aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/clementine.profile2
-rw-r--r--etc/firefox-common.profile2
-rw-r--r--etc/kmail.profile2
-rw-r--r--etc/mpd.profile2
-rw-r--r--etc/qutebrowser.profile2
-rw-r--r--etc/torbrowser-launcher.profile2
6 files changed, 6 insertions, 6 deletions
diff --git a/etc/clementine.profile b/etc/clementine.profile
index 147b0de4b..1cf478ead 100644
--- a/etc/clementine.profile
+++ b/etc/clementine.profile
@@ -27,7 +27,7 @@ nou2f
27novideo 27novideo
28protocol unix,inet,inet6 28protocol unix,inet,inet6
29# blacklisting of ioprio_set system calls breaks clementine 29# blacklisting of ioprio_set system calls breaks clementine
30seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice 30seccomp.drop mincore,@cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice
31 31
32private-dev 32private-dev
33private-tmp 33private-tmp
diff --git a/etc/firefox-common.profile b/etc/firefox-common.profile
index ad8a0a0b7..288afa8a2 100644
--- a/etc/firefox-common.profile
+++ b/etc/firefox-common.profile
@@ -40,7 +40,7 @@ noroot
40notv 40notv
41?BROWSER_DISABLE_U2F: nou2f 41?BROWSER_DISABLE_U2F: nou2f
42protocol unix,inet,inet6,netlink 42protocol unix,inet,inet6,netlink
43seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice 43seccomp.drop mincore,@clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
44shell none 44shell none
45#disable tracelog, it breaks or causes major issues with many firefox based browsers, see github issue #1930 45#disable tracelog, it breaks or causes major issues with many firefox based browsers, see github issue #1930
46#tracelog 46#tracelog
diff --git a/etc/kmail.profile b/etc/kmail.profile
index 1f8403ef1..85eb74998 100644
--- a/etc/kmail.profile
+++ b/etc/kmail.profile
@@ -50,7 +50,7 @@ nou2f
50novideo 50novideo
51protocol unix,inet,inet6,netlink 51protocol unix,inet,inet6,netlink
52# we need to allow chroot, io_getevents, ioprio_set, io_setup, io_submit system calls 52# we need to allow chroot, io_getevents, ioprio_set, io_setup, io_submit system calls
53seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice 53seccomp.drop mincore,@clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
54# tracelog 54# tracelog
55# writable-run-user is needed for signing and encrypting emails 55# writable-run-user is needed for signing and encrypting emails
56writable-run-user 56writable-run-user
diff --git a/etc/mpd.profile b/etc/mpd.profile
index e06b83aa9..c532edeb2 100644
--- a/etc/mpd.profile
+++ b/etc/mpd.profile
@@ -30,7 +30,7 @@ novideo
30protocol unix,inet,inet6 30protocol unix,inet,inet6
31# blacklisting of ioprio_set system calls breaks auto-updating of 31# blacklisting of ioprio_set system calls breaks auto-updating of
32# MPD's database when files in music_directory are changed 32# MPD's database when files in music_directory are changed
33seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice 33seccomp.drop mincore,@cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice
34shell none 34shell none
35 35
36#private-bin mpd,bash 36#private-bin mpd,bash
diff --git a/etc/qutebrowser.profile b/etc/qutebrowser.profile
index ac9f9bfd9..7193a04ed 100644
--- a/etc/qutebrowser.profile
+++ b/etc/qutebrowser.profile
@@ -41,5 +41,5 @@ noroot
41notv 41notv
42protocol unix,inet,inet6,netlink 42protocol unix,inet,inet6,netlink
43# blacklisting of chroot system calls breaks qt webengine 43# blacklisting of chroot system calls breaks qt webengine
44seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice 44seccomp.drop mincore,@clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
45# tracelog 45# tracelog
diff --git a/etc/torbrowser-launcher.profile b/etc/torbrowser-launcher.profile
index a9244683f..dd444103e 100644
--- a/etc/torbrowser-launcher.profile
+++ b/etc/torbrowser-launcher.profile
@@ -41,7 +41,7 @@ notv
41nou2f 41nou2f
42novideo 42novideo
43protocol unix,inet,inet6 43protocol unix,inet,inet6
44seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice 44seccomp.drop mincore,@clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
45shell none 45shell none
46# tracelog may cause issues, see github issue #1930 46# tracelog may cause issues, see github issue #1930
47#tracelog 47#tracelog
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-30 22:07:16 +0000