diff options
author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2021-07-04 02:37:18 -0700 |
---|---|---|
committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2021-07-04 02:37:18 -0700 |
commit | 96dd956c01e734e8aec007e9e0c13d6908f5fc11 (patch) | |
tree | c8885c806981cada98ddd5a1d52f52fbda2507aa /profiles/strawberry.local | |
parent | Add kristall profile (diff) | |
download | firejail-profiles-96dd956c01e734e8aec007e9e0c13d6908f5fc11.tar.xz |
Many updates for firejail 0.9.66
Diffstat (limited to 'profiles/strawberry.local')
-rw-r--r-- | profiles/strawberry.local | 37 |
1 files changed, 3 insertions, 34 deletions
diff --git a/profiles/strawberry.local b/profiles/strawberry.local index cf3da43..a605392 100644 --- a/profiles/strawberry.local +++ b/profiles/strawberry.local @@ -1,45 +1,14 @@ -# This file is overwritten after every install/update -# Persistent local customizations -include strawberry.local -# Persistent global definitions -include globals.local - -#noblacklist ${HOME}/.cache/strawberry -noblacklist ${HOME}/.config/strawberry -noblacklist ${HOME}/.local/share/strawberry -noblacklist ${MUSIC} -#whitelist ${HOME}/.cache/strawberry +whitelist ${HOME}/.cache/strawberry whitelist ${HOME}/.config/strawberry whitelist ${HOME}/.local/share/strawberry whitelist ${MUSIC} -include disable-common.inc -include disable-devel.inc -include disable-exec.inc -include disable-interpreters.inc -include disable-passwdmgr.inc -include disable-programs.inc -include disable-xdg.inc +include disable-shell.inc +include disable-write-mnt.inc -include whitelist-var-common.inc include whitelist-common.inc -caps.drop all #net none -netfilter -nonewprivs -noroot -notv -nou2f -novideo protocol unix,inet,inet6 -# blacklisting of ioprio_set system calls breaks strawberry -seccomp !ioprio -shell none -tracelog -# disable-mnt -private-cache -private-dev private-etc asound.conf,group,localtime,machine-id,pulse,resolv.conf -private-tmp |