diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 3 | ||||
-rw-r--r-- | etc/server.profile | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index abce0fe57..d943950d4 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -120,7 +120,8 @@ blacklist /var/lib/mysql/mysql.sock | |||
120 | blacklist /var/lib/mysqld/mysql.sock | 120 | blacklist /var/lib/mysqld/mysql.sock |
121 | blacklist /var/lib/pacman | 121 | blacklist /var/lib/pacman |
122 | blacklist /var/lib/upower | 122 | blacklist /var/lib/upower |
123 | blacklist /var/log | 123 | # blacklist /var/log - a virtual /var/log directory (mostly empty) is buid up by default for |
124 | # every sandbox, unless --writeble-var-log switch is activated | ||
124 | blacklist /var/mail | 125 | blacklist /var/mail |
125 | blacklist /var/opt | 126 | blacklist /var/opt |
126 | blacklist /var/run/acpid.socket | 127 | blacklist /var/run/acpid.socket |
diff --git a/etc/server.profile b/etc/server.profile index edd4666e1..860e0056d 100644 --- a/etc/server.profile +++ b/etc/server.profile | |||
@@ -13,7 +13,6 @@ blacklist /tmp/.X11-unix | |||
13 | 13 | ||
14 | noblacklist /sbin | 14 | noblacklist /sbin |
15 | noblacklist /usr/sbin | 15 | noblacklist /usr/sbin |
16 | # noblacklist /var/log | ||
17 | # noblacklist /var/opt | 16 | # noblacklist /var/opt |
18 | 17 | ||
19 | include /etc/firejail/disable-common.inc | 18 | include /etc/firejail/disable-common.inc |
@@ -29,6 +28,8 @@ notv | |||
29 | novideo | 28 | novideo |
30 | seccomp | 29 | seccomp |
31 | 30 | ||
31 | # netfilter /etc/firejail/webserver.net | ||
32 | |||
32 | # disable-mnt | 33 | # disable-mnt |
33 | private | 34 | private |
34 | # private-bin program | 35 | # private-bin program |