merged Amend Wire profiles #1998 form @flacks

author: netblue30 <netblue30@yahoo.com> 2018-06-30 07:48:24 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-06-30 07:48:24 -0400
commit: ca09dafadcf00cf419e23fc13adf9874fc905fb5 (patch)
tree: b159482fe007436ce836ad549f7771cef8651680 /etc/wire-desktop.profile
parent: merges (diff)
download: firejail-ca09dafadcf00cf419e23fc13adf9874fc905fb5.tar.gz
firejail-ca09dafadcf00cf419e23fc13adf9874fc905fb5.tar.zst
firejail-ca09dafadcf00cf419e23fc13adf9874fc905fb5.zip
1 files changed, 40 insertions, 0 deletions
diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile
new file mode 100644
index 000000000..74d44efe3
--- /dev/null
+++ b/etc/wire-desktop.profile
@@ -0,0 +1,40 @@
+# Firejail profile for wire-desktop
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/wire-desktop.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+noblacklist ${HOME}/.config/Wire
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+mkdir ${HOME}/.config/Wire
+whitelist ${HOME}/.config/Wire
+whitelist ${DOWNLOADS}
+include /etc/firejail/whitelist-common.inc
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+# Note: The current version of Wire is located in /opt/wire-desktop/wire-desktop, and therefore
+# it is not in PATH. To use Wire with firejail, run "firejail /opt/wire-desktop/wire-desktop"
+private-bin wire-desktop
+private-dev
+private-etc fonts,machine-id
+disable-mnt
+private-tmp
author	netblue30 <netblue30@yahoo.com>	2018-06-30 07:48:24 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-06-30 07:48:24 -0400
commit	ca09dafadcf00cf419e23fc13adf9874fc905fb5 (patch)
tree	b159482fe007436ce836ad549f7771cef8651680 /etc/wire-desktop.profile
parent	merges (diff)
download	firejail-ca09dafadcf00cf419e23fc13adf9874fc905fb5.tar.gz firejail-ca09dafadcf00cf419e23fc13adf9874fc905fb5.tar.zst firejail-ca09dafadcf00cf419e23fc13adf9874fc905fb5.zip

diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile new file mode 100644 index 000000000..74d44efe3 --- /dev/null +++ b/etc/wire-desktop.profile
@@ -0,0 +1,40 @@
	1	# Firejail profile for wire-desktop
	2	# This file is overwritten after every install/update
	3	# Persistent local customizations
	4	include /etc/firejail/wire-desktop.local
	5	# Persistent global definitions
	6	include /etc/firejail/globals.local
	7
	8	noblacklist ${HOME}/.config/Wire
	9
	10	include /etc/firejail/disable-common.inc
	11	include /etc/firejail/disable-devel.inc
	12	include /etc/firejail/disable-interpreters.inc
	13	include /etc/firejail/disable-passwdmgr.inc
	14	include /etc/firejail/disable-programs.inc
	15
	16	mkdir ${HOME}/.config/Wire
	17	whitelist ${HOME}/.config/Wire
	18	whitelist ${DOWNLOADS}
	19
	20	include /etc/firejail/whitelist-common.inc
	21
	22	caps.drop all
	23	netfilter
	24	nodvd
	25	nogroups
	26	nonewprivs
	27	noroot
	28	notv
	29	protocol unix,inet,inet6,netlink
	30	seccomp
	31	shell none
	32
	33	# Note: The current version of Wire is located in /opt/wire-desktop/wire-desktop, and therefore
	34	# it is not in PATH. To use Wire with firejail, run "firejail /opt/wire-desktop/wire-desktop"
	35
	36	private-bin wire-desktop
	37	private-dev
	38	private-etc fonts,machine-id
	39	disable-mnt
	40	private-tmp