From 3d84845f859cd3d200eb92a1308dfda7e1374fec Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sat, 4 May 2019 22:41:41 +0200
Subject: update man pages (private-dev, noexec)

---
 src/man/firejail-profile.txt | 5 +++--
 src/man/firejail.txt         | 6 +++---
 2 files changed, 6 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 20b547355..703fac30f 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -259,8 +259,9 @@ Build a new /bin in a temporary filesystem, and copy the programs in the list.
 The same directory is also bind-mounted over /sbin, /usr/bin and /usr/sbin.
 .TP
 \fBprivate-dev
-Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx,
-random, snd, urandom, video, log and shm devices are available.
+Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx,
+random, snd, urandom, video, log, shm and usb devices are available.
+Use the options no3d, nodvd, nosound, notv, nou2f and novideo for additional restrictions.
 .TP
 \fBkeep-dev-shm
 /dev/shm directory is untouched (even with private-dev).
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index eed98710b..1b56dedcd 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1137,8 +1137,7 @@ $ firejail \-\-noexec=/tmp
 .br
 
 .br
-/etc and /var are noexec by default if the sandbox was started as a regular user. If there are more than one mount operation
-on the path of the file or directory, noexec should be applied to the last one. Always check if the change took effect inside the sandbox.
+/etc and /var are noexec by default if the sandbox was started as a regular user.
 
 .TP
 \fB\-\-nogroups
@@ -1424,7 +1423,8 @@ $ firejail \-\-private-cache openbox
 
 .TP
 \fB\-\-private-dev
-Create a new /dev directory. Only disc, dri, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log and shm devices are available.
+Create a new /dev directory. Only disc, dri, dvb, hidraw, null, full, zero, tty, pts, ptmx, random, snd, urandom, video, log, shm and usb devices are available.
+Use the options --no3d, --nodvd, --nosound, --notv, --nou2f and --novideo for additional restrictions.
 .br
 
 .br
-- 
cgit v1.2.3-54-g00ecf