22 lines
379 B
Plaintext
22 lines
379 B
Plaintext
# cpio profile
|
|
# /sbin and /usr/sbin are visible inside the sandbox
|
|
# /boot is not visible and /var is heavily modified
|
|
quiet
|
|
noblacklist /sbin
|
|
noblacklist /usr/sbin
|
|
include /etc/firejail/disable-common.inc
|
|
include /etc/firejail/disable-programs.inc
|
|
include /etc/firejail/disable-passwdmgr.inc
|
|
|
|
private-dev
|
|
seccomp
|
|
caps.drop all
|
|
net none
|
|
shell none
|
|
tracelog
|
|
net none
|
|
nosound
|
|
|
|
|
|
|