From ce4a3231479a29aa3dff44722b15bc315f68141d Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Sun, 25 Aug 2019 20:11:24 +0300
Subject: Add further seccomp groups

Get further seccomp group definitions from systemd.
---
 src/man/firejail.txt | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'src/man/firejail.txt')

diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 86b76f58f..b0c12ee11 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1776,9 +1776,11 @@ vm86, vm86old, vmsplice and vserver.
 
 .br
 To help creating useful seccomp filters more easily, the following
-system call groups are defined: @clock, @cpu-emulation, @debug,
-@default, @default-nodebuggers, @default-keep, @module, @obsolete,
-@privileged, @raw-io, @reboot, @resources and @swap. In addition, a
+system call groups are defined: @aio, @basic-io, @chown, @clock,
+@cpu-emulation, @debug, @default, @default-nodebuggers, @default-keep,
+@file-system, @io-event, @ipc, @keyring, @memlock, @module, @mount,
+@network-io, @obsolete, @privileged, @process, @raw-io, @reboot,
+@resources, @setuid, @swap, @sync, @system-service and @timer. In addition, a
 system call can be specified by its number instead of name with prefix
 $, so for example $165 would be equal to mount on i386.
 
-- 
cgit v1.2.3-54-g00ecf