many profile cleanup (4)

containing: - files forgotten in 4beaf8f9 - workarounds for #903 - commented useless private-etc lines removed - remove commented seccomp.keep lines - much more
author: rusty-snake <print_hello_world+Public@protonmail.com> 2019-06-16 13:04:28 +0200
committer: rusty-snake <print_hello_world+Public@protonmail.com> 2019-06-16 13:04:28 +0200
commit: 4c935269605f9b53578b66b9d9c5596ccb886f0d (patch)
tree: a33b75b9d60169b5278cd66473db5a8ee30e3ea4 /etc/ping.profile
parent: Sort comented private-{bin,etc} lines (diff)
download: firejail-4c935269605f9b53578b66b9d9c5596ccb886f0d.tar.gz
firejail-4c935269605f9b53578b66b9d9c5596ccb886f0d.tar.zst
firejail-4c935269605f9b53578b66b9d9c5596ccb886f0d.zip
1 files changed, 1 insertions, 3 deletions
diff --git a/etc/ping.profile b/etc/ping.profile
index 66574bab5..00ac45c5a 100644
--- a/etc/ping.profile
+++ b/etc/ping.profile
@@ -30,10 +30,8 @@ nosound
 notv
 nou2f
 novideo
 # protocol command is built using seccomp; nonewprivs will kill it
 #protocol unix,inet,inet6,netlink,packet
 # killed by no-new-privs
 #seccomp
@@ -42,7 +40,7 @@ private
 #private-bin has mammoth problems with execvp: "No such file or directory"
 private-dev
 # /etc/hosts is required in private-etc; however, just adding it to the list doesn't solve the problem!
-#private-etc resolv.conf,hosts,ca-certificates,ssl,pki,crypto-policies
+#private-etc ca-certificates,crypto-policies,hosts,pki,resolv.conf,ssl
 private-tmp
 # memory-deny-write-execute is built using seccomp; nonewprivs will kill it
author	rusty-snake <print_hello_world+Public@protonmail.com>	2019-06-16 13:04:28 +0200
committer	rusty-snake <print_hello_world+Public@protonmail.com>	2019-06-16 13:04:28 +0200
commit	4c935269605f9b53578b66b9d9c5596ccb886f0d (patch)
tree	a33b75b9d60169b5278cd66473db5a8ee30e3ea4 /etc/ping.profile
parent	Sort comented private-{bin,etc} lines (diff)
download	firejail-4c935269605f9b53578b66b9d9c5596ccb886f0d.tar.gz firejail-4c935269605f9b53578b66b9d9c5596ccb886f0d.tar.zst firejail-4c935269605f9b53578b66b9d9c5596ccb886f0d.zip

diff --git a/etc/ping.profile b/etc/ping.profile index 66574bab5..00ac45c5a 100644 --- a/etc/ping.profile +++ b/etc/ping.profile
@@ -30,10 +30,8 @@ nosound
30	notv	30	notv
31	nou2f	31	nou2f
32	novideo	32	novideo
33
34	# protocol command is built using seccomp; nonewprivs will kill it	33	# protocol command is built using seccomp; nonewprivs will kill it
35	#protocol unix,inet,inet6,netlink,packet	34	#protocol unix,inet,inet6,netlink,packet
36
37	# killed by no-new-privs	35	# killed by no-new-privs
38	#seccomp	36	#seccomp
39		37
@@ -42,7 +40,7 @@ private
42	#private-bin has mammoth problems with execvp: "No such file or directory"	40	#private-bin has mammoth problems with execvp: "No such file or directory"
43	private-dev	41	private-dev
44	# /etc/hosts is required in private-etc; however, just adding it to the list doesn't solve the problem!	42	# /etc/hosts is required in private-etc; however, just adding it to the list doesn't solve the problem!
45	#private-etc resolv.conf,hosts,ca-certificates,ssl,pki,crypto-policies	43	#private-etc ca-certificates,crypto-policies,hosts,pki,resolv.conf,ssl
46	private-tmp	44	private-tmp
47		45
48	# memory-deny-write-execute is built using seccomp; nonewprivs will kill it	46	# memory-deny-write-execute is built using seccomp; nonewprivs will kill it