From 6e0504feaaed3cffccfb6a91768103d9c7b3c918 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Wed, 28 Jul 2021 16:38:20 +0000 Subject: reordering and fix for ids.config --- etc/ids.config | 124 ++++++++++++++++++++++++++++++--------------------------- 1 file changed, 66 insertions(+), 58 deletions(-) (limited to 'etc') diff --git a/etc/ids.config b/etc/ids.config index 7e03841c9..482083ec0 100644 --- a/etc/ids.config +++ b/etc/ids.config @@ -1,34 +1,32 @@ # /etc/firejail/ids.config - configuration file for Firejail's Intrusion Detection System +# This config file is overwritten when a new version of Firejail is installed. +# For global customization use /etc/firejail/ids.config.local. +include ids.config.local # # Each line is a file or directory name such as # /usr/bin # or # ${HOME}/Desktop/*.desktop # -# ${HOME} is expanded to user home directory, and * is the regular +# ${HOME} is expanded to the user's home directory, and * is the regular # globbing match for zero or more characters. # # File or directory names starting with ! are not scanned. For example # !${HOME}/.ssh/known_hosts # ${HOME}/.ssh -# will scan all files in ~/.ssh directory with the exception of knonw_hosts -# -# This config file is overwritten when a new version of Firejail is installed. -# For global customization use /etc/firejal/ids.config.local. - -include ids.config.local +# will scan all files in ~/.ssh directory with the exception of known_hosts ### system executables ### /bin /sbin /usr/bin -/usr/sbin /usr/games /usr/libexec +/usr/sbin ### user executables ### -#/usr/local #/opt +#/usr/local ### system libraries ### #/lib @@ -38,97 +36,107 @@ include ids.config.local #/usr/libx32 ### shells local ### -${HOME}/.bashrc # bash -${HOME}/.bash_profile +# bash ${HOME}/.bash_login ${HOME}/.bash_logout -${HOME}/.zshenv #zsh -${HOME}/.zshprofile -${HOME}/.zshrc -${HOME}/.zlogin -${HOME}/.zlogout -${HOME}/.config/fish/config.fish # fish -${HOME}/.profile # others +${HOME}/.bash_profile +${HOME}/.bashrc +# fish +${HOME}/.config/fish/config.fish +# others +${HOME}/.cshrc +${HOME}/.kshrc ${HOME}/.login ${HOME}/.logout -${HOME}/.cshrc +${HOME}/.profile ${HOME}/.tcshrc -${HOME}/.kshrc +# zsh +${HOME}/.zlogin +${HOME}/.zlogout +${HOME}/.zshenv +${HOME}/.zshprofile +${HOME}/.zshrc ### shells global ### -/etc/shells # all +# all +/etc/dircolors +/etc/environment /etc/profile /etc/profile.d -/etc/environment +/etc/shells /etc/skel -/etc/dircolors -/etc/bash.bashrc # bash +# bash /etc/bash_completion* +/etc/bash.bashrc /etc/bashrc -/etc/zshenv # zsh -/etc/zprofile -/etc/zshrc -/etc/zlogin -/etc/zlogout -/etc/fish # fish -/etc/complete.tcsh # tcsh +# fish +/etc/fish +# ksh +/etc/ksh.kshrc +# tcsh +/etc/complete.tcsh /etc/csh.cshrc /etc/csh.login /etc/csh.logout -/etc/ksh.kshrc # ksh +# zsh +/etc/zlogin +/etc/zlogout +/etc/zprofile +/etc/zshenv +/etc/zshrc ### X11 ### -${HOME}/.xsessionrc -${HOME}/.xsession -${HOME}/.Xsession ${HOME}/.xinitrc -${HOME}/.xprofile ${HOME}/.xmodmaprc +${HOME}/.xprofile +${HOME}/.Xresources ${HOME}/.xserverrc -${HOME}/.Xresurces +${HOME}/.Xsession +${HOME}/.xsession +${HOME}/.xsessionrc /etc/X11 ### window/desktop manager ### -${HOME}/.config/autostart ${HOME}/Desktop/*.desktop +${HOME}/.config/autostart ${HOME}/.config/lxsession/LXDE/autostart ${HOME}/.gnomerc ${HOME}/.gtkrc ${HOME}/.kderc ### security ### -${HOME}/.gnupg ${HOME}/.config/firejail +${HOME}/.gnupg +/etc/aide /etc/apparmor* -/etc/selinux -/etc/security +/etc/chkrootkit.conf +/etc/cracklib +/etc/libaudit.conf /etc/group* /etc/gshadow* +/etc/pam.* /etc/passwd* +/etc/rkhunter* +/etc/securetty +/etc/security +/etc/selinux /etc/shadow* -/etc/pam.* /etc/sudoers* -/etc/securetty -/etc/cracklib -/etc/libaudit.conf /etc/tripwire -/etc/aide -/etc/chkrootkit.conf -/etc/rkhunter.conf -*** network security *** -/etc/services -/etc/hosts.* -/etc/ssl -/etc/ca-certificates* -/usr/share/ca-certificates -!${HOME}/.ssh/known_hosts # excluding +### network security ### +!${HOME}/.ssh/known_hosts # excluding ${HOME}/.ssh -/etc/ssh +/etc/ca-certificates* +/etc/hosts.* +/etc/services /etc/snort +/etc/ssh +/etc/ssl /etc/wireshark +/usr/share/ca-certificates ### system config ### -/etc/default -/etc/crontab /etc/cron.* +/etc/crontab +/etc/default -- cgit v1.2.3-54-g00ecf