From be248ccc236969d3488e36f2f934e3f2c37539a2 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sat, 24 Mar 2018 22:33:23 +0100
Subject: fix akonadi_control, enable it in firecfg for a better default

---
 etc/akonadi_control.profile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'etc/akonadi_control.profile')

diff --git a/etc/akonadi_control.profile b/etc/akonadi_control.profile
index fb299a518..0443774dd 100644
--- a/etc/akonadi_control.profile
+++ b/etc/akonadi_control.profile
@@ -22,6 +22,7 @@ include /etc/firejail/whitelist-var-common.inc
 # depending on your setup it might be possible to
 # enable some of the commented options below
 
+# apparmor
 caps.drop all
 ipc-namespace
 no3d
@@ -34,7 +35,7 @@ nosound
 notv
 novideo
 # protocol unix,inet,inet6
-# seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice # we need to allow io_getevents, ioprio_set, io_setup, io_submit system calls
+# seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice
 tracelog
 
 private-dev
-- 
cgit v1.2.3-54-g00ecf