diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2019-03-22 10:38:47 -0700 | 
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2019-03-22 10:38:47 -0700 | 
| commit | b9c2642a3c6ee0168096fe29f9843e2c16438f49 (patch) | |
| tree | 048bb78a6265caf6109ed939c364df1ac3076389 /linux/firejail/poi.profile | |
| parent | Fix PKGBUILD (diff) | |
| download | smolbote-b9c2642a3c6ee0168096fe29f9843e2c16438f49.tar.xz | |
Added firejail profile workarounds for amd cpu and/or ati graphics
Diffstat (limited to 'linux/firejail/poi.profile')
| -rw-r--r-- | linux/firejail/poi.profile | 5 | 
1 files changed, 4 insertions, 1 deletions
| diff --git a/linux/firejail/poi.profile b/linux/firejail/poi.profile index 5b8073d..a7d3005 100644 --- a/linux/firejail/poi.profile +++ b/linux/firejail/poi.profile @@ -70,15 +70,18 @@ protocol unix,inet,inet6,netlink  #seccomp  ## Use seccomp.drop for now as seccomp is broken with many programs.  seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@privileged,@raw-io,@reboot,@resources,@swap,ptrace +# QtWebEngine require chroot syscall on AMD CPUS and/or ATI Graphics for some bizarre reason +# Use the following seccomp.drop instead on such systems. +#seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@raw-io,@reboot,@resources,@swap,ptrace,mount,umount2,pivot_root  ## shell - Run the program directly, without a user shell.  # breaks secondary instances when using join-or-start after shell=none  #shell none  ## tracelog - Log all viloations to syslog. +# tracelog segfaults QtWebEngine on AMD CPUS and/or ATI Graphics for some bizarre reason  tracelog -  ## disable-mnt - Deny access to /mnt, /media, /run/mount, and /run/media  disable-mnt | 
