-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathappjail.conf
More file actions
35 lines (31 loc) · 1.16 KB
/
appjail.conf
File metadata and controls
35 lines (31 loc) · 1.16 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
[Permissions]
# PermitAllowNewPrivs: Boolean, default: false
#
# A user may only use the --allow-new-privs (-p) option if PermitAllowNewPrivs is
# set to true. Since the user has some choices manipulating the mounts inside
# the jail, allowing this option is a security risk, since badly written setuid
# helpers may perform undesired privileged actions.
#PermitAllowNewPrivs=0
# MaxTmpfsSize: Integer, default: none
#
# Maximum size in bytes for the tmpfs that appjail uses to store the jail's private
# home and temporary directories. If the number is followed by one of the suffixes
# K, M or G, it is interpreted as kilobytes, megabytes or gigabytes, respectively.
#
# If this option is omitted, then there is no size limit.
#
# Note that there is a minimum size for the tmpfs, usually 4KB.
MaxTmpfsSize=100M
[Defaults]
# PrivateNetwork: Boolean, default: false
#
# If this is set to true, then --private-network is used default.
#PrivateNetwork=0
# Run: user, host or private, default: private
#
# Determines the default for the --run (-R) option.
#Run=private
# RunMedia: boolean, default: false
#
# Determines the default for the --run-media/--no-run-media option
#RunMedia=0