diff options
Diffstat (limited to 'src/man/firejail-profile.txt')
| -rw-r--r-- | src/man/firejail-profile.txt | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 637519902..52802755f 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
| @@ -198,9 +198,15 @@ Mount an empty tmpfs filesystem on top of directory. This option is available on | |||
| 198 | Blacklist violations logged to syslog. | 198 | Blacklist violations logged to syslog. |
| 199 | .TP | 199 | .TP |
| 200 | \fBwhitelist file_or_directory | 200 | \fBwhitelist file_or_directory |
| 201 | Build a new user home in a temporary filesystem, and mount-bind file_or_directory. | 201 | Whitelist directory or file. A temporary file system is mounted on the top directory, and the |
| 202 | The modifications to file_or_directory are persistent, everything else is discarded | 202 | whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent, |
| 203 | when the sandbox is closed. | 203 | everything else is discarded when the sandbox is closed. The top directory could be |
| 204 | user home, /dev, /media, /opt, /var, and /tmp. | ||
| 205 | .br | ||
| 206 | |||
| 207 | .br | ||
| 208 | Symbolic link handling: with the exception of user home, both the link and the real file should be in | ||
| 209 | the same top directory. For user home, both the link and the real file should be owned by the user. | ||
| 204 | .TP | 210 | .TP |
| 205 | \fBwritable-etc | 211 | \fBwritable-etc |
| 206 | Mount /etc directory read-write. | 212 | Mount /etc directory read-write. |