синтаксис файла профиля безопасности и информация о создании новых профилей приложений (Security profile file syntax, and information about building new application profiles.)
Синопсис (Synopsis)
Using a specific profile:
firejail --profile=filename.profile
Example:
$ firejail --profile=/etc/firejail/kdenlive.profile
--appimage kdenlive.appimage
firejail --profile=profile_name
Example:
$ firejail --profile=kdenlive --appimage
kdenlive.appimage
Building a profile manually:
Start with the template in
/usr/share/doc/firejail/profile.template and modify it in
a text editor. To integrate the program in your desktop
environment copy the profile file in ~/.config/firejail
directory and run "sudo firecfg".
Aliases and redirections:
In some cases the same profile can be used for several
applications. One such example is LibreOffice. Build a
regular profile for the main application, and for the rest
use /usr/share/doc/firejail/redirect_alias-
profile.template.
Running the profile builder:
firejail --build=appname.profile appname
Example:
$ firejail --build=blobby.profile blobby
Run the program in "firejail --build" and try to
exercise as many program features as possible. The
profile is extracted and saved in the current
directory. Open it in a text editor and add or
remove sandboxing options as necessary. Test again
after modifying the profile. To integrate the
program in your desktop environment copy the
profile file in ~/.config/firejail directory and
run "sudo firecfg".
