diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/atril.profile | 2 | ||||
-rw-r--r-- | etc/default.profile | 3 | ||||
-rw-r--r-- | etc/disable-common.inc | 3 | ||||
-rw-r--r-- | etc/eog.profile | 2 | ||||
-rw-r--r-- | etc/eom.profile | 2 | ||||
-rw-r--r-- | etc/evince.profile | 4 |
6 files changed, 11 insertions, 5 deletions
diff --git a/etc/atril.profile b/etc/atril.profile index e13618c0b..215f0ab96 100644 --- a/etc/atril.profile +++ b/etc/atril.profile | |||
@@ -37,7 +37,7 @@ private-dev | |||
37 | private-etc fonts,ld.so.cache | 37 | private-etc fonts,ld.so.cache |
38 | # atril uses webkit gtk to display epub files | 38 | # atril uses webkit gtk to display epub files |
39 | # waiting for globbing support in private-lib; for now hardcoding it to webkit2gtk-4.0 | 39 | # waiting for globbing support in private-lib; for now hardcoding it to webkit2gtk-4.0 |
40 | private-lib webkit2gtk-4.0 | 40 | #private-lib webkit2gtk-4.0 - problems on Arch with the new version of WebKit |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
43 | # webkit gtk killed by memory-deny-write-execute | 43 | # webkit gtk killed by memory-deny-write-execute |
diff --git a/etc/default.profile b/etc/default.profile index 82eded802..226e808ed 100644 --- a/etc/default.profile +++ b/etc/default.profile | |||
@@ -8,6 +8,9 @@ include /etc/firejail/globals.local | |||
8 | # generic gui profile | 8 | # generic gui profile |
9 | # depending on your usage, you can enable some of the commands below: | 9 | # depending on your usage, you can enable some of the commands below: |
10 | 10 | ||
11 | # required under CentOS 7 | ||
12 | noblacklist /etc/profile.d | ||
13 | |||
11 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
12 | # include /etc/firejail/disable-devel.inc | 15 | # include /etc/firejail/disable-devel.inc |
13 | include /etc/firejail/disable-passwdmgr.inc | 16 | include /etc/firejail/disable-passwdmgr.inc |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index cd5ec5d25..19be56f86 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -171,8 +171,7 @@ blacklist /var/spool/mail | |||
171 | # etc | 171 | # etc |
172 | blacklist /etc/anacrontab | 172 | blacklist /etc/anacrontab |
173 | blacklist /etc/cron* | 173 | blacklist /etc/cron* |
174 | # on CentOS 7 /etc/profile.d/vte.sh is required by bash | 174 | blacklist /etc/profile.d |
175 | #blacklist /etc/profile.d | ||
176 | blacklist /etc/rc.local | 175 | blacklist /etc/rc.local |
177 | # rc1.d, rc2.d, ... | 176 | # rc1.d, rc2.d, ... |
178 | blacklist /etc/rc?.d | 177 | blacklist /etc/rc?.d |
diff --git a/etc/eog.profile b/etc/eog.profile index cf6b1c1c6..6d61dceac 100644 --- a/etc/eog.profile +++ b/etc/eog.profile | |||
@@ -39,6 +39,6 @@ private-etc fonts | |||
39 | private-lib | 39 | private-lib |
40 | private-tmp | 40 | private-tmp |
41 | 41 | ||
42 | memory-deny-write-execute | 42 | #memory-deny-write-execute - breaks on Arch |
43 | noexec ${HOME} | 43 | noexec ${HOME} |
44 | noexec /tmp | 44 | noexec /tmp |
diff --git a/etc/eom.profile b/etc/eom.profile index 4edd8fafe..c7af470c6 100644 --- a/etc/eom.profile +++ b/etc/eom.profile | |||
@@ -40,6 +40,6 @@ private-etc fonts | |||
40 | private-lib | 40 | private-lib |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
43 | memory-deny-write-execute | 43 | #memory-deny-write-execute - breaks on Arch |
44 | noexec ${HOME} | 44 | noexec ${HOME} |
45 | noexec /tmp | 45 | noexec /tmp |
diff --git a/etc/evince.profile b/etc/evince.profile index 76aaab233..0a7a28580 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -36,7 +36,11 @@ tracelog | |||
36 | private-bin evince,evince-previewer,evince-thumbnailer | 36 | private-bin evince,evince-previewer,evince-thumbnailer |
37 | private-dev | 37 | private-dev |
38 | private-etc fonts | 38 | private-etc fonts |
39 | |||
39 | #private-lib - seems to be breaking on Gnome Shell 3.26.2, Mutter WM, issue 1711 | 40 | #private-lib - seems to be breaking on Gnome Shell 3.26.2, Mutter WM, issue 1711 |
41 | # testing private-lib all over again - problem with 32bit libraries found and fixed for CentOS | ||
42 | private-lib | ||
43 | |||
40 | private-tmp | 44 | private-tmp |
41 | 45 | ||
42 | #memory-deny-write-execute - breaks application on Archlinux, issue 1803 | 46 | #memory-deny-write-execute - breaks application on Archlinux, issue 1803 |