diff options
author | smitsohu <smitsohu@gmail.com> | 2017-12-08 00:50:52 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2017-12-08 00:50:52 +0100 |
commit | 5e3c526b4542911b08f99c861a231d58373d42c2 (patch) | |
tree | d7022cafcbd2dd59c3b1fc9f9e83a8e3b23b0f06 | |
parent | 0.9.52 testing (diff) | |
download | firejail-5e3c526b4542911b08f99c861a231d58373d42c2.tar.gz firejail-5e3c526b4542911b08f99c861a231d58373d42c2.tar.zst firejail-5e3c526b4542911b08f99c861a231d58373d42c2.zip |
fix sound in firefox started from thunderbird
and move disable-mnt from thunderbird to firefox profile, in alignment with
recent commit from @Fred-Barclay
-rw-r--r-- | etc/firefox.profile | 5 | ||||
-rw-r--r-- | etc/thunderbird.profile | 4 |
2 files changed, 4 insertions, 5 deletions
diff --git a/etc/firefox.profile b/etc/firefox.profile index a8a9e014e..57a5bc7a7 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -70,7 +70,7 @@ include /etc/firejail/whitelist-common.inc | |||
70 | include /etc/firejail/whitelist-var-common.inc | 70 | include /etc/firejail/whitelist-var-common.inc |
71 | 71 | ||
72 | caps.drop all | 72 | caps.drop all |
73 | # machine-id breaks pulse audio; if shoud work fine in setups where sound is not required | 73 | # machine-id breaks pulse audio; if should work fine in setups where sound is not required |
74 | #machine-id | 74 | #machine-id |
75 | netfilter | 75 | netfilter |
76 | nodvd | 76 | nodvd |
@@ -83,13 +83,12 @@ seccomp | |||
83 | shell none | 83 | shell none |
84 | tracelog | 84 | tracelog |
85 | 85 | ||
86 | disable-mnt | ||
86 | # firefox requires a shell to launch on Arch. | 87 | # firefox requires a shell to launch on Arch. |
87 | # private-bin firefox,which,sh,dbus-launch,dbus-send,env,bash | 88 | # private-bin firefox,which,sh,dbus-launch,dbus-send,env,bash |
88 | private-dev | 89 | private-dev |
89 | |||
90 | # private-etc below works fine on most distributions. There are some problems on CentOS. | 90 | # private-etc below works fine on most distributions. There are some problems on CentOS. |
91 | # private-etc iceweasel,ca-certificates,ssl,machine-id,dconf,selinux,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,firefox,mime.types,mailcap,asound.conf,pulse | 91 | # private-etc iceweasel,ca-certificates,ssl,machine-id,dconf,selinux,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,firefox,mime.types,mailcap,asound.conf,pulse |
92 | |||
93 | private-tmp | 92 | private-tmp |
94 | 93 | ||
95 | noexec ${HOME} | 94 | noexec ${HOME} |
diff --git a/etc/thunderbird.profile b/etc/thunderbird.profile index 8af981d70..2d14342e0 100644 --- a/etc/thunderbird.profile +++ b/etc/thunderbird.profile | |||
@@ -26,8 +26,8 @@ include /etc/firejail/whitelist-var-common.inc | |||
26 | 26 | ||
27 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE | 27 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE |
28 | ignore private-tmp | 28 | ignore private-tmp |
29 | machine-id | 29 | # machine-id breaks pulse audio; if should work fine in setups where sound is not required |
30 | disable-mnt | 30 | #machine-id |
31 | read-only ${HOME}/.config/mimeapps.list | 31 | read-only ${HOME}/.config/mimeapps.list |
32 | 32 | ||
33 | # allow browsers | 33 | # allow browsers |