diff options
| author |  Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-01-09 21:41:43 -0300 |
|---|---|---|
| committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-01-27 18:18:38 -0300 |
| commit | 83ac0239722f85ffed15e3b6b6088bfff547ac1b (patch) | |
| tree | bab7befdd0200dac19366bdb3fcf290487e1c761 /etc/profile-m-z/ssh-agent.profile | |
| parent | git-cola.profile: add missing python template comment (diff) | |
| download | firejail-83ac0239722f85ffed15e3b6b6088bfff547ac1b.tar.gz firejail-83ac0239722f85ffed15e3b6b6088bfff547ac1b.tar.zst firejail-83ac0239722f85ffed15e3b6b6088bfff547ac1b.zip | |
etc: add allow-ssh.inc
And move the scattered `noblacklist ${HOME}/.ssh` entries into it.
Command used to find the relevant files:
$ grep -Fnr 'noblacklist ${HOME}/.ssh' etc
Also, add it to profile.template, as reminded by @rusty-snake at
https://github.com/netblue30/firejail/pull/3885#pullrequestreview-567527031
Diffstat (limited to 'etc/profile-m-z/ssh-agent.profile')
| -rw-r--r-- | etc/profile-m-z/ssh-agent.profile | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile index 01b63d3ce..d2e2b3408 100644 --- a/etc/profile-m-z/ssh-agent.profile +++ b/etc/profile-m-z/ssh-agent.profile | |||
| @@ -8,7 +8,9 @@ include globals.local | |||
| 8 | 8 | ||
| 9 | noblacklist /etc/ssh | 9 | noblacklist /etc/ssh |
| 10 | noblacklist /tmp/ssh-* | 10 | noblacklist /tmp/ssh-* |
| 11 | noblacklist ${HOME}/.ssh | 11 | |
| 12 | # Allow ssh (blacklisted by disable-common.inc) | ||
| 13 | include allow-ssh.inc | ||
| 12 | 14 | ||
| 13 | blacklist /tmp/.X11-unix | 15 | blacklist /tmp/.X11-unix |
| 14 | blacklist ${RUNUSER}/wayland-* | 16 | blacklist ${RUNUSER}/wayland-* |