From d382f230ed46004d81b60b97ddc79380632688d1 Mon Sep 17 00:00:00 2001
From: Topi Miettinen <toiwoton@gmail.com>
Date: Sun, 6 Aug 2017 23:20:34 +0300
Subject: Seccomp: split @default into more meaningful smaller groups

---
 src/man/firejail.txt | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'src/man')

diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index a03556caf..bf18167b2 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1501,10 +1501,11 @@ ulimit, vhangup and vserver.
 
 .br
 To help creating useful seccomp filters more easily, the following
-system call groups are defined: @default, @default-nodebuggers and
-@default-keep. In addtion, a system call can be specified by its
-number instead of name with prefix $, so for example $165 would be
-equal to mount on i386.
+system call groups are defined: @clock, @cpu-emulation, @debug,
+@default, @default-nodebuggers, @default-keep, @module, @obsolete,
+@privileged, @raw-io, @reboot, @resources and @swap. In addtion, a
+system call can be specified by its number instead of name with prefix
+$, so for example $165 would be equal to mount on i386.
 
 .br
 System architecture is not strictly imposed. The filter is applied
-- 
cgit v1.2.3-70-g09d2