diff options
Diffstat (limited to 'src/man/firejail-profile.txt')
-rw-r--r-- | src/man/firejail-profile.txt | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 637519902..52802755f 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -198,9 +198,15 @@ Mount an empty tmpfs filesystem on top of directory. This option is available on | |||
198 | Blacklist violations logged to syslog. | 198 | Blacklist violations logged to syslog. |
199 | .TP | 199 | .TP |
200 | \fBwhitelist file_or_directory | 200 | \fBwhitelist file_or_directory |
201 | Build a new user home in a temporary filesystem, and mount-bind file_or_directory. | 201 | Whitelist directory or file. A temporary file system is mounted on the top directory, and the |
202 | The modifications to file_or_directory are persistent, everything else is discarded | 202 | whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent, |
203 | when the sandbox is closed. | 203 | everything else is discarded when the sandbox is closed. The top directory could be |
204 | user home, /dev, /media, /opt, /var, and /tmp. | ||
205 | .br | ||
206 | |||
207 | .br | ||
208 | Symbolic link handling: with the exception of user home, both the link and the real file should be in | ||
209 | the same top directory. For user home, both the link and the real file should be owned by the user. | ||
204 | .TP | 210 | .TP |
205 | \fBwritable-etc | 211 | \fBwritable-etc |
206 | Mount /etc directory read-write. | 212 | Mount /etc directory read-write. |