Follow-up for #3326 (#3397)

* use the new dbus format in chromium-common.profile

* use new dbus format in firejail.config

Now that #3326 landed I think it might be less confusing to keep using the --nodbus wording. Couldn't come up with a better alternative (yet), so this might need future improvements.

* block dbus system bus

Blocking the system bus shouldn't affect password functionality etc, as that uses the session bus.

2 files changed, 5 insertions, 2 deletions

diff --git a/etc/firejail.config b/etc/firejail.config
index 589109c64..b2a96612f 100644
--- a/etc/firejail.config
+++ b/etc/firejail.config
@@ -27,7 +27,7 @@
 # Enable or disable chroot support, default enabled.
 # chroot yes
 
-# Enable or disable dbus handling by --nodbus flag, default enabled.
+# Enable or disable dbus handling, default enabled.
 # dbus yes
 
 # Disable /mnt, /media, /run/mount and /run/media access. By default access
diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile
index c54fb0e19..899400d25 100644
--- a/etc/profile-a-l/chromium-common.profile
+++ b/etc/profile-a-l/chromium-common.profile
@@ -29,7 +29,6 @@ include whitelist-var-common.inc
 apparmor
 caps.keep sys_admin,sys_chroot
 netfilter
-# nodbus - prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector
 nodvd
 nogroups
 notv
@@ -40,5 +39,9 @@ disable-mnt
 ?BROWSER_DISABLE_U2F: private-dev
 # private-tmp - problems with multiple browser sessions
 
+# prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector
+# dbus-user none
+dbus-system none
+
 # the file dialog needs to work without d-bus
 ?HAS_NODBUS: env NO_CHROME_KDE_FILE_DIALOG=1