Merge pull request #1436 from SpotComms/gt

Add a profile for Gnome Twitch

2 files changed, 37 insertions, 0 deletions

diff --git a/etc/gnome-twitch.profile b/etc/gnome-twitch.profile
new file mode 100644
index 000000000..7c215df5d
--- /dev/null
+++ b/etc/gnome-twitch.profile
@@ -0,0 +1,36 @@
+# Persistent global definitions go here
+include /etc/firejail/globals.local
+
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/gnome-twitch.local
+
+# Firejail profile for Gnome Twitch
+noblacklist ${HOME}/.cache/gnome-twitch
+noblacklist ${HOME}/.local/share/gnome-twitch
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+
+mkdir ${HOME}/.cache/gnome-twitch
+whitelist ${HOME}/.cache/gnome-twitch
+mkdir ${HOME}/.local/share/gnome-twitch
+whitelist ${HOME}/.local/share/gnome-twitch
+include /etc/firejail/whitelist-common.inc
+
+caps.drop all
+nogroups
+nonewprivs
+noroot
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+
+private-dev
+private-tmp
+
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 410e12e46..2d2c48b23 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -104,6 +104,7 @@ gnome-maps
 gnome-mplayer
 gnome-music
 gnome-photos
+gnome-twitch
 gnome-weather
 goobox
 google-chrome