Merge pull request #2025 from Bundy01/master

Creating the gradio profile and editing the geary profile

2 files changed, 42 insertions, 1 deletions

diff --git a/etc/geary.profile b/etc/geary.profile
index 5c01dec69..872d21fdd 100644
--- a/etc/geary.profile
+++ b/etc/geary.profile
@@ -14,12 +14,14 @@ noblacklist ${HOME}/.local/share/geary
 mkdir ${HOME}/.gnupg
 mkdir ${HOME}/.config/geary
 mkdir ${HOME}/.local/share/geary
+
 whitelist ${HOME}/.gnupg
 whitelist ${HOME}/.config/geary
 whitelist ${HOME}/.local/share/geary
+
 include /etc/firejail/whitelist-common.inc
 
-ignore dbus
+ignore nodbus
 ignore private-tmp
 
 read-only ${HOME}/.config/mimeapps.list
diff --git a/etc/gradio.profile b/etc/gradio.profile
new file mode 100644
index 000000000..1a7ff60ed
--- /dev/null
+++ b/etc/gradio.profile
@@ -0,0 +1,39 @@
+# Firejail profile for gradio
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/gradio.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+
+noblacklist ${HOME}/.local/share/gradio
+mkdir ${HOME}/.local/share/gradio
+whitelist ${HOME}/.local/share/gradio
+whitelist ${HOME}/.cache/gradio
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+
+include /etc/firejail/whitelist-common.inc
+include /etc/firejail/whitelist-var-common.inc
+
+caps.drop all
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+
+private-etc asound.conf,ca-certificates,fonts,host.conf,hostname,hosts,pulse,resolv.conf,ssl,pki,crypto-policies,gtk-3.0,xdg,machine-id
+private-tmp
+
+noexec ${HOME}
+noexec /tmp