Merge pull request #1427 from SpotComms/pr

Unify all profiles
author: Fred Barclay <Fred-Barclay@users.noreply.github.com> 2017-08-07 13:41:08 -0500
committer: GitHub <noreply@github.com> 2017-08-07 13:41:08 -0500
commit: e24b15f8647997dbb26a7152c921af94e36294ce (patch)
tree: 4c98b42844c8c67853643d4b4b7253dbd8764f1e /etc/rambox.profile
parent: merges (diff)
parent: Unify last 8 profiles (diff)
download: firejail-e24b15f8647997dbb26a7152c921af94e36294ce.tar.gz
firejail-e24b15f8647997dbb26a7152c921af94e36294ce.tar.zst
firejail-e24b15f8647997dbb26a7152c921af94e36294ce.zip
1 files changed, 15 insertions, 17 deletions
diff --git a/etc/rambox.profile b/etc/rambox.profile
index 2c70fbd13..a5b87e901 100644
--- a/etc/rambox.profile
+++ b/etc/rambox.profile
@@ -1,16 +1,23 @@
-#Persistent global definitions go here
+# Firejail profile for rambox
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-#This file is overwritten during software install.
-#Persistent customizations should go in a .local file.
 include /etc/firejail/rambox.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-# Rambox profile for firejail
 noblacklist ~/.config/Rambox
 noblacklist ~/.pki
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-programs.inc
+mkdir ~/.config/Rambox
+mkdir ~/.pki
+whitelist ${DOWNLOADS}
+whitelist ~/.config/Rambox
+whitelist ~/.pki
+include /etc/firejail/whitelist-common.inc
 caps.drop all
 netfilter
@@ -19,13 +26,4 @@ nonewprivs
 noroot
 protocol unix,inet,inet6,netlink
 seccomp
-#tracelog
+# tracelog
-whitelist ${DOWNLOADS}
-mkdir ~/.config/Rambox
-whitelist ~/.config/Rambox
-mkdir ~/.pki
-whitelist ~/.pki
-include /etc/firejail/whitelist-common.inc
author	Fred Barclay <Fred-Barclay@users.noreply.github.com>	2017-08-07 13:41:08 -0500
committer	GitHub <noreply@github.com>	2017-08-07 13:41:08 -0500
commit	e24b15f8647997dbb26a7152c921af94e36294ce (patch)
tree	4c98b42844c8c67853643d4b4b7253dbd8764f1e /etc/rambox.profile
parent	merges (diff)
parent	Unify last 8 profiles (diff)
download	firejail-e24b15f8647997dbb26a7152c921af94e36294ce.tar.gz firejail-e24b15f8647997dbb26a7152c921af94e36294ce.tar.zst firejail-e24b15f8647997dbb26a7152c921af94e36294ce.zip

diff --git a/etc/rambox.profile b/etc/rambox.profile index 2c70fbd13..a5b87e901 100644 --- a/etc/rambox.profile +++ b/etc/rambox.profile
@@ -1,16 +1,23 @@
1	#Persistent global definitions go here	1	# Firejail profile for rambox
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	#This file is overwritten during software install.
5	#Persistent customizations should go in a .local file.
6	include /etc/firejail/rambox.local	4	include /etc/firejail/rambox.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	# Rambox profile for firejail
9	noblacklist ~/.config/Rambox	8	noblacklist ~/.config/Rambox
10	noblacklist ~/.pki	9	noblacklist ~/.pki
		10
11	include /etc/firejail/disable-common.inc	11	include /etc/firejail/disable-common.inc
12	include /etc/firejail/disable-programs.inc
13	include /etc/firejail/disable-devel.inc	12	include /etc/firejail/disable-devel.inc
		13	include /etc/firejail/disable-programs.inc
		14
		15	mkdir ~/.config/Rambox
		16	mkdir ~/.pki
		17	whitelist ${DOWNLOADS}
		18	whitelist ~/.config/Rambox
		19	whitelist ~/.pki
		20	include /etc/firejail/whitelist-common.inc
14		21
15	caps.drop all	22	caps.drop all
16	netfilter	23	netfilter
@@ -19,13 +26,4 @@ nonewprivs
19	noroot	26	noroot
20	protocol unix,inet,inet6,netlink	27	protocol unix,inet,inet6,netlink
21	seccomp	28	seccomp
22	#tracelog	29	# tracelog
23
24	whitelist ${DOWNLOADS}
25	mkdir ~/.config/Rambox
26	whitelist ~/.config/Rambox
27	mkdir ~/.pki
28	whitelist ~/.pki
29
30	include /etc/firejail/whitelist-common.inc
31