diff options
Diffstat (limited to 'src/man/firejail.txt')
-rw-r--r-- | src/man/firejail.txt | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index f7079200e..fed573e6c 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1184,16 +1184,23 @@ A short note about mixing \-\-whitelist and \-\-read-only options. Whitelisted d | |||
1184 | should be made read-only independently. Making a parent directory read-only, will not | 1184 | should be made read-only independently. Making a parent directory read-only, will not |
1185 | make the whitelist read-only. Example: | 1185 | make the whitelist read-only. Example: |
1186 | .br | 1186 | .br |
1187 | |||
1188 | .br | ||
1187 | $ firejail --whitelist=~/work --read-only=~ --read-only=~/work | 1189 | $ firejail --whitelist=~/work --read-only=~ --read-only=~/work |
1188 | 1190 | ||
1189 | .TP | 1191 | .TP |
1190 | \fB\-\-read-write=dirname_or_filename | 1192 | \fB\-\-read-write=dirname_or_filename |
1191 | By default, the sandbox mounts system directories read-only. | 1193 | Set directory or file read-write. Only files or directories belonging to the current user are allowed for |
1192 | These directories are /etc, /var, /usr, /bin, /sbin, /lib, /lib32, /libx32 and /lib64. | 1194 | this operation. Example: |
1193 | Use this option to mount read-write files or directories inside the system directories. | 1195 | .br |
1196 | |||
1197 | .br | ||
1198 | $ mkdir ~/test | ||
1199 | .br | ||
1200 | $ touch ~/test/a | ||
1201 | .br | ||
1202 | $ firejail --read-only=~/test --read-write=~/test/a | ||
1194 | 1203 | ||
1195 | This option is available only to root user. It has no effect when --chroot or --overlay are also set. In these | ||
1196 | cases the system directories are mounted read-write. | ||
1197 | 1204 | ||
1198 | .TP | 1205 | .TP |
1199 | \fB\-\-rlimit-fsize=number | 1206 | \fB\-\-rlimit-fsize=number |