aboutsummaryrefslogtreecommitdiffstats
path: root/etc/profile-a-l/journal-viewer.profile
diff options
context:
space:
mode:
authorLibravatar glitsj16 <glitsj16@users.noreply.github.com>2023-09-23 01:42:08 +0000
committerLibravatar GitHub <noreply@github.com>2023-09-23 01:42:08 +0000
commitdd55390120efe17550ddcec1b336d8c1c44806a4 (patch)
tree1ca7630e03685f334e0d35b0d26bc132aca23997 /etc/profile-a-l/journal-viewer.profile
parentMerge pull request #5993 from kmk3/modif-keep-pipewire-group (diff)
downloadfirejail-dd55390120efe17550ddcec1b336d8c1c44806a4.tar.gz
firejail-dd55390120efe17550ddcec1b336d8c1c44806a4.tar.zst
firejail-dd55390120efe17550ddcec1b336d8c1c44806a4.zip
profiles: refactor log viewers (#5996)
* profiles: refactor log viewers Introduces system-log-common.profile as a common profile for existing GUI log viewer applications. * system-log-common: enable no3d
Diffstat (limited to 'etc/profile-a-l/journal-viewer.profile')
-rw-r--r--etc/profile-a-l/journal-viewer.profile50
1 files changed, 3 insertions, 47 deletions
diff --git a/etc/profile-a-l/journal-viewer.profile b/etc/profile-a-l/journal-viewer.profile
index f73595fb1..eb007b765 100644
--- a/etc/profile-a-l/journal-viewer.profile
+++ b/etc/profile-a-l/journal-viewer.profile
@@ -9,60 +9,16 @@ include globals.local
9noblacklist ${HOME}/.cache/journal-viewer 9noblacklist ${HOME}/.cache/journal-viewer
10noblacklist ${HOME}/.local/share/com.vmingueza.journal-viewer 10noblacklist ${HOME}/.local/share/com.vmingueza.journal-viewer
11 11
12include disable-common.inc
13include disable-devel.inc
14include disable-exec.inc
15include disable-interpreters.inc
16include disable-proc.inc
17include disable-programs.inc
18include disable-shell.inc
19include disable-xdg.inc
20
21mkdir ${HOME}/.cache/journal-viewer 12mkdir ${HOME}/.cache/journal-viewer
22mkdir ${HOME}/.local/share/com.vmingueza.journal-viewer 13mkdir ${HOME}/.local/share/com.vmingueza.journal-viewer
23whitelist ${HOME}/.cache/journal-viewer 14whitelist ${HOME}/.cache/journal-viewer
24whitelist ${HOME}/.local/share/com.vmingueza.journal-viewer 15whitelist ${HOME}/.local/share/com.vmingueza.journal-viewer
25whitelist /run/log/journal
26whitelist /var/log/journal
27include whitelist-common.inc
28include whitelist-run-common.inc
29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc
31include whitelist-var-common.inc
32
33apparmor
34caps.drop all
35ipc-namespace
36net none
37no3d
38nodvd
39nogroups
40noinput
41nonewprivs
42noprinters
43noroot
44nosound
45notv
46nou2f
47novideo
48protocol unix
49seccomp
50seccomp.block-secondary
51tracelog
52 16
53disable-mnt
54private-bin journal-viewer 17private-bin journal-viewer
55private-cache
56private-dev
57private-etc machine-id
58private-lib webkit2gtk-* 18private-lib webkit2gtk-*
59private-tmp
60 19
61dbus-user none
62dbus-system none
63
64restrict-namespaces
65read-only ${HOME}
66read-write ${HOME}/.cache/journal-viewer 20read-write ${HOME}/.cache/journal-viewer
67read-write ${HOME}/.local/share/com.vmingueza.journal-viewer 21read-write ${HOME}/.local/share/com.vmingueza.journal-viewer
68writable-var-log 22
23# Redirect
24include system-log-common.profile
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-20 16:33:51 +0000