aboutsummaryrefslogtreecommitdiff
path: root/linux/firejail/poi.profile
diff options
context:
space:
mode:
Diffstat (limited to 'linux/firejail/poi.profile')
-rw-r--r--linux/firejail/poi.profile5
1 files changed, 4 insertions, 1 deletions
diff --git a/linux/firejail/poi.profile b/linux/firejail/poi.profile
index 5b8073d..a7d3005 100644
--- a/linux/firejail/poi.profile
+++ b/linux/firejail/poi.profile
@@ -70,15 +70,18 @@ protocol unix,inet,inet6,netlink
#seccomp
## Use seccomp.drop for now as seccomp is broken with many programs.
seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@privileged,@raw-io,@reboot,@resources,@swap,ptrace
+# QtWebEngine require chroot syscall on AMD CPUS and/or ATI Graphics for some bizarre reason
+# Use the following seccomp.drop instead on such systems.
+#seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@raw-io,@reboot,@resources,@swap,ptrace,mount,umount2,pivot_root
## shell - Run the program directly, without a user shell.
# breaks secondary instances when using join-or-start after shell=none
#shell none
## tracelog - Log all viloations to syslog.
+# tracelog segfaults QtWebEngine on AMD CPUS and/or ATI Graphics for some bizarre reason
tracelog
-
## disable-mnt - Deny access to /mnt, /media, /run/mount, and /run/media
disable-mnt
generated by cgit v1.2.1 (git 2.18.0) at 2024-05-17 07:11:36 +0000