diff options
author | netblue30 <netblue30@yahoo.com> | 2016-03-18 08:07:15 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-03-18 08:07:15 -0400 |
commit | e62ce59f5556555b52741ec677bb273a35939336 (patch) | |
tree | 7c8256956766a6e54642b732290424544b74528f /todo | |
parent | various fixes (diff) | |
download | firejail-e62ce59f5556555b52741ec677bb273a35939336.tar.gz firejail-e62ce59f5556555b52741ec677bb273a35939336.tar.zst firejail-e62ce59f5556555b52741ec677bb273a35939336.zip |
join fixes
Diffstat (limited to 'todo')
-rw-r--r-- | todo | 20 |
1 files changed, 20 insertions, 0 deletions
@@ -35,3 +35,23 @@ socat ABSTRACT-LISTEN:/tmp/dbus-awBoQTCc,fork UNIX-CONNECT:/tmp/mysock | |||
35 | 8. profile for dillo | 35 | 8. profile for dillo |
36 | Also, in dillo open a directory (file:///etc), when the browser window is closed the sandbox still remains active. | 36 | Also, in dillo open a directory (file:///etc), when the browser window is closed the sandbox still remains active. |
37 | This is probably a dillo problem. | 37 | This is probably a dillo problem. |
38 | |||
39 | 9. --force sandbox in a overlayfs sandbox | ||
40 | |||
41 | $ sudo firejail --overlay | ||
42 | # su netblue | ||
43 | $ xterm & | ||
44 | $ firejail --force --private | ||
45 | Parent pid 77, child pid 78 | ||
46 | Warning: failed to unmount /sys | ||
47 | |||
48 | Warning: cannot mount a new user namespace, going forward without it... | ||
49 | Child process initialized | ||
50 | |||
51 | Try to join the forced sandbox in xterm window: | ||
52 | $ firejail --join=77 | ||
53 | Switching to pid 78, the first child process inside the sandbox | ||
54 | Warning: seccomp file not found | ||
55 | Warning: seccomp disabled, it requires a Linux kernel version 3.5 or newer. | ||
56 | $ ls ~ <----------------- all files are available, the directory is not empty! | ||
57 | |||