diff options
| author |  rusty-snake <print_hello_world+Public@protonmail.com> | 2019-12-19 15:42:50 +0100 |
|---|---|---|
| committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-12-21 15:02:11 +0100 |
| commit | 038e966978e5a687cd908cb929e04b314808c4a6 (patch) | |
| tree | 18b978522aa04d8e61acfa00719b1480cd1aac5d | |
| parent | Fix Brave's native sandbox (#3087) (diff) | |
| download | firejail-038e966978e5a687cd908cb929e04b314808c4a6.tar.gz firejail-038e966978e5a687cd908cb929e04b314808c4a6.tar.zst firejail-038e966978e5a687cd908cb929e04b314808c4a6.zip | |
fix seahorse-tool
squashed: Fix private-etc ordering in seahorse-tool
Thanks to @glitsj16 for this fixup
| -rw-r--r-- | etc/seahorse-tool.profile | 4 | ||||
| -rw-r--r-- | etc/seahorse.profile | 12 |
2 files changed, 9 insertions, 7 deletions
diff --git a/etc/seahorse-tool.profile b/etc/seahorse-tool.profile index 4bf23c512..96ff74edf 100644 --- a/etc/seahorse-tool.profile +++ b/etc/seahorse-tool.profile | |||
| @@ -7,9 +7,9 @@ include seahorse-tool.local | |||
| 7 | # added by included profile | 7 | # added by included profile |
| 8 | #include globals.local | 8 | #include globals.local |
| 9 | 9 | ||
| 10 | # private-etc workaround for: #2877 | ||
| 11 | private-etc firejail,login.defs,passwd | ||
| 10 | private-tmp | 12 | private-tmp |
| 11 | 13 | ||
| 12 | memory-deny-write-execute | ||
| 13 | |||
| 14 | # Redirect | 14 | # Redirect |
| 15 | include seahorse.profile | 15 | include seahorse.profile |
diff --git a/etc/seahorse.profile b/etc/seahorse.profile index 6acf8aa5d..5a742d05f 100644 --- a/etc/seahorse.profile +++ b/etc/seahorse.profile | |||
| @@ -20,17 +20,19 @@ include disable-passwdmgr.inc | |||
| 20 | include disable-programs.inc | 20 | include disable-programs.inc |
| 21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
| 22 | 22 | ||
| 23 | mkdir ${HOME}/.gnupg | 23 | # whitelisting in ${HOME} breaks file encryption feature of nautilus. |
| 24 | mkdir ${HOME}/.ssh | 24 | # once #2882 is fixed this can be uncommented and nowhitelisted in seahorse-tool.profile |
| 25 | whitelist ${HOME}/.gnupg | 25 | #mkdir ${HOME}/.gnupg |
| 26 | whitelist ${HOME}/.ssh | 26 | #mkdir ${HOME}/.ssh |
| 27 | #whitelist ${HOME}/.gnupg | ||
| 28 | #whitelist ${HOME}/.ssh | ||
| 27 | whitelist /tmp/ssh-* | 29 | whitelist /tmp/ssh-* |
| 28 | whitelist /usr/share/gnupg | 30 | whitelist /usr/share/gnupg |
| 29 | whitelist /usr/share/gnupg2 | 31 | whitelist /usr/share/gnupg2 |
| 30 | whitelist /usr/share/seahorse | 32 | whitelist /usr/share/seahorse |
| 31 | whitelist /usr/share/seahorse-nautilus | 33 | whitelist /usr/share/seahorse-nautilus |
| 34 | #include whitelist-common.inc | ||
| 32 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
| 33 | include whitelist-common.inc | ||
| 34 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
| 35 | 37 | ||
| 36 | apparmor | 38 | apparmor |