Documentation for less technical users #4049
Comments
Having an additional explanation using simpler terms would be nice.
Yes, this is a rather key feature of firejail and would be nice to have it
Agreed.
(Possible duplicate of #2729) To me it is important to have the documentation promptly available in the
Since it's the version from GNU's coreutils (or "findutils" in this case), the mandoc also supports all of the items. Examples from its own mdoc-written Note that this website is not official/released yet, and that the progress is I don't know how the roff to markdown conversion was done, but using groff $ zcat /usr/share/man/man5/firejail-users.5.gz |
groff -T html >firejail-users.5_groff.htmlIt has a non-monospaced font and formatting, but it does not appear to be $ zcat /usr/share/man/man5/firejail-profile.5.gz |
groff -T html >firejail-profile.5_groff.htmlI suspect that it may be due to an unproperly-formatted source. In that case, Additionally, another option would be pandoc: $ zcat /usr/share/man/man5/firejail-users.5.gz |
pandoc -T html >firejail-users.5_pandoc.html
[WARNING] This document format requires a nonempty <title> element.
Defaulting to '-' as the title.
To specify a title, use 'title' in metadata or --metadata title="...".It's HTML5 and it at least has this (for mobile friendliness, etc): <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />Though it appears to miss/ignore some elements and I'm not sure if it's due to |
are used by every (user-space) sandbox program for Linux (firejail, bubblewrap, minijail, ...). So the info is that what a technical user would expect.
👍 👍
If did some research and testing for man-pages written in something more comfortable then (g)roff in the lat weeks, if we want, we can also switch to md/rst/ronn/pod/... as source and then convert it to groff/html/latex/...
Related: #2977 |
|
Thanks for addressing my suggestions, related question: where does the documentation for the Features page live? I found a typo there ("Located in /etc/firejal directory") but I don't know where to submit a PR. |
On wordpress
Not possible ATM you need to ping @netblue30 so he can update that page, read #2713 (comment). |
|
@tredondo - just put it here in the discussion and I'll move it on wordpress. You will probably find a lot of them, most of us here are not native Engilsh speakers. Thanks. |
|
@netblue30 it's already here, /etc/firejal misses a i. |
|
I got it, thanks! |
rusty-snake
added
documentation
I came back to firejail after half a year, and still have absolutely no idea wtf seccomp-bpf is :) And the README still starts with that gibberish. |
|
Back to firejail after 3 years and it's still cryptic. Maybe the core team doesn't care about attracting more users? Maybe they just need a reminder? Here's a practical one: briefly explain in the README what the deal is with AppArmor vs. SELinux. Users may think it's another security layer/module they can compile support for, and waste time installing libraries to compile support for it, when it may not be supported by their OS. Seeing the little traction this issue has received, I went ahead and edited the README - #6524. Feel free to fix the obvious mistakes I probably made. |
Make the README.md introduction friendlier for non-kernel geeks and clarify the build section. Relates to netblue30#4049.
Make the introduction friendlier for non-kernel geeks and clarify the build section. Relates to netblue30#4049.
Make the introduction friendlier for non-kernel geeks and clarify the build section. Relates to #4049.
I'm a semi-technical user and on one hand,
firejailis pretty easy to use, so it should appeal to many users, but on the other, it uses some very technical terms right from the start, that may turn users off.About/README
The "About" of this repo for example, is "Linux namespaces and seccomp-bpf sandbox". I have no idea what those are, esp. seccomp. This might scare off some users. Maybe a more general description would be better (e.g. "Firejail - sandbox console or graphical Linux applications"), followed by details in the README?
As a non-technical user, I would much rather see "per-directory access control to the filesystem", but I don't see that in the first 3 paragraphs of the README. "Mount tables" sounds vaguely like that, but that's an implementation detail, rather than a user-facing feature.
A "Features" section would be great. I really think that listing firejail's features at the top of the README could bring many more users to it, and the technical implementation details (whatever
seccomp-bpfmeans) can follow underneath.Documentation
The documentation is formatted as a man page. This is fine in the terminal, but on the web, this has a few problems:
manformat)Examples
After some Googling, looks like
netfiltercan indeed be used to implement firewalling. This is IMO the most common networking profile restriction that a user would want. For example, an application should only be allowed to access a given host, and nothing else. Far more common thanmtuor setting a differenthostnamefor the sandbox. So an example for that would really help.The text was updated successfully, but these errors were encountered: