Create desktop.profile

author: glitsj16 <glitsj16@users.noreply.github.com> 2018-10-11 07:41:52 +0000
committer: GitHub <noreply@github.com> 2018-10-11 07:41:52 +0000
commit: e76abca17e1b1d39932c35da1deaad857e3e203b (patch)
tree: c30da1aaf1fba0f38341df009ca73bb0dd9a1bfd /etc/desktop.profile
parent: merges (diff)
download: firejail-e76abca17e1b1d39932c35da1deaad857e3e203b.tar.gz
firejail-e76abca17e1b1d39932c35da1deaad857e3e203b.tar.zst
firejail-e76abca17e1b1d39932c35da1deaad857e3e203b.zip
1 files changed, 44 insertions, 0 deletions
diff --git a/etc/desktop.profile b/etc/desktop.profile
new file mode 100644
index 000000000..8bfa885a3
--- /dev/null
+++ b/etc/desktop.profile
@@ -0,0 +1,44 @@
+# Firejail profile for desktop
+# Description: Extend your GitHub workflow beyond your browser with GitHub Desktop
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/github-desktop.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+whitelist ${HOME}/.gitconfig
+whitelist ${HOME}/.config/GitHub Desktop
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/whitelist-common.inc
+caps.drop all
+netfilter
+# no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+disable-mnt
+# private-bin Atom,desktop
+# private-cache
+# private-dev
+# private-etc none
+# private-lib
+# private-tmp
+# memory-deny-write-execute
+# noexec ${HOME}
+# noexec /tmp
author	glitsj16 <glitsj16@users.noreply.github.com>	2018-10-11 07:41:52 +0000
committer	GitHub <noreply@github.com>	2018-10-11 07:41:52 +0000
commit	e76abca17e1b1d39932c35da1deaad857e3e203b (patch)
tree	c30da1aaf1fba0f38341df009ca73bb0dd9a1bfd /etc/desktop.profile
parent	merges (diff)
download	firejail-e76abca17e1b1d39932c35da1deaad857e3e203b.tar.gz firejail-e76abca17e1b1d39932c35da1deaad857e3e203b.tar.zst firejail-e76abca17e1b1d39932c35da1deaad857e3e203b.zip

diff --git a/etc/desktop.profile b/etc/desktop.profile new file mode 100644 index 000000000..8bfa885a3 --- /dev/null +++ b/etc/desktop.profile
@@ -0,0 +1,44 @@
	1	# Firejail profile for desktop
	2	# Description: Extend your GitHub workflow beyond your browser with GitHub Desktop
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include /etc/firejail/github-desktop.local
	6	# Persistent global definitions
	7	include /etc/firejail/globals.local
	8
	9	whitelist ${HOME}/.gitconfig
	10	whitelist ${HOME}/.config/GitHub Desktop
	11
	12	include /etc/firejail/disable-common.inc
	13	include /etc/firejail/disable-passwdmgr.inc
	14	include /etc/firejail/disable-programs.inc
	15	include /etc/firejail/disable-devel.inc
	16	include /etc/firejail/disable-interpreters.inc
	17
	18	include /etc/firejail/whitelist-common.inc
	19
	20	caps.drop all
	21	netfilter
	22	# no3d
	23	nodvd
	24	nogroups
	25	nonewprivs
	26	noroot
	27	nosound
	28	notv
	29	nou2f
	30	novideo
	31	protocol unix,inet,inet6,netlink
	32	seccomp
	33
	34	disable-mnt
	35	# private-bin Atom,desktop
	36	# private-cache
	37	# private-dev
	38	# private-etc none
	39	# private-lib
	40	# private-tmp
	41
	42	# memory-deny-write-execute
	43	# noexec ${HOME}
	44	# noexec /tmp