Thanks for tackling this Daniel, On Fri, Sep 29, 2017 at 04:09:02PM -0400, Daniel Richard G. wrote: > alias /etc/chromium-browser/ -> /etc/chromium/, > alias /usr/bin/chromium-browser -> /usr/bin/chromium, > alias /usr/lib/chromium-browser/chromium-browser-sandbox -> > /usr/lib/chromium/chrome-sandbox, > alias /usr/lib/chromium-browser/chromium-browser -> > /usr/lib/chromium/chromium, > alias /usr/lib/chromium-browser/ -> /usr/lib/chromium/,
Be aware that use of alias rules can drastically affect compilation times
and generated policy sizes. Maybe these should be variables that could be
set as they are changed?
> # We need 'flags=(attach_disconnected)' in newer chromium versions
> /usr/lib/chromium-browser/chromium-browser flags=(attach_disconnected) {
Please consider using a shorter, friendlier, profile name:
profile chromium-browser /usr/lib/chromium-browser/chromium-browser
flags=(attach_disconnected) {
> capability sys_admin,
> capability sys_chroot,
> capability sys_ptrace,
I like sticking capabilities high in the profile, just after the #include
statements, so that they're more easily visible.
Thanks
signature.asc
Description: PGP signature
