diff options
Diffstat (limited to 'etc/xpra.profile')
| -rw-r--r-- | etc/xpra.profile | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/etc/xpra.profile b/etc/xpra.profile index d967c1da2..dc8d7a665 100644 --- a/etc/xpra.profile +++ b/etc/xpra.profile | |||
| @@ -8,21 +8,15 @@ include globals.local | |||
| 8 | 8 | ||
| 9 | # | 9 | # |
| 10 | # This profile will sandbox Xpra server itself when used with firejail --x11=xpra. | 10 | # This profile will sandbox Xpra server itself when used with firejail --x11=xpra. |
| 11 | # To enable it, create a firejail-xpra symlink in /usr/local/bin: | 11 | # To enable it, create a firejail-xpra symlink in /usr/local/bin: |
| 12 | # | 12 | # |
| 13 | # $ sudo ln -s /usr/bin/firejail /usr/local/bin/xpra | 13 | # $ sudo ln -s /usr/bin/firejail /usr/local/bin/xpra |
| 14 | # | 14 | # |
| 15 | # or run "sudo firecfg" | 15 | # or run "sudo firecfg" |
| 16 | 16 | ||
| 17 | blacklist /media | ||
| 18 | |||
| 19 | # Allow python (blacklisted by disable-interpreters.inc) | 17 | # Allow python (blacklisted by disable-interpreters.inc) |
| 20 | noblacklist ${PATH}/python2* | 18 | include allow-python2.inc |
| 21 | noblacklist ${PATH}/python3* | 19 | include allow-python3.inc |
| 22 | noblacklist /usr/lib/python2* | ||
| 23 | noblacklist /usr/lib/python3* | ||
| 24 | noblacklist /usr/local/lib/python2* | ||
| 25 | noblacklist /usr/local/lib/python3* | ||
| 26 | 20 | ||
| 27 | include disable-common.inc | 21 | include disable-common.inc |
| 28 | include disable-devel.inc | 22 | include disable-devel.inc |
| @@ -49,6 +43,7 @@ protocol unix | |||
| 49 | seccomp | 43 | seccomp |
| 50 | shell none | 44 | shell none |
| 51 | 45 | ||
| 46 | disable-mnt | ||
| 52 | # private home directory doesn't work on some distros, so we go for a regular home | 47 | # private home directory doesn't work on some distros, so we go for a regular home |
| 53 | # private | 48 | # private |
| 54 | # older Xpra versions also use Xvfb | 49 | # older Xpra versions also use Xvfb |