diff options
author | netblue30 <netblue30@yahoo.com> | 2020-04-21 08:24:28 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2020-04-21 08:24:28 -0400 |
commit | 018d75775eab4a0f045949a9d069c57686ca2686 (patch) | |
tree | aac3a1a65cca0d4875795c55109a5c3e35efdefb /etc/Xvfb.profile | |
parent | small fixes (diff) | |
download | firejail-018d75775eab4a0f045949a9d069c57686ca2686.tar.gz firejail-018d75775eab4a0f045949a9d069c57686ca2686.tar.zst firejail-018d75775eab4a0f045949a9d069c57686ca2686.zip |
reorganize github etc directory
Diffstat (limited to 'etc/Xvfb.profile')
-rw-r--r-- | etc/Xvfb.profile | 46 |
1 files changed, 0 insertions, 46 deletions
diff --git a/etc/Xvfb.profile b/etc/Xvfb.profile deleted file mode 100644 index 937d02d60..000000000 --- a/etc/Xvfb.profile +++ /dev/null | |||
@@ -1,46 +0,0 @@ | |||
1 | # Firejail profile for Xvfb | ||
2 | # Description: Virtual Framebuffer 'fake' X server | ||
3 | # This file is overwritten after every install/update | ||
4 | quiet | ||
5 | # Persistent local customizations | ||
6 | include Xvfb.local | ||
7 | # Persistent global definitions | ||
8 | include globals.local | ||
9 | |||
10 | # | ||
11 | # This profile will sandbox Xvfb server itself when used with firejail --x11=xvfb. | ||
12 | # The target program is sandboxed with its own profile. By default the this functionality | ||
13 | # is disabled. To enable it, create a firejail-Xvfb symlink in /usr/local/bin: | ||
14 | # | ||
15 | # $ sudo ln -s /usr/bin/firejail /usr/local/bin/Xvfb | ||
16 | # | ||
17 | # We have this functionality disabled by default because it creates problems on | ||
18 | # some Linux distributions. Also, older versions of Xpra use Xvfb. | ||
19 | # | ||
20 | |||
21 | whitelist /var/lib/xkb | ||
22 | include whitelist-common.inc | ||
23 | |||
24 | caps.drop all | ||
25 | # Xvfb needs to be allowed access to the abstract Unix socket namespace. | ||
26 | nodvd | ||
27 | nogroups | ||
28 | nonewprivs | ||
29 | # In noroot mode, Xvfb cannot create a socket in the real /tmp/.X11-unix. | ||
30 | #noroot | ||
31 | nosound | ||
32 | notv | ||
33 | nou2f | ||
34 | novideo | ||
35 | protocol unix | ||
36 | seccomp | ||
37 | shell none | ||
38 | |||
39 | disable-mnt | ||
40 | # using a private home directory | ||
41 | private | ||
42 | # private-bin sh,xkbcomp,Xvfb | ||
43 | # private-bin bash,cat,ls,sh,strace,xkbcomp,Xvfb | ||
44 | private-dev | ||
45 | private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,nsswitch.conf,resolv.conf | ||
46 | private-tmp | ||