diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/usage.c | 9 | ||||
-rw-r--r-- | src/man/firejail.txt | 26 |
2 files changed, 24 insertions, 11 deletions
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 13e3d87e2..5154caf77 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -66,10 +66,12 @@ void usage(void) { | |||
66 | printf("\t\tExample: cpu=0,1,2\n\n"); | 66 | printf("\t\tExample: cpu=0,1,2\n\n"); |
67 | printf("\t--csh - use /bin/csh as default shell.\n\n"); | 67 | printf("\t--csh - use /bin/csh as default shell.\n\n"); |
68 | printf("\t--debug - print sandbox debug messages.\n\n"); | 68 | printf("\t--debug - print sandbox debug messages.\n\n"); |
69 | printf("\t--debug-syscalls - print all recognized system calls in the current\n"); | ||
70 | printf("\t\tFirejail software build and exit.\n\n"); | ||
71 | printf("\t--debug-caps - print all recognized capabilities in the current\n"); | 69 | printf("\t--debug-caps - print all recognized capabilities in the current\n"); |
72 | printf("\t\tFirejail software build and exit.\n\n"); | 70 | printf("\t\tFirejail software build and exit.\n\n"); |
71 | printf("\t--debug-errnos - print all recognized error numbres in the current\n"); | ||
72 | printf("\t\tFirejail software build and exit.\n\n"); | ||
73 | printf("\t--debug-syscalls - print all recognized system calls in the current\n"); | ||
74 | printf("\t\tFirejail software build and exit.\n\n"); | ||
73 | printf("\t--defaultgw=address - use this address as default gateway in the new\n"); | 75 | printf("\t--defaultgw=address - use this address as default gateway in the new\n"); |
74 | printf("\t\tnetwork namespace.\n\n"); | 76 | printf("\t\tnetwork namespace.\n\n"); |
75 | printf("\t--dns=address - set a DNS server for the sandbox. Up to three DNS\n"); | 77 | printf("\t--dns=address - set a DNS server for the sandbox. Up to three DNS\n"); |
@@ -216,6 +218,9 @@ void usage(void) { | |||
216 | printf("\t--seccomp.keep=syscall,syscall,syscall - enable seccomp filter, and\n"); | 218 | printf("\t--seccomp.keep=syscall,syscall,syscall - enable seccomp filter, and\n"); |
217 | printf("\t\twhitelist the syscalls specified by the command.\n\n"); | 219 | printf("\t\twhitelist the syscalls specified by the command.\n\n"); |
218 | 220 | ||
221 | printf("\t--seccomp.<errno>=syscall,syscall,syscall - enable seccomp filter, and\n"); | ||
222 | printf("\t\treturn errno for the syscalls specified by the command.\n\n"); | ||
223 | |||
219 | printf("\t--seccomp.print=name - print the seccomp filter for the sandbox\n"); | 224 | printf("\t--seccomp.print=name - print the seccomp filter for the sandbox\n"); |
220 | printf("\t\tidentified by name.\n\n"); | 225 | printf("\t\tidentified by name.\n\n"); |
221 | printf("\t--seccomp.print=pid - print the seccomp filter for the sandbox\n"); | 226 | printf("\t--seccomp.print=pid - print the seccomp filter for the sandbox\n"); |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 899005434..2d1c40566 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -23,9 +23,7 @@ firejail {\-\-list | \-\-netstats | \-\-top | \-\-tree} | |||
23 | Miscellaneous: | 23 | Miscellaneous: |
24 | .PP | 24 | .PP |
25 | .RS | 25 | .RS |
26 | firejail {\-? | \-\-debug-caps | \-\-debug-syscalls | \-\-help | | 26 | firejail {\-? | \-\-debug-caps | \-\-debug-errnos | \-\-debug-syscalls | \-\-help | \-\-version} |
27 | .br | ||
28 | \-\-version} | ||
29 | .RE | 27 | .RE |
30 | .SH DESCRIPTION | 28 | .SH DESCRIPTION |
31 | Firejail is a SUID sandbox program that reduces the risk of security breaches by | 29 | Firejail is a SUID sandbox program that reduces the risk of security breaches by |
@@ -240,24 +238,34 @@ Print debug messages. | |||
240 | Example: | 238 | Example: |
241 | .br | 239 | .br |
242 | $ firejail \-\-debug firefox | 240 | $ firejail \-\-debug firefox |
241 | |||
243 | .TP | 242 | .TP |
244 | \fB\-\-debug-syscalls | 243 | \fB\-\-debug-caps |
245 | Print all recognized system calls in the current Firejail software build and exit. | 244 | Print all recognized capabilities in the current Firejail software build and exit. |
246 | .br | 245 | .br |
247 | 246 | ||
248 | .br | 247 | .br |
249 | Example: | 248 | Example: |
250 | .br | 249 | .br |
251 | $ firejail \-\-debug-syscalls | 250 | $ firejail \-\-debug-caps |
252 | .TP | 251 | .TP |
253 | \fB\-\-debug-caps | 252 | \fB\-\-debug-errnos |
254 | Print all recognized capabilities in the current Firejail software build and exit. | 253 | Print all recognized error numbers in the current Firejail software build and exit. |
255 | .br | 254 | .br |
256 | 255 | ||
257 | .br | 256 | .br |
258 | Example: | 257 | Example: |
259 | .br | 258 | .br |
260 | $ firejail \-\-debug-caps | 259 | $ firejail \-\-debug-errnos |
260 | .TP | ||
261 | \fB\-\-debug-syscalls | ||
262 | Print all recognized system calls in the current Firejail software build and exit. | ||
263 | .br | ||
264 | |||
265 | .br | ||
266 | Example: | ||
267 | .br | ||
268 | $ firejail \-\-debug-syscalls | ||
261 | .TP | 269 | .TP |
262 | \fB\-\-defaultgw=address | 270 | \fB\-\-defaultgw=address |
263 | Use this address as default gateway in the new network namespace. | 271 | Use this address as default gateway in the new network namespace. |