diff options
author | netblue30 <netblue30@yahoo.com> | 2020-09-08 08:21:05 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2020-09-08 08:21:05 -0400 |
commit | aee833f8bbc958d71f78d55ba677a419b970aa05 (patch) | |
tree | 399b278ec726ddd0133f698a4dc91d4dc5a3e20a /README.md | |
parent | fix #3625 -- hedgewars crashes without access to liblua (diff) | |
download | firejail-aee833f8bbc958d71f78d55ba677a419b970aa05.tar.gz firejail-aee833f8bbc958d71f78d55ba677a419b970aa05.tar.zst firejail-aee833f8bbc958d71f78d55ba677a419b970aa05.zip |
profstats: track dbus-system none
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 44 |
1 files changed, 22 insertions, 22 deletions
@@ -160,33 +160,33 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
160 | 160 | ||
161 | ### Profile Statistics | 161 | ### Profile Statistics |
162 | 162 | ||
163 | A small tool to print profile statistics. Compile as usual and run: | 163 | A small tool to print profile statistics. Compile as usual and run in /etc/profiles: |
164 | ````` | 164 | ````` |
165 | $ make | ||
166 | $ cd etc | ||
167 | $ ./profstats *.profile | 165 | $ ./profstats *.profile |
168 | profiles 966 | 166 | Warning: multiple caps in transmission-daemon.profile |
169 | include local profile 966 (include profile-name.local) | 167 | |
170 | include globals 966 (include globals.local) | 168 | Stats: |
171 | blacklist ~/.ssh 951 (include disable-common.inc) | 169 | profiles 1025 |
172 | seccomp 908 | 170 | include local profile 1025 (include profile-name.local) |
173 | capabilities 965 | 171 | include globals 1025 (include globals.local) |
174 | noexec 830 (include disable-exec.inc) | 172 | blacklist ~/.ssh 1001 (include disable-common.inc) |
175 | memory-deny-write-execute 214 | 173 | seccomp 971 |
176 | apparmor 488 | 174 | capabilities 1024 |
177 | private-bin 483 | 175 | noexec 895 (include disable-exec.inc) |
178 | private-dev 829 | 176 | memory-deny-write-execute 217 |
179 | private-etc 366 | 177 | apparmor 546 |
180 | private-tmp 726 | 178 | private-bin 537 |
181 | whitelist var 638 (include whitelist-var-common.inc) | 179 | private-dev 893 |
182 | whitelist run/user 282 (include whitelist-runuser-common.inc | 180 | private-etc 426 |
181 | private-tmp 780 | ||
182 | whitelist var 691 (include whitelist-var-common.inc) | ||
183 | whitelist run/user 329 (include whitelist-runuser-common.inc | ||
183 | or blacklist ${RUNUSER}) | 184 | or blacklist ${RUNUSER}) |
184 | whitelist usr/share 275 (include whitelist-usr-share-common.inc | 185 | whitelist usr/share 349 (include whitelist-usr-share-common.inc |
185 | net none 313 | 186 | net none 329 |
187 | dbus-system none 624 | ||
186 | ````` | 188 | ````` |
187 | 189 | ||
188 | Run ./profstats -h for help. | ||
189 | |||
190 | ### New profiles: | 190 | ### New profiles: |
191 | 191 | ||
192 | gfeeds, firefox-x11, tvbrowser, rtv, clipgrab, gnome-passwordsafe, bibtex, gummi, latex, pdflatex, tex, wpp, wpspdf, wps, et, | 192 | gfeeds, firefox-x11, tvbrowser, rtv, clipgrab, gnome-passwordsafe, bibtex, gummi, latex, pdflatex, tex, wpp, wpspdf, wps, et, |