diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2021-04-18 04:44:04 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-18 04:44:04 +0000 |
commit | fb4c90155ad5efcc4568a6cf8bf823540c971093 (patch) | |
tree | 74ebaeb7e63ab945a8ee52cb123e676c7a6d52c0 /etc | |
parent | broaden support for pcre in private-lib (diff) | |
download | firejail-fb4c90155ad5efcc4568a6cf8bf823540c971093.tar.gz firejail-fb4c90155ad5efcc4568a6cf8bf823540c971093.tar.zst firejail-fb4c90155ad5efcc4568a6cf8bf823540c971093.zip |
unblock tor support in brave (#4200)
* opt-in for brave's native tor support
* fix brave's native tor support
* warn about potential tor breakage when using apparmor
* update comment for opting in to tor
* move brave's tor apparmor fix in brave.profile
Diffstat (limited to 'etc')
-rw-r--r-- | etc/apparmor/firejail-local | 3 | ||||
-rw-r--r-- | etc/profile-a-l/brave.profile | 5 |
2 files changed, 7 insertions, 1 deletions
diff --git a/etc/apparmor/firejail-local b/etc/apparmor/firejail-local index 7f2a778ab..3dfd3d0ea 100644 --- a/etc/apparmor/firejail-local +++ b/etc/apparmor/firejail-local | |||
@@ -8,5 +8,8 @@ | |||
8 | #owner @HOME/bin/** ix | 8 | #owner @HOME/bin/** ix |
9 | #owner @HOME/.local/bin/** ix | 9 | #owner @HOME/.local/bin/** ix |
10 | 10 | ||
11 | # Uncomment to opt-in to apparmor for brave + tor | ||
12 | #owner @{HOME}/.config/BraveSoftware/Brave-Browser/biahpgbdmdkfgndcmfiipgcebobojjkp/*/** ix, | ||
13 | |||
11 | # Uncomment to opt-in to apparmor for torbrowser-launcher | 14 | # Uncomment to opt-in to apparmor for torbrowser-launcher |
12 | #owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/** ix, | 15 | #owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/** ix, |
diff --git a/etc/profile-a-l/brave.profile b/etc/profile-a-l/brave.profile index 5a5e9eacd..09548c761 100644 --- a/etc/profile-a-l/brave.profile +++ b/etc/profile-a-l/brave.profile | |||
@@ -8,7 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | # noexec /tmp is included in chromium-common.profile and breaks Brave | 9 | # noexec /tmp is included in chromium-common.profile and breaks Brave |
10 | ignore noexec /tmp | 10 | ignore noexec /tmp |
11 | # TOR is installed in ${HOME} | 11 | # TOR is installed in ${HOME}. |
12 | # NOTE: chromium-common.profile enables apparmor. To keep that intact | ||
13 | # you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default. | ||
14 | # Alternatively you can add 'ignore apparmor' to your brave.local. | ||
12 | ignore noexec ${HOME} | 15 | ignore noexec ${HOME} |
13 | 16 | ||
14 | noblacklist ${HOME}/.cache/BraveSoftware | 17 | noblacklist ${HOME}/.cache/BraveSoftware |