update man pages (private-dev, noexec)

author: smitsohu <smitsohu@gmail.com> 2019-05-04 22:41:41 +0200
committer: smitsohu <smitsohu@gmail.com> 2019-05-04 22:41:41 +0200
commit: 3d84845f859cd3d200eb92a1308dfda7e1374fec (patch)
tree: 63d472fccfa02ff48e104d95c7b2f99b57998415 /src
parent: Update gajim.profile (diff)
download: firejail-3d84845f859cd3d200eb92a1308dfda7e1374fec.tar.gz
firejail-3d84845f859cd3d200eb92a1308dfda7e1374fec.tar.zst
firejail-3d84845f859cd3d200eb92a1308dfda7e1374fec.zip
2 files changed, 6 insertions, 5 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 20b547355..703fac30f 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -259,8 +259,9 @@ Build a new /bin in a temporary filesystem, and copy the programs in the list.
 The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
 .TP
 \fBprivate-dev
-Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx,
+Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx,
-random, snd, urandom, video, log and shm devices are available.
+random, snd, urandom, video, log, shm and usb devices are available.
+Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional restrictions.
 .TP
 \fBkeep-dev-shm
 /dev/shm directory is untouched (even with private-dev).
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index eed98710b..1b56dedcd 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1137,8 +1137,7 @@ $ firejail \-\-noexec=/tmp
 .br
 .br
-/etc and /var are noexec by default if the sandbox was started as a regular user. If there are more than one mount operation
+/etc and /var are noexec by default if the sandbox was started as a regular user.
-on the path of the file or directory, noexec should be applied to the last one. Always check if the change took effect inside the sandbox.
 .TP
 \fB\-\-nogroups
@@ -1424,7 +1423,8 @@ $ firejail \-\-private-cache openbox
 .TP
 \fB\-\-private-dev
-Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log and shm devices are available.
+Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log, shm and usb devices are available.
+Use the options --no3d, --nodvd, --nosound, --notv, --nou2f and --novideo for additional restrictions.
 .br
 .br
author	smitsohu <smitsohu@gmail.com>	2019-05-04 22:41:41 +0200
committer	smitsohu <smitsohu@gmail.com>	2019-05-04 22:41:41 +0200
commit	3d84845f859cd3d200eb92a1308dfda7e1374fec (patch)
tree	63d472fccfa02ff48e104d95c7b2f99b57998415 /src
parent	Update gajim.profile (diff)
download	firejail-3d84845f859cd3d200eb92a1308dfda7e1374fec.tar.gz firejail-3d84845f859cd3d200eb92a1308dfda7e1374fec.tar.zst firejail-3d84845f859cd3d200eb92a1308dfda7e1374fec.zip

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 20b547355..703fac30f 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -259,8 +259,9 @@ Build a new /bin in a temporary filesystem, and copy the programs in the list.
259	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.	259	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
260	.TP	260	.TP
261	\fBprivate-dev	261	\fBprivate-dev
262	Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx,	262	Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx,
263	random, snd, urandom, video, log and shm devices are available.	263	random, snd, urandom, video, log, shm and usb devices are available.
		264	Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional restrictions.
264	.TP	265	.TP
265	\fBkeep-dev-shm	266	\fBkeep-dev-shm
266	/dev/shm directory is untouched (even with private-dev).	267	/dev/shm directory is untouched (even with private-dev).


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index eed98710b..1b56dedcd 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -1137,8 +1137,7 @@ $ firejail \-\-noexec=/tmp
1137	.br	1137	.br
1138		1138
1139	.br	1139	.br
1140	/etc and /var are noexec by default if the sandbox was started as a regular user. If there are more than one mount operation	1140	/etc and /var are noexec by default if the sandbox was started as a regular user.
1141	on the path of the file or directory, noexec should be applied to the last one. Always check if the change took effect inside the sandbox.
1142		1141
1143	.TP	1142	.TP
1144	\fB\-\-nogroups	1143	\fB\-\-nogroups
@@ -1424,7 +1423,8 @@ $ firejail \-\-private-cache openbox
1424		1423
1425	.TP	1424	.TP
1426	\fB\-\-private-dev	1425	\fB\-\-private-dev
1427	Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log and shm devices are available.	1426	Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log, shm and usb devices are available.
		1427	Use the options --no3d, --nodvd, --nosound, --notv, --nou2f and --novideo for additional restrictions.
1428	.br	1428	.br
1429		1429
1430	.br	1430	.br