diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-09-08 20:28:39 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-09-08 20:28:39 +0000 |
commit | 032aa1ff1b992c5c1395ae1ee23c52fde41fbcd1 (patch) | |
tree | 2387d9f2fbd71a280a9ba9cb317217c31c7797e6 /etc/profile-m-z/server.profile | |
parent | transgui: hardening (#5989) (diff) | |
parent | profiles: fix commented code and eol comments (diff) | |
download | firejail-032aa1ff1b992c5c1395ae1ee23c52fde41fbcd1.tar.gz firejail-032aa1ff1b992c5c1395ae1ee23c52fde41fbcd1.tar.zst firejail-032aa1ff1b992c5c1395ae1ee23c52fde41fbcd1.zip |
Merge pull request #5987 from kmk3/profiles-fix-eol-comments
profiles: fix commented code and eol comments
Diffstat (limited to 'etc/profile-m-z/server.profile')
-rw-r--r-- | etc/profile-m-z/server.profile | 50 |
1 files changed, 25 insertions, 25 deletions
diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile index 667f9c557..74587c992 100644 --- a/etc/profile-m-z/server.profile +++ b/etc/profile-m-z/server.profile | |||
@@ -34,36 +34,36 @@ include globals.local | |||
34 | noblacklist /sbin | 34 | noblacklist /sbin |
35 | noblacklist /usr/sbin | 35 | noblacklist /usr/sbin |
36 | noblacklist /etc/init.d | 36 | noblacklist /etc/init.d |
37 | # noblacklist /var/opt | 37 | #noblacklist /var/opt |
38 | 38 | ||
39 | blacklist /tmp/.X11-unix | 39 | blacklist /tmp/.X11-unix |
40 | blacklist ${RUNUSER}/wayland-* | 40 | blacklist ${RUNUSER}/wayland-* |
41 | 41 | ||
42 | include disable-common.inc | 42 | include disable-common.inc |
43 | # include disable-devel.inc | 43 | #include disable-devel.inc |
44 | # include disable-exec.inc | 44 | #include disable-exec.inc |
45 | # include disable-interpreters.inc | 45 | #include disable-interpreters.inc |
46 | include disable-programs.inc | 46 | include disable-programs.inc |
47 | include disable-write-mnt.inc | 47 | include disable-write-mnt.inc |
48 | include disable-xdg.inc | 48 | include disable-xdg.inc |
49 | 49 | ||
50 | # include whitelist-runuser-common.inc | 50 | #include whitelist-runuser-common.inc |
51 | # include whitelist-usr-share-common.inc | 51 | #include whitelist-usr-share-common.inc |
52 | # include whitelist-var-common.inc | 52 | #include whitelist-var-common.inc |
53 | 53 | ||
54 | # people use to install servers all over the place! | 54 | # people use to install servers all over the place! |
55 | # apparmor runs executable only from default system locations | 55 | # apparmor runs executable only from default system locations |
56 | # apparmor | 56 | #apparmor |
57 | caps | 57 | caps |
58 | # ipc-namespace | 58 | #ipc-namespace |
59 | machine-id | 59 | machine-id |
60 | # netfilter /etc/firejail/webserver.net | 60 | #netfilter /etc/firejail/webserver.net |
61 | no3d | 61 | no3d |
62 | nodvd | 62 | nodvd |
63 | # nogroups | 63 | #nogroups |
64 | noinput | 64 | noinput |
65 | nonewprivs | 65 | nonewprivs |
66 | # noroot | 66 | #noroot |
67 | nosound | 67 | nosound |
68 | notv | 68 | notv |
69 | nou2f | 69 | nou2f |
@@ -74,22 +74,22 @@ tab # allow tab completion | |||
74 | 74 | ||
75 | disable-mnt | 75 | disable-mnt |
76 | private | 76 | private |
77 | # private-bin program | 77 | #private-bin program |
78 | # private-cache | 78 | #private-cache |
79 | private-dev | 79 | private-dev |
80 | # see /usr/share/doc/firejail/profile.template for more common private-etc paths. | 80 | # see /usr/share/doc/firejail/profile.template for more common private-etc paths. |
81 | # private-etc alternatives | 81 | #private-etc alternatives |
82 | # private-lib | 82 | #private-lib |
83 | # private-opt none | 83 | #private-opt none |
84 | private-tmp | 84 | private-tmp |
85 | # writable-run-user | 85 | #writable-run-user |
86 | # writable-var | 86 | #writable-var |
87 | # writable-var-log | 87 | #writable-var-log |
88 | 88 | ||
89 | dbus-user none | 89 | dbus-user none |
90 | # dbus-system none | 90 | #dbus-system none |
91 | 91 | ||
92 | # deterministic-shutdown | 92 | #deterministic-shutdown |
93 | # memory-deny-write-execute | 93 | #memory-deny-write-execute |
94 | # read-only ${HOME} | 94 | #read-only ${HOME} |
95 | # restrict-namespaces | 95 | #restrict-namespaces |