diff options
| author |  Kelvin M. Klann <kmk3.code@protonmail.com> | 2024-03-25 06:42:07 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2024-03-25 06:42:07 +0000 |
| commit | 7047e1a68955adc789d028ededdf0790a45d01f5 (patch) | |
| tree | 6b68bb17d28465f91d72f0640dc6138b9ef6b6df /etc/profile-m-z/qemu-common.profile | |
| parent | build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 (diff) | |
| download | firejail-7047e1a68955adc789d028ededdf0790a45d01f5.tar.gz firejail-7047e1a68955adc789d028ededdf0790a45d01f5.tar.zst firejail-7047e1a68955adc789d028ededdf0790a45d01f5.zip | |
New profile: qemu-common.profile (#6287)
Add a common profile to deduplicate entries and make qemu-related
profiles redirect to it.
Relates to #6255.
Diffstat (limited to 'etc/profile-m-z/qemu-common.profile')
| -rw-r--r-- | etc/profile-m-z/qemu-common.profile | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/etc/profile-m-z/qemu-common.profile b/etc/profile-m-z/qemu-common.profile new file mode 100644 index 000000000..bf8c2b977 --- /dev/null +++ b/etc/profile-m-z/qemu-common.profile | |||
| @@ -0,0 +1,28 @@ | |||
| 1 | # Firejail profile for QEMU | ||
| 2 | # Description: Machine & userspace emulator and virtualizer | ||
| 3 | # This file is overwritten after every install/update | ||
| 4 | # Persistent local customizations | ||
| 5 | include qemu-common.local | ||
| 6 | # Persistent global definitions | ||
| 7 | # added by caller profile | ||
| 8 | #include globals.local | ||
| 9 | |||
| 10 | include disable-common.inc | ||
| 11 | include disable-programs.inc | ||
| 12 | |||
| 13 | caps.drop all | ||
| 14 | netfilter | ||
| 15 | nodvd | ||
| 16 | nogroups | ||
| 17 | nonewprivs | ||
| 18 | noroot | ||
| 19 | notv | ||
| 20 | protocol unix,inet,inet6 | ||
| 21 | seccomp | ||
| 22 | tracelog | ||
| 23 | |||
| 24 | private-cache | ||
| 25 | private-tmp | ||
| 26 | |||
| 27 | noexec /tmp | ||
| 28 | restrict-namespaces | ||