diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-13 17:47:57 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-13 17:47:57 +0200 |
commit | 5f082480067e8bbdee7984a6869cc6b28aec14e4 (patch) | |
tree | a83fc5119c3dccb2ffd381e55fc7418908830913 | |
parent | OpenArena profile (diff) | |
download | firejail-5f082480067e8bbdee7984a6869cc6b28aec14e4.tar.gz firejail-5f082480067e8bbdee7984a6869cc6b28aec14e4.tar.zst firejail-5f082480067e8bbdee7984a6869cc6b28aec14e4.zip |
Create godot.profile
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 3 | ||||
-rw-r--r-- | etc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/godot.profile | 43 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 3 |
6 files changed, 52 insertions, 4 deletions
@@ -571,7 +571,7 @@ rusty-snake (https://github.com/rusty-snake) | |||
571 | - added profiles: kid3-qt, kid3-cli, anki, utox, mp3splt, mp3wrap | 571 | - added profiles: kid3-qt, kid3-cli, anki, utox, mp3splt, mp3wrap |
572 | - added profiles: oggsplt, flacsplt, cheese, inkview, mp3splt-gtk | 572 | - added profiles: oggsplt, flacsplt, cheese, inkview, mp3splt-gtk |
573 | - added profiles: ktouch, yelp, klatexformula, klatexformula_cmdl | 573 | - added profiles: ktouch, yelp, klatexformula, klatexformula_cmdl |
574 | - added profiles: pandoc | 574 | - added profiles: pandoc, gnome-sound-recorder, godot |
575 | - many profile fixing and hardening | 575 | - many profile fixing and hardening |
576 | - some typo fixes | 576 | - some typo fixes |
577 | - added profile templates | 577 | - added profile templates |
@@ -111,4 +111,4 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
111 | 111 | ||
112 | ## New profiles: | 112 | ## New profiles: |
113 | 113 | ||
114 | klatexformula, klatexformula_cmdl, links, pandoc, qgis, teams-for-linux, xlinks. OpenArena | 114 | klatexformula, klatexformula_cmdl, links, pandoc, qgis, teams-for-linux, xlinks OpenArena, gnome-sound-recorder, godot |
@@ -2,7 +2,8 @@ firejail (0.9.61) baseline; urgency=low | |||
2 | * work in progress | 2 | * work in progress |
3 | * profile templates | 3 | * profile templates |
4 | * new profiles: qgis, klatexformula, klatexformula_cmdl, links, xlinks | 4 | * new profiles: qgis, klatexformula, klatexformula_cmdl, links, xlinks |
5 | * new profiles: pandoc, teams-for-linux, OpenArena | 5 | * new profiles: pandoc, teams-for-linux, OpenArena, gnome-sound-recorder |
6 | * new profiles: godot | ||
6 | -- netblue30 <netblue30@yahoo.com> Sat, 1 Jun 2019 08:00:00 -0500 | 7 | -- netblue30 <netblue30@yahoo.com> Sat, 1 Jun 2019 08:00:00 -0500 |
7 | 8 | ||
8 | firejail (0.9.60) baseline; urgency=low | 9 | firejail (0.9.60) baseline; urgency=low |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7684aefff..356c8209c 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -179,6 +179,7 @@ blacklist ${HOME}/.config/git | |||
179 | blacklist ${HOME}/.config/globaltime | 179 | blacklist ${HOME}/.config/globaltime |
180 | blacklist ${HOME}/.config/gnome-mplayer | 180 | blacklist ${HOME}/.config/gnome-mplayer |
181 | blacklist ${HOME}/.config/gnome-mpv | 181 | blacklist ${HOME}/.config/gnome-mpv |
182 | blacklist ${HOME}/.config/godot | ||
182 | blacklist ${HOME}/.config/gnome-pie | 183 | blacklist ${HOME}/.config/gnome-pie |
183 | blacklist ${HOME}/.config/google-chrome | 184 | blacklist ${HOME}/.config/google-chrome |
184 | blacklist ${HOME}/.config/google-chrome-beta | 185 | blacklist ${HOME}/.config/google-chrome-beta |
@@ -492,6 +493,7 @@ blacklist ${HOME}/.local/share/gnome-photos | |||
492 | blacklist ${HOME}/.local/share/gnome-recipes | 493 | blacklist ${HOME}/.local/share/gnome-recipes |
493 | blacklist ${HOME}/.local/share/gnome-ring | 494 | blacklist ${HOME}/.local/share/gnome-ring |
494 | blacklist ${HOME}/.local/share/gnome-twitch | 495 | blacklist ${HOME}/.local/share/gnome-twitch |
496 | blacklist ${HOME}/.local/share/godot | ||
495 | blacklist ${HOME}/.local/share/gradio | 497 | blacklist ${HOME}/.local/share/gradio |
496 | blacklist ${HOME}/.local/share/gwenview | 498 | blacklist ${HOME}/.local/share/gwenview |
497 | blacklist ${HOME}/.local/share/kaffeine | 499 | blacklist ${HOME}/.local/share/kaffeine |
@@ -684,6 +686,7 @@ blacklist ${HOME}/.cache/fossamail | |||
684 | blacklist ${HOME}/.cache/freecol | 686 | blacklist ${HOME}/.cache/freecol |
685 | blacklist ${HOME}/.cache/gajim | 687 | blacklist ${HOME}/.cache/gajim |
686 | blacklist ${HOME}/.cache/geeqie | 688 | blacklist ${HOME}/.cache/geeqie |
689 | blacklist ${HOME}/.cache/godot | ||
687 | blacklist ${HOME}/.cache/google-chrome | 690 | blacklist ${HOME}/.cache/google-chrome |
688 | blacklist ${HOME}/.cache/google-chrome-beta | 691 | blacklist ${HOME}/.cache/google-chrome-beta |
689 | blacklist ${HOME}/.cache/google-chrome-unstable | 692 | blacklist ${HOME}/.cache/google-chrome-unstable |
diff --git a/etc/godot.profile b/etc/godot.profile new file mode 100644 index 000000000..596b825eb --- /dev/null +++ b/etc/godot.profile | |||
@@ -0,0 +1,43 @@ | |||
1 | # Firejail profile for godot | ||
2 | # Description: multi-platform 2D and 3D game engine with a feature-rich editor | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include godot.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.cache/godot | ||
10 | noblacklist ${HOME}/.config/godot | ||
11 | noblacklist ${HOME}/.local/share/godot | ||
12 | |||
13 | include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | ||
17 | include disable-passwdmgr.inc | ||
18 | include disable-programs.inc | ||
19 | include disable-xdg.inc | ||
20 | |||
21 | include whitelist-var-common.inc | ||
22 | |||
23 | caps.drop all | ||
24 | netfilter | ||
25 | nodbus | ||
26 | nodvd | ||
27 | nogroups | ||
28 | nonewprivs | ||
29 | noroot | ||
30 | notv | ||
31 | nou2f | ||
32 | novideo | ||
33 | protocol unix,inet,inet6,netlink | ||
34 | seccomp | ||
35 | shell none | ||
36 | tracelog | ||
37 | |||
38 | disable-mnt | ||
39 | private-bin godot | ||
40 | private-cache | ||
41 | private-dev | ||
42 | private-etc ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl,fonts,alsa,asound.conf,machine-id,openal,pulse,alternatives,drirc | ||
43 | private-tmp | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index ad8b99270..d1855d6f7 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -25,8 +25,8 @@ QOwnNotes | |||
25 | Telegram | 25 | Telegram |
26 | Viber | 26 | Viber |
27 | VirtualBox | 27 | VirtualBox |
28 | Xephyr | ||
29 | XMind | 28 | XMind |
29 | Xephyr | ||
30 | abrowser | 30 | abrowser |
31 | akonadi_control | 31 | akonadi_control |
32 | akregator | 32 | akregator |
@@ -248,6 +248,7 @@ gnome-schedule | |||
248 | gnome-system-log | 248 | gnome-system-log |
249 | gnome-twitch | 249 | gnome-twitch |
250 | gnome-weather | 250 | gnome-weather |
251 | godot | ||
251 | goobox | 252 | goobox |
252 | google-chrome | 253 | google-chrome |
253 | google-chrome-beta | 254 | google-chrome-beta |