diff options
Diffstat (limited to 'src/man/firejail-profile.5.in')
| -rw-r--r-- | src/man/firejail-profile.5.in | 15 |
1 files changed, 4 insertions, 11 deletions
diff --git a/src/man/firejail-profile.5.in b/src/man/firejail-profile.5.in index 76f5e4d20..e1d7fde94 100644 --- a/src/man/firejail-profile.5.in +++ b/src/man/firejail-profile.5.in | |||
| @@ -509,17 +509,10 @@ Blacklist all Linux capabilities. | |||
| 509 | Whitelist given Linux capabilities. | 509 | Whitelist given Linux capabilities. |
| 510 | #ifdef HAVE_LANDLOCK | 510 | #ifdef HAVE_LANDLOCK |
| 511 | .TP | 511 | .TP |
| 512 | \fBlandlock | 512 | \fBlandlock.enforce |
| 513 | Create a Landlock ruleset (if it doesn't already exist) and add basic access | 513 | Enforce the Landlock ruleset. |
| 514 | rules to it. | 514 | .PP |
| 515 | .TP | 515 | Without it, the other Landlock commands have no effect. |
| 516 | \fBlandlock.proc no|ro|rw | ||
| 517 | Add an access rule for /proc directory (read-only if set to \fBro\fR and | ||
| 518 | read-write if set to \fBrw\fR). | ||
| 519 | The access rule for /proc is added after this directory is set up in the | ||
| 520 | sandbox. | ||
| 521 | Access rules for /proc set up with other Landlock-related profile options have | ||
| 522 | no effect. | ||
| 523 | .TP | 516 | .TP |
| 524 | \fBlandlock.read path | 517 | \fBlandlock.read path |
| 525 | Create a Landlock ruleset (if it doesn't already exist) and add a read access | 518 | Create a Landlock ruleset (if it doesn't already exist) and add a read access |