diff options
author | netblue30 <netblue30@yahoo.com> | 2017-03-29 09:45:57 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-03-29 09:45:57 -0400 |
commit | d8314e549434456078dd8efa5d0484306fdb849a (patch) | |
tree | e78089386973787da1eef0258bdfeeb7137fed0d | |
parent | bringing back ~/.cache in all profiles (diff) | |
download | firejail-d8314e549434456078dd8efa5d0484306fdb849a.tar.gz firejail-d8314e549434456078dd8efa5d0484306fdb849a.tar.zst firejail-d8314e549434456078dd8efa5d0484306fdb849a.zip |
updated midori profile for Arch; remove compile warnings for Arch
-rw-r--r-- | etc/midori.profile | 38 | ||||
-rw-r--r-- | src/firejail/rlimit.c | 8 |
2 files changed, 38 insertions, 8 deletions
diff --git a/etc/midori.profile b/etc/midori.profile index 44e5e7417..a0bcb808c 100644 --- a/etc/midori.profile +++ b/etc/midori.profile | |||
@@ -2,16 +2,46 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include /etc/firejail/midori.local | 3 | include /etc/firejail/midori.local |
4 | 4 | ||
5 | # Midori browser profile | 5 | # Midori profile |
6 | noblacklist ${HOME}/.config/midori | 6 | noblacklist ~/.config/midori |
7 | noblacklist ~/.local/share/midori | ||
8 | noblacklist ~/.local/share/webkit | ||
9 | noblacklist ~/.local/share/webkitgtk | ||
10 | noblacklist ~/.pki | ||
11 | noblacklist ~/.lastpass | ||
7 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
9 | include /etc/firejail/disable-devel.inc | 14 | include /etc/firejail/disable-devel.inc |
10 | 15 | ||
16 | mkdir ~/.config/midori | ||
17 | whitelist ~/.config/midori | ||
18 | |||
19 | mkdir ~/.cache/midori | ||
20 | whitelist ~/.cache/midori | ||
21 | |||
22 | mkdir ~/.local/share/midori | ||
23 | whitelist ~/.local/share/midori | ||
24 | |||
25 | mkdir ~/.local/share/webkit | ||
26 | whitelist ~/.local/share/webkit | ||
27 | |||
28 | mkdir ~/.local/share/webkitgtk | ||
29 | whitelist ~/.local/share/webkitgtk | ||
30 | |||
31 | whitelist ${DOWNLOADS} | ||
32 | whitelist ~/.config/gnome-mplayer | ||
33 | whitelist ~/.cache/gnome-mplayer/plugin | ||
34 | mkdir ~/.pki | ||
35 | whitelist ~/.pki | ||
36 | whitelist ~/.lastpass | ||
37 | |||
38 | |||
11 | caps.drop all | 39 | caps.drop all |
12 | netfilter | 40 | netfilter |
13 | nonewprivs | 41 | nonewprivs |
14 | # noroot - noroot break midori on Ubuntu 14.04 | 42 | # noroot - porblems on Ubuntu 14.04 |
15 | protocol unix,inet,inet6 | 43 | protocol unix,inet,inet6,netlink |
16 | seccomp | 44 | seccomp |
45 | tracelog | ||
46 | |||
17 | 47 | ||
diff --git a/src/firejail/rlimit.c b/src/firejail/rlimit.c index 5e30e56a3..bf63bae38 100644 --- a/src/firejail/rlimit.c +++ b/src/firejail/rlimit.c | |||
@@ -33,7 +33,7 @@ void set_rlimits(void) { | |||
33 | if (setrlimit(RLIMIT_NOFILE, &rl) == -1) | 33 | if (setrlimit(RLIMIT_NOFILE, &rl) == -1) |
34 | errExit("setrlimit"); | 34 | errExit("setrlimit"); |
35 | if (arg_debug) | 35 | if (arg_debug) |
36 | printf("Config rlimit: number of open file descriptors %u\n", cfg.rlimit_nofile); | 36 | printf("Config rlimit: number of open file descriptors %llu\n", cfg.rlimit_nofile); |
37 | } | 37 | } |
38 | 38 | ||
39 | if (arg_rlimit_nproc) { | 39 | if (arg_rlimit_nproc) { |
@@ -45,7 +45,7 @@ void set_rlimits(void) { | |||
45 | if (setrlimit(RLIMIT_NPROC, &rl) == -1) | 45 | if (setrlimit(RLIMIT_NPROC, &rl) == -1) |
46 | errExit("setrlimit"); | 46 | errExit("setrlimit"); |
47 | if (arg_debug) | 47 | if (arg_debug) |
48 | printf("Config rlimit: number of processes %u\n", cfg.rlimit_nproc); | 48 | printf("Config rlimit: number of processes %llu\n", cfg.rlimit_nproc); |
49 | } | 49 | } |
50 | 50 | ||
51 | if (arg_rlimit_fsize) { | 51 | if (arg_rlimit_fsize) { |
@@ -57,7 +57,7 @@ void set_rlimits(void) { | |||
57 | if (setrlimit(RLIMIT_FSIZE, &rl) == -1) | 57 | if (setrlimit(RLIMIT_FSIZE, &rl) == -1) |
58 | errExit("setrlimit"); | 58 | errExit("setrlimit"); |
59 | if (arg_debug) | 59 | if (arg_debug) |
60 | printf("Config rlimit: maximum file size %u\n", cfg.rlimit_fsize); | 60 | printf("Config rlimit: maximum file size %llu\n", cfg.rlimit_fsize); |
61 | } | 61 | } |
62 | 62 | ||
63 | if (arg_rlimit_sigpending) { | 63 | if (arg_rlimit_sigpending) { |
@@ -69,6 +69,6 @@ void set_rlimits(void) { | |||
69 | if (setrlimit(RLIMIT_SIGPENDING, &rl) == -1) | 69 | if (setrlimit(RLIMIT_SIGPENDING, &rl) == -1) |
70 | errExit("setrlimit"); | 70 | errExit("setrlimit"); |
71 | if (arg_debug) | 71 | if (arg_debug) |
72 | printf("Config rlimit: maximum number of signals pending %u\n", cfg.rlimit_sigpending); | 72 | printf("Config rlimit: maximum number of signals pending %llu\n", cfg.rlimit_sigpending); |
73 | } | 73 | } |
74 | } | 74 | } |