diff options
Diffstat (limited to 'etc/Xvfb.profile')
-rw-r--r-- | etc/Xvfb.profile | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/etc/Xvfb.profile b/etc/Xvfb.profile index ed07485d6..3580f8336 100644 --- a/etc/Xvfb.profile +++ b/etc/Xvfb.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | # | 9 | # |
10 | # This profile will sandbox Xvfb server itself when used with firejail --x11=xvfb. | 10 | # This profile will sandbox Xvfb server itself when used with firejail --x11=xvfb. |
11 | # The target program is sandboxed with its own profile. By default the this functionality | 11 | # The target program is sandboxed with its own profile. By default the this functionality |
12 | # is disabled. To enable it, create a firejail-Xvfb symlink in /usr/local/bin: | 12 | # is disabled. To enable it, create a firejail-Xvfb symlink in /usr/local/bin: |
13 | # | 13 | # |
14 | # $ sudo ln -s /usr/bin/firejail /usr/local/bin/Xvfb | 14 | # $ sudo ln -s /usr/bin/firejail /usr/local/bin/Xvfb |
15 | # | 15 | # |
@@ -17,8 +17,6 @@ include globals.local | |||
17 | # some Linux distributions. Also, older versions of Xpra use Xvfb. | 17 | # some Linux distributions. Also, older versions of Xpra use Xvfb. |
18 | # | 18 | # |
19 | 19 | ||
20 | blacklist /media | ||
21 | |||
22 | whitelist /var/lib/xkb | 20 | whitelist /var/lib/xkb |
23 | include whitelist-common.inc | 21 | include whitelist-common.inc |
24 | 22 | ||
@@ -36,6 +34,7 @@ protocol unix | |||
36 | seccomp | 34 | seccomp |
37 | shell none | 35 | shell none |
38 | 36 | ||
37 | disable-mnt | ||
39 | # using a private home directory | 38 | # using a private home directory |
40 | private | 39 | private |
41 | # private-bin Xvfb,sh,xkbcomp | 40 | # private-bin Xvfb,sh,xkbcomp |