diff options
Diffstat (limited to 'etc/ids.config')
-rw-r--r-- | etc/ids.config | 142 |
1 files changed, 142 insertions, 0 deletions
diff --git a/etc/ids.config b/etc/ids.config new file mode 100644 index 000000000..09b0ae912 --- /dev/null +++ b/etc/ids.config | |||
@@ -0,0 +1,142 @@ | |||
1 | # /etc/firejail/ids.config - configuration file for Firejail's Intrusion Detection System | ||
2 | # This config file is overwritten when a new version of Firejail is installed. | ||
3 | # For global customization use /etc/firejail/ids.config.local. | ||
4 | include ids.config.local | ||
5 | # | ||
6 | # Each line is a file or directory name such as | ||
7 | # /usr/bin | ||
8 | # or | ||
9 | # ${HOME}/Desktop/*.desktop | ||
10 | # | ||
11 | # ${HOME} is expanded to the user's home directory, and * is the regular | ||
12 | # globbing match for zero or more characters. | ||
13 | # | ||
14 | # File or directory names starting with ! are not scanned. For example | ||
15 | # !${HOME}/.ssh/known_hosts | ||
16 | # ${HOME}/.ssh | ||
17 | # will scan all files in ~/.ssh directory with the exception of known_hosts | ||
18 | |||
19 | ### system executables ### | ||
20 | /bin | ||
21 | /sbin | ||
22 | /usr/bin | ||
23 | /usr/games | ||
24 | /usr/libexec | ||
25 | /usr/sbin | ||
26 | |||
27 | ### user executables ### | ||
28 | #/opt | ||
29 | #/usr/local | ||
30 | |||
31 | ### system libraries ### | ||
32 | #/lib | ||
33 | #/usr/lib | ||
34 | #/usr/lib32 | ||
35 | #/usr/lib64 | ||
36 | #/usr/libx32 | ||
37 | |||
38 | ### shells local ### | ||
39 | # bash | ||
40 | ${HOME}/.bash_login | ||
41 | ${HOME}/.bash_logout | ||
42 | ${HOME}/.bash_profile | ||
43 | ${HOME}/.bashrc | ||
44 | # fish | ||
45 | ${HOME}/.config/fish/config.fish | ||
46 | # others | ||
47 | ${HOME}/.cshrc | ||
48 | ${HOME}/.kshrc | ||
49 | ${HOME}/.login | ||
50 | ${HOME}/.logout | ||
51 | ${HOME}/.profile | ||
52 | ${HOME}/.tcshrc | ||
53 | # zsh | ||
54 | ${HOME}/.zlogin | ||
55 | ${HOME}/.zlogout | ||
56 | ${HOME}/.zshenv | ||
57 | ${HOME}/.zshprofile | ||
58 | ${HOME}/.zshrc | ||
59 | |||
60 | ### shells global ### | ||
61 | # all | ||
62 | /etc/dircolors | ||
63 | /etc/environment | ||
64 | /etc/profile | ||
65 | /etc/profile.d | ||
66 | /etc/shells | ||
67 | /etc/skel | ||
68 | # bash | ||
69 | /etc/bash_completion* | ||
70 | /etc/bash.bashrc | ||
71 | /etc/bashrc | ||
72 | # fish | ||
73 | /etc/fish | ||
74 | # ksh | ||
75 | /etc/ksh.kshrc | ||
76 | # tcsh | ||
77 | /etc/complete.tcsh | ||
78 | /etc/csh.cshrc | ||
79 | /etc/csh.login | ||
80 | /etc/csh.logout | ||
81 | # zsh | ||
82 | /etc/zlogin | ||
83 | /etc/zlogout | ||
84 | /etc/zprofile | ||
85 | /etc/zshenv | ||
86 | /etc/zshrc | ||
87 | |||
88 | ### X11 ### | ||
89 | /etc/X11 | ||
90 | ${HOME}/.xinitrc | ||
91 | ${HOME}/.xmodmaprc | ||
92 | ${HOME}/.xprofile | ||
93 | ${HOME}/.Xresources | ||
94 | ${HOME}/.xserverrc | ||
95 | ${HOME}/.Xsession | ||
96 | ${HOME}/.xsession | ||
97 | ${HOME}/.xsessionrc | ||
98 | |||
99 | ### window/desktop manager ### | ||
100 | ${HOME}/Desktop/*.desktop | ||
101 | ${HOME}/.config/autostart | ||
102 | ${HOME}/.config/lxsession/LXDE/autostart | ||
103 | ${HOME}/.gnomerc | ||
104 | ${HOME}/.gtkrc | ||
105 | ${HOME}/.kderc | ||
106 | |||
107 | ### security ### | ||
108 | /etc/aide | ||
109 | /etc/apparmor* | ||
110 | /etc/chkrootkit.conf | ||
111 | /etc/cracklib | ||
112 | /etc/libaudit.conf | ||
113 | /etc/group* | ||
114 | /etc/gshadow* | ||
115 | /etc/pam.* | ||
116 | /etc/passwd* | ||
117 | /etc/rkhunter* | ||
118 | /etc/securetty | ||
119 | /etc/security | ||
120 | /etc/selinux | ||
121 | /etc/shadow* | ||
122 | /etc/sudoers* | ||
123 | /etc/tripwire | ||
124 | ${HOME}/.config/firejail | ||
125 | ${HOME}/.gnupg | ||
126 | |||
127 | ### network security ### | ||
128 | /etc/ca-certificates* | ||
129 | /etc/hosts.* | ||
130 | /etc/services | ||
131 | /etc/snort | ||
132 | /etc/ssh | ||
133 | /etc/ssl | ||
134 | /etc/wireshark | ||
135 | !${HOME}/.ssh/known_hosts # excluding | ||
136 | ${HOME}/.ssh | ||
137 | /usr/share/ca-certificates | ||
138 | |||
139 | ### system config ### | ||
140 | /etc/cron.* | ||
141 | /etc/crontab | ||
142 | /etc/default | ||