diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-13 17:47:57 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-13 17:47:57 +0200 |
commit | 5f082480067e8bbdee7984a6869cc6b28aec14e4 (patch) | |
tree | a83fc5119c3dccb2ffd381e55fc7418908830913 /etc | |
parent | OpenArena profile (diff) | |
download | firejail-5f082480067e8bbdee7984a6869cc6b28aec14e4.tar.gz firejail-5f082480067e8bbdee7984a6869cc6b28aec14e4.tar.zst firejail-5f082480067e8bbdee7984a6869cc6b28aec14e4.zip |
Create godot.profile
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/godot.profile | 43 |
2 files changed, 46 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7684aefff..356c8209c 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -179,6 +179,7 @@ blacklist ${HOME}/.config/git | |||
179 | blacklist ${HOME}/.config/globaltime | 179 | blacklist ${HOME}/.config/globaltime |
180 | blacklist ${HOME}/.config/gnome-mplayer | 180 | blacklist ${HOME}/.config/gnome-mplayer |
181 | blacklist ${HOME}/.config/gnome-mpv | 181 | blacklist ${HOME}/.config/gnome-mpv |
182 | blacklist ${HOME}/.config/godot | ||
182 | blacklist ${HOME}/.config/gnome-pie | 183 | blacklist ${HOME}/.config/gnome-pie |
183 | blacklist ${HOME}/.config/google-chrome | 184 | blacklist ${HOME}/.config/google-chrome |
184 | blacklist ${HOME}/.config/google-chrome-beta | 185 | blacklist ${HOME}/.config/google-chrome-beta |
@@ -492,6 +493,7 @@ blacklist ${HOME}/.local/share/gnome-photos | |||
492 | blacklist ${HOME}/.local/share/gnome-recipes | 493 | blacklist ${HOME}/.local/share/gnome-recipes |
493 | blacklist ${HOME}/.local/share/gnome-ring | 494 | blacklist ${HOME}/.local/share/gnome-ring |
494 | blacklist ${HOME}/.local/share/gnome-twitch | 495 | blacklist ${HOME}/.local/share/gnome-twitch |
496 | blacklist ${HOME}/.local/share/godot | ||
495 | blacklist ${HOME}/.local/share/gradio | 497 | blacklist ${HOME}/.local/share/gradio |
496 | blacklist ${HOME}/.local/share/gwenview | 498 | blacklist ${HOME}/.local/share/gwenview |
497 | blacklist ${HOME}/.local/share/kaffeine | 499 | blacklist ${HOME}/.local/share/kaffeine |
@@ -684,6 +686,7 @@ blacklist ${HOME}/.cache/fossamail | |||
684 | blacklist ${HOME}/.cache/freecol | 686 | blacklist ${HOME}/.cache/freecol |
685 | blacklist ${HOME}/.cache/gajim | 687 | blacklist ${HOME}/.cache/gajim |
686 | blacklist ${HOME}/.cache/geeqie | 688 | blacklist ${HOME}/.cache/geeqie |
689 | blacklist ${HOME}/.cache/godot | ||
687 | blacklist ${HOME}/.cache/google-chrome | 690 | blacklist ${HOME}/.cache/google-chrome |
688 | blacklist ${HOME}/.cache/google-chrome-beta | 691 | blacklist ${HOME}/.cache/google-chrome-beta |
689 | blacklist ${HOME}/.cache/google-chrome-unstable | 692 | blacklist ${HOME}/.cache/google-chrome-unstable |
diff --git a/etc/godot.profile b/etc/godot.profile new file mode 100644 index 000000000..596b825eb --- /dev/null +++ b/etc/godot.profile | |||
@@ -0,0 +1,43 @@ | |||
1 | # Firejail profile for godot | ||
2 | # Description: multi-platform 2D and 3D game engine with a feature-rich editor | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include godot.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.cache/godot | ||
10 | noblacklist ${HOME}/.config/godot | ||
11 | noblacklist ${HOME}/.local/share/godot | ||
12 | |||
13 | include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | ||
17 | include disable-passwdmgr.inc | ||
18 | include disable-programs.inc | ||
19 | include disable-xdg.inc | ||
20 | |||
21 | include whitelist-var-common.inc | ||
22 | |||
23 | caps.drop all | ||
24 | netfilter | ||
25 | nodbus | ||
26 | nodvd | ||
27 | nogroups | ||
28 | nonewprivs | ||
29 | noroot | ||
30 | notv | ||
31 | nou2f | ||
32 | novideo | ||
33 | protocol unix,inet,inet6,netlink | ||
34 | seccomp | ||
35 | shell none | ||
36 | tracelog | ||
37 | |||
38 | disable-mnt | ||
39 | private-bin godot | ||
40 | private-cache | ||
41 | private-dev | ||
42 | private-etc ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl,fonts,alsa,asound.conf,machine-id,openal,pulse,alternatives,drirc | ||
43 | private-tmp | ||