aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2017-09-17 13:19:06 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2017-09-17 13:19:06 -0400
commit18d83b528dd4273e0e4b48bbfa4f96b1c3a42106 (patch)
tree90b37d59100666360d2f6ab5ec5eebbcc4dc3039 /etc
parentwhitelist /var: temporary fix for Xubuntu (diff)
downloadfirejail-18d83b528dd4273e0e4b48bbfa4f96b1c3a42106.tar.gz
firejail-18d83b528dd4273e0e4b48bbfa4f96b1c3a42106.tar.zst
firejail-18d83b528dd4273e0e4b48bbfa4f96b1c3a42106.zip
whitelist /var - Xubuntu fixes
Diffstat (limited to 'etc')
-rw-r--r--etc/catfish.profile7
-rw-r--r--etc/evince.profile2
-rw-r--r--etc/gnome-calculator.profile1
-rw-r--r--etc/whitelist-common.inc1
-rw-r--r--etc/whitelist-var-common.inc2
5 files changed, 11 insertions, 2 deletions
diff --git a/etc/catfish.profile b/etc/catfish.profile
index 498f3b6ee..5fc585d90 100644
--- a/etc/catfish.profile
+++ b/etc/catfish.profile
@@ -8,8 +8,13 @@ include /etc/firejail/globals.local
8# We can't blacklist much since catfish 8# We can't blacklist much since catfish
9# is for finding files/content 9# is for finding files/content
10noblacklist ~/.config/catfish 10noblacklist ~/.config/catfish
11include /etc/firejail/disable-common.inc
12# include /etc/firejail/disable-devel.inc
13include /etc/firejail/disable-passwdmgr.inc
14include /etc/firejail/disable-programs.inc
11 15
12include /etc/firejail/disable-devel.inc 16whitelist /var/lib/mlocate
17include /etc/firejail/whitelist-var-common.inc
13 18
14caps.drop all 19caps.drop all
15net none 20net none
diff --git a/etc/evince.profile b/etc/evince.profile
index 5c6215bb2..f503b9a8e 100644
--- a/etc/evince.profile
+++ b/etc/evince.profile
@@ -12,6 +12,8 @@ include /etc/firejail/disable-devel.inc
12include /etc/firejail/disable-passwdmgr.inc 12include /etc/firejail/disable-passwdmgr.inc
13include /etc/firejail/disable-programs.inc 13include /etc/firejail/disable-programs.inc
14 14
15include /etc/firejail/whitelist-var-common.inc
16
15caps.drop all 17caps.drop all
16netfilter 18netfilter
17no3d 19no3d
diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile
index 6547c73df..326222426 100644
--- a/etc/gnome-calculator.profile
+++ b/etc/gnome-calculator.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
11include /etc/firejail/disable-passwdmgr.inc 11include /etc/firejail/disable-passwdmgr.inc
12include /etc/firejail/disable-programs.inc 12include /etc/firejail/disable-programs.inc
13include /etc/firejail/whitelist-common.inc 13include /etc/firejail/whitelist-common.inc
14include /etc/firejail/whitelist-var-common.inc
14 15
15caps.drop all 16caps.drop all
16netfilter 17netfilter
diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc
index ba4b91451..ef95a7e5e 100644
--- a/etc/whitelist-common.inc
+++ b/etc/whitelist-common.inc
@@ -16,6 +16,7 @@ whitelist ~/.drirc
16whitelist ~/.mime.types 16whitelist ~/.mime.types
17whitelist ~/.local/share/applications 17whitelist ~/.local/share/applications
18read-only ~/.local/share/applications 18read-only ~/.local/share/applications
19whitelist ~/.config/ibus
19 20
20# fonts 21# fonts
21whitelist ~/.fonts 22whitelist ~/.fonts
diff --git a/etc/whitelist-var-common.inc b/etc/whitelist-var-common.inc
index 2229a9066..bd3473acc 100644
--- a/etc/whitelist-var-common.inc
+++ b/etc/whitelist-var-common.inc
@@ -3,7 +3,7 @@ include /etc/firejail/whitelist-var-common.local
3 3
4# common /var whitelist for all profiles 4# common /var whitelist for all profiles
5 5
6#whitelist /var/lib/dbus/machine-id - problems on Xubuntu, it is a symlink to /etc/machine-id, whitelist will fail 6whitelist /var/lib/dbus
7whitelist /var/lib/menu-xdg 7whitelist /var/lib/menu-xdg
8whitelist /var/cache/fontconfig 8whitelist /var/cache/fontconfig
9whitelist /var/tmp 9whitelist /var/tmp
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-01 10:57:46 +0000