diff options
-rw-r--r-- | README | 1 | ||||
-rw-r--r-- | etc/brackets.profile | 2 | ||||
-rw-r--r-- | etc/dig.profile | 3 | ||||
-rw-r--r-- | etc/enpass.profile | 2 | ||||
-rw-r--r-- | etc/mpd.profile | 4 | ||||
-rw-r--r-- | etc/tar.profile | 3 | ||||
-rw-r--r-- | etc/whois.profile | 3 |
7 files changed, 14 insertions, 4 deletions
@@ -278,6 +278,7 @@ glitsj16 (https://github.com/glitsj16) | |||
278 | - spelling fixes | 278 | - spelling fixes |
279 | - bitblbee profile fixes | 279 | - bitblbee profile fixes |
280 | - fix firefox common addons | 280 | - fix firefox common addons |
281 | - many profile fixes | ||
281 | - profile fixes: file, strings, claws-mail, | 282 | - profile fixes: file, strings, claws-mail, |
282 | - new profiles: QMediathekView, aria2c, Authenticator, checkbashisms | 283 | - new profiles: QMediathekView, aria2c, Authenticator, checkbashisms |
283 | - new profiles: devilspie, devilspie2, easystroke, github-desktop, min | 284 | - new profiles: devilspie, devilspie2, easystroke, github-desktop, min |
diff --git a/etc/brackets.profile b/etc/brackets.profile index 1c03b2119..17e742d4b 100644 --- a/etc/brackets.profile +++ b/etc/brackets.profile | |||
@@ -24,7 +24,7 @@ notv | |||
24 | nou2f | 24 | nou2f |
25 | novideo | 25 | novideo |
26 | protocol unix,inet,inet6,netlink | 26 | protocol unix,inet,inet6,netlink |
27 | seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplic | 27 | seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice |
28 | shell none | 28 | shell none |
29 | 29 | ||
30 | private-cache | 30 | private-cache |
diff --git a/etc/dig.profile b/etc/dig.profile index a27ae6be4..e3f25f26e 100644 --- a/etc/dig.profile +++ b/etc/dig.profile | |||
@@ -1,5 +1,6 @@ | |||
1 | quiet | ||
2 | # Firejail profile for dig | 1 | # Firejail profile for dig |
2 | # Description: DNS lookup utility | ||
3 | quiet | ||
3 | # This file is overwritten after every install/update | 4 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 5 | # Persistent local customizations |
5 | include dig.local | 6 | include dig.local |
diff --git a/etc/enpass.profile b/etc/enpass.profile index 3208c9454..5e461bc43 100644 --- a/etc/enpass.profile +++ b/etc/enpass.profile | |||
@@ -1,3 +1,5 @@ | |||
1 | # Firejail profile for enpass | ||
2 | # Description: A multiplatform password manager | ||
1 | # This file is overwritten after every install/update. | 3 | # This file is overwritten after every install/update. |
2 | # Persistent local customisations | 4 | # Persistent local customisations |
3 | include enpass.local | 5 | include enpass.local |
diff --git a/etc/mpd.profile b/etc/mpd.profile index 4f0977c40..e06b83aa9 100644 --- a/etc/mpd.profile +++ b/etc/mpd.profile | |||
@@ -28,7 +28,9 @@ notv | |||
28 | nou2f | 28 | nou2f |
29 | novideo | 29 | novideo |
30 | protocol unix,inet,inet6 | 30 | protocol unix,inet,inet6 |
31 | seccomp | 31 | # blacklisting of ioprio_set system calls breaks auto-updating of |
32 | # MPD's database when files in music_directory are changed | ||
33 | seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice | ||
32 | shell none | 34 | shell none |
33 | 35 | ||
34 | #private-bin mpd,bash | 36 | #private-bin mpd,bash |
diff --git a/etc/tar.profile b/etc/tar.profile index cbf421914..9a5f00f65 100644 --- a/etc/tar.profile +++ b/etc/tar.profile | |||
@@ -29,4 +29,7 @@ private-dev | |||
29 | private-etc passwd,group,localtime | 29 | private-etc passwd,group,localtime |
30 | private-lib | 30 | private-lib |
31 | 31 | ||
32 | # Debian based distributions need this for 'dpkg --unpack' (incl. synaptic) | ||
33 | writable-var | ||
34 | |||
32 | include default.profile | 35 | include default.profile |
diff --git a/etc/whois.profile b/etc/whois.profile index 368f8b5bb..78236c02f 100644 --- a/etc/whois.profile +++ b/etc/whois.profile | |||
@@ -1,5 +1,6 @@ | |||
1 | quiet | ||
2 | # Firejail profile for whois | 1 | # Firejail profile for whois |
2 | # Description: Intelligent WHOIS client | ||
3 | quiet | ||
3 | # This file is overwritten after every install/update | 4 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 5 | # Persistent local customizations |
5 | include whois.local | 6 | include whois.local |