diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/man/firejail.txt | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 154def585..e724e4bb9 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -310,6 +310,11 @@ regular user, nonewprivs and a default capabilities filter are enabled. | |||
310 | Example: | 310 | Example: |
311 | .br | 311 | .br |
312 | $ firejail \-\-chroot=/media/ubuntu warzone2100 | 312 | $ firejail \-\-chroot=/media/ubuntu warzone2100 |
313 | .br | ||
314 | |||
315 | .br | ||
316 | For automatic mounting of X11 and PulseAudio sockets set environment variables | ||
317 | FIREJAIL_CHROOT_X11 and FIREJAIL_CHROOT_PULSE. | ||
313 | #endif | 318 | #endif |
314 | .TP | 319 | .TP |
315 | \fB\-\-cpu=cpu-number,cpu-number,cpu-number | 320 | \fB\-\-cpu=cpu-number,cpu-number,cpu-number |
@@ -2192,6 +2197,11 @@ More information about groups can be found in /usr/share/doc/firejail/syscalls.t | |||
2192 | .br | 2197 | .br |
2193 | 2198 | ||
2194 | .br | 2199 | .br |
2200 | The default list can be customized, see \-\-seccomp= for a description. | ||
2201 | It can be customized also globally in /etc/firejail/firejail.config file. | ||
2202 | .br | ||
2203 | |||
2204 | .br | ||
2195 | System architecture is strictly imposed only if flag | 2205 | System architecture is strictly imposed only if flag |
2196 | \-\-seccomp.block-secondary is used. The filter is applied at run time | 2206 | \-\-seccomp.block-secondary is used. The filter is applied at run time |
2197 | only if the correct architecture was detected. For the case of I386 | 2207 | only if the correct architecture was detected. For the case of I386 |
@@ -2206,11 +2216,7 @@ Firejail will print seccomp violations to the audit log if the kernel was compil | |||
2206 | Example: | 2216 | Example: |
2207 | .br | 2217 | .br |
2208 | $ firejail \-\-seccomp | 2218 | $ firejail \-\-seccomp |
2209 | .br | ||
2210 | 2219 | ||
2211 | .br | ||
2212 | The default list can be customized, see \-\-seccomp= for a description. It can be customized | ||
2213 | also globally in /etc/firejail/firejail.config file. | ||
2214 | 2220 | ||
2215 | .TP | 2221 | .TP |
2216 | \fB\-\-seccomp=syscall,@group,!syscall2 | 2222 | \fB\-\-seccomp=syscall,@group,!syscall2 |