diff options
author | curiosity-seeker <seeker@posteo.org> | 2016-12-15 12:58:32 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-12-15 12:58:32 +0100 |
commit | d8ee390a6ca56fde4baad57dea7572c39d595809 (patch) | |
tree | 255252b15232086e6f65203cda676859ab4117a0 /etc/0ad.profile | |
parent | Update quiterss.profile (diff) | |
parent | added a 1 second delay after xpra server is started (diff) | |
download | firejail-d8ee390a6ca56fde4baad57dea7572c39d595809.tar.gz firejail-d8ee390a6ca56fde4baad57dea7572c39d595809.tar.zst firejail-d8ee390a6ca56fde4baad57dea7572c39d595809.zip |
Merge pull request #1 from netblue30/master
Bring fork up-to-date
Diffstat (limited to 'etc/0ad.profile')
-rw-r--r-- | etc/0ad.profile | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/etc/0ad.profile b/etc/0ad.profile index f8a3ce23d..1e7c06879 100644 --- a/etc/0ad.profile +++ b/etc/0ad.profile | |||
@@ -1,30 +1,31 @@ | |||
1 | # Firejail profile for 0ad. | 1 | # Firejail profile for 0ad. |
2 | noblacklist ~/.cache/0ad | ||
2 | noblacklist ~/.config/0ad | 3 | noblacklist ~/.config/0ad |
4 | noblacklist ~/.local/share/0ad | ||
3 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
4 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
5 | include /etc/firejail/disable-passwdmgr.inc | 7 | include /etc/firejail/disable-passwdmgr.inc |
6 | include /etc/firejail/disable-programs.inc | 8 | include /etc/firejail/disable-programs.inc |
7 | 9 | ||
8 | # Call these options | ||
9 | caps.drop all | ||
10 | seccomp | ||
11 | protocol unix,inet,inet6,netlink | ||
12 | netfilter | ||
13 | tracelog | ||
14 | noroot | ||
15 | |||
16 | # Whitelists | 10 | # Whitelists |
17 | noblacklist ~/.cache/0ad | ||
18 | mkdir ~/.cache | ||
19 | mkdir ~/.cache/0ad | 11 | mkdir ~/.cache/0ad |
20 | whitelist ~/.cache/0ad | 12 | whitelist ~/.cache/0ad |
21 | 13 | ||
22 | mkdir ~/.config | ||
23 | mkdir ~/.config/0ad | 14 | mkdir ~/.config/0ad |
24 | whitelist ~/.config/0ad | 15 | whitelist ~/.config/0ad |
25 | 16 | ||
26 | noblacklist ~/.local/share/0ad | ||
27 | mkdir ~/.local | ||
28 | mkdir ~/.local/share | ||
29 | mkdir ~/.local/share/0ad | 17 | mkdir ~/.local/share/0ad |
30 | whitelist ~/.local/share/0ad | 18 | whitelist ~/.local/share/0ad |
19 | |||
20 | caps.drop all | ||
21 | netfilter | ||
22 | nogroups | ||
23 | nonewprivs | ||
24 | noroot | ||
25 | protocol unix,inet,inet6 | ||
26 | seccomp | ||
27 | shell none | ||
28 | tracelog | ||
29 | |||
30 | private-dev | ||
31 | private-tmp | ||