added whois and dig profiles

author: startx2017 <vradu.startx@yandex.com> 2018-08-30 07:29:05 -0400
committer: startx2017 <vradu.startx@yandex.com> 2018-08-30 07:29:05 -0400
commit: ef4409e7b79b3dabf5a35879138d66b0b8a0c24d (patch)
tree: 8fceede1113e37c629f0f08e2870b3f91ee5292a /etc
parent: little tweak (diff)
download: firejail-ef4409e7b79b3dabf5a35879138d66b0b8a0c24d.tar.gz
firejail-ef4409e7b79b3dabf5a35879138d66b0b8a0c24d.tar.zst
firejail-ef4409e7b79b3dabf5a35879138d66b0b8a0c24d.zip
2 files changed, 92 insertions, 0 deletions
diff --git a/etc/dig.profile b/etc/dig.profile
new file mode 100644
index 000000000..4b6ab0975
--- /dev/null
+++ b/etc/dig.profile
@@ -0,0 +1,47 @@
+quiet
+# Firejail profile for dig
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/dig.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+include /etc/firejail/disable-common.inc
+# include /etc/firejail/disable-devel.inc
+# include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+#include /etc/firejail/disable-xdg.inc
+whitelist ~/.digrc
+include /etc/firejail/whitelist-common.inc
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+# ipc-namespace
+netfilter
+no3d
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+disable-mnt
+private
+private-bin sh,bash,dig
+private-cache
+private-dev
+# private-etc resolv.conf
+private-lib
+private-tmp
+memory-deny-write-execute
+# noexec ${HOME}
+# noexec /tmp
diff --git a/etc/whois.profile b/etc/whois.profile
new file mode 100644
index 000000000..3ef2e1476
--- /dev/null
+++ b/etc/whois.profile
@@ -0,0 +1,45 @@
+quiet
+# Firejail profile for whois
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/whois.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+include /etc/firejail/disable-common.inc
+# include /etc/firejail/disable-devel.inc
+# include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+#include /etc/firejail/disable-xdg.inc
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+# ipc-namespace
+netfilter
+no3d
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol inet,inet6
+seccomp
+shell none
+disable-mnt
+private
+private-bin sh,bash,whois
+private-cache
+private-dev
+# private-etc hosts,services,whois.conf
+private-lib
+private-tmp
+memory-deny-write-execute
+# noexec ${HOME}
+# noexec /tmp
author	startx2017 <vradu.startx@yandex.com>	2018-08-30 07:29:05 -0400
committer	startx2017 <vradu.startx@yandex.com>	2018-08-30 07:29:05 -0400
commit	ef4409e7b79b3dabf5a35879138d66b0b8a0c24d (patch)
tree	8fceede1113e37c629f0f08e2870b3f91ee5292a /etc
parent	little tweak (diff)
download	firejail-ef4409e7b79b3dabf5a35879138d66b0b8a0c24d.tar.gz firejail-ef4409e7b79b3dabf5a35879138d66b0b8a0c24d.tar.zst firejail-ef4409e7b79b3dabf5a35879138d66b0b8a0c24d.zip

diff --git a/etc/dig.profile b/etc/dig.profile new file mode 100644 index 000000000..4b6ab0975 --- /dev/null +++ b/etc/dig.profile
@@ -0,0 +1,47 @@
	1	quiet
	2	# Firejail profile for dig
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include /etc/firejail/dig.local
	6	# Persistent global definitions
	7	include /etc/firejail/globals.local
	8
	9	include /etc/firejail/disable-common.inc
	10	# include /etc/firejail/disable-devel.inc
	11	# include /etc/firejail/disable-interpreters.inc
	12	include /etc/firejail/disable-passwdmgr.inc
	13	include /etc/firejail/disable-programs.inc
	14	#include /etc/firejail/disable-xdg.inc
	15
	16	whitelist ~/.digrc
	17	include /etc/firejail/whitelist-common.inc
	18	include /etc/firejail/whitelist-var-common.inc
	19
	20	caps.drop all
	21	# ipc-namespace
	22	netfilter
	23	no3d
	24	nodbus
	25	nodvd
	26	nogroups
	27	nonewprivs
	28	noroot
	29	nosound
	30	notv
	31	novideo
	32	protocol unix,inet,inet6
	33	seccomp
	34	shell none
	35
	36	disable-mnt
	37	private
	38	private-bin sh,bash,dig
	39	private-cache
	40	private-dev
	41	# private-etc resolv.conf
	42	private-lib
	43	private-tmp
	44
	45	memory-deny-write-execute
	46	# noexec ${HOME}
	47	# noexec /tmp


diff --git a/etc/whois.profile b/etc/whois.profile new file mode 100644 index 000000000..3ef2e1476 --- /dev/null +++ b/etc/whois.profile
@@ -0,0 +1,45 @@
	1	quiet
	2	# Firejail profile for whois
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include /etc/firejail/whois.local
	6	# Persistent global definitions
	7	include /etc/firejail/globals.local
	8
	9	include /etc/firejail/disable-common.inc
	10	# include /etc/firejail/disable-devel.inc
	11	# include /etc/firejail/disable-interpreters.inc
	12	include /etc/firejail/disable-passwdmgr.inc
	13	include /etc/firejail/disable-programs.inc
	14	#include /etc/firejail/disable-xdg.inc
	15
	16	include /etc/firejail/whitelist-var-common.inc
	17
	18	caps.drop all
	19	# ipc-namespace
	20	netfilter
	21	no3d
	22	nodbus
	23	nodvd
	24	nogroups
	25	nonewprivs
	26	noroot
	27	nosound
	28	notv
	29	novideo
	30	protocol inet,inet6
	31	seccomp
	32	shell none
	33
	34	disable-mnt
	35	private
	36	private-bin sh,bash,whois
	37	private-cache
	38	private-dev
	39	# private-etc hosts,services,whois.conf
	40	private-lib
	41	private-tmp
	42
	43	memory-deny-write-execute
	44	# noexec ${HOME}
	45	# noexec /tmp