Replace `nodbus` with dbus-* filters

See - 07fac581f6b9b5ed068f4c54a9521b51826375c5 for new dbus filters - https://github.com/netblue30/firejail/pull/3326#issuecomment-610423183 Except for ocenaudio, access/restrictions on dbus options should be unchanged Ocenaudio profile: dbus filters were sandboxed (initially `nodbus` was enabled) since comments indicated blocking dbus meant preferences were broken
author: Fred Barclay <Fred-Barclay@users.noreply.github.com> 2020-04-07 16:14:25 -0500
committer: Fred Barclay <Fred-Barclay@users.noreply.github.com> 2020-04-07 16:14:25 -0500
commit: 3848b98961614e1776b29ecfb76ef4c750b6b25f (patch)
tree: 3c7f0b623978562ee23fba7f52b6a039571cebea /etc/zeal.profile
parent: dbus-proxy (gnome_games) (diff)
download: firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.gz
firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.zst
firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/etc/zeal.profile b/etc/zeal.profile
index f0fa29aa3..943d39097 100644
--- a/etc/zeal.profile
+++ b/etc/zeal.profile
@@ -32,7 +32,6 @@ caps.drop all
 machine-id
 netfilter
 no3d
-nodbus
 nodvd
 nogroups
 nonewprivs
@@ -53,4 +52,7 @@ private-dev
 private-etc alternatives,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssl,Trolltech.conf,X11,xdg
 private-tmp
+dbus-user none
+dbus-system none
 memory-deny-write-execute
author	Fred Barclay <Fred-Barclay@users.noreply.github.com>	2020-04-07 16:14:25 -0500
committer	Fred Barclay <Fred-Barclay@users.noreply.github.com>	2020-04-07 16:14:25 -0500
commit	3848b98961614e1776b29ecfb76ef4c750b6b25f (patch)
tree	3c7f0b623978562ee23fba7f52b6a039571cebea /etc/zeal.profile
parent	dbus-proxy (gnome_games) (diff)
download	firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.gz firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.tar.zst firejail-3848b98961614e1776b29ecfb76ef4c750b6b25f.zip

diff --git a/etc/zeal.profile b/etc/zeal.profile index f0fa29aa3..943d39097 100644 --- a/etc/zeal.profile +++ b/etc/zeal.profile
@@ -32,7 +32,6 @@ caps.drop all
32	machine-id	32	machine-id
33	netfilter	33	netfilter
34	no3d	34	no3d
35	nodbus
36	nodvd	35	nodvd
37	nogroups	36	nogroups
38	nonewprivs	37	nonewprivs
@@ -53,4 +52,7 @@ private-dev
53	private-etc alternatives,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssl,Trolltech.conf,X11,xdg	52	private-etc alternatives,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssl,Trolltech.conf,X11,xdg
54	private-tmp	53	private-tmp
55		54
		55	dbus-user none
		56	dbus-system none
		57
56	memory-deny-write-execute	58	memory-deny-write-execute