diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-07-10 00:00:11 +1000 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2016-07-10 00:00:11 +1000 |
commit | 2e1b94c4251e6a841672f3df96e3d503d380ef1b (patch) | |
tree | c9bde903608cc92747ebe53fa5a7dae4f3db435e /etc/gpredict.profile | |
parent | cleanup (diff) | |
download | firejail-2e1b94c4251e6a841672f3df96e3d503d380ef1b.tar.gz firejail-2e1b94c4251e6a841672f3df96e3d503d380ef1b.tar.zst firejail-2e1b94c4251e6a841672f3df96e3d503d380ef1b.zip |
private-bin conversion
Diffstat (limited to 'etc/gpredict.profile')
-rw-r--r-- | etc/gpredict.profile | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/etc/gpredict.profile b/etc/gpredict.profile index ba9fce37b..02bb4d24d 100644 --- a/etc/gpredict.profile +++ b/etc/gpredict.profile | |||
@@ -1,24 +1,25 @@ | |||
1 | # Firejail profile for gpredict. | 1 | # Firejail profile for gpredict. |
2 | |||
3 | # Noblacklist | ||
4 | noblacklist ~/.config/Gpredict | 2 | noblacklist ~/.config/Gpredict |
5 | |||
6 | # Include | ||
7 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-devel.inc | 4 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-passwdmgr.inc | 5 | include /etc/firejail/disable-passwdmgr.inc |
10 | include /etc/firejail/disable-programs.inc | 6 | include /etc/firejail/disable-programs.inc |
11 | 7 | ||
12 | # Call these options | 8 | # Whitelist |
9 | mkdir ~/.config | ||
10 | mkdir ~/.config/Gpredict | ||
11 | whitelist ~/.config/Gpredict | ||
12 | |||
13 | caps.drop all | 13 | caps.drop all |
14 | netfilter | 14 | netfilter |
15 | nonewprivs | 15 | nonewprivs |
16 | nogroups | ||
16 | noroot | 17 | noroot |
18 | nosound | ||
17 | protocol unix,inet,inet6,netlink | 19 | protocol unix,inet,inet6,netlink |
18 | seccomp | 20 | seccomp |
21 | shell none | ||
19 | tracelog | 22 | tracelog |
20 | 23 | ||
21 | # Whitelist | 24 | private-bin gpredict |
22 | mkdir ~/.config | 25 | private-dev |
23 | mkdir ~/.config/Gpredict | ||
24 | whitelist ~/.config/Gpredict | ||