Aisleriot fixes + add profile for FeedReader

author: Tad <tad@spotco.us> 2018-11-22 13:50:48 -0500
committer: Tad <tad@spotco.us> 2018-11-22 13:50:48 -0500
commit: cc898c19023a9aea92bc7e863f8fd46600d27598 (patch)
tree: 8dcaab722a48b4fe44ddd2b4e7f9c02116d528b0 /etc/feedreader.profile
parent: playonlinux.profile: allow python (diff)
download: firejail-cc898c19023a9aea92bc7e863f8fd46600d27598.tar.gz
firejail-cc898c19023a9aea92bc7e863f8fd46600d27598.tar.zst
firejail-cc898c19023a9aea92bc7e863f8fd46600d27598.zip
1 files changed, 45 insertions, 0 deletions
diff --git a/etc/feedreader.profile b/etc/feedreader.profile
new file mode 100644
index 000000000..44ed475bc
--- /dev/null
+++ b/etc/feedreader.profile
@@ -0,0 +1,45 @@
+# Firejail profile for feedreader
+# Description: RSS client
+# This file is overwritten after every install/update
+# Persistent local customizations
+include feedreader.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.cache/feedreader
+noblacklist ${HOME}/.local/share/feedreader
+include disable-common.inc
+include disable-devel.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+mkdir ${HOME}/.cache/feedreader
+mkdir ${HOME}/.local/share/feedreader
+whitelist ${HOME}/.cache/feedreader
+whitelist ${HOME}/.local/share/feedreader
+include whitelist-common.inc
+include whitelist-var-common.inc
+caps.drop all
+netfilter
+# no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+# nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+disable-mnt
+private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
author	Tad <tad@spotco.us>	2018-11-22 13:50:48 -0500
committer	Tad <tad@spotco.us>	2018-11-22 13:50:48 -0500
commit	cc898c19023a9aea92bc7e863f8fd46600d27598 (patch)
tree	8dcaab722a48b4fe44ddd2b4e7f9c02116d528b0 /etc/feedreader.profile
parent	playonlinux.profile: allow python (diff)
download	firejail-cc898c19023a9aea92bc7e863f8fd46600d27598.tar.gz firejail-cc898c19023a9aea92bc7e863f8fd46600d27598.tar.zst firejail-cc898c19023a9aea92bc7e863f8fd46600d27598.zip

diff --git a/etc/feedreader.profile b/etc/feedreader.profile new file mode 100644 index 000000000..44ed475bc --- /dev/null +++ b/etc/feedreader.profile
@@ -0,0 +1,45 @@
	1	# Firejail profile for feedreader
	2	# Description: RSS client
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include feedreader.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${HOME}/.cache/feedreader
	10	noblacklist ${HOME}/.local/share/feedreader
	11
	12	include disable-common.inc
	13	include disable-devel.inc
	14	include disable-interpreters.inc
	15	include disable-passwdmgr.inc
	16	include disable-programs.inc
	17
	18	mkdir ${HOME}/.cache/feedreader
	19	mkdir ${HOME}/.local/share/feedreader
	20	whitelist ${HOME}/.cache/feedreader
	21	whitelist ${HOME}/.local/share/feedreader
	22	include whitelist-common.inc
	23	include whitelist-var-common.inc
	24
	25	caps.drop all
	26	netfilter
	27	# no3d
	28	nodvd
	29	nogroups
	30	nonewprivs
	31	noroot
	32	# nosound
	33	notv
	34	nou2f
	35	novideo
	36	protocol unix,inet,inet6
	37	seccomp
	38	shell none
	39
	40	disable-mnt
	41	private-dev
	42	private-tmp
	43
	44	noexec ${HOME}
	45	noexec /tmp