diff options
author | netblue30 <netblue30@yahoo.com> | 2017-01-20 09:20:11 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-01-20 09:20:11 -0500 |
commit | 4a1d906e89c0d0f8ebe6dce16b8b7c05f2c6084f (patch) | |
tree | 7eb2799926f69b94a0fc302194654e624a050c3a /etc | |
parent | profile merges (diff) | |
download | firejail-4a1d906e89c0d0f8ebe6dce16b8b7c05f2c6084f.tar.gz firejail-4a1d906e89c0d0f8ebe6dce16b8b7c05f2c6084f.tar.zst firejail-4a1d906e89c0d0f8ebe6dce16b8b7c05f2c6084f.zip |
profile merges
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 5 | ||||
-rw-r--r-- | etc/vlc.profile | 2 | ||||
-rw-r--r-- | etc/xmms.profile | 11 |
3 files changed, 13 insertions, 5 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 6a3586e81..de8a9bfe7 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -75,12 +75,9 @@ blacklist /etc/profile.d | |||
75 | blacklist /etc/rc.local | 75 | blacklist /etc/rc.local |
76 | blacklist /etc/anacrontab | 76 | blacklist /etc/anacrontab |
77 | 77 | ||
78 | # General startup files | 78 | # Startup files |
79 | read-only ${HOME}/.xinitrc | 79 | read-only ${HOME}/.xinitrc |
80 | read-only ${HOME}/.xserverrc | 80 | read-only ${HOME}/.xserverrc |
81 | read-only ${HOME}/.profile | ||
82 | |||
83 | # Shell startup files | ||
84 | read-only ${HOME}/.antigen | 81 | read-only ${HOME}/.antigen |
85 | read-only ${HOME}/.bash_login | 82 | read-only ${HOME}/.bash_login |
86 | read-only ${HOME}/.bashrc | 83 | read-only ${HOME}/.bashrc |
diff --git a/etc/vlc.profile b/etc/vlc.profile index 2fd763f25..df9fcab03 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -8,7 +8,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
8 | 8 | ||
9 | caps.drop all | 9 | caps.drop all |
10 | netfilter | 10 | netfilter |
11 | nogroups | 11 | # nogroups |
12 | nonewprivs | 12 | nonewprivs |
13 | noroot | 13 | noroot |
14 | protocol unix,inet,inet6,netlink | 14 | protocol unix,inet,inet6,netlink |
diff --git a/etc/xmms.profile b/etc/xmms.profile new file mode 100644 index 000000000..4a482f49e --- /dev/null +++ b/etc/xmms.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # xmms media player profile | ||
2 | include /etc/firejail/disable-common.inc | ||
3 | include /etc/firejail/disable-programs.inc | ||
4 | include /etc/firejail/disable-devel.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | |||
7 | caps.drop all | ||
8 | nonewprivs | ||
9 | noroot | ||
10 | protocol unix,inet,inet6 | ||
11 | seccomp | ||