diff options
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 16 |
1 files changed, 16 insertions, 0 deletions
@@ -95,3 +95,19 @@ New profiles introduced in this version: unbound, dnscrypt-proxy | |||
95 | ### --whitelist | 95 | ### --whitelist |
96 | 96 | ||
97 | Whitelist command accepts files in user home, /dev, /media, /var, and /tmp directories. | 97 | Whitelist command accepts files in user home, /dev, /media, /var, and /tmp directories. |
98 | |||
99 | ### --tracelog | ||
100 | |||
101 | Tracelog command enables auditing blacklisted files and directories. A message | ||
102 | is sent to syslog in case the file or the directory is accessed. Example: | ||
103 | ````` | ||
104 | $ firejail --tracelog firefox | ||
105 | ````` | ||
106 | Syslog example: | ||
107 | ````` | ||
108 | $ sudo tail -f /var/log/syslog | ||
109 | [...] | ||
110 | Dec 3 11:43:25 debian firejail[70]: blacklist violation - sandbox 26370, exe iceweasel, syscall open64, path /etc/shadow | ||
111 | Dec 3 11:46:17 debian firejail[70]: blacklist violation - sandbox 26370, exe iceweasel, syscall opendir, path /boot | ||
112 | [...] | ||
113 | ````` \ No newline at end of file | ||