diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2021-03-30 21:33:31 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-30 21:33:31 +0000 |
commit | 0991b70e737366bdc5c08caf7c984e842e811dc6 (patch) | |
tree | b6960debafddc819c19fa8e3be25307e20ca156f | |
parent | Fixes (man: allow rustup; Books -> gnome-books) (diff) | |
download | firejail-0991b70e737366bdc5c08caf7c984e842e811dc6.tar.gz firejail-0991b70e737366bdc5c08caf7c984e842e811dc6.tar.zst firejail-0991b70e737366bdc5c08caf7c984e842e811dc6.zip |
Recommend doing overrides in local apparmor dir
-rw-r--r-- | etc/apparmor/firejail-default | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/etc/apparmor/firejail-default b/etc/apparmor/firejail-default index 80d527e41..ca32f5b0d 100644 --- a/etc/apparmor/firejail-default +++ b/etc/apparmor/firejail-default | |||
@@ -84,7 +84,8 @@ owner /proc/@{PID}/clear_refs w, | |||
84 | 84 | ||
85 | ########## | 85 | ########## |
86 | # Allow running programs only from well-known system directories. If you need | 86 | # Allow running programs only from well-known system directories. If you need |
87 | # to run programs from your home directory, uncomment /home line. | 87 | # to run programs from your home directory, add "/{,run/firejail/mnt/oroot/}home/** ix," |
88 | # or similar to /etc/apparmor.d/local/firejail-default (without the quotes). | ||
88 | ########## | 89 | ########## |
89 | /{,run/firejail/mnt/oroot/}{,usr/,usr/local/}bin/** ix, | 90 | /{,run/firejail/mnt/oroot/}{,usr/,usr/local/}bin/** ix, |
90 | /{,run/firejail/mnt/oroot/}{,usr/,usr/local/}sbin/** ix, | 91 | /{,run/firejail/mnt/oroot/}{,usr/,usr/local/}sbin/** ix, |