Friendlier README for non-kernel geeks

netblue30 · Oct 29, 2024 · 4cf70c2 · 4cf70c2
1 parent b2be487
commit 4cf70c2
Showing 1 changed file with 20 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -10,13 +10,16 @@
 [![Codespell](https://github.com/netblue30/firejail/workflows/Codespell/badge.svg)](https://github.com/netblue30/firejail/actions?query=workflow%3ACodespell)
 [![Packaging status (Repology)](https://repology.org/badge/tiny-repos/firejail.svg)](https://repology.org/project/firejail/versions)
 
-Firejail is a SUID sandbox program that reduces the risk of security breaches
-by restricting the running environment of untrusted applications using Linux
-namespaces, seccomp-bpf and Linux capabilities.  It allows a process and all
-its descendants to have their own private view of the globally shared kernel
+Firejail is a lightweight security tool that helps protect your Linux system
+by creating a restricted environment for running untrusted applications.
+
+A SUID sandbox program, Firejail reduces the risk of security breaches by using
+Linux namespaces, seccomp-bpf and Linux capabilities.  It allows a process and
+all its descendants to have their own private view of the globally shared kernel
 resources, such as the network stack, process table, mount table.  Firejail can
-work in a SELinux or AppArmor environment, and it is integrated with Linux
-Control Groups.
+work in a SELinux (default in in Red Hat, CentOS, and Fedora-based distros) or
+AppArmor (default in Ubuntu, Debian, SUSE) environment, and it is integrated
+with Linux Control Groups.
 
 Written in C with virtually no dependencies, the software runs on any Linux
 computer with a 3.x kernel version or newer.  It can sandbox any type of
@@ -148,22 +151,29 @@ The version can be checked with `firejail --version` after installing.
 You can also install one of the [released
 packages](https://github.com/netblue30/firejail/releases).
 
-Or clone the source code from our git repository and build manually:
+### Compiling from source
+
+You can also clone the source code from our git repository and build manually:
 
 ```sh
 git clone https://github.com/netblue30/firejail.git
 cd firejail
 ./configure && make && sudo make install-strip
 ```
 
-On Debian/Ubuntu you will need to install git and gcc.  AppArmor development
-libraries and pkg-config are required when using the `--enable-apparmor`
-./configure option:
+On Debian/Ubuntu you will need to install git and gcc.
+
+#### AppArmor (Ubuntu, Debian, SUSE-based distros)
+
+AppArmor development libraries and pkg-config are required when using
+the `--enable-apparmor` ./configure option:
 
 ```sh
 sudo apt-get install git build-essential libapparmor-dev pkg-config gawk
 ```
 
+#### SELinux (Red Hat, CentOS, Fedora-based distros)
+
 For `--selinux` option, add libselinux1-dev (libselinux-devel for Fedora).
 
 Detailed information on using firejail from git is available on the