diff options
author | netblue30 <netblue30@protonmail.com> | 2022-02-06 07:25:12 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-06 07:25:12 -0500 |
commit | b4730248f6761f13044f309ad66267a540c9e555 (patch) | |
tree | 14a872b51d7294eefd89f6909185e3182e1e5f93 | |
parent | RELNOTES: add new command checklist and issue template rework (diff) | |
parent | keepass*: note that private-dev blocks access to new hardware keys (diff) | |
download | firejail-b4730248f6761f13044f309ad66267a540c9e555.tar.gz firejail-b4730248f6761f13044f309ad66267a540c9e555.tar.zst firejail-b4730248f6761f13044f309ad66267a540c9e555.zip |
Merge pull request #4903 from kmk3/keepass-rm-nou2f
keepass*: remove nou2f & add note about private-dev
-rw-r--r-- | etc/profile-a-l/keepass.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/keepassx.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/keepassxc.profile | 4 |
3 files changed, 9 insertions, 3 deletions
diff --git a/etc/profile-a-l/keepass.profile b/etc/profile-a-l/keepass.profile index f26c10be3..bc7878ac9 100644 --- a/etc/profile-a-l/keepass.profile +++ b/etc/profile-a-l/keepass.profile | |||
@@ -32,13 +32,15 @@ nonewprivs | |||
32 | noroot | 32 | noroot |
33 | nosound | 33 | nosound |
34 | notv | 34 | notv |
35 | nou2f | ||
36 | novideo | 35 | novideo |
37 | protocol unix,inet,inet6,netlink | 36 | protocol unix,inet,inet6,netlink |
38 | seccomp | 37 | seccomp |
39 | shell none | 38 | shell none |
40 | 39 | ||
41 | private-cache | 40 | private-cache |
41 | # Note: private-dev prevents the program from seeing new devices (such as | ||
42 | # hardware keys) on /dev after it has already started; add "ignore nou2f" to | ||
43 | # keepassxc.local if this is an issue (see #4883). | ||
42 | private-dev | 44 | private-dev |
43 | private-tmp | 45 | private-tmp |
44 | 46 | ||
diff --git a/etc/profile-a-l/keepassx.profile b/etc/profile-a-l/keepassx.profile index 5e2d6d8df..8c5e6168e 100644 --- a/etc/profile-a-l/keepassx.profile +++ b/etc/profile-a-l/keepassx.profile | |||
@@ -32,7 +32,6 @@ nonewprivs | |||
32 | noroot | 32 | noroot |
33 | nosound | 33 | nosound |
34 | notv | 34 | notv |
35 | nou2f | ||
36 | novideo | 35 | novideo |
37 | protocol unix | 36 | protocol unix |
38 | seccomp | 37 | seccomp |
@@ -40,6 +39,9 @@ shell none | |||
40 | tracelog | 39 | tracelog |
41 | 40 | ||
42 | private-bin keepassx,keepassx2 | 41 | private-bin keepassx,keepassx2 |
42 | # Note: private-dev prevents the program from seeing new devices (such as | ||
43 | # hardware keys) on /dev after it has already started; add "ignore nou2f" to | ||
44 | # keepassxc.local if this is an issue (see #4883). | ||
43 | private-dev | 45 | private-dev |
44 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id |
45 | private-tmp | 47 | private-tmp |
diff --git a/etc/profile-a-l/keepassxc.profile b/etc/profile-a-l/keepassxc.profile index 45a707071..8f57cb706 100644 --- a/etc/profile-a-l/keepassxc.profile +++ b/etc/profile-a-l/keepassxc.profile | |||
@@ -78,7 +78,6 @@ nonewprivs | |||
78 | noroot | 78 | noroot |
79 | nosound | 79 | nosound |
80 | notv | 80 | notv |
81 | nou2f | ||
82 | novideo | 81 | novideo |
83 | protocol unix | 82 | protocol unix |
84 | seccomp !name_to_handle_at | 83 | seccomp !name_to_handle_at |
@@ -87,6 +86,9 @@ shell none | |||
87 | tracelog | 86 | tracelog |
88 | 87 | ||
89 | private-bin keepassxc,keepassxc-cli,keepassxc-proxy | 88 | private-bin keepassxc,keepassxc-cli,keepassxc-proxy |
89 | # Note: private-dev prevents the program from seeing new devices (such as | ||
90 | # hardware keys) on /dev after it has already started; add "ignore nou2f" to | ||
91 | # keepassxc.local if this is an issue (see #4883). | ||
90 | private-dev | 92 | private-dev |
91 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 93 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id |
92 | private-tmp | 94 | private-tmp |