From fb4c90155ad5efcc4568a6cf8bf823540c971093 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sun, 18 Apr 2021 04:44:04 +0000 Subject: unblock tor support in brave (#4200) * opt-in for brave's native tor support * fix brave's native tor support * warn about potential tor breakage when using apparmor * update comment for opting in to tor * move brave's tor apparmor fix in brave.profile --- etc/apparmor/firejail-local | 3 +++ etc/profile-a-l/brave.profile | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/etc/apparmor/firejail-local b/etc/apparmor/firejail-local index 7f2a778ab..3dfd3d0ea 100644 --- a/etc/apparmor/firejail-local +++ b/etc/apparmor/firejail-local @@ -8,5 +8,8 @@ #owner @HOME/bin/** ix #owner @HOME/.local/bin/** ix +# Uncomment to opt-in to apparmor for brave + tor +#owner @{HOME}/.config/BraveSoftware/Brave-Browser/biahpgbdmdkfgndcmfiipgcebobojjkp/*/** ix, + # Uncomment to opt-in to apparmor for torbrowser-launcher #owner @{HOME}/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/** ix, diff --git a/etc/profile-a-l/brave.profile b/etc/profile-a-l/brave.profile index 5a5e9eacd..09548c761 100644 --- a/etc/profile-a-l/brave.profile +++ b/etc/profile-a-l/brave.profile @@ -8,7 +8,10 @@ include globals.local # noexec /tmp is included in chromium-common.profile and breaks Brave ignore noexec /tmp -# TOR is installed in ${HOME} +# TOR is installed in ${HOME}. +# NOTE: chromium-common.profile enables apparmor. To keep that intact +# you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default. +# Alternatively you can add 'ignore apparmor' to your brave.local. ignore noexec ${HOME} noblacklist ${HOME}/.cache/BraveSoftware -- cgit v1.2.3-70-g09d2