diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-02 12:02:28 -0500 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-02 12:02:28 -0500 |
commit | 88d919ce9b9d0be693366b25eb1c4f3647c023d3 (patch) | |
tree | abfa2be0b75e0b7fbf7ae50413afd9a0b901df86 /etc/rambox.profile | |
parent | merges (diff) | |
download | firejail-88d919ce9b9d0be693366b25eb1c4f3647c023d3.tar.gz firejail-88d919ce9b9d0be693366b25eb1c4f3647c023d3.tar.zst firejail-88d919ce9b9d0be693366b25eb1c4f3647c023d3.zip |
Add rambox profile from #1425
Diffstat (limited to 'etc/rambox.profile')
-rw-r--r-- | etc/rambox.profile | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/etc/rambox.profile b/etc/rambox.profile new file mode 100644 index 000000000..2c70fbd13 --- /dev/null +++ b/etc/rambox.profile | |||
@@ -0,0 +1,31 @@ | |||
1 | #Persistent global definitions go here | ||
2 | include /etc/firejail/globals.local | ||
3 | |||
4 | #This file is overwritten during software install. | ||
5 | #Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/rambox.local | ||
7 | |||
8 | # Rambox profile for firejail | ||
9 | noblacklist ~/.config/Rambox | ||
10 | noblacklist ~/.pki | ||
11 | include /etc/firejail/disable-common.inc | ||
12 | include /etc/firejail/disable-programs.inc | ||
13 | include /etc/firejail/disable-devel.inc | ||
14 | |||
15 | caps.drop all | ||
16 | netfilter | ||
17 | nogroups | ||
18 | nonewprivs | ||
19 | noroot | ||
20 | protocol unix,inet,inet6,netlink | ||
21 | seccomp | ||
22 | #tracelog | ||
23 | |||
24 | whitelist ${DOWNLOADS} | ||
25 | mkdir ~/.config/Rambox | ||
26 | whitelist ~/.config/Rambox | ||
27 | mkdir ~/.pki | ||
28 | whitelist ~/.pki | ||
29 | |||
30 | include /etc/firejail/whitelist-common.inc | ||
31 | |||