Unify all profiles

author: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
committer: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
commit: 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree: 0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/file.profile
parent: various profile fixes (#1433) (diff)
download: firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip
1 files changed, 11 insertions, 10 deletions
diff --git a/etc/file.profile b/etc/file.profile
index 51e35007f..6e8280c3b 100644
--- a/etc/file.profile
+++ b/etc/file.profile
@@ -1,15 +1,16 @@
+# Firejail profile for file
+# This file is overwritten after every install/update
 quiet
-# Persistent global definitions go here
+# Persistent local customizations
+include /etc/firejail/file.local
+# Persistent global definitions
 include /etc/firejail/globals.local
-# This file is overwritten during software install.
+blacklist /tmp/.X11-unix
-# Persistent customizations should go in a .local file.
-include /etc/firejail/file.local
-# file profile
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 caps.drop all
 hostname file
@@ -17,7 +18,6 @@ net none
 no3d
 nogroups
 nonewprivs
-#noroot
 nosound
 protocol unix
 seccomp
@@ -25,8 +25,9 @@ shell none
 tracelog
 x11 none
-blacklist /tmp/.X11-unix
-private-dev
 private-bin file
+private-dev
 private-etc magic.mgc,magic,localtime
+# CLOBBERED COMMENTS
+# noroot
author	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
committer	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
commit	9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree	0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/file.profile
parent	various profile fixes (#1433) (diff)
download	firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip

diff --git a/etc/file.profile b/etc/file.profile index 51e35007f..6e8280c3b 100644 --- a/etc/file.profile +++ b/etc/file.profile
@@ -1,15 +1,16 @@
		1	# Firejail profile for file
		2	# This file is overwritten after every install/update
1	quiet	3	quiet
2	# Persistent global definitions go here	4	# Persistent local customizations
		5	include /etc/firejail/file.local
		6	# Persistent global definitions
3	include /etc/firejail/globals.local	7	include /etc/firejail/globals.local
4		8
5	# This file is overwritten during software install.	9	blacklist /tmp/.X11-unix
6	# Persistent customizations should go in a .local file.
7	include /etc/firejail/file.local
8		10
9	# file profile
10	include /etc/firejail/disable-common.inc	11	include /etc/firejail/disable-common.inc
11	include /etc/firejail/disable-programs.inc
12	include /etc/firejail/disable-passwdmgr.inc	12	include /etc/firejail/disable-passwdmgr.inc
		13	include /etc/firejail/disable-programs.inc
13		14
14	caps.drop all	15	caps.drop all
15	hostname file	16	hostname file
@@ -17,7 +18,6 @@ net none
17	no3d	18	no3d
18	nogroups	19	nogroups
19	nonewprivs	20	nonewprivs
20	#noroot
21	nosound	21	nosound
22	protocol unix	22	protocol unix
23	seccomp	23	seccomp
@@ -25,8 +25,9 @@ shell none
25	tracelog	25	tracelog
26	x11 none	26	x11 none
27		27
28	blacklist /tmp/.X11-unix
29
30	private-dev
31	private-bin file	28	private-bin file
		29	private-dev
32	private-etc magic.mgc,magic,localtime	30	private-etc magic.mgc,magic,localtime
		31
		32	# CLOBBERED COMMENTS
		33	# noroot