New profile: axel (#6315)

https://github.com/axel-download-accelerator/axel
author: glitsj16 <glitsj16@users.noreply.github.com> 2024-04-20 10:26:18 +0000
committer: GitHub <noreply@github.com> 2024-04-20 10:26:18 +0000
commit: a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b (patch)
tree: b6cc229c007de6a924506416004ed3ca8279c170 /etc/profile-a-l
parent: tests: fix broken rm in gzip.exp (diff)
download: firejail-a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b.tar.gz
firejail-a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b.tar.zst
firejail-a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b.zip
1 files changed, 61 insertions, 0 deletions
diff --git a/etc/profile-a-l/axel.profile b/etc/profile-a-l/axel.profile
new file mode 100644
index 000000000..9961477f3
--- /dev/null
+++ b/etc/profile-a-l/axel.profile
@@ -0,0 +1,61 @@
+# Firejail profile for axel
+# Description: Lightweight CLI download accelerator
+quiet
+# This file is overwritten after every install/update
+# Persistent local customizations
+include axel.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.axelrc
+noblacklist ${HOME}/.netrc
+blacklist ${RUNUSER}
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-proc.inc
+include disable-programs.inc
+include disable-shell.inc
+#include disable-x11.inc # x11 none
+include disable-xdg.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+ipc-namespace
+netfilter
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+seccomp.block-secondary
+tracelog
+x11 none
+#disable-mnt
+private-bin axel
+private-cache
+private-dev
+private-etc @network,@tls-ca,axelrc
+private-lib
+private-tmp
+dbus-user none
+dbus-system none
+memory-deny-write-execute
+restrict-namespaces
author	glitsj16 <glitsj16@users.noreply.github.com>	2024-04-20 10:26:18 +0000
committer	GitHub <noreply@github.com>	2024-04-20 10:26:18 +0000
commit	a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b (patch)
tree	b6cc229c007de6a924506416004ed3ca8279c170 /etc/profile-a-l
parent	tests: fix broken rm in gzip.exp (diff)
download	firejail-a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b.tar.gz firejail-a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b.tar.zst firejail-a3b77a17fcb40a9a5b31b6d5c270295cc8981c5b.zip

diff --git a/etc/profile-a-l/axel.profile b/etc/profile-a-l/axel.profile new file mode 100644 index 000000000..9961477f3 --- /dev/null +++ b/etc/profile-a-l/axel.profile
@@ -0,0 +1,61 @@
	1	# Firejail profile for axel
	2	# Description: Lightweight CLI download accelerator
	3	quiet
	4	# This file is overwritten after every install/update
	5	# Persistent local customizations
	6	include axel.local
	7	# Persistent global definitions
	8	include globals.local
	9
	10	noblacklist ${HOME}/.axelrc
	11	noblacklist ${HOME}/.netrc
	12
	13	blacklist ${RUNUSER}
	14
	15	include disable-common.inc
	16	include disable-devel.inc
	17	include disable-exec.inc
	18	include disable-interpreters.inc
	19	include disable-proc.inc
	20	include disable-programs.inc
	21	include disable-shell.inc
	22	#include disable-x11.inc # x11 none
	23	include disable-xdg.inc
	24
	25	include whitelist-usr-share-common.inc
	26	include whitelist-var-common.inc
	27
	28	apparmor
	29	caps.drop all
	30	ipc-namespace
	31	netfilter
	32	no3d
	33	nodvd
	34	nogroups
	35	noinput
	36	nonewprivs
	37	noprinters
	38	noroot
	39	nosound
	40	notv
	41	nou2f
	42	novideo
	43	protocol unix,inet,inet6
	44	seccomp
	45	seccomp.block-secondary
	46	tracelog
	47	x11 none
	48
	49	#disable-mnt
	50	private-bin axel
	51	private-cache
	52	private-dev
	53	private-etc @network,@tls-ca,axelrc
	54	private-lib
	55	private-tmp
	56
	57	dbus-user none
	58	dbus-system none
	59
	60	memory-deny-write-execute
	61	restrict-namespaces