aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Tad <tad@spotco.us>2018-04-21 21:12:47 -0400
committerLibravatar Tad <tad@spotco.us>2018-04-21 21:12:47 -0400
commit7e0f668bb2706f34dab0bbe8e2ce6785578ac1d4 (patch)
tree2ef9a4719a16d1566c9f90b566080c0e188538e0
parentCleanup clion.profile (diff)
downloadfirejail-7e0f668bb2706f34dab0bbe8e2ce6785578ac1d4.tar.gz
firejail-7e0f668bb2706f34dab0bbe8e2ce6785578ac1d4.tar.zst
firejail-7e0f668bb2706f34dab0bbe8e2ce6785578ac1d4.zip
Add a profile for ppsspp and scallion
Diffstat
-rw-r--r--README.md2
-rw-r--r--RELNOTES2
-rw-r--r--etc/disable-programs.inc1
-rw-r--r--etc/ppsspp.profile42
-rw-r--r--etc/scallion.profile42
-rw-r--r--src/firecfg/firecfg.config1
6 files changed, 88 insertions, 2 deletions
diff --git a/README.md b/README.md
index 7fca1e4b4..5c6b8d83d 100644
--- a/README.md
+++ b/README.md
@@ -369,4 +369,4 @@ tilp, vivaldi-snapshot, bitcoin-qt, VS Code, falkon, gnome-builder, lobase, asun
369gnome-recipes, akonadi_control, evince-previewer, evince-thumbnailer, blender-2.8, 369gnome-recipes, akonadi_control, evince-previewer, evince-thumbnailer, blender-2.8,
370thunderbird-beta, ncdu, gnome-logs, gcloud, musixmatch, gunzip, bunzip2, 370thunderbird-beta, ncdu, gnome-logs, gcloud, musixmatch, gunzip, bunzip2,
371enchant, enchant-2, enchant-lsmod, enchant-lsmod-2, Discord, 371enchant, enchant-2, enchant-lsmod, enchant-lsmod-2, Discord,
372acat, adiff, als, apack, arepack, aunpack profiles 372acat, adiff, als, apack, arepack, aunpack profiles, ppsspp, scallion
diff --git a/RELNOTES b/RELNOTES
index ef1f1323b..f48f0229c 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -42,7 +42,7 @@ firejail (0.9.53) baseline; urgency=low
42 * new profiles: blender-2.8, thunderbird-beta, ncdu, gnome-logs, gcloud 42 * new profiles: blender-2.8, thunderbird-beta, ncdu, gnome-logs, gcloud
43 * new profiles: musixmatch, gunzip, bunzip2, enchant-lsmod, enchant-lsmod-2 43 * new profiles: musixmatch, gunzip, bunzip2, enchant-lsmod, enchant-lsmod-2
44 * new profiles: enchant, enchant-2, Discord, acat, adiff, als, apack 44 * new profiles: enchant, enchant-2, Discord, acat, adiff, als, apack
45 * new profiles: arepack, aunpack profiles 45 * new profiles: arepack, aunpack profiles, ppsspp, scallion
46 46
47 -- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500 47 -- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500
48 48
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index b8c49b28a..d3dc87089 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -189,6 +189,7 @@ blacklist ${HOME}/.config/Pinta
189blacklist ${HOME}/.config/pitivi 189blacklist ${HOME}/.config/pitivi
190blacklist ${HOME}/.config/pix 190blacklist ${HOME}/.config/pix
191blacklist ${HOME}/.config/pluma 191blacklist ${HOME}/.config/pluma
192blacklist ${HOME}/.config/ppsspp
192blacklist ${HOME}/.config/psi+ 193blacklist ${HOME}/.config/psi+
193blacklist ${HOME}/.config/qBittorrent 194blacklist ${HOME}/.config/qBittorrent
194blacklist ${HOME}/.config/qBittorrentrc 195blacklist ${HOME}/.config/qBittorrentrc
diff --git a/etc/ppsspp.profile b/etc/ppsspp.profile
new file mode 100644
index 000000000..e19a7b42a
--- /dev/null
+++ b/etc/ppsspp.profile
@@ -0,0 +1,42 @@
1# Firejail profile for ppsspp
2# This file is overwritten after every install/update
3# Persistent local customizations
4include /etc/firejail/ppsspp.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7
8noblacklist ${HOME}/.config/ppsspp
9# with >=llvm-4 mesa drivers need llvm stuff
10noblacklist /usr/lib/llvm*
11
12include /etc/firejail/disable-common.inc
13include /etc/firejail/disable-devel.inc
14include /etc/firejail/disable-interpreters.inc
15include /etc/firejail/disable-passwdmgr.inc
16include /etc/firejail/disable-programs.inc
17
18include /etc/firejail/whitelist-var-common.inc
19
20caps.drop all
21ipc-namespace
22netfilter
23net none
24nodbus
25nodvd
26nogroups
27nonewprivs
28noroot
29notv
30novideo
31protocol unix,netlink
32seccomp
33shell none
34
35# private-dev is disabled to allow controller support
36#private-dev
37private-etc asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies
38private-opt ppsspp
39private-tmp
40
41noexec ${HOME}
42noexec /tmp
diff --git a/etc/scallion.profile b/etc/scallion.profile
new file mode 100644
index 000000000..645f0423c
--- /dev/null
+++ b/etc/scallion.profile
@@ -0,0 +1,42 @@
1# Firejail profile for scallion
2# This file is overwritten after every install/update
3quiet
4# Persistent local customizations
5include /etc/firejail/scallion.local
6# Persistent global definitions
7include /etc/firejail/globals.local
8
9noblacklist ${PATH}/llvm*
10noblacklist /usr/lib/llvm*
11noblacklist ${PATH}/openssl
12noblacklist ${PATH}/openssl-1.0
13
14include /etc/firejail/disable-common.inc
15include /etc/firejail/disable-interpreters.inc
16include /etc/firejail/disable-passwdmgr.inc
17include /etc/firejail/disable-programs.inc
18
19include /etc/firejail/whitelist-var-common.inc
20
21caps.drop all
22ipc-namespace
23net none
24nodbus
25nodvd
26nogroups
27nonewprivs
28noroot
29nosound
30notv
31novideo
32protocol unix
33seccomp
34shell none
35
36disable-mnt
37private
38private-dev
39private-tmp
40
41noexec ${HOME}
42noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index e34ac786c..e306a2e8d 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -306,6 +306,7 @@ pix
306playonlinux 306playonlinux
307pluma 307pluma
308polari 308polari
309ppsspp
309psi-plus 310psi-plus
310# pycharm-community - FB note: may enable later 311# pycharm-community - FB note: may enable later
311# pycharm-professional 312# pycharm-professional
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-18 16:39:30 +0000