diff options
author | netblue30 <netblue30@yahoo.com> | 2018-09-03 14:25:18 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-09-03 14:25:18 -0400 |
commit | b68138cba60af16bae8941d8f1c41a248b471248 (patch) | |
tree | 05a199a3af4b75931b1d229826bd00099768c164 /etc | |
parent | minor cleanup (diff) | |
download | firejail-b68138cba60af16bae8941d8f1c41a248b471248.tar.gz firejail-b68138cba60af16bae8941d8f1c41a248b471248.tar.zst firejail-b68138cba60af16bae8941d8f1c41a248b471248.zip |
adding fluxbox, blackbox, awesome, i3 profiles
Diffstat (limited to 'etc')
-rw-r--r-- | etc/awesome.profile | 19 | ||||
-rw-r--r-- | etc/blackbox.profile | 18 | ||||
-rw-r--r-- | etc/disable-common.inc | 5 | ||||
-rw-r--r-- | etc/fluxbox.profile | 18 | ||||
-rw-r--r-- | etc/i3.profile | 18 |
5 files changed, 77 insertions, 1 deletions
diff --git a/etc/awesome.profile b/etc/awesome.profile new file mode 100644 index 000000000..49c1a4aad --- /dev/null +++ b/etc/awesome.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # Firejail profile for awesome | ||
2 | # Description: Standards-compliant, fast, light-weight and extensible window manager | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/awesome.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | # all applications started in awesome will run in this profile | ||
10 | noblacklist ${HOME}/.config/awesome | ||
11 | include /etc/firejail/disable-common.inc | ||
12 | |||
13 | caps.drop all | ||
14 | netfilter | ||
15 | noroot | ||
16 | protocol unix,inet,inet6 | ||
17 | seccomp | ||
18 | |||
19 | read-only ${HOME}/.config/awesome/autorun.sh | ||
diff --git a/etc/blackbox.profile b/etc/blackbox.profile new file mode 100644 index 000000000..2672c812a --- /dev/null +++ b/etc/blackbox.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # Firejail profile for blackbox | ||
2 | # Description: Standards-compliant, fast, light-weight and extensible window manager | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/blackbox.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | # all applications started in awesome will run in this profile | ||
10 | noblacklist ${HOME}/.blackbox | ||
11 | include /etc/firejail/disable-common.inc | ||
12 | |||
13 | caps.drop all | ||
14 | netfilter | ||
15 | noroot | ||
16 | protocol unix,inet,inet6 | ||
17 | seccomp | ||
18 | |||
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 0c295ae6d..94254931e 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -17,14 +17,17 @@ blacklist-nolog /tmp/clipmenu* | |||
17 | # X11 session autostart | 17 | # X11 session autostart |
18 | # blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs | 18 | # blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs |
19 | blacklist ${HOME}/.Xsession | 19 | blacklist ${HOME}/.Xsession |
20 | blacklist ${HOME}/.blackbox | ||
20 | blacklist ${HOME}/.config/autostart | 21 | blacklist ${HOME}/.config/autostart |
21 | blacklist ${HOME}/.config/autostart-scripts | 22 | blacklist ${HOME}/.config/autostart-scripts |
23 | blacklist ${HOME}/.config/awesome | ||
24 | blacklist ${HOME}/.config/i3 | ||
22 | blacklist ${HOME}/.config/lxsession/LXDE/autostart | 25 | blacklist ${HOME}/.config/lxsession/LXDE/autostart |
23 | blacklist ${HOME}/.config/openbox | 26 | blacklist ${HOME}/.config/openbox |
24 | blacklist ${HOME}/.config/plasma-workspace | 27 | blacklist ${HOME}/.config/plasma-workspace |
25 | blacklist ${HOME}/.config/startupconfig | 28 | blacklist ${HOME}/.config/startupconfig |
26 | blacklist ${HOME}/.config/startupconfigkeys | 29 | blacklist ${HOME}/.config/startupconfigkeys |
27 | blacklist ${HOME}/.fluxbox/startup | 30 | blacklist ${HOME}/.fluxbox |
28 | blacklist ${HOME}/.gnomerc | 31 | blacklist ${HOME}/.gnomerc |
29 | blacklist ${HOME}/.kde/Autostart | 32 | blacklist ${HOME}/.kde/Autostart |
30 | blacklist ${HOME}/.kde/env | 33 | blacklist ${HOME}/.kde/env |
diff --git a/etc/fluxbox.profile b/etc/fluxbox.profile new file mode 100644 index 000000000..5fafef95a --- /dev/null +++ b/etc/fluxbox.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # Firejail profile for fluxbox | ||
2 | # Description: Standards-compliant, fast, light-weight and extensible window manager | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/fluxbox.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | # all applications started in awesome will run in this profile | ||
10 | noblacklist ${HOME}/.fluxbox | ||
11 | include /etc/firejail/disable-common.inc | ||
12 | |||
13 | caps.drop all | ||
14 | netfilter | ||
15 | noroot | ||
16 | protocol unix,inet,inet6 | ||
17 | seccomp | ||
18 | |||
diff --git a/etc/i3.profile b/etc/i3.profile new file mode 100644 index 000000000..efbc1f6e7 --- /dev/null +++ b/etc/i3.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # Firejail profile for i3 | ||
2 | # Description: Standards-compliant, fast, light-weight and extensible window manager | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/i3.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | # all applications started in awesome will run in this profile | ||
10 | noblacklist ${HOME}/.config/i3 | ||
11 | include /etc/firejail/disable-common.inc | ||
12 | |||
13 | caps.drop all | ||
14 | netfilter | ||
15 | noroot | ||
16 | protocol unix,inet,inet6 | ||
17 | seccomp | ||
18 | |||