apparmor deployment

author: netblue30 <netblue30@yahoo.com> 2018-03-16 11:00:08 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-03-16 11:00:08 -0400
commit: 971c62aa569d9161190705a0012b9ad02546822c (patch)
tree: f4f80dc06669568acf00f3269f765fa3150ded5c /README.md
parent: Add a LibreOffice profile alias for Base (diff)
download: firejail-971c62aa569d9161190705a0012b9ad02546822c.tar.gz
firejail-971c62aa569d9161190705a0012b9ad02546822c.tar.zst
firejail-971c62aa569d9161190705a0012b9ad02546822c.zip
1 files changed, 9 insertions, 7 deletions
diff --git a/README.md b/README.md
index 906ff8481..e78c86709 100644
--- a/README.md
+++ b/README.md
@@ -207,13 +207,15 @@ AppArmor features are supported on overlayfs and chroot sandboxes.
 We are in the process of streamlining our AppArmor profile. The restrictions for /proc, /sys
 and /run/user directories were moved out of the profile into firejail executable.
+We are also adding a "apparmor yes/no" flag in /etc/firejail/firejail.config file allows the user to
-We intend to start apparmor by default for browsers, torrent clients and media players.
+enable/disable apparmor functionality globally. By default the flag is enabled.
-So far we cover Firefox (firefox-common.profile), Chromium (chromium-common.profile),
-transmission-qt, transmission-gtk, vlc and mpv.
+AppArmor deployment: we are starting apparmor by default for the following programs:
+- web browsers: firefox (firefox-common.profile), chromium (chromium-common.profile)
-"apparmor yes/no" flag in /etc/firejail/firejail.config file allows the user to enable/disable apparmor functionality globally
+- torrent clients: transmission-qt, transmission-gtk, qbittorrent
-By default the flag is enabled.
+- media players: vlc, mpv, audacious, totem, rhythmbox
+- media editing: kdenlive, audacity, handbrake, gimp, inkscape, krita, openshot
+- etc.: atril, gnome-calculator, galculator, eom, eog
 Checking apparmor status:
 `````
author	netblue30 <netblue30@yahoo.com>	2018-03-16 11:00:08 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-03-16 11:00:08 -0400
commit	971c62aa569d9161190705a0012b9ad02546822c (patch)
tree	f4f80dc06669568acf00f3269f765fa3150ded5c /README.md
parent	Add a LibreOffice profile alias for Base (diff)
download	firejail-971c62aa569d9161190705a0012b9ad02546822c.tar.gz firejail-971c62aa569d9161190705a0012b9ad02546822c.tar.zst firejail-971c62aa569d9161190705a0012b9ad02546822c.zip

diff --git a/README.md b/README.md index 906ff8481..e78c86709 100644 --- a/README.md +++ b/README.md
@@ -207,13 +207,15 @@ AppArmor features are supported on overlayfs and chroot sandboxes.
207		207
208	We are in the process of streamlining our AppArmor profile. The restrictions for /proc, /sys	208	We are in the process of streamlining our AppArmor profile. The restrictions for /proc, /sys
209	and /run/user directories were moved out of the profile into firejail executable.	209	and /run/user directories were moved out of the profile into firejail executable.
210		210	We are also adding a "apparmor yes/no" flag in /etc/firejail/firejail.config file allows the user to
211	We intend to start apparmor by default for browsers, torrent clients and media players.	211	enable/disable apparmor functionality globally. By default the flag is enabled.
212	So far we cover Firefox (firefox-common.profile), Chromium (chromium-common.profile),	212
213	transmission-qt, transmission-gtk, vlc and mpv.	213	AppArmor deployment: we are starting apparmor by default for the following programs:
214		214	- web browsers: firefox (firefox-common.profile), chromium (chromium-common.profile)
215	"apparmor yes/no" flag in /etc/firejail/firejail.config file allows the user to enable/disable apparmor functionality globally	215	- torrent clients: transmission-qt, transmission-gtk, qbittorrent
216	By default the flag is enabled.	216	- media players: vlc, mpv, audacious, totem, rhythmbox
		217	- media editing: kdenlive, audacity, handbrake, gimp, inkscape, krita, openshot
		218	- etc.: atril, gnome-calculator, galculator, eom, eog
217		219
218	Checking apparmor status:	220	Checking apparmor status:
219	`````	221	`````