mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-21 06:45:29 -06:00
ec44e1d8ca
* add comment on intentional duplication of blacklisted kernel configuration * disable-proc.inc: update the duplication comment * disable-common.inc: add duplication notice for kernel configuration
82 lines
2 KiB
Text
82 lines
2 KiB
Text
# This file is overwritten during software install.
|
|
# Persistent customizations should go in a .local file.
|
|
include disable-proc.local
|
|
|
|
blacklist /proc/acpi
|
|
blacklist /proc/asound
|
|
blacklist /proc/bootconfig
|
|
blacklist /proc/buddyinfo
|
|
blacklist /proc/cgroups
|
|
blacklist /proc/cmdline
|
|
blacklist /proc/config.gz # keep this here even though it's also in disable-common.inc
|
|
blacklist /proc/consoles
|
|
#blacklist /proc/cpuinfo
|
|
blacklist /proc/crypto
|
|
blacklist /proc/devices
|
|
blacklist /proc/diskstats
|
|
blacklist /proc/dma
|
|
#blacklist /proc/driver
|
|
blacklist /proc/dynamic_debug
|
|
blacklist /proc/execdomains
|
|
blacklist /proc/fb
|
|
#blacklist /proc/filesystems
|
|
blacklist /proc/fs
|
|
blacklist /proc/i8k
|
|
blacklist /proc/interrupts
|
|
blacklist /proc/iomem
|
|
blacklist /proc/ioports
|
|
blacklist /proc/irq
|
|
blacklist /proc/kallsyms
|
|
blacklist /proc/kcore
|
|
blacklist /proc/keys
|
|
blacklist /proc/key-users
|
|
blacklist /proc/kmsg
|
|
blacklist /proc/kpagecgroup
|
|
blacklist /proc/kpagecount
|
|
blacklist /proc/kpageflags
|
|
blacklist /proc/latency_stats
|
|
#blacklist /proc/loadavg
|
|
blacklist /proc/locks
|
|
blacklist /proc/mdstat
|
|
#blacklist /proc/meminfo
|
|
blacklist /proc/misc
|
|
#blacklist /proc/modules
|
|
#blacklist /proc/mounts
|
|
blacklist /proc/mtrr
|
|
#blacklist /proc/net
|
|
blacklist /proc/partitions
|
|
blacklist /proc/pressure
|
|
blacklist /proc/sched_debug
|
|
blacklist /proc/schedstat
|
|
blacklist /proc/scsi
|
|
#blacklist /proc/self
|
|
blacklist /proc/slabinfo
|
|
blacklist /proc/softirqs
|
|
blacklist /proc/spl
|
|
#blacklist /proc/stat
|
|
blacklist /proc/swaps
|
|
#blacklist /proc/sys
|
|
blacklist /proc/sysrq-trigger
|
|
blacklist /proc/sysvipc
|
|
#blacklist /proc/thread-self
|
|
blacklist /proc/timer_list
|
|
blacklist /proc/tty
|
|
#blacklist /proc/uptime
|
|
#blacklist /proc/version
|
|
blacklist /proc/version_signature
|
|
blacklist /proc/vmallocinfo
|
|
#blacklist /proc/vmstat
|
|
#blacklist /proc/zoneinfo
|
|
|
|
blacklist /proc/sys/abi
|
|
blacklist /proc/sys/crypto
|
|
blacklist /proc/sys/debug
|
|
blacklist /proc/sys/dev
|
|
blacklist /proc/sys/fs
|
|
blacklist /proc/sys/net
|
|
blacklist /proc/sys/user
|
|
blacklist /proc/sys/vm
|
|
|
|
noblacklist /proc/sys/kernel/osrelease
|
|
noblacklist /proc/sys/kernel/yama
|
|
blacklist /proc/sys/*/*
|