diff options
author | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2017-11-08 13:20:03 -0600 |
---|---|---|
committer | Fred-Barclay <Fred-Barclay@users.noreply.github.com> | 2017-11-08 13:20:03 -0600 |
commit | 78b6a1d4b0815770c09fe4db3a37ca6ce3149261 (patch) | |
tree | 2da6e57cdabc0d6960abbf3366b263c276e177fd /etc | |
parent | Fix redirect warning (diff) | |
download | firejail-78b6a1d4b0815770c09fe4db3a37ca6ce3149261.tar.gz firejail-78b6a1d4b0815770c09fe4db3a37ca6ce3149261.tar.zst firejail-78b6a1d4b0815770c09fe4db3a37ca6ce3149261.zip |
Add Enpass profile (see #1139 profile requests)
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-passwdmgr.inc | 1 | ||||
-rw-r--r-- | etc/enpass.profile | 39 | ||||
-rw-r--r-- | etc/runenpass.sh.profile | 6 |
3 files changed, 46 insertions, 0 deletions
diff --git a/etc/disable-passwdmgr.inc b/etc/disable-passwdmgr.inc index 9507d3feb..8ed87eefb 100644 --- a/etc/disable-passwdmgr.inc +++ b/etc/disable-passwdmgr.inc | |||
@@ -6,6 +6,7 @@ blacklist ${HOME}/.config/KeePass | |||
6 | blacklist ${HOME}/.config/keepass | 6 | blacklist ${HOME}/.config/keepass |
7 | blacklist ${HOME}/.config/keepassx | 7 | blacklist ${HOME}/.config/keepassx |
8 | blacklist ${HOME}/.config/keepassxc | 8 | blacklist ${HOME}/.config/keepassxc |
9 | blacklist ${HOME}/.config/Sinew Software Systems | ||
9 | blacklist ${HOME}/.keepass | 10 | blacklist ${HOME}/.keepass |
10 | blacklist ${HOME}/.keepassx | 11 | blacklist ${HOME}/.keepassx |
11 | blacklist ${HOME}/.keepassxc | 12 | blacklist ${HOME}/.keepassxc |
diff --git a/etc/enpass.profile b/etc/enpass.profile new file mode 100644 index 000000000..4c19d5825 --- /dev/null +++ b/etc/enpass.profile | |||
@@ -0,0 +1,39 @@ | |||
1 | # This file is overwritten after every install/update. | ||
2 | # Persistent local customisations | ||
3 | include /etc/firejail/enpass.local | ||
4 | # Persistent global definitions | ||
5 | include /etc/firejail/globals.local | ||
6 | |||
7 | include /etc/firejail/disable-common.inc | ||
8 | include /etc/firejail/disable-devel.inc | ||
9 | include /etc/firejail/disable-passwdmgr.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | |||
12 | noblacklist ${HOME}/.config/Sinew Software Systems | ||
13 | |||
14 | include /etc/firejail/whitelist-var-common.inc | ||
15 | |||
16 | caps.drop all | ||
17 | machine-id | ||
18 | net none | ||
19 | no3d | ||
20 | nodvd | ||
21 | nogroups | ||
22 | nonewprivs | ||
23 | noroot | ||
24 | nosound | ||
25 | notv | ||
26 | novideo | ||
27 | protocol unix | ||
28 | seccomp | ||
29 | shell none | ||
30 | tracelog | ||
31 | |||
32 | private-bin sh,readlink,dirname | ||
33 | private-dev | ||
34 | private-opt Enpass | ||
35 | private-tmp | ||
36 | |||
37 | memory-deny-write-execute | ||
38 | noexec ${HOME} | ||
39 | noexec /tmp | ||
diff --git a/etc/runenpass.sh.profile b/etc/runenpass.sh.profile new file mode 100644 index 000000000..05ffbfe20 --- /dev/null +++ b/etc/runenpass.sh.profile | |||
@@ -0,0 +1,6 @@ | |||
1 | # Firejail alias profile for enpass | ||
2 | # This file is overwritten after every install/update | ||
3 | |||
4 | |||
5 | # Redirect | ||
6 | include /etc/firejail/enpass.profile | ||