From 91e11d155455ee6d89537942b36d09fbe86ff6ff Mon Sep 17 00:00:00 2001 From: sarneaud Date: Tue, 1 Sep 2015 14:37:50 +1000 Subject: Update profiles to use the new noblacklist command. --- etc/chromium.profile | 3 ++- etc/filezilla.profile | 4 +++- etc/firefox.profile | 3 ++- etc/midori.profile | 5 +++-- etc/opera.profile | 3 ++- etc/server.profile | 4 +++- 6 files changed, 15 insertions(+), 7 deletions(-) (limited to 'etc') diff --git a/etc/chromium.profile b/etc/chromium.profile index 13559a5a8..6c3a5f2f8 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile @@ -1,7 +1,8 @@ # Chromium browser profile +noblacklist ${HOME}/.config/chromium include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc -include /etc/firejail/disable-common.inc chromium +include /etc/firejail/disable-common.inc include /etc/firejail/disable-history.inc netfilter diff --git a/etc/filezilla.profile b/etc/filezilla.profile index dc5086595..437fa6d43 100644 --- a/etc/filezilla.profile +++ b/etc/filezilla.profile @@ -1,7 +1,9 @@ # FileZilla profile +noblacklist ${HOME}/.filezilla +noblacklist ${HOME}/.config/filezilla include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc -include /etc/firejail/disable-common.inc .filezilla +include /etc/firejail/disable-common.inc include /etc/firejail/disable-history.inc caps.drop all seccomp diff --git a/etc/firefox.profile b/etc/firefox.profile index cd504ab44..e5b820d39 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile @@ -1,7 +1,8 @@ # Firejail profile for Mozilla Firefox (Iceweasel in Debian) +noblacklist ${HOME}/.mozilla include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc -include /etc/firejail/disable-common.inc .mozilla +include /etc/firejail/disable-common.inc include /etc/firejail/disable-history.inc caps.drop all seccomp diff --git a/etc/midori.profile b/etc/midori.profile index b21bc94ef..5bc864e31 100644 --- a/etc/midori.profile +++ b/etc/midori.profile @@ -1,7 +1,8 @@ -# Midory browser profile +# Midori browser profile +noblacklist ${HOME}/.config/midori include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc -include /etc/firejail/disable-common.inc midori +include /etc/firejail/disable-common.inc include /etc/firejail/disable-history.inc caps.drop all seccomp diff --git a/etc/opera.profile b/etc/opera.profile index 8f8dbc609..d55c0aaa3 100644 --- a/etc/opera.profile +++ b/etc/opera.profile @@ -1,7 +1,8 @@ # Chromium browser profile +noblacklist ${HOME}/.config/opera include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc -include /etc/firejail/disable-common.inc opera +include /etc/firejail/disable-common.inc include /etc/firejail/disable-history.inc netfilter noroot diff --git a/etc/server.profile b/etc/server.profile index 1c6461094..5b706df9a 100644 --- a/etc/server.profile +++ b/etc/server.profile @@ -1,6 +1,8 @@ # generic server profile # it allows /sbin and /usr/sbin directories - this is where servers are installed -include /etc/firejail/disable-mgmt.inc sbin +noblacklist /sbin +noblacklist /usr/sbin +include /etc/firejail/disable-mgmt.inc private private-dev seccomp -- cgit v1.2.3-54-g00ecf