программа-песочница для пространств имен Linux (Linux namespaces sandbox program)
Ограниченная оболочка (Restricted shell)
To configure a restricted shell, replace /bin/bash with
/usr/bin/firejail in /etc/passwd file for each user that needs to
be restricted. Alternatively, you can specify /usr/bin/firejail
in adduser command:
adduser --shell /usr/bin/firejail username
Additional arguments passed to firejail executable upon login are
declared in /etc/firejail/login.users file.
