diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-03-23 02:44:12 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-03-28 11:49:51 -0300 |
commit | 7e1a5834b1e062fd7e259b22e6bcb07290e89d66 (patch) | |
tree | 94d887c661afc2db2caf90cb4eb88b6d7bed2bc4 /etc/profile-m-z | |
parent | cower: move blacklist from disable-programs to dc (diff) | |
download | firejail-7e1a5834b1e062fd7e259b22e6bcb07290e89d66.tar.gz firejail-7e1a5834b1e062fd7e259b22e6bcb07290e89d66.tar.zst firejail-7e1a5834b1e062fd7e259b22e6bcb07290e89d66.zip |
profiles: move read-only config entries to dc
Command used to search for entries:
$ git grep '^read-only ${HOME}/' -- 'etc/profile*'
Note for gpg: ~/.gnupg/gpg.conf is apparently only managed by gpgconf(1)
rather than through gpg(1) itself, in which case it does not need to be
made read-write in gpg.profile.
Diffstat (limited to 'etc/profile-m-z')
-rw-r--r-- | etc/profile-m-z/makepkg.profile | 1 | ||||
-rw-r--r-- | etc/profile-m-z/openbox.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/steam.profile | 1 |
3 files changed, 0 insertions, 4 deletions
diff --git a/etc/profile-m-z/makepkg.profile b/etc/profile-m-z/makepkg.profile index e9d245a6d..266d00395 100644 --- a/etc/profile-m-z/makepkg.profile +++ b/etc/profile-m-z/makepkg.profile | |||
@@ -19,7 +19,6 @@ blacklist ${RUNUSER}/wayland-* | |||
19 | 19 | ||
20 | # Enable severely restricted access to ${HOME}/.gnupg | 20 | # Enable severely restricted access to ${HOME}/.gnupg |
21 | noblacklist ${HOME}/.gnupg | 21 | noblacklist ${HOME}/.gnupg |
22 | read-only ${HOME}/.gnupg/gpg.conf | ||
23 | read-only ${HOME}/.gnupg/trustdb.gpg | 22 | read-only ${HOME}/.gnupg/trustdb.gpg |
24 | read-only ${HOME}/.gnupg/pubring.kbx | 23 | read-only ${HOME}/.gnupg/pubring.kbx |
25 | blacklist ${HOME}/.gnupg/random_seed | 24 | blacklist ${HOME}/.gnupg/random_seed |
diff --git a/etc/profile-m-z/openbox.profile b/etc/profile-m-z/openbox.profile index 2da867dec..9b566a42b 100644 --- a/etc/profile-m-z/openbox.profile +++ b/etc/profile-m-z/openbox.profile | |||
@@ -16,6 +16,4 @@ noroot | |||
16 | protocol unix,inet,inet6 | 16 | protocol unix,inet,inet6 |
17 | seccomp !chroot | 17 | seccomp !chroot |
18 | 18 | ||
19 | read-only ${HOME}/.config/openbox/autostart | ||
20 | read-only ${HOME}/.config/openbox/environment | ||
21 | #restrict-namespaces | 19 | #restrict-namespaces |
diff --git a/etc/profile-m-z/steam.profile b/etc/profile-m-z/steam.profile index a5b4d5d87..63d629a32 100644 --- a/etc/profile-m-z/steam.profile +++ b/etc/profile-m-z/steam.profile | |||
@@ -181,5 +181,4 @@ private-tmp | |||
181 | #dbus-user none | 181 | #dbus-user none |
182 | #dbus-system none | 182 | #dbus-system none |
183 | 183 | ||
184 | read-only ${HOME}/.config/MangoHud | ||
185 | #restrict-namespaces | 184 | #restrict-namespaces |