summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--etc/midori.profile38
-rw-r--r--src/firejail/rlimit.c8
2 files changed, 38 insertions, 8 deletions
diff --git a/etc/midori.profile b/etc/midori.profile
index 44e5e7417..a0bcb808c 100644
--- a/etc/midori.profile
+++ b/etc/midori.profile
@@ -2,16 +2,46 @@
2# Persistent customizations should go in a .local file. 2# Persistent customizations should go in a .local file.
3include /etc/firejail/midori.local 3include /etc/firejail/midori.local
4 4
5# Midori browser profile 5# Midori profile
6noblacklist ${HOME}/.config/midori 6noblacklist ~/.config/midori
7noblacklist ~/.local/share/midori
8noblacklist ~/.local/share/webkit
9noblacklist ~/.local/share/webkitgtk
10noblacklist ~/.pki
11noblacklist ~/.lastpass
7include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
8include /etc/firejail/disable-programs.inc 13include /etc/firejail/disable-programs.inc
9include /etc/firejail/disable-devel.inc 14include /etc/firejail/disable-devel.inc
10 15
16mkdir ~/.config/midori
17whitelist ~/.config/midori
18
19mkdir ~/.cache/midori
20whitelist ~/.cache/midori
21
22mkdir ~/.local/share/midori
23whitelist ~/.local/share/midori
24
25mkdir ~/.local/share/webkit
26whitelist ~/.local/share/webkit
27
28mkdir ~/.local/share/webkitgtk
29whitelist ~/.local/share/webkitgtk
30
31whitelist ${DOWNLOADS}
32whitelist ~/.config/gnome-mplayer
33whitelist ~/.cache/gnome-mplayer/plugin
34mkdir ~/.pki
35whitelist ~/.pki
36whitelist ~/.lastpass
37
38
11caps.drop all 39caps.drop all
12netfilter 40netfilter
13nonewprivs 41nonewprivs
14# noroot - noroot break midori on Ubuntu 14.04 42# noroot - porblems on Ubuntu 14.04
15protocol unix,inet,inet6 43protocol unix,inet,inet6,netlink
16seccomp 44seccomp
45tracelog
46
17 47
diff --git a/src/firejail/rlimit.c b/src/firejail/rlimit.c
index 5e30e56a3..bf63bae38 100644
--- a/src/firejail/rlimit.c
+++ b/src/firejail/rlimit.c
@@ -33,7 +33,7 @@ void set_rlimits(void) {
33 if (setrlimit(RLIMIT_NOFILE, &rl) == -1) 33 if (setrlimit(RLIMIT_NOFILE, &rl) == -1)
34 errExit("setrlimit"); 34 errExit("setrlimit");
35 if (arg_debug) 35 if (arg_debug)
36 printf("Config rlimit: number of open file descriptors %u\n", cfg.rlimit_nofile); 36 printf("Config rlimit: number of open file descriptors %llu\n", cfg.rlimit_nofile);
37 } 37 }
38 38
39 if (arg_rlimit_nproc) { 39 if (arg_rlimit_nproc) {
@@ -45,7 +45,7 @@ void set_rlimits(void) {
45 if (setrlimit(RLIMIT_NPROC, &rl) == -1) 45 if (setrlimit(RLIMIT_NPROC, &rl) == -1)
46 errExit("setrlimit"); 46 errExit("setrlimit");
47 if (arg_debug) 47 if (arg_debug)
48 printf("Config rlimit: number of processes %u\n", cfg.rlimit_nproc); 48 printf("Config rlimit: number of processes %llu\n", cfg.rlimit_nproc);
49 } 49 }
50 50
51 if (arg_rlimit_fsize) { 51 if (arg_rlimit_fsize) {
@@ -57,7 +57,7 @@ void set_rlimits(void) {
57 if (setrlimit(RLIMIT_FSIZE, &rl) == -1) 57 if (setrlimit(RLIMIT_FSIZE, &rl) == -1)
58 errExit("setrlimit"); 58 errExit("setrlimit");
59 if (arg_debug) 59 if (arg_debug)
60 printf("Config rlimit: maximum file size %u\n", cfg.rlimit_fsize); 60 printf("Config rlimit: maximum file size %llu\n", cfg.rlimit_fsize);
61 } 61 }
62 62
63 if (arg_rlimit_sigpending) { 63 if (arg_rlimit_sigpending) {
@@ -69,6 +69,6 @@ void set_rlimits(void) {
69 if (setrlimit(RLIMIT_SIGPENDING, &rl) == -1) 69 if (setrlimit(RLIMIT_SIGPENDING, &rl) == -1)
70 errExit("setrlimit"); 70 errExit("setrlimit");
71 if (arg_debug) 71 if (arg_debug)
72 printf("Config rlimit: maximum number of signals pending %u\n", cfg.rlimit_sigpending); 72 printf("Config rlimit: maximum number of signals pending %llu\n", cfg.rlimit_sigpending);
73 } 73 }
74} 74}
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-20 15:38:09 +0000