diff options
Diffstat (limited to 'src/man/firejail-users.txt')
-rw-r--r-- | src/man/firejail-users.txt | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/src/man/firejail-users.txt b/src/man/firejail-users.txt deleted file mode 100644 index 7aa151680..000000000 --- a/src/man/firejail-users.txt +++ /dev/null | |||
@@ -1,63 +0,0 @@ | |||
1 | .TH FIREJAIL-USERS 5 "MONTH YEAR" "VERSION" "firejail.users man page" | ||
2 | .SH NAME | ||
3 | firejail.users \- Firejail user access database | ||
4 | |||
5 | .SH DESCRIPTION | ||
6 | /etc/firejail/firejail.users lists the users allowed to run firejail SUID executable. | ||
7 | root user is allowed by default, user nobody is never allowed. | ||
8 | |||
9 | If the user is not allowed to start the sandbox, Firejail will attempt to run the | ||
10 | program without sandboxing it. | ||
11 | |||
12 | If the file is not present in the system, all users are allowed to use the sandbox. | ||
13 | |||
14 | Example: | ||
15 | |||
16 | $ cat /etc/firejail/firejail.users | ||
17 | .br | ||
18 | dustin | ||
19 | .br | ||
20 | lucas | ||
21 | .br | ||
22 | mike | ||
23 | .br | ||
24 | eleven | ||
25 | |||
26 | Use a text editor to add or remove users from the list. You can also use firecfg \-\-add-users | ||
27 | command. Example: | ||
28 | |||
29 | $ sudo firecfg --add-users dustin lucas mike eleven | ||
30 | |||
31 | By default, running firecfg creates the file and adds the current user to the list. Example: | ||
32 | |||
33 | $ sudo firecfg | ||
34 | |||
35 | See \fBman 1 firecfg\fR for details. | ||
36 | |||
37 | .SH ALTERNATIVE SOLUTION | ||
38 | An alternative way of restricting user access to firejail executable is to create a special firejail user group and | ||
39 | allow only users in this group to run the sandbox: | ||
40 | |||
41 | # addgroup --system firejail | ||
42 | .br | ||
43 | # chown root:firejail /usr/bin/firejail | ||
44 | .br | ||
45 | # chmod 4750 /usr/bin/firejail | ||
46 | |||
47 | |||
48 | .SH FILES | ||
49 | /etc/firejail/firejail.users | ||
50 | |||
51 | .SH LICENSE | ||
52 | Firejail is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License | ||
53 | as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. | ||
54 | .PP | ||
55 | Homepage: https://firejail.wordpress.com | ||
56 | .SH SEE ALSO | ||
57 | .BR firejail (1), | ||
58 | .BR firemon (1), | ||
59 | .BR firecfg (1), | ||
60 | .BR firejail-profile (5), | ||
61 | .BR firejail-login (5), | ||
62 | .BR jailcheck (1) | ||
63 | .\" vim: set filetype=groff : | ||