diff options
author | startx2017 <vradu.startx@yandex.com> | 2017-06-16 08:37:52 -0400 |
---|---|---|
committer | startx2017 <vradu.startx@yandex.com> | 2017-06-16 08:37:52 -0400 |
commit | 5d485d66fc444677917ed11f46b50067dabe9245 (patch) | |
tree | 76bcbd0b70a655f6c9c48aa778397430c62156b0 /etc | |
parent | curl profile (diff) | |
download | firejail-5d485d66fc444677917ed11f46b50067dabe9245.tar.gz firejail-5d485d66fc444677917ed11f46b50067dabe9245.tar.zst firejail-5d485d66fc444677917ed11f46b50067dabe9245.zip |
mplayer and smplayer profiles
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/mplayer.profile | 31 | ||||
-rw-r--r-- | etc/smplayer.profile | 32 |
3 files changed, 65 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 4d77218de..3b2c150fc 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -140,6 +140,7 @@ blacklist ${HOME}/.config/redshift.conf | |||
140 | blacklist ${HOME}/.config/scribus | 140 | blacklist ${HOME}/.config/scribus |
141 | blacklist ${HOME}/.config/skypeforlinux | 141 | blacklist ${HOME}/.config/skypeforlinux |
142 | blacklist ${HOME}/.config/slimjet | 142 | blacklist ${HOME}/.config/slimjet |
143 | blacklist ${HOME}/.config/smplayer | ||
143 | blacklist ${HOME}/.config/spotify | 144 | blacklist ${HOME}/.config/spotify |
144 | blacklist ${HOME}/.config/stellarium | 145 | blacklist ${HOME}/.config/stellarium |
145 | blacklist ${HOME}/.config/synfig | 146 | blacklist ${HOME}/.config/synfig |
@@ -306,6 +307,7 @@ blacklist ${HOME}/.mcabberrc | |||
306 | blacklist ${HOME}/.mediathek3 | 307 | blacklist ${HOME}/.mediathek3 |
307 | blacklist ${HOME}/.mozilla | 308 | blacklist ${HOME}/.mozilla |
308 | blacklist ${HOME}/.mpdconf | 309 | blacklist ${HOME}/.mpdconf |
310 | blacklist ${HOME}/.mplayer | ||
309 | blacklist ${HOME}/.msmtprc | 311 | blacklist ${HOME}/.msmtprc |
310 | blacklist ${HOME}/.multimc5 | 312 | blacklist ${HOME}/.multimc5 |
311 | blacklist ${HOME}/.mutt | 313 | blacklist ${HOME}/.mutt |
diff --git a/etc/mplayer.profile b/etc/mplayer.profile new file mode 100644 index 000000000..879223e1a --- /dev/null +++ b/etc/mplayer.profile | |||
@@ -0,0 +1,31 @@ | |||
1 | # Persistent global definitions go here | ||
2 | include /etc/firejail/globals.local | ||
3 | |||
4 | # This file is overwritten during software install. | ||
5 | # Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/mplayer.local | ||
7 | |||
8 | # mplayer profile | ||
9 | noblacklist ${HOME}/.mplayer | ||
10 | |||
11 | include /etc/firejail/disable-common.inc | ||
12 | include /etc/firejail/disable-programs.inc | ||
13 | include /etc/firejail/disable-devel.inc | ||
14 | include /etc/firejail/disable-passwdmgr.inc | ||
15 | |||
16 | caps.drop all | ||
17 | #ipc-namespace | ||
18 | netfilter | ||
19 | # nogroups | ||
20 | nonewprivs | ||
21 | noroot | ||
22 | protocol unix,inet,inet6,netlink | ||
23 | seccomp | ||
24 | shell none | ||
25 | |||
26 | private-dev | ||
27 | private-tmp | ||
28 | private-bin mplayer | ||
29 | |||
30 | noexec ${HOME} | ||
31 | noexec /tmp | ||
diff --git a/etc/smplayer.profile b/etc/smplayer.profile new file mode 100644 index 000000000..6a5c115b7 --- /dev/null +++ b/etc/smplayer.profile | |||
@@ -0,0 +1,32 @@ | |||
1 | # Persistent global definitions go here | ||
2 | include /etc/firejail/globals.local | ||
3 | |||
4 | # This file is overwritten during software install. | ||
5 | # Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/smplayer.local | ||
7 | |||
8 | # smplayer profile | ||
9 | noblacklist ${HOME}/.config/smplayer | ||
10 | noblacklist ${HOME}/.mplayer | ||
11 | |||
12 | include /etc/firejail/disable-common.inc | ||
13 | include /etc/firejail/disable-programs.inc | ||
14 | include /etc/firejail/disable-devel.inc | ||
15 | include /etc/firejail/disable-passwdmgr.inc | ||
16 | |||
17 | caps.drop all | ||
18 | #ipc-namespace | ||
19 | netfilter | ||
20 | # nogroups | ||
21 | nonewprivs | ||
22 | noroot | ||
23 | protocol unix,inet,inet6,netlink | ||
24 | seccomp | ||
25 | shell none | ||
26 | |||
27 | private-dev | ||
28 | private-tmp | ||
29 | private-bin smplayer,mplayer | ||
30 | |||
31 | noexec ${HOME} | ||
32 | noexec /tmp | ||