diff options
author | netblue30 <netblue30@yahoo.com> | 2016-03-03 08:37:26 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-03-03 08:37:26 -0500 |
commit | d738c4b9a7c32ddbc263a27faa7774febe4eaa2d (patch) | |
tree | 4aadfd64182cd28676e5f850f8daffe9d80b7a19 | |
parent | debugging (diff) | |
parent | add hedgewars profile (whitelist) (diff) | |
download | firejail-d738c4b9a7c32ddbc263a27faa7774febe4eaa2d.tar.gz firejail-d738c4b9a7c32ddbc263a27faa7774febe4eaa2d.tar.zst firejail-d738c4b9a7c32ddbc263a27faa7774febe4eaa2d.zip |
Merge pull request #346 from vn971/master
add hedgewars profile (whitelist)
-rw-r--r-- | Makefile.in | 1 | ||||
-rw-r--r-- | README | 1 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | etc/hedgewars.profile | 17 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 |
5 files changed, 21 insertions, 1 deletions
diff --git a/Makefile.in b/Makefile.in index 0f5e2344d..561dea897 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -142,6 +142,7 @@ realinstall: | |||
142 | install -c -m 0644 .etc/lxterminal.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 142 | install -c -m 0644 .etc/lxterminal.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
143 | install -c -m 0644 .etc/cherrytree.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 143 | install -c -m 0644 .etc/cherrytree.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
144 | install -c -m 0644 .etc/wesnoth.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 144 | install -c -m 0644 .etc/wesnoth.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
145 | install -c -m 0644 .etc/hedgewars.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
145 | install -c -m 0644 .etc/vivaldi.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 146 | install -c -m 0644 .etc/vivaldi.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
146 | install -c -m 0644 .etc/vivaldi-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 147 | install -c -m 0644 .etc/vivaldi-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
147 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 148 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
@@ -25,6 +25,7 @@ yumkam (https://github.com/yumkam) | |||
25 | - man page fixes | 25 | - man page fixes |
26 | Vasya Novikov (https://github.com/vn971) | 26 | Vasya Novikov (https://github.com/vn971) |
27 | - Wesnoth profile | 27 | - Wesnoth profile |
28 | - Hedegewars profile | ||
28 | - manpage fixes | 29 | - manpage fixes |
29 | mahdi1234 (https://github.com/mahdi1234) | 30 | mahdi1234 (https://github.com/mahdi1234) |
30 | - cherrytree profile | 31 | - cherrytree profile |
@@ -113,4 +113,4 @@ $ man firejail-profile | |||
113 | 113 | ||
114 | ## New security profiles | 114 | ## New security profiles |
115 | 115 | ||
116 | lxterminal, Epiphany, cherrytree, Battle for Wesnoth | 116 | lxterminal, Epiphany, cherrytree, Battle for Wesnoth, Hedgewars |
diff --git a/etc/hedgewars.profile b/etc/hedgewars.profile new file mode 100644 index 000000000..03a376e2f --- /dev/null +++ b/etc/hedgewars.profile | |||
@@ -0,0 +1,17 @@ | |||
1 | # whitelist profile for Hedgewars (game) | ||
2 | |||
3 | include /etc/firejail/disable-common.inc | ||
4 | include /etc/firejail/disable-devel.inc | ||
5 | include /etc/firejail/disable-mgmt.inc | ||
6 | include /etc/firejail/disable-secret.inc | ||
7 | include /etc/firejail/disable-terminals.inc | ||
8 | |||
9 | caps.drop all | ||
10 | noroot | ||
11 | private-dev | ||
12 | whitelist /tmp/.X11-unix | ||
13 | seccomp | ||
14 | tracelog | ||
15 | |||
16 | mkdir ~/.hedgewars | ||
17 | whitelist ~/.hedgewars | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index d8b3dadb8..7c5cba882 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -68,5 +68,6 @@ | |||
68 | /etc/firejail/lxterminal.profile | 68 | /etc/firejail/lxterminal.profile |
69 | /etc/firejail/cherrytree.profile | 69 | /etc/firejail/cherrytree.profile |
70 | /etc/firejail/wesnoth.profile | 70 | /etc/firejail/wesnoth.profile |
71 | /etc/firejail/hedgewars.profile | ||
71 | /etc/firejail/vivaldi.profile | 72 | /etc/firejail/vivaldi.profile |
72 | /etc/firejail/vivaldi-beta.profile | 73 | /etc/firejail/vivaldi-beta.profile |