diff options
author | Tad <tad@spotco.us> | 2021-03-15 14:21:07 -0400 |
---|---|---|
committer | Tad <tad@spotco.us> | 2021-03-15 14:24:17 -0400 |
commit | ce6925c81058190e233c51e5198cb3a4e61bb42d (patch) | |
tree | 9c2377864b118909a5913bb3e5595d57375177e7 /etc | |
parent | Harden PPSSPP and add a PPSSPPSDL alias (diff) | |
download | firejail-ce6925c81058190e233c51e5198cb3a4e61bb42d.tar.gz firejail-ce6925c81058190e233c51e5198cb3a4e61bb42d.tar.zst firejail-ce6925c81058190e233c51e5198cb3a4e61bb42d.zip |
Add a profile for Jami
Left out of firecfg because I think it was buggy.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/profile-a-l/jami-gnome.profile | 42 |
2 files changed, 44 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 7a37c9fb4..27f6a938b 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -267,6 +267,7 @@ blacklist ${HOME}/.config/inkscape | |||
267 | blacklist ${HOME}/.config/inox | 267 | blacklist ${HOME}/.config/inox |
268 | blacklist ${HOME}/.config/iridium | 268 | blacklist ${HOME}/.config/iridium |
269 | blacklist ${HOME}/.config/itch | 269 | blacklist ${HOME}/.config/itch |
270 | blacklist ${HOME}/.config/jami | ||
270 | blacklist ${HOME}/.config/jd-gui.cfg | 271 | blacklist ${HOME}/.config/jd-gui.cfg |
271 | blacklist ${HOME}/.config/k3brc | 272 | blacklist ${HOME}/.config/k3brc |
272 | blacklist ${HOME}/.config/kaffeinerc | 273 | blacklist ${HOME}/.config/kaffeinerc |
@@ -662,6 +663,7 @@ blacklist ${HOME}/.local/share/gradio | |||
662 | blacklist ${HOME}/.local/share/gwenview | 663 | blacklist ${HOME}/.local/share/gwenview |
663 | blacklist ${HOME}/.local/share/i2p | 664 | blacklist ${HOME}/.local/share/i2p |
664 | blacklist ${HOME}/.local/share/IntoTheBreach | 665 | blacklist ${HOME}/.local/share/IntoTheBreach |
666 | blacklist ${HOME}/.local/share/jami | ||
665 | blacklist ${HOME}/.local/share/kaffeine | 667 | blacklist ${HOME}/.local/share/kaffeine |
666 | blacklist ${HOME}/.local/share/kalgebra | 668 | blacklist ${HOME}/.local/share/kalgebra |
667 | blacklist ${HOME}/.local/share/kate | 669 | blacklist ${HOME}/.local/share/kate |
diff --git a/etc/profile-a-l/jami-gnome.profile b/etc/profile-a-l/jami-gnome.profile new file mode 100644 index 000000000..226bb0008 --- /dev/null +++ b/etc/profile-a-l/jami-gnome.profile | |||
@@ -0,0 +1,42 @@ | |||
1 | # Firejail profile for jami-gnome | ||
2 | # Description: An encrypted peer-to-peer messenger | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include jami-gnome.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/jami | ||
10 | noblacklist ${HOME}/.local/share/jami | ||
11 | |||
12 | include disable-common.inc | ||
13 | include disable-devel.inc | ||
14 | include disable-exec.inc | ||
15 | #include disable-interpreters.inc | ||
16 | include disable-passwdmgr.inc | ||
17 | include disable-programs.inc | ||
18 | |||
19 | mkdir ${HOME}/.config/jami | ||
20 | mkdir ${HOME}/.local/share/jami | ||
21 | whitelist ${HOME}/.config/jami | ||
22 | whitelist ${HOME}/.local/share/jami | ||
23 | include whitelist-common.inc | ||
24 | include whitelist-var-common.inc | ||
25 | |||
26 | caps.drop all | ||
27 | ipc-namespace | ||
28 | netfilter | ||
29 | nodvd | ||
30 | nogroups | ||
31 | nonewprivs | ||
32 | noroot | ||
33 | notv | ||
34 | protocol unix,inet,inet6,netlink | ||
35 | seccomp | ||
36 | shell none | ||
37 | |||
38 | disable-mnt | ||
39 | private-dev | ||
40 | private-tmp | ||
41 | |||
42 | env QT_QPA_PLATFORM=xcb | ||