diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-06-15 12:02:43 -0500 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-06-15 12:02:43 -0500 |
commit | 05fbfe63890826cb46e140da556010449695b6f2 (patch) | |
tree | 35938387a749bb5f847af16411bd0520537fae6a /etc | |
parent | Uncomment private-dev for vlc profile. (diff) | |
download | firejail-05fbfe63890826cb46e140da556010449695b6f2.tar.gz firejail-05fbfe63890826cb46e140da556010449695b6f2.tar.zst firejail-05fbfe63890826cb46e140da556010449695b6f2.zip |
test: add novideo to profiles (part 1)
Diffstat (limited to 'etc')
-rw-r--r-- | etc/0ad.profile | 1 | ||||
-rw-r--r-- | etc/7z.profile | 2 | ||||
-rw-r--r-- | etc/atom-beta.profile | 1 | ||||
-rw-r--r-- | etc/atom.profile | 1 | ||||
-rw-r--r-- | etc/atool.profile | 1 | ||||
-rw-r--r-- | etc/atril.profile | 1 | ||||
-rw-r--r-- | etc/audacity.profile | 1 | ||||
-rw-r--r-- | etc/aweather.profile | 1 | ||||
-rw-r--r-- | etc/baloo_file.profile | 1 | ||||
-rw-r--r-- | etc/bibletime.profile | 1 | ||||
-rw-r--r-- | etc/bleachbit.profile | 1 | ||||
-rw-r--r-- | etc/bless.profile | 1 | ||||
-rw-r--r-- | etc/brasero.profile | 2 | ||||
-rw-r--r-- | etc/catfish.profile | 1 | ||||
-rw-r--r-- | etc/cherrytree.profile | 1 | ||||
-rw-r--r-- | etc/clementine.profile | 1 | ||||
-rw-r--r-- | etc/clipit.profile | 1 | ||||
-rw-r--r-- | etc/deadbeef.profile | 1 | ||||
-rw-r--r-- | etc/deluge.profile | 1 | ||||
-rw-r--r-- | etc/dia.profile | 1 | ||||
-rw-r--r-- | etc/dino.profile | 1 | ||||
-rw-r--r-- | etc/dragon.profile | 1 | ||||
-rw-r--r-- | etc/dropbox.profile | 1 | ||||
-rw-r--r-- | etc/elinks.profile | 3 | ||||
-rw-r--r-- | etc/engrampa.profile | 1 | ||||
-rw-r--r-- | etc/eog.profile | 1 | ||||
-rw-r--r-- | etc/eom.profile | 1 | ||||
-rw-r--r-- | etc/evince.profile | 1 |
28 files changed, 30 insertions, 2 deletions
diff --git a/etc/0ad.profile b/etc/0ad.profile index 596cb845a..e946c1418 100644 --- a/etc/0ad.profile +++ b/etc/0ad.profile | |||
@@ -29,6 +29,7 @@ netfilter | |||
29 | nogroups | 29 | nogroups |
30 | nonewprivs | 30 | nonewprivs |
31 | noroot | 31 | noroot |
32 | novideo | ||
32 | protocol unix,inet,inet6 | 33 | protocol unix,inet,inet6 |
33 | seccomp | 34 | seccomp |
34 | shell none | 35 | shell none |
diff --git a/etc/7z.profile b/etc/7z.profile index 9cd8ade75..c7c857dc8 100644 --- a/etc/7z.profile +++ b/etc/7z.profile | |||
@@ -15,6 +15,8 @@ blacklist /tmp/.X11-unix | |||
15 | 15 | ||
16 | tracelog | 16 | tracelog |
17 | net none | 17 | net none |
18 | nosound | ||
19 | novideo | ||
18 | shell none | 20 | shell none |
19 | private-dev | 21 | private-dev |
20 | nosound | 22 | nosound |
diff --git a/etc/atom-beta.profile b/etc/atom-beta.profile index 5a42e28e8..367aa5672 100644 --- a/etc/atom-beta.profile +++ b/etc/atom-beta.profile | |||
@@ -19,6 +19,7 @@ nogroups | |||
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | nosound | 21 | nosound |
22 | novideo | ||
22 | protocol unix,inet,inet6,netlink | 23 | protocol unix,inet,inet6,netlink |
23 | seccomp | 24 | seccomp |
24 | shell none | 25 | shell none |
diff --git a/etc/atom.profile b/etc/atom.profile index fc9e49eab..726682617 100644 --- a/etc/atom.profile +++ b/etc/atom.profile | |||
@@ -19,6 +19,7 @@ nogroups | |||
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | nosound | 21 | nosound |
22 | novideo | ||
22 | protocol unix,inet,inet6,netlink | 23 | protocol unix,inet,inet6,netlink |
23 | seccomp | 24 | seccomp |
24 | shell none | 25 | shell none |
diff --git a/etc/atool.profile b/etc/atool.profile index 3f4b60312..a66b4b1c5 100644 --- a/etc/atool.profile +++ b/etc/atool.profile | |||
@@ -16,6 +16,7 @@ nogroups | |||
16 | nonewprivs | 16 | nonewprivs |
17 | noroot | 17 | noroot |
18 | nosound | 18 | nosound |
19 | novideo | ||
19 | protocol unix | 20 | protocol unix |
20 | seccomp | 21 | seccomp |
21 | netfilter | 22 | netfilter |
diff --git a/etc/atril.profile b/etc/atril.profile index a9199f512..0abad494a 100644 --- a/etc/atril.profile +++ b/etc/atril.profile | |||
@@ -18,6 +18,7 @@ nogroups | |||
18 | nonewprivs | 18 | nonewprivs |
19 | noroot | 19 | noroot |
20 | nosound | 20 | nosound |
21 | novideo | ||
21 | protocol unix | 22 | protocol unix |
22 | seccomp | 23 | seccomp |
23 | shell none | 24 | shell none |
diff --git a/etc/audacity.profile b/etc/audacity.profile index 67b625f2b..5b38d84e8 100644 --- a/etc/audacity.profile +++ b/etc/audacity.profile | |||
@@ -21,6 +21,7 @@ no3d | |||
21 | nogroups | 21 | nogroups |
22 | nonewprivs | 22 | nonewprivs |
23 | noroot | 23 | noroot |
24 | novideo | ||
24 | protocol unix | 25 | protocol unix |
25 | seccomp | 26 | seccomp |
26 | shell none | 27 | shell none |
diff --git a/etc/aweather.profile b/etc/aweather.profile index 73bf1cc5a..9d8e336cd 100644 --- a/etc/aweather.profile +++ b/etc/aweather.profile | |||
@@ -22,6 +22,7 @@ nogroups | |||
22 | nonewprivs | 22 | nonewprivs |
23 | noroot | 23 | noroot |
24 | nosound | 24 | nosound |
25 | novideo | ||
25 | protocol unix,inet,inet6 | 26 | protocol unix,inet,inet6 |
26 | seccomp | 27 | seccomp |
27 | shell none | 28 | shell none |
diff --git a/etc/baloo_file.profile b/etc/baloo_file.profile index 9caef7508..2fe6d1927 100644 --- a/etc/baloo_file.profile +++ b/etc/baloo_file.profile | |||
@@ -22,6 +22,7 @@ nogroups | |||
22 | nonewprivs | 22 | nonewprivs |
23 | noroot | 23 | noroot |
24 | nosound | 24 | nosound |
25 | novideo | ||
25 | protocol unix | 26 | protocol unix |
26 | # Baloo makes ioprio_set system calls, which are blacklisted by default. | 27 | # Baloo makes ioprio_set system calls, which are blacklisted by default. |
27 | seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,name_to_handle_at,open_by_handle_at,create_module,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,mfsservctl,get_kernel_syms,bpf,clock_settime,personality,process_vm_writev,query_module,settimeofday,stime,umount,userfaultfd,ustat,vm86,vm86old | 28 | seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,name_to_handle_at,open_by_handle_at,create_module,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,mfsservctl,get_kernel_syms,bpf,clock_settime,personality,process_vm_writev,query_module,settimeofday,stime,umount,userfaultfd,ustat,vm86,vm86old |
diff --git a/etc/bibletime.profile b/etc/bibletime.profile index 9b205456a..2162151a1 100644 --- a/etc/bibletime.profile +++ b/etc/bibletime.profile | |||
@@ -29,6 +29,7 @@ nogroups | |||
29 | nonewprivs | 29 | nonewprivs |
30 | noroot | 30 | noroot |
31 | nosound | 31 | nosound |
32 | novideo | ||
32 | protocol unix,inet,inet6,netlink | 33 | protocol unix,inet,inet6,netlink |
33 | seccomp | 34 | seccomp |
34 | shell none | 35 | shell none |
diff --git a/etc/bleachbit.profile b/etc/bleachbit.profile index 40c7a5c83..345dd119a 100644 --- a/etc/bleachbit.profile +++ b/etc/bleachbit.profile | |||
@@ -20,6 +20,7 @@ nogroups | |||
20 | nonewprivs | 20 | nonewprivs |
21 | noroot | 21 | noroot |
22 | nosound | 22 | nosound |
23 | novideo | ||
23 | protocol unix | 24 | protocol unix |
24 | seccomp | 25 | seccomp |
25 | shell none | 26 | shell none |
diff --git a/etc/bless.profile b/etc/bless.profile index 436c06a15..c9ccfc02e 100644 --- a/etc/bless.profile +++ b/etc/bless.profile | |||
@@ -28,6 +28,7 @@ nogroups | |||
28 | nonewprivs | 28 | nonewprivs |
29 | noroot | 29 | noroot |
30 | nosound | 30 | nosound |
31 | novideo | ||
31 | protocol unix | 32 | protocol unix |
32 | seccomp | 33 | seccomp |
33 | shell none | 34 | shell none |
diff --git a/etc/brasero.profile b/etc/brasero.profile index ac9ea8a7c..d013e0b8e 100644 --- a/etc/brasero.profile +++ b/etc/brasero.profile | |||
@@ -20,9 +20,9 @@ nogroups | |||
20 | nonewprivs | 20 | nonewprivs |
21 | noroot | 21 | noroot |
22 | nosound | 22 | nosound |
23 | novideo | ||
23 | protocol unix | 24 | protocol unix |
24 | seccomp | 25 | seccomp |
25 | netfilter | ||
26 | shell none | 26 | shell none |
27 | tracelog | 27 | tracelog |
28 | 28 | ||
diff --git a/etc/catfish.profile b/etc/catfish.profile index e0039a042..0deaca1b5 100644 --- a/etc/catfish.profile +++ b/etc/catfish.profile | |||
@@ -19,6 +19,7 @@ nogroups | |||
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | nosound | 21 | nosound |
22 | novideo | ||
22 | protocol unix | 23 | protocol unix |
23 | seccomp | 24 | seccomp |
24 | shell none | 25 | shell none |
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index 258be50d6..0ac71ca3c 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile | |||
@@ -20,6 +20,7 @@ nogroups | |||
20 | nonewprivs | 20 | nonewprivs |
21 | noroot | 21 | noroot |
22 | nosound | 22 | nosound |
23 | novideo | ||
23 | seccomp | 24 | seccomp |
24 | protocol unix,inet,inet6,netlink | 25 | protocol unix,inet,inet6,netlink |
25 | tracelog | 26 | tracelog |
diff --git a/etc/clementine.profile b/etc/clementine.profile index 0f585e43e..ccacc632d 100644 --- a/etc/clementine.profile +++ b/etc/clementine.profile | |||
@@ -14,6 +14,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
14 | caps.drop all | 14 | caps.drop all |
15 | nonewprivs | 15 | nonewprivs |
16 | noroot | 16 | noroot |
17 | novideo | ||
17 | protocol unix,inet,inet6 | 18 | protocol unix,inet,inet6 |
18 | # Clementine makes ioprio_set system calls, which are blacklisted by default. | 19 | # Clementine makes ioprio_set system calls, which are blacklisted by default. |
19 | seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,name_to_handle_at,open_by_handle_at,create_module,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,mfsservctl,get_kernel_syms,bpf,clock_settime,personality,process_vm_writev,query_module,settimeofday,stime,umount,userfaultfd,ustat,vm86,vm86old | 20 | seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,name_to_handle_at,open_by_handle_at,create_module,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,mfsservctl,get_kernel_syms,bpf,clock_settime,personality,process_vm_writev,query_module,settimeofday,stime,umount,userfaultfd,ustat,vm86,vm86old |
diff --git a/etc/clipit.profile b/etc/clipit.profile index cd744a022..b671b253b 100644 --- a/etc/clipit.profile +++ b/etc/clipit.profile | |||
@@ -15,6 +15,7 @@ caps.drop all | |||
15 | netfilter | 15 | netfilter |
16 | nonewprivs | 16 | nonewprivs |
17 | noroot | 17 | noroot |
18 | novideo | ||
18 | protocol unix,inet,inet6 | 19 | protocol unix,inet,inet6 |
19 | seccomp | 20 | seccomp |
20 | 21 | ||
diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index 8d50dedda..486df1d99 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile | |||
@@ -20,6 +20,7 @@ no3d | |||
20 | nogroups | 20 | nogroups |
21 | nonewprivs | 21 | nonewprivs |
22 | noroot | 22 | noroot |
23 | novideo | ||
23 | protocol unix,inet,inet6 | 24 | protocol unix,inet,inet6 |
24 | seccomp | 25 | seccomp |
25 | shell none | 26 | shell none |
diff --git a/etc/deluge.profile b/etc/deluge.profile index db2d339c7..4e7d90e53 100644 --- a/etc/deluge.profile +++ b/etc/deluge.profile | |||
@@ -24,6 +24,7 @@ netfilter | |||
24 | nonewprivs | 24 | nonewprivs |
25 | noroot | 25 | noroot |
26 | nosound | 26 | nosound |
27 | novideo | ||
27 | protocol unix,inet,inet6 | 28 | protocol unix,inet,inet6 |
28 | seccomp | 29 | seccomp |
29 | 30 | ||
diff --git a/etc/dia.profile b/etc/dia.profile index fc564b96d..4e009afd7 100644 --- a/etc/dia.profile +++ b/etc/dia.profile | |||
@@ -14,6 +14,7 @@ caps.drop all | |||
14 | netfilter | 14 | netfilter |
15 | nonewprivs | 15 | nonewprivs |
16 | noroot | 16 | noroot |
17 | novideo | ||
17 | protocol unix,inet,inet6 | 18 | protocol unix,inet,inet6 |
18 | seccomp | 19 | seccomp |
19 | 20 | ||
diff --git a/etc/dino.profile b/etc/dino.profile index a979cad7c..6d63e894e 100644 --- a/etc/dino.profile +++ b/etc/dino.profile | |||
@@ -26,6 +26,7 @@ nogroups | |||
26 | nonewprivs | 26 | nonewprivs |
27 | noroot | 27 | noroot |
28 | nosound | 28 | nosound |
29 | novideo | ||
29 | protocol unix,inet,inet6 | 30 | protocol unix,inet,inet6 |
30 | seccomp | 31 | seccomp |
31 | shell none | 32 | shell none |
diff --git a/etc/dragon.profile b/etc/dragon.profile index 661f663c3..d099f1d9d 100644 --- a/etc/dragon.profile +++ b/etc/dragon.profile | |||
@@ -18,6 +18,7 @@ netfilter | |||
18 | nogroups | 18 | nogroups |
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | novideo | ||
21 | shell none | 22 | shell none |
22 | seccomp | 23 | seccomp |
23 | protocol unix,inet,inet6 | 24 | protocol unix,inet,inet6 |
diff --git a/etc/dropbox.profile b/etc/dropbox.profile index e0097a8ea..19076704b 100644 --- a/etc/dropbox.profile +++ b/etc/dropbox.profile | |||
@@ -14,6 +14,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
14 | caps | 14 | caps |
15 | nonewprivs | 15 | nonewprivs |
16 | noroot | 16 | noroot |
17 | novideo | ||
17 | protocol unix,inet,inet6 | 18 | protocol unix,inet,inet6 |
18 | seccomp | 19 | seccomp |
19 | 20 | ||
diff --git a/etc/elinks.profile b/etc/elinks.profile index 76a7e6b94..597e43fb8 100644 --- a/etc/elinks.profile +++ b/etc/elinks.profile | |||
@@ -14,11 +14,12 @@ include /etc/firejail/disable-devel.inc | |||
14 | include /etc/firejail/disable-passwdmgr.inc | 14 | include /etc/firejail/disable-passwdmgr.inc |
15 | 15 | ||
16 | caps.drop all | 16 | caps.drop all |
17 | no3d | ||
17 | nogroups | 18 | nogroups |
18 | nonewprivs | 19 | nonewprivs |
19 | noroot | 20 | noroot |
20 | nosound | 21 | nosound |
21 | no3d | 22 | novideo |
22 | protocol unix,inet,inet6 | 23 | protocol unix,inet,inet6 |
23 | seccomp | 24 | seccomp |
24 | netfilter | 25 | netfilter |
diff --git a/etc/engrampa.profile b/etc/engrampa.profile index f409a8dd4..081a5f6b0 100644 --- a/etc/engrampa.profile +++ b/etc/engrampa.profile | |||
@@ -16,6 +16,7 @@ nogroups | |||
16 | nonewprivs | 16 | nonewprivs |
17 | noroot | 17 | noroot |
18 | nosound | 18 | nosound |
19 | novideo | ||
19 | protocol unix | 20 | protocol unix |
20 | seccomp | 21 | seccomp |
21 | netfilter | 22 | netfilter |
diff --git a/etc/eog.profile b/etc/eog.profile index 447a41a86..1b9926ec9 100644 --- a/etc/eog.profile +++ b/etc/eog.profile | |||
@@ -24,6 +24,7 @@ nogroups | |||
24 | nonewprivs | 24 | nonewprivs |
25 | noroot | 25 | noroot |
26 | nosound | 26 | nosound |
27 | novideo | ||
27 | protocol unix | 28 | protocol unix |
28 | seccomp | 29 | seccomp |
29 | shell none | 30 | shell none |
diff --git a/etc/eom.profile b/etc/eom.profile index d2622ebcf..b5eedd989 100644 --- a/etc/eom.profile +++ b/etc/eom.profile | |||
@@ -19,6 +19,7 @@ nogroups | |||
19 | nonewprivs | 19 | nonewprivs |
20 | noroot | 20 | noroot |
21 | nosound | 21 | nosound |
22 | novideo | ||
22 | protocol unix | 23 | protocol unix |
23 | seccomp | 24 | seccomp |
24 | shell none | 25 | shell none |
diff --git a/etc/evince.profile b/etc/evince.profile index 51ed3fbf3..6719244da 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -22,6 +22,7 @@ nogroups | |||
22 | nonewprivs | 22 | nonewprivs |
23 | noroot | 23 | noroot |
24 | nosound | 24 | nosound |
25 | novideo | ||
25 | protocol unix | 26 | protocol unix |
26 | seccomp | 27 | seccomp |
27 | shell none | 28 | shell none |