1 files changed, 16 insertions, 20 deletions
diff --git a/etc/wireshark.profile b/etc/wireshark.profile
index d5f3b8c4b..0c4bc8029 100644
--- a/etc/wireshark.profile
+++ b/etc/wireshark.profile
@@ -1,39 +1,35 @@
-# Persistent global definitions go here
+# Firejail profile for wireshark
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
 include /etc/firejail/wireshark.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-# Firejail profile for
 noblacklist ${HOME}/.config/wireshark
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
-#
-# The profile allows users to run wireshark as root
-#
-#caps.drop all
-#noroot
-#protocol unix,inet,inet6,netlink
-#ipc-namespace
 netfilter
 no3d
-# nogroups - breaks unprivileged wireshark usage
-# nonewprivs - breaks unprivileged wireshark usage
 nosound
-# seccomp - breaks unprivileged wireshark usage
 shell none
 tracelog
-#private-bin wireshark
+# private-bin wireshark
-# private-etc fonts,group,hosts,machine-id,passwd
 private-dev
+# private-etc fonts,group,hosts,machine-id,passwd
 private-tmp
 noexec ${HOME}
 noexec /tmp
+# CLOBBERED COMMENTS
+# caps.drop all
+# nogroups - breaks unprivileged wireshark usage
+# nonewprivs - breaks unprivileged wireshark usage
+# noroot
+# protocol unix,inet,inet6,netlink
+# seccomp - breaks unprivileged wireshark usage

diff --git a/etc/wireshark.profile b/etc/wireshark.profile index d5f3b8c4b..0c4bc8029 100644 --- a/etc/wireshark.profile +++ b/etc/wireshark.profile
@@ -1,39 +1,35 @@
1	# Persistent global definitions go here	1	# Firejail profile for wireshark
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	# This file is overwritten during software install.
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/wireshark.local	4	include /etc/firejail/wireshark.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	# Firejail profile for
9	noblacklist ${HOME}/.config/wireshark	8	noblacklist ${HOME}/.config/wireshark
10		9
11	include /etc/firejail/disable-common.inc	10	include /etc/firejail/disable-common.inc
12	include /etc/firejail/disable-programs.inc
13	include /etc/firejail/disable-devel.inc	11	include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-passwdmgr.inc	12	include /etc/firejail/disable-passwdmgr.inc
		13	include /etc/firejail/disable-programs.inc
15		14
16	#
17	# The profile allows users to run wireshark as root
18	#
19	#caps.drop all
20	#noroot
21	#protocol unix,inet,inet6,netlink
22
23	#ipc-namespace
24	netfilter	15	netfilter
25	no3d	16	no3d
26	# nogroups - breaks unprivileged wireshark usage
27	# nonewprivs - breaks unprivileged wireshark usage
28	nosound	17	nosound
29	# seccomp - breaks unprivileged wireshark usage
30	shell none	18	shell none
31	tracelog	19	tracelog
32		20
33	#private-bin wireshark	21	# private-bin wireshark
34	# private-etc fonts,group,hosts,machine-id,passwd
35	private-dev	22	private-dev
		23	# private-etc fonts,group,hosts,machine-id,passwd
36	private-tmp	24	private-tmp
37		25
38	noexec ${HOME}	26	noexec ${HOME}
39	noexec /tmp	27	noexec /tmp
		28
		29	# CLOBBERED COMMENTS
		30	# caps.drop all
		31	# nogroups - breaks unprivileged wireshark usage
		32	# nonewprivs - breaks unprivileged wireshark usage
		33	# noroot
		34	# protocol unix,inet,inet6,netlink
		35	# seccomp - breaks unprivileged wireshark usage