From 32e6cb2b6425b48c9cc2d456f81460ec6b3fc5b3 Mon Sep 17 00:00:00 2001 From: Adis Hamzić Date: Fri, 12 Aug 2016 18:06:47 +0200 Subject: added more overlay options --- src/man/firejail.txt | 44 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 4 deletions(-) (limited to 'src/man/firejail.txt') diff --git a/src/man/firejail.txt b/src/man/firejail.txt index fb8cb630b..3cc9a8401 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt @@ -994,7 +994,7 @@ $ ls -l sandboxlog* \fB\-\-overlay Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, the system directories are mounted read-write. All filesystem modifications go into the overlay. -The overlay is stored in $HOME/.firejail directory. This option is not available on Grsecurity systems. +The overlay is stored in $HOME/.firejail/ directory. This option is not available on Grsecurity systems. .br .br @@ -1008,14 +1008,40 @@ Example: $ firejail \-\-overlay firefox .TP -\fB\-\-overlay-clean -Clean all overlays stored in $HOME/.firejail directory. +\fB\-\-overlay-named=name +Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, +the system directories are mounted read-write. All filesystem modifications go into the overlay. +The overlay is stored in $HOME/.firejail/ directory. The created overlay can be reused between multiple +sessions. This option is not available on Grsecurity systems. +.br + +.br +OverlayFS support is required in Linux kernel for this option to work. +OverlayFS was officially introduced in Linux kernel version 3.18 .br .br Example: .br -$ firejail \-\-overlay-clean +$ firejail \-\-overlay-named=jail1 firefox + +.TP +\fB\-\-overlay-path=path +Mount a filesystem overlay on top of the current filesystem. Unlike the regular filesystem container, +the system directories are mounted read-write. All filesystem modifications go into the overlay. +The overlay is stored in the specified path. The created overlay can be reused between multiple sessions. +This option is not available on Grsecurity systems. +.br + +.br +OverlayFS support is required in Linux kernel for this option to work. +OverlayFS was officially introduced in Linux kernel version 3.18 +.br + +.br +Example: +.br +$ firejail \-\-overlay-path=~/jails/jail1 firefox .TP \fB\-\-overlay-tmpfs @@ -1033,6 +1059,16 @@ Example: .br $ firejail \-\-overlay-tmpfs firefox +.TP +\fB\-\-overlay-clean +Clean all overlays stored in $HOME/.firejail directory. +.br + +.br +Example: +.br +$ firejail \-\-overlay-clean + .TP \fB\-\-private Mount new /root and /home/user directories in temporary -- cgit v1.2.3-70-g09d2