diff options
author | smitsohu <smitsohu@gmail.com> | 2022-04-10 18:26:36 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2022-04-10 18:32:17 +0200 |
commit | f3de2e37fd0bb3eb18393961f8382ff08fe3c3fb (patch) | |
tree | f8668f372b760917dac44e71b859537b0628fef2 /etc/profile-a-l | |
parent | harden dnsmasq (diff) | |
download | firejail-f3de2e37fd0bb3eb18393961f8382ff08fe3c3fb.tar.gz firejail-f3de2e37fd0bb3eb18393961f8382ff08fe3c3fb.tar.zst firejail-f3de2e37fd0bb3eb18393961f8382ff08fe3c3fb.zip |
libvirt dnsmasq: more fixes (#5089)
following up ce6f792efd0af09b95050864b71f79c46359fa49
/var/lib/libvirt is blacklisted in disable-common.inc
so merely whitelisting the directory is not enough
Diffstat (limited to 'etc/profile-a-l')
-rw-r--r-- | etc/profile-a-l/dnsmasq.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/profile-a-l/dnsmasq.profile b/etc/profile-a-l/dnsmasq.profile index abf7ecabe..13efd2fa8 100644 --- a/etc/profile-a-l/dnsmasq.profile +++ b/etc/profile-a-l/dnsmasq.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | 9 | ||
10 | noblacklist /sbin | 10 | noblacklist /sbin |
11 | noblacklist /usr/sbin | 11 | noblacklist /usr/sbin |
12 | noblacklist /var/lib/libvirt | ||
12 | 13 | ||
13 | blacklist /tmp/.X11-unix | 14 | blacklist /tmp/.X11-unix |
14 | blacklist ${RUNUSER} | 15 | blacklist ${RUNUSER} |