diff options
| author |  glitsj16 <glitsj16@users.noreply.github.com> | 2021-07-28 16:38:20 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2021-07-28 16:38:20 +0000 |
| commit | 6e0504feaaed3cffccfb6a91768103d9c7b3c918 (patch) | |
| tree | a04e31ed355d74aaf9c6151b977ef1f2c0b2f0d2 /etc | |
| parent | fix grammar (diff) | |
| download | firejail-6e0504feaaed3cffccfb6a91768103d9c7b3c918.tar.gz firejail-6e0504feaaed3cffccfb6a91768103d9c7b3c918.tar.zst firejail-6e0504feaaed3cffccfb6a91768103d9c7b3c918.zip | |
reordering and fix for ids.config
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/ids.config | 124 |
1 files changed, 66 insertions, 58 deletions
diff --git a/etc/ids.config b/etc/ids.config index 7e03841c9..482083ec0 100644 --- a/etc/ids.config +++ b/etc/ids.config | |||
| @@ -1,34 +1,32 @@ | |||
| 1 | # /etc/firejail/ids.config - configuration file for Firejail's Intrusion Detection System | 1 | # /etc/firejail/ids.config - configuration file for Firejail's Intrusion Detection System |
| 2 | # This config file is overwritten when a new version of Firejail is installed. | ||
| 3 | # For global customization use /etc/firejail/ids.config.local. | ||
| 4 | include ids.config.local | ||
| 2 | # | 5 | # |
| 3 | # Each line is a file or directory name such as | 6 | # Each line is a file or directory name such as |
| 4 | # /usr/bin | 7 | # /usr/bin |
| 5 | # or | 8 | # or |
| 6 | # ${HOME}/Desktop/*.desktop | 9 | # ${HOME}/Desktop/*.desktop |
| 7 | # | 10 | # |
| 8 | # ${HOME} is expanded to user home directory, and * is the regular | 11 | # ${HOME} is expanded to the user's home directory, and * is the regular |
| 9 | # globbing match for zero or more characters. | 12 | # globbing match for zero or more characters. |
| 10 | # | 13 | # |
| 11 | # File or directory names starting with ! are not scanned. For example | 14 | # File or directory names starting with ! are not scanned. For example |
| 12 | # !${HOME}/.ssh/known_hosts | 15 | # !${HOME}/.ssh/known_hosts |
| 13 | # ${HOME}/.ssh | 16 | # ${HOME}/.ssh |
| 14 | # will scan all files in ~/.ssh directory with the exception of knonw_hosts | 17 | # will scan all files in ~/.ssh directory with the exception of known_hosts |
| 15 | # | ||
| 16 | # This config file is overwritten when a new version of Firejail is installed. | ||
| 17 | # For global customization use /etc/firejal/ids.config.local. | ||
| 18 | |||
| 19 | include ids.config.local | ||
| 20 | 18 | ||
| 21 | ### system executables ### | 19 | ### system executables ### |
| 22 | /bin | 20 | /bin |
| 23 | /sbin | 21 | /sbin |
| 24 | /usr/bin | 22 | /usr/bin |
| 25 | /usr/sbin | ||
| 26 | /usr/games | 23 | /usr/games |
| 27 | /usr/libexec | 24 | /usr/libexec |
| 25 | /usr/sbin | ||
| 28 | 26 | ||
| 29 | ### user executables ### | 27 | ### user executables ### |
| 30 | #/usr/local | ||
| 31 | #/opt | 28 | #/opt |
| 29 | #/usr/local | ||
| 32 | 30 | ||
| 33 | ### system libraries ### | 31 | ### system libraries ### |
| 34 | #/lib | 32 | #/lib |
| @@ -38,97 +36,107 @@ include ids.config.local | |||
| 38 | #/usr/libx32 | 36 | #/usr/libx32 |
| 39 | 37 | ||
| 40 | ### shells local ### | 38 | ### shells local ### |
| 41 | ${HOME}/.bashrc # bash | 39 | # bash |
| 42 | ${HOME}/.bash_profile | ||
| 43 | ${HOME}/.bash_login | 40 | ${HOME}/.bash_login |
| 44 | ${HOME}/.bash_logout | 41 | ${HOME}/.bash_logout |
| 45 | ${HOME}/.zshenv #zsh | 42 | ${HOME}/.bash_profile |
| 46 | ${HOME}/.zshprofile | 43 | ${HOME}/.bashrc |
| 47 | ${HOME}/.zshrc | 44 | # fish |
| 48 | ${HOME}/.zlogin | 45 | ${HOME}/.config/fish/config.fish |
| 49 | ${HOME}/.zlogout | 46 | # others |
| 50 | ${HOME}/.config/fish/config.fish # fish | 47 | ${HOME}/.cshrc |
| 51 | ${HOME}/.profile # others | 48 | ${HOME}/.kshrc |
| 52 | ${HOME}/.login | 49 | ${HOME}/.login |
| 53 | ${HOME}/.logout | 50 | ${HOME}/.logout |
| 54 | ${HOME}/.cshrc | 51 | ${HOME}/.profile |
| 55 | ${HOME}/.tcshrc | 52 | ${HOME}/.tcshrc |
| 56 | ${HOME}/.kshrc | 53 | # zsh |
| 54 | ${HOME}/.zlogin | ||
| 55 | ${HOME}/.zlogout | ||
| 56 | ${HOME}/.zshenv | ||
| 57 | ${HOME}/.zshprofile | ||
| 58 | ${HOME}/.zshrc | ||
| 57 | 59 | ||
| 58 | ### shells global ### | 60 | ### shells global ### |
| 59 | /etc/shells # all | 61 | # all |
| 62 | /etc/dircolors | ||
| 63 | /etc/environment | ||
| 60 | /etc/profile | 64 | /etc/profile |
| 61 | /etc/profile.d | 65 | /etc/profile.d |
| 62 | /etc/environment | 66 | /etc/shells |
| 63 | /etc/skel | 67 | /etc/skel |
| 64 | /etc/dircolors | 68 | # bash |
| 65 | /etc/bash.bashrc # bash | ||
| 66 | /etc/bash_completion* | 69 | /etc/bash_completion* |
| 70 | /etc/bash.bashrc | ||
| 67 | /etc/bashrc | 71 | /etc/bashrc |
| 68 | /etc/zshenv # zsh | 72 | # fish |
| 69 | /etc/zprofile | 73 | /etc/fish |
| 70 | /etc/zshrc | 74 | # ksh |
| 71 | /etc/zlogin | 75 | /etc/ksh.kshrc |
| 72 | /etc/zlogout | 76 | # tcsh |
| 73 | /etc/fish # fish | 77 | /etc/complete.tcsh |
| 74 | /etc/complete.tcsh # tcsh | ||
| 75 | /etc/csh.cshrc | 78 | /etc/csh.cshrc |
| 76 | /etc/csh.login | 79 | /etc/csh.login |
| 77 | /etc/csh.logout | 80 | /etc/csh.logout |
| 78 | /etc/ksh.kshrc # ksh | 81 | # zsh |
| 82 | /etc/zlogin | ||
| 83 | /etc/zlogout | ||
| 84 | /etc/zprofile | ||
| 85 | /etc/zshenv | ||
| 86 | /etc/zshrc | ||
| 79 | 87 | ||
| 80 | ### X11 ### | 88 | ### X11 ### |
| 81 | ${HOME}/.xsessionrc | ||
| 82 | ${HOME}/.xsession | ||
| 83 | ${HOME}/.Xsession | ||
| 84 | ${HOME}/.xinitrc | 89 | ${HOME}/.xinitrc |
| 85 | ${HOME}/.xprofile | ||
| 86 | ${HOME}/.xmodmaprc | 90 | ${HOME}/.xmodmaprc |
| 91 | ${HOME}/.xprofile | ||
| 92 | ${HOME}/.Xresources | ||
| 87 | ${HOME}/.xserverrc | 93 | ${HOME}/.xserverrc |
| 88 | ${HOME}/.Xresurces | 94 | ${HOME}/.Xsession |
| 95 | ${HOME}/.xsession | ||
| 96 | ${HOME}/.xsessionrc | ||
| 89 | /etc/X11 | 97 | /etc/X11 |
| 90 | 98 | ||
| 91 | ### window/desktop manager ### | 99 | ### window/desktop manager ### |
| 92 | ${HOME}/.config/autostart | ||
| 93 | ${HOME}/Desktop/*.desktop | 100 | ${HOME}/Desktop/*.desktop |
| 101 | ${HOME}/.config/autostart | ||
| 94 | ${HOME}/.config/lxsession/LXDE/autostart | 102 | ${HOME}/.config/lxsession/LXDE/autostart |
| 95 | ${HOME}/.gnomerc | 103 | ${HOME}/.gnomerc |
| 96 | ${HOME}/.gtkrc | 104 | ${HOME}/.gtkrc |
| 97 | ${HOME}/.kderc | 105 | ${HOME}/.kderc |
| 98 | 106 | ||
| 99 | ### security ### | 107 | ### security ### |
| 100 | ${HOME}/.gnupg | ||
| 101 | ${HOME}/.config/firejail | 108 | ${HOME}/.config/firejail |
| 109 | ${HOME}/.gnupg | ||
| 110 | /etc/aide | ||
| 102 | /etc/apparmor* | 111 | /etc/apparmor* |
| 103 | /etc/selinux | 112 | /etc/chkrootkit.conf |
| 104 | /etc/security | 113 | /etc/cracklib |
| 114 | /etc/libaudit.conf | ||
| 105 | /etc/group* | 115 | /etc/group* |
| 106 | /etc/gshadow* | 116 | /etc/gshadow* |
| 117 | /etc/pam.* | ||
| 107 | /etc/passwd* | 118 | /etc/passwd* |
| 119 | /etc/rkhunter* | ||
| 120 | /etc/securetty | ||
| 121 | /etc/security | ||
| 122 | /etc/selinux | ||
| 108 | /etc/shadow* | 123 | /etc/shadow* |
| 109 | /etc/pam.* | ||
| 110 | /etc/sudoers* | 124 | /etc/sudoers* |
| 111 | /etc/securetty | ||
| 112 | /etc/cracklib | ||
| 113 | /etc/libaudit.conf | ||
| 114 | /etc/tripwire | 125 | /etc/tripwire |
| 115 | /etc/aide | ||
| 116 | /etc/chkrootkit.conf | ||
| 117 | /etc/rkhunter.conf | ||
| 118 | 126 | ||
| 119 | *** network security *** | 127 | ### network security ### |
| 120 | /etc/services | 128 | !${HOME}/.ssh/known_hosts # excluding |
| 121 | /etc/hosts.* | ||
| 122 | /etc/ssl | ||
| 123 | /etc/ca-certificates* | ||
| 124 | /usr/share/ca-certificates | ||
| 125 | !${HOME}/.ssh/known_hosts # excluding | ||
| 126 | ${HOME}/.ssh | 129 | ${HOME}/.ssh |
| 127 | /etc/ssh | 130 | /etc/ca-certificates* |
| 131 | /etc/hosts.* | ||
| 132 | /etc/services | ||
| 128 | /etc/snort | 133 | /etc/snort |
| 134 | /etc/ssh | ||
| 135 | /etc/ssl | ||
| 129 | /etc/wireshark | 136 | /etc/wireshark |
| 137 | /usr/share/ca-certificates | ||
| 130 | 138 | ||
| 131 | ### system config ### | 139 | ### system config ### |
| 132 | /etc/default | ||
| 133 | /etc/crontab | ||
| 134 | /etc/cron.* | 140 | /etc/cron.* |
| 141 | /etc/crontab | ||
| 142 | /etc/default | ||