diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-09-07 07:55:47 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-09-07 07:55:47 +0000 |
commit | 0c73dbc88bc917e50962405d32cb6b3b0da182cd (patch) | |
tree | 1943ee7fba4787639cc9387451951c4631eb72b0 /etc/inc | |
parent | build: remove preproc from gitignore (diff) | |
download | firejail-0c73dbc88bc917e50962405d32cb6b3b0da182cd.tar.gz firejail-0c73dbc88bc917e50962405d32cb6b3b0da182cd.tar.zst firejail-0c73dbc88bc917e50962405d32cb6b3b0da182cd.zip |
New disable include: disable-write-mnt.inc (#3622)
* New disable include: disable-write-mnt.inc
It is for profiles which have a reasonable mnt access (we can not add
disable-mnt), but no edit function (e.g. any kind of viewer).
Added to
- profile.template
- default.profile
- eo-common.profile
* Update default.profile
Diffstat (limited to 'etc/inc')
-rw-r--r-- | etc/inc/disable-write-mnt.inc | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/etc/inc/disable-write-mnt.inc b/etc/inc/disable-write-mnt.inc new file mode 100644 index 000000000..3990cf760 --- /dev/null +++ b/etc/inc/disable-write-mnt.inc | |||
@@ -0,0 +1,8 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include disable-write-mnt.local | ||
4 | |||
5 | read-only /mnt | ||
6 | read-only /media | ||
7 | read-only /run/mount | ||
8 | read-only /run/media | ||