diff options
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 79 |
1 files changed, 24 insertions, 55 deletions
@@ -207,43 +207,12 @@ You can also use this tool to get a list of syscalls needed by a program: [contr | |||
207 | 207 | ||
208 | We also keep a list of profile fixes for previous released versions in [etc-fixes](https://github.com/netblue30/firejail/tree/master/etc-fixes) directory. | 208 | We also keep a list of profile fixes for previous released versions in [etc-fixes](https://github.com/netblue30/firejail/tree/master/etc-fixes) directory. |
209 | 209 | ||
210 | ## Latest released version: 0.9.68 | 210 | ## Latest released version: 0.9.70 |
211 | 211 | ||
212 | ## Current development version: 0.9.69 | 212 | ## Current development version: 0.9.71 |
213 | 213 | ||
214 | Milestone page: https://github.com/netblue30/firejail/milestone/1 | 214 | Milestone page: https://github.com/netblue30/firejail/milestone/1 |
215 | 215 | ||
216 | ### Shell tab completion | ||
217 | ``` | ||
218 | --tab Enable shell tab completion in sandboxes using private or whitelisted | ||
219 | home directories. | ||
220 | |||
221 | $ firejail --private --tab | ||
222 | ``` | ||
223 | |||
224 | ### Kernel OutOfMemory-killer | ||
225 | ````` | ||
226 | --oom=value | ||
227 | Configure kernel's OutOfMemory-killer score for this sandbox. | ||
228 | The acceptable score values are between 0 and 1000 for regular | ||
229 | users, and -1000 to 1000 for root. For more information on OOM | ||
230 | kernel feature see man choom. | ||
231 | |||
232 | Example: | ||
233 | $ firejail --oom=300 firefox | ||
234 | ````` | ||
235 | |||
236 | ### Guided configuration | ||
237 | ````` | ||
238 | $ man firecfg | ||
239 | [...] | ||
240 | --guide | ||
241 | Guided configuration for new users. | ||
242 | |||
243 | Example: | ||
244 | $ sudo firecfg --guide | ||
245 | ````` | ||
246 | |||
247 | ### Profile Statistics | 216 | ### Profile Statistics |
248 | 217 | ||
249 | A small tool to print profile statistics. Compile and install as usual. The tool is installed in /usr/lib/firejail directory. | 218 | A small tool to print profile statistics. Compile and install as usual. The tool is installed in /usr/lib/firejail directory. |
@@ -254,30 +223,30 @@ No include .local found in /etc/firejail/noprofile.profile | |||
254 | Warning: multiple caps in /etc/firejail/transmission-daemon.profile | 223 | Warning: multiple caps in /etc/firejail/transmission-daemon.profile |
255 | 224 | ||
256 | Stats: | 225 | Stats: |
257 | profiles 1184 | 226 | profiles 1191 |
258 | include local profile 1183 (include profile-name.local) | 227 | include local profile 1190 (include profile-name.local) |
259 | include globals 1152 (include globals.local) | 228 | include globals 1164 (include globals.local) |
260 | blacklist ~/.ssh 1057 (include disable-common.inc) | 229 | blacklist ~/.ssh 1063 (include disable-common.inc) |
261 | seccomp 1076 | 230 | seccomp 1082 |
262 | capabilities 1178 | 231 | capabilities 1185 |
263 | noexec 1064 (include disable-exec.inc) | 232 | noexec 1070 (include disable-exec.inc) |
264 | noroot 985 | 233 | noroot 991 |
265 | memory-deny-write-execute 259 | 234 | memory-deny-write-execute 267 |
266 | apparmor 707 | 235 | apparmor 710 |
267 | private-bin 686 | 236 | private-bin 689 |
268 | private-dev 1040 | 237 | private-dev 1041 |
269 | private-etc 537 | 238 | private-etc 539 |
270 | private-tmp 911 | 239 | private-tmp 915 |
271 | whitelist home directory 567 | 240 | whitelist home directory 573 |
272 | whitelist var 849 (include whitelist-var-common.inc) | 241 | whitelist var 855 (include whitelist-var-common.inc) |
273 | whitelist run/user 1153 (include whitelist-runuser-common.inc | 242 | whitelist run/user 1159 (include whitelist-runuser-common.inc |
274 | or blacklist ${RUNUSER}) | 243 | or blacklist ${RUNUSER}) |
275 | whitelist usr/share 621 (include whitelist-usr-share-common.inc | 244 | whitelist usr/share 628 (include whitelist-usr-share-common.inc |
276 | net none 403 | 245 | net none 403 |
277 | dbus-user none 670 | 246 | dbus-user none 673 |
278 | dbus-user filter 114 | 247 | dbus-user filter 122 |
279 | dbus-system none 824 | 248 | dbus-system none 832 |
280 | dbus-system filter 10 | 249 | dbus-system filter 12 |
281 | ``` | 250 | ``` |
282 | 251 | ||
283 | ### New profiles: | 252 | ### New profiles: |