diff options
author | netblue30 <netblue30@protonmail.com> | 2021-06-04 06:40:16 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-06-04 06:40:16 -0500 |
commit | ed261d9471a042adcbb8733e1b1de13c934c3fe0 (patch) | |
tree | 8aeab84172400499132e35a197669ea2f8509a2e /etc | |
parent | Fix seahorse-adventures + CI (diff) | |
parent | add firejail.config switch for private-{bin,etc,opt,srv} (diff) | |
download | firejail-ed261d9471a042adcbb8733e1b1de13c934c3fe0.tar.gz firejail-ed261d9471a042adcbb8733e1b1de13c934c3fe0.tar.zst firejail-ed261d9471a042adcbb8733e1b1de13c934c3fe0.zip |
Merge pull request #4330 from smitsohu/fjconfig
add firejail.config switch for private-{bin,etc,opt,srv}
Diffstat (limited to 'etc')
-rw-r--r-- | etc/firejail.config | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index c671efef9..f5b3d5efa 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -35,11 +35,6 @@ | |||
35 | # cannot be overridden by --noblacklist or --ignore. | 35 | # cannot be overridden by --noblacklist or --ignore. |
36 | # disable-mnt no | 36 | # disable-mnt no |
37 | 37 | ||
38 | # Set the limit for file copy in several --private-* options. The size is set | ||
39 | # in megabytes. By default we allow up to 500MB. | ||
40 | # Note: the files are copied in RAM. | ||
41 | # file-copy-limit 500 | ||
42 | |||
43 | # Enable or disable file transfer support, default enabled. | 38 | # Enable or disable file transfer support, default enabled. |
44 | # file-transfer yes | 39 | # file-transfer yes |
45 | 40 | ||
@@ -77,18 +72,35 @@ | |||
77 | # Enable or disable overlayfs features, default enabled. | 72 | # Enable or disable overlayfs features, default enabled. |
78 | # overlayfs yes | 73 | # overlayfs yes |
79 | 74 | ||
75 | # Set the limit for file copy in several --private-* options. The size is set | ||
76 | # in megabytes. By default we allow up to 500MB. | ||
77 | # Note: the files are copied in RAM. | ||
78 | # file-copy-limit 500 | ||
79 | |||
80 | # Enable or disable private-bin feature, default enabled. | ||
81 | # private-bin yes | ||
82 | |||
80 | # Remove /usr/local directories from private-bin list, default disabled. | 83 | # Remove /usr/local directories from private-bin list, default disabled. |
81 | # private-bin-no-local no | 84 | # private-bin-no-local no |
82 | 85 | ||
83 | # Enable or disable private-cache feature, default enabled | 86 | # Enable or disable private-cache feature, default enabled |
84 | # private-cache yes | 87 | # private-cache yes |
85 | 88 | ||
89 | # Enable or disable private-etc feature, default enabled. | ||
90 | # private-etc yes | ||
91 | |||
86 | # Enable or disable private-home feature, default enabled | 92 | # Enable or disable private-home feature, default enabled |
87 | # private-home yes | 93 | # private-home yes |
88 | 94 | ||
89 | # Enable or disable private-lib feature, default enabled | 95 | # Enable or disable private-lib feature, default enabled |
90 | # private-lib yes | 96 | # private-lib yes |
91 | 97 | ||
98 | # Enable or disable private-opt feature, default enabled. | ||
99 | # private-opt yes | ||
100 | |||
101 | # Enable or disable private-srv feature, default enabled. | ||
102 | # private-srv yes | ||
103 | |||
92 | # Enable --quiet as default every time the sandbox is started. Default disabled. | 104 | # Enable --quiet as default every time the sandbox is started. Default disabled. |
93 | # quiet-by-default no | 105 | # quiet-by-default no |
94 | 106 | ||