diff options
author | netblue30 <netblue30@yahoo.com> | 2016-06-10 10:41:57 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-06-10 10:41:57 -0400 |
commit | e3abab47dcda4dba4a1412261e35cb1608ffd900 (patch) | |
tree | c1b75716185ea40aa77ff947991c868f7d5d8628 /etc | |
parent | private-bin conversion (diff) | |
download | firejail-e3abab47dcda4dba4a1412261e35cb1608ffd900.tar.gz firejail-e3abab47dcda4dba4a1412261e35cb1608ffd900.tar.zst firejail-e3abab47dcda4dba4a1412261e35cb1608ffd900.zip |
private-bin conversion
Diffstat (limited to 'etc')
-rw-r--r-- | etc/cherrytree.profile | 9 | ||||
-rw-r--r-- | etc/disable-devel.inc | 2 | ||||
-rw-r--r-- | etc/evince.profile | 3 | ||||
-rw-r--r-- | etc/fbreader.profile | 3 | ||||
-rw-r--r-- | etc/gnome-mplayer.profile | 3 | ||||
-rw-r--r-- | etc/gthumb.profile | 2 | ||||
-rw-r--r-- | etc/vlc.profile | 2 |
7 files changed, 21 insertions, 3 deletions
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index bc6fe1d86..7b6238d98 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile | |||
@@ -24,3 +24,12 @@ protocol unix,inet,inet6,netlink | |||
24 | tracelog | 24 | tracelog |
25 | 25 | ||
26 | include /etc/firejail/whitelist-common.inc | 26 | include /etc/firejail/whitelist-common.inc |
27 | |||
28 | # no private-bin support for various reasons: | ||
29 | #10:25:34 exec 11249 (root) NEW SANDBOX: /usr/bin/firejail /usr/bin/cherrytree | ||
30 | #10:25:34 exec 11252 (netblue) /bin/bash -c "/usr/bin/cherrytree" | ||
31 | #10:25:34 exec 11252 (netblue) /usr/bin/python /usr/bin/cherrytree | ||
32 | #10:25:34 exec 11253 (netblue) sh -c /sbin/ldconfig -p 2>/dev/null | ||
33 | #10:25:34 exec 11255 (netblue) sh -c if type gcc >/dev/null 2>&1; then CC=gcc; elif type cc >/dev/null 2>&1; then CC=cc;else exit 10; fi;LANG=C LC_ALL=C $CC -Wl,-t -o /tmp/tmpiYr44S 2>&1 -llibc | ||
34 | # it requires acces to browser to show the online help | ||
35 | # it doesn't play nicely with expect | ||
diff --git a/etc/disable-devel.inc b/etc/disable-devel.inc index 8c18ec2c3..071a82f76 100644 --- a/etc/disable-devel.inc +++ b/etc/disable-devel.inc | |||
@@ -37,7 +37,7 @@ blacklist /usr/lib/php* | |||
37 | blacklist /usr/bin/ruby | 37 | blacklist /usr/bin/ruby |
38 | blacklist /usr/lib/ruby | 38 | blacklist /usr/lib/ruby |
39 | 39 | ||
40 | # Programs using python: deluge, some firefox addons, filezilla | 40 | # Programs using python: deluge, firefox addons, filezilla, cherrytree |
41 | # Python 2 | 41 | # Python 2 |
42 | #blacklist /usr/bin/python2* | 42 | #blacklist /usr/bin/python2* |
43 | #blacklist /usr/lib/python2* | 43 | #blacklist /usr/lib/python2* |
diff --git a/etc/evince.profile b/etc/evince.profile index 8c84a1daa..8671c1251 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -10,3 +10,6 @@ noroot | |||
10 | nosound | 10 | nosound |
11 | protocol unix,inet,inet6 | 11 | protocol unix,inet,inet6 |
12 | seccomp | 12 | seccomp |
13 | |||
14 | shell none | ||
15 | private-bin evince,evince-previewer,evince-thumbnailer | ||
diff --git a/etc/fbreader.profile b/etc/fbreader.profile index c4d84691c..df359e50a 100644 --- a/etc/fbreader.profile +++ b/etc/fbreader.profile | |||
@@ -13,3 +13,6 @@ noroot | |||
13 | nosound | 13 | nosound |
14 | protocol unix,inet,inet6 | 14 | protocol unix,inet,inet6 |
15 | seccomp | 15 | seccomp |
16 | |||
17 | shell none | ||
18 | private-bin fbreader,FBReader \ No newline at end of file | ||
diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index f15778534..1caea177d 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile | |||
@@ -9,3 +9,6 @@ nonewprivs | |||
9 | noroot | 9 | noroot |
10 | protocol unix,inet,inet6 | 10 | protocol unix,inet,inet6 |
11 | seccomp | 11 | seccomp |
12 | |||
13 | shell none | ||
14 | private-bin gnome-mplayer | ||
diff --git a/etc/gthumb.profile b/etc/gthumb.profile index 55041b5cc..68d6a52d9 100644 --- a/etc/gthumb.profile +++ b/etc/gthumb.profile | |||
@@ -13,5 +13,5 @@ noroot | |||
13 | protocol unix,inet,inet6 | 13 | protocol unix,inet,inet6 |
14 | seccomp | 14 | seccomp |
15 | 15 | ||
16 | private-bin gthumb | ||
17 | shell none | 16 | shell none |
17 | private-bin gthumb | ||
diff --git a/etc/vlc.profile b/etc/vlc.profile index e225e80e9..1a6e5a151 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -16,4 +16,4 @@ seccomp | |||
16 | 16 | ||
17 | # to test | 17 | # to test |
18 | shell none | 18 | shell none |
19 | private-bin vlc | 19 | private-bin vlc,cvlc,nvlc,rvlc,qvlc,svlc |