diff options
author | Tad <tad@spotco.us> | 2017-09-22 08:42:52 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2017-09-22 08:42:52 -0400 |
commit | 04adc450151cc5107098ef2f555ad526ac9f632e (patch) | |
tree | ce43807c66368539ffba1630ccedb0819cbc12dc /etc/pinta.profile | |
parent | Fixup merge of #1565 (diff) | |
download | firejail-04adc450151cc5107098ef2f555ad526ac9f632e.tar.gz firejail-04adc450151cc5107098ef2f555ad526ac9f632e.tar.zst firejail-04adc450151cc5107098ef2f555ad526ac9f632e.zip |
Further fixup #1565 and add a profile for uefitool
Diffstat (limited to 'etc/pinta.profile')
-rw-r--r-- | etc/pinta.profile | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/etc/pinta.profile b/etc/pinta.profile index 2562e1b80..4228e5880 100644 --- a/etc/pinta.profile +++ b/etc/pinta.profile | |||
@@ -1,15 +1,21 @@ | |||
1 | # Firejail profile for krita | 1 | # Firejail profile for pinta |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include /etc/firejail/krita.local | 4 | include /etc/firejail/pinta.local |
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | |||
9 | noblacklist ${HOME}/.config/Pinta | ||
10 | |||
8 | include /etc/firejail/disable-common.inc | 11 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-devel.inc | 12 | include /etc/firejail/disable-devel.inc |
10 | include /etc/firejail/disable-passwdmgr.inc | 13 | include /etc/firejail/disable-passwdmgr.inc |
11 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
12 | 15 | ||
16 | whitelist ${HOME}/.config/Pinta | ||
17 | include /etc/firejail/whitelist-common.inc | ||
18 | |||
13 | caps.drop all | 19 | caps.drop all |
14 | ipc-namespace | 20 | ipc-namespace |
15 | net none | 21 | net none |
@@ -27,7 +33,5 @@ shell none | |||
27 | private-dev | 33 | private-dev |
28 | private-tmp | 34 | private-tmp |
29 | 35 | ||
30 | |||
31 | whitelist ~/.config/Pinta | ||
32 | noexec ${HOME} | 36 | noexec ${HOME} |
33 | noexec /tmp | 37 | noexec /tmp |