diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-12-19 15:42:50 +0100 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-12-19 15:42:50 +0100 |
commit | 37ac96c28ea502118d2bcdab88ed61a2567ef390 (patch) | |
tree | 031e559272e082510e0a1dba0c4354ec2c84479e | |
parent | Update baobab.profile (diff) | |
download | firejail-37ac96c28ea502118d2bcdab88ed61a2567ef390.tar.gz firejail-37ac96c28ea502118d2bcdab88ed61a2567ef390.tar.zst firejail-37ac96c28ea502118d2bcdab88ed61a2567ef390.zip |
fix seahorse-tool
-rw-r--r-- | etc/seahorse-tool.profile | 4 | ||||
-rw-r--r-- | etc/seahorse.profile | 12 |
2 files changed, 9 insertions, 7 deletions
diff --git a/etc/seahorse-tool.profile b/etc/seahorse-tool.profile index 4bf23c512..e2ec5185e 100644 --- a/etc/seahorse-tool.profile +++ b/etc/seahorse-tool.profile | |||
@@ -7,9 +7,9 @@ include seahorse-tool.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | # private-etc workaround for: #2877 | ||
11 | private-etc passwd,firejail,login.defs | ||
10 | private-tmp | 12 | private-tmp |
11 | 13 | ||
12 | memory-deny-write-execute | ||
13 | |||
14 | # Redirect | 14 | # Redirect |
15 | include seahorse.profile | 15 | include seahorse.profile |
diff --git a/etc/seahorse.profile b/etc/seahorse.profile index 6acf8aa5d..5a742d05f 100644 --- a/etc/seahorse.profile +++ b/etc/seahorse.profile | |||
@@ -20,17 +20,19 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.gnupg | 23 | # whitelisting in ${HOME} breaks file encryption feature of nautilus. |
24 | mkdir ${HOME}/.ssh | 24 | # once #2882 is fixed this can be uncommented and nowhitelisted in seahorse-tool.profile |
25 | whitelist ${HOME}/.gnupg | 25 | #mkdir ${HOME}/.gnupg |
26 | whitelist ${HOME}/.ssh | 26 | #mkdir ${HOME}/.ssh |
27 | #whitelist ${HOME}/.gnupg | ||
28 | #whitelist ${HOME}/.ssh | ||
27 | whitelist /tmp/ssh-* | 29 | whitelist /tmp/ssh-* |
28 | whitelist /usr/share/gnupg | 30 | whitelist /usr/share/gnupg |
29 | whitelist /usr/share/gnupg2 | 31 | whitelist /usr/share/gnupg2 |
30 | whitelist /usr/share/seahorse | 32 | whitelist /usr/share/seahorse |
31 | whitelist /usr/share/seahorse-nautilus | 33 | whitelist /usr/share/seahorse-nautilus |
34 | #include whitelist-common.inc | ||
32 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
33 | include whitelist-common.inc | ||
34 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
35 | 37 | ||
36 | apparmor | 38 | apparmor |