From 0ceb8eb9ec899da2dff8941e361911c994fe8ffd Mon Sep 17 00:00:00 2001 From: Alexander Larsson Date: Mon, 10 Jan 2022 13:29:44 +0100 Subject: [PATCH] manpages: Document the new details of --nofilesystem behaviour. (cherry picked from commit da3e12b319094158c2afa3df380bc45a7626928c) --- doc/flatpak-build-finish.xml | 7 +++++++ doc/flatpak-build.xml | 7 +++++++ doc/flatpak-override.xml | 7 +++++++ doc/flatpak-run.xml | 8 ++++++++ 4 files changed, 29 insertions(+) diff --git a/doc/flatpak-build-finish.xml b/doc/flatpak-build-finish.xml index 0627d0fb..ba6a95c9 100644 --- a/doc/flatpak-build-finish.xml +++ b/doc/flatpak-build-finish.xml @@ -249,6 +249,13 @@ xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. + + In general, "--nofilesystem=PATH" will remove access to a specific path if exactly that path + was previously granted. However, as a special case, "--nofilesystem=home" will remove access to all + previously granted locations inside the homedir as well, such as "home/some-dir", or "xdg-download", + and "--nofilesystem=host" will remove access to all previously granted locations. + Note: absolute paths that happen to be inside the current users home directory are not considered for + this special case. diff --git a/doc/flatpak-build.xml b/doc/flatpak-build.xml index 1bbf9a52..43344da1 100644 --- a/doc/flatpak-build.xml +++ b/doc/flatpak-build.xml @@ -243,6 +243,13 @@ xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. + + In general, "--nofilesystem=PATH" will remove access to a specific path if exactly that path + was previously granted. However, as a special case, "--nofilesystem=home" will remove access to all + previously granted locations inside the homedir as well, such as "home/some-dir", or "xdg-download", + and "--nofilesystem=host" will remove access to all previously granted locations. + Note: absolute paths that happen to be inside the current users home directory are not considered for + this special case. diff --git a/doc/flatpak-override.xml b/doc/flatpak-override.xml index 306026cb..2b4b24ae 100644 --- a/doc/flatpak-override.xml +++ b/doc/flatpak-override.xml @@ -226,6 +226,13 @@ xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. + + In general, "--nofilesystem=PATH" will remove access to a specific path if exactly that path + was previously granted. However, as a special case, "--nofilesystem=home" will remove access to all + previously granted locations inside the homedir as well, such as "home/some-dir", or "xdg-download", + and "--nofilesystem=host" will remove access to all previously granted locations. + Note: absolute paths that happen to be inside the current users home directory are not considered for + this special case. diff --git a/doc/flatpak-run.xml b/doc/flatpak-run.xml index 28e7f599..e7ba6a0e 100644 --- a/doc/flatpak-run.xml +++ b/doc/flatpak-run.xml @@ -373,7 +373,15 @@ xdg-music, xdg-pictures, xdg-public-share, xdg-templates, xdg-videos, an absolute path, or a homedir-relative path like ~/dir. This option can be used multiple times. + + In general, "--nofilesystem=PATH" will remove access to a specific path if exactly that path + was previously granted. However, as a special case, "--nofilesystem=home" will remove access to all + previously granted locations inside the homedir as well, such as "home/some-dir", or "xdg-download", + and "--nofilesystem=host" will remove access to all previously granted locations. + Note: absolute paths that happen to be inside the current users home directory are not considered for + this special case. +