diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-01-27 14:22:39 +0100 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2020-01-27 14:22:47 +0100 |
commit | 758e623a27403ed371704eb637a15b94444e746e (patch) | |
tree | 81059c8987c5a7059ae1b04301dc0da94f4134b8 /etc | |
parent | refactor some profiles as electron redirects (#3188) (diff) | |
download | firejail-758e623a27403ed371704eb637a15b94444e746e.tar.gz firejail-758e623a27403ed371704eb637a15b94444e746e.tar.zst firejail-758e623a27403ed371704eb637a15b94444e746e.zip |
fixup! refactor some profiles as electron redirects (#3188)
- move ignores to top
- add remove netlink protocol from whalebird
- ignore caps.drop all in wire-desktop
Diffstat (limited to 'etc')
-rw-r--r-- | etc/teams-for-linux.profile | 3 | ||||
-rw-r--r-- | etc/whalebird.profile | 4 | ||||
-rw-r--r-- | etc/wire-desktop.profile | 4 |
3 files changed, 8 insertions, 3 deletions
diff --git a/etc/teams-for-linux.profile b/etc/teams-for-linux.profile index a3feb42ad..882d8d0f3 100644 --- a/etc/teams-for-linux.profile +++ b/etc/teams-for-linux.profile | |||
@@ -7,6 +7,8 @@ include teams-for-linux.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | ignore nodbus | ||
11 | |||
10 | noblacklist ${HOME}/.config/teams-for-linux | 12 | noblacklist ${HOME}/.config/teams-for-linux |
11 | 13 | ||
12 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -18,7 +20,6 @@ whitelist ${HOME}/.config/teams-for-linux | |||
18 | include whitelist-common.inc | 20 | include whitelist-common.inc |
19 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
20 | 22 | ||
21 | ignore nodbus | ||
22 | nou2f | 23 | nou2f |
23 | novideo | 24 | novideo |
24 | shell none | 25 | shell none |
diff --git a/etc/whalebird.profile b/etc/whalebird.profile index bed1a8623..2e24dd8e0 100644 --- a/etc/whalebird.profile +++ b/etc/whalebird.profile | |||
@@ -7,6 +7,8 @@ include whalebird.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | ignore nodbus | ||
11 | |||
10 | noblacklist ${HOME}/.config/Whalebird | 12 | noblacklist ${HOME}/.config/Whalebird |
11 | 13 | ||
12 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,10 +21,10 @@ whitelist ${HOME}/.config/Whalebird | |||
19 | include whitelist-common.inc | 21 | include whitelist-common.inc |
20 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
21 | 23 | ||
22 | ignore nodbus | ||
23 | no3d | 24 | no3d |
24 | nou2f | 25 | nou2f |
25 | novideo | 26 | novideo |
27 | protocol unix,inet,inet6 | ||
26 | shell none | 28 | shell none |
27 | 29 | ||
28 | disable-mnt | 30 | disable-mnt |
diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile index 78c4b418a..3c783322b 100644 --- a/etc/wire-desktop.profile +++ b/etc/wire-desktop.profile | |||
@@ -9,6 +9,9 @@ include wire-desktop.local | |||
9 | 9 | ||
10 | # Debian/Ubuntu use /opt/Wire. As that is not in PATH by default, run `firejail /opt/Wire/wire-desktop` to start it. | 10 | # Debian/Ubuntu use /opt/Wire. As that is not in PATH by default, run `firejail /opt/Wire/wire-desktop` to start it. |
11 | 11 | ||
12 | ignore caps.drop all | ||
13 | ignore nodbus | ||
14 | |||
12 | noblacklist ${HOME}/.config/Wire | 15 | noblacklist ${HOME}/.config/Wire |
13 | 16 | ||
14 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -19,7 +22,6 @@ whitelist ${HOME}/.config/Wire | |||
19 | include whitelist-common.inc | 22 | include whitelist-common.inc |
20 | 23 | ||
21 | caps.keep sys_admin,sys_chroot | 24 | caps.keep sys_admin,sys_chroot |
22 | ignore nodbus | ||
23 | nou2f | 25 | nou2f |
24 | shell none | 26 | shell none |
25 | 27 | ||