summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/firejail/util.c7
-rw-r--r--src/man/firejail.txt7
2 files changed, 13 insertions, 1 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c
index f72df9fc6..7b871ae0d 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -443,6 +443,13 @@ void extract_command_name(int index, char **argv) {
443 char *tmp = strdup(ptr); 443 char *tmp = strdup(ptr);
444 if (!tmp) 444 if (!tmp)
445 errExit("strdup"); 445 errExit("strdup");
446
447 // limit the command to the first '.'
448 char *ptr2 = tmp;
449 while (*ptr2 != '.' && *ptr2 != '\0')
450 ptr2++;
451 *ptr2 = '\0';
452
446 free(cfg.command_name); 453 free(cfg.command_name);
447 cfg.command_name = tmp; 454 cfg.command_name = tmp;
448 } 455 }
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 0adb72151..0ddd8ae1d 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -431,6 +431,7 @@ $ firejail \-\-ignore=shell --ignore=seccomp firefox
431.TP 431.TP
432\fB\-\-interface=interface 432\fB\-\-interface=interface
433Move interface in a new network namespace. Up to four --interface options can be specified. 433Move interface in a new network namespace. Up to four --interface options can be specified.
434Note: wlan devices are not supported for this option.
434.br 435.br
435 436
436.br 437.br
@@ -613,6 +614,7 @@ Unless specified with option \-\-ip and \-\-defaultgw, an IP address and a defau
613automatically to the sandbox. The IP address is verified using ARP before assignment. The address 614automatically to the sandbox. The IP address is verified using ARP before assignment. The address
614configured as default gateway is the bridge device IP address. Up to four \-\-net 615configured as default gateway is the bridge device IP address. Up to four \-\-net
615bridge devices can be defined. Mixing bridge and macvlan devices is allowed. 616bridge devices can be defined. Mixing bridge and macvlan devices is allowed.
617Note: wlan devices are not supported for this option.
616.br 618.br
617 619
618.br 620.br
@@ -638,6 +640,7 @@ to the sandbox. The IP address is verified using ARP before
638assignment. The address configured as default gateway is the 640assignment. The address configured as default gateway is the
639default gateway of the host. Up to four \-\-net devices can 641default gateway of the host. Up to four \-\-net devices can
640be defined. Mixing bridge and macvlan devices is allowed. 642be defined. Mixing bridge and macvlan devices is allowed.
643Note: wlan devices are not supported for this option.
641.br 644.br
642 645
643.br 646.br
@@ -1473,6 +1476,8 @@ firejail version 0.9.27
1473.TP 1476.TP
1474\fB\-\-whitelist=dirname_or_filename 1477\fB\-\-whitelist=dirname_or_filename
1475Whitelist directory or file. This feature is implemented only for user home, /dev, /media, /opt, /var, and /tmp directories. 1478Whitelist directory or file. This feature is implemented only for user home, /dev, /media, /opt, /var, and /tmp directories.
1479When whitlisting symbolic links, both the link and the real file should be in the same top directory
1480(home user, /media, /var etc.)
1476.br 1481.br
1477 1482
1478.br 1483.br
@@ -1650,7 +1655,7 @@ See man 5 firejail-profile for profile file syntax information.
1650 1655
1651.SH RESTRICTED SHELL 1656.SH RESTRICTED SHELL
1652To configure a restricted shell, replace /bin/bash with /usr/bin/firejail in 1657To configure a restricted shell, replace /bin/bash with /usr/bin/firejail in
1653/etc/password file for each user that needs to be restricted. Alternatively, 1658/etc/passwd file for each user that needs to be restricted. Alternatively,
1654you can specify /usr/bin/firejail in adduser command: 1659you can specify /usr/bin/firejail in adduser command:
1655 1660
1656adduser \-\-shell /usr/bin/firejail username 1661adduser \-\-shell /usr/bin/firejail username
generated by cgit v1.2.3-54-g00ecf (git 2.45.0) at 2024-05-17 04:04:11 +0000