diff options
author | netblue30 <netblue30@yahoo.com> | 2016-04-15 08:29:50 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-04-15 08:29:50 -0400 |
commit | 5ce8a913a4eca3e3e0b23cf1931bbfae7cb3ae9d (patch) | |
tree | 5052d0a22bc9aee47becc7bcabb1c851af8e5d16 /etc | |
parent | added abrowser profile (diff) | |
download | firejail-5ce8a913a4eca3e3e0b23cf1931bbfae7cb3ae9d.tar.gz firejail-5ce8a913a4eca3e3e0b23cf1931bbfae7cb3ae9d.tar.zst firejail-5ce8a913a4eca3e3e0b23cf1931bbfae7cb3ae9d.zip |
merged 0ad profile from Fred-Barclay
Diffstat (limited to 'etc')
-rw-r--r-- | etc/0ad.profile | 30 | ||||
-rw-r--r-- | etc/disable-programs.inc | 3 |
2 files changed, 33 insertions, 0 deletions
diff --git a/etc/0ad.profile b/etc/0ad.profile new file mode 100644 index 000000000..f8a3ce23d --- /dev/null +++ b/etc/0ad.profile | |||
@@ -0,0 +1,30 @@ | |||
1 | # Firejail profile for 0ad. | ||
2 | noblacklist ~/.config/0ad | ||
3 | include /etc/firejail/disable-common.inc | ||
4 | include /etc/firejail/disable-devel.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | |||
8 | # Call these options | ||
9 | caps.drop all | ||
10 | seccomp | ||
11 | protocol unix,inet,inet6,netlink | ||
12 | netfilter | ||
13 | tracelog | ||
14 | noroot | ||
15 | |||
16 | # Whitelists | ||
17 | noblacklist ~/.cache/0ad | ||
18 | mkdir ~/.cache | ||
19 | mkdir ~/.cache/0ad | ||
20 | whitelist ~/.cache/0ad | ||
21 | |||
22 | mkdir ~/.config | ||
23 | mkdir ~/.config/0ad | ||
24 | whitelist ~/.config/0ad | ||
25 | |||
26 | noblacklist ~/.local/share/0ad | ||
27 | mkdir ~/.local | ||
28 | mkdir ~/.local/share | ||
29 | mkdir ~/.local/share/0ad | ||
30 | whitelist ~/.local/share/0ad | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7faf75638..7f18aa16f 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -53,6 +53,7 @@ blacklist ${HOME}/.TelegramDesktop | |||
53 | blacklist ${HOME}/.hedgewars | 53 | blacklist ${HOME}/.hedgewars |
54 | blacklist ${HOME}/.steam | 54 | blacklist ${HOME}/.steam |
55 | blacklist ${HOME}/.config/wesnoth | 55 | blacklist ${HOME}/.config/wesnoth |
56 | blacklist ${HOME}/.config/0ad | ||
56 | 57 | ||
57 | # Cryptocoins | 58 | # Cryptocoins |
58 | blacklist ${HOME}/.*coin | 59 | blacklist ${HOME}/.*coin |
@@ -81,6 +82,7 @@ blacklist ${HOME}/.cache/thunderbird | |||
81 | blacklist ${HOME}/.cache/icedove | 82 | blacklist ${HOME}/.cache/icedove |
82 | blacklist ${HOME}/.cache/transmission | 83 | blacklist ${HOME}/.cache/transmission |
83 | blacklist ${HOME}/.cache/wesnoth | 84 | blacklist ${HOME}/.cache/wesnoth |
85 | blacklist ${HOME}/.cache/0ad | ||
84 | 86 | ||
85 | # share | 87 | # share |
86 | blacklist ${HOME}/.local/share/epiphany | 88 | blacklist ${HOME}/.local/share/epiphany |
@@ -88,3 +90,4 @@ blacklist ${HOME}/.local/share/mupen64plus | |||
88 | blacklist ${HOME}/.local/share/spotify | 90 | blacklist ${HOME}/.local/share/spotify |
89 | blacklist ${HOME}/.local/share/steam | 91 | blacklist ${HOME}/.local/share/steam |
90 | blacklist ${HOME}/.local/share/wesnoth | 92 | blacklist ${HOME}/.local/share/wesnoth |
93 | blacklist ${HOME}/.local/share/0ad | ||