1 files changed, 12 insertions, 11 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index e91c5c089..3ebb11549 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -39,7 +39,7 @@ Reading profile /home/netblue/.config/firejail/icecat.profile
 \fB3.\fR Use a default.profile file if the sandbox
 is started by a regular user, or a server.profile file if the sandbox
 is started by root. Firejail looks for these files in ~/.config/firejail directory, followed by /etc/firejail directory.
-To disable default profile loading, use --noroot command option. Example:
+To disable default profile loading, use --noprofile command option. Example:
 .PP
 .RS
 $ firejail
@@ -126,7 +126,7 @@ blacklist ${HOME}/.ssh
 Make directory or file read-only.
 .TP
 \fBtmpfs directory
-Mount an empty tmpfs filesystem on top of directory.
+Mount an empty tmpfs filesystem on top of directory. This option is available only when running the sandbox as root.
 .TP
 \fBbind directory1,directory2
 Mount-bind directory1 on top of directory2. This option is only available when running as root.
@@ -139,18 +139,12 @@ Mount new /root and /home/user directories in temporary
 filesystems. All modifications are discarded when the sandbox is
 closed.
 .TP
-\fBprivate-bin file,file
-Build a new /bin in a temporary filesystem, and copy the programs in the list.
-The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
-.TP
 \fBprivate directory
 Use directory as user home.
 .TP
-\fBprivate-home file,directory
+\fBprivate-bin file,file
-Build a new user home in a temporary
+Build a new /bin in a temporary filesystem, and copy the programs in the list.
-filesystem, and copy the files and directories in the list in the
+The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
-new home. All modifications are discarded when the sandbox is
-closed.
 .TP
 \fBprivate-dev
 Create a new /dev directory. Only dri, null, full, zero, tty, pts, ptmx, random, urandom, log and shm devices are available.
@@ -160,6 +154,9 @@ Build a new /etc in a temporary
 filesystem, and copy the files and directories in the list.
 All modifications are discarded when the sandbox is closed.
 .TP
+\fBprivate-tmp
+Mount an empty temporary filesystem on top of /tmp directory.
+.TP
 \fBwhitelist file_or_directory
 Build a new user home in a temporary filesystem, and mount-bind file_or_directory.
 The modifications to file_or_directory are persistent, everything else is discarded
@@ -231,6 +228,10 @@ Set the CPU cores available for this sandbox using \fBcpu\fR command. Examples:
 cpu 1,2,3
 Use only CPU cores 0, 1 and 2.
+.TP
+nice -5
+Set a nice value of -5 to all processes running inside the sandbox.
 .SH Control Groups
 Place the sandbox in an existing control group specified by the full path of the task file using \fBcgroup\fR. Example:

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index e91c5c089..3ebb11549 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt
@@ -39,7 +39,7 @@ Reading profile /home/netblue/.config/firejail/icecat.profile
39	\fB3.\fR Use a default.profile file if the sandbox	39	\fB3.\fR Use a default.profile file if the sandbox
40	is started by a regular user, or a server.profile file if the sandbox	40	is started by a regular user, or a server.profile file if the sandbox
41	is started by root. Firejail looks for these files in ~/.config/firejail directory, followed by /etc/firejail directory.	41	is started by root. Firejail looks for these files in ~/.config/firejail directory, followed by /etc/firejail directory.
42	To disable default profile loading, use --noroot command option. Example:	42	To disable default profile loading, use --noprofile command option. Example:
43	.PP	43	.PP
44	.RS	44	.RS
45	$ firejail	45	$ firejail
@@ -126,7 +126,7 @@ blacklist ${HOME}/.ssh
126	Make directory or file read-only.	126	Make directory or file read-only.
127	.TP	127	.TP
128	\fBtmpfs directory	128	\fBtmpfs directory
129	Mount an empty tmpfs filesystem on top of directory.	129	Mount an empty tmpfs filesystem on top of directory. This option is available only when running the sandbox as root.
130	.TP	130	.TP
131	\fBbind directory1,directory2	131	\fBbind directory1,directory2
132	Mount-bind directory1 on top of directory2. This option is only available when running as root.	132	Mount-bind directory1 on top of directory2. This option is only available when running as root.
@@ -139,18 +139,12 @@ Mount new /root and /home/user directories in temporary
139	filesystems. All modifications are discarded when the sandbox is	139	filesystems. All modifications are discarded when the sandbox is
140	closed.	140	closed.
141	.TP	141	.TP
142	\fBprivate-bin file,file
143	Build a new /bin in a temporary filesystem, and copy the programs in the list.
144	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
145	.TP
146	\fBprivate directory	142	\fBprivate directory
147	Use directory as user home.	143	Use directory as user home.
148	.TP	144	.TP
149	\fBprivate-home file,directory	145	\fBprivate-bin file,file
150	Build a new user home in a temporary	146	Build a new /bin in a temporary filesystem, and copy the programs in the list.
151	filesystem, and copy the files and directories in the list in the	147	The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
152	new home. All modifications are discarded when the sandbox is
153	closed.
154	.TP	148	.TP
155	\fBprivate-dev	149	\fBprivate-dev
156	Create a new /dev directory. Only dri, null, full, zero, tty, pts, ptmx, random, urandom, log and shm devices are available.	150	Create a new /dev directory. Only dri, null, full, zero, tty, pts, ptmx, random, urandom, log and shm devices are available.
@@ -160,6 +154,9 @@ Build a new /etc in a temporary
160	filesystem, and copy the files and directories in the list.	154	filesystem, and copy the files and directories in the list.
161	All modifications are discarded when the sandbox is closed.	155	All modifications are discarded when the sandbox is closed.
162	.TP	156	.TP
		157	\fBprivate-tmp
		158	Mount an empty temporary filesystem on top of /tmp directory.
		159	.TP
163	\fBwhitelist file_or_directory	160	\fBwhitelist file_or_directory
164	Build a new user home in a temporary filesystem, and mount-bind file_or_directory.	161	Build a new user home in a temporary filesystem, and mount-bind file_or_directory.
165	The modifications to file_or_directory are persistent, everything else is discarded	162	The modifications to file_or_directory are persistent, everything else is discarded
@@ -231,6 +228,10 @@ Set the CPU cores available for this sandbox using \fBcpu\fR command. Examples:
231	cpu 1,2,3	228	cpu 1,2,3
232	Use only CPU cores 0, 1 and 2.	229	Use only CPU cores 0, 1 and 2.
233		230
		231	.TP
		232	nice -5
		233	Set a nice value of -5 to all processes running inside the sandbox.
		234
234	.SH Control Groups	235	.SH Control Groups
235	Place the sandbox in an existing control group specified by the full path of the task file using \fBcgroup\fR. Example:	236	Place the sandbox in an existing control group specified by the full path of the task file using \fBcgroup\fR. Example:
236		237