diff options
author | Michele Sorcinelli <michelesr@users.noreply.github.com> | 2024-03-05 14:02:40 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-05 14:02:40 +0000 |
commit | b9d11ed33c8df27affe046315ef0d603f3bf8495 (patch) | |
tree | be988481a8f06bacef2d30f4f8827ab561ac300b /etc/profile-m-z | |
parent | archiver-common: add mkinitcpio support to private-etc (#5656) (diff) | |
download | firejail-b9d11ed33c8df27affe046315ef0d603f3bf8495.tar.gz firejail-b9d11ed33c8df27affe046315ef0d603f3bf8495.tar.zst firejail-b9d11ed33c8df27affe046315ef0d603f3bf8495.zip |
ssh: whitelist gcr-ssh-agent unix socket (#6258)
Since gnome-keyring 1.46, the ssh-agent functionality has been removed
and gcr-ssh-agent is the recommended alternative.
Source:
- https://gitlab.gnome.org/GNOME/gcr/-/merge_requests/67
- https://wiki.archlinux.org/title/GNOME/Keyring#SSH_keys
Diffstat (limited to 'etc/profile-m-z')
-rw-r--r-- | etc/profile-m-z/ssh.profile | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index fde85be64..62efa28db 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -18,6 +18,7 @@ include disable-common.inc | |||
18 | include disable-exec.inc | 18 | include disable-exec.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | 20 | ||
21 | whitelist ${RUNUSER}/gcr/ssh | ||
21 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh | 22 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh |
22 | whitelist ${RUNUSER}/keyring/ssh | 23 | whitelist ${RUNUSER}/keyring/ssh |
23 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |