From 99a9f8d680ea5a613506d5f0a1804bf97a5d69f3 Mon Sep 17 00:00:00 2001
From: Austin Morton <austinpmorton@gmail.com>
Date: Mon, 20 May 2019 19:44:40 -0400
Subject: Add private-cwd option to control working directory within jail

---
 src/man/firejail-profile.txt |  6 ++++++
 src/man/firejail.txt         | 42 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 48 insertions(+)

(limited to 'src/man')

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 703fac30f..23007725a 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -288,6 +288,12 @@ All modifications are discarded when the sandbox is closed.
 \fBprivate-tmp
 Mount an empty temporary filesystem on top of /tmp directory whitelisting /tmp/.X11-unix.
 .TP
+\fBprivate-cwd
+Set working directory inside jail to the home directory, and failing that, the root directory.
+.TP
+\fBprivate-cwd directory
+Set working directory inside the jail.
+.TP
 \fBread-only file_or_directory
 Make directory or file read-only.
 .TP
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index e6826448b..1fa2a6546 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1568,6 +1568,48 @@ drwx------  2 nobody nogroup 4096 Apr 30 10:52 pulse-PKdhtXMmr18n
 drwxrwxrwt  2 nobody nogroup 4096 Apr 30 10:52 .X11-unix
 .br
 
+.TP
+\fB\-\-private-cwd
+Set working directory inside jail to the home directory, and failing that, the root directory.
+.br
+Does not impact working directory of profile include paths.
+.br
+
+.br
+Example:
+.br
+$ pwd
+.br
+/tmp
+.br
+$ firejail \-\-private-cwd
+.br
+$ pwd
+.br
+/home/user
+.br
+
+.TP
+\fB\-\-private-cwd=directory
+Set working directory inside the jail.
+.br
+Does not impact working directory of profile include paths.
+.br
+
+.br
+Example:
+.br
+$ pwd
+.br
+/tmp
+.br
+$ firejail \-\-private-cwd=/opt
+.br
+$ pwd
+.br
+/opt
+.br
+
 
 .TP
 \fB\-\-profile=filename_or_profilename
-- 
cgit v1.2.3-54-g00ecf