diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2022-02-18 20:50:37 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2022-02-18 20:50:37 -0300 |
| commit | c38bd8f3b00fb1d9af970fd1bf20d2cc006aad8e (patch) | |
| tree | 498e61b7161b98915b018221c910ee564c189ce7 | |
| parent | da777e6fd90cb4303723cf75bec3f1b3d700cae1 (diff) | |
| download | profile-c38bd8f3b00fb1d9af970fd1bf20d2cc006aad8e.tar.gz profile-c38bd8f3b00fb1d9af970fd1bf20d2cc006aad8e.tar.bz2 | |
Updates firejail
| -rw-r--r-- | config.dot/firejail/less.profile.link | 93 |
1 files changed, 48 insertions, 45 deletions
diff --git a/config.dot/firejail/less.profile.link b/config.dot/firejail/less.profile.link index 6a10fa3..f12e3b8 100644 --- a/config.dot/firejail/less.profile.link +++ b/config.dot/firejail/less.profile.link @@ -3,49 +3,52 @@ # This file is overwritten after every install/update quiet # Persistent local customizations -#include less.local +include less.local # Persistent global definitions -#include globals.local -# -#blacklist ${RUNUSER} -# -#noblacklist ${HOME}/.lesshst -# -#include disable-devel.inc -#include disable-exec.inc -#include disable-interpreters.inc -#include disable-passwdmgr.inc -# -#apparmor -#caps.drop all -#ipc-namespace -#machine-id -#net none -#no3d -#nodvd -#nonewprivs -##noroot -#nosound -#notv -#nou2f -#novideo -#protocol unix -#seccomp -#shell none -#tracelog -#x11 none -# -## The user can have a custom coloring script configured in ${HOME}/.lessfilter. -## Enable private-bin and private-lib if you are not using any filter. -## private-bin less -## private-lib -##private-cache -#private-dev -#writable-var-log -# -#dbus-user none -#dbus-system none -# -#memory-deny-write-execute -#read-only ${HOME} -#read-write ${HOME}/.lesshst +include globals.local + +blacklist ${RUNUSER} + +noblacklist ${HOME}/.lesshst + +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc + +apparmor +caps.drop all +ipc-namespace +machine-id +net none +no3d +nodvd +nonewprivs +#noroot +nosound +notv +nou2f +novideo +protocol unix +seccomp +shell none +tracelog +x11 none + +# The user can have a custom coloring script configured in ${HOME}/.lessfilter. +# Enable private-bin and private-lib if you are not using any filter. +# private-bin less +# private-lib +#private-cache +private-dev +writable-var-log + +ignore private-tmp +ignore private-cache + +dbus-user none +dbus-system none + +memory-deny-write-execute +read-only ${HOME} +read-write ${HOME}/.lesshst |