new profiles

author: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-06-25 15:06:02 +0200
committer: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-06-25 15:06:02 +0200
commit: 37e4d74dff29c56ec5e9b078ea027b0d8352492b (patch)
tree: bff5dabc43c04c19ee5bf3bda437b32d800e5db7 /etc/profile-a-l
parent: fix apostrophe (diff)
download: firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.tar.gz
firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.tar.zst
firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.zip
4 files changed, 181 insertions, 0 deletions
diff --git a/etc/profile-a-l/bijiben.profile b/etc/profile-a-l/bijiben.profile
new file mode 100644
index 000000000..c1c338536
--- /dev/null
+++ b/etc/profile-a-l/bijiben.profile
@@ -0,0 +1,58 @@
+# Firejail profile for bijiben
+# Description: Simple Note Viewer
+# This file is overwritten after every install/update
+# Persistent local customizations
+include bijiben.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.local/share/bijiben
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+mkdir ${HOME}/.local/share/bijiben
+whitelist ${HOME}/.local/share/bijiben
+whitelist ${HOME}/.cache/tracker
+whitelist /usr/share/bijiben
+whitelist /usr/share/tracker
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+machine-id
+net none
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+disable-mnt
+private-bin bijiben
+# private-cache -- access to .cache/tracker is required
+private-dev
+private-etc dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload
+private-tmp
+dbus-user filter
+dbus-user.own org.gnome.Notes
+dbus-user.talk ca.desrt.dconf
+dbus-user.talk org.freedesktop.Tracker1
+dbus-system none
diff --git a/etc/profile-a-l/gnote.profile b/etc/profile-a-l/gnote.profile
new file mode 100644
index 000000000..1b5129fc5
--- /dev/null
+++ b/etc/profile-a-l/gnote.profile
@@ -0,0 +1,59 @@
+# Firejail profile for gnote
+# Description: A simple note-taking application for Gnome
+# This file is overwritten after every install/update
+# Persistent local customizations
+include gnote.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.config/gnote
+noblacklist ${HOME}/.local/share/gnote
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+mkdir ${HOME}/.config/gnote
+mkdir ${HOME}/.local/share/gnote
+whitelist ${HOME}/.config/gnote
+whitelist ${HOME}/.local/share/gnote
+whitelist /usr/share/gnote
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+disable-mnt
+private-bin gnote
+private-cache
+private-dev
+private-etc dconf,fonts,gtk-3.0,pango,X11
+private-tmp
+dbus-user filter
+dbus-user.own org.gnome.Gnote
+dbus-user.talk ca.desrt.dconf
+dbus-system none
diff --git a/etc/profile-a-l/gnubik.profile b/etc/profile-a-l/gnubik.profile
new file mode 100644
index 000000000..8eaba161c
--- /dev/null
+++ b/etc/profile-a-l/gnubik.profile
@@ -0,0 +1,50 @@
+# Firejail profile for gnubik
+# Description: DESCRIPTION
+# This file is overwritten after every install/update
+# Persistent local customizations
+include gnubik.local
+# Persistent global definitions
+include globals.local
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+whitelist /usr/share/gnubik
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+machine-id
+net none
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+disable-mnt
+private
+private-bin gnubik
+private-cache
+private-dev
+private-etc drirc,fonts,gtk-2.0
+private-tmp
+dbus-user none
+dbus-system none
diff --git a/etc/profile-a-l/hitori.profile b/etc/profile-a-l/hitori.profile
new file mode 100644
index 000000000..6d67f4587
--- /dev/null
+++ b/etc/profile-a-l/hitori.profile
@@ -0,0 +1,14 @@
+# Firejail profile for hitori
+# Description: Play the Hitori puzzle game
+# This file is overwritten after every install/update
+# Persistent local customizations
+include hitori.local
+# Persistent global definitions
+include globals.local
+private-bin hitori
+dbus-user.own org.gnome.Hitori
+# Redirect
+include gnome_games-common.profile
author	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-06-25 15:06:02 +0200
committer	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-06-25 15:06:02 +0200
commit	37e4d74dff29c56ec5e9b078ea027b0d8352492b (patch)
tree	bff5dabc43c04c19ee5bf3bda437b32d800e5db7 /etc/profile-a-l
parent	fix apostrophe (diff)
download	firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.tar.gz firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.tar.zst firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.zip

diff --git a/etc/profile-a-l/bijiben.profile b/etc/profile-a-l/bijiben.profile new file mode 100644 index 000000000..c1c338536 --- /dev/null +++ b/etc/profile-a-l/bijiben.profile
@@ -0,0 +1,58 @@
	1	# Firejail profile for bijiben
	2	# Description: Simple Note Viewer
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include bijiben.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${HOME}/.local/share/bijiben
	10
	11	include disable-common.inc
	12	include disable-devel.inc
	13	include disable-exec.inc
	14	include disable-interpreters.inc
	15	include disable-passwdmgr.inc
	16	include disable-programs.inc
	17	include disable-shell.inc
	18	include disable-xdg.inc
	19
	20	mkdir ${HOME}/.local/share/bijiben
	21	whitelist ${HOME}/.local/share/bijiben
	22	whitelist ${HOME}/.cache/tracker
	23	whitelist /usr/share/bijiben
	24	whitelist /usr/share/tracker
	25	include whitelist-common.inc
	26	include whitelist-runuser-common.inc
	27	include whitelist-usr-share-common.inc
	28	include whitelist-var-common.inc
	29
	30	apparmor
	31	caps.drop all
	32	machine-id
	33	net none
	34	nodvd
	35	nogroups
	36	nonewprivs
	37	noroot
	38	nosound
	39	notv
	40	nou2f
	41	novideo
	42	protocol unix
	43	seccomp
	44	shell none
	45	tracelog
	46
	47	disable-mnt
	48	private-bin bijiben
	49	# private-cache -- access to .cache/tracker is required
	50	private-dev
	51	private-etc dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload
	52	private-tmp
	53
	54	dbus-user filter
	55	dbus-user.own org.gnome.Notes
	56	dbus-user.talk ca.desrt.dconf
	57	dbus-user.talk org.freedesktop.Tracker1
	58	dbus-system none


diff --git a/etc/profile-a-l/gnote.profile b/etc/profile-a-l/gnote.profile new file mode 100644 index 000000000..1b5129fc5 --- /dev/null +++ b/etc/profile-a-l/gnote.profile
@@ -0,0 +1,59 @@
	1	# Firejail profile for gnote
	2	# Description: A simple note-taking application for Gnome
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include gnote.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${HOME}/.config/gnote
	10	noblacklist ${HOME}/.local/share/gnote
	11
	12	include disable-common.inc
	13	include disable-devel.inc
	14	include disable-exec.inc
	15	include disable-interpreters.inc
	16	include disable-passwdmgr.inc
	17	include disable-programs.inc
	18	include disable-shell.inc
	19	include disable-xdg.inc
	20
	21	mkdir ${HOME}/.config/gnote
	22	mkdir ${HOME}/.local/share/gnote
	23	whitelist ${HOME}/.config/gnote
	24	whitelist ${HOME}/.local/share/gnote
	25	whitelist /usr/share/gnote
	26	include whitelist-common.inc
	27	include whitelist-runuser-common.inc
	28	include whitelist-usr-share-common.inc
	29	include whitelist-var-common.inc
	30
	31	apparmor
	32	caps.drop all
	33	machine-id
	34	net none
	35	no3d
	36	nodvd
	37	nogroups
	38	nonewprivs
	39	noroot
	40	nosound
	41	notv
	42	nou2f
	43	novideo
	44	protocol unix
	45	seccomp
	46	shell none
	47	tracelog
	48
	49	disable-mnt
	50	private-bin gnote
	51	private-cache
	52	private-dev
	53	private-etc dconf,fonts,gtk-3.0,pango,X11
	54	private-tmp
	55
	56	dbus-user filter
	57	dbus-user.own org.gnome.Gnote
	58	dbus-user.talk ca.desrt.dconf
	59	dbus-system none


diff --git a/etc/profile-a-l/gnubik.profile b/etc/profile-a-l/gnubik.profile new file mode 100644 index 000000000..8eaba161c --- /dev/null +++ b/etc/profile-a-l/gnubik.profile
@@ -0,0 +1,50 @@
	1	# Firejail profile for gnubik
	2	# Description: DESCRIPTION
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include gnubik.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	include disable-common.inc
	10	include disable-devel.inc
	11	include disable-exec.inc
	12	include disable-interpreters.inc
	13	include disable-passwdmgr.inc
	14	include disable-programs.inc
	15	include disable-shell.inc
	16	include disable-xdg.inc
	17
	18	whitelist /usr/share/gnubik
	19	include whitelist-common.inc
	20	include whitelist-runuser-common.inc
	21	include whitelist-usr-share-common.inc
	22	include whitelist-var-common.inc
	23
	24	apparmor
	25	caps.drop all
	26	machine-id
	27	net none
	28	nodvd
	29	nogroups
	30	nonewprivs
	31	noroot
	32	nosound
	33	notv
	34	nou2f
	35	novideo
	36	protocol unix
	37	seccomp
	38	shell none
	39	tracelog
	40
	41	disable-mnt
	42	private
	43	private-bin gnubik
	44	private-cache
	45	private-dev
	46	private-etc drirc,fonts,gtk-2.0
	47	private-tmp
	48
	49	dbus-user none
	50	dbus-system none


diff --git a/etc/profile-a-l/hitori.profile b/etc/profile-a-l/hitori.profile new file mode 100644 index 000000000..6d67f4587 --- /dev/null +++ b/etc/profile-a-l/hitori.profile
@@ -0,0 +1,14 @@
	1	# Firejail profile for hitori
	2	# Description: Play the Hitori puzzle game
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include hitori.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	private-bin hitori
	10
	11	dbus-user.own org.gnome.Hitori
	12
	13	# Redirect
	14	include gnome_games-common.profile