diff options
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 7c9cd98de..cd9ea6a8a 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -851,6 +851,21 @@ $ nc dict.org 2628 | |||
851 | 220 pan.alephnull.com dictd 1.12.1/rf on Linux 3.14-1-amd64 | 851 | 220 pan.alephnull.com dictd 1.12.1/rf on Linux 3.14-1-amd64 |
852 | .br | 852 | .br |
853 | .TP | 853 | .TP |
854 | \fB\-\-noexec=dirname_or_filename | ||
855 | Remount directory or file noexec, nodev and nosuid. | ||
856 | .br | ||
857 | |||
858 | .br | ||
859 | Example: | ||
860 | .br | ||
861 | $ firejail \-\-noexec=/tmp | ||
862 | .br | ||
863 | |||
864 | .br | ||
865 | /etc and /var are noexec by default. If there are more than one mount operation | ||
866 | on the path of the file or directory, noexec should be applied to the last one. Always check if the change took effect inside the sandbox. | ||
867 | |||
868 | .TP | ||
854 | \fB\-\-nogroups | 869 | \fB\-\-nogroups |
855 | Disable supplementary groups. Without this option, supplementary groups are enabled for the user starting the | 870 | Disable supplementary groups. Without this option, supplementary groups are enabled for the user starting the |
856 | sandbox. For root user supplementary groups are always disabled. | 871 | sandbox. For root user supplementary groups are always disabled. |