Merge pull request #2171 from glitsj16/desktop

New profile desktop (a.k.a. github-desktop)
author: netblue30 <netblue30@yahoo.com> 2018-10-11 08:36:06 -0500
committer: GitHub <noreply@github.com> 2018-10-11 08:36:06 -0500
commit: 418e61fc142205347dbfb84e519ba0b656a51903 (patch)
tree: 786b0a358c83c75290fe01b077312ffc69a1a7ba /etc/desktop.profile
parent: Merge pull request #2170 from glitsj16/easystroke (diff)
parent: Update for desktop (a.k.a. github-desktop) (diff)
download: firejail-418e61fc142205347dbfb84e519ba0b656a51903.tar.gz
firejail-418e61fc142205347dbfb84e519ba0b656a51903.tar.zst
firejail-418e61fc142205347dbfb84e519ba0b656a51903.zip
1 files changed, 44 insertions, 0 deletions
diff --git a/etc/desktop.profile b/etc/desktop.profile
new file mode 100644
index 000000000..8bfa885a3
--- /dev/null
+++ b/etc/desktop.profile
@@ -0,0 +1,44 @@
+# Firejail profile for desktop
+# Description: Extend your GitHub workflow beyond your browser with GitHub Desktop
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/github-desktop.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+whitelist ${HOME}/.gitconfig
+whitelist ${HOME}/.config/GitHub Desktop
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/whitelist-common.inc
+caps.drop all
+netfilter
+# no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+disable-mnt
+# private-bin Atom,desktop
+# private-cache
+# private-dev
+# private-etc none
+# private-lib
+# private-tmp
+# memory-deny-write-execute
+# noexec ${HOME}
+# noexec /tmp
author	netblue30 <netblue30@yahoo.com>	2018-10-11 08:36:06 -0500
committer	GitHub <noreply@github.com>	2018-10-11 08:36:06 -0500
commit	418e61fc142205347dbfb84e519ba0b656a51903 (patch)
tree	786b0a358c83c75290fe01b077312ffc69a1a7ba /etc/desktop.profile
parent	Merge pull request #2170 from glitsj16/easystroke (diff)
parent	Update for desktop (a.k.a. github-desktop) (diff)
download	firejail-418e61fc142205347dbfb84e519ba0b656a51903.tar.gz firejail-418e61fc142205347dbfb84e519ba0b656a51903.tar.zst firejail-418e61fc142205347dbfb84e519ba0b656a51903.zip

diff --git a/etc/desktop.profile b/etc/desktop.profile new file mode 100644 index 000000000..8bfa885a3 --- /dev/null +++ b/etc/desktop.profile
@@ -0,0 +1,44 @@
	1	# Firejail profile for desktop
	2	# Description: Extend your GitHub workflow beyond your browser with GitHub Desktop
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include /etc/firejail/github-desktop.local
	6	# Persistent global definitions
	7	include /etc/firejail/globals.local
	8
	9	whitelist ${HOME}/.gitconfig
	10	whitelist ${HOME}/.config/GitHub Desktop
	11
	12	include /etc/firejail/disable-common.inc
	13	include /etc/firejail/disable-passwdmgr.inc
	14	include /etc/firejail/disable-programs.inc
	15	include /etc/firejail/disable-devel.inc
	16	include /etc/firejail/disable-interpreters.inc
	17
	18	include /etc/firejail/whitelist-common.inc
	19
	20	caps.drop all
	21	netfilter
	22	# no3d
	23	nodvd
	24	nogroups
	25	nonewprivs
	26	noroot
	27	nosound
	28	notv
	29	nou2f
	30	novideo
	31	protocol unix,inet,inet6,netlink
	32	seccomp
	33
	34	disable-mnt
	35	# private-bin Atom,desktop
	36	# private-cache
	37	# private-dev
	38	# private-etc none
	39	# private-lib
	40	# private-tmp
	41
	42	# memory-deny-write-execute
	43	# noexec ${HOME}
	44	# noexec /tmp