diff options
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | etc/cantata.profile | 40 | ||||
-rw-r--r-- | etc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/keepassxc.profile | 2 | ||||
-rw-r--r-- | etc/pidgin.profile | 5 | ||||
-rw-r--r-- | etc/xiphos.profile | 8 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 | ||||
-rw-r--r-- | src/firejail/dbus.c | 7 | ||||
-rw-r--r-- | src/firejail/env.c | 5 | ||||
-rw-r--r-- | src/firejail/firejail.h | 2 | ||||
-rw-r--r-- | src/firejail/fs.c | 4 | ||||
-rw-r--r-- | src/firejail/fs_home.c | 6 | ||||
-rw-r--r-- | src/firejail/fs_whitelist.c | 6 | ||||
-rw-r--r-- | src/firejail/main.c | 3 | ||||
-rw-r--r-- | src/firejail/mountinfo.c | 4 | ||||
-rw-r--r-- | src/firejail/pulseaudio.c | 4 | ||||
-rw-r--r-- | src/firejail/sandbox.c | 2 | ||||
-rw-r--r-- | src/firejail/util.c | 4 | ||||
-rw-r--r-- | src/firejail/x11.c | 4 | ||||
-rw-r--r-- | src/man/firejail.txt | 8 |
20 files changed, 107 insertions, 15 deletions
@@ -560,11 +560,11 @@ rusty-snake (https://github.com/rusty-snake) | |||
560 | - fixed profiles: freeoffice-textmaker, code, newsboat, aosp, clion | 560 | - fixed profiles: freeoffice-textmaker, code, newsboat, aosp, clion |
561 | - fixed profiles: android-studio, git, gitg, github-desktop, idea.sh | 561 | - fixed profiles: android-studio, git, gitg, github-desktop, idea.sh |
562 | - fixed profiles: ffmpeg, thunderbird, gnome-system-log, file-roller | 562 | - fixed profiles: ffmpeg, thunderbird, gnome-system-log, file-roller |
563 | - fixed profiles: eog, eom | 563 | - fixed profiles: eog, eom, xiphos |
564 | - hardened profiles: disable-common.inc, disable-programs.inc | 564 | - hardened profiles: disable-common.inc, disable-programs.inc |
565 | - hardened profiles: gajim, evince, ffmpeg, feh-network.inc, qtox | 565 | - hardened profiles: gajim, evince, ffmpeg, feh-network.inc, qtox |
566 | - hardened profiles: gnome-clocks, meld, minetest, youtube-dl | 566 | - hardened profiles: gnome-clocks, meld, minetest, youtube-dl |
567 | - hardened profiles: bibletime, whois, etr, display, feh, mpv | 567 | - hardened profiles: bibletime, whois, etr, display, feh, mpv, xiphos |
568 | - gnome-mpv was renamed to celluloid | 568 | - gnome-mpv was renamed to celluloid |
569 | - some typo fixes | 569 | - some typo fixes |
570 | Salvo 'LtWorf' Tomaselli (https://github.com/ltworf) | 570 | Salvo 'LtWorf' Tomaselli (https://github.com/ltworf) |
diff --git a/etc/cantata.profile b/etc/cantata.profile new file mode 100644 index 000000000..e4a4de9c1 --- /dev/null +++ b/etc/cantata.profile | |||
@@ -0,0 +1,40 @@ | |||
1 | # Firejail profile for Cantata | ||
2 | # Description: Multimedia player - Qt5 client for the music Player daemon (MPD) | ||
3 | # This file is overwritten during software install. | ||
4 | # Persistent local customizations | ||
5 | include cantata.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.cache/cantata | ||
10 | noblacklist ${HOME}/.config/cantata | ||
11 | noblacklist ${HOME}/.local/share/cantata | ||
12 | noblacklist ${MUSIC} | ||
13 | |||
14 | noblacklist ${PATH}/perl | ||
15 | noblacklist /usr/lib/perl* | ||
16 | noblacklist /usr/share/perl* | ||
17 | |||
18 | include disable-common.inc | ||
19 | include disable-devel.inc | ||
20 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | ||
22 | include disable-passwdmgr.inc | ||
23 | include disable-programs.inc | ||
24 | include disable-xdg.inc | ||
25 | |||
26 | # apparmor | ||
27 | caps.drop all | ||
28 | ipc-namespace | ||
29 | netfilter | ||
30 | nonewprivs | ||
31 | noroot | ||
32 | nou2f | ||
33 | novideo | ||
34 | protocol unix,inet,inet6,netlink | ||
35 | seccomp | ||
36 | shell none | ||
37 | |||
38 | # private-etc samba,gcrypt,drirc,fonts,mpd.conf,kde5rc,passwd,xdg,hosts,ssl | ||
39 | private-bin cantata,mpd,perl | ||
40 | private-dev | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7de2a620f..cd0cb1f2e 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -128,6 +128,7 @@ blacklist ${HOME}/.config/brasero | |||
128 | blacklist ${HOME}/.config/brave | 128 | blacklist ${HOME}/.config/brave |
129 | blacklist ${HOME}/.config/caja | 129 | blacklist ${HOME}/.config/caja |
130 | blacklist ${HOME}/.config/calibre | 130 | blacklist ${HOME}/.config/calibre |
131 | blacklist ${HOME}/.config/cantata | ||
131 | blacklist ${HOME}/.config/catfish | 132 | blacklist ${HOME}/.config/catfish |
132 | blacklist ${HOME}/.config/celluloid | 133 | blacklist ${HOME}/.config/celluloid |
133 | blacklist ${HOME}/.config/cherrytree | 134 | blacklist ${HOME}/.config/cherrytree |
@@ -451,6 +452,7 @@ blacklist ${HOME}/.local/share/aspyr-media | |||
451 | blacklist ${HOME}/.local/share/baloo | 452 | blacklist ${HOME}/.local/share/baloo |
452 | blacklist ${HOME}/.local/share/bibletime | 453 | blacklist ${HOME}/.local/share/bibletime |
453 | blacklist ${HOME}/.local/share/caja-python | 454 | blacklist ${HOME}/.local/share/caja-python |
455 | blacklist ${HOME}/.local/share/cantata | ||
454 | blacklist ${HOME}/.local/share/cdprojektred | 456 | blacklist ${HOME}/.local/share/cdprojektred |
455 | blacklist ${HOME}/.local/share/clipit | 457 | blacklist ${HOME}/.local/share/clipit |
456 | blacklist ${HOME}/.local/share/contacts | 458 | blacklist ${HOME}/.local/share/contacts |
@@ -648,6 +650,7 @@ blacklist ${HOME}/.cache/attic | |||
648 | blacklist ${HOME}/.cache/bnox | 650 | blacklist ${HOME}/.cache/bnox |
649 | blacklist ${HOME}/.cache/borg | 651 | blacklist ${HOME}/.cache/borg |
650 | blacklist ${HOME}/.cache/calibre | 652 | blacklist ${HOME}/.cache/calibre |
653 | blacklist ${HOME}/.cache/cantata | ||
651 | blacklist ${HOME}/.cache/champlain | 654 | blacklist ${HOME}/.cache/champlain |
652 | blacklist ${HOME}/.cache/chromium | 655 | blacklist ${HOME}/.cache/chromium |
653 | blacklist ${HOME}/.cache/chromium-dev | 656 | blacklist ${HOME}/.cache/chromium-dev |
diff --git a/etc/keepassxc.profile b/etc/keepassxc.profile index 33b4509b7..c1adfd516 100644 --- a/etc/keepassxc.profile +++ b/etc/keepassxc.profile | |||
@@ -41,7 +41,7 @@ protocol netlink,unix | |||
41 | seccomp | 41 | seccomp |
42 | shell none | 42 | shell none |
43 | 43 | ||
44 | private-bin keepassxc | 44 | private-bin keepassxc,keepassxc-proxy |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,ld.so.cache,machine-id | 46 | private-etc alternatives,fonts,ld.so.cache,machine-id |
47 | private-tmp | 47 | private-tmp |
diff --git a/etc/pidgin.profile b/etc/pidgin.profile index 444478149..bdd5404f5 100644 --- a/etc/pidgin.profile +++ b/etc/pidgin.profile | |||
@@ -6,9 +6,7 @@ include pidgin.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | mkdir ${HOME}/.purple | ||
10 | noblacklist ${HOME}/.purple | 9 | noblacklist ${HOME}/.purple |
11 | whitelist ${HOME}/.purple | ||
12 | 10 | ||
13 | ignore noexec ${RUNUSER} | 11 | ignore noexec ${RUNUSER} |
14 | ignore noexec /dev/shm | 12 | ignore noexec /dev/shm |
@@ -20,6 +18,9 @@ include disable-interpreters.inc | |||
20 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 19 | include disable-programs.inc |
22 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | |||
22 | mkdir ${HOME}/.purple | ||
23 | whitelist ${HOME}/.purple | ||
23 | include whitelist-common.inc | 24 | include whitelist-common.inc |
24 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
25 | 26 | ||
diff --git a/etc/xiphos.profile b/etc/xiphos.profile index 3ad03e2c6..33056395e 100644 --- a/etc/xiphos.profile +++ b/etc/xiphos.profile | |||
@@ -13,6 +13,7 @@ noblacklist ${HOME}/.xiphos | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 19 | include disable-programs.inc |
@@ -20,8 +21,11 @@ include disable-programs.inc | |||
20 | whitelist ${HOME}/.sword | 21 | whitelist ${HOME}/.sword |
21 | whitelist ${HOME}/.xiphos | 22 | whitelist ${HOME}/.xiphos |
22 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-var-common.inc | ||
23 | 25 | ||
26 | apparmor | ||
24 | caps.drop all | 27 | caps.drop all |
28 | machine-id | ||
25 | netfilter | 29 | netfilter |
26 | nodvd | 30 | nodvd |
27 | nogroups | 31 | nogroups |
@@ -36,7 +40,9 @@ seccomp | |||
36 | shell none | 40 | shell none |
37 | tracelog | 41 | tracelog |
38 | 42 | ||
43 | disable-mnt | ||
39 | private-bin xiphos | 44 | private-bin xiphos |
45 | private-cache | ||
40 | private-dev | 46 | private-dev |
41 | private-etc alternatives,fonts,resolv.conf,sword,ca-certificates,ssl,pki,crypto-policies | 47 | private-etc alternatives,fonts,resolv.conf,sword,ca-certificates,ssli,sword.conf,pki,crypto-policies |
42 | private-tmp | 48 | private-tmp |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 2d4902b91..aba0e9f60 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -92,6 +92,7 @@ calligraplanwork | |||
92 | calligrasheets | 92 | calligrasheets |
93 | calligrastage | 93 | calligrastage |
94 | calligrawords | 94 | calligrawords |
95 | cantata | ||
95 | catfish | 96 | catfish |
96 | celluloid | 97 | celluloid |
97 | checkbashisms | 98 | checkbashisms |
diff --git a/src/firejail/dbus.c b/src/firejail/dbus.c index 94d872ca5..b856ff809 100644 --- a/src/firejail/dbus.c +++ b/src/firejail/dbus.c | |||
@@ -19,7 +19,7 @@ | |||
19 | */ | 19 | */ |
20 | #include "firejail.h" | 20 | #include "firejail.h" |
21 | 21 | ||
22 | void dbus_session_disable(void) { | 22 | void dbus_disable(void) { |
23 | if (!checkcfg(CFG_DBUS)) { | 23 | if (!checkcfg(CFG_DBUS)) { |
24 | fwarning("D-Bus handling is disabled in Firejail configuration file\n"); | 24 | fwarning("D-Bus handling is disabled in Firejail configuration file\n"); |
25 | return; | 25 | return; |
@@ -43,12 +43,17 @@ void dbus_session_disable(void) { | |||
43 | free(path); | 43 | free(path); |
44 | free(env_var); | 44 | free(env_var); |
45 | 45 | ||
46 | |||
46 | // blacklist the dbus-launch user directory | 47 | // blacklist the dbus-launch user directory |
47 | if (asprintf(&path, "%s/.dbus", cfg.homedir) == -1) | 48 | if (asprintf(&path, "%s/.dbus", cfg.homedir) == -1) |
48 | errExit("asprintf"); | 49 | errExit("asprintf"); |
49 | disable_file_or_dir(path); | 50 | disable_file_or_dir(path); |
50 | free(path); | 51 | free(path); |
51 | 52 | ||
53 | // blacklist also system D-Bus socket | ||
54 | disable_file_or_dir("/run/dbus/system_bus_socket"); | ||
55 | |||
56 | |||
52 | // look for a possible abstract unix socket | 57 | // look for a possible abstract unix socket |
53 | 58 | ||
54 | // --net=none | 59 | // --net=none |
diff --git a/src/firejail/env.c b/src/firejail/env.c index 2e9f516ba..f15e1362f 100644 --- a/src/firejail/env.c +++ b/src/firejail/env.c | |||
@@ -160,6 +160,11 @@ void env_defaults(void) { | |||
160 | // set the window title | 160 | // set the window title |
161 | if (!arg_quiet) | 161 | if (!arg_quiet) |
162 | printf("\033]0;firejail %s\007", cfg.window_title); | 162 | printf("\033]0;firejail %s\007", cfg.window_title); |
163 | |||
164 | // pass --quiet as an environment variable, in case the command calls further firejailed commands | ||
165 | if (arg_quiet) | ||
166 | setenv("FIREJAIL_QUIET", "yes", 1); | ||
167 | |||
163 | fflush(0); | 168 | fflush(0); |
164 | } | 169 | } |
165 | 170 | ||
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 2e04084e3..e0f3a6a16 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -782,6 +782,6 @@ void set_x11_run_file(pid_t pid, int display); | |||
782 | void set_profile_run_file(pid_t pid, const char *fname); | 782 | void set_profile_run_file(pid_t pid, const char *fname); |
783 | 783 | ||
784 | // dbus.c | 784 | // dbus.c |
785 | void dbus_session_disable(void); | 785 | void dbus_disable(void); |
786 | 786 | ||
787 | #endif | 787 | #endif |
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index f9d968427..bf7c0a4b2 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -27,7 +27,11 @@ | |||
27 | #include <glob.h> | 27 | #include <glob.h> |
28 | #include <dirent.h> | 28 | #include <dirent.h> |
29 | #include <errno.h> | 29 | #include <errno.h> |
30 | |||
30 | #include <fcntl.h> | 31 | #include <fcntl.h> |
32 | #ifndef O_PATH | ||
33 | # define O_PATH 010000000 | ||
34 | #endif | ||
31 | 35 | ||
32 | #define MAX_BUF 4096 | 36 | #define MAX_BUF 4096 |
33 | #define EMPTY_STRING ("") | 37 | #define EMPTY_STRING ("") |
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index e35bf073d..b44d09acc 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -22,7 +22,6 @@ | |||
22 | #include <linux/limits.h> | 22 | #include <linux/limits.h> |
23 | #include <glob.h> | 23 | #include <glob.h> |
24 | #include <dirent.h> | 24 | #include <dirent.h> |
25 | #include <fcntl.h> | ||
26 | #include <errno.h> | 25 | #include <errno.h> |
27 | #include <sys/stat.h> | 26 | #include <sys/stat.h> |
28 | #include <sys/types.h> | 27 | #include <sys/types.h> |
@@ -31,6 +30,11 @@ | |||
31 | #include <grp.h> | 30 | #include <grp.h> |
32 | //#include <ftw.h> | 31 | //#include <ftw.h> |
33 | 32 | ||
33 | #include <fcntl.h> | ||
34 | #ifndef O_PATH | ||
35 | # define O_PATH 010000000 | ||
36 | #endif | ||
37 | |||
34 | static void skel(const char *homedir, uid_t u, gid_t g) { | 38 | static void skel(const char *homedir, uid_t u, gid_t g) { |
35 | char *fname; | 39 | char *fname; |
36 | 40 | ||
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index d128065d3..bce44b9e5 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -24,9 +24,13 @@ | |||
24 | #include <fnmatch.h> | 24 | #include <fnmatch.h> |
25 | #include <glob.h> | 25 | #include <glob.h> |
26 | #include <dirent.h> | 26 | #include <dirent.h> |
27 | #include <fcntl.h> | ||
28 | #include <errno.h> | 27 | #include <errno.h> |
29 | 28 | ||
29 | #include <fcntl.h> | ||
30 | #ifndef O_PATH | ||
31 | # define O_PATH 010000000 | ||
32 | #endif | ||
33 | |||
30 | // mountinfo functionality test; | 34 | // mountinfo functionality test; |
31 | // 1. enable TEST_MOUNTINFO definition | 35 | // 1. enable TEST_MOUNTINFO definition |
32 | // 2. run firejail --whitelist=/any/directory | 36 | // 2. run firejail --whitelist=/any/directory |
diff --git a/src/firejail/main.c b/src/firejail/main.c index ece4c2cb5..f3dc72944 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -907,7 +907,8 @@ int main(int argc, char **argv) { | |||
907 | 907 | ||
908 | // get starting timestamp, process --quiet | 908 | // get starting timestamp, process --quiet |
909 | start_timestamp = getticks(); | 909 | start_timestamp = getticks(); |
910 | if (check_arg(argc, argv, "--quiet", 1)) | 910 | char *env_quiet = getenv("FIREJAIL_QUIET"); |
911 | if (check_arg(argc, argv, "--quiet", 1) || (env_quiet && strcmp(env_quiet, "yes") == 0)) | ||
911 | arg_quiet = 1; | 912 | arg_quiet = 1; |
912 | 913 | ||
913 | // cleanup at exit | 914 | // cleanup at exit |
diff --git a/src/firejail/mountinfo.c b/src/firejail/mountinfo.c index 0717b2044..7369ad247 100644 --- a/src/firejail/mountinfo.c +++ b/src/firejail/mountinfo.c | |||
@@ -19,7 +19,11 @@ | |||
19 | */ | 19 | */ |
20 | 20 | ||
21 | #include "firejail.h" | 21 | #include "firejail.h" |
22 | |||
22 | #include <fcntl.h> | 23 | #include <fcntl.h> |
24 | #ifndef O_PATH | ||
25 | # define O_PATH 010000000 | ||
26 | #endif | ||
23 | 27 | ||
24 | #define MAX_BUF 4096 | 28 | #define MAX_BUF 4096 |
25 | 29 | ||
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index 26beaf35a..e3f237b8e 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -24,7 +24,11 @@ | |||
24 | #include <sys/mount.h> | 24 | #include <sys/mount.h> |
25 | #include <dirent.h> | 25 | #include <dirent.h> |
26 | #include <sys/wait.h> | 26 | #include <sys/wait.h> |
27 | |||
27 | #include <fcntl.h> | 28 | #include <fcntl.h> |
29 | #ifndef O_PATH | ||
30 | # define O_PATH 010000000 | ||
31 | #endif | ||
28 | 32 | ||
29 | // disable pulseaudio socket | 33 | // disable pulseaudio socket |
30 | void pulseaudio_disable(void) { | 34 | void pulseaudio_disable(void) { |
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 101a16d00..9f0a5f25c 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -923,7 +923,7 @@ int sandbox(void* sandbox_arg) { | |||
923 | // Session D-BUS | 923 | // Session D-BUS |
924 | //**************************** | 924 | //**************************** |
925 | if (arg_nodbus) | 925 | if (arg_nodbus) |
926 | dbus_session_disable(); | 926 | dbus_disable(); |
927 | 927 | ||
928 | 928 | ||
929 | //**************************** | 929 | //**************************** |
diff --git a/src/firejail/util.c b/src/firejail/util.c index 3e2cd13d5..fff0bbf2f 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -29,7 +29,11 @@ | |||
29 | #include <sys/ioctl.h> | 29 | #include <sys/ioctl.h> |
30 | #include <termios.h> | 30 | #include <termios.h> |
31 | #include <sys/wait.h> | 31 | #include <sys/wait.h> |
32 | |||
32 | #include <fcntl.h> | 33 | #include <fcntl.h> |
34 | #ifndef O_PATH | ||
35 | # define O_PATH 010000000 | ||
36 | #endif | ||
33 | 37 | ||
34 | #define MAX_GROUPS 1024 | 38 | #define MAX_GROUPS 1024 |
35 | #define MAXBUF 4098 | 39 | #define MAXBUF 4098 |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index b0ed10b30..9d821d980 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -31,7 +31,11 @@ | |||
31 | #include <sys/wait.h> | 31 | #include <sys/wait.h> |
32 | #include <errno.h> | 32 | #include <errno.h> |
33 | #include <limits.h> | 33 | #include <limits.h> |
34 | |||
34 | #include <fcntl.h> | 35 | #include <fcntl.h> |
36 | #ifndef O_PATH | ||
37 | # define O_PATH 010000000 | ||
38 | #endif | ||
35 | 39 | ||
36 | 40 | ||
37 | // Parse the DISPLAY environment variable and return a display number. | 41 | // Parse the DISPLAY environment variable and return a display number. |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 1b56dedcd..8f6948ef4 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1107,9 +1107,11 @@ $ nc dict.org 2628 | |||
1107 | .br | 1107 | .br |
1108 | .TP | 1108 | .TP |
1109 | \fB\-\-nodbus | 1109 | \fB\-\-nodbus |
1110 | Disable D-Bus access. Only the regular UNIX socket is handled by this command. To | 1110 | Disable D-Bus access (both system and session buses). Only the regular |
1111 | disable the abstract socket you would need to request a new network namespace using | 1111 | UNIX sockets are handled by this command. To disable the abstract |
1112 | \-\-net command. Another option is to remove unix from \-\-protocol set. | 1112 | sockets you would need to request a new network namespace using |
1113 | \-\-net command. Another option is to remove unix from \-\-protocol | ||
1114 | set. | ||
1113 | .br | 1115 | .br |
1114 | 1116 | ||
1115 | .br | 1117 | .br |