diff options
Diffstat (limited to 'etc/firejail.config')
| -rw-r--r-- | etc/firejail.config | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index f5b3d5efa..aec152b85 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
| @@ -63,7 +63,7 @@ | |||
| 63 | # a file argument, the default filter is hardcoded (see man 1 firejail). This | 63 | # a file argument, the default filter is hardcoded (see man 1 firejail). This |
| 64 | # configuration entry allows the user to change the default by specifying | 64 | # configuration entry allows the user to change the default by specifying |
| 65 | # a file containing the filter configuration. The filter file format is the | 65 | # a file containing the filter configuration. The filter file format is the |
| 66 | # format of iptables-save and iptable-restore commands. Example: | 66 | # format of iptables-save and iptables-restore commands. Example: |
| 67 | # netfilter-default /etc/iptables.iptables.rules | 67 | # netfilter-default /etc/iptables.iptables.rules |
| 68 | 68 | ||
| 69 | # Enable or disable networking features, default enabled. | 69 | # Enable or disable networking features, default enabled. |
| @@ -113,15 +113,16 @@ | |||
| 113 | # Enable or disable seccomp support, default enabled. | 113 | # Enable or disable seccomp support, default enabled. |
| 114 | # seccomp yes | 114 | # seccomp yes |
| 115 | 115 | ||
| 116 | # Add rules to the default seccomp filter. Same syntax as for --seccomp= | ||
| 117 | # None by default; this is an example. | ||
| 118 | # seccomp-filter-add !chroot,kcmp,mincore | ||
| 119 | |||
| 116 | # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) | 120 | # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) |
| 117 | # seccomp-error-action EPERM | 121 | # seccomp-error-action EPERM |
| 118 | 122 | ||
| 119 | # Enable or disable user namespace support, default enabled. | 123 | # Enable or disable user namespace support, default enabled. |
| 120 | # userns yes | 124 | # userns yes |
| 121 | 125 | ||
| 122 | # Enable or disable whitelisting support, default enabled. | ||
| 123 | # whitelist yes | ||
| 124 | |||
| 125 | # Disable whitelist top level directories, in addition to those | 126 | # Disable whitelist top level directories, in addition to those |
| 126 | # that are disabled out of the box. None by default; this is an example. | 127 | # that are disabled out of the box. None by default; this is an example. |
| 127 | # whitelist-disable-topdir /etc,/usr/etc | 128 | # whitelist-disable-topdir /etc,/usr/etc |