[GH-ISSUE #2252] More complete documentation for -c option #1509

New issue

Closed

opened 2026-05-05 08:10:23 -06:00 by gitea-mirror · 2 comments

gitea-mirror commented

2026-05-05 08:10:23 -06:00

Owner

Originally created by @crass on GitHub (Nov 8, 2018).
Original GitHub issue: https://github.com/netblue30/firejail/issues/2252

The documentation for the -c option for firejail should be more detailed. Its not clear to me why I would use it. The manpage says Execute command and exit., which isn't helpful because that's what I would expect firejail to do by default. Knowing a bit more about firejail, I might expect that it means the firejailed process is forked and the monitor process exits straight away, instead of waiting for the child process to terminate. However, upon reviewing the code this doesn't seem to be accurate either.

As far as I can tell by looking at arg_command usage, the -c switch just turns off some extra/debug messages. So what was/is the intent of this option? If I've estimated it correctly, then it should be renamed and the documentation should be more accurate/descriptive. Anyone have ideas about this?

Originally created by @crass on GitHub (Nov 8, 2018). Original GitHub issue: https://github.com/netblue30/firejail/issues/2252 The documentation for the `-c` option for firejail should be more detailed. Its not clear to me why I would use it. The manpage says `Execute command and exit.`, which isn't helpful because that's what I would expect firejail to do by default. Knowing a bit more about firejail, I might expect that it means the firejailed process is forked and the monitor process exits straight away, instead of waiting for the child process to terminate. However, upon reviewing the code this doesn't seem to be accurate either. As far as I can tell by looking at `arg_command` usage, the `-c` switch just turns off some extra/debug messages. So what was/is the intent of this option? If I've estimated it correctly, then it should be renamed and the documentation should be more accurate/descriptive. Anyone have ideas about this?

gitea-mirror

2026-05-05 08:10:23 -06:00

closed this issue
added the
enhancement
label

gitea-mirror commented

2026-05-05 08:10:26 -06:00

Author

Owner

@netblue30 commented on GitHub (Nov 9, 2018):

-c is a standard option for shells (bash, dash, etc), it is usually inserted on the command line by some of the login programs. You can use firejail as a restricted login shell (see man firejail-login) from a ssh or telnet server for example. There could be some other login applications,

I'll take a look at the code and clean some of it up. The code has been that way since forever.

@netblue30 commented on GitHub (Nov 9, 2018): -c is a standard option for shells (bash, dash, etc), it is usually inserted on the command line by some of the login programs. You can use firejail as a restricted login shell (see man firejail-login) from a ssh or telnet server for example. There could be some other login applications, I'll take a look at the code and clean some of it up. The code has been that way since forever.

gitea-mirror commented

2026-05-05 08:10:28 -06:00

Author

Owner

@crass commented on GitHub (Nov 9, 2018):

Ahh, ok, makes sense. I don't have any issue with the code per se, just didn't see its purpose. The documentation should include these details.

@crass commented on GitHub (Nov 9, 2018): Ahh, ok, makes sense. I don't have any issue with the code per se, just didn't see its purpose. The documentation should include these details.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#1509

No description provided.

Rows
Columns