Update man pages and usage to reflect --profile enhancement.

author: Glenn Washburn <development@efficientek.com> 2018-10-10 01:08:43 -0500
committer: Glenn Washburn <development@efficientek.com> 2018-10-15 23:47:44 -0500
commit: eb42779f95a51aa00ffef62510a00dc5e7716b0d (patch)
tree: a8366360b4205b04a917ce3e4542496a6d734c90 /src
parent: Allow specifying a profile "name" with the profile option (eg. --profile=fire... (diff)
download: firejail-eb42779f95a51aa00ffef62510a00dc5e7716b0d.tar.gz
firejail-eb42779f95a51aa00ffef62510a00dc5e7716b0d.tar.zst
firejail-eb42779f95a51aa00ffef62510a00dc5e7716b0d.zip
3 files changed, 24 insertions, 4 deletions
diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index f54e6f744..b8f8b4f2f 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -164,7 +164,7 @@ static char *usage_str =
        "    --private-tmp - mount a tmpfs on top of /tmp directory.\n"
        "    --private-opt=file,directory - build a new /opt in a temporary filesystem.\n"
        "    --private-srv=file,directory - build a new /srv in a temporary filesystem.\n"
-        "    --profile=filename - use a custom profile.\n"
+        "    --profile=filename|profile_name - use a custom profile.\n"
        "    --profile.print=name|pid - print the name of profile file.\n"
        "    --profile-path=directory - use this directory to look for profile files.\n"
        "    --protocol=protocol,protocol,protocol - enable protocol filter.\n"
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 17562c503..5daca8abd 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -5,12 +5,14 @@ profile \- Security profile file syntax for Firejail
 .SH USAGE
 .TP
 firejail \-\-profile=filename.profile
+.RE
+firejail \-\-profile=profile_name
 .SH DESCRIPTION
 Several command line options can be passed to the program using
 profile files. Firejail chooses the profile file as follows:
-\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded.
+\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in  /etc/firejail directory. Profile names do not include the .profile suffix.
 Example:
 .PP
 .RS
@@ -21,6 +23,15 @@ Reading profile /home/netblue/icecat.profile
 [...]
 .RE
+.PP
+.RS
+$ firejail --profile=icecat icecat-wrapper.sh
+.br
+Reading profile /home/netblue/icecat.profile
+.br
+[...]
+.RE
 \fB2.\fR If a profile file with the same name as the application is present in ~/.config/firejail directory or
 in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:
 .PP
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 7427b1009..5a374ac55 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1531,7 +1531,7 @@ drwxrwxrwt  2 nobody nogroup 4096 Apr 30 10:52 .X11-unix
 .TP
-\fB\-\-profile=filename
+\fB\-\-profile=filename_or_profilename
 Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path.
 For more information, see \fBSECURITY PROFILES\fR section below.
 .br
@@ -2701,7 +2701,7 @@ The owner of the sandbox.
 Several command line options can be passed to the program using
 profile files. Firejail chooses the profile file as follows:
-1. If a profile file is provided by the user with --profile option, the profile file is loaded.
+1. If a profile file is provided by the user with --profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in  /etc/firejail directory. Profile names do not include the .profile suffix.
 Example:
 .PP
 .RS
@@ -2712,6 +2712,15 @@ Reading profile /home/netblue/icecat.profile
 [...]
 .RE
+.PP
+.RS
+$ firejail --profile=icecat icecat-wrapper.sh
+.br
+Reading profile /home/netblue/icecat.profile
+.br
+[...]
+.RE
 2. If a profile file with the same name as the application is present in ~/.config/firejail directory or
 in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:
 .PP
author	Glenn Washburn <development@efficientek.com>	2018-10-10 01:08:43 -0500
committer	Glenn Washburn <development@efficientek.com>	2018-10-15 23:47:44 -0500
commit	eb42779f95a51aa00ffef62510a00dc5e7716b0d (patch)
tree	a8366360b4205b04a917ce3e4542496a6d734c90 /src
parent	Allow specifying a profile "name" with the profile option (eg. --profile=fire... (diff)
download	firejail-eb42779f95a51aa00ffef62510a00dc5e7716b0d.tar.gz firejail-eb42779f95a51aa00ffef62510a00dc5e7716b0d.tar.zst firejail-eb42779f95a51aa00ffef62510a00dc5e7716b0d.zip

diff --git a/src/firejail/usage.c b/src/firejail/usage.c index f54e6f744..b8f8b4f2f 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c
@@ -164,7 +164,7 @@ static char *usage_str =
164	" --private-tmp - mount a tmpfs on top of /tmp directory.\n"	164	" --private-tmp - mount a tmpfs on top of /tmp directory.\n"
165	" --private-opt=file,directory - build a new /opt in a temporary filesystem.\n"	165	" --private-opt=file,directory - build a new /opt in a temporary filesystem.\n"
166	" --private-srv=file,directory - build a new /srv in a temporary filesystem.\n"	166	" --private-srv=file,directory - build a new /srv in a temporary filesystem.\n"
167	" --profile=filename - use a custom profile.\n"	167	" --profile=filename\|profile_name - use a custom profile.\n"
168	" --profile.print=name\|pid - print the name of profile file.\n"	168	" --profile.print=name\|pid - print the name of profile file.\n"
169	" --profile-path=directory - use this directory to look for profile files.\n"	169	" --profile-path=directory - use this directory to look for profile files.\n"
170	" --protocol=protocol,protocol,protocol - enable protocol filter.\n"	170	" --protocol=protocol,protocol,protocol - enable protocol filter.\n"


diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 17562c503..5daca8abd 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -5,12 +5,14 @@ profile \- Security profile file syntax for Firejail
5	.SH USAGE	5	.SH USAGE
6	.TP	6	.TP
7	firejail \-\-profile=filename.profile	7	firejail \-\-profile=filename.profile
		8	.RE
		9	firejail \-\-profile=profile_name
8		10
9	.SH DESCRIPTION	11	.SH DESCRIPTION
10	Several command line options can be passed to the program using	12	Several command line options can be passed to the program using
11	profile files. Firejail chooses the profile file as follows:	13	profile files. Firejail chooses the profile file as follows:
12		14
13	\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded.	15	\fB1.\fR If a profile file is provided by the user with \-\-profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix.
14	Example:	16	Example:
15	.PP	17	.PP
16	.RS	18	.RS
@@ -21,6 +23,15 @@ Reading profile /home/netblue/icecat.profile
21	[...]	23	[...]
22	.RE	24	.RE
23		25
		26	.PP
		27	.RS
		28	$ firejail --profile=icecat icecat-wrapper.sh
		29	.br
		30	Reading profile /home/netblue/icecat.profile
		31	.br
		32	[...]
		33	.RE
		34
24	\fB2.\fR If a profile file with the same name as the application is present in ~/.config/firejail directory or	35	\fB2.\fR If a profile file with the same name as the application is present in ~/.config/firejail directory or
25	in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:	36	in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:
26	.PP	37	.PP


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 7427b1009..5a374ac55 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -1531,7 +1531,7 @@ drwxrwxrwt 2 nobody nogroup 4096 Apr 30 10:52 .X11-unix
1531		1531
1532		1532
1533	.TP	1533	.TP
1534	\fB\-\-profile=filename	1534	\fB\-\-profile=filename_or_profilename
1535	Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path.	1535	Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path.
1536	For more information, see \fBSECURITY PROFILES\fR section below.	1536	For more information, see \fBSECURITY PROFILES\fR section below.
1537	.br	1537	.br
@@ -2701,7 +2701,7 @@ The owner of the sandbox.
2701	Several command line options can be passed to the program using	2701	Several command line options can be passed to the program using
2702	profile files. Firejail chooses the profile file as follows:	2702	profile files. Firejail chooses the profile file as follows:
2703		2703
2704	1. If a profile file is provided by the user with --profile option, the profile file is loaded.	2704	1. If a profile file is provided by the user with --profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix.
2705	Example:	2705	Example:
2706	.PP	2706	.PP
2707	.RS	2707	.RS
@@ -2712,6 +2712,15 @@ Reading profile /home/netblue/icecat.profile
2712	[...]	2712	[...]
2713	.RE	2713	.RE
2714		2714
		2715	.PP
		2716	.RS
		2717	$ firejail --profile=icecat icecat-wrapper.sh
		2718	.br
		2719	Reading profile /home/netblue/icecat.profile
		2720	.br
		2721	[...]
		2722	.RE
		2723
2715	2. If a profile file with the same name as the application is present in ~/.config/firejail directory or	2724	2. If a profile file with the same name as the application is present in ~/.config/firejail directory or
2716	in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:	2725	in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:
2717	.PP	2726	.PP