GPicViewer profile

author: Fred Barclay <Fred-Barclay@users.noreply.github.com> 2017-03-26 13:37:13 -0500
committer: Fred Barclay <Fred-Barclay@users.noreply.github.com> 2017-03-26 13:37:13 -0500
commit: b51d44a29a07772cf4b38b6133aad343e76185d8 (patch)
tree: c12de72116844960d321f4f97ff4f1fdcf6bf269 /etc
parent: testing (diff)
download: firejail-b51d44a29a07772cf4b38b6133aad343e76185d8.tar.gz
firejail-b51d44a29a07772cf4b38b6133aad343e76185d8.tar.zst
firejail-b51d44a29a07772cf4b38b6133aad343e76185d8.zip
2 files changed, 28 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 00c6e195a..6b2b1d994 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -70,6 +70,7 @@ blacklist ${HOME}/.config/gedit
 blacklist ${HOME}/.config/google-chrome
 blacklist ${HOME}/.config/google-chrome-beta
 blacklist ${HOME}/.config/google-chrome-unstable
+blacklist ${HOME}./config/gpicview
 blacklist ${HOME}/.config/gthumb
 blacklist ${HOME}/.config/hexchat
 blacklist ${HOME}/.config/inox
diff --git a/etc/gpicview.profile b/etc/gpicview.profile
new file mode 100644
index 000000000..7a8188665
--- /dev/null
+++ b/etc/gpicview.profile
@@ -0,0 +1,27 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/gpicview.local
+# Firejail profile for GPicView
+noblacklist ~/.config/gpicview
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+caps.drop all
+net none
+nogroups
+nonewprivs
+noroot
+nosound
+protocol unix
+seccomp
+shell none
+tracelog
+private-bin gpicview
+private-dev
+private-etc fonts
+private-tmp
author	Fred Barclay <Fred-Barclay@users.noreply.github.com>	2017-03-26 13:37:13 -0500
committer	Fred Barclay <Fred-Barclay@users.noreply.github.com>	2017-03-26 13:37:13 -0500
commit	b51d44a29a07772cf4b38b6133aad343e76185d8 (patch)
tree	c12de72116844960d321f4f97ff4f1fdcf6bf269 /etc
parent	testing (diff)
download	firejail-b51d44a29a07772cf4b38b6133aad343e76185d8.tar.gz firejail-b51d44a29a07772cf4b38b6133aad343e76185d8.tar.zst firejail-b51d44a29a07772cf4b38b6133aad343e76185d8.zip

diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 00c6e195a..6b2b1d994 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc
@@ -70,6 +70,7 @@ blacklist ${HOME}/.config/gedit
70	blacklist ${HOME}/.config/google-chrome	70	blacklist ${HOME}/.config/google-chrome
71	blacklist ${HOME}/.config/google-chrome-beta	71	blacklist ${HOME}/.config/google-chrome-beta
72	blacklist ${HOME}/.config/google-chrome-unstable	72	blacklist ${HOME}/.config/google-chrome-unstable
		73	blacklist ${HOME}./config/gpicview
73	blacklist ${HOME}/.config/gthumb	74	blacklist ${HOME}/.config/gthumb
74	blacklist ${HOME}/.config/hexchat	75	blacklist ${HOME}/.config/hexchat
75	blacklist ${HOME}/.config/inox	76	blacklist ${HOME}/.config/inox


diff --git a/etc/gpicview.profile b/etc/gpicview.profile new file mode 100644 index 000000000..7a8188665 --- /dev/null +++ b/etc/gpicview.profile
@@ -0,0 +1,27 @@
		1	# This file is overwritten during software install.
		2	# Persistent customizations should go in a .local file.
		3	include /etc/firejail/gpicview.local
		4
		5	# Firejail profile for GPicView
		6	noblacklist ~/.config/gpicview
		7
		8	include /etc/firejail/disable-common.inc
		9	include /etc/firejail/disable-programs.inc
		10	include /etc/firejail/disable-devel.inc
		11	include /etc/firejail/disable-passwdmgr.inc
		12
		13	caps.drop all
		14	net none
		15	nogroups
		16	nonewprivs
		17	noroot
		18	nosound
		19	protocol unix
		20	seccomp
		21	shell none
		22	tracelog
		23
		24	private-bin gpicview
		25	private-dev
		26	private-etc fonts
		27	private-tmp