diff options
Diffstat (limited to 'src/man/firejail-profile.txt')
-rw-r--r-- | src/man/firejail-profile.txt | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 5c8b6031d..be1f55f0f 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -520,6 +520,12 @@ first argument to socket system call. Recognized values: \fBunix\fR, | |||
520 | \fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR, and \fBbluetooth\fR. | 520 | \fBinet\fR, \fBinet6\fR, \fBnetlink\fR, \fBpacket\fR, and \fBbluetooth\fR. |
521 | Multiple protocol commands are allowed and they accumulate. | 521 | Multiple protocol commands are allowed and they accumulate. |
522 | .TP | 522 | .TP |
523 | \fBrestrict-namespaces | ||
524 | Install a seccomp filter that blocks attempts to create new cgroup, ipc, net, mount, pid, time, user or uts namespaces. | ||
525 | .TP | ||
526 | \fBrestrict-namespaces cgroup,ipc,net,mnt,pid,time,user,uts | ||
527 | Install a seccomp filter that blocks attempts to create any of the specified namespaces. | ||
528 | .TP | ||
523 | \fBseccomp | 529 | \fBseccomp |
524 | Enable seccomp filter and blacklist the syscalls in the default list. See man 1 firejail for more details. | 530 | Enable seccomp filter and blacklist the syscalls in the default list. See man 1 firejail for more details. |
525 | .TP | 531 | .TP |