diff options
Diffstat (limited to 'etc/tor.profile')
-rw-r--r-- | etc/tor.profile | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/tor.profile b/etc/tor.profile index 2e2172cad..73577825a 100644 --- a/etc/tor.profile +++ b/etc/tor.profile | |||
@@ -8,6 +8,7 @@ include /etc/firejail/globals.local | |||
8 | # How to use: | 8 | # How to use: |
9 | # Create a script called anything (e.g. mytor) | 9 | # Create a script called anything (e.g. mytor) |
10 | # with the following contents: | 10 | # with the following contents: |
11 | |||
11 | # #!/bin/bash | 12 | # #!/bin/bash |
12 | # TORCMD="tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 1" | 13 | # TORCMD="tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 1" |
13 | # sudo -b daemon -f -d -- firejail --profile=/home/<username>/.config/firejail/tor.profile $TORCMD | 14 | # sudo -b daemon -f -d -- firejail --profile=/home/<username>/.config/firejail/tor.profile $TORCMD |
@@ -15,10 +16,10 @@ include /etc/firejail/globals.local | |||
15 | # You'll also likely want to disable the system service (if it exists) | 16 | # You'll also likely want to disable the system service (if it exists) |
16 | # Run mytor (or whatever you called the script above) whenever you want to start tor | 17 | # Run mytor (or whatever you called the script above) whenever you want to start tor |
17 | 18 | ||
18 | blacklist /boot | 19 | include /etc/firejail/disable-common.inc |
19 | blacklist /media | 20 | include /etc/firejail/disable-devel.inc |
20 | blacklist /mnt | 21 | include /etc/firejail/disable-passwdmgr.inc |
21 | blacklist /opt | 22 | include /etc/firejail/disable-programs.inc |
22 | 23 | ||
23 | caps.keep setuid,setgid,net_bind_service,dac_read_search | 24 | caps.keep setuid,setgid,net_bind_service,dac_read_search |
24 | ipc-namespace | 25 | ipc-namespace |
@@ -29,7 +30,6 @@ nosound | |||
29 | seccomp | 30 | seccomp |
30 | shell none | 31 | shell none |
31 | writable-var | 32 | writable-var |
32 | x11 none | ||
33 | 33 | ||
34 | private | 34 | private |
35 | private-bin tor,bash | 35 | private-bin tor,bash |