabyte) or g(igabyte) for size suffix (base 1024).
 .TP
 \fB\-\-rlimit-cpu=number
 Set the maximum limit, in seconds, for the amount of CPU time each
-sandboxed process  can consume. When the limit is reached, the processes are killed.
+sandboxed process can consume. When the limit is reached, the processes are killed.
 The CPU limit is a limit on CPU seconds rather than elapsed time. CPU seconds is basically how many seconds
 the CPU has been in use and does not necessarily directly relate to the elapsed time. Linux kernel keeps
@@ -2178,7 +2178,7 @@ $ firejail \-\-net=eth0 \-\-scan
 .TP
 \fB\-\-seccomp
 Enable seccomp filter and blacklist the syscalls in the default list,
-which is  @default-nodebuggers unless \-\-allow-debuggers is specified,
+which is @default-nodebuggers unless \-\-allow-debuggers is specified,
 then it is @default.
 .br
@@ -2865,7 +2865,7 @@ and it is installed by default on most Linux distributions. It provides support
 connection model. Untrusted clients are restricted in certain ways to prevent them from reading window
 contents of other clients, stealing input events, etc.
-The untrusted mode has several limitations. A lot of regular programs  assume they are a trusted X11 clients
+The untrusted mode has several limitations. A lot of regular programs assume they are a trusted X11 clients
 and will crash or lock up when run in untrusted mode. Chromium browser and xterm are two examples.
 Firefox and transmission-gtk seem to be working fine.
 A network namespace is not required for this option.
@@ -3256,7 +3256,7 @@ The owner of the sandbox.
 .SH RESTRICTED SHELL
 To configure a restricted shell, replace /bin/bash with /usr/bin/firejail in
 /etc/passwd file for each user that needs to be restricted. Alternatively,
-you can specify /usr/bin/firejail  in adduser command:
+you can specify /usr/bin/firejail in adduser command:
 adduser \-\-shell /usr/bin/firejail username
@@ -3266,7 +3266,7 @@ Additional arguments passed to firejail executable upon login are declared in /e
 Several command line options can be passed to the program using
 profile files. Firejail chooses the profile file as follows:
-1. If a profile file is provided by the user with --profile=FILE option, the profile FILE is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in  /etc/firejail directory. Profile names do not include the .profile suffix. If there is a file with the same name as the given profile name, it will be used instead of doing the profile search. To force a profile search, prefix the profile name with a colon (:), eg. --profile=:PROFILE_NAME.
+1. If a profile file is provided by the user with --profile=FILE option, the profile FILE is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix. If there is a file with the same name as the given profile name, it will be used instead of doing the profile search. To force a profile search, prefix the profile name with a colon (:), eg. --profile=:PROFILE_NAME.
 Example:
 .PP
 .RS
diff --git a/src/man/firemon.txt b/src/man/firemon.txt
index 76b2f7be2..c4e6e15b3 100644
--- a/src/man/firemon.txt
+++ b/src/man/firemon.txt
@@ -56,7 +56,7 @@ Print route table for each sandbox.
 Print seccomp configuration for each sandbox.
 .TP
 \fB\-\-top
-Monitor the most CPU-intensive sandboxes. This command  is similar to
+Monitor the most CPU-intensive sandboxes. This command is similar to
 the regular UNIX top command, however it applies only to sandboxes.
 .TP
 \fB\-\-tree
author	a1346054 <36859588+a1346054@users.noreply.github.com>	2021-08-31 12:21:43 +0000
committer	a1346054 <36859588+a1346054@users.noreply.github.com>	2021-09-25 19:09:14 +0000
commit	6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2 (patch)
tree	c533c541f1a6b48967e193060041705a616bba73 /src/man
parent	private-lib fixup (diff)
download	firejail-6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2.tar.gz firejail-6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2.tar.zst firejail-6eafbfdfcc261b8d89ed22358ed9f351d4bf5bf2.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index a768829a1..a76fd3765 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -78,7 +78,7 @@ in your desktop environment copy the profile file in ~/.config/firejail director
78	Several command line options can be passed to the program using	78	Several command line options can be passed to the program using
79	profile files. Firejail chooses the profile file as follows:	79	profile files. Firejail chooses the profile file as follows:
80		80
81	\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix.	81	\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix.
82	Example:	82	Example:
83	.PP	83	.PP
84	.RS	84	.RS
@@ -324,16 +324,16 @@ Remount the file or the directory noexec, nodev and nosuid.
324	#ifdef HAVE_OVERLAYFS	324	#ifdef HAVE_OVERLAYFS
325	.TP	325	.TP
326	\fBoverlay	326	\fBoverlay
327	Mount a filesystem overlay on top of the current filesystem.	327	Mount a filesystem overlay on top of the current filesystem.
328	The overlay is stored in $HOME/.firejail/<PID> directory.	328	The overlay is stored in $HOME/.firejail/<PID> directory.
329	.TP	329	.TP
330	\fBoverlay-named name	330	\fBoverlay-named name
331	Mount a filesystem overlay on top of the current filesystem.	331	Mount a filesystem overlay on top of the current filesystem.
332	The overlay is stored in $HOME/.firejail/name directory.	332	The overlay is stored in $HOME/.firejail/name directory.
333	.TP	333	.TP
334	\fBoverlay-tmpfs	334	\fBoverlay-tmpfs
335	Mount a filesystem overlay on top of the current filesystem.	335	Mount a filesystem overlay on top of the current filesystem.
336	All filesystem modifications are discarded when the sandbox is closed.	336	All filesystem modifications are discarded when the sandbox is closed.
337	#endif	337	#endif
338	.TP	338	.TP
339	\fBprivate	339	\fBprivate
@@ -487,12 +487,12 @@ does not result in an increase of privilege.
487	#ifdef HAVE_USERNS	487	#ifdef HAVE_USERNS
488	.TP	488	.TP
489	\fBnoroot	489	\fBnoroot
490	Use this command to enable an user namespace. The namespace has only one user, the current user.	490	Use this command to enable an user namespace. The namespace has only one user, the current user.
491	There is no root account (uid 0) defined in the namespace.	491	There is no root account (uid 0) defined in the namespace.
492	#endif	492	#endif
493	.TP	493	.TP
494	\fBprotocol protocol1,protocol2,protocol3	494	\fBprotocol protocol1,protocol2,protocol3
495	Enable protocol filter. The filter is based on seccomp and checks the	495	Enable protocol filter. The filter is based on seccomp and checks the
496	first argument to socket system call. Recognized values: \fBunix\fR,	496	first argument to socket system call. Recognized values: \fBunix\fR,
497	\fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR and \fBbluetooth\fR.	497	\fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR and \fBbluetooth\fR.
498	.TP	498	.TP
@@ -873,8 +873,8 @@ a DHCP client and releasing the lease manually.
873		873
874	.TP	874	.TP
875	\fBiprange address,address	875	\fBiprange address,address
876	Assign an IP address in the provided range to the last network	876	Assign an IP address in the provided range to the last network
877	interface defined by a net command. A default gateway is assigned by default.	877	interface defined by a net command. A default gateway is assigned by default.
878	.br	878	.br
879		879
880	.br	880	.br


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 0462705c0..2883ab257 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -45,7 +45,7 @@ firejail {\-? \| \-\-debug-caps \| \-\-debug-errnos \| \-\-debug-syscalls \| \-\-deb
45	#ifdef HAVE_LTS	45	#ifdef HAVE_LTS
46	This is Firejail long-term support (LTS), an enterprise focused version of the software,	46	This is Firejail long-term support (LTS), an enterprise focused version of the software,
47	LTS is usually supported for two or three years.	47	LTS is usually supported for two or three years.
48	During this time only bugs and the occasional documentation problems are fixed.	48	During this time only bugs and the occasional documentation problems are fixed.
49	The attack surface of the SUID executable was greatly reduced by removing some of the features.	49	The attack surface of the SUID executable was greatly reduced by removing some of the features.
50	.br	50	.br
51		51
@@ -109,7 +109,7 @@ ptrace system call allows a full bypass of the seccomp filter.
109	.br	109	.br
110	Example:	110	Example:
111	.br	111	.br
112	$ firejail --allow-debuggers --profile=/etc/firejail/firefox.profile strace -f firefox	112	$ firejail --allow-debuggers --profile=/etc/firejail/firefox.profile strace -f firefox
113	.TP	113	.TP
114	\fB\-\-allusers	114	\fB\-\-allusers
115	All directories under /home are visible inside the sandbox. By default, only current user home directory is visible.	115	All directories under /home are visible inside the sandbox. By default, only current user home directory is visible.
@@ -947,7 +947,7 @@ $ firejail \-\-net=eth0 \-\-\iprange=192.168.1.100,192.168.1.150
947		947
948	.TP	948	.TP
949	\fB\-\-ipc-namespace	949	\fB\-\-ipc-namespace
950	Enable a new IPC namespace if the sandbox was started as a regular user. IPC namespace is enabled by default	950	Enable a new IPC namespace if the sandbox was started as a regular user. IPC namespace is enabled by default
951	for sandboxes started as root.	951	for sandboxes started as root.
952	.br	952	.br
953		953
@@ -1014,7 +1014,7 @@ $ sudo firejail --join-network=browser /sbin/iptables -vL
1014	.br	1014	.br
1015		1015
1016	.br	1016	.br
1017	# verify IP addresses	1017	# verify IP addresses
1018	.br	1018	.br
1019	$ sudo firejail --join-network=browser ip addr	1019	$ sudo firejail --join-network=browser ip addr
1020	.br	1020	.br
@@ -2134,7 +2134,7 @@ Use k(ilobyte), m(egabyte) or g(igabyte) for size suffix (base 1024).
2134	.TP	2134	.TP
2135	\fB\-\-rlimit-cpu=number	2135	\fB\-\-rlimit-cpu=number
2136	Set the maximum limit, in seconds, for the amount of CPU time each	2136	Set the maximum limit, in seconds, for the amount of CPU time each
2137	sandboxed process can consume. When the limit is reached, the processes are killed.	2137	sandboxed process can consume. When the limit is reached, the processes are killed.
2138		2138
2139	The CPU limit is a limit on CPU seconds rather than elapsed time. CPU seconds is basically how many seconds	2139	The CPU limit is a limit on CPU seconds rather than elapsed time. CPU seconds is basically how many seconds
2140	the CPU has been in use and does not necessarily directly relate to the elapsed time. Linux kernel keeps	2140	the CPU has been in use and does not necessarily directly relate to the elapsed time. Linux kernel keeps
@@ -2178,7 +2178,7 @@ $ firejail \-\-net=eth0 \-\-scan
2178	.TP	2178	.TP
2179	\fB\-\-seccomp	2179	\fB\-\-seccomp
2180	Enable seccomp filter and blacklist the syscalls in the default list,	2180	Enable seccomp filter and blacklist the syscalls in the default list,
2181	which is @default-nodebuggers unless \-\-allow-debuggers is specified,	2181	which is @default-nodebuggers unless \-\-allow-debuggers is specified,
2182	then it is @default.	2182	then it is @default.
2183		2183
2184	.br	2184	.br
@@ -2865,7 +2865,7 @@ and it is installed by default on most Linux distributions. It provides support
2865	connection model. Untrusted clients are restricted in certain ways to prevent them from reading window	2865	connection model. Untrusted clients are restricted in certain ways to prevent them from reading window
2866	contents of other clients, stealing input events, etc.	2866	contents of other clients, stealing input events, etc.
2867		2867
2868	The untrusted mode has several limitations. A lot of regular programs assume they are a trusted X11 clients	2868	The untrusted mode has several limitations. A lot of regular programs assume they are a trusted X11 clients
2869	and will crash or lock up when run in untrusted mode. Chromium browser and xterm are two examples.	2869	and will crash or lock up when run in untrusted mode. Chromium browser and xterm are two examples.
2870	Firefox and transmission-gtk seem to be working fine.	2870	Firefox and transmission-gtk seem to be working fine.
2871	A network namespace is not required for this option.	2871	A network namespace is not required for this option.
@@ -3256,7 +3256,7 @@ The owner of the sandbox.
3256	.SH RESTRICTED SHELL	3256	.SH RESTRICTED SHELL
3257	To configure a restricted shell, replace /bin/bash with /usr/bin/firejail in	3257	To configure a restricted shell, replace /bin/bash with /usr/bin/firejail in
3258	/etc/passwd file for each user that needs to be restricted. Alternatively,	3258	/etc/passwd file for each user that needs to be restricted. Alternatively,
3259	you can specify /usr/bin/firejail in adduser command:	3259	you can specify /usr/bin/firejail in adduser command:
3260		3260
3261	adduser \-\-shell /usr/bin/firejail username	3261	adduser \-\-shell /usr/bin/firejail username
3262		3262
@@ -3266,7 +3266,7 @@ Additional arguments passed to firejail executable upon login are declared in /e
3266	Several command line options can be passed to the program using	3266	Several command line options can be passed to the program using
3267	profile files. Firejail chooses the profile file as follows:	3267	profile files. Firejail chooses the profile file as follows:
3268		3268
3269	1. If a profile file is provided by the user with --profile=FILE option, the profile FILE is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix. If there is a file with the same name as the given profile name, it will be used instead of doing the profile search. To force a profile search, prefix the profile name with a colon (:), eg. --profile=:PROFILE_NAME.	3269	1. If a profile file is provided by the user with --profile=FILE option, the profile FILE is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix. If there is a file with the same name as the given profile name, it will be used instead of doing the profile search. To force a profile search, prefix the profile name with a colon (:), eg. --profile=:PROFILE_NAME.
3270	Example:	3270	Example:
3271	.PP	3271	.PP
3272	.RS	3272	.RS


diff --git a/src/man/firemon.txt b/src/man/firemon.txt index 76b2f7be2..c4e6e15b3 100644 --- a/src/man/firemon.txt +++ b/src/man/firemon.txt
@@ -56,7 +56,7 @@ Print route table for each sandbox.
56	Print seccomp configuration for each sandbox.	56	Print seccomp configuration for each sandbox.
57	.TP	57	.TP
58	\fB\-\-top	58	\fB\-\-top
59	Monitor the most CPU-intensive sandboxes. This command is similar to	59	Monitor the most CPU-intensive sandboxes. This command is similar to
60	the regular UNIX top command, however it applies only to sandboxes.	60	the regular UNIX top command, however it applies only to sandboxes.
61	.TP	61	.TP
62	\fB\-\-tree	62	\fB\-\-tree