diff options
author | netblue30 <netblue30@yahoo.com> | 2018-05-01 11:38:13 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-05-01 11:38:13 -0400 |
commit | 1c187f79012f7d9267434f0449dd24862bcc8abd (patch) | |
tree | 000c15b5188f25f8ca595cb8dcc5f8ef4d1ad9e3 | |
parent | small fix (diff) | |
parent | merges (diff) | |
download | firejail-1c187f79012f7d9267434f0449dd24862bcc8abd.tar.gz firejail-1c187f79012f7d9267434f0449dd24862bcc8abd.tar.zst firejail-1c187f79012f7d9267434f0449dd24862bcc8abd.zip |
Merge branch 'master' of http://github.com/netblue30/firejail
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | etc/cin.profile | 8 | ||||
-rw-r--r-- | etc/libreoffice.profile | 2 | ||||
-rw-r--r-- | etc/natron.profile | 8 |
4 files changed, 15 insertions, 5 deletions
@@ -114,6 +114,8 @@ bn0785ac (https://github.com/bn0785ac) | |||
114 | - fixed bnox, dnox profiles | 114 | - fixed bnox, dnox profiles |
115 | - support all tor-browser langpacks | 115 | - support all tor-browser langpacks |
116 | - chromium canary (inox-family) fixes | 116 | - chromium canary (inox-family) fixes |
117 | - allow multithreading for cin and natron | ||
118 | - fix dbus access for libreoffice on KDE | ||
117 | BogDan Vatra (https://github.com/bog-dan-ro) | 119 | BogDan Vatra (https://github.com/bog-dan-ro) |
118 | - zoom profile | 120 | - zoom profile |
119 | Bruno Nova (https://github.com/brunonova) | 121 | Bruno Nova (https://github.com/brunonova) |
diff --git a/etc/cin.profile b/etc/cin.profile index 0a5b0c728..356509da0 100644 --- a/etc/cin.profile +++ b/etc/cin.profile | |||
@@ -18,15 +18,17 @@ ipc-namespace | |||
18 | net none | 18 | net none |
19 | nodbus | 19 | nodbus |
20 | nodvd | 20 | nodvd |
21 | nogroups | 21 | #nogroups |
22 | nonewprivs | 22 | #nonewprivs |
23 | notv | 23 | notv |
24 | noroot | 24 | noroot |
25 | protocol unix | 25 | protocol unix |
26 | |||
27 | # if an 1-1.2% gap per thread hurts you, comment seccomp | ||
26 | seccomp | 28 | seccomp |
27 | shell none | 29 | shell none |
28 | 30 | ||
29 | private-bin cin,ffmpeg | 31 | #private-bin cin,ffmpeg |
30 | private-dev | 32 | private-dev |
31 | 33 | ||
32 | noexec ${HOME} | 34 | noexec ${HOME} |
diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile index 18fcc59c6..4aafd7c7a 100644 --- a/etc/libreoffice.profile +++ b/etc/libreoffice.profile | |||
@@ -29,7 +29,7 @@ include /etc/firejail/whitelist-var-common.inc | |||
29 | caps.drop all | 29 | caps.drop all |
30 | machine-id | 30 | machine-id |
31 | netfilter | 31 | netfilter |
32 | nodbus | 32 | #nodbus |
33 | nodvd | 33 | nodvd |
34 | nogroups | 34 | nogroups |
35 | #nonewprivs - fix for Ubuntu 18.04/Debian 10 | 35 | #nonewprivs - fix for Ubuntu 18.04/Debian 10 |
diff --git a/etc/natron.profile b/etc/natron.profile index f6ebf2b65..e7c597fe2 100644 --- a/etc/natron.profile +++ b/etc/natron.profile | |||
@@ -5,6 +5,12 @@ include /etc/firejail/natron.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | # Allow access to python | ||
9 | noblacklist ${PATH}/python2* | ||
10 | noblacklist ${PATH}/python3* | ||
11 | noblacklist /usr/lib/python2* | ||
12 | noblacklist /usr/lib/python3* | ||
13 | |||
8 | noblacklist ${HOME}/.Natron | 14 | noblacklist ${HOME}/.Natron |
9 | noblacklist ${HOME}/.cache/INRIA/Natron | 15 | noblacklist ${HOME}/.cache/INRIA/Natron |
10 | noblacklist ${HOME}/.config/INRIA | 16 | noblacklist ${HOME}/.config/INRIA |
@@ -12,7 +18,7 @@ noblacklist /opt/natron | |||
12 | 18 | ||
13 | include /etc/firejail/disable-common.inc | 19 | include /etc/firejail/disable-common.inc |
14 | include /etc/firejail/disable-devel.inc | 20 | include /etc/firejail/disable-devel.inc |
15 | include /etc/firejail/disable-interpreters.inc | 21 | #include /etc/firejail/disable-interpreters.inc |
16 | include /etc/firejail/disable-passwdmgr.inc | 22 | include /etc/firejail/disable-passwdmgr.inc |
17 | include /etc/firejail/disable-programs.inc | 23 | include /etc/firejail/disable-programs.inc |
18 | 24 | ||