diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-08-04 16:29:41 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-08-04 16:33:11 +0200 |
commit | f4b36e80321379c4917c7ab9c9b3bbcfad05899f (patch) | |
tree | 47f06094fc7568a848af10ffdb1393f9083abde6 /etc/templates | |
parent | Added ~/Private blacklist (#4434) (diff) | |
download | firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.gz firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.zst firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.zip |
Profile fixes
- Fix #4157 -- [Feature] Should rmenv GitHub auth tokens
There are still more token variables from other program that should be
added.
- Fix #4093 -- darktable needs read access to liblua*
- Fix #4383 -- move noblacklist ${HOME}/.bogofilter to email-common.profile for claws-mail (and other mailers)
- Fix xournalpp.profile
- syscalls.txt: ausyscall i386 -> firejail --debug-syscalls32
Diffstat (limited to 'etc/templates')
-rw-r--r-- | etc/templates/syscalls.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/templates/syscalls.txt b/etc/templates/syscalls.txt index 38f789923..827b075e5 100644 --- a/etc/templates/syscalls.txt +++ b/etc/templates/syscalls.txt | |||
@@ -95,7 +95,7 @@ Now switch back to the first terminal (where `journalctl` is running) and look | |||
95 | for the numbers of the blocked syscall(s) (`syscall=<NUMBER>`). As soon as you | 95 | for the numbers of the blocked syscall(s) (`syscall=<NUMBER>`). As soon as you |
96 | have found them, you can stop `journalctl` (^C) and execute | 96 | have found them, you can stop `journalctl` (^C) and execute |
97 | `firejail --debug-syscalls | grep NUMBER` to get the name of the syscall. | 97 | `firejail --debug-syscalls | grep NUMBER` to get the name of the syscall. |
98 | In the particular case that it is a 32bit syscall on a 64bit system, use `ausyscall i386 NUMBER`. | 98 | In the particular case that it is a 32bit syscall on a 64bit system, use `firejail --debug-syscalls32 | grep NUMBER`. |
99 | Now you can add a seccomp exception using `seccomp !NAME`. | 99 | Now you can add a seccomp exception using `seccomp !NAME`. |
100 | 100 | ||
101 | If the blocked syscall is ptrace, consider to add allow-debuggers to the profile. | 101 | If the blocked syscall is ptrace, consider to add allow-debuggers to the profile. |