fix spelling, add tag noqbackup

2024-10-01 06:35:42 -04:00 · 2019-08-13 15:55:13 -04:00 · 2019-08-13 15:55:13 -04:00 · 700016197e
commit 700016197e
parent 876491ceee
5 changed files with 9 additions and 6 deletions
--- a/README.md
+++ b/README.md
@ -78,10 +78,11 @@ Examples where -root should *not* be enabled:
 ### Example configs
-Some usefull configurations have been supplied in /etc/default/vms:
+Some useful configurations have been supplied in /etc/default/vms:
  * vm-boot-tag-network: Contains a whitelist for Network Manager connections and the module blacklist which is often used with network interfaces in Qubes. By default, this config also activates for any VM named 'sys-net'.
-  * vm-boot-tag-qhome: Quarrantines /home in addition to the /rw system dirs. Useful for 'sys-usb' and DispVM-like functionality.
+  * vm-boot-tag-qhome: Quarantines /home in addition to the /rw system dirs. Useful for 'sys-usb' and DispVM-like functionality.
  * vm-boot-tag-noqbackup: Deletes all quarantined files that are not whitelisted.
  * vm-boot-tag-ibrowse: Preserves Firefox bookmarks while quarantining the rest of /home folder. (To preserve pre-existing bookmarks, existing Firefox profile folder must be renamed to "profile.default" before activating this tag.)
@ -95,7 +96,7 @@ Some usefull configurations have been supplied in /etc/default/vms:
 ### Notes
-   * The /rw/home directory can be added to `privdirs` so it is quarrantined much like the other /rw dirs. The easiest way to configure this is to define `privdirs_add=/rw/home` in an rc file; see 'qhome.rc' for an exmaple.
+   * The /rw/home directory can be added to `privdirs` so it is quarantined much like the other /rw dirs. The easiest way to configure this is to define `privdirs_add=/rw/home` in an rc file; see 'qhome.rc' for an exmaple.
   * A bug in v0.8.4 will erase anything in '/etc/default/vms' when booting into the template. For proper
   future operation with sys-net or other VMs you may have customized in that path, updating Qubes-VM-hardening
@ -118,5 +119,3 @@ Some usefull configurations have been supplied in /etc/default/vms:
   - v0.8.2  Working rescue shell. Add sys-net whitelist, sudo config, fixes.
   - v0.8.0  Adds protection to /rw, file SHA checksums, whitelists, deployment
   - v0.2.0  Protects /home/user files and dirs
--- a/default/vms/@tags/ibrowse.rc
+++ b/default/vms/@tags/ibrowse.rc
@ -1 +1,2 @@
 # Browser-focused config that saves only bookmarks, starts with /home quarantine
 privdirs_add="/rw/home"
--- a/default/vms/@tags/noqbackup.rc
+++ b/default/vms/@tags/noqbackup.rc
@ -0,0 +1,2 @@
 # Removes any files that were quarantined under /rw/vm-boot-protect/
 save_backup=0
--- a/default/vms/@tags/qhome.rc
+++ b/default/vms/@tags/qhome.rc
@ -1 +1,2 @@
 # Quarantine entire /home directory
 privdirs_add="/rw/home"
--- a/vm-boot-protect.sh
+++ b/vm-boot-protect.sh
@ -41,7 +41,7 @@ chdirs=${chdirs:-"bin .local/bin .config/autostart .config/plasma-workspace/env
 .config/plasma-workspace/shutdown .config/autostart-scripts .config/systemd"}
 chdirs_add=${chdirs_add:-""}
-# Define dirs to apply quarrantine / whitelists
+# Define dirs to apply quarantine / whitelists
 privdirs=${privdirs:-"/rw/config /rw/usrlocal /rw/bind-dirs"}
 privdirs_add=${privdirs_add:-""}
 save_backup=${save_backup:-1}
`@ -1 +1,2 @@`
		`# Browser-focused config that saves only bookmarks, starts with /home quarantine`
	`privdirs_add="/rw/home"`	`privdirs_add="/rw/home"`
		`@ -0,0 +1,2 @@`
							`# Removes any files that were quarantined under /rw/vm-boot-protect/`
							`save_backup=0`
`@ -1 +1,2 @@`
		`# Quarantine entire /home directory`
	`privdirs_add="/rw/home"`	`privdirs_add="/rw/home"`