From b19757e2e50b5800b203e15eca58559282e254b4 Mon Sep 17 00:00:00 2001 From: smitsohu Date: Fri, 8 Dec 2017 01:14:14 +0100 Subject: pedantic comment fix --- etc/baloo_file.profile | 2 +- etc/clementine.profile | 2 +- etc/simple-scan.profile | 2 +- etc/skanlite.profile | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/etc/baloo_file.profile b/etc/baloo_file.profile index f6dbb480b..e265bcd82 100644 --- a/etc/baloo_file.profile +++ b/etc/baloo_file.profile @@ -29,7 +29,7 @@ nosound notv novideo protocol unix -# Baloo makes ioprio_set system calls, which are blacklisted by default. +# blacklisting of ioprio_set system calls breaks baloo_file seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice shell none # x11 xorg diff --git a/etc/clementine.profile b/etc/clementine.profile index f4a3301b6..a736f7bf9 100644 --- a/etc/clementine.profile +++ b/etc/clementine.profile @@ -20,7 +20,7 @@ noroot notv novideo protocol unix,inet,inet6 -# Clementine makes ioprio_set system calls, which are blacklisted by default. +# blacklisting of ioprio_set system calls breaks clementine seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice private-dev diff --git a/etc/simple-scan.profile b/etc/simple-scan.profile index b7dc3c57c..a205024cc 100644 --- a/etc/simple-scan.profile +++ b/etc/simple-scan.profile @@ -22,7 +22,7 @@ nosound notv # novideo protocol unix,inet,inet6,netlink -# simple-scan makes ioperm system calls, which are blacklisted by default. +# blacklisting of ioperm system calls breaks simple-scan seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,chroot,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice shell none tracelog diff --git a/etc/skanlite.profile b/etc/skanlite.profile index f1a64093a..a9a8fdad6 100644 --- a/etc/skanlite.profile +++ b/etc/skanlite.profile @@ -23,7 +23,7 @@ nosound notv # novideo protocol unix,netlink -# skanlite makes ioperm system calls, which are blacklisted by default. +# blacklisting of ioperm system calls breaks skanlite seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,chroot,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice shell none -- cgit v1.2.3-54-g00ecf