diff options
| -rw-r--r-- | etc/xpra.profile | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/etc/xpra.profile b/etc/xpra.profile index f58b0eeb8..e5d86b9e9 100644 --- a/etc/xpra.profile +++ b/etc/xpra.profile | |||
| @@ -21,7 +21,8 @@ include /etc/firejail/disable-passwdmgr.inc | |||
| 21 | include /etc/firejail/disable-programs.inc | 21 | include /etc/firejail/disable-programs.inc |
| 22 | 22 | ||
| 23 | whitelist /var/lib/xkb | 23 | whitelist /var/lib/xkb |
| 24 | include /etc/firejail/whitelist-common.inc | 24 | # whitelisting home directory, or including whitelist-common.inc |
| 25 | # will crash xpra on some platforms | ||
| 25 | 26 | ||
| 26 | caps.drop all | 27 | caps.drop all |
| 27 | # xpra needs to be allowed access to the abstract Unix socket namespace. | 28 | # xpra needs to be allowed access to the abstract Unix socket namespace. |
| @@ -30,6 +31,8 @@ nonewprivs | |||
| 30 | # In noroot mode, xpra cannot create a socket in the real /tmp/.X11-unix. | 31 | # In noroot mode, xpra cannot create a socket in the real /tmp/.X11-unix. |
| 31 | #noroot | 32 | #noroot |
| 32 | nosound | 33 | nosound |
| 34 | notv | ||
| 35 | novideo | ||
| 33 | protocol unix | 36 | protocol unix |
| 34 | seccomp | 37 | seccomp |
| 35 | shell none | 38 | shell none |
| @@ -41,4 +44,3 @@ shell none | |||
| 41 | private-dev | 44 | private-dev |
| 42 | # private-etc ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname,machine-id,xpra,X11 | 45 | # private-etc ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname,machine-id,xpra,X11 |
| 43 | private-tmp | 46 | private-tmp |
| 44 | notv | ||