diff options
Diffstat (limited to 'src/man/firejail-profile.txt')
-rw-r--r-- | src/man/firejail-profile.txt | 54 |
1 files changed, 51 insertions, 3 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 59fde72a6..246098bb7 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -1,6 +1,6 @@ | |||
1 | .TH FIREJAIL-PROFILE 5 "MONTH YEAR" "VERSION" "firejail profiles man page" | 1 | .TH FIREJAIL-PROFILE 5 "MONTH YEAR" "VERSION" "firejail profiles man page" |
2 | .SH NAME | 2 | .SH NAME |
3 | profile \- Profile file syntax for Firejail | 3 | profile \- Security profile file syntax for Firejail |
4 | 4 | ||
5 | .SH USAGE | 5 | .SH USAGE |
6 | .TP | 6 | .TP |
@@ -8,8 +8,56 @@ firejail \-\-profile=filename.profile | |||
8 | 8 | ||
9 | .SH DESCRIPTION | 9 | .SH DESCRIPTION |
10 | Several Firejail command line configuration options can be passed to the program using | 10 | Several Firejail command line configuration options can be passed to the program using |
11 | profile files. Default Firejail profile files are stored in /etc/firejail | 11 | profile files. |
12 | directory and ~/.config/firejail directory. | 12 | Firejail chooses a security profile in the following order: |
13 | |||
14 | 1. If a profile is provided by the user with --profile option, the profile is loaded. | ||
15 | Example: | ||
16 | .PP | ||
17 | .RS | ||
18 | $ firejail --profile=/home/netblue/icecat.profile icecat | ||
19 | .RE | ||
20 | |||
21 | 2. If a profile file with the same name as the application is present in ~/.config/firejail directory or | ||
22 | in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example: | ||
23 | .PP | ||
24 | .RS | ||
25 | $ firejail icecat | ||
26 | .br | ||
27 | Command name #icecat# | ||
28 | .br | ||
29 | .br | ||
30 | Found icecat profile in /home/netblue/.config/firejail directory | ||
31 | .br | ||
32 | Reading profile /home/netblue/.config/firejail/icecat.profile | ||
33 | .br | ||
34 | [...] | ||
35 | .RE | ||
36 | |||
37 | 3. Use the default profile in /etc/firejail/generic.profile. This can be disabled with --noprofile. Example: | ||
38 | .PP | ||
39 | .RS | ||
40 | $ firejail \-\-noprofile | ||
41 | .br | ||
42 | Parent pid 8553, child pid 8554 | ||
43 | .br | ||
44 | Child process initialized | ||
45 | .br | ||
46 | $ exit | ||
47 | .br | ||
48 | .br | ||
49 | parent is shutting down, bye... | ||
50 | .br | ||
51 | $ firejail | ||
52 | .br | ||
53 | Reading profile /etc/firejail/generic.profile | ||
54 | .br | ||
55 | Parent pid 8553, child pid 8554 | ||
56 | .br | ||
57 | Child process initialized | ||
58 | .br | ||
59 | $ | ||
60 | .RE | ||
13 | 61 | ||
14 | .SH Scripting | 62 | .SH Scripting |
15 | Include and comment support: | 63 | Include and comment support: |