NAME | DESCRIPTION | ALTERNATIVE SOLUTION | FILES | LICENSE | SEE ALSO | COLOPHON

FIREJAIL-USERS(5)          firejail.users man page         FIREJAIL-USERS(5)

NAME         top

       firejail.users - Firejail user access database

DESCRIPTION         top

       /etc/firejail/firejail.users lists the users allowed to run firejail
       SUID executable.  root user is allowed by default, user nobody is
       never allowed.

       If the user is not allowed to start the sandbox, Firejail will
       attempt to run the program without sandboxing it.

       If the file is not present in the system, all users are allowed to
       use the sandbox.

       Example:

            $ cat /etc/firejail/firejail.users
            dustin
            lucas
            mike
            eleven

       Use a text editor to add or remove users from the list. You can also
       use firecfg --add-users command. Example:

            $ sudo firecfg --add-users dustin lucas mike eleven

       By default, running firecfg creates the file and adds the current
       user to the list. Example:

            $ sudo firecfg

       See man 1 firecfg for details.

ALTERNATIVE SOLUTION         top

       An alternative way of restricting user access to firejail executable
       is to create a special firejail user group and allow only users in
       this group to run the sandbox:

            # addgroup firejail
            # chown root:firejail /usr/bin/firejail
            # chmod 4750 /usr/bin/firejail

FILES         top

       /etc/firejail/firejail.users

LICENSE         top

       Firejail is free software; you can redistribute it and/or modify it
       under the terms of the GNU General Public License as published by the
       Free Software Foundation; either version 2 of the License, or (at
       your option) any later version.

       Homepage: https://firejail.wordpress.com

SEE ALSO         top

       firejail(1), firemon(1), firecfg(1), firejail-profile(5) firejail-
       login(5)

COLOPHON         top

       This page is part of the Firejail (Firejail security sandbox)
       project.  Information about the project can be found at 
       ⟨https://firejail.wordpress.com⟩.  If you have a bug report for this
       manual page, see ⟨https://firejail.wordpress.com/support/⟩.  This
       page was obtained from the project's upstream Git repository
       ⟨https://github.com/netblue30/firejail.git⟩ on 2018-10-29.  (At that
       time, the date of the most recent commit that was found in the repos‐
       itory was 2018-10-28.)  If you discover any rendering problems in
       this HTML version of the page, or you believe there is a better or
       more up-to-date source for the page, or you have corrections or
       improvements to the information in this COLOPHON (which is not part
       of the original manual page), send a mail to man-pages@man7.org

0.9.57                            Oct 2018                 FIREJAIL-USERS(5)