From 45306ca2adbe0ccfd655ac356cd7a989706a06a1 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 21 Aug 2016 20:37:54 -0400
Subject: fixed whitelist description in man pages

---
 src/man/firejail-profile.txt | 12 +++++++++---
 src/man/firejail.txt         | 14 ++++++++++----
 2 files changed, 19 insertions(+), 7 deletions(-)

(limited to 'src/man')

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 637519902..52802755f 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -198,9 +198,15 @@ Mount an empty tmpfs filesystem on top of directory. This option is available on
 Blacklist violations logged to syslog.
 .TP
 \fBwhitelist file_or_directory
-Build a new user home in a temporary filesystem, and mount-bind file_or_directory.
-The modifications to file_or_directory are persistent, everything else is discarded
-when the sandbox is closed.
+Whitelist directory or file. A temporary file system is mounted on the top directory, and the
+whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent,
+everything else is discarded when the sandbox is closed. The top directory could be 
+user home, /dev, /media, /opt, /var, and /tmp.
+.br
+
+.br
+Symbolic link handling: with the exception of user home, both the link and the real file should be in
+the same top directory. For user home, both the link and the real file should be owned by the user.
 .TP
 \fBwritable-etc
 Mount /etc directory read-write.
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 732d14624..d08b244f7 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1587,9 +1587,15 @@ $ firejail \-\-version
 firejail version 0.9.27
 .TP
 \fB\-\-whitelist=dirname_or_filename
-Whitelist directory or file. This feature is implemented only for user home, /dev, /media, /opt, /var, and /tmp directories.
-With the exception of user home, both the link and the real file should be in
-the same top directory. For /home, both the link and the real file should be owned by the user.
+Whitelist directory or file. A temporary file system is mounted on the top directory, and the
+whitelisted files are mount-binded inside. Modifications to whitelisted files are persistent,
+everything else is discarded when the sandbox is closed. The top directory could be 
+user home, /dev, /media, /opt, /var, and /tmp.
+.br
+
+.br
+Symbolic link handling: with the exception of user home, both the link and the real file should be in
+the same top directory. For user home, both the link and the real file should be owned by the user.
 .br
 
 .br
@@ -1630,7 +1636,7 @@ applications started in the sandbox from accessing other X11 displays.
 A network namespace needs to be instantiated in order to deny access to X11 abstract Unix domain socket.
 .br
 
-.br
+br
 Firejail will try first Xpra, and if Xpra is not installed on the system, it will try to find Xephyr.
 This feature is not available when running as root. 
 .br
-- 
cgit v1.2.3-54-g00ecf