программа-песочница для пространств имен Linux (Linux namespaces sandbox program)
FILE TRANSFER
These features allow the user to inspect the filesystem container
of an existing sandbox and transfer files between the container
and the host filesystem.
--cat=name|pid filename
Write content of a container file to standard out. The
container is specified by name or PID. If standard out is
a terminal, all ASCII control characters except new line
and horizontal tab are replaced.
--get=name|pid filename
Retrieve the container file and store it on the host in
the current working directory. The container is specified
by name or PID.
--ls=name|pid dir_or_filename
List container files. The container is specified by name
or PID.
--put=name|pid src-filename dest-filename
Put src-filename in sandbox container. The container is
specified by name or PID.
Examples:
$ firejail --name=mybrowser --private firefox
$ firejail --ls=mybrowser ~/Downloads
drwxr-xr-x netblue netblue 4096 .
drwxr-xr-x netblue netblue 4096 ..
-rw-r--r-- netblue netblue 7847 x11-x305.png
-rw-r--r-- netblue netblue 6800 x11-x642.png
-rw-r--r-- netblue netblue 34139 xpra-
clipboard.png
$ firejail --get=mybrowser ~/Downloads/xpra-clipboard.png
$ firejail --put=mybrowser xpra-clipboard.png
~/Downloads/xpra-clipboard.png
$ firejail --cat=mybrowser ~/.bashrc
