From e8685de73159e005a84d3e756767c6d2db943e2e Mon Sep 17 00:00:00 2001
From: startx2017 <vradu.startx@yandex.com>
Date: Tue, 24 Oct 2017 12:41:42 -0400
Subject: implemented --rlimit-cpu - set max CPU time for processes running in
 the sandbox; for issue #1614, more to come...

---
 src/man/firejail-profile.txt | 3 +++
 src/man/firejail.txt         | 9 +++++++++
 2 files changed, 12 insertions(+)

(limited to 'src/man')

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 185420ba4..808fc7440 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -385,6 +385,9 @@ Examples:
 \fBrlimit-as 123456789012
 Set he maximum size of the process's virtual memory to 123456789012 bytes.
 .TP
+\fBrlimit-cpu 123
+Set he maximum CPU time in seconds.
+.TP
 \fBrlimit-fsize 1024
 Set the maximum file size that can be created by a process to 1024 bytes.
 .TP
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 2303a8bbd..d2e04675d 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1546,6 +1546,15 @@ $ firejail --read-only=~/test --read-write=~/test/a
 \fB\-\-rlimit-as=number
 Set the maximum size of the process's virtual memory (address space) in bytes.
 
+.TP
+\fB\-\-rlimit-cpu=number
+Set the maximum limit, in seconds, for the amount of CPU time each
+sandboxed process  can consume. When the limit is reached, the processes are killed.
+
+The CPU limit is a limit on CPU seconds rather than elapsed time. CPU seconds is basically how many seconds
+the CPU has been in use and does not necessarily directly relate to the elapsed time. Linux kernel keeps
+track of CPU seconds for each process independently.
+
 .TP
 \fB\-\-rlimit-fsize=number
 Set the maximum file size that can be created by a process.
-- 
cgit v1.2.3-54-g00ecf