Unify all profiles

author: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
committer: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
commit: 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree: 0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/multimc5.profile
parent: various profile fixes (#1433) (diff)
download: firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip
1 files changed, 12 insertions, 19 deletions
diff --git a/etc/multimc5.profile b/etc/multimc5.profile
index 6b0696064..882f17485 100644
--- a/etc/multimc5.profile
+++ b/etc/multimc5.profile
@@ -1,47 +1,40 @@
-# Persistent global definitions go here
+# Firejail profile for multimc5
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
 include /etc/firejail/multimc5.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-#
-#Profile for multimc5
-#
-#No Blacklist Paths
 noblacklist ${HOME}/.java
 noblacklist ${HOME}/.local/share/multimc5
 noblacklist ${HOME}/.multimc5
-#Blacklist Paths
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
-include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
-#Whitelist Paths
 mkdir ${HOME}/.local/share/multimc5
-whitelist ${HOME}/.local/share/multimc5
 mkdir ${HOME}/.multimc5
+whitelist ${HOME}/.local/share/multimc5
 whitelist ${HOME}/.multimc5
 include /etc/firejail/whitelist-common.inc
-#Options
 caps.drop all
-#ipc-namespace
 netfilter
 nogroups
 nonewprivs
 noroot
 novideo
 protocol unix,inet,inet6
-#seccomp
 shell none
+disable-mnt
 private-dev
 private-tmp
-disable-mnt
 noexec ${HOME}
 noexec /tmp
+# CLOBBERED COMMENTS
+# seccomp
author	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
committer	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
commit	9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree	0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/multimc5.profile
parent	various profile fixes (#1433) (diff)
download	firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip

diff --git a/etc/multimc5.profile b/etc/multimc5.profile index 6b0696064..882f17485 100644 --- a/etc/multimc5.profile +++ b/etc/multimc5.profile
@@ -1,47 +1,40 @@
1	# Persistent global definitions go here	1	# Firejail profile for multimc5
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	# This file is overwritten during software install.
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/multimc5.local	4	include /etc/firejail/multimc5.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	#
9	#Profile for multimc5
10	#
11
12	#No Blacklist Paths
13	noblacklist ${HOME}/.java	8	noblacklist ${HOME}/.java
14	noblacklist ${HOME}/.local/share/multimc5	9	noblacklist ${HOME}/.local/share/multimc5
15	noblacklist ${HOME}/.multimc5	10	noblacklist ${HOME}/.multimc5
16		11
17	#Blacklist Paths
18	include /etc/firejail/disable-common.inc	12	include /etc/firejail/disable-common.inc
19	include /etc/firejail/disable-programs.inc
20	include /etc/firejail/disable-passwdmgr.inc
21	include /etc/firejail/disable-devel.inc	13	include /etc/firejail/disable-devel.inc
		14	include /etc/firejail/disable-passwdmgr.inc
		15	include /etc/firejail/disable-programs.inc
22		16
23	#Whitelist Paths
24	mkdir ${HOME}/.local/share/multimc5	17	mkdir ${HOME}/.local/share/multimc5
25	whitelist ${HOME}/.local/share/multimc5
26	mkdir ${HOME}/.multimc5	18	mkdir ${HOME}/.multimc5
		19	whitelist ${HOME}/.local/share/multimc5
27	whitelist ${HOME}/.multimc5	20	whitelist ${HOME}/.multimc5
28	include /etc/firejail/whitelist-common.inc	21	include /etc/firejail/whitelist-common.inc
29		22
30	#Options
31	caps.drop all	23	caps.drop all
32	#ipc-namespace
33	netfilter	24	netfilter
34	nogroups	25	nogroups
35	nonewprivs	26	nonewprivs
36	noroot	27	noroot
37	novideo	28	novideo
38	protocol unix,inet,inet6	29	protocol unix,inet,inet6
39	#seccomp
40	shell none	30	shell none
41		31
		32	disable-mnt
42	private-dev	33	private-dev
43	private-tmp	34	private-tmp
44	disable-mnt
45		35
46	noexec ${HOME}	36	noexec ${HOME}
47	noexec /tmp	37	noexec /tmp
		38
		39	# CLOBBERED COMMENTS
		40	# seccomp