214:51db59e68f0b
Anton Shestakov <av6@dwimlabs.net>, 2021-05-08
htoprc: new config

previous change 187:f88153952d07

fj/template.profile

Permissions: -rw-r--r--

Other formats: Feeds:
184
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include globals.local
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
187
187:f88153952d07 fj: more sensible blacklist template
Anton Shestakov <av6@dwimlabs.net>
previous changes: 186:d270044fbc78
line | diff
#noblacklist ${HOME}/.wine-template
184
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
# with >=llvm-4 mesa drivers need llvm stuff
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
noblacklist /usr/lib/llvm*
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include /etc/firejail/disable-common.inc
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include /etc/firejail/disable-devel.inc
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include /etc/firejail/disable-interpreters.inc
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include /etc/firejail/disable-passwdmgr.inc
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include /etc/firejail/disable-programs.inc
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
include /etc/firejail/disable-xdg.inc
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
187
187:f88153952d07 fj: more sensible blacklist template
Anton Shestakov <av6@dwimlabs.net>
previous changes: 186:d270044fbc78
line | diff
#mkdir ${HOME}/.wine-template
187:f88153952d07 fj: more sensible blacklist template
Anton Shestakov <av6@dwimlabs.net>
previous changes: 186:d270044fbc78
line | diff
#whitelist ${HOME}/.wine-template
187:f88153952d07 fj: more sensible blacklist template
Anton Shestakov <av6@dwimlabs.net>
previous changes: 186:d270044fbc78
line | diff
#include whitelist-common.inc
187:f88153952d07 fj: more sensible blacklist template
Anton Shestakov <av6@dwimlabs.net>
previous changes: 186:d270044fbc78
line | diff
184
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#apparmor
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
caps.drop all
186
186:d270044fbc78 fj: ipc-namespace in practice means no sound
Anton Shestakov <av6@dwimlabs.net>
previous changes: 185:8a11bbe68b67
line | diff
#ipc-namespace
184
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
machine-id
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
net none
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
netfilter template.net
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#no3d
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#nodbus
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
nodvd
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#nogroups
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
nonewprivs
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
noroot
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#nosound
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
notv
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
nou2f
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#novideo
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
protocol unix,netlink
185
185:8a11bbe68b67 fj: use more seccomp system call groups by default
Anton Shestakov <av6@dwimlabs.net>
previous changes: 184:5e3ee9d17ca9
line | diff
seccomp @module,@swap
184
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
shell none
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
tracelog
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
#x11 xorg
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
disable-mnt
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
private-dev
184:5e3ee9d17ca9 .bashrc: a script to set up sandbox using firejail to run random stuff
Anton Shestakov <av6@dwimlabs.net>
previous changes:
line | diff
private-tmp