Profile fixes

- Fix #4157 -- [Feature] Should rmenv GitHub auth tokens There are still more token variables from other program that should be added. - Fix #4093 -- darktable needs read access to liblua* - Fix #4383 -- move noblacklist ${HOME}/.bogofilter to email-common.profile for claws-mail (and other mailers) - Fix xournalpp.profile - syscalls.txt: ausyscall i386 -> firejail --debug-syscalls32
author: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2021-08-04 16:29:41 +0200
committer: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2021-08-04 16:33:11 +0200
commit: f4b36e80321379c4917c7ab9c9b3bbcfad05899f (patch)
tree: 47f06094fc7568a848af10ffdb1393f9083abde6 /etc/templates
parent: Added ~/Private blacklist (#4434) (diff)
download: firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.gz
firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.zst
firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/templates/syscalls.txt b/etc/templates/syscalls.txt
index 38f789923..827b075e5 100644
--- a/etc/templates/syscalls.txt
+++ b/etc/templates/syscalls.txt
@@ -95,7 +95,7 @@ Now switch back to the first terminal (where `journalctl` is running) and look
 for the numbers of the blocked syscall(s) (`syscall=<NUMBER>`). As soon as you
 have found them, you can stop `journalctl` (^C) and execute
 `firejail --debug-syscalls | grep NUMBER` to get the name of the syscall.
-In the particular case that it is a 32bit syscall on a 64bit system, use `ausyscall i386 NUMBER`.
+In the particular case that it is a 32bit syscall on a 64bit system, use `firejail --debug-syscalls32 | grep NUMBER`.
 Now you can add a seccomp exception using `seccomp !NAME`.
 If the blocked syscall is ptrace, consider to add allow-debuggers to the profile.
author	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2021-08-04 16:29:41 +0200
committer	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2021-08-04 16:33:11 +0200
commit	f4b36e80321379c4917c7ab9c9b3bbcfad05899f (patch)
tree	47f06094fc7568a848af10ffdb1393f9083abde6 /etc/templates
parent	Added ~/Private blacklist (#4434) (diff)
download	firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.gz firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.tar.zst firejail-f4b36e80321379c4917c7ab9c9b3bbcfad05899f.zip

diff --git a/etc/templates/syscalls.txt b/etc/templates/syscalls.txt index 38f789923..827b075e5 100644 --- a/etc/templates/syscalls.txt +++ b/etc/templates/syscalls.txt
@@ -95,7 +95,7 @@ Now switch back to the first terminal (where `journalctl` is running) and look
95	for the numbers of the blocked syscall(s) (`syscall=<NUMBER>`). As soon as you	95	for the numbers of the blocked syscall(s) (`syscall=<NUMBER>`). As soon as you
96	have found them, you can stop `journalctl` (^C) and execute	96	have found them, you can stop `journalctl` (^C) and execute
97	`firejail --debug-syscalls \| grep NUMBER` to get the name of the syscall.	97	`firejail --debug-syscalls \| grep NUMBER` to get the name of the syscall.
98	In the particular case that it is a 32bit syscall on a 64bit system, use `ausyscall i386 NUMBER`.	98	In the particular case that it is a 32bit syscall on a 64bit system, use `firejail --debug-syscalls32 \| grep NUMBER`.
99	Now you can add a seccomp exception using `seccomp !NAME`.	99	Now you can add a seccomp exception using `seccomp !NAME`.
100		100
101	If the blocked syscall is ptrace, consider to add allow-debuggers to the profile.	101	If the blocked syscall is ptrace, consider to add allow-debuggers to the profile.