diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/firejail.h | 1 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 9 |
2 files changed, 8 insertions, 2 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 116bd404a..aa8144a40 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -368,6 +368,7 @@ void env_store(const char *str); | |||
368 | void env_apply(void); | 368 | void env_apply(void); |
369 | 369 | ||
370 | // fs_whitelist.c | 370 | // fs_whitelist.c |
371 | void fs_whitelist(void); | ||
371 | 372 | ||
372 | #endif | 373 | #endif |
373 | 374 | ||
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 1473c5889..470cade7e 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -10,7 +10,7 @@ firejail \-\-profile=filename.profile | |||
10 | Several command line options can be passed to the program using | 10 | Several command line options can be passed to the program using |
11 | profile files. Firejail chooses the profile file as follows: | 11 | profile files. Firejail chooses the profile file as follows: |
12 | 12 | ||
13 | 1. If a profile file is provided by the user with --profile option, the profile file is loaded. | 13 | 1. If a profile file is provided by the user with \-\-profile option, the profile file is loaded. |
14 | Example: | 14 | Example: |
15 | .PP | 15 | .PP |
16 | .RS | 16 | .RS |
@@ -120,7 +120,7 @@ Remove ifconfig command from the regular path directories. | |||
120 | \f\blacklist ${HOME}/.ssh | 120 | \f\blacklist ${HOME}/.ssh |
121 | Remove .ssh directory from user home directory. | 121 | Remove .ssh directory from user home directory. |
122 | .TP | 122 | .TP |
123 | \f\ noblacklist ${HOME}/config/evince | 123 | \f\noblacklist ${HOME}/config/evince |
124 | Prevent any new blacklist commands from blacklisting | 124 | Prevent any new blacklist commands from blacklisting |
125 | config/evince in the user home directory. Useful for defining | 125 | config/evince in the user home directory. Useful for defining |
126 | exceptions before including a large blacklist from a file. Note | 126 | exceptions before including a large blacklist from a file. Note |
@@ -149,6 +149,11 @@ Create a new /dev directory. Only null, full, zero, tty, pts, ptmx, random, uran | |||
149 | Build a new /etc in a temporary | 149 | Build a new /etc in a temporary |
150 | filesystem, and copy the files and directories in the list. | 150 | filesystem, and copy the files and directories in the list. |
151 | All modifications are discarded when the sandbox is closed. | 151 | All modifications are discarded when the sandbox is closed. |
152 | .TP | ||
153 | \f\whitelist file_or_directory | ||
154 | Build a new user home in a temporary filesystem, and mount-bind file_or_directory. | ||
155 | The modifications to file_or_directory are persistent, everything else is discarded | ||
156 | when the sandbox is closed. | ||
152 | 157 | ||
153 | .SH Filters | 158 | .SH Filters |
154 | \fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples: | 159 | \fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples: |