diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2020-04-07 16:14:25 -0500 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2020-04-07 16:14:25 -0500 |
commit | 3848b98961614e1776b29ecfb76ef4c750b6b25f (patch) | |
tree | 3c7f0b623978562ee23fba7f52b6a039571cebea /etc/ephemeral.profile | |
parent | dbus-proxy (gnome_games) (diff) | |
download | firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.gz firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.zst firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.zip |
Replace `nodbus` with dbus-* filters
See
- 07fac581f6b9b5ed068f4c54a9521b51826375c5 for new dbus filters
- https://github.com/netblue30/firejail/pull/3326#issuecomment-610423183
Except for ocenaudio, access/restrictions on dbus options should
be unchanged
Ocenaudio profile: dbus filters were sandboxed (initially `nodbus`
was enabled) since comments indicated blocking dbus meant
preferences were broken
Diffstat (limited to 'etc/ephemeral.profile')
-rw-r--r-- | etc/ephemeral.profile | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/etc/ephemeral.profile b/etc/ephemeral.profile index c688c2324..029f613c6 100644 --- a/etc/ephemeral.profile +++ b/etc/ephemeral.profile | |||
@@ -39,8 +39,6 @@ caps.drop all | |||
39 | # machine-id breaks pulse audio; it should work fine in setups where sound is not required. | 39 | # machine-id breaks pulse audio; it should work fine in setups where sound is not required. |
40 | #machine-id | 40 | #machine-id |
41 | netfilter | 41 | netfilter |
42 | # nodbus breaks preferences | ||
43 | #nodbus | ||
44 | nodvd | 42 | nodvd |
45 | nogroups | 43 | nogroups |
46 | nonewprivs | 44 | nonewprivs |
@@ -59,3 +57,7 @@ private-cache | |||
59 | # private-etc below works fine on most distributions. There are some problems on CentOS. | 57 | # private-etc below works fine on most distributions. There are some problems on CentOS. |
60 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,login.defs,machine-id,mailcap,mime.types,nsswitch.conf,os-release,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 58 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,login.defs,machine-id,mailcap,mime.types,nsswitch.conf,os-release,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
61 | private-tmp | 59 | private-tmp |
60 | |||
61 | # breaks preferences | ||
62 | # dbus-user none | ||
63 | # dbus-system none | ||