From 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 7 Aug 2017 01:22:08 -0400
Subject: Unify all profiles

---
 etc/cpio.profile | 31 +++++++++++++++++--------------
 1 file changed, 17 insertions(+), 14 deletions(-)

(limited to 'etc/cpio.profile')

diff --git a/etc/cpio.profile b/etc/cpio.profile
index fe1dc0408..cd9b9ad7c 100644
--- a/etc/cpio.profile
+++ b/etc/cpio.profile
@@ -1,28 +1,31 @@
+# Firejail profile for cpio
+# This file is overwritten after every install/update
 quiet
-# Persistent global definitions go here
+# Persistent local customizations
+include /etc/firejail/cpio.local
+# Persistent global definitions
 include /etc/firejail/globals.local
 
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
-include /etc/firejail/cpio.local
+blacklist /tmp/.X11-unix
 
-# cpio profile
-# /sbin and /usr/sbin are visible inside the sandbox
-# /boot is not visible and /var is heavily modified
 noblacklist /sbin
 noblacklist /usr/sbin
+
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 
-private-dev
-seccomp
 caps.drop all
 net none
-shell none
-tracelog
 net none
-nosound
 no3d
+nosound
+seccomp
+shell none
+tracelog
 
-blacklist /tmp/.X11-unix
+private-dev
+
+# CLOBBERED COMMENTS
+# /boot is not visible and /var is heavily modified
+# /sbin and /usr/sbin are visible inside the sandbox
-- 
cgit v1.2.3-54-g00ecf