Unify all profiles

author: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
committer: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
commit: 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree: 0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/highlight.profile
parent: various profile fixes (#1433) (diff)
download: firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip
1 files changed, 9 insertions, 10 deletions
diff --git a/etc/highlight.profile b/etc/highlight.profile
index fefbcc55d..c314d34cb 100644
--- a/etc/highlight.profile
+++ b/etc/highlight.profile
@@ -1,31 +1,30 @@
-# Persistent global definitions go here
+# Firejail profile for highlight
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/highlight.local
+# Persistent global definitions
 include /etc/firejail/globals.local
-# This file is overwritten during software install.
+blacklist /tmp/.X11-unix
-# Persistent customizations should go in a .local file.
-include /etc/firejail/highlight.local
-# highlight profile
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 caps.drop all
 net none
+no3d
 nogroups
 nonewprivs
 noroot
 nosound
 protocol unix
 seccomp
-no3d
 shell none
 tracelog
-blacklist /tmp/.X11-unix
 private-bin highlight
+private-dev
 # private-etc none
 private-tmp
-private-dev
author	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
committer	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
commit	9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree	0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/highlight.profile
parent	various profile fixes (#1433) (diff)
download	firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip

diff --git a/etc/highlight.profile b/etc/highlight.profile index fefbcc55d..c314d34cb 100644 --- a/etc/highlight.profile +++ b/etc/highlight.profile
@@ -1,31 +1,30 @@
1	# Persistent global definitions go here	1	# Firejail profile for highlight
		2	# This file is overwritten after every install/update
		3	# Persistent local customizations
		4	include /etc/firejail/highlight.local
		5	# Persistent global definitions
2	include /etc/firejail/globals.local	6	include /etc/firejail/globals.local
3		7
4	# This file is overwritten during software install.	8	blacklist /tmp/.X11-unix
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/highlight.local
7		9
8	# highlight profile
9	include /etc/firejail/disable-common.inc	10	include /etc/firejail/disable-common.inc
10	include /etc/firejail/disable-programs.inc
11	include /etc/firejail/disable-devel.inc	11	include /etc/firejail/disable-devel.inc
12	include /etc/firejail/disable-passwdmgr.inc	12	include /etc/firejail/disable-passwdmgr.inc
		13	include /etc/firejail/disable-programs.inc
13		14
14	caps.drop all	15	caps.drop all
15	net none	16	net none
		17	no3d
16	nogroups	18	nogroups
17	nonewprivs	19	nonewprivs
18	noroot	20	noroot
19	nosound	21	nosound
20	protocol unix	22	protocol unix
21	seccomp	23	seccomp
22	no3d
23	shell none	24	shell none
24	tracelog	25	tracelog
25		26
26	blacklist /tmp/.X11-unix
27
28	private-bin highlight	27	private-bin highlight
		28	private-dev
29	# private-etc none	29	# private-etc none
30	private-tmp	30	private-tmp
31	private-dev