aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@protonmail.com>2021-06-04 06:40:16 -0500
committerLibravatar GitHub <noreply@github.com>2021-06-04 06:40:16 -0500
commited261d9471a042adcbb8733e1b1de13c934c3fe0 (patch)
tree8aeab84172400499132e35a197669ea2f8509a2e /etc
parentFix seahorse-adventures + CI (diff)
parentadd firejail.config switch for private-{bin,etc,opt,srv} (diff)
downloadfirejail-ed261d9471a042adcbb8733e1b1de13c934c3fe0.tar.gz
firejail-ed261d9471a042adcbb8733e1b1de13c934c3fe0.tar.zst
firejail-ed261d9471a042adcbb8733e1b1de13c934c3fe0.zip
Merge pull request #4330 from smitsohu/fjconfig
add firejail.config switch for private-{bin,etc,opt,srv}
Diffstat (limited to 'etc')
-rw-r--r--etc/firejail.config22
1 files changed, 17 insertions, 5 deletions
diff --git a/etc/firejail.config b/etc/firejail.config
index c671efef9..f5b3d5efa 100644
--- a/etc/firejail.config
+++ b/etc/firejail.config
@@ -35,11 +35,6 @@
35# cannot be overridden by --noblacklist or --ignore. 35# cannot be overridden by --noblacklist or --ignore.
36# disable-mnt no 36# disable-mnt no
37 37
38# Set the limit for file copy in several --private-* options. The size is set
39# in megabytes. By default we allow up to 500MB.
40# Note: the files are copied in RAM.
41# file-copy-limit 500
42
43# Enable or disable file transfer support, default enabled. 38# Enable or disable file transfer support, default enabled.
44# file-transfer yes 39# file-transfer yes
45 40
@@ -77,18 +72,35 @@
77# Enable or disable overlayfs features, default enabled. 72# Enable or disable overlayfs features, default enabled.
78# overlayfs yes 73# overlayfs yes
79 74
75# Set the limit for file copy in several --private-* options. The size is set
76# in megabytes. By default we allow up to 500MB.
77# Note: the files are copied in RAM.
78# file-copy-limit 500
79
80# Enable or disable private-bin feature, default enabled.
81# private-bin yes
82
80# Remove /usr/local directories from private-bin list, default disabled. 83# Remove /usr/local directories from private-bin list, default disabled.
81# private-bin-no-local no 84# private-bin-no-local no
82 85
83# Enable or disable private-cache feature, default enabled 86# Enable or disable private-cache feature, default enabled
84# private-cache yes 87# private-cache yes
85 88
89# Enable or disable private-etc feature, default enabled.
90# private-etc yes
91
86# Enable or disable private-home feature, default enabled 92# Enable or disable private-home feature, default enabled
87# private-home yes 93# private-home yes
88 94
89# Enable or disable private-lib feature, default enabled 95# Enable or disable private-lib feature, default enabled
90# private-lib yes 96# private-lib yes
91 97
98# Enable or disable private-opt feature, default enabled.
99# private-opt yes
100
101# Enable or disable private-srv feature, default enabled.
102# private-srv yes
103
92# Enable --quiet as default every time the sandbox is started. Default disabled. 104# Enable --quiet as default every time the sandbox is started. Default disabled.
93# quiet-by-default no 105# quiet-by-default no
94 106
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-06-04 02:08:24 +0000