2 files changed, 30 insertions, 4 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 198f33c00..daae85cfd 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -268,6 +268,8 @@ Use directory as user home.
 .TP
 \fBprivate-bin file,file
 Build a new /bin in a temporary filesystem, and copy the programs in the list.
+The files in the list must be expressed as relative to the /bin,
+/sbin, /usr/bin, /usr/sbin, or /usr/local/bin directories.
 The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
 .TP
 \fBprivate-cache
@@ -289,26 +291,37 @@ Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional res
 \fBprivate-etc file,directory
 Build a new /etc in a temporary
 filesystem, and copy the files and directories in the list.
+The files and directories in the list must be expressed as relative to
+the /etc directory.
 All modifications are discarded when the sandbox is closed.
 .TP
 \fBprivate-home file,directory
 Build a new user home in a temporary
 filesystem, and copy the files and directories in the list in the
-new home. All modifications are discarded when the sandbox is
+new home.
+The files and directories in the list must be expressed as relative to
+the current user's home directory.
+All modifications are discarded when the sandbox is
 closed.
 .TP
 \fBprivate-lib file,directory
 Build a new /lib directory and bring in the libraries required by the application to run.
+The files and directories in the list must be expressed as relative to
+the /lib directory.
 This feature is still under development, see \fBman 1 firejail\fR for some examples.
 .TP
 \fBprivate-opt file,directory
 Build a new /opt in a temporary
 filesystem, and copy the files and directories in the list.
+The files and directories in the list must be expressed as relative to
+the /opt directory.
 All modifications are discarded when the sandbox is closed.
 .TP
 \fBprivate-srv file,directory
 Build a new /srv in a temporary
 filesystem, and copy the files and directories in the list.
+The files and directories in the list must be expressed as relative to
+the /srv directory.
 All modifications are discarded when the sandbox is closed.
 .TP
 \fBprivate-tmp
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 982b40d89..647569354 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1696,7 +1696,9 @@ $ firejail \-\-private=/home/netblue/firefox-home firefox
 .TP
 \fB\-\-private-bin=file,file
 Build a new /bin in a temporary filesystem, and copy the programs in the list.
-If no listed file is found, /bin directory will be empty.
+The files in the list must be expressed as relative to the /bin,
+/sbin, /usr/bin, /usr/sbin, or /usr/local/bin directories.
+If no listed files are found, /bin directory will be empty.
 The same directory is also bind-mounted over /sbin, /usr/bin, /usr/sbin and /usr/local/bin.
 All modifications are discarded when the sandbox is closed. File globbing is supported,
 see \fBFILE GLOBBING\fR section for more details.
@@ -1792,6 +1794,8 @@ $
 \fB\-\-private-etc=file,directory
 Build a new /etc in a temporary
 filesystem, and copy the files and directories in the list.
+The files and directories in the list must be expressed as relative to
+the /etc directory.
 If no listed file is found, /etc directory will be empty.
 All modifications are discarded when the sandbox is closed.
 .br
@@ -1801,13 +1805,16 @@ Example:
 .br
 $ firejail --private-etc=group,hostname,localtime, \\
 .br
-nsswitch.conf,passwd,resolv.conf
+nsswitch.conf,passwd,resolv.conf,default/motd-news
 .TP
 \fB\-\-private-home=file,directory
 Build a new user home in a temporary
 filesystem, and copy the files and directories in the list in the
-new home. All modifications are discarded when the sandbox is
+new home.
+The files and directories in the list must be expressed as relative to
+the current user's home directory.
+All modifications are discarded when the sandbox is
 closed.
 .br
@@ -1819,6 +1826,8 @@ $ firejail \-\-private-home=.mozilla firefox
 .TP
 \fB\-\-private-lib=file,directory
 This feature is currently under heavy development. Only amd64 platforms are supported at this moment.
+The files and directories in the list must be expressed as relative to
+the /lib directory.
 The idea is to build a new /lib in a temporary filesystem,
 with only the library files necessary to run the application.
 It could be as simple as:
@@ -1870,6 +1879,8 @@ $
 \fB\-\-private-opt=file,directory
 Build a new /opt in a temporary
 filesystem, and copy the files and directories in the list.
+The files and directories in the list must be expressed as relative to
+the /opt directory.
 If no listed file is found, /opt directory will be empty.
 All modifications are discarded when the sandbox is closed.
 .br
@@ -1883,6 +1894,8 @@ $ firejail --private-opt=firefox /opt/firefox/firefox
 \fB\-\-private-srv=file,directory
 Build a new /srv in a temporary
 filesystem, and copy the files and directories in the list.
+The files and directories in the list must be expressed as relative to
+the /srv directory.
 If no listed file is found, /srv directory will be empty.
 All modifications are discarded when the sandbox is closed.
 .br

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 198f33c00..daae85cfd 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -268,6 +268,8 @@ Use directory as user home.
268	.TP	268	.TP
269	\fBprivate-bin file,file	269	\fBprivate-bin file,file
270	Build a new /bin in a temporary filesystem, and copy the programs in the list.	270	Build a new /bin in a temporary filesystem, and copy the programs in the list.
		271	The files in the list must be expressed as relative to the /bin,
		272	/sbin, /usr/bin, /usr/sbin, or /usr/local/bin directories.
271	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.	273	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
272	.TP	274	.TP
273	\fBprivate-cache	275	\fBprivate-cache
@@ -289,26 +291,37 @@ Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional res
289	\fBprivate-etc file,directory	291	\fBprivate-etc file,directory
290	Build a new /etc in a temporary	292	Build a new /etc in a temporary
291	filesystem, and copy the files and directories in the list.	293	filesystem, and copy the files and directories in the list.
		294	The files and directories in the list must be expressed as relative to
		295	the /etc directory.
292	All modifications are discarded when the sandbox is closed.	296	All modifications are discarded when the sandbox is closed.
293	.TP	297	.TP
294	\fBprivate-home file,directory	298	\fBprivate-home file,directory
295	Build a new user home in a temporary	299	Build a new user home in a temporary
296	filesystem, and copy the files and directories in the list in the	300	filesystem, and copy the files and directories in the list in the
297	new home. All modifications are discarded when the sandbox is	301	new home.
		302	The files and directories in the list must be expressed as relative to
		303	the current user's home directory.
		304	All modifications are discarded when the sandbox is
298	closed.	305	closed.
299	.TP	306	.TP
300	\fBprivate-lib file,directory	307	\fBprivate-lib file,directory
301	Build a new /lib directory and bring in the libraries required by the application to run.	308	Build a new /lib directory and bring in the libraries required by the application to run.
		309	The files and directories in the list must be expressed as relative to
		310	the /lib directory.
302	This feature is still under development, see \fBman 1 firejail\fR for some examples.	311	This feature is still under development, see \fBman 1 firejail\fR for some examples.
303	.TP	312	.TP
304	\fBprivate-opt file,directory	313	\fBprivate-opt file,directory
305	Build a new /opt in a temporary	314	Build a new /opt in a temporary
306	filesystem, and copy the files and directories in the list.	315	filesystem, and copy the files and directories in the list.
		316	The files and directories in the list must be expressed as relative to
		317	the /opt directory.
307	All modifications are discarded when the sandbox is closed.	318	All modifications are discarded when the sandbox is closed.
308	.TP	319	.TP
309	\fBprivate-srv file,directory	320	\fBprivate-srv file,directory
310	Build a new /srv in a temporary	321	Build a new /srv in a temporary
311	filesystem, and copy the files and directories in the list.	322	filesystem, and copy the files and directories in the list.
		323	The files and directories in the list must be expressed as relative to
		324	the /srv directory.
312	All modifications are discarded when the sandbox is closed.	325	All modifications are discarded when the sandbox is closed.
313	.TP	326	.TP
314	\fBprivate-tmp	327	\fBprivate-tmp


diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 982b40d89..647569354 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt
@@ -1696,7 +1696,9 @@ $ firejail \-\-private=/home/netblue/firefox-home firefox
1696	.TP	1696	.TP
1697	\fB\-\-private-bin=file,file	1697	\fB\-\-private-bin=file,file
1698	Build a new /bin in a temporary filesystem, and copy the programs in the list.	1698	Build a new /bin in a temporary filesystem, and copy the programs in the list.
1699	If no listed file is found, /bin directory will be empty.	1699	The files in the list must be expressed as relative to the /bin,
		1700	/sbin, /usr/bin, /usr/sbin, or /usr/local/bin directories.
		1701	If no listed files are found, /bin directory will be empty.
1700	The same directory is also bind-mounted over /sbin, /usr/bin, /usr/sbin and /usr/local/bin.	1702	The same directory is also bind-mounted over /sbin, /usr/bin, /usr/sbin and /usr/local/bin.
1701	All modifications are discarded when the sandbox is closed. File globbing is supported,	1703	All modifications are discarded when the sandbox is closed. File globbing is supported,
1702	see \fBFILE GLOBBING\fR section for more details.	1704	see \fBFILE GLOBBING\fR section for more details.
@@ -1792,6 +1794,8 @@ $
1792	\fB\-\-private-etc=file,directory	1794	\fB\-\-private-etc=file,directory
1793	Build a new /etc in a temporary	1795	Build a new /etc in a temporary
1794	filesystem, and copy the files and directories in the list.	1796	filesystem, and copy the files and directories in the list.
		1797	The files and directories in the list must be expressed as relative to
		1798	the /etc directory.
1795	If no listed file is found, /etc directory will be empty.	1799	If no listed file is found, /etc directory will be empty.
1796	All modifications are discarded when the sandbox is closed.	1800	All modifications are discarded when the sandbox is closed.
1797	.br	1801	.br
@@ -1801,13 +1805,16 @@ Example:
1801	.br	1805	.br
1802	$ firejail --private-etc=group,hostname,localtime, \\	1806	$ firejail --private-etc=group,hostname,localtime, \\
1803	.br	1807	.br
1804	nsswitch.conf,passwd,resolv.conf	1808	nsswitch.conf,passwd,resolv.conf,default/motd-news
1805		1809
1806	.TP	1810	.TP
1807	\fB\-\-private-home=file,directory	1811	\fB\-\-private-home=file,directory
1808	Build a new user home in a temporary	1812	Build a new user home in a temporary
1809	filesystem, and copy the files and directories in the list in the	1813	filesystem, and copy the files and directories in the list in the
1810	new home. All modifications are discarded when the sandbox is	1814	new home.
		1815	The files and directories in the list must be expressed as relative to
		1816	the current user's home directory.
		1817	All modifications are discarded when the sandbox is
1811	closed.	1818	closed.
1812	.br	1819	.br
1813		1820
@@ -1819,6 +1826,8 @@ $ firejail \-\-private-home=.mozilla firefox
1819	.TP	1826	.TP
1820	\fB\-\-private-lib=file,directory	1827	\fB\-\-private-lib=file,directory
1821	This feature is currently under heavy development. Only amd64 platforms are supported at this moment.	1828	This feature is currently under heavy development. Only amd64 platforms are supported at this moment.
		1829	The files and directories in the list must be expressed as relative to
		1830	the /lib directory.
1822	The idea is to build a new /lib in a temporary filesystem,	1831	The idea is to build a new /lib in a temporary filesystem,
1823	with only the library files necessary to run the application.	1832	with only the library files necessary to run the application.
1824	It could be as simple as:	1833	It could be as simple as:
@@ -1870,6 +1879,8 @@ $
1870	\fB\-\-private-opt=file,directory	1879	\fB\-\-private-opt=file,directory
1871	Build a new /opt in a temporary	1880	Build a new /opt in a temporary
1872	filesystem, and copy the files and directories in the list.	1881	filesystem, and copy the files and directories in the list.
		1882	The files and directories in the list must be expressed as relative to
		1883	the /opt directory.
1873	If no listed file is found, /opt directory will be empty.	1884	If no listed file is found, /opt directory will be empty.
1874	All modifications are discarded when the sandbox is closed.	1885	All modifications are discarded when the sandbox is closed.
1875	.br	1886	.br
@@ -1883,6 +1894,8 @@ $ firejail --private-opt=firefox /opt/firefox/firefox
1883	\fB\-\-private-srv=file,directory	1894	\fB\-\-private-srv=file,directory
1884	Build a new /srv in a temporary	1895	Build a new /srv in a temporary
1885	filesystem, and copy the files and directories in the list.	1896	filesystem, and copy the files and directories in the list.
		1897	The files and directories in the list must be expressed as relative to
		1898	the /srv directory.
1886	If no listed file is found, /srv directory will be empty.	1899	If no listed file is found, /srv directory will be empty.
1887	All modifications are discarded when the sandbox is closed.	1900	All modifications are discarded when the sandbox is closed.
1888	.br	1901	.br