diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-08-09 11:26:57 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-08-09 11:26:57 +0200 |
commit | 90d6bb10491861f20b59323f0179e576439fa5f7 (patch) | |
tree | 14a05edd6d5e33a9772d03704f28ac34076175a7 | |
parent | fix for older gcc compilerss (diff) | |
download | firejail-90d6bb10491861f20b59323f0179e576439fa5f7.tar.gz firejail-90d6bb10491861f20b59323f0179e576439fa5f7.tar.zst firejail-90d6bb10491861f20b59323f0179e576439fa5f7.zip |
profile fixes (1)
-rw-r--r-- | etc/celluloid.profile | 2 | ||||
-rw-r--r-- | etc/disable-common.inc | 1 | ||||
-rw-r--r-- | etc/gedit.profile | 2 | ||||
-rw-r--r-- | etc/gnome-builder.profile | 1 | ||||
-rw-r--r-- | etc/gnome-maps.profile | 2 | ||||
-rw-r--r-- | etc/whitelist-usr-share-common.inc | 1 |
6 files changed, 5 insertions, 4 deletions
diff --git a/etc/celluloid.profile b/etc/celluloid.profile index 6b7db6b44..d06eb7a65 100644 --- a/etc/celluloid.profile +++ b/etc/celluloid.profile | |||
@@ -29,7 +29,7 @@ include whitelist-var-common.inc | |||
29 | apparmor | 29 | apparmor |
30 | caps.drop all | 30 | caps.drop all |
31 | netfilter | 31 | netfilter |
32 | nodbus | 32 | # nodbus -- uses dconf |
33 | nogroups | 33 | nogroups |
34 | nonewprivs | 34 | nonewprivs |
35 | noroot | 35 | noroot |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 16f231108..f50e10a00 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -230,6 +230,7 @@ read-only ${HOME}/.bash_login | |||
230 | read-only ${HOME}/.bash_logout | 230 | read-only ${HOME}/.bash_logout |
231 | read-only ${HOME}/.bash_profile | 231 | read-only ${HOME}/.bash_profile |
232 | read-only ${HOME}/.bashrc | 232 | read-only ${HOME}/.bashrc |
233 | read-only ${HOME}/.config/environment.d | ||
233 | read-only ${HOME}/.config/fish | 234 | read-only ${HOME}/.config/fish |
234 | read-only ${HOME}/.csh_files | 235 | read-only ${HOME}/.csh_files |
235 | read-only ${HOME}/.cshrc | 236 | read-only ${HOME}/.cshrc |
diff --git a/etc/gedit.profile b/etc/gedit.profile index 837396654..6d575e850 100644 --- a/etc/gedit.profile +++ b/etc/gedit.profile | |||
@@ -42,6 +42,6 @@ tracelog | |||
42 | 42 | ||
43 | # private-bin gedit | 43 | # private-bin gedit |
44 | private-dev | 44 | private-dev |
45 | private-lib aspell,gconv,gedit,libgspell-1.so.*,libreadline.so.*,libtinfo.so.* | 45 | private-lib aspell,gconv,gedit,libgspell-1.so.*,libgtksourceview-3.0.so.*,libpeas-gtk-1.0.so.*,libreadline.so.*,libtinfo.so.* |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
diff --git a/etc/gnome-builder.profile b/etc/gnome-builder.profile index 726a74089..eaf48931d 100644 --- a/etc/gnome-builder.profile +++ b/etc/gnome-builder.profile | |||
@@ -31,5 +31,4 @@ protocol unix,inet,inet6 | |||
31 | seccomp | 31 | seccomp |
32 | shell none | 32 | shell none |
33 | 33 | ||
34 | private-cache | ||
35 | private-dev | 34 | private-dev |
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile index a625db948..78f5ddc3a 100644 --- a/etc/gnome-maps.profile +++ b/etc/gnome-maps.profile | |||
@@ -28,6 +28,7 @@ whitelist ${HOME}/.local/share/maps-places.json | |||
28 | whitelist ${DOWNLOADS} | 28 | whitelist ${DOWNLOADS} |
29 | whitelist ${PICTURES} | 29 | whitelist ${PICTURES} |
30 | whitelist /usr/share/gnome-maps | 30 | whitelist /usr/share/gnome-maps |
31 | whitelist /usr/share/libgweather | ||
31 | include whitelist-common.inc | 32 | include whitelist-common.inc |
32 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 34 | include whitelist-var-common.inc |
@@ -55,4 +56,3 @@ private-bin gjs,gnome-maps | |||
55 | private-dev | 56 | private-dev |
56 | private-etc alternatives,ca-certificates,clutter-1.0,crypto-policies,dconf,drirc,fonts,gconf,gcrypt,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pango,pkcs11,pki,protocols,resolv.conf,rpc,services,ssl,X11,xdg | 57 | private-etc alternatives,ca-certificates,clutter-1.0,crypto-policies,dconf,drirc,fonts,gconf,gcrypt,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pango,pkcs11,pki,protocols,resolv.conf,rpc,services,ssl,X11,xdg |
57 | private-tmp | 58 | private-tmp |
58 | |||
diff --git a/etc/whitelist-usr-share-common.inc b/etc/whitelist-usr-share-common.inc index be0a29d94..78b947750 100644 --- a/etc/whitelist-usr-share-common.inc +++ b/etc/whitelist-usr-share-common.inc | |||
@@ -42,6 +42,7 @@ whitelist /usr/share/p11-kit | |||
42 | whitelist /usr/share/pixmaps | 42 | whitelist /usr/share/pixmaps |
43 | whitelist /usr/share/pki | 43 | whitelist /usr/share/pki |
44 | whitelist /usr/share/plasma | 44 | whitelist /usr/share/plasma |
45 | whitelist /usr/share/publicsuffix | ||
45 | whitelist /usr/share/qt | 46 | whitelist /usr/share/qt |
46 | whitelist /usr/share/qt4 | 47 | whitelist /usr/share/qt4 |
47 | whitelist /usr/share/qt5 | 48 | whitelist /usr/share/qt5 |