aboutsummaryrefslogtreecommitdiffstats
path: root/etc/akregator.profile
diff options
context:
space:
mode:
Diffstat (limited to 'etc/akregator.profile')
-rw-r--r--etc/akregator.profile4
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/akregator.profile b/etc/akregator.profile
index 19da62916..1b8807757 100644
--- a/etc/akregator.profile
+++ b/etc/akregator.profile
@@ -20,7 +20,6 @@ whitelist ${HOME}/.config/akregatorrc
20whitelist ${HOME}/.local/share/akregator 20whitelist ${HOME}/.local/share/akregator
21whitelist ${HOME}/.local/share/kssl 21whitelist ${HOME}/.local/share/kssl
22include /etc/firejail/whitelist-common.inc 22include /etc/firejail/whitelist-common.inc
23
24include /etc/firejail/whitelist-var-common.inc 23include /etc/firejail/whitelist-var-common.inc
25 24
26caps.drop all 25caps.drop all
@@ -33,7 +32,8 @@ noroot
33notv 32notv
34novideo 33novideo
35protocol unix,inet,inet6,netlink 34protocol unix,inet,inet6,netlink
36seccomp 35# chroot syscalls are needed for setting up the built-in sandbox
36seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
37shell none 37shell none
38 38
39disable-mnt 39disable-mnt
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 20:30:05 +0000