diff options
| author |  Michele Sorcinelli <michelesr@users.noreply.github.com> | 2024-03-05 14:02:40 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-03-05 14:02:40 +0000 |
| commit | b9d11ed33c8df27affe046315ef0d603f3bf8495 (patch) | |
| tree | be988481a8f06bacef2d30f4f8827ab561ac300b | |
| parent | archiver-common: add mkinitcpio support to private-etc (#5656) (diff) | |
| download | firejail-b9d11ed33c8df27affe046315ef0d603f3bf8495.tar.gz firejail-b9d11ed33c8df27affe046315ef0d603f3bf8495.tar.zst firejail-b9d11ed33c8df27affe046315ef0d603f3bf8495.zip | |
ssh: whitelist gcr-ssh-agent unix socket (#6258)
Since gnome-keyring 1.46, the ssh-agent functionality has been removed
and gcr-ssh-agent is the recommended alternative.
Source:
- https://gitlab.gnome.org/GNOME/gcr/-/merge_requests/67
- https://wiki.archlinux.org/title/GNOME/Keyring#SSH_keys
| -rw-r--r-- | etc/profile-m-z/ssh.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index fde85be64..62efa28db 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
| @@ -18,6 +18,7 @@ include disable-common.inc | |||
| 18 | include disable-exec.inc | 18 | include disable-exec.inc |
| 19 | include disable-programs.inc | 19 | include disable-programs.inc |
| 20 | 20 | ||
| 21 | whitelist ${RUNUSER}/gcr/ssh | ||
| 21 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh | 22 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh |
| 22 | whitelist ${RUNUSER}/keyring/ssh | 23 | whitelist ${RUNUSER}/keyring/ssh |
| 23 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |