diff options
-rw-r--r-- | linux/firejail/poi.profile | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/linux/firejail/poi.profile b/linux/firejail/poi.profile index 5b8073d..a7d3005 100644 --- a/linux/firejail/poi.profile +++ b/linux/firejail/poi.profile @@ -70,15 +70,18 @@ protocol unix,inet,inet6,netlink #seccomp ## Use seccomp.drop for now as seccomp is broken with many programs. seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@privileged,@raw-io,@reboot,@resources,@swap,ptrace +# QtWebEngine require chroot syscall on AMD CPUS and/or ATI Graphics for some bizarre reason +# Use the following seccomp.drop instead on such systems. +#seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@raw-io,@reboot,@resources,@swap,ptrace,mount,umount2,pivot_root ## shell - Run the program directly, without a user shell. # breaks secondary instances when using join-or-start after shell=none #shell none ## tracelog - Log all viloations to syslog. +# tracelog segfaults QtWebEngine on AMD CPUS and/or ATI Graphics for some bizarre reason tracelog - ## disable-mnt - Deny access to /mnt, /media, /run/mount, and /run/media disable-mnt |