1 files changed, 106 insertions, 0 deletions
diff --git a/src/man/jailtest.txt b/src/man/jailtest.txt
new file mode 100644
index 000000000..b52fc5eed
--- /dev/null
+++ b/src/man/jailtest.txt
@@ -0,0 +1,106 @@
+.TH JAILTEST 1 "MONTH YEAR" "VERSION" "JAILTEST man page"
+.SH NAME
+jailtest \- Simple utility program to test running sandboxes
+.SH SYNOPSIS
+sudo jailtest [OPTIONS] [directory]
+.SH DESCRIPTION
+WORK IN PROGRESS!
+jailtest attaches itself to all sandboxes started by the user and performs some basic tests
+on the sandbox filesystem:
+.TP
+\fB1. Virtual directories
+jailtest extracts a list with the main virtual directories installed by the sandbox.
+These directories are build by firejail at startup using --private* and --whitelist commands.
+.TP
+\fB2. Noexec test
+jailtest inserts executable programs in /home/username, /tmp, and /var/tmp directories
+and tries to run them from inside the sandbox, thus testing if the directory is executable or not.
+.TP
+\fB3. Read access test
+jailtest creates test files in the directories specified by the user and tries to read
+them from inside the sandbox.
+.TP
+\fB4. AppArmor test
+.TP
+\fB5. Seccomp test
+.TP
+The program is started as root using sudo.
+.SH OPTIONS
+.TP
+\fB\-\-debug
+Print debug messages.
+.TP
+\fB\-?\fR, \fB\-\-help\fR
+Print options and exit.
+.TP
+\fB\-\-version
+Print program version and exit.
+.TP
+\fB[directory]
+One or more directories in user home to test for read access. ~/.ssh and ~/.gnupg are tested by default.
+.SH OUTPUT
+For each sandbox detected we print the following line:
+        PID:USER:Sandbox Name:Command
+It is followed by relevant sandbox information, such as the virtual directories and various warnings.
+.SH EXAMPLE
+$ sudo jailtest
+.br
+2014:netblue::firejail /usr/bin/gimp
+.br
+   Virtual dirs: /tmp, /var/tmp, /dev, /usr/share,
+.br
+   Warning: I can run programs in /home/netblue
+.br
+.br
+2055:netblue::firejail /usr/bin/ssh -X netblue@x.y.z.net
+.br
+   Virtual dirs: /var/tmp, /dev, /usr/share, /run/user/1000,
+.br
+   Warning: I can read ~/.ssh
+.br
+.br
+2186:netblue:libreoffice:firejail --appimage /opt/LibreOffice-fresh.appimage
+.br
+   Virtual dirs: /tmp, /var/tmp, /dev,
+.br
+.br
+26090:netblue::/usr/bin/firejail /opt/firefox/firefox
+.br
+   Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, /usr/share,
+.br
+                 /run/user/1000,
+.br
+.br
+26160:netblue:tor:firejail --private=~/tor-browser_en-US ./start-tor
+.br
+   Warning: AppArmor not enabled
+.br
+   Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, /bin,
+.br
+                 /usr/share, /run/user/1000,
+.br
+   Warning: I can run programs in /home/netblue
+.br
+.SH LICENSE
+This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+.PP
+Homepage: https://firejail.wordpress.com
+.SH SEE ALSO
+.BR firejail (1),
+.BR firemon (1),
+.BR firecfg (1),
+.BR firejail-profile (5),
+.BR firejail-login (5),
+.BR firejail-users (5),

diff --git a/src/man/jailtest.txt b/src/man/jailtest.txt new file mode 100644 index 000000000..b52fc5eed --- /dev/null +++ b/src/man/jailtest.txt
@@ -0,0 +1,106 @@
	1	.TH JAILTEST 1 "MONTH YEAR" "VERSION" "JAILTEST man page"
	2	.SH NAME
	3	jailtest \- Simple utility program to test running sandboxes
	4	.SH SYNOPSIS
	5	sudo jailtest [OPTIONS] [directory]
	6	.SH DESCRIPTION
	7	WORK IN PROGRESS!
	8	jailtest attaches itself to all sandboxes started by the user and performs some basic tests
	9	on the sandbox filesystem:
	10	.TP
	11	\fB1. Virtual directories
	12	jailtest extracts a list with the main virtual directories installed by the sandbox.
	13	These directories are build by firejail at startup using --private* and --whitelist commands.
	14	.TP
	15	\fB2. Noexec test
	16	jailtest inserts executable programs in /home/username, /tmp, and /var/tmp directories
	17	and tries to run them from inside the sandbox, thus testing if the directory is executable or not.
	18	.TP
	19	\fB3. Read access test
	20	jailtest creates test files in the directories specified by the user and tries to read
	21	them from inside the sandbox.
	22	.TP
	23	\fB4. AppArmor test
	24	.TP
	25	\fB5. Seccomp test
	26	.TP
	27	The program is started as root using sudo.
	28
	29	.SH OPTIONS
	30	.TP
	31	\fB\-\-debug
	32	Print debug messages.
	33	.TP
	34	\fB\-?\fR, \fB\-\-help\fR
	35	Print options and exit.
	36	.TP
	37	\fB\-\-version
	38	Print program version and exit.
	39	.TP
	40	\fB[directory]
	41	One or more directories in user home to test for read access. ~/.ssh and ~/.gnupg are tested by default.
	42
	43	.SH OUTPUT
	44	For each sandbox detected we print the following line:
	45
	46	PID:USER:Sandbox Name:Command
	47
	48	It is followed by relevant sandbox information, such as the virtual directories and various warnings.
	49
	50	.SH EXAMPLE
	51
	52	$ sudo jailtest
	53	.br
	54	2014:netblue::firejail /usr/bin/gimp
	55	.br
	56	Virtual dirs: /tmp, /var/tmp, /dev, /usr/share,
	57	.br
	58	Warning: I can run programs in /home/netblue
	59	.br
	60
	61	.br
	62	2055:netblue::firejail /usr/bin/ssh -X netblue@x.y.z.net
	63	.br
	64	Virtual dirs: /var/tmp, /dev, /usr/share, /run/user/1000,
	65	.br
	66	Warning: I can read ~/.ssh
	67	.br
	68
	69	.br
	70	2186:netblue:libreoffice:firejail --appimage /opt/LibreOffice-fresh.appimage
	71	.br
	72	Virtual dirs: /tmp, /var/tmp, /dev,
	73	.br
	74
	75	.br
	76	26090:netblue::/usr/bin/firejail /opt/firefox/firefox
	77	.br
	78	Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, /usr/share,
	79	.br
	80	/run/user/1000,
	81	.br
	82
	83	.br
	84	26160:netblue:tor:firejail --private=~/tor-browser_en-US ./start-tor
	85	.br
	86	Warning: AppArmor not enabled
	87	.br
	88	Virtual dirs: /home/netblue, /tmp, /var/tmp, /dev, /etc, /bin,
	89	.br
	90	/usr/share, /run/user/1000,
	91	.br
	92	Warning: I can run programs in /home/netblue
	93	.br
	94
	95
	96	.SH LICENSE
	97	This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
	98	.PP
	99	Homepage: https://firejail.wordpress.com
	100	.SH SEE ALSO
	101	.BR firejail (1),
	102	.BR firemon (1),
	103	.BR firecfg (1),
	104	.BR firejail-profile (5),
	105	.BR firejail-login (5),
	106	.BR firejail-users (5),