mainline merges

author: startx2017 <vradu.startx@yandex.com> 2018-09-04 07:37:58 -0400
committer: startx2017 <vradu.startx@yandex.com> 2018-09-04 07:37:58 -0400
commit: 7770d5cec04ca36648925550cb92f15afce673fd (patch)
tree: 4b11a4c2562d1eb65b37914f0147fa6e51e8c971 /etc
parent: mainline merge (diff)
download: firejail-7770d5cec04ca36648925550cb92f15afce673fd.tar.gz
firejail-7770d5cec04ca36648925550cb92f15afce673fd.tar.zst
firejail-7770d5cec04ca36648925550cb92f15afce673fd.zip
1 files changed, 47 insertions, 0 deletions
diff --git a/etc/dig.profile b/etc/dig.profile
new file mode 100644
index 000000000..4b6ab0975
--- /dev/null
+++ b/etc/dig.profile
@@ -0,0 +1,47 @@
+quiet
+# Firejail profile for dig
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/dig.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+include /etc/firejail/disable-common.inc
+# include /etc/firejail/disable-devel.inc
+# include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+#include /etc/firejail/disable-xdg.inc
+whitelist ~/.digrc
+include /etc/firejail/whitelist-common.inc
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+# ipc-namespace
+netfilter
+no3d
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+disable-mnt
+private
+private-bin sh,bash,dig
+private-cache
+private-dev
+# private-etc resolv.conf
+private-lib
+private-tmp
+memory-deny-write-execute
+# noexec ${HOME}
+# noexec /tmp
author	startx2017 <vradu.startx@yandex.com>	2018-09-04 07:37:58 -0400
committer	startx2017 <vradu.startx@yandex.com>	2018-09-04 07:37:58 -0400
commit	7770d5cec04ca36648925550cb92f15afce673fd (patch)
tree	4b11a4c2562d1eb65b37914f0147fa6e51e8c971 /etc
parent	mainline merge (diff)
download	firejail-7770d5cec04ca36648925550cb92f15afce673fd.tar.gz firejail-7770d5cec04ca36648925550cb92f15afce673fd.tar.zst firejail-7770d5cec04ca36648925550cb92f15afce673fd.zip

diff --git a/etc/dig.profile b/etc/dig.profile new file mode 100644 index 000000000..4b6ab0975 --- /dev/null +++ b/etc/dig.profile
@@ -0,0 +1,47 @@
	1	quiet
	2	# Firejail profile for dig
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include /etc/firejail/dig.local
	6	# Persistent global definitions
	7	include /etc/firejail/globals.local
	8
	9	include /etc/firejail/disable-common.inc
	10	# include /etc/firejail/disable-devel.inc
	11	# include /etc/firejail/disable-interpreters.inc
	12	include /etc/firejail/disable-passwdmgr.inc
	13	include /etc/firejail/disable-programs.inc
	14	#include /etc/firejail/disable-xdg.inc
	15
	16	whitelist ~/.digrc
	17	include /etc/firejail/whitelist-common.inc
	18	include /etc/firejail/whitelist-var-common.inc
	19
	20	caps.drop all
	21	# ipc-namespace
	22	netfilter
	23	no3d
	24	nodbus
	25	nodvd
	26	nogroups
	27	nonewprivs
	28	noroot
	29	nosound
	30	notv
	31	novideo
	32	protocol unix,inet,inet6
	33	seccomp
	34	shell none
	35
	36	disable-mnt
	37	private
	38	private-bin sh,bash,dig
	39	private-cache
	40	private-dev
	41	# private-etc resolv.conf
	42	private-lib
	43	private-tmp
	44
	45	memory-deny-write-execute
	46	# noexec ${HOME}
	47	# noexec /tmp