diff options
author | netblue30 <netblue30@yahoo.com> | 2016-03-11 10:33:56 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-03-11 10:33:56 -0500 |
commit | 3c284e4029eb98472a7e5b53f21ec5394a97285a (patch) | |
tree | e63f84d623c860d262a49432133ca661443a1b71 /src | |
parent | testing (diff) | |
download | firejail-3c284e4029eb98472a7e5b53f21ec5394a97285a.tar.gz firejail-3c284e4029eb98472a7e5b53f21ec5394a97285a.tar.zst firejail-3c284e4029eb98472a7e5b53f21ec5394a97285a.zip |
file transfer feature
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/ls.c | 1 | ||||
-rw-r--r-- | src/firejail/usage.c | 3 | ||||
-rw-r--r-- | src/man/firejail.txt | 61 |
3 files changed, 64 insertions, 1 deletions
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 928da81c1..983927cf1 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -21,6 +21,7 @@ | |||
21 | #include "firejail.h" | 21 | #include "firejail.h" |
22 | #include <sys/types.h> | 22 | #include <sys/types.h> |
23 | #include <sys/stat.h> | 23 | #include <sys/stat.h> |
24 | #include <sys/wait.h> | ||
24 | #include <unistd.h> | 25 | #include <unistd.h> |
25 | #include <dirent.h> | 26 | #include <dirent.h> |
26 | #include <pwd.h> | 27 | #include <pwd.h> |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 58f9d2cf7..7bc6ea47a 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -85,7 +85,7 @@ void usage(void) { | |||
85 | printf(" --env=name=value - set environment variable in the new sandbox.\n\n"); | 85 | printf(" --env=name=value - set environment variable in the new sandbox.\n\n"); |
86 | printf(" --fs.print=name|pid - print the filesystem log for the sandbox identified\n"); | 86 | printf(" --fs.print=name|pid - print the filesystem log for the sandbox identified\n"); |
87 | printf("\tby name or PID.\n\n"); | 87 | printf("\tby name or PID.\n\n"); |
88 | 88 | printf(" --get=name|pid filename - get a file from sandbox container.\n\n"); | |
89 | printf(" --help, -? - this help screen.\n\n"); | 89 | printf(" --help, -? - this help screen.\n\n"); |
90 | printf(" --hostname=name - set sandbox hostname.\n\n"); | 90 | printf(" --hostname=name - set sandbox hostname.\n\n"); |
91 | printf(" --ignore=command - ignore command in profile files.\n\n"); | 91 | printf(" --ignore=command - ignore command in profile files.\n\n"); |
@@ -110,6 +110,7 @@ void usage(void) { | |||
110 | printf("\tidentified by name or PID.\n\n"); | 110 | printf("\tidentified by name or PID.\n\n"); |
111 | #endif | 111 | #endif |
112 | printf(" --list - list all sandboxes.\n\n"); | 112 | printf(" --list - list all sandboxes.\n\n"); |
113 | printf(" --ls=name|pid dir_or_filename - list files in sandbox container.\n\n"); | ||
113 | #ifdef HAVE_NETWORK | 114 | #ifdef HAVE_NETWORK |
114 | printf(" --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n\n"); | 115 | printf(" --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n\n"); |
115 | printf(" --mtu=number - set interface MTU.\n\n"); | 116 | printf(" --mtu=number - set interface MTU.\n\n"); |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 56a768614..a53d2d14e 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -8,6 +8,12 @@ Start a sandbox: | |||
8 | firejail [OPTIONS] [program and arguments] | 8 | firejail [OPTIONS] [program and arguments] |
9 | .RE | 9 | .RE |
10 | .PP | 10 | .PP |
11 | File transfer from an existing sandbox | ||
12 | .PP | ||
13 | .RS | ||
14 | firejail {\-\-ls | \-\-get} dir_or_filename | ||
15 | .RE | ||
16 | .PP | ||
11 | Network traffic shaping for an existing sandbox: | 17 | Network traffic shaping for an existing sandbox: |
12 | .PP | 18 | .PP |
13 | .RS | 19 | .RS |
@@ -392,6 +398,9 @@ $ firejail \-\-list | |||
392 | .br | 398 | .br |
393 | $ firejail \-\-fs.print=3272 | 399 | $ firejail \-\-fs.print=3272 |
394 | 400 | ||
401 | .TP | ||
402 | \fB\-\-get=name|pid filename | ||
403 | Get a file from sandbox container, see \fBFILE TRANSFER\fR section for more details. | ||
395 | 404 | ||
396 | .TP | 405 | .TP |
397 | \fB\-?\fR, \fB\-\-help\fR | 406 | \fB\-?\fR, \fB\-\-help\fR |
@@ -549,7 +558,11 @@ Security filters, cgroups and cpus configurations are not applied to the process | |||
549 | 558 | ||
550 | 559 | ||
551 | 560 | ||
561 | .TP | ||
562 | \fB\-\-ls=name|pid dir_or_filename | ||
563 | List files in sandbox container, see \fBFILE TRANSFER\fR section for more details. | ||
552 | 564 | ||
565 | \fB | ||
553 | 566 | ||
554 | .TP | 567 | .TP |
555 | \fB\-\-list | 568 | \fB\-\-list |
@@ -1521,6 +1534,54 @@ Example: | |||
1521 | .br | 1534 | .br |
1522 | $ firejail \-\-zsh | 1535 | $ firejail \-\-zsh |
1523 | 1536 | ||
1537 | .SH FILE TRANSFER | ||
1538 | These features allow the user to inspect the file system container of an existing sandbox | ||
1539 | and transfer files from the container to the host file system. | ||
1540 | |||
1541 | .TP | ||
1542 | \fB\-\-get=name filename | ||
1543 | Retrieve the container file filename and store it on the host in the current working directory. | ||
1544 | The container is spececified by name (\-\-name option). Full path is needed for filename. | ||
1545 | |||
1546 | .TP | ||
1547 | \fB\-\-get=pid filename | ||
1548 | Retrieve the container file filename and store it on the host in the current working directory. | ||
1549 | The container is spececified by process ID. Full path is needed for filename. | ||
1550 | |||
1551 | .TP | ||
1552 | \fB\-\-ls=name dir_or_filename | ||
1553 | List container files. | ||
1554 | The container is spececified by name (\-\-name option). | ||
1555 | Full path is needed for dir_or_filename. | ||
1556 | |||
1557 | .TP | ||
1558 | \fB\-\-ls=pid dir_or_filename | ||
1559 | List container files. | ||
1560 | The container is spececified by process ID. | ||
1561 | Full path is needed for dir_or_filename. | ||
1562 | |||
1563 | .TP | ||
1564 | Examples: | ||
1565 | .br | ||
1566 | |||
1567 | .br | ||
1568 | $ firejail \-\-ls=mybrowser ~/Downloads | ||
1569 | .br | ||
1570 | drwxr-xr-x netblue netblue 4096 . | ||
1571 | .br | ||
1572 | drwxr-xr-x netblue netblue 4096 .. | ||
1573 | .br | ||
1574 | -rw-r--r-- netblue netblue 7847 x11-x305.png | ||
1575 | .br | ||
1576 | -rw-r--r-- netblue netblue 6800 x11-x642.png | ||
1577 | .br | ||
1578 | -rw-r--r-- netblue netblue 34139 xpra-clipboard.png | ||
1579 | .br | ||
1580 | |||
1581 | .br | ||
1582 | $ firejail \-\-get=mybrowser ~/Downloads/xpra-clipboard.png | ||
1583 | |||
1584 | |||
1524 | .SH TRAFFIC SHAPING | 1585 | .SH TRAFFIC SHAPING |
1525 | Network bandwidth is an expensive resource shared among all sandboxes running on a system. | 1586 | Network bandwidth is an expensive resource shared among all sandboxes running on a system. |
1526 | Traffic shaping allows the user to increase network performance by controlling | 1587 | Traffic shaping allows the user to increase network performance by controlling |