From 5b3f207558cb12a2ac15bded2c70214ffeb3a8fd Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 4 Mar 2016 20:25:29 -0500 Subject: documentation --- src/man/firejail.txt | 41 +++++++++++++++++------------------------ 1 file changed, 17 insertions(+), 24 deletions(-) (limited to 'src/man') diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 3a9b41330..56a768614 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt @@ -11,7 +11,7 @@ firejail [OPTIONS] [program and arguments] Network traffic shaping for an existing sandbox: .PP .RS -firejail \-\-bandwidth={|} bandwidth-command +firejail \-\-bandwidth={name|pid} bandwidth-command .RE .PP Monitoring: @@ -68,20 +68,8 @@ $ firejail [OPTIONS] firefox # starting Mozilla Firefox \fB\-\- Signal the end of options and disables further option processing. .TP -\fB\-\-bandwidth=name -Set bandwidth limits for the sandbox identified by name, see \fBTRAFFIC SHAPING\fR section for more details. -.TP -\fB\-\-bandwidth=pid -Set bandwidth limits for the sandbox identified by PID, see \fBTRAFFIC SHAPING\fR section for more details. -.TP -\fB\-\-bind=dirname1,dirname2 -Mount-bind dirname1 on top of dirname2. This option is only available when running the sandbox as root. -.br - -.br -Example: -.br -# firejail \-\-bind=/config/www,/var/www +\fB\-\-bandwidth=name|pid +Set bandwidth limits for the sandbox identified by name or PID, see \fBTRAFFIC SHAPING\fR section for more details. .TP \fB\-\-bind=filename1,filename2 Mount-bind filename1 on top of filename2. This option is only available when running as root. @@ -104,6 +92,8 @@ $ firejail \-\-blacklist=/sbin \-\-blacklist=/usr/sbin $ firejail \-\-blacklist=~/.mozilla .br $ firejail "\-\-blacklist=/home/username/My Virtual Machines" +.br +$ firejail \-\-blacklist=/home/username/My\\ Virtual\\ Machines .TP \fB\-c Execute command and exit. @@ -1699,7 +1689,7 @@ Additional arguments passed to firejail executable upon login are declared in /e .SH EXAMPLES .TP \f\firejail -Start a regular /bin/bash session in sandbox. +Sandbox a regular /bin/bash session. .TP \f\firejail firefox Start Mozilla Firefox. @@ -1707,17 +1697,20 @@ Start Mozilla Firefox. \f\firejail \-\-debug firefox Debug Firefox sandbox. .TP -\f\firejail \-\-private -Start a /bin/bash session with a new tmpfs home directory. +\f\firejail \-\-private firefox +Start Firefox with a new, empty home directory. +.TP +\f\firejail --net=none vlc +Start VLC in an unconnected network namespace. .TP -\f\firejail \-\-net=br0 ip=10.10.20.10 -Start a /bin/bash session in a new network namespace. The session is -connected to the main network using br0 bridge device. An IP address -of 10.10.20.10 is assigned to the sandbox. +\f\firejail \-\-net=eth0 firefox +Start Firefox in a new network namespace. An IP address is +assigned automatically. .TP -\f\firejail \-\-net=br0 \-\-net=br1 \-\-net=br2 +\f\firejail \-\-net=br0 \-\-ip=10.10.20.5 \-\-net=br1 \-\-net=br2 Start a /bin/bash session in a new network namespace and connect it -to br0, br1, and br2 host bridge devices. +to br0, br1, and br2 host bridge devices. IP addresses are assigned +automatically for the interfaces connected to br1 and b2 .TP \f\firejail \-\-list List all sandboxed processes. -- cgit v1.2.3-70-g09d2