diff options
| author |  smitsohu <smitsohu@gmail.com> | 2019-05-24 21:28:10 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2019-05-24 21:28:10 +0200 |
| commit | 9314fff8cb801e3f2f7a2996764c12ca4e350bea (patch) | |
| tree | 58416f0e3a01b43f8265ff785c255eaa97e73e65 /src/man | |
| parent | add header guard to firecfg.h (diff) | |
| parent | Add private-cwd option to control working directory within jail (diff) | |
| download | firejail-9314fff8cb801e3f2f7a2996764c12ca4e350bea.tar.gz firejail-9314fff8cb801e3f2f7a2996764c12ca4e350bea.tar.zst firejail-9314fff8cb801e3f2f7a2996764c12ca4e350bea.zip | |
Merge pull request #2712 from apmorton/features/private-cwd
Add private-cwd option to control working directory within jail
Diffstat (limited to 'src/man')
| -rw-r--r-- | src/man/firejail-profile.txt | 6 | ||||
| -rw-r--r-- | src/man/firejail.txt | 42 |
2 files changed, 48 insertions, 0 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index cbc745af7..d3a563abd 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
| @@ -288,6 +288,12 @@ All modifications are discarded when the sandbox is closed. | |||
| 288 | \fBprivate-tmp | 288 | \fBprivate-tmp |
| 289 | Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix. | 289 | Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix. |
| 290 | .TP | 290 | .TP |
| 291 | \fBprivate-cwd | ||
| 292 | Set working directory inside jail to the home directory, and failing that, the root directory. | ||
| 293 | .TP | ||
| 294 | \fBprivate-cwd directory | ||
| 295 | Set working directory inside the jail. | ||
| 296 | .TP | ||
| 291 | \fBread-only file_or_directory | 297 | \fBread-only file_or_directory |
| 292 | Make directory or file read-only. | 298 | Make directory or file read-only. |
| 293 | .TP | 299 | .TP |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index fcc7f66d7..c4e8b9175 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -1572,6 +1572,48 @@ drwx------ 2 nobody nogroup 4096 Apr 30 10:52 pulse-PKdhtXMmr18n | |||
| 1572 | drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix | 1572 | drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix |
| 1573 | .br | 1573 | .br |
| 1574 | 1574 | ||
| 1575 | .TP | ||
| 1576 | \fB\-\-private-cwd | ||
| 1577 | Set working directory inside jail to the home directory, and failing that, the root directory. | ||
| 1578 | .br | ||
| 1579 | Does not impact working directory of profile include paths. | ||
| 1580 | .br | ||
| 1581 | |||
| 1582 | .br | ||
| 1583 | Example: | ||
| 1584 | .br | ||
| 1585 | $ pwd | ||
| 1586 | .br | ||
| 1587 | /tmp | ||
| 1588 | .br | ||
| 1589 | $ firejail \-\-private-cwd | ||
| 1590 | .br | ||
| 1591 | $ pwd | ||
| 1592 | .br | ||
| 1593 | /home/user | ||
| 1594 | .br | ||
| 1595 | |||
| 1596 | .TP | ||
| 1597 | \fB\-\-private-cwd=directory | ||
| 1598 | Set working directory inside the jail. | ||
| 1599 | .br | ||
| 1600 | Does not impact working directory of profile include paths. | ||
| 1601 | .br | ||
| 1602 | |||
| 1603 | .br | ||
| 1604 | Example: | ||
| 1605 | .br | ||
| 1606 | $ pwd | ||
| 1607 | .br | ||
| 1608 | /tmp | ||
| 1609 | .br | ||
| 1610 | $ firejail \-\-private-cwd=/opt | ||
| 1611 | .br | ||
| 1612 | $ pwd | ||
| 1613 | .br | ||
| 1614 | /opt | ||
| 1615 | .br | ||
| 1616 | |||
| 1575 | 1617 | ||
| 1576 | .TP | 1618 | .TP |
| 1577 | \fB\-\-profile=filename_or_profilename | 1619 | \fB\-\-profile=filename_or_profilename |