profiles: fix some comments

Changes: * Turn very long end-of-line comments into normal comments * Turn multi-line end-of-line comments into normal comments * Fix a comment being below instead of above the relevant entry * Turn some comments that look like code into end-of-line comments
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2023-08-11 19:07:32 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2023-09-06 04:01:27 -0300
commit: 8e99a8c2e3385fb43241426c1df390c31f5e9913 (patch)
tree: b88fde969bb4c634bd655c83eba879608256994d
parent: build: add missing dbus/x11 commands to arg1 list (diff)
download: firejail-8e99a8c2e3385fb43241426c1df390c31f5e9913.tar.gz
firejail-8e99a8c2e3385fb43241426c1df390c31f5e9913.tar.zst
firejail-8e99a8c2e3385fb43241426c1df390c31f5e9913.zip
9 files changed, 25 insertions, 17 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 1b0e00bc6..37ca604b7 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -33,7 +33,8 @@ blacklist-nolog ${HOME}/.viminfo
 blacklist-nolog /tmp/clipmenu*
 # X11 session autostart
-# blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs
+# this will kill --x11=xpra cmdline option for all programs
+#blacklist ${HOME}/.xpra
 blacklist ${HOME}/.Xsession
 blacklist ${HOME}/.blackbox
 blacklist ${HOME}/.config/autostart
@@ -241,8 +242,9 @@ blacklist /var/lib/mysql/mysql.sock
 blacklist /var/lib/mysqld/mysql.sock
 blacklist /var/lib/pacman
 blacklist /var/lib/upower
-# blacklist /var/log - a virtual /var/log directory (mostly empty) is build up by default for
+# a virtual /var/log directory (mostly empty) is build up by default for every
-# every sandbox, unless --writable-var-log switch is activated
+# sandbox, unless --writable-var-log switch is activated
+#blacklist /var/log
 blacklist /var/mail
 blacklist /var/opt
 blacklist /var/run/acpid.socket
@@ -611,8 +613,8 @@ blacklist /tmp/tmux-*
 blacklist ${PATH}/gnome-terminal
 blacklist ${PATH}/gnome-terminal.wrapper
 blacklist ${PATH}/kgx
-# blacklist ${PATH}/konsole
 # konsole doesn't seem to have this problem - last tested on Ubuntu 16.04
+#blacklist ${PATH}/konsole
 blacklist ${PATH}/lilyterm
 blacklist ${PATH}/lxterminal
 blacklist ${PATH}/mate-terminal
diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile
index 878e0fe1d..ea24aa102 100644
--- a/etc/profile-a-l/chromium-common.profile
+++ b/etc/profile-a-l/chromium-common.profile
@@ -39,7 +39,9 @@ blacklist ${PATH}/curl
 blacklist ${PATH}/wget
 blacklist ${PATH}/wget2
-#dbus-user none - prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector.
+# This prevents access to passwords saved in GNOME Keyring and KWallet, also
+# breaks Gnome connector.
+#dbus-user none
 # The file dialog needs to work without d-bus.
 ?HAS_NODBUS: env NO_CHROME_KDE_FILE_DIALOG=1
diff --git a/etc/profile-a-l/digikam.profile b/etc/profile-a-l/digikam.profile
index 05f0dfba8..7c0b902b9 100644
--- a/etc/profile-a-l/digikam.profile
+++ b/etc/profile-a-l/digikam.profile
@@ -37,8 +37,10 @@ protocol unix,inet,inet6,netlink
 # QtWebengine needs chroot to set up its own sandbox
 seccomp !chroot
-# private-dev - prevents libdc1394 loading; this lib is used to connect to a camera device
+# private-dev prevents libdc1394 from loading; this lib is used to connect to a
-# private-etc alternatives,ca-certificates,crypto-policies,pki,ssl
+# camera device
+#private-dev
+#private-etc alternatives,ca-certificates,crypto-policies,pki,ssl
 private-tmp
 # dbus-user none
diff --git a/etc/profile-a-l/dino.profile b/etc/profile-a-l/dino.profile
index fe2b59a1e..44a3f0846 100644
--- a/etc/profile-a-l/dino.profile
+++ b/etc/profile-a-l/dino.profile
@@ -40,7 +40,8 @@ tracelog
 disable-mnt
 private-bin dino
 private-dev
-# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl -- breaks server connection
+# breaks server connection
+#private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl
 private-tmp
 dbus-user filter
diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile
index 8e0758c37..bf6b9249f 100644
--- a/etc/profile-m-z/okular.profile
+++ b/etc/profile-m-z/okular.profile
@@ -62,7 +62,8 @@ tracelog
 private-bin kbuildsycoca4,kdeinit4,lpr,okular,unar,unrar
 private-dev
 private-etc @x11,cups
-# private-tmp - on KDE we need access to the real /tmp for data exchange with email clients
+# on KDE we need access to the real /tmp for data exchange with email clients
+#private-tmp
 # dbus-user none
 # dbus-system none
diff --git a/etc/profile-m-z/pycharm-community.profile b/etc/profile-m-z/pycharm-community.profile
index 875b83e8e..fa307fc88 100644
--- a/etc/profile-m-z/pycharm-community.profile
+++ b/etc/profile-m-z/pycharm-community.profile
@@ -34,8 +34,8 @@ nou2f
 novideo
 tracelog
-# private-etc alternatives,fonts,passwd - minimal required to run but will probably break
+# minimum required to run but will probably break the program!
-# program!
+#private-etc alternatives,fonts,passwd
 private-dev
 private-tmp
diff --git a/etc/profile-m-z/rpcs3.profile b/etc/profile-m-z/rpcs3.profile
index 405ab818d..603ec8ff4 100644
--- a/etc/profile-m-z/rpcs3.profile
+++ b/etc/profile-m-z/rpcs3.profile
@@ -54,7 +54,8 @@ tracelog
 disable-mnt
 #private-cache
-#private-etc alternatives,ca-certificates,crypto-policies,machine-id,pki,resolv.conf,ssl # seems to need awk
+# seems to need awk
+#private-etc alternatives,ca-certificates,crypto-policies,machine-id,pki,resolv.conf,ssl
 private-tmp
 dbus-user none
diff --git a/etc/profile-m-z/wireshark.profile b/etc/profile-m-z/wireshark.profile
index d1b757a25..dedb78d11 100644
--- a/etc/profile-m-z/wireshark.profile
+++ b/etc/profile-m-z/wireshark.profile
@@ -38,7 +38,8 @@ nosound
 notv
 nou2f
 novideo
-# protocol unix,inet,inet6,netlink,packet,bluetooth - commented out in case they bring in new protocols
+# commented out in case they bring in new protocols
+#protocol unix,inet,inet6,netlink,packet,bluetooth
 #seccomp
 tracelog
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile
index f5dd0c309..f957954dd 100644
--- a/etc/profile-m-z/yelp.profile
+++ b/etc/profile-m-z/yelp.profile
@@ -33,16 +33,14 @@ include whitelist-var-common.inc
 apparmor
 caps.drop all
-# machine-id breaks sound - add the next line to your yelp.local if you don't need sound support.
+#machine-id # add this to your yelp.local if you don't need sound support.
-#machine-id
 net none
 nodvd
 nogroups
 noinput
 nonewprivs
 noroot
-# nosound - add the next line to your yelp.local if you don't need sound support.
+#nosound # add this to your yelp.local if you don't need sound support.
-#nosound
 notv
 nou2f
 novideo
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2023-08-11 19:07:32 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2023-09-06 04:01:27 -0300
commit	8e99a8c2e3385fb43241426c1df390c31f5e9913 (patch)
tree	b88fde969bb4c634bd655c83eba879608256994d
parent	build: add missing dbus/x11 commands to arg1 list (diff)
download	firejail-8e99a8c2e3385fb43241426c1df390c31f5e9913.tar.gz firejail-8e99a8c2e3385fb43241426c1df390c31f5e9913.tar.zst firejail-8e99a8c2e3385fb43241426c1df390c31f5e9913.zip