Путеводитель по Руководству Linux

  User  |  Syst  |  Libr  |  Device  |  Files  |  Other  |  Admin  |  Head  |



   profile    ( 5 )

синтаксис файла профиля безопасности и информация о создании новых профилей приложений (Security profile file syntax, and information about building new application profiles.)

Описание (Description)

Several command line options can be passed to the program using
       profile files. Firejail chooses the profile file as follows:

1. If a profile file is provided by the user with --profile option, the profile file is loaded. If a profile name is given, it is searched for first in the ~/.config/firejail directory and if not found then in /etc/firejail directory. Profile names do not include the .profile suffix. Example:

$ firejail --profile=/home/netblue/icecat.profile icecat Reading profile /home/netblue/icecat.profile [...]

$ firejail --profile=icecat icecat-wrapper.sh Reading profile /etc/firejail/icecat.profile [...]

2. If a profile file with the same name as the application is present in ~/.config/firejail directory or in /etc/firejail, the profile is loaded. ~/.config/firejail takes precedence over /etc/firejail. Example:

$ firejail icecat Command name #icecat# Found icecat profile in /home/netblue/.config/firejail directory Reading profile /home/netblue/.config/firejail/icecat.profile [...]

3. Use a default.profile file if the sandbox is started by a regular user, or a server.profile file if the sandbox is started by root. Firejail looks for these files in ~/.config/firejail directory, followed by /etc/firejail directory. To disable default profile loading, use --noprofile command option. Example:

$ firejail Reading profile /etc/firejail/default.profile Parent pid 8553, child pid 8554 Child process initialized [...]

$ firejail --noprofile Parent pid 8553, child pid 8554 Child process initialized [...]