diff options
author | netblue30 <netblue30@yahoo.com> | 2016-03-26 20:39:16 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-03-26 20:39:16 -0400 |
commit | f841cc971e148d9e73476061a7c0eeaf8de936ae (patch) | |
tree | 562eec1d4da6daed6a1a04aff9d432beea966f39 /etc | |
parent | spilt disable-common.profile into two files (diff) | |
download | firejail-f841cc971e148d9e73476061a7c0eeaf8de936ae.tar.gz firejail-f841cc971e148d9e73476061a7c0eeaf8de936ae.tar.zst firejail-f841cc971e148d9e73476061a7c0eeaf8de936ae.zip |
profile work
Diffstat (limited to 'etc')
58 files changed, 89 insertions, 0 deletions
diff --git a/etc/Mathematica.profile b/etc/Mathematica.profile index 73fb0c9e0..213aa85e5 100644 --- a/etc/Mathematica.profile +++ b/etc/Mathematica.profile | |||
@@ -8,6 +8,7 @@ include /etc/firejail/whitelist-common.inc | |||
8 | include /etc/firejail/disable-mgmt.inc | 8 | include /etc/firejail/disable-mgmt.inc |
9 | include /etc/firejail/disable-secret.inc | 9 | include /etc/firejail/disable-secret.inc |
10 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
11 | include /etc/firejail/disable-programs.inc | ||
11 | include /etc/firejail/disable-devel.inc | 12 | include /etc/firejail/disable-devel.inc |
12 | include /etc/firejail/disable-terminals.inc | 13 | include /etc/firejail/disable-terminals.inc |
13 | caps.drop all | 14 | caps.drop all |
diff --git a/etc/audacious.profile b/etc/audacious.profile index b9ce11c0e..08537b0b4 100644 --- a/etc/audacious.profile +++ b/etc/audacious.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/bitlbee.profile b/etc/bitlbee.profile index ca9e87818..16d013bdd 100644 --- a/etc/bitlbee.profile +++ b/etc/bitlbee.profile | |||
@@ -3,6 +3,7 @@ noblacklist /sbin | |||
3 | noblacklist /usr/sbin | 3 | noblacklist /usr/sbin |
4 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | protocol unix,inet,inet6 | 8 | protocol unix,inet,inet6 |
8 | private | 9 | private |
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index 50c508cf5..25e983b5c 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | 8 | ||
diff --git a/etc/chromium.profile b/etc/chromium.profile index b58931b8d..c9b857e71 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
9 | 10 | ||
10 | # chromium is distributed with a perl script on Arch | 11 | # chromium is distributed with a perl script on Arch |
diff --git a/etc/clementine.profile b/etc/clementine.profile index 92db9488d..8f4670f3b 100644 --- a/etc/clementine.profile +++ b/etc/clementine.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-terminals.inc | 6 | include /etc/firejail/disable-terminals.inc |
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/conkeror.profile b/etc/conkeror.profile index 2d6323d3b..280403811 100644 --- a/etc/conkeror.profile +++ b/etc/conkeror.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.conkeror.mozdev.org | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | caps.drop all | 8 | caps.drop all |
8 | seccomp | 9 | seccomp |
diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index ec9fcd0f0..01378cbc4 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/deluge.profile b/etc/deluge.profile index bcd754952..21d178c08 100644 --- a/etc/deluge.profile +++ b/etc/deluge.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/dnscrypt-proxy.profile b/etc/dnscrypt-proxy.profile index 0bc7ac78e..5702473d3 100644 --- a/etc/dnscrypt-proxy.profile +++ b/etc/dnscrypt-proxy.profile | |||
@@ -3,6 +3,7 @@ noblacklist /sbin | |||
3 | noblacklist /usr/sbin | 3 | noblacklist /usr/sbin |
4 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-secret.inc | 8 | include /etc/firejail/disable-secret.inc |
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
diff --git a/etc/dropbox.profile b/etc/dropbox.profile index 9d2c612de..94b69281b 100644 --- a/etc/dropbox.profile +++ b/etc/dropbox.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-terminals.inc | 6 | include /etc/firejail/disable-terminals.inc |
6 | blacklist ${HOME}/.pki/nssdb | 7 | blacklist ${HOME}/.pki/nssdb |
7 | blacklist ${HOME}/.lastpass | 8 | blacklist ${HOME}/.lastpass |
diff --git a/etc/empathy.profile b/etc/empathy.profile index adaf03e23..015318290 100644 --- a/etc/empathy.profile +++ b/etc/empathy.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.wine | 8 | blacklist ${HOME}/.wine |
diff --git a/etc/epiphany.profile b/etc/epiphany.profile index c7031da71..2e4c7bfc1 100644 --- a/etc/epiphany.profile +++ b/etc/epiphany.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | whitelist ${DOWNLOADS} | 8 | whitelist ${DOWNLOADS} |
diff --git a/etc/evince.profile b/etc/evince.profile index 81878462b..8adf82443 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/fbreader.profile b/etc/fbreader.profile index 4ed942138..04d53a841 100644 --- a/etc/fbreader.profile +++ b/etc/fbreader.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.FBReader | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | blacklist ${HOME}/.pki/nssdb | 9 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/filezilla.profile b/etc/filezilla.profile index 0eabf9a88..3643f3f98 100644 --- a/etc/filezilla.profile +++ b/etc/filezilla.profile | |||
@@ -4,6 +4,7 @@ noblacklist ${HOME}/.config/filezilla | |||
4 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-secret.inc | 5 | include /etc/firejail/disable-secret.inc |
6 | include /etc/firejail/disable-common.inc | 6 | include /etc/firejail/disable-common.inc |
7 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-devel.inc | 8 | include /etc/firejail/disable-devel.inc |
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
9 | blacklist ${HOME}/.wine | 10 | blacklist ${HOME}/.wine |
diff --git a/etc/firefox.profile b/etc/firefox.profile index b06dfa6da..9942bd255 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -6,6 +6,7 @@ noblacklist ~/keepassx.kdbx | |||
6 | include /etc/firejail/disable-mgmt.inc | 6 | include /etc/firejail/disable-mgmt.inc |
7 | include /etc/firejail/disable-secret.inc | 7 | include /etc/firejail/disable-secret.inc |
8 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | ||
9 | include /etc/firejail/disable-devel.inc | 10 | include /etc/firejail/disable-devel.inc |
10 | include /etc/firejail/disable-terminals.inc | 11 | include /etc/firejail/disable-terminals.inc |
11 | 12 | ||
diff --git a/etc/flashpeak-slimjet.profile b/etc/flashpeak-slimjet.profile index f23010040..ff3e266c5 100644 --- a/etc/flashpeak-slimjet.profile +++ b/etc/flashpeak-slimjet.profile | |||
@@ -11,6 +11,7 @@ noblacklist ~/keepassx.kdbx | |||
11 | include /etc/firejail/disable-mgmt.inc | 11 | include /etc/firejail/disable-mgmt.inc |
12 | include /etc/firejail/disable-secret.inc | 12 | include /etc/firejail/disable-secret.inc |
13 | include /etc/firejail/disable-common.inc | 13 | include /etc/firejail/disable-common.inc |
14 | include /etc/firejail/disable-programs.inc | ||
14 | include /etc/firejail/disable-terminals.inc | 15 | include /etc/firejail/disable-terminals.inc |
15 | 16 | ||
16 | # chromium is distributed with a perl script on Arch | 17 | # chromium is distributed with a perl script on Arch |
diff --git a/etc/generic.profile b/etc/generic.profile index 5618a555e..42e39e86c 100644 --- a/etc/generic.profile +++ b/etc/generic.profile | |||
@@ -4,6 +4,7 @@ | |||
4 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-secret.inc | 5 | include /etc/firejail/disable-secret.inc |
6 | include /etc/firejail/disable-common.inc | 6 | include /etc/firejail/disable-common.inc |
7 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | blacklist ${HOME}/.pki/nssdb | 9 | blacklist ${HOME}/.pki/nssdb |
9 | blacklist ${HOME}/.lastpass | 10 | blacklist ${HOME}/.lastpass |
diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index 8062c859a..414873870 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/google-chrome-beta.profile b/etc/google-chrome-beta.profile index 3396585eb..fd167d9e0 100644 --- a/etc/google-chrome-beta.profile +++ b/etc/google-chrome-beta.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
9 | 10 | ||
10 | # chromium is distributed with a perl script on Arch | 11 | # chromium is distributed with a perl script on Arch |
diff --git a/etc/google-chrome-unstable.profile b/etc/google-chrome-unstable.profile index ed4332862..bcd56ed62 100644 --- a/etc/google-chrome-unstable.profile +++ b/etc/google-chrome-unstable.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
9 | 10 | ||
10 | # chromium is distributed with a perl script on Arch | 11 | # chromium is distributed with a perl script on Arch |
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile index 985af38eb..c2665f709 100644 --- a/etc/google-chrome.profile +++ b/etc/google-chrome.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
9 | 10 | ||
10 | # chromium is distributed with a perl script on Arch | 11 | # chromium is distributed with a perl script on Arch |
diff --git a/etc/hedgewars.profile b/etc/hedgewars.profile index 03a376e2f..0c3743ba3 100644 --- a/etc/hedgewars.profile +++ b/etc/hedgewars.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # whitelist profile for Hedgewars (game) | 1 | # whitelist profile for Hedgewars (game) |
2 | 2 | ||
3 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
4 | include /etc/firejail/disable-programs.inc | ||
4 | include /etc/firejail/disable-devel.inc | 5 | include /etc/firejail/disable-devel.inc |
5 | include /etc/firejail/disable-mgmt.inc | 6 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 7 | include /etc/firejail/disable-secret.inc |
diff --git a/etc/hexchat.profile b/etc/hexchat.profile index 8f9e71b44..48b0dac40 100644 --- a/etc/hexchat.profile +++ b/etc/hexchat.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.config/hexchat | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | caps.drop all | 9 | caps.drop all |
diff --git a/etc/kmail.profile b/etc/kmail.profile index ca29675a0..931df67c3 100644 --- a/etc/kmail.profile +++ b/etc/kmail.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.gnupg | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | blacklist ${HOME}/.pki/nssdb | 9 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/lxterminal.profile b/etc/lxterminal.profile index a614a8dbf..7f45c95a9 100644 --- a/etc/lxterminal.profile +++ b/etc/lxterminal.profile | |||
@@ -3,6 +3,7 @@ | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | blacklist ${HOME}/.pki/nssdb | 7 | blacklist ${HOME}/.pki/nssdb |
7 | blacklist ${HOME}/.lastpass | 8 | blacklist ${HOME}/.lastpass |
8 | blacklist ${HOME}/.keepassx | 9 | blacklist ${HOME}/.keepassx |
diff --git a/etc/midori.profile b/etc/midori.profile index e46a6baa2..64a19d452 100644 --- a/etc/midori.profile +++ b/etc/midori.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.config/midori | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | caps.drop all | 9 | caps.drop all |
diff --git a/etc/mupen64plus.profile b/etc/mupen64plus.profile index 239ab3a80..ae61ae068 100644 --- a/etc/mupen64plus.profile +++ b/etc/mupen64plus.profile | |||
@@ -3,6 +3,7 @@ | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | mkdir ${HOME}/.local | 9 | mkdir ${HOME}/.local |
diff --git a/etc/openbox.profile b/etc/openbox.profile new file mode 100644 index 000000000..5fadcee90 --- /dev/null +++ b/etc/openbox.profile | |||
@@ -0,0 +1,16 @@ | |||
1 | ################################ | ||
2 | # Generic GUI application profile | ||
3 | ################################ | ||
4 | include /etc/firejail/disable-mgmt.inc | ||
5 | include /etc/firejail/disable-secret.inc | ||
6 | include /etc/firejail/disable-terminals.inc | ||
7 | blacklist ${HOME}/.pki/nssdb | ||
8 | blacklist ${HOME}/.lastpass | ||
9 | blacklist ${HOME}/.keepassx | ||
10 | blacklist ${HOME}/.password-store | ||
11 | caps.drop all | ||
12 | seccomp | ||
13 | protocol unix,inet,inet6 | ||
14 | netfilter | ||
15 | noroot | ||
16 | |||
diff --git a/etc/opera-beta.profile b/etc/opera-beta.profile index 91eb10787..91c858738 100644 --- a/etc/opera-beta.profile +++ b/etc/opera-beta.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
10 | 11 | ||
diff --git a/etc/opera.profile b/etc/opera.profile index 08bbd5a06..74e331bab 100644 --- a/etc/opera.profile +++ b/etc/opera.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
10 | 11 | ||
diff --git a/etc/parole.profile b/etc/parole.profile index fd49bcf07..9c7764ff9 100644 --- a/etc/parole.profile +++ b/etc/parole.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | private-etc passwd,group,fonts | 8 | private-etc passwd,group,fonts |
diff --git a/etc/pidgin.profile b/etc/pidgin.profile index 54bedccc8..b8b04df18 100644 --- a/etc/pidgin.profile +++ b/etc/pidgin.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.purple | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | blacklist ${HOME}/.wine | 9 | blacklist ${HOME}/.wine |
diff --git a/etc/polari.profile b/etc/polari.profile index 26d5ff27b..8cedddc4e 100644 --- a/etc/polari.profile +++ b/etc/polari.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | mkdir ${HOME}/.local | 8 | mkdir ${HOME}/.local |
diff --git a/etc/qbittorrent.profile b/etc/qbittorrent.profile index f067aaa99..9d0f1ae54 100644 --- a/etc/qbittorrent.profile +++ b/etc/qbittorrent.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/qtox.profile b/etc/qtox.profile index 8e75f01e6..aa6efa5cb 100644 --- a/etc/qtox.profile +++ b/etc/qtox.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.config/tox | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | mkdir ${HOME}/.config/tox | 9 | mkdir ${HOME}/.config/tox |
diff --git a/etc/quassel.profile b/etc/quassel.profile index bc8c76915..d64b0eaa0 100644 --- a/etc/quassel.profile +++ b/etc/quassel.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.wine | 8 | blacklist ${HOME}/.wine |
diff --git a/etc/qutebrowser.profile b/etc/qutebrowser.profile index 83626185b..685a4c86f 100644 --- a/etc/qutebrowser.profile +++ b/etc/qutebrowser.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/.cache/qutebrowser | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
10 | 11 | ||
diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile index a1a20a863..3ef6da11c 100644 --- a/etc/rhythmbox.profile +++ b/etc/rhythmbox.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/rtorrent.profile b/etc/rtorrent.profile index 6041052af..2bb6bf38b 100644 --- a/etc/rtorrent.profile +++ b/etc/rtorrent.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-terminals.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | caps.drop all | 8 | caps.drop all |
diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile index b896af97a..cbe48e425 100644 --- a/etc/seamonkey.profile +++ b/etc/seamonkey.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
10 | 11 | ||
diff --git a/etc/skype.profile b/etc/skype.profile index a33cc339d..c301050b4 100644 --- a/etc/skype.profile +++ b/etc/skype.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.Skype | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | caps.drop all | 9 | caps.drop all |
diff --git a/etc/spotify.profile b/etc/spotify.profile index 1986a513c..5b7cb49a5 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | 7 | ||
7 | # Whitelist the folders needed by Spotify - This is more restrictive | 8 | # Whitelist the folders needed by Spotify - This is more restrictive |
diff --git a/etc/ssh.profile b/etc/ssh.profile new file mode 100644 index 000000000..d78fa749d --- /dev/null +++ b/etc/ssh.profile | |||
@@ -0,0 +1,17 @@ | |||
1 | # ssh client | ||
2 | noblacklist ~/.ssh | ||
3 | include /etc/firejail/disable-mgmt.inc | ||
4 | include /etc/firejail/disable-secret.inc | ||
5 | include /etc/firejail/disable-common.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-terminals.inc | ||
8 | blacklist ${HOME}/.pki/nssdb | ||
9 | blacklist ${HOME}/.lastpass | ||
10 | blacklist ${HOME}/.keepassx | ||
11 | blacklist ${HOME}/.password-store | ||
12 | caps.drop all | ||
13 | seccomp | ||
14 | protocol unix,inet,inet6 | ||
15 | netfilter | ||
16 | noroot | ||
17 | |||
diff --git a/etc/steam.profile b/etc/steam.profile index dc17c7a0f..73ef1e70b 100644 --- a/etc/steam.profile +++ b/etc/steam.profile | |||
@@ -4,6 +4,7 @@ noblacklist ${HOME}/.local/share/steam | |||
4 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-secret.inc | 5 | include /etc/firejail/disable-secret.inc |
6 | include /etc/firejail/disable-common.inc | 6 | include /etc/firejail/disable-common.inc |
7 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-devel.inc | 8 | include /etc/firejail/disable-devel.inc |
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
9 | caps.drop all | 10 | caps.drop all |
diff --git a/etc/telegram.profile b/etc/telegram.profile index 94167675c..8027846dc 100644 --- a/etc/telegram.profile +++ b/etc/telegram.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.TelegramDesktop | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | 9 | ||
diff --git a/etc/totem.profile b/etc/totem.profile index f2485a2d0..bee8d8678 100644 --- a/etc/totem.profile +++ b/etc/totem.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index 18356a91e..ac229e43b 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index cd07f35c7..6e4f096a0 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | blacklist ${HOME}/.pki/nssdb | 8 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/uget-gtk.profile b/etc/uget-gtk.profile index 3b27c00ba..b3360ffb1 100644 --- a/etc/uget-gtk.profile +++ b/etc/uget-gtk.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | include /etc/firejail/disable-mgmt.inc | 2 | include /etc/firejail/disable-mgmt.inc |
3 | include /etc/firejail/disable-secret.inc | 3 | include /etc/firejail/disable-secret.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | caps.drop all | 8 | caps.drop all |
diff --git a/etc/unbound.profile b/etc/unbound.profile index c4f009159..7f36e9588 100644 --- a/etc/unbound.profile +++ b/etc/unbound.profile | |||
@@ -3,6 +3,7 @@ noblacklist /sbin | |||
3 | noblacklist /usr/sbin | 3 | noblacklist /usr/sbin |
4 | include /etc/firejail/disable-mgmt.inc | 4 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-secret.inc | 8 | include /etc/firejail/disable-secret.inc |
8 | include /etc/firejail/disable-terminals.inc | 9 | include /etc/firejail/disable-terminals.inc |
diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile index daab0b81a..a353a4ca8 100644 --- a/etc/vivaldi.profile +++ b/etc/vivaldi.profile | |||
@@ -5,6 +5,7 @@ noblacklist ~/keepassx.kdbx | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
10 | 11 | ||
diff --git a/etc/vlc.profile b/etc/vlc.profile index adcfbb119..3652e1f7d 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.config/vlc | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | blacklist ${HOME}/.pki/nssdb | 9 | blacklist ${HOME}/.pki/nssdb |
diff --git a/etc/weechat.profile b/etc/weechat.profile index 3fbce62ca..4041332be 100644 --- a/etc/weechat.profile +++ b/etc/weechat.profile | |||
@@ -2,6 +2,7 @@ | |||
2 | noblacklist ${HOME}/.weechat | 2 | noblacklist ${HOME}/.weechat |
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-programs.inc | ||
5 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
6 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
7 | caps.drop all | 8 | caps.drop all |
diff --git a/etc/wesnoth.profile b/etc/wesnoth.profile index a5b6127df..57bb13e9d 100644 --- a/etc/wesnoth.profile +++ b/etc/wesnoth.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Whitelist-based profile for "Battle for Wesnoth" (game). | 1 | # Whitelist-based profile for "Battle for Wesnoth" (game). |
2 | 2 | ||
3 | include /etc/firejail/disable-common.inc | 3 | include /etc/firejail/disable-common.inc |
4 | include /etc/firejail/disable-programs.inc | ||
4 | include /etc/firejail/disable-devel.inc | 5 | include /etc/firejail/disable-devel.inc |
5 | include /etc/firejail/disable-mgmt.inc | 6 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 7 | include /etc/firejail/disable-secret.inc |
diff --git a/etc/wine.profile b/etc/wine.profile index ae1f5d1b6..5a86977ee 100644 --- a/etc/wine.profile +++ b/etc/wine.profile | |||
@@ -5,6 +5,7 @@ noblacklist ${HOME}/.wine | |||
5 | include /etc/firejail/disable-mgmt.inc | 5 | include /etc/firejail/disable-mgmt.inc |
6 | include /etc/firejail/disable-secret.inc | 6 | include /etc/firejail/disable-secret.inc |
7 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
9 | include /etc/firejail/disable-terminals.inc | 10 | include /etc/firejail/disable-terminals.inc |
10 | caps.drop all | 11 | caps.drop all |
diff --git a/etc/xchat.profile b/etc/xchat.profile index e2dcadc0e..360ca96a5 100644 --- a/etc/xchat.profile +++ b/etc/xchat.profile | |||
@@ -3,6 +3,7 @@ noblacklist ${HOME}/.config/xchat | |||
3 | include /etc/firejail/disable-mgmt.inc | 3 | include /etc/firejail/disable-mgmt.inc |
4 | include /etc/firejail/disable-secret.inc | 4 | include /etc/firejail/disable-secret.inc |
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | 7 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 8 | include /etc/firejail/disable-terminals.inc |
8 | blacklist ${HOME}/.wine | 9 | blacklist ${HOME}/.wine |