mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-16 14:16:16 -06:00
merges, disable sort.py in profile checks temporarely, two more private-etc profiles
This commit is contained in:
netblue30
parent
ff5539bf8b
commit
df6ea884f1
5 changed files with 9 additions and 3 deletions
4
.github/workflows/profile-checks.yml
vendored
4
.github/workflows/profile-checks.yml
vendored
|
|
@ -34,8 +34,8 @@ jobs:
|
|||
github.com:443
|
||||
|
||||
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
|
||||
- name: sort.py
|
||||
run: ./ci/check/profiles/sort.py etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile
|
||||
# - name: sort.py
|
||||
# run: ./ci/check/profiles/sort.py etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile
|
||||
# Currently broken (see #5610)
|
||||
# - name: private-etc-always-required.sh
|
||||
# run: ./ci/check/profiles/private-etc-always-required.sh etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile
|
||||
|
|
|
|||
3
README
3
README
|
|
@ -774,6 +774,8 @@ Neo00001 (https://github.com/Neo00001)
|
|||
- update telegram profile
|
||||
- add spectacle profile
|
||||
- add kdiff3 profile
|
||||
netcarver (https://github.com/netcarver)
|
||||
- prevent access to LUKS keyfile
|
||||
NetSysFire (https://github.com/NetSysFire)
|
||||
- update weechat profile
|
||||
- update megaglest profile
|
||||
|
|
@ -996,6 +998,7 @@ slowpeek (https://github.com/slowpeek)
|
|||
- allow access to avahi-daemon in apparmor/firejail-default
|
||||
- make appimage examples consistent with --appimage option short description
|
||||
- blacklist google-drive-ocamlfuse config
|
||||
- blacklist sendgmail config
|
||||
smitsohu (https://github.com/smitsohu)
|
||||
- read-only kde4 services directory
|
||||
- enhanced mediathekview profile
|
||||
|
|
|
|||
|
|
@ -37,6 +37,7 @@ tracelog
|
|||
|
||||
private-bin dosbox
|
||||
private-dev
|
||||
private-etc @games
|
||||
private-tmp
|
||||
|
||||
dbus-user none
|
||||
|
|
|
|||
|
|
@ -49,6 +49,7 @@ private-bin etr
|
|||
private-cache
|
||||
private-dev
|
||||
# private-etc alternatives,drirc,machine-id,openal,passwd
|
||||
private-etc @games,@x11
|
||||
private-tmp
|
||||
|
||||
dbus-user none
|
||||
|
|
|
|||
|
|
@ -75,7 +75,8 @@ static char *etc_group_sound[] = {
|
|||
static char *etc_group_tls_ca[] = {
|
||||
"ca-certificates",
|
||||
"crypto-policies",
|
||||
"gcrypt", // GNU crypto library (GPG)
|
||||
"gcrypt", // GNU crypto library - contains hardware config for various encryption schemes
|
||||
// and random number generators. The file is not installed by Debian.
|
||||
"pki",
|
||||
"ssl",
|
||||
NULL
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue