Five more game profiles

author: Tad <tad@spotco.us> 2019-03-28 14:32:02 -0400
committer: Tad <tad@spotco.us> 2019-03-28 14:32:02 -0400
commit: 8e5ad206ecd3b6def06ef9c36e0a02dd22f33625 (patch)
tree: d6c452d9ca914319ea931e766687dbc206738ad8 /etc/nethack-vultures.profile
parent: Add VCS support to meld (#2615) (diff)
download: firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.tar.gz
firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.tar.zst
firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.zip
1 files changed, 47 insertions, 0 deletions
diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile
new file mode 100644
index 000000000..771430337
--- /dev/null
+++ b/etc/nethack-vultures.profile
@@ -0,0 +1,47 @@
+# Firejail profile for nethack-vultures
+# Description: A rogue-like single player dungeon exploration game
+# This file is overwritten after every install/update
+# Persistent local customizations
+include nethack.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.vultures
+noblacklist /var/log
+include disable-common.inc
+include disable-devel.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+mkdir ${HOME}/.vultures
+whitelist ${HOME}/.vultures
+whitelist /var/log/vultures
+include whitelist-common.inc
+include whitelist-var-common.inc
+caps.drop all
+ipc-namespace
+net none
+nodbus
+nodvd
+nogroups
+#nonewprivs
+#noroot
+notv
+novideo
+#protocol unix,netlink
+#seccomp
+shell none
+disable-mnt
+#private
+private-cache
+private-dev
+private-tmp
+writable-var
+noexec ${HOME}
+noexec /tmp
author	Tad <tad@spotco.us>	2019-03-28 14:32:02 -0400
committer	Tad <tad@spotco.us>	2019-03-28 14:32:02 -0400
commit	8e5ad206ecd3b6def06ef9c36e0a02dd22f33625 (patch)
tree	d6c452d9ca914319ea931e766687dbc206738ad8 /etc/nethack-vultures.profile
parent	Add VCS support to meld (#2615) (diff)
download	firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.tar.gz firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.tar.zst firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.zip

diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile new file mode 100644 index 000000000..771430337 --- /dev/null +++ b/etc/nethack-vultures.profile
@@ -0,0 +1,47 @@
	1	# Firejail profile for nethack-vultures
	2	# Description: A rogue-like single player dungeon exploration game
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include nethack.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9
	10	noblacklist ${HOME}/.vultures
	11	noblacklist /var/log
	12
	13	include disable-common.inc
	14	include disable-devel.inc
	15	include disable-interpreters.inc
	16	include disable-passwdmgr.inc
	17	include disable-programs.inc
	18
	19	mkdir ${HOME}/.vultures
	20	whitelist ${HOME}/.vultures
	21	whitelist /var/log/vultures
	22	include whitelist-common.inc
	23	include whitelist-var-common.inc
	24
	25	caps.drop all
	26	ipc-namespace
	27	net none
	28	nodbus
	29	nodvd
	30	nogroups
	31	#nonewprivs
	32	#noroot
	33	notv
	34	novideo
	35	#protocol unix,netlink
	36	#seccomp
	37	shell none
	38
	39	disable-mnt
	40	#private
	41	private-cache
	42	private-dev
	43	private-tmp
	44	writable-var
	45
	46	noexec ${HOME}
	47	noexec /tmp