diff options
author | netblue30 <netblue30@yahoo.com> | 2016-09-30 10:13:00 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-09-30 10:13:00 -0400 |
commit | b806f35192817e78b95a92dd658f1430bcc6fb56 (patch) | |
tree | 8ec9c12b8aa5b1616c2cc605d357ea05efe8aaaa /etc | |
parent | added luminance-hdr and synfigstudio profiles (diff) | |
download | firejail-b806f35192817e78b95a92dd658f1430bcc6fb56.tar.gz firejail-b806f35192817e78b95a92dd658f1430bcc6fb56.tar.zst firejail-b806f35192817e78b95a92dd658f1430bcc6fb56.zip |
gimp and inkscape profiles
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/gimp.profile | 18 | ||||
-rw-r--r-- | etc/inkscape.profile | 18 | ||||
-rw-r--r-- | etc/luminance-hdr.profile | 2 |
4 files changed, 38 insertions, 2 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 8566ea0c5..1e2b81d27 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -30,6 +30,8 @@ blacklist ${HOME}/.config/qpdfview | |||
30 | blacklist ${HOME}/.config/Luminance | 30 | blacklist ${HOME}/.config/Luminance |
31 | blacklist ${HOME}/.config/synfig | 31 | blacklist ${HOME}/.config/synfig |
32 | blacklist ${HOME}/.synfig | 32 | blacklist ${HOME}/.synfig |
33 | blacklist ${HOME}/.inkscape | ||
34 | blacklist ${HOME}/.gimp* | ||
33 | 35 | ||
34 | # Media players | 36 | # Media players |
35 | blacklist ${HOME}/.config/cmus | 37 | blacklist ${HOME}/.config/cmus |
diff --git a/etc/gimp.profile b/etc/gimp.profile new file mode 100644 index 000000000..23361b771 --- /dev/null +++ b/etc/gimp.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # gimp | ||
2 | noblacklist ${HOME}/.gimp* | ||
3 | include /etc/firejail/disable-common.inc | ||
4 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | |||
7 | caps.drop all | ||
8 | netfilter | ||
9 | nonewprivs | ||
10 | noroot | ||
11 | protocol unix | ||
12 | seccomp | ||
13 | private-dev | ||
14 | private-tmp | ||
15 | noexec ${HOME} | ||
16 | noexec /tmp | ||
17 | nogroups | ||
18 | nosound | ||
diff --git a/etc/inkscape.profile b/etc/inkscape.profile new file mode 100644 index 000000000..cf885fba2 --- /dev/null +++ b/etc/inkscape.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # inkscape | ||
2 | noblacklist ${HOME}/.inkscape | ||
3 | include /etc/firejail/disable-common.inc | ||
4 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | |||
7 | caps.drop all | ||
8 | netfilter | ||
9 | nonewprivs | ||
10 | noroot | ||
11 | protocol unix | ||
12 | seccomp | ||
13 | private-dev | ||
14 | private-tmp | ||
15 | noexec ${HOME} | ||
16 | noexec /tmp | ||
17 | nogroups | ||
18 | nosound | ||
diff --git a/etc/luminance-hdr.profile b/etc/luminance-hdr.profile index e9207fba3..6e059ea52 100644 --- a/etc/luminance-hdr.profile +++ b/etc/luminance-hdr.profile | |||
@@ -3,8 +3,6 @@ noblacklist ${HOME}/.config/Luminance | |||
3 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
4 | include /etc/firejail/disable-programs.inc | 4 | include /etc/firejail/disable-programs.inc |
5 | include /etc/firejail/disable-passwdmgr.inc | 5 | include /etc/firejail/disable-passwdmgr.inc |
6 | include /etc/firejail/disable-devel.inc | ||
7 | |||
8 | 6 | ||
9 | caps.drop all | 7 | caps.drop all |
10 | netfilter | 8 | netfilter |