diff options
author | Tad <tad@spotco.us> | 2019-07-31 23:35:44 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2019-08-01 00:23:12 -0400 |
commit | a02d12224be9e170816a03eb61737f9e77be24ac (patch) | |
tree | bf60781ec7a307f9556ec44df33de351d478d1b6 | |
parent | Merge pull request #2885 from flacks/profiles/tor-browser (diff) | |
download | firejail-a02d12224be9e170816a03eb61737f9e77be24ac.tar.gz firejail-a02d12224be9e170816a03eb61737f9e77be24ac.tar.zst firejail-a02d12224be9e170816a03eb61737f9e77be24ac.zip |
profiles: misc fixes
- pluma: sync private-lib from gedit to fix crashes
5e220b2da502bdcaf0f6188779e8bb0e37c9c414
- checkbashisms: fix missing library needed under CentOS 7
of note:
- yelp complains about /etc/pki but lacks network access anyway
under openSUSE Tumbleweed
- gedit is broken, see #2207
- onionshare-gui is broken, unrelated to firejail
under CentOS 7
- chromium-common is broken, commenting private-dev fixes,
potentially related to firejail, there are SELinux denials
for /dev/urandom
under Fedora and CentOS 7
- gnome-system-log is broken, as it is a script that calls logview
using pkexec, consider commenting in firecfg?
-rw-r--r-- | etc/checkbashisms.profile | 2 | ||||
-rw-r--r-- | etc/pluma.profile | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile index fe3202cea..7b2d344e5 100644 --- a/etc/checkbashisms.profile +++ b/etc/checkbashisms.profile | |||
@@ -44,7 +44,7 @@ x11 none | |||
44 | 44 | ||
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-lib perl* | 47 | private-lib libfreebl3.so,perl* |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | memory-deny-write-execute | 50 | memory-deny-write-execute |
diff --git a/etc/pluma.profile b/etc/pluma.profile index 81b2b1481..1e0512fd8 100644 --- a/etc/pluma.profile +++ b/etc/pluma.profile | |||
@@ -6,6 +6,7 @@ include pluma.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/enchant | ||
9 | noblacklist ${HOME}/.config/pluma | 10 | noblacklist ${HOME}/.config/pluma |
10 | noblacklist ${HOME}/.python-history | 11 | noblacklist ${HOME}/.python-history |
11 | noblacklist ${HOME}/.python_history | 12 | noblacklist ${HOME}/.python_history |
@@ -42,7 +43,7 @@ tracelog | |||
42 | 43 | ||
43 | private-bin pluma | 44 | private-bin pluma |
44 | private-dev | 45 | private-dev |
45 | private-lib pluma | 46 | private-lib aspell,gconv,libgspell-1.so.*,libreadline.so.*,libtinfo.so.*,pluma |
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
48 | memory-deny-write-execute | 49 | memory-deny-write-execute |