diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-02 14:09:20 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-02 14:09:20 +0200 |
commit | 217d0e259470ed004db45b3508b03688556dc44a (patch) | |
tree | ff9a08ee14665cb995f24f0ac5a4dd0e079fccf4 /etc/strings.profile | |
parent | Merge branch 'master' of github.com:netblue30/firejail (diff) | |
download | firejail-217d0e259470ed004db45b3508b03688556dc44a.tar.gz firejail-217d0e259470ed004db45b3508b03688556dc44a.tar.zst firejail-217d0e259470ed004db45b3508b03688556dc44a.zip |
many profile cleanups
Diffstat (limited to 'etc/strings.profile')
-rw-r--r-- | etc/strings.profile | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/etc/strings.profile b/etc/strings.profile index 0caecdf7b..ace0d9351 100644 --- a/etc/strings.profile +++ b/etc/strings.profile | |||
@@ -4,30 +4,43 @@ quiet | |||
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include strings.local | 5 | include strings.local |
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | # added by included profile | 7 | include globals.local |
8 | #include globals.local | ||
9 | 8 | ||
10 | blacklist /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | |||
11 | include disable-common.inc | ||
12 | include disable-devel.inc | ||
11 | include disable-exec.inc | 13 | include disable-exec.inc |
14 | include disable-interpreters.inc | ||
15 | include disable-passwdmgr.inc | ||
16 | include disable-programs.inc | ||
12 | 17 | ||
13 | ignore noroot | 18 | apparmor |
19 | caps.drop all | ||
20 | ipc-namespace | ||
21 | machine-id | ||
14 | net none | 22 | net none |
15 | no3d | 23 | no3d |
16 | nodbus | 24 | nodbus |
17 | nodvd | 25 | nodvd |
26 | nogroups | ||
27 | nonewprivs | ||
28 | #noroot | ||
18 | nosound | 29 | nosound |
19 | notv | 30 | notv |
20 | nou2f | 31 | nou2f |
21 | novideo | 32 | novideo |
33 | protocol unix | ||
34 | seccomp | ||
22 | shell none | 35 | shell none |
23 | tracelog | 36 | tracelog |
24 | 37 | ||
38 | #private | ||
25 | private-bin strings | 39 | private-bin strings |
26 | private-cache | 40 | private-cache |
27 | private-dev | 41 | private-dev |
28 | private-etc alternatives | 42 | private-etc alternatives |
29 | private-lib libfakeroot | 43 | private-lib libfakeroot |
44 | private-tmp | ||
30 | 45 | ||
31 | memory-deny-write-execute | 46 | memory-deny-write-execute |
32 | |||
33 | include default.profile | ||