From 7c254e3251aa002972af3b379f71b6b49b7f5119 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sat, 26 Sep 2015 10:54:28 -0400
Subject: seccomp.errno manpage example

---
 src/man/firejail.txt | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'src/man/firejail.txt')

diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 3f22a1d2a..899005434 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -850,9 +850,22 @@ Enable seccomp filter, and return errno for the syscalls specified by the comman
 .br
 
 .br
-Example:
+Example: a Bash shell where deleting files is disabled
+.br
+
+.br
+$ firejail --seccomp.eperm=unlinkat
+.br
+Parent pid 10662, child pid 10663
 .br
-$ firejail \-\-shell=none \-\-seccomp.einval=kill kill 1
+Child process initialized
+.br
+$ touch testfile
+.br
+$ rm testfile
+.br
+rm: cannot remove `testfile': Operation not permitted
+
 .TP
 \fB\-\-seccomp.print=name
 Print the seccomp filter for the sandbox started using \-\-name option.
-- 
cgit v1.2.3-70-g09d2