diff options
author | Tad <tad@spotco.us> | 2020-11-29 19:40:48 -0500 |
---|---|---|
committer | Tad <tad@spotco.us> | 2020-11-29 19:52:19 -0500 |
commit | a04e63f97fc14dd713dfadb2bf193b09d02fbbc5 (patch) | |
tree | cbf517a1215bacd9124820f7a204259985a1af94 | |
parent | Update build.yml (#3779) (diff) | |
download | firejail-a04e63f97fc14dd713dfadb2bf193b09d02fbbc5.tar.gz firejail-a04e63f97fc14dd713dfadb2bf193b09d02fbbc5.tar.zst firejail-a04e63f97fc14dd713dfadb2bf193b09d02fbbc5.zip |
Small fixes
- gimp: allow mbind syscall. no start on Fedora 33 without
- minetest: disable private-cache. without persistent cache connecting to servers can take many minutes
- supertuxkart: allow bluetooth protocol. stk can directly connect/pair to WiiMote controllers
- supertuxkart: comment private-dev to allow controller use
- profiles: unify controller support comments
- firecfg: comment evolution with a note, and add a note to epiphany #3647 + #2995
-rw-r--r-- | etc/profile-a-l/gimp.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/lutris.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/minetest.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/ostrichriders.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/ppsspp.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/steam.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/supertuxkart.profile | 5 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 4 |
8 files changed, 12 insertions, 10 deletions
diff --git a/etc/profile-a-l/gimp.profile b/etc/profile-a-l/gimp.profile index ed27de7f5..bc5ef966c 100644 --- a/etc/profile-a-l/gimp.profile +++ b/etc/profile-a-l/gimp.profile | |||
@@ -52,7 +52,7 @@ nosound | |||
52 | notv | 52 | notv |
53 | nou2f | 53 | nou2f |
54 | protocol unix | 54 | protocol unix |
55 | seccomp | 55 | seccomp !mbind |
56 | shell none | 56 | shell none |
57 | tracelog | 57 | tracelog |
58 | 58 | ||
diff --git a/etc/profile-a-l/lutris.profile b/etc/profile-a-l/lutris.profile index fabf57861..652f571bb 100644 --- a/etc/profile-a-l/lutris.profile +++ b/etc/profile-a-l/lutris.profile | |||
@@ -66,7 +66,7 @@ protocol unix,inet,inet6,netlink | |||
66 | seccomp | 66 | seccomp |
67 | shell none | 67 | shell none |
68 | 68 | ||
69 | # comment the following line if you don't need controller support | 69 | # uncomment the following line if you do not need controller support |
70 | # private-dev | 70 | # private-dev |
71 | private-tmp | 71 | private-tmp |
72 | 72 | ||
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index e126050b7..666af323d 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile | |||
@@ -53,7 +53,8 @@ tracelog | |||
53 | 53 | ||
54 | disable-mnt | 54 | disable-mnt |
55 | private-bin minetest,rm | 55 | private-bin minetest,rm |
56 | private-cache | 56 | # cache is used for storing assets when connecting to servers |
57 | #private-cache | ||
57 | private-dev | 58 | private-dev |
58 | # private-etc needs to be updated, see #1702 | 59 | # private-etc needs to be updated, see #1702 |
59 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl | 60 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl |
diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index cc44d5a48..3bfda7946 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | disable-mnt | 42 | disable-mnt |
43 | private-bin ostrichriders | 43 | private-bin ostrichriders |
44 | private-cache | 44 | private-cache |
45 | # private-dev should be commented for controllers | 45 | # comment the following line if you need controller support |
46 | private-dev | 46 | private-dev |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/profile-m-z/ppsspp.profile b/etc/profile-m-z/ppsspp.profile index c62e53151..c71553bcd 100644 --- a/etc/profile-m-z/ppsspp.profile +++ b/etc/profile-m-z/ppsspp.profile | |||
@@ -32,7 +32,7 @@ protocol unix,netlink | |||
32 | seccomp | 32 | seccomp |
33 | shell none | 33 | shell none |
34 | 34 | ||
35 | # private-dev is disabled to allow controller support | 35 | # uncomment the following line if you do not need controller support |
36 | #private-dev | 36 | #private-dev |
37 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl | 37 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl |
38 | private-opt ppsspp | 38 | private-opt ppsspp |
diff --git a/etc/profile-m-z/steam.profile b/etc/profile-m-z/steam.profile index 7292f189c..adf9c9317 100644 --- a/etc/profile-m-z/steam.profile +++ b/etc/profile-m-z/steam.profile | |||
@@ -109,7 +109,7 @@ shell none | |||
109 | # picture viewers are needed for viewing screenshots | 109 | # picture viewers are needed for viewing screenshots |
110 | #private-bin eog,eom,gthumb,pix,viewnior,xviewer | 110 | #private-bin eog,eom,gthumb,pix,viewnior,xviewer |
111 | 111 | ||
112 | # private-dev should be commented for controllers | 112 | # comment the following line if you need controller support |
113 | private-dev | 113 | private-dev |
114 | # private-etc breaks a small selection of games on some systems, comment to support those | 114 | # private-etc breaks a small selection of games on some systems, comment to support those |
115 | private-etc alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,dbus-1,drirc,fonts,group,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,lsb-release,machine-id,mime.types,nvidia,os-release,passwd,pki,pulse,resolv.conf,services,ssl | 115 | private-etc alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,dbus-1,drirc,fonts,group,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,lsb-release,machine-id,mime.types,nvidia,os-release,passwd,pki,pulse,resolv.conf,services,ssl |
diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index ff99c234e..1b20f5d3d 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile | |||
@@ -41,7 +41,7 @@ noroot | |||
41 | notv | 41 | notv |
42 | nou2f | 42 | nou2f |
43 | novideo | 43 | novideo |
44 | protocol unix,inet,inet6 | 44 | protocol unix,inet,inet6,bluetooth |
45 | seccomp | 45 | seccomp |
46 | seccomp.block-secondary | 46 | seccomp.block-secondary |
47 | shell none | 47 | shell none |
@@ -50,7 +50,8 @@ tracelog | |||
50 | disable-mnt | 50 | disable-mnt |
51 | private-bin supertuxkart | 51 | private-bin supertuxkart |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | # uncomment the following line if you do not need controller support |
54 | #private-dev | ||
54 | private-etc alternatives,ca-certificates,crypto-policies,drirc,hosts,machine-id,openal,pki,resolv.conf,ssl | 55 | private-etc alternatives,ca-certificates,crypto-policies,drirc,hosts,machine-id,openal,pki,resolv.conf,ssl |
55 | private-tmp | 56 | private-tmp |
56 | private-opt none | 57 | private-opt none |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 8794076c6..7693107d7 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -197,14 +197,14 @@ enpass | |||
197 | eog | 197 | eog |
198 | eom | 198 | eom |
199 | ephemeral | 199 | ephemeral |
200 | #epiphany | 200 | #epiphany - see #2995 |
201 | equalx | 201 | equalx |
202 | et | 202 | et |
203 | etr | 203 | etr |
204 | evince | 204 | evince |
205 | evince-previewer | 205 | evince-previewer |
206 | evince-thumbnailer | 206 | evince-thumbnailer |
207 | evolution | 207 | #evolution - see #3647 |
208 | exfalso | 208 | exfalso |
209 | exiftool | 209 | exiftool |
210 | falkon | 210 | falkon |