diff options
author | netblue30 <netblue30@yahoo.com> | 2015-10-28 13:52:29 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-10-28 13:52:29 -0400 |
commit | 3db72d37537c84e86f3a32c325f27030c6fa4238 (patch) | |
tree | 2a52bae8c0ad37d5b3544a6b25cce0eaf3c4919b | |
parent | protocol testing (diff) | |
download | firejail-3db72d37537c84e86f3a32c325f27030c6fa4238.tar.gz firejail-3db72d37537c84e86f3a32c325f27030c6fa4238.tar.zst firejail-3db72d37537c84e86f3a32c325f27030c6fa4238.zip |
enable --protocol by default in profiles
-rw-r--r-- | etc/audacious.profile | 1 | ||||
-rw-r--r-- | etc/clementine.profile | 1 | ||||
-rw-r--r-- | etc/deadbeef.profile | 1 | ||||
-rw-r--r-- | etc/deluge.profile | 1 | ||||
-rw-r--r-- | etc/dropbox.profile | 1 | ||||
-rw-r--r-- | etc/empathy.profile | 1 | ||||
-rw-r--r-- | etc/evince.profile | 1 | ||||
-rw-r--r-- | etc/fbreader.profile | 1 | ||||
-rw-r--r-- | etc/filezilla.profile | 1 | ||||
-rw-r--r-- | etc/firefox.profile | 1 | ||||
-rw-r--r-- | etc/generic.profile | 1 | ||||
-rw-r--r-- | etc/gnome-mplayer.profile | 1 | ||||
-rw-r--r-- | etc/midori.profile | 1 | ||||
-rw-r--r-- | etc/opera.profile | 1 | ||||
-rw-r--r-- | etc/pidgin.profile | 1 | ||||
-rw-r--r-- | etc/qbittorrent.profile | 1 | ||||
-rw-r--r-- | etc/quassel.profile | 1 | ||||
-rw-r--r-- | etc/rhythmbox.profile | 1 | ||||
-rw-r--r-- | etc/skype.profile | 1 | ||||
-rw-r--r-- | etc/spotify.profile | 1 | ||||
-rw-r--r-- | etc/steam.profile | 1 | ||||
-rw-r--r-- | etc/thunderbird.profile | 1 | ||||
-rw-r--r-- | etc/totem.profile | 1 | ||||
-rw-r--r-- | etc/transmission-gtk.profile | 1 | ||||
-rw-r--r-- | etc/transmission-qt.profile | 1 | ||||
-rw-r--r-- | etc/vlc.profile | 1 | ||||
-rw-r--r-- | etc/xchat.profile | 1 | ||||
-rwxr-xr-x | test/net_mtu.exp | 2 |
28 files changed, 27 insertions, 2 deletions
diff --git a/etc/audacious.profile b/etc/audacious.profile index a55398648..19d735c32 100644 --- a/etc/audacious.profile +++ b/etc/audacious.profile | |||
@@ -10,5 +10,6 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
14 | 15 | ||
diff --git a/etc/clementine.profile b/etc/clementine.profile index 779eb902b..3cec2b1d8 100644 --- a/etc/clementine.profile +++ b/etc/clementine.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index a64968a7e..3267fd83e 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile | |||
@@ -10,5 +10,6 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
14 | 15 | ||
diff --git a/etc/deluge.profile b/etc/deluge.profile index 3e499bbf4..7d4fb55f5 100644 --- a/etc/deluge.profile +++ b/etc/deluge.profile | |||
@@ -10,6 +10,7 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | netfilter | 14 | netfilter |
14 | noroot | 15 | noroot |
15 | 16 | ||
diff --git a/etc/dropbox.profile b/etc/dropbox.profile index 76367e13a..dbf90e352 100644 --- a/etc/dropbox.profile +++ b/etc/dropbox.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps | 11 | caps |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/empathy.profile b/etc/empathy.profile index 24ba457d9..8d54ab401 100644 --- a/etc/empathy.profile +++ b/etc/empathy.profile | |||
@@ -6,3 +6,4 @@ include /etc/firejail/disable-history.inc | |||
6 | blacklist ${HOME}/.wine | 6 | blacklist ${HOME}/.wine |
7 | caps.drop all | 7 | caps.drop all |
8 | seccomp | 8 | seccomp |
9 | protocol unix,inet,inet6 | ||
diff --git a/etc/evince.profile b/etc/evince.profile index 1dc4f2b7a..6af871bf7 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/fbreader.profile b/etc/fbreader.profile index e42dc6084..46ea14807 100644 --- a/etc/fbreader.profile +++ b/etc/fbreader.profile | |||
@@ -11,6 +11,7 @@ blacklist ${HOME}/.password-store | |||
11 | blacklist ${HOME}/.wine | 11 | blacklist ${HOME}/.wine |
12 | caps.drop all | 12 | caps.drop all |
13 | seccomp | 13 | seccomp |
14 | protocol unix,inet,inet6 | ||
14 | netfilter | 15 | netfilter |
15 | noroot | 16 | noroot |
16 | 17 | ||
diff --git a/etc/filezilla.profile b/etc/filezilla.profile index df89574f1..1b6684e75 100644 --- a/etc/filezilla.profile +++ b/etc/filezilla.profile | |||
@@ -8,6 +8,7 @@ include /etc/firejail/disable-history.inc | |||
8 | blacklist ${HOME}/.wine | 8 | blacklist ${HOME}/.wine |
9 | caps.drop all | 9 | caps.drop all |
10 | seccomp | 10 | seccomp |
11 | protocol unix,inet,inet6 | ||
11 | noroot | 12 | noroot |
12 | netfilter | 13 | netfilter |
13 | 14 | ||
diff --git a/etc/firefox.profile b/etc/firefox.profile index d81f6a9e1..ac6536ad4 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -6,6 +6,7 @@ include /etc/firejail/disable-common.inc | |||
6 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
7 | caps.drop all | 7 | caps.drop all |
8 | seccomp | 8 | seccomp |
9 | protocol unix,inet,inet6 | ||
9 | netfilter | 10 | netfilter |
10 | noroot | 11 | noroot |
11 | whitelist ~/.mozilla | 12 | whitelist ~/.mozilla |
diff --git a/etc/generic.profile b/etc/generic.profile index 18fb4ebc6..40a9b31af 100644 --- a/etc/generic.profile +++ b/etc/generic.profile | |||
@@ -11,6 +11,7 @@ blacklist ${HOME}/.keepassx | |||
11 | blacklist ${HOME}/.password-store | 11 | blacklist ${HOME}/.password-store |
12 | caps.drop all | 12 | caps.drop all |
13 | seccomp | 13 | seccomp |
14 | protocol unix,inet,inet6 | ||
14 | netfilter | 15 | netfilter |
15 | noroot | 16 | noroot |
16 | 17 | ||
diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index b3578c38c..80beb8638 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/midori.profile b/etc/midori.profile index 7ce9b7151..0200c300c 100644 --- a/etc/midori.profile +++ b/etc/midori.profile | |||
@@ -6,5 +6,6 @@ include /etc/firejail/disable-common.inc | |||
6 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
7 | caps.drop all | 7 | caps.drop all |
8 | seccomp | 8 | seccomp |
9 | protocol unix,inet,inet6 | ||
9 | netfilter | 10 | netfilter |
10 | 11 | ||
diff --git a/etc/opera.profile b/etc/opera.profile index c20e6b614..d55c0aaa3 100644 --- a/etc/opera.profile +++ b/etc/opera.profile | |||
@@ -6,6 +6,5 @@ include /etc/firejail/disable-common.inc | |||
6 | include /etc/firejail/disable-history.inc | 6 | include /etc/firejail/disable-history.inc |
7 | netfilter | 7 | netfilter |
8 | noroot | 8 | noroot |
9 | shell none | ||
10 | 9 | ||
11 | 10 | ||
diff --git a/etc/pidgin.profile b/etc/pidgin.profile index d206fa0fa..e35585087 100644 --- a/etc/pidgin.profile +++ b/etc/pidgin.profile | |||
@@ -7,4 +7,5 @@ include /etc/firejail/disable-history.inc | |||
7 | blacklist ${HOME}/.wine | 7 | blacklist ${HOME}/.wine |
8 | caps.drop all | 8 | caps.drop all |
9 | seccomp | 9 | seccomp |
10 | protocol unix,inet,inet6 | ||
10 | noroot | 11 | noroot |
diff --git a/etc/qbittorrent.profile b/etc/qbittorrent.profile index d6ed092f2..41f984602 100644 --- a/etc/qbittorrent.profile +++ b/etc/qbittorrent.profile | |||
@@ -10,6 +10,7 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | netfilter | 14 | netfilter |
14 | noroot | 15 | noroot |
15 | 16 | ||
diff --git a/etc/quassel.profile b/etc/quassel.profile index 08d90df34..20ac17bcd 100644 --- a/etc/quassel.profile +++ b/etc/quassel.profile | |||
@@ -6,4 +6,5 @@ include /etc/firejail/disable-history.inc | |||
6 | blacklist ${HOME}/.wine | 6 | blacklist ${HOME}/.wine |
7 | caps.drop all | 7 | caps.drop all |
8 | seccomp | 8 | seccomp |
9 | protocol unix,inet,inet6 | ||
9 | noroot | 10 | noroot |
diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile index adfa94dbd..d7b45102a 100644 --- a/etc/rhythmbox.profile +++ b/etc/rhythmbox.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/skype.profile b/etc/skype.profile index 865fbe43d..fc4c54771 100644 --- a/etc/skype.profile +++ b/etc/skype.profile | |||
@@ -9,3 +9,4 @@ caps.drop all | |||
9 | netfilter | 9 | netfilter |
10 | noroot | 10 | noroot |
11 | seccomp | 11 | seccomp |
12 | protocol unix,inet,inet6 | ||
diff --git a/etc/spotify.profile b/etc/spotify.profile index 3b2360a65..71d55f067 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile | |||
@@ -15,5 +15,6 @@ whitelist ${HOME}/.config/pulse | |||
15 | 15 | ||
16 | caps.drop all | 16 | caps.drop all |
17 | seccomp | 17 | seccomp |
18 | protocol unix,inet,inet6 | ||
18 | netfilter | 19 | netfilter |
19 | noroot | 20 | noroot |
diff --git a/etc/steam.profile b/etc/steam.profile index da36a50b4..feaa46c84 100644 --- a/etc/steam.profile +++ b/etc/steam.profile | |||
@@ -9,3 +9,4 @@ caps.drop all | |||
9 | netfilter | 9 | netfilter |
10 | noroot | 10 | noroot |
11 | seccomp | 11 | seccomp |
12 | protocol unix,inet,inet6 | ||
diff --git a/etc/thunderbird.profile b/etc/thunderbird.profile index 9305d06b0..afd049eb1 100644 --- a/etc/thunderbird.profile +++ b/etc/thunderbird.profile | |||
@@ -18,6 +18,7 @@ blacklist ${HOME}/.tconn | |||
18 | include /etc/firejail/disable-history.inc | 18 | include /etc/firejail/disable-history.inc |
19 | caps.drop all | 19 | caps.drop all |
20 | seccomp | 20 | seccomp |
21 | protocol unix,inet,inet6 | ||
21 | netfilter | 22 | netfilter |
22 | noroot | 23 | noroot |
23 | 24 | ||
diff --git a/etc/totem.profile b/etc/totem.profile index f6730ce5a..3a7a24d8c 100644 --- a/etc/totem.profile +++ b/etc/totem.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index 4d9d491bd..6ef8c5490 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile | |||
@@ -10,6 +10,7 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | netfilter | 14 | netfilter |
14 | noroot | 15 | noroot |
15 | 16 | ||
diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 24f761f6f..06a425a0f 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile | |||
@@ -10,6 +10,7 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | netfilter | 14 | netfilter |
14 | noroot | 15 | noroot |
15 | 16 | ||
diff --git a/etc/vlc.profile b/etc/vlc.profile index ef64873b8..3ac67983e 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -10,4 +10,5 @@ blacklist ${HOME}/.password-store | |||
10 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
11 | caps.drop all | 11 | caps.drop all |
12 | seccomp | 12 | seccomp |
13 | protocol unix,inet,inet6 | ||
13 | noroot | 14 | noroot |
diff --git a/etc/xchat.profile b/etc/xchat.profile index dc7e84e12..c1cd9e205 100644 --- a/etc/xchat.profile +++ b/etc/xchat.profile | |||
@@ -6,4 +6,5 @@ include /etc/firejail/disable-history.inc | |||
6 | blacklist ${HOME}/.wine | 6 | blacklist ${HOME}/.wine |
7 | caps.drop all | 7 | caps.drop all |
8 | seccomp | 8 | seccomp |
9 | protocol unix,inet,inet6 | ||
9 | noroot | 10 | noroot |
diff --git a/test/net_mtu.exp b/test/net_mtu.exp index 2940241c1..7943b2866 100755 --- a/test/net_mtu.exp +++ b/test/net_mtu.exp | |||
@@ -5,7 +5,7 @@ spawn $env(SHELL) | |||
5 | match_max 100000 | 5 | match_max 100000 |
6 | 6 | ||
7 | # check ip address | 7 | # check ip address |
8 | send -- "firejail --net=br0 --mtu=1000\r" | 8 | send -- "firejail --net=br0 --mtu=1000 --noprofile\r" |
9 | expect { | 9 | expect { |
10 | timeout {puts "TESTING ERROR 1\n";exit} | 10 | timeout {puts "TESTING ERROR 1\n";exit} |
11 | "Child process initialized" | 11 | "Child process initialized" |