New profile: url-eater (#5780)

* Create url-eater.profile * RELNOTES: add url-eater to 'new profiles'
author: glitsj16 <glitsj16@users.noreply.github.com> 2023-04-18 02:36:55 +0000
committer: GitHub <noreply@github.com> 2023-04-18 02:36:55 +0000
commit: 7140573b9269b04cc36f5a9bd34a861ed2feb380 (patch)
tree: adaf50c9d1d61a5c28570e09b93f4ed37168eae3 /etc/profile-m-z/url-eater.profile
parent: build(deps): bump actions/checkout from 3.5.0 to 3.5.2 (diff)
download: firejail-7140573b9269b04cc36f5a9bd34a861ed2feb380.tar.gz
firejail-7140573b9269b04cc36f5a9bd34a861ed2feb380.tar.zst
firejail-7140573b9269b04cc36f5a9bd34a861ed2feb380.zip
1 files changed, 58 insertions, 0 deletions
diff --git a/etc/profile-m-z/url-eater.profile b/etc/profile-m-z/url-eater.profile
new file mode 100644
index 000000000..a894ff0f6
--- /dev/null
+++ b/etc/profile-m-z/url-eater.profile
@@ -0,0 +1,58 @@
+# Firejail profile for url-eater
+# Description: Clean unnecessary parameters from URLs copied to clipboard
+# This file is overwritten after every install/update
+# Persistent local customizations
+include url-eater.local
+# Persistent global definitions
+include globals.local
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-proc.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+include whitelist-common.inc
+include whitelist-run-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+ipc-namespace
+machine-id
+net none
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+seccomp.block-secondary
+tracelog
+disable-mnt
+private-bin url-eater
+private-cache
+private-dev
+private-etc url-eater.kdl
+private-lib
+#private-tmp # breaks on Arch
+dbus-user none
+dbus-system none
+memory-deny-write-execute
+read-only ${HOME}
+restrict-namespaces
author	glitsj16 <glitsj16@users.noreply.github.com>	2023-04-18 02:36:55 +0000
committer	GitHub <noreply@github.com>	2023-04-18 02:36:55 +0000
commit	7140573b9269b04cc36f5a9bd34a861ed2feb380 (patch)
tree	adaf50c9d1d61a5c28570e09b93f4ed37168eae3 /etc/profile-m-z/url-eater.profile
parent	build(deps): bump actions/checkout from 3.5.0 to 3.5.2 (diff)
download	firejail-7140573b9269b04cc36f5a9bd34a861ed2feb380.tar.gz firejail-7140573b9269b04cc36f5a9bd34a861ed2feb380.tar.zst firejail-7140573b9269b04cc36f5a9bd34a861ed2feb380.zip

diff --git a/etc/profile-m-z/url-eater.profile b/etc/profile-m-z/url-eater.profile new file mode 100644 index 000000000..a894ff0f6 --- /dev/null +++ b/etc/profile-m-z/url-eater.profile
@@ -0,0 +1,58 @@
	1	# Firejail profile for url-eater
	2	# Description: Clean unnecessary parameters from URLs copied to clipboard
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include url-eater.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	include disable-common.inc
	10	include disable-devel.inc
	11	include disable-exec.inc
	12	include disable-interpreters.inc
	13	include disable-proc.inc
	14	include disable-programs.inc
	15	include disable-shell.inc
	16	include disable-xdg.inc
	17
	18	include whitelist-common.inc
	19	include whitelist-run-common.inc
	20	include whitelist-runuser-common.inc
	21	include whitelist-usr-share-common.inc
	22	include whitelist-var-common.inc
	23
	24	apparmor
	25	caps.drop all
	26	ipc-namespace
	27	machine-id
	28	net none
	29	no3d
	30	nodvd
	31	nogroups
	32	noinput
	33	nonewprivs
	34	noprinters
	35	noroot
	36	nosound
	37	notv
	38	nou2f
	39	novideo
	40	protocol unix
	41	seccomp
	42	seccomp.block-secondary
	43	tracelog
	44
	45	disable-mnt
	46	private-bin url-eater
	47	private-cache
	48	private-dev
	49	private-etc url-eater.kdl
	50	private-lib
	51	#private-tmp # breaks on Arch
	52
	53	dbus-user none
	54	dbus-system none
	55
	56	memory-deny-write-execute
	57	read-only ${HOME}
	58	restrict-namespaces