diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/usage.c | 9 | ||||
-rw-r--r-- | src/man/firejail.txt | 5 |
2 files changed, 10 insertions, 4 deletions
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index b9ab00eae..4de33c83d 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -148,8 +148,8 @@ void usage(void) { | |||
148 | printf("\tthe new home.\n"); | 148 | printf("\tthe new home.\n"); |
149 | printf(" --private-bin=file,file - build a new /bin in a temporary filesystem,\n"); | 149 | printf(" --private-bin=file,file - build a new /bin in a temporary filesystem,\n"); |
150 | printf("\tand copy the programs in the list.\n"); | 150 | printf("\tand copy the programs in the list.\n"); |
151 | printf(" --private-dev - create a new /dev directory. Only dri, null, full, zero,\n"); | 151 | printf(" --private-dev - create a new /dev directory with a small number of\n"); |
152 | printf("\ttty, pst, ptms, random, snd, urandom, log and shm devices are available.\n"); | 152 | printf("\tcommon device files.\n"); |
153 | printf(" --private-etc=file,directory - build a new /etc in a temporary\n"); | 153 | printf(" --private-etc=file,directory - build a new /etc in a temporary\n"); |
154 | printf("\tfilesystem, and copy the files and directories in the list.\n"); | 154 | printf("\tfilesystem, and copy the files and directories in the list.\n"); |
155 | printf(" --private-tmp - mount a tmpfs on top of /tmp directory.\n"); | 155 | printf(" --private-tmp - mount a tmpfs on top of /tmp directory.\n"); |
@@ -158,10 +158,11 @@ void usage(void) { | |||
158 | printf(" --profile-path=directory - use this directory to look for profile files.\n"); | 158 | printf(" --profile-path=directory - use this directory to look for profile files.\n"); |
159 | printf(" --protocol=protocol,protocol,protocol - enable protocol filter.\n"); | 159 | printf(" --protocol=protocol,protocol,protocol - enable protocol filter.\n"); |
160 | printf(" --protocol.print=name|pid - print the protocol filter.\n"); | 160 | printf(" --protocol.print=name|pid - print the protocol filter.\n"); |
161 | printf(" --put=name|pid src-filename dest-filename - put a file in sandbox container.\n"); | 161 | printf(" --put=name|pid src-filename dest-filename - put a file in sandbox\n"); |
162 | printf("\tcontainer.\n"); | ||
162 | printf(" --quiet - turn off Firejail's output.\n"); | 163 | printf(" --quiet - turn off Firejail's output.\n"); |
163 | printf(" --read-only=filename - set directory or file read-only..\n"); | 164 | printf(" --read-only=filename - set directory or file read-only..\n"); |
164 | printf(" --read-write=filename - set directory or file read-write..\n"); | 165 | printf(" --read-write=filename - set directory or file read-write.\n"); |
165 | printf(" --rlimit-fsize=number - set the maximum file size that can be created\n"); | 166 | printf(" --rlimit-fsize=number - set the maximum file size that can be created\n"); |
166 | printf("\tby a process.\n"); | 167 | printf("\tby a process.\n"); |
167 | printf(" --rlimit-nofile=number - set the maximum number of files that can be\n"); | 168 | printf(" --rlimit-nofile=number - set the maximum number of files that can be\n"); |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index be73429bc..0be8a1d81 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1004,6 +1004,11 @@ sandbox. For root user supplementary groups are always disabled. | |||
1004 | .br | 1004 | .br |
1005 | 1005 | ||
1006 | .br | 1006 | .br |
1007 | Note: By default all regular user groups are removed with the exception of the current user. This can be changed | ||
1008 | using \-\-allusers command option. | ||
1009 | .br | ||
1010 | |||
1011 | .br | ||
1007 | Example: | 1012 | Example: |
1008 | .br | 1013 | .br |
1009 | $ id | 1014 | $ id |