From 3a8649e37789151f235c5f01e846b7228bac402b Mon Sep 17 00:00:00 2001 From: root Date: Tue, 26 Jan 2016 08:38:54 -0500 Subject: --private-tmp --- src/man/firejail-profile.txt | 9 ++++++--- src/man/firejail.txt | 11 +++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) (limited to 'src/man') diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 2f17c3088..90c59d753 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt @@ -139,13 +139,13 @@ Mount new /root and /home/user directories in temporary filesystems. All modifications are discarded when the sandbox is closed. .TP +\fBprivate directory +Use directory as user home. +.TP \fBprivate-bin file,file Build a new /bin in a temporary filesystem, and copy the programs in the list. The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin. .TP -\fBprivate directory -Use directory as user home. -.TP \fBprivate-home file,directory Build a new user home in a temporary filesystem, and copy the files and directories in the list in the @@ -160,6 +160,9 @@ Build a new /etc in a temporary filesystem, and copy the files and directories in the list. All modifications are discarded when the sandbox is closed. .TP +\fBprivate-tmp +Mount an empty temporary filesystem on top of /tmp directory. +.TP \fBwhitelist file_or_directory Build a new user home in a temporary filesystem, and mount-bind file_or_directory. The modifications to file_or_directory are persistent, everything else is discarded diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 43572bb4b..877ee0ce5 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt @@ -1004,6 +1004,17 @@ Example: $ firejail --private-etc=group,hostname,localtime, \\ .br nsswitch.conf,passwd,resolv.conf + +.TP +\fB\-\-private-tmp +Mount an empty temporary filesystem on top of /tmp directory. +.br + +.br +Example: +.br +$ firejail \-\-private-tmp + .TP \fB\-\-profile=filename Load a custom security profile from filename. For filename use an absolute path or a path relative to the current path. -- cgit v1.2.3-54-g00ecf