diff options
-rw-r--r-- | etc/atril.profile | 1 | ||||
-rw-r--r-- | etc/deluge.profile | 1 | ||||
-rw-r--r-- | etc/evince.profile | 1 | ||||
-rw-r--r-- | etc/firefox.profile | 3 | ||||
-rw-r--r-- | etc/ktorrent.profile | 1 | ||||
-rw-r--r-- | etc/mupdf.profile | 1 | ||||
-rw-r--r-- | etc/okular.profile | 1 | ||||
-rw-r--r-- | etc/pdfmod.profile | 1 | ||||
-rw-r--r-- | etc/pdfsam.profile | 1 | ||||
-rw-r--r-- | etc/pdftotext.profile | 1 | ||||
-rw-r--r-- | etc/qpdfview.profile | 1 | ||||
-rw-r--r-- | etc/rtorrent.profile | 1 | ||||
-rw-r--r-- | etc/tor.profile | 1 | ||||
-rw-r--r-- | etc/transmission-cli.profile | 1 | ||||
-rw-r--r-- | etc/transmission-gtk.profile | 1 | ||||
-rw-r--r-- | etc/transmission-qt.profile | 1 | ||||
-rw-r--r-- | etc/transmission-show.profile | 1 | ||||
-rw-r--r-- | etc/xpdf.profile | 1 |
18 files changed, 19 insertions, 1 deletions
diff --git a/etc/atril.profile b/etc/atril.profile index 81d9e50d0..e13618c0b 100644 --- a/etc/atril.profile +++ b/etc/atril.profile | |||
@@ -18,6 +18,7 @@ include /etc/firejail/disable-programs.inc | |||
18 | include /etc/firejail/whitelist-var-common.inc | 18 | include /etc/firejail/whitelist-var-common.inc |
19 | 19 | ||
20 | caps.drop all | 20 | caps.drop all |
21 | machine-id | ||
21 | no3d | 22 | no3d |
22 | nodvd | 23 | nodvd |
23 | nogroups | 24 | nogroups |
diff --git a/etc/deluge.profile b/etc/deluge.profile index 5ec849331..1031438eb 100644 --- a/etc/deluge.profile +++ b/etc/deluge.profile | |||
@@ -19,6 +19,7 @@ include /etc/firejail/whitelist-common.inc | |||
19 | include /etc/firejail/whitelist-var-common.inc | 19 | include /etc/firejail/whitelist-var-common.inc |
20 | 20 | ||
21 | caps.drop all | 21 | caps.drop all |
22 | machine-id | ||
22 | netfilter | 23 | netfilter |
23 | nodvd | 24 | nodvd |
24 | nonewprivs | 25 | nonewprivs |
diff --git a/etc/evince.profile b/etc/evince.profile index 7118d3c08..679aac08a 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -17,6 +17,7 @@ include /etc/firejail/disable-programs.inc | |||
17 | include /etc/firejail/whitelist-var-common.inc | 17 | include /etc/firejail/whitelist-var-common.inc |
18 | 18 | ||
19 | caps.drop all | 19 | caps.drop all |
20 | machine-id | ||
20 | # net none breaks AppArmor on Ubuntu systems | 21 | # net none breaks AppArmor on Ubuntu systems |
21 | netfilter | 22 | netfilter |
22 | no3d | 23 | no3d |
diff --git a/etc/firefox.profile b/etc/firefox.profile index c2e7f43f1..a8a9e014e 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -70,7 +70,8 @@ include /etc/firejail/whitelist-common.inc | |||
70 | include /etc/firejail/whitelist-var-common.inc | 70 | include /etc/firejail/whitelist-var-common.inc |
71 | 71 | ||
72 | caps.drop all | 72 | caps.drop all |
73 | machine-id | 73 | # machine-id breaks pulse audio; if shoud work fine in setups where sound is not required |
74 | #machine-id | ||
74 | netfilter | 75 | netfilter |
75 | nodvd | 76 | nodvd |
76 | nogroups | 77 | nogroups |
diff --git a/etc/ktorrent.profile b/etc/ktorrent.profile index 5ea09f925..697abf0f5 100644 --- a/etc/ktorrent.profile +++ b/etc/ktorrent.profile | |||
@@ -34,6 +34,7 @@ include /etc/firejail/whitelist-common.inc | |||
34 | include /etc/firejail/whitelist-var-common.inc | 34 | include /etc/firejail/whitelist-var-common.inc |
35 | 35 | ||
36 | caps.drop all | 36 | caps.drop all |
37 | machine-id | ||
37 | netfilter | 38 | netfilter |
38 | no3d | 39 | no3d |
39 | nodvd | 40 | nodvd |
diff --git a/etc/mupdf.profile b/etc/mupdf.profile index a3955b298..9e04c3a81 100644 --- a/etc/mupdf.profile +++ b/etc/mupdf.profile | |||
@@ -15,6 +15,7 @@ include /etc/firejail/disable-programs.inc | |||
15 | include /etc/firejail/whitelist-var-common.inc | 15 | include /etc/firejail/whitelist-var-common.inc |
16 | 16 | ||
17 | caps.drop all | 17 | caps.drop all |
18 | machine-id | ||
18 | net none | 19 | net none |
19 | nodvd | 20 | nodvd |
20 | nogroups | 21 | nogroups |
diff --git a/etc/okular.profile b/etc/okular.profile index fda27dfae..e71cd1880 100644 --- a/etc/okular.profile +++ b/etc/okular.profile | |||
@@ -25,6 +25,7 @@ include /etc/firejail/disable-programs.inc | |||
25 | include /etc/firejail/whitelist-var-common.inc | 25 | include /etc/firejail/whitelist-var-common.inc |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
28 | machine-id | ||
28 | # net none | 29 | # net none |
29 | netfilter | 30 | netfilter |
30 | nodvd | 31 | nodvd |
diff --git a/etc/pdfmod.profile b/etc/pdfmod.profile index 059d6660b..8ac09dcdc 100644 --- a/etc/pdfmod.profile +++ b/etc/pdfmod.profile | |||
@@ -19,6 +19,7 @@ include /etc/firejail/whitelist-var-common.inc | |||
19 | 19 | ||
20 | caps.drop all | 20 | caps.drop all |
21 | ipc-namespace | 21 | ipc-namespace |
22 | machine-id | ||
22 | net none | 23 | net none |
23 | no3d | 24 | no3d |
24 | nodvd | 25 | nodvd |
diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile index 3611de8a0..c1515ab73 100644 --- a/etc/pdfsam.profile +++ b/etc/pdfsam.profile | |||
@@ -15,6 +15,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
15 | include /etc/firejail/disable-programs.inc | 15 | include /etc/firejail/disable-programs.inc |
16 | 16 | ||
17 | caps.drop all | 17 | caps.drop all |
18 | machine-id | ||
18 | net none | 19 | net none |
19 | no3d | 20 | no3d |
20 | nodvd | 21 | nodvd |
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile index 9e4f7d4f2..736faa5ea 100644 --- a/etc/pdftotext.profile +++ b/etc/pdftotext.profile | |||
@@ -16,6 +16,7 @@ include /etc/firejail/disable-programs.inc | |||
16 | include /etc/firejail/whitelist-var-common.inc | 16 | include /etc/firejail/whitelist-var-common.inc |
17 | 17 | ||
18 | caps.drop all | 18 | caps.drop all |
19 | machine-id | ||
19 | net none | 20 | net none |
20 | no3d | 21 | no3d |
21 | nodvd | 22 | nodvd |
diff --git a/etc/qpdfview.profile b/etc/qpdfview.profile index 09c18d90d..36ce0cda6 100644 --- a/etc/qpdfview.profile +++ b/etc/qpdfview.profile | |||
@@ -16,6 +16,7 @@ include /etc/firejail/disable-programs.inc | |||
16 | include /etc/firejail/whitelist-var-common.inc | 16 | include /etc/firejail/whitelist-var-common.inc |
17 | 17 | ||
18 | caps.drop all | 18 | caps.drop all |
19 | machine-id | ||
19 | nodvd | 20 | nodvd |
20 | nogroups | 21 | nogroups |
21 | nonewprivs | 22 | nonewprivs |
diff --git a/etc/rtorrent.profile b/etc/rtorrent.profile index c18a1b06c..413ea1ac9 100644 --- a/etc/rtorrent.profile +++ b/etc/rtorrent.profile | |||
@@ -12,6 +12,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
12 | include /etc/firejail/disable-programs.inc | 12 | include /etc/firejail/disable-programs.inc |
13 | 13 | ||
14 | caps.drop all | 14 | caps.drop all |
15 | machine-id | ||
15 | netfilter | 16 | netfilter |
16 | nodvd | 17 | nodvd |
17 | nonewprivs | 18 | nonewprivs |
diff --git a/etc/tor.profile b/etc/tor.profile index fcb123eef..bd129ae29 100644 --- a/etc/tor.profile +++ b/etc/tor.profile | |||
@@ -23,6 +23,7 @@ include /etc/firejail/disable-programs.inc | |||
23 | 23 | ||
24 | caps.keep setuid,setgid,net_bind_service,dac_read_search | 24 | caps.keep setuid,setgid,net_bind_service,dac_read_search |
25 | ipc-namespace | 25 | ipc-namespace |
26 | machine-id | ||
26 | netfilter | 27 | netfilter |
27 | no3d | 28 | no3d |
28 | nodvd | 29 | nodvd |
diff --git a/etc/transmission-cli.profile b/etc/transmission-cli.profile index c7446ed68..867716ab3 100644 --- a/etc/transmission-cli.profile +++ b/etc/transmission-cli.profile | |||
@@ -14,6 +14,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
14 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
15 | 15 | ||
16 | caps.drop all | 16 | caps.drop all |
17 | machine-id | ||
17 | netfilter | 18 | netfilter |
18 | nodvd | 19 | nodvd |
19 | nonewprivs | 20 | nonewprivs |
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index dac1c07b1..1c3d9a610 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile | |||
@@ -22,6 +22,7 @@ include /etc/firejail/whitelist-common.inc | |||
22 | include /etc/firejail/whitelist-var-common.inc | 22 | include /etc/firejail/whitelist-var-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
25 | machine-id | ||
25 | netfilter | 26 | netfilter |
26 | nodvd | 27 | nodvd |
27 | nonewprivs | 28 | nonewprivs |
diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 2d3ad0c7a..0fe124631 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile | |||
@@ -22,6 +22,7 @@ include /etc/firejail/whitelist-common.inc | |||
22 | include /etc/firejail/whitelist-var-common.inc | 22 | include /etc/firejail/whitelist-var-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
25 | machine-id | ||
25 | netfilter | 26 | netfilter |
26 | nodvd | 27 | nodvd |
27 | nonewprivs | 28 | nonewprivs |
diff --git a/etc/transmission-show.profile b/etc/transmission-show.profile index 86cbebc82..d8c6a59be 100644 --- a/etc/transmission-show.profile +++ b/etc/transmission-show.profile | |||
@@ -16,6 +16,7 @@ include /etc/firejail/disable-passwdmgr.inc | |||
16 | include /etc/firejail/disable-programs.inc | 16 | include /etc/firejail/disable-programs.inc |
17 | 17 | ||
18 | caps.drop all | 18 | caps.drop all |
19 | machine-id | ||
19 | net none | 20 | net none |
20 | nodvd | 21 | nodvd |
21 | nonewprivs | 22 | nonewprivs |
diff --git a/etc/xpdf.profile b/etc/xpdf.profile index 8b7774225..7b8042e5c 100644 --- a/etc/xpdf.profile +++ b/etc/xpdf.profile | |||
@@ -17,6 +17,7 @@ include /etc/firejail/disable-programs.inc | |||
17 | include /etc/firejail/whitelist-var-common.inc | 17 | include /etc/firejail/whitelist-var-common.inc |
18 | 18 | ||
19 | caps.drop all | 19 | caps.drop all |
20 | machine-id | ||
20 | net none | 21 | net none |
21 | no3d | 22 | no3d |
22 | nodvd | 23 | nodvd |