diff options
author | Lockdis <45907176+Lockdis@users.noreply.github.com> | 2019-01-24 18:59:08 +0100 |
---|---|---|
committer | Lockdis <45907176+Lockdis@users.noreply.github.com> | 2019-01-24 18:59:08 +0100 |
commit | 8c8a62f238feba0151f780d8a788b1f01aa33b42 (patch) | |
tree | 53a9aebe33fe1404ab392f9d5628ad99b29e8e5b /etc/crow.profile | |
parent | add crow (diff) | |
download | firejail-8c8a62f238feba0151f780d8a788b1f01aa33b42.tar.gz firejail-8c8a62f238feba0151f780d8a788b1f01aa33b42.tar.zst firejail-8c8a62f238feba0151f780d8a788b1f01aa33b42.zip |
Update nyx.profile, crow.profile
Diffstat (limited to 'etc/crow.profile')
-rw-r--r-- | etc/crow.profile | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/etc/crow.profile b/etc/crow.profile index 14145ffea..a8a00f596 100644 --- a/etc/crow.profile +++ b/etc/crow.profile | |||
@@ -1,16 +1,13 @@ | |||
1 | # Firejail profile for crow | 1 | # Firejail profile for crow |
2 | # Description: A translator that allows to translate and say selected text using Google, Yandex and Bing translate API | ||
2 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | 4 | # Persistent local customizations |
4 | include crow.local | 5 | include crow.local |
5 | # Persistent global definitions | 6 | # Persistent global definitions |
6 | include globals.local | 7 | include globals.local |
7 | 8 | ||
8 | noblacklist ${HOME}/.config/crow | ||
9 | noblacklist ${HOME}/.cache/gstreamer-1.0 | ||
10 | |||
11 | mkdir ${HOME}/.config/crow | 9 | mkdir ${HOME}/.config/crow |
12 | mkdir ${HOME}/.cache/gstreamer-1.0 | 10 | mkdir ${HOME}/.cache/gstreamer-1.0 |
13 | |||
14 | whitelist ${HOME}/.config/crow | 11 | whitelist ${HOME}/.config/crow |
15 | whitelist ${HOME}/.cache/gstreamer-1.0 | 12 | whitelist ${HOME}/.cache/gstreamer-1.0 |
16 | 13 | ||
@@ -23,35 +20,28 @@ include disable-xdg.inc | |||
23 | 20 | ||
24 | include whitelist-common.inc | 21 | include whitelist-common.inc |
25 | 22 | ||
26 | # apparmor | ||
27 | caps.drop all | 23 | caps.drop all |
28 | # ipc-namespace | 24 | ipc-namespace |
29 | netfilter | 25 | netfilter |
30 | no3d | 26 | no3d |
31 | nodbus | ||
32 | nodvd | 27 | nodvd |
33 | nogroups | 28 | nogroups |
34 | nonewprivs | 29 | nonewprivs |
35 | noroot | 30 | noroot |
36 | # nosound | ||
37 | notv | 31 | notv |
38 | nou2f | 32 | nou2f |
39 | novideo | 33 | novideo |
40 | protocol unix,inet,inet6,netlink | 34 | protocol unix,inet,inet6,netlink |
41 | seccomp | 35 | seccomp |
42 | shell none | 36 | shell none |
43 | # tracelog | ||
44 | 37 | ||
45 | disable-mnt | 38 | disable-mnt |
46 | private-bin crow | 39 | private-bin crow |
47 | # private-cache | ||
48 | private-dev | 40 | private-dev |
49 | private-etc ca-certificates,ssl,machine-id,dconf,nsswitch.conf,resolv.conf,fonts,asound.conf,pulse,pki,crypto-policies | 41 | private-etc ca-certificates,ssl,machine-id,dconf,nsswitch.conf,resolv.conf,fonts,asound.conf,pulse,pki,crypto-policies |
50 | # private-lib | ||
51 | private-opt none | 42 | private-opt none |
52 | private-tmp | 43 | private-tmp |
53 | private-srv none | 44 | private-srv none |
54 | 45 | ||
55 | # memory-deny-write-execute | ||
56 | noexec ${HOME} | 46 | noexec ${HOME} |
57 | noexec /tmp | 47 | noexec /tmp |