Unify all profiles

author: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
committer: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
commit: 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree: 0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/gpg.profile
parent: various profile fixes (#1433) (diff)
download: firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip
1 files changed, 9 insertions, 10 deletions
diff --git a/etc/gpg.profile b/etc/gpg.profile
index 9ecc0a753..2d745b435 100644
--- a/etc/gpg.profile
+++ b/etc/gpg.profile
@@ -1,31 +1,30 @@
-# Persistent global definitions go here
+# Firejail profile for gpg
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/gpg.local
+# Persistent global definitions
 include /etc/firejail/globals.local
-# This file is overwritten during software install.
+blacklist /tmp/.X11-unix
-# Persistent customizations should go in a .local file.
-include /etc/firejail/gpg.local
-# gpg profile
 noblacklist ~/.gnupg
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 caps.drop all
+netfilter
+no3d
 nogroups
 nonewprivs
 noroot
 nosound
 protocol unix,inet,inet6
 seccomp
-netfilter
-no3d
 shell none
 tracelog
-blacklist /tmp/.X11-unix
 # private-bin gpg,gpg-agent
 private-dev
author	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
committer	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
commit	9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree	0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/gpg.profile
parent	various profile fixes (#1433) (diff)
download	firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip

diff --git a/etc/gpg.profile b/etc/gpg.profile index 9ecc0a753..2d745b435 100644 --- a/etc/gpg.profile +++ b/etc/gpg.profile
@@ -1,31 +1,30 @@
1	# Persistent global definitions go here	1	# Firejail profile for gpg
		2	# This file is overwritten after every install/update
		3	# Persistent local customizations
		4	include /etc/firejail/gpg.local
		5	# Persistent global definitions
2	include /etc/firejail/globals.local	6	include /etc/firejail/globals.local
3		7
4	# This file is overwritten during software install.	8	blacklist /tmp/.X11-unix
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/gpg.local
7		9
8	# gpg profile
9	noblacklist ~/.gnupg	10	noblacklist ~/.gnupg
10		11
11	include /etc/firejail/disable-common.inc	12	include /etc/firejail/disable-common.inc
12	include /etc/firejail/disable-programs.inc
13	include /etc/firejail/disable-devel.inc	13	include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-passwdmgr.inc	14	include /etc/firejail/disable-passwdmgr.inc
		15	include /etc/firejail/disable-programs.inc
15		16
16	caps.drop all	17	caps.drop all
		18	netfilter
		19	no3d
17	nogroups	20	nogroups
18	nonewprivs	21	nonewprivs
19	noroot	22	noroot
20	nosound	23	nosound
21	protocol unix,inet,inet6	24	protocol unix,inet,inet6
22	seccomp	25	seccomp
23	netfilter
24	no3d
25	shell none	26	shell none
26	tracelog	27	tracelog
27		28
28	blacklist /tmp/.X11-unix
29
30	# private-bin gpg,gpg-agent	29	# private-bin gpg,gpg-agent
31	private-dev	30	private-dev