diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-03-19 12:05:14 +0100 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-03-19 12:05:14 +0100 |
commit | 4442aac3f24b9ae8b25b6be29354fcb4f4af04ce (patch) | |
tree | 4a51d29420e526f4b9f33698bd3b3f8c3eed8c22 /etc/openclonk.profile | |
parent | fix nslookup.profile header (diff) | |
download | firejail-4442aac3f24b9ae8b25b6be29354fcb4f4af04ce.tar.gz firejail-4442aac3f24b9ae8b25b6be29354fcb4f4af04ce.tar.zst firejail-4442aac3f24b9ae8b25b6be29354fcb4f4af04ce.zip |
misc fixes
remove netfilter from profiles with net none
allow Viber to use dig, dig is in its private-bin, so I assume that it
need it.
blacklist resolvectl which can also be used for dns lookups
Diffstat (limited to 'etc/openclonk.profile')
-rw-r--r-- | etc/openclonk.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/openclonk.profile b/etc/openclonk.profile index 8921bc460..20b2a9626 100644 --- a/etc/openclonk.profile +++ b/etc/openclonk.profile | |||
@@ -25,6 +25,7 @@ apparmor | |||
25 | caps.drop all | 25 | caps.drop all |
26 | ipc-namespace | 26 | ipc-namespace |
27 | # net none - networked game | 27 | # net none - networked game |
28 | netfilter | ||
28 | nodbus | 29 | nodbus |
29 | nodvd | 30 | nodvd |
30 | nogroups | 31 | nogroups |