diff options
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/xmr-stak.profile (renamed from etc/xmr-stak-cpu.profile) | 18 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 2 |
3 files changed, 12 insertions, 9 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 8cfcaa838..6288f14e2 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -453,6 +453,7 @@ blacklist ${HOME}/.wireshark | |||
453 | blacklist ${HOME}/.wine64 | 453 | blacklist ${HOME}/.wine64 |
454 | blacklist ${HOME}/.xiphos | 454 | blacklist ${HOME}/.xiphos |
455 | blacklist ${HOME}/.xmms | 455 | blacklist ${HOME}/.xmms |
456 | blacklist ${HOME}/.xmr-stak | ||
456 | blacklist ${HOME}/.xonotic | 457 | blacklist ${HOME}/.xonotic |
457 | blacklist ${HOME}/.xpdfrc | 458 | blacklist ${HOME}/.xpdfrc |
458 | blacklist ${HOME}/.zoom | 459 | blacklist ${HOME}/.zoom |
diff --git a/etc/xmr-stak-cpu.profile b/etc/xmr-stak.profile index 9cc6e0c1f..151a4c694 100644 --- a/etc/xmr-stak-cpu.profile +++ b/etc/xmr-stak.profile | |||
@@ -1,22 +1,24 @@ | |||
1 | # Firejail profile for xmr-stak-cpu | 1 | # Firejail profile for xmr-stak |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include /etc/firejail/xmr-stak-cpu.local | 4 | include /etc/firejail/xmr-stak.local |
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.xmr-stak | ||
9 | noblacklist /usr/lib/llvm* | ||
8 | 10 | ||
9 | include /etc/firejail/disable-common.inc | 11 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-devel.inc | 12 | include /etc/firejail/disable-devel.inc |
11 | include /etc/firejail/disable-passwdmgr.inc | 13 | include /etc/firejail/disable-passwdmgr.inc |
12 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
13 | 15 | ||
16 | mkdir ${HOME}/.xmr-stak | ||
14 | include /etc/firejail/whitelist-var-common.inc | 17 | include /etc/firejail/whitelist-var-common.inc |
15 | 18 | ||
16 | caps.drop all | 19 | caps.drop all |
17 | ipc-namespace | 20 | ipc-namespace |
18 | netfilter | 21 | netfilter |
19 | no3d | ||
20 | nodvd | 22 | nodvd |
21 | nogroups | 23 | nogroups |
22 | nonewprivs | 24 | nonewprivs |
@@ -29,12 +31,12 @@ seccomp | |||
29 | shell none | 31 | shell none |
30 | 32 | ||
31 | disable-mnt | 33 | disable-mnt |
32 | private | 34 | private ${HOME}/.xmr-stak |
33 | private-bin xmr-stak-cpu | 35 | private-bin xmr-stak |
34 | private-dev | 36 | private-dev |
35 | private-etc xmr-stak-cpu.json | 37 | private-etc ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl |
36 | private-lib | 38 | #private-lib libxmrstak_opencl_backend,libxmrstak_cuda_backend |
37 | private-opt none | 39 | private-opt cuda |
38 | private-tmp | 40 | private-tmp |
39 | 41 | ||
40 | memory-deny-write-execute | 42 | memory-deny-write-execute |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 1cd9d9c1f..aff20d998 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -393,7 +393,7 @@ xfce4-dict | |||
393 | xfce4-notes | 393 | xfce4-notes |
394 | xiphos | 394 | xiphos |
395 | xmms | 395 | xmms |
396 | xmr-stak-cpu | 396 | xmr-stak |
397 | xonotic | 397 | xonotic |
398 | xonotic-glx | 398 | xonotic-glx |
399 | xonotic-sdl | 399 | xonotic-sdl |