diff options
author | 2020-04-07 16:14:25 -0500 | |
---|---|---|
committer | 2020-04-07 16:14:25 -0500 | |
commit | 3848b98961614e1776b29ecfb76ef4c750b6b25f (patch) | |
tree | 3c7f0b623978562ee23fba7f52b6a039571cebea /etc/gnome-logs.profile | |
parent | dbus-proxy (gnome_games) (diff) | |
download | firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.gz firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.zst firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.zip |
Replace `nodbus` with dbus-* filters
See
- 07fac581f6b9b5ed068f4c54a9521b51826375c5 for new dbus filters
- https://github.com/netblue30/firejail/pull/3326#issuecomment-610423183
Except for ocenaudio, access/restrictions on dbus options should
be unchanged
Ocenaudio profile: dbus filters were sandboxed (initially `nodbus`
was enabled) since comments indicated blocking dbus meant
preferences were broken
Diffstat (limited to 'etc/gnome-logs.profile')
-rw-r--r-- | etc/gnome-logs.profile | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/gnome-logs.profile b/etc/gnome-logs.profile index 31b7cfb4f..4b6453015 100644 --- a/etc/gnome-logs.profile +++ b/etc/gnome-logs.profile | |||
@@ -24,7 +24,6 @@ caps.drop all | |||
24 | ipc-namespace | 24 | ipc-namespace |
25 | net none | 25 | net none |
26 | no3d | 26 | no3d |
27 | nodbus | ||
28 | nodvd | 27 | nodvd |
29 | # When using 'volatile' storage (https://www.freedesktop.org/software/systemd/man/journald.conf.html), | 28 | # When using 'volatile' storage (https://www.freedesktop.org/software/systemd/man/journald.conf.html), |
30 | # comment both 'nogroups' and 'noroot' | 29 | # comment both 'nogroups' and 'noroot' |
@@ -50,6 +49,9 @@ private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.s | |||
50 | private-tmp | 49 | private-tmp |
51 | writable-var-log | 50 | writable-var-log |
52 | 51 | ||
52 | dbus-user none | ||
53 | dbus-system none | ||
54 | |||
53 | # comment this if you export logs to a file in your ${HOME} | 55 | # comment this if you export logs to a file in your ${HOME} |
54 | # or put 'ignore read-only ${HOME}' in your gnome-logs.local. | 56 | # or put 'ignore read-only ${HOME}' in your gnome-logs.local. |
55 | read-only ${HOME} | 57 | read-only ${HOME} |