diff options
author | smitsohu <smitsohu@gmail.com> | 2018-03-30 11:34:19 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-03-30 12:13:38 +0200 |
commit | 3a6f7552de0aa2fe5e97e50a5b1d37c4f0f10494 (patch) | |
tree | c14aedd44e9373fe442b12ebca62f169f2ede482 /etc | |
parent | comment nodbus where it interferes with dconf (diff) | |
download | firejail-3a6f7552de0aa2fe5e97e50a5b1d37c4f0f10494.tar.gz firejail-3a6f7552de0aa2fe5e97e50a5b1d37c4f0f10494.tar.zst firejail-3a6f7552de0aa2fe5e97e50a5b1d37c4f0f10494.zip |
comment apparmor, net where they interfere with dconf - #1843
Diffstat (limited to 'etc')
-rw-r--r-- | etc/audacity.profile | 2 | ||||
-rw-r--r-- | etc/engrampa.profile | 4 | ||||
-rw-r--r-- | etc/eog.profile | 8 | ||||
-rw-r--r-- | etc/eom.profile | 8 | ||||
-rw-r--r-- | etc/file-roller.profile | 4 | ||||
-rw-r--r-- | etc/gedit.profile | 8 | ||||
-rw-r--r-- | etc/gimp.profile | 8 | ||||
-rw-r--r-- | etc/gnome-calculator.profile | 8 | ||||
-rw-r--r-- | etc/kcalc.profile | 1 | ||||
-rw-r--r-- | etc/pluma.profile | 8 | ||||
-rw-r--r-- | etc/rhythmbox.profile | 6 | ||||
-rw-r--r-- | etc/totem.profile | 6 | ||||
-rw-r--r-- | etc/xed.profile | 8 | ||||
-rw-r--r-- | etc/xplayer.profile | 6 | ||||
-rw-r--r-- | etc/xviewer.profile | 8 |
15 files changed, 33 insertions, 60 deletions
diff --git a/etc/audacity.profile b/etc/audacity.profile index e8ad7347a..907dbeb55 100644 --- a/etc/audacity.profile +++ b/etc/audacity.profile | |||
@@ -18,7 +18,7 @@ apparmor | |||
18 | caps.drop all | 18 | caps.drop all |
19 | net none | 19 | net none |
20 | no3d | 20 | no3d |
21 | # nodbus | 21 | # nodbus - problems on Fedora 27 |
22 | nodvd | 22 | nodvd |
23 | nogroups | 23 | nogroups |
24 | nonewprivs | 24 | nonewprivs |
diff --git a/etc/engrampa.profile b/etc/engrampa.profile index 25607d0a0..cf32d579e 100644 --- a/etc/engrampa.profile +++ b/etc/engrampa.profile | |||
@@ -12,13 +12,11 @@ include /etc/firejail/disable-programs.inc | |||
12 | 12 | ||
13 | include /etc/firejail/whitelist-var-common.inc | 13 | include /etc/firejail/whitelist-var-common.inc |
14 | 14 | ||
15 | # following line makes settings immutable | ||
16 | apparmor | 15 | apparmor |
17 | caps.drop all | 16 | caps.drop all |
18 | net none | 17 | net none |
19 | no3d | 18 | no3d |
20 | # following line makes settings immutable | 19 | nodbus |
21 | # nodbus | ||
22 | nodvd | 20 | nodvd |
23 | nogroups | 21 | nogroups |
24 | nonewprivs | 22 | nonewprivs |
diff --git a/etc/eog.profile b/etc/eog.profile index cbb0dc3cf..66434ae05 100644 --- a/etc/eog.profile +++ b/etc/eog.profile | |||
@@ -17,13 +17,11 @@ include /etc/firejail/disable-programs.inc | |||
17 | 17 | ||
18 | include /etc/firejail/whitelist-var-common.inc | 18 | include /etc/firejail/whitelist-var-common.inc |
19 | 19 | ||
20 | # following line makes settings immutable | 20 | # apparmor - makes settings immutable |
21 | apparmor | ||
22 | caps.drop all | 21 | caps.drop all |
23 | net none | 22 | # net none - makes settings immutable |
24 | no3d | 23 | no3d |
25 | # following line makes settings immutable | 24 | # nodbus - makes settings immutable |
26 | # nodbus | ||
27 | nodvd | 25 | nodvd |
28 | nogroups | 26 | nogroups |
29 | nonewprivs | 27 | nonewprivs |
diff --git a/etc/eom.profile b/etc/eom.profile index 93acd7f28..48965bcb9 100644 --- a/etc/eom.profile +++ b/etc/eom.profile | |||
@@ -17,13 +17,11 @@ include /etc/firejail/disable-programs.inc | |||
17 | 17 | ||
18 | include /etc/firejail/whitelist-var-common.inc | 18 | include /etc/firejail/whitelist-var-common.inc |
19 | 19 | ||
20 | # following line makes settings immutable | 20 | # apparmor - makes settings immutable |
21 | apparmor | ||
22 | caps.drop all | 21 | caps.drop all |
23 | net none | 22 | # net none - makes settings immutable |
24 | no3d | 23 | no3d |
25 | # following line makes settings immutable | 24 | # nodbus - makes settings immutable |
26 | # nodbus | ||
27 | nodvd | 25 | nodvd |
28 | nogroups | 26 | nogroups |
29 | nonewprivs | 27 | nonewprivs |
diff --git a/etc/file-roller.profile b/etc/file-roller.profile index f21f8af85..eb76d1dbb 100644 --- a/etc/file-roller.profile +++ b/etc/file-roller.profile | |||
@@ -12,13 +12,11 @@ include /etc/firejail/disable-programs.inc | |||
12 | 12 | ||
13 | include /etc/firejail/whitelist-var-common.inc | 13 | include /etc/firejail/whitelist-var-common.inc |
14 | 14 | ||
15 | # following line makes settings immutable | ||
16 | apparmor | 15 | apparmor |
17 | caps.drop all | 16 | caps.drop all |
18 | net none | 17 | net none |
19 | no3d | 18 | no3d |
20 | # following line makes settings immutable | 19 | nodbus |
21 | # nodbus | ||
22 | nodvd | 20 | nodvd |
23 | nogroups | 21 | nogroups |
24 | nonewprivs | 22 | nonewprivs |
diff --git a/etc/gedit.profile b/etc/gedit.profile index 49d99becf..e78b8a708 100644 --- a/etc/gedit.profile +++ b/etc/gedit.profile | |||
@@ -16,14 +16,12 @@ include /etc/firejail/disable-programs.inc | |||
16 | 16 | ||
17 | include /etc/firejail/whitelist-var-common.inc | 17 | include /etc/firejail/whitelist-var-common.inc |
18 | 18 | ||
19 | # following line makes settings immutable | 19 | # apparmor - makes settings immutable |
20 | apparmor | ||
21 | caps.drop all | 20 | caps.drop all |
22 | machine-id | 21 | machine-id |
23 | net none | 22 | # net none - makes settings immutable |
24 | no3d | 23 | no3d |
25 | # following line makes settings immutable | 24 | # nodbus - makes settings immutable |
26 | # nodbus | ||
27 | nodvd | 25 | nodvd |
28 | nogroups | 26 | nogroups |
29 | nonewprivs | 27 | nonewprivs |
diff --git a/etc/gimp.profile b/etc/gimp.profile index 5685eb5c1..630f02229 100644 --- a/etc/gimp.profile +++ b/etc/gimp.profile | |||
@@ -13,12 +13,10 @@ include /etc/firejail/disable-programs.inc | |||
13 | 13 | ||
14 | include /etc/firejail/whitelist-var-common.inc | 14 | include /etc/firejail/whitelist-var-common.inc |
15 | 15 | ||
16 | # following line makes settings immutable | 16 | # apparmor - makes settings immutable |
17 | apparmor | ||
18 | caps.drop all | 17 | caps.drop all |
19 | net none | 18 | # net none - makes settings immutable |
20 | # following line makes settings immutable | 19 | # nodbus - makes settings immutable |
21 | # nodbus | ||
22 | nodvd | 20 | nodvd |
23 | nogroups | 21 | nogroups |
24 | nonewprivs | 22 | nonewprivs |
diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile index 24615e828..9d737efb1 100644 --- a/etc/gnome-calculator.profile +++ b/etc/gnome-calculator.profile | |||
@@ -14,13 +14,11 @@ include /etc/firejail/disable-programs.inc | |||
14 | include /etc/firejail/whitelist-common.inc | 14 | include /etc/firejail/whitelist-common.inc |
15 | include /etc/firejail/whitelist-var-common.inc | 15 | include /etc/firejail/whitelist-var-common.inc |
16 | 16 | ||
17 | # following line makes settings immutable | 17 | # apparmor - makes settings immutable |
18 | apparmor | ||
19 | caps.drop all | 18 | caps.drop all |
20 | net none | 19 | # net none - makes settings immutable |
21 | no3d | 20 | no3d |
22 | # following line makes settings immutable | 21 | # nodbus - makes settings immutable |
23 | # nodbus | ||
24 | nodvd | 22 | nodvd |
25 | nogroups | 23 | nogroups |
26 | nonewprivs | 24 | nonewprivs |
diff --git a/etc/kcalc.profile b/etc/kcalc.profile index 0e10dc061..86a3b1462 100644 --- a/etc/kcalc.profile +++ b/etc/kcalc.profile | |||
@@ -23,7 +23,6 @@ include /etc/firejail/whitelist-var-common.inc | |||
23 | apparmor | 23 | apparmor |
24 | caps.drop all | 24 | caps.drop all |
25 | net none | 25 | net none |
26 | netfilter | ||
27 | no3d | 26 | no3d |
28 | nodbus | 27 | nodbus |
29 | nodvd | 28 | nodvd |
diff --git a/etc/pluma.profile b/etc/pluma.profile index da9766a81..d0acfeb1a 100644 --- a/etc/pluma.profile +++ b/etc/pluma.profile | |||
@@ -14,14 +14,12 @@ include /etc/firejail/disable-programs.inc | |||
14 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | 15 | include /etc/firejail/whitelist-var-common.inc |
16 | 16 | ||
17 | # following line makes settings immutable | 17 | # apparmor - makes settings immutable |
18 | apparmor | ||
19 | caps.drop all | 18 | caps.drop all |
20 | machine-id | 19 | machine-id |
21 | net none | 20 | # net none - makes settings immutable |
22 | no3d | 21 | no3d |
23 | # following line makes settings immutable | 22 | # nodbus - makes settings immutable |
24 | # nodbus | ||
25 | nodvd | 23 | nodvd |
26 | nogroups | 24 | nogroups |
27 | nonewprivs | 25 | nonewprivs |
diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile index f02d0363b..6322f8217 100644 --- a/etc/rhythmbox.profile +++ b/etc/rhythmbox.profile | |||
@@ -13,13 +13,11 @@ include /etc/firejail/disable-programs.inc | |||
13 | 13 | ||
14 | include /etc/firejail/whitelist-var-common.inc | 14 | include /etc/firejail/whitelist-var-common.inc |
15 | 15 | ||
16 | # following line makes settings immutable | 16 | # apparmor - makes settings immutable |
17 | apparmor | ||
18 | caps.drop all | 17 | caps.drop all |
19 | netfilter | 18 | netfilter |
20 | # no3d | 19 | # no3d |
21 | # following line makes settings immutable | 20 | # nodbus - makes settings immutable |
22 | # nodbus | ||
23 | nogroups | 21 | nogroups |
24 | nonewprivs | 22 | nonewprivs |
25 | noroot | 23 | noroot |
diff --git a/etc/totem.profile b/etc/totem.profile index 0b242ab8f..ad3845d90 100644 --- a/etc/totem.profile +++ b/etc/totem.profile | |||
@@ -15,12 +15,10 @@ include /etc/firejail/disable-programs.inc | |||
15 | 15 | ||
16 | include /etc/firejail/whitelist-var-common.inc | 16 | include /etc/firejail/whitelist-var-common.inc |
17 | 17 | ||
18 | # following line makes settings immutable | 18 | # apparmor - makes settings immutable |
19 | apparmor | ||
20 | caps.drop all | 19 | caps.drop all |
21 | netfilter | 20 | netfilter |
22 | # following line makes settings immutable | 21 | # nodbus - makes settings immutable |
23 | # nodbus | ||
24 | nogroups | 22 | nogroups |
25 | nonewprivs | 23 | nonewprivs |
26 | noroot | 24 | noroot |
diff --git a/etc/xed.profile b/etc/xed.profile index 5f245f9ff..5d46560b7 100644 --- a/etc/xed.profile +++ b/etc/xed.profile | |||
@@ -14,14 +14,12 @@ include /etc/firejail/disable-programs.inc | |||
14 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | 15 | include /etc/firejail/whitelist-var-common.inc |
16 | 16 | ||
17 | # following line makes settings immutable | 17 | # apparmor - makes settings immutable |
18 | apparmor | ||
19 | caps.drop all | 18 | caps.drop all |
20 | machine-id | 19 | machine-id |
21 | net none | 20 | # net none - makes settings immutable |
22 | no3d | 21 | no3d |
23 | # following line makes settings immutable | 22 | # nodbus - makes settings immutable |
24 | # nodbus | ||
25 | nodvd | 23 | nodvd |
26 | nogroups | 24 | nogroups |
27 | nonewprivs | 25 | nonewprivs |
diff --git a/etc/xplayer.profile b/etc/xplayer.profile index e0b7b4322..7e475bd58 100644 --- a/etc/xplayer.profile +++ b/etc/xplayer.profile | |||
@@ -15,12 +15,10 @@ include /etc/firejail/disable-programs.inc | |||
15 | 15 | ||
16 | include /etc/firejail/whitelist-var-common.inc | 16 | include /etc/firejail/whitelist-var-common.inc |
17 | 17 | ||
18 | # following line makes settings immutable | 18 | # apparmor - makes settings immutable |
19 | apparmor | ||
20 | caps.drop all | 19 | caps.drop all |
21 | netfilter | 20 | netfilter |
22 | # following line makes settings immutable | 21 | # nodbus - makes settings immutable |
23 | # nodbus | ||
24 | nogroups | 22 | nogroups |
25 | nonewprivs | 23 | nonewprivs |
26 | noroot | 24 | noroot |
diff --git a/etc/xviewer.profile b/etc/xviewer.profile index 35e9398ad..26f9f0238 100644 --- a/etc/xviewer.profile +++ b/etc/xviewer.profile | |||
@@ -17,13 +17,11 @@ include /etc/firejail/disable-programs.inc | |||
17 | 17 | ||
18 | include /etc/firejail/whitelist-var-common.inc | 18 | include /etc/firejail/whitelist-var-common.inc |
19 | 19 | ||
20 | # following line makes settings immutable | 20 | # apparmor - makes settings immutable |
21 | apparmor | ||
22 | caps.drop all | 21 | caps.drop all |
23 | net none | 22 | # net none - makes settings immutable |
24 | no3d | 23 | no3d |
25 | # following line makes settings immutable | 24 | # nodbus - makes settings immutable |
26 | # nodbus | ||
27 | nodvd | 25 | nodvd |
28 | nogroups | 26 | nogroups |
29 | nonewprivs | 27 | nonewprivs |