aboutsummaryrefslogtreecommitdiffstats
path: root/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'README.md')
-rw-r--r--README.md23
1 files changed, 21 insertions, 2 deletions
diff --git a/README.md b/README.md
index c16a32e62..a60c8dd7f 100644
--- a/README.md
+++ b/README.md
@@ -90,9 +90,28 @@ AUDIT
90 Limitations: audit feature is not implemented for --x11 commands. 90 Limitations: audit feature is not implemented for --x11 commands.
91````` 91`````
92 92
93## --private-dev enhancements - work in progress! 93## --noexec
94`````
95 --noexec=dirname_or_filename
96 Remount directory or file noexec, nodev and nosuid.
97
98 Example:
99 $ firejail --noexec=/tmp
100
101 /etc and /var are noexec by default. If there are more than one
102 mount operation on the path of the file or directory, noexec
103 should be applied to the last one. Always check if the change
104 took effect inside the sandbox.
105`````
94 106
95The following devices are added to --private-dev list. 107## --rmenv
108`````
109 --rmenv=name
110 Remove environment variable in the new sandbox.
111
112 Example:
113 $ firejail --rmenv=DBUS_SESSION_BUS_ADDRESS
114`````
96 115
97## Converting profiles to private-bin - work in progress! 116## Converting profiles to private-bin - work in progress!
98 117
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-02 17:06:24 +0000