From feef6071a94431808463a9476c87d32a16510e86 Mon Sep 17 00:00:00 2001
From: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
Date: Mon, 11 Apr 2022 19:01:48 +0200
Subject: Add --share-net & --json-status-fd to the manpage
Fixes #469
Fixes #499
Signed-off-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
---
bwrap.xml | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/bwrap.xml b/bwrap.xml
index 4768175..2baec5d 100644
--- a/bwrap.xml
+++ b/bwrap.xml
@@ -130,6 +130,10 @@
Unshare all possible namespaces. Currently equivalent with:
+
+
+ Retain the network namespace, overriding an earlier or
+ Use an existing user namespace instead of creating a new one. The namespace must fulfil the permission requirements for setns(), which generally means that it must be a descendant of the currently active user namespace, owned by the same user.
@@ -381,6 +385,28 @@
Write information in JSON format about the sandbox to FD.
+
+
+
+ Multiple JSON documents are written to FD,
+ one per line ("JSON lines" format).
+ Each line is a single JSON object.
+ After bwrap has started the child process inside the sandbox,
+ it writes an object with a child-pid member to the
+ (this duplicates the older ).
+ The corresponding value is the process ID of the child process in the pid namespace from
+ which bwrap was run.
+ If available, the namespace IDs are also included in the object with the child-pid;
+ again, this duplicates the older .
+ When the child process inside the sandbox exits, bwrap writes an object
+ with an exit-code member, and then closes the . The value
+ corresponding to exit-code is the exit status of the child, in the usual
+ shell encoding (n if it exited normally with status n, or 128+n if it was killed by signal n).
+ Other members may be added to those objects in future versions of bwrap,
+ and other JSON objects may be added before or after the current objects, so readers must
+ ignore members and objects that they do not understand.
+
+
--
cgit v1.2.1