diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 2 | ||||
-rw-r--r-- | etc/file.profile | 2 | ||||
-rw-r--r-- | etc/gajim.profile | 6 | ||||
-rw-r--r-- | etc/git.profile | 2 | ||||
-rw-r--r-- | etc/gzip.profile | 2 | ||||
-rw-r--r-- | etc/strings.profile | 2 | ||||
-rw-r--r-- | etc/tar.profile | 2 | ||||
-rw-r--r-- | etc/unrar.profile | 2 | ||||
-rw-r--r-- | etc/unzip.profile | 2 | ||||
-rw-r--r-- | etc/uudeview.profile | 2 | ||||
-rw-r--r-- | etc/wget.profile | 1 | ||||
-rw-r--r-- | etc/xzdec.profile | 2 |
12 files changed, 17 insertions, 10 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index f18b0d396..bc2f6869d 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -24,7 +24,7 @@ blacklist ${HOME}/.config/openbox/autostart | |||
24 | blacklist ${HOME}/.config/openbox/environment | 24 | blacklist ${HOME}/.config/openbox/environment |
25 | blacklist ${HOME}/.gnomerc | 25 | blacklist ${HOME}/.gnomerc |
26 | blacklist /etc/X11/Xsession.d/ | 26 | blacklist /etc/X11/Xsession.d/ |
27 | blacklist ${HOME}/.xpra | 27 | # blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs |
28 | 28 | ||
29 | # VirtualBox | 29 | # VirtualBox |
30 | blacklist ${HOME}/.VirtualBox | 30 | blacklist ${HOME}/.VirtualBox |
diff --git a/etc/file.profile b/etc/file.profile index f709e7f0c..d145fe12a 100644 --- a/etc/file.profile +++ b/etc/file.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # file profile | 1 | # file profile |
2 | quiet | ||
2 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
3 | include /etc/firejail/disable-programs.inc | 4 | include /etc/firejail/disable-programs.inc |
4 | include /etc/firejail/disable-passwdmgr.inc | 5 | include /etc/firejail/disable-passwdmgr.inc |
@@ -16,7 +17,6 @@ protocol unix | |||
16 | seccomp | 17 | seccomp |
17 | shell none | 18 | shell none |
18 | tracelog | 19 | tracelog |
19 | quiet | ||
20 | x11 none | 20 | x11 none |
21 | 21 | ||
22 | blacklist /tmp/.X11-unix | 22 | blacklist /tmp/.X11-unix |
diff --git a/etc/gajim.profile b/etc/gajim.profile index b030a68b4..eb60f858b 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile | |||
@@ -1,4 +1,8 @@ | |||
1 | # Firejail profile for Gajim | 1 | # Firejail profile for Gajim |
2 | noblacklist ${HOME}/.cache/gajim | ||
3 | noblacklist ${HOME}/.local/share/gajim | ||
4 | noblacklist ${HOME}/.config/gajim | ||
5 | |||
2 | mkdir ${HOME}/.cache/gajim | 6 | mkdir ${HOME}/.cache/gajim |
3 | mkdir ${HOME}/.local/share/gajim | 7 | mkdir ${HOME}/.local/share/gajim |
4 | mkdir ${HOME}/.config/gajim | 8 | mkdir ${HOME}/.config/gajim |
@@ -29,4 +33,6 @@ seccomp | |||
29 | shell none | 33 | shell none |
30 | 34 | ||
31 | #private-bin python2.7 gajim | 35 | #private-bin python2.7 gajim |
36 | #private-etc fonts | ||
32 | private-dev | 37 | private-dev |
38 | #private-tmp | ||
diff --git a/etc/git.profile b/etc/git.profile index edb59ce13..d60e58c03 100644 --- a/etc/git.profile +++ b/etc/git.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # git profile | 1 | # git profile |
2 | quiet | ||
2 | noblacklist ~/.gitconfig | 3 | noblacklist ~/.gitconfig |
3 | noblacklist ~/.ssh | 4 | noblacklist ~/.ssh |
4 | noblacklist ~/.gnupg | 5 | noblacklist ~/.gnupg |
@@ -19,7 +20,6 @@ nonewprivs | |||
19 | noroot | 20 | noroot |
20 | nosound | 21 | nosound |
21 | protocol unix,inet,inet6 | 22 | protocol unix,inet,inet6 |
22 | quiet | ||
23 | seccomp | 23 | seccomp |
24 | shell none | 24 | shell none |
25 | 25 | ||
diff --git a/etc/gzip.profile b/etc/gzip.profile index d51b9a951..feb27c150 100644 --- a/etc/gzip.profile +++ b/etc/gzip.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # gzip profile | 1 | # gzip profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -7,7 +8,6 @@ blacklist /tmp/.X11-unix | |||
7 | net none | 8 | net none |
8 | no3d | 9 | no3d |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/etc/strings.profile b/etc/strings.profile index 7c464bf88..2b7724b11 100644 --- a/etc/strings.profile +++ b/etc/strings.profile | |||
@@ -1,10 +1,10 @@ | |||
1 | # strings profile | 1 | # strings profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
5 | net none | 6 | net none |
6 | nosound | 7 | nosound |
7 | quiet | ||
8 | shell none | 8 | shell none |
9 | tracelog | 9 | tracelog |
10 | 10 | ||
diff --git a/etc/tar.profile b/etc/tar.profile index 91fdaf48d..3addb02fb 100644 --- a/etc/tar.profile +++ b/etc/tar.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # tar profile | 1 | # tar profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -8,7 +9,6 @@ hostname tar | |||
8 | net none | 9 | net none |
9 | no3d | 10 | no3d |
10 | nosound | 11 | nosound |
11 | quiet | ||
12 | shell none | 12 | shell none |
13 | tracelog | 13 | tracelog |
14 | 14 | ||
diff --git a/etc/unrar.profile b/etc/unrar.profile index 0700cafe9..bde6f4e22 100644 --- a/etc/unrar.profile +++ b/etc/unrar.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # unrar profile | 1 | # unrar profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -8,7 +9,6 @@ hostname unrar | |||
8 | net none | 9 | net none |
9 | no3d | 10 | no3d |
10 | nosound | 11 | nosound |
11 | quiet | ||
12 | shell none | 12 | shell none |
13 | tracelog | 13 | tracelog |
14 | 14 | ||
diff --git a/etc/unzip.profile b/etc/unzip.profile index a43785795..8c10d11a0 100644 --- a/etc/unzip.profile +++ b/etc/unzip.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # unzip profile | 1 | # unzip profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | blacklist /tmp/.X11-unix | 5 | blacklist /tmp/.X11-unix |
@@ -7,7 +8,6 @@ hostname unzip | |||
7 | net none | 8 | net none |
8 | no3d | 9 | no3d |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/etc/uudeview.profile b/etc/uudeview.profile index 5ba0896ab..d5b750a13 100644 --- a/etc/uudeview.profile +++ b/etc/uudeview.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # uudeview profile | 1 | # uudeview profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -7,7 +8,6 @@ blacklist /etc | |||
7 | hostname uudeview | 8 | hostname uudeview |
8 | net none | 9 | net none |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||
diff --git a/etc/wget.profile b/etc/wget.profile index ad2b03b33..d9bca2acc 100644 --- a/etc/wget.profile +++ b/etc/wget.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # wget profile | 1 | # wget profile |
2 | quiet | ||
2 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
3 | include /etc/firejail/disable-programs.inc | 4 | include /etc/firejail/disable-programs.inc |
4 | include /etc/firejail/disable-passwdmgr.inc | 5 | include /etc/firejail/disable-passwdmgr.inc |
diff --git a/etc/xzdec.profile b/etc/xzdec.profile index 04f98cef6..6164e3200 100644 --- a/etc/xzdec.profile +++ b/etc/xzdec.profile | |||
@@ -1,4 +1,5 @@ | |||
1 | # xzdec profile | 1 | # xzdec profile |
2 | quiet | ||
2 | ignore noroot | 3 | ignore noroot |
3 | include /etc/firejail/default.profile | 4 | include /etc/firejail/default.profile |
4 | 5 | ||
@@ -7,7 +8,6 @@ blacklist /tmp/.X11-unix | |||
7 | net none | 8 | net none |
8 | no3d | 9 | no3d |
9 | nosound | 10 | nosound |
10 | quiet | ||
11 | shell none | 11 | shell none |
12 | tracelog | 12 | tracelog |
13 | 13 | ||