diff options
Diffstat (limited to 'config.dot')
-rw-r--r-- | config.dot/firejail/less.profile.link | 93 |
1 files changed, 48 insertions, 45 deletions
diff --git a/config.dot/firejail/less.profile.link b/config.dot/firejail/less.profile.link index 6a10fa3..f12e3b8 100644 --- a/config.dot/firejail/less.profile.link +++ b/config.dot/firejail/less.profile.link @@ -3,49 +3,52 @@ # This file is overwritten after every install/update quiet # Persistent local customizations -#include less.local +include less.local # Persistent global definitions -#include globals.local -# -#blacklist ${RUNUSER} -# -#noblacklist ${HOME}/.lesshst -# -#include disable-devel.inc -#include disable-exec.inc -#include disable-interpreters.inc -#include disable-passwdmgr.inc -# -#apparmor -#caps.drop all -#ipc-namespace -#machine-id -#net none -#no3d -#nodvd -#nonewprivs -##noroot -#nosound -#notv -#nou2f -#novideo -#protocol unix -#seccomp -#shell none -#tracelog -#x11 none -# -## The user can have a custom coloring script configured in ${HOME}/.lessfilter. -## Enable private-bin and private-lib if you are not using any filter. -## private-bin less -## private-lib -##private-cache -#private-dev -#writable-var-log -# -#dbus-user none -#dbus-system none -# -#memory-deny-write-execute -#read-only ${HOME} -#read-write ${HOME}/.lesshst +include globals.local + +blacklist ${RUNUSER} + +noblacklist ${HOME}/.lesshst + +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc + +apparmor +caps.drop all +ipc-namespace +machine-id +net none +no3d +nodvd +nonewprivs +#noroot +nosound +notv +nou2f +novideo +protocol unix +seccomp +shell none +tracelog +x11 none + +# The user can have a custom coloring script configured in ${HOME}/.lessfilter. +# Enable private-bin and private-lib if you are not using any filter. +# private-bin less +# private-lib +#private-cache +private-dev +writable-var-log + +ignore private-tmp +ignore private-cache + +dbus-user none +dbus-system none + +memory-deny-write-execute +read-only ${HOME} +read-write ${HOME}/.lesshst |