Merge pull request #4827 from kmk3/noprinters-add-missing

noprinters: add missing items & add to profile.template
author: netblue30 <netblue30@protonmail.com> 2022-01-08 22:28:47 +0000
committer: GitHub <noreply@github.com> 2022-01-08 22:28:47 +0000
commit: cdd5c06b0e22cff844048c24580a4640d0a9e524 (patch)
tree: 3c6ea08c1efafcac843ecd963cc582719bae4a38 /src
parent: Merge pull request #4831 from vinc17fr/blacklist-rxvt (diff)
parent: profile.template: add noprinters (diff)
download: firejail-cdd5c06b0e22cff844048c24580a4640d0a9e524.tar.gz
firejail-cdd5c06b0e22cff844048c24580a4640d0a9e524.tar.zst
firejail-cdd5c06b0e22cff844048c24580a4640d0a9e524.zip
4 files changed, 9 insertions, 0 deletions
diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index 183259f16..24c8e3194 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -161,6 +161,7 @@ static char *usage_str =
        "    --nogroups - disable supplementary groups.\n"
        "    --noinput - disable input devices.\n"
        "    --nonewprivs - sets the NO_NEW_PRIVS prctl.\n"
+        "    --noprinters - disable printers.\n"
        "    --noprofile - do not use a security profile.\n"
 #ifdef HAVE_USERNS
        "    --noroot - install a user namespace with only the current user.\n"
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index e35f2837b..71dab18ba 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -489,6 +489,9 @@ Sets the NO_NEW_PRIVS prctl.  This ensures that child processes
 cannot acquire new privileges using execve(2);  in particular,
 this means that calling a suid binary (or one with file capabilities)
 does not result in an increase of privilege.
+.TP
+\fBnoprinters
+Disable printers.
 #ifdef HAVE_USERNS
 .TP
 \fBnoroot
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 5a005ea5c..80487a49d 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1635,6 +1635,10 @@ does not result in an increase of privilege. This option
 is enabled by default if seccomp filter is activated.
 .TP
+\fB\-\-noprinters
+Disable printers.
+.TP
 \fB\-\-noprofile
 Do not use a security profile.
 .br
diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in
index 8c1d758cc..334812dd6 100644
--- a/src/zsh_completion/_firejail.in
+++ b/src/zsh_completion/_firejail.in
@@ -123,6 +123,7 @@ _firejail_args=(
    '--nogroups[disable supplementary groups]'
    '--noinput[disable input devices]'
    '--nonewprivs[sets the NO_NEW_PRIVS prctl]'
+    '--noprinters[disable printers]'
    '--nosound[disable sound system]'
    '--nou2f[disable U2F devices]'
    '--novideo[disable video devices]'
author	netblue30 <netblue30@protonmail.com>	2022-01-08 22:28:47 +0000
committer	GitHub <noreply@github.com>	2022-01-08 22:28:47 +0000
commit	cdd5c06b0e22cff844048c24580a4640d0a9e524 (patch)
tree	3c6ea08c1efafcac843ecd963cc582719bae4a38 /src
parent	Merge pull request #4831 from vinc17fr/blacklist-rxvt (diff)
parent	profile.template: add noprinters (diff)
download	firejail-cdd5c06b0e22cff844048c24580a4640d0a9e524.tar.gz firejail-cdd5c06b0e22cff844048c24580a4640d0a9e524.tar.zst firejail-cdd5c06b0e22cff844048c24580a4640d0a9e524.zip