From 40d3604f703ea07e3bb5feace23975fa766f5080 Mon Sep 17 00:00:00 2001 From: Jeff Squyres Date: Thu, 4 Jun 2020 13:41:32 -0400 Subject: man: minor clarifications to man pages (#3445) Add verbiage to the man pages clarifying that the files/directories in the lists given to options such as --private-bin must be relative to the directory that is being limited (e.g., --private-opt requires a list of files/directories that are relative to /opt). Signed-off-by: Jeff Squyres --- src/man/firejail-profile.txt | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'src/man/firejail-profile.txt') diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 198f33c00..daae85cfd 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt @@ -268,6 +268,8 @@ Use directory as user home. .TP \fBprivate-bin file,file Build a new /bin in a temporary filesystem, and copy the programs in the list. +The files in the list must be expressed as relative to the /bin, +/sbin, /usr/bin, /usr/sbin, or /usr/local/bin directories. The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin. .TP \fBprivate-cache @@ -289,26 +291,37 @@ Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional res \fBprivate-etc file,directory Build a new /etc in a temporary filesystem, and copy the files and directories in the list. +The files and directories in the list must be expressed as relative to +the /etc directory. All modifications are discarded when the sandbox is closed. .TP \fBprivate-home file,directory Build a new user home in a temporary filesystem, and copy the files and directories in the list in the -new home. All modifications are discarded when the sandbox is +new home. +The files and directories in the list must be expressed as relative to +the current user's home directory. +All modifications are discarded when the sandbox is closed. .TP \fBprivate-lib file,directory Build a new /lib directory and bring in the libraries required by the application to run. +The files and directories in the list must be expressed as relative to +the /lib directory. This feature is still under development, see \fBman 1 firejail\fR for some examples. .TP \fBprivate-opt file,directory Build a new /opt in a temporary filesystem, and copy the files and directories in the list. +The files and directories in the list must be expressed as relative to +the /opt directory. All modifications are discarded when the sandbox is closed. .TP \fBprivate-srv file,directory Build a new /srv in a temporary filesystem, and copy the files and directories in the list. +The files and directories in the list must be expressed as relative to +the /srv directory. All modifications are discarded when the sandbox is closed. .TP \fBprivate-tmp -- cgit v1.2.3-70-g09d2