From 85c8cc454d3df3a83667556f7ddfafe66a78d421 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Thu, 9 Feb 2017 09:03:35 -0500 Subject: adding macro for include command in profile files --- src/man/firejail-profile.txt | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) (limited to 'src/man/firejail-profile.txt') diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 90dca19bf..aa1aec567 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt @@ -81,14 +81,20 @@ Include other.profile file. Example: "include /etc/firejail/disable-common.inc" -other.profile file name can be prefixed with ${HOME}. This will force Firejail to look for the -file in user home directory. +The file name can be prefixed with a macro such as ${HOME} or ${CFG}. +${HOME} is expanded as user home directory, and ${CFG} is expanded as +Firejail system configuration directory - in most cases /etc/firejail or +/usr/local/etc/firejail. Example: "include ${HOME}/myprofiles/profile1" will load "~/myprofiles/profile1" file. -If the file is not found, and the file name does not end in ".local", the sandbox exist immediately -with an error printed on stderr. ".local" files can be used to customize the global configuration -in /etc/firejail directory. These files are not overwritten during software install. +Example: "include ${CFG}/firefox.profile" will load "/etc/firejail/firefox.profile" file. + +System configuration files in ${CFG} are overwritten during software installation. +Persistent configuration at system level is handled in ".local" files. For every +profile file in ${CFG} directory, the user can create a corresponding .local file +storing modifications to the persistent configuration. Persistent .local files +are included at the start of regular profile files. .TP \fBnoblacklist file_name -- cgit v1.2.3-54-g00ecf