Merge pull request #2775 from jose1711/udiskie-profile

Add profile for udiskie
author: rusty-snake <print_hello_world+Public@protonmail.com> 2019-06-17 09:52:29 +0000
committer: GitHub <noreply@github.com> 2019-06-17 09:52:29 +0000
commit: 0330e04ec3eab46bb4150dbb593ca7d4ff1665cd (patch)
tree: bc378e19845f5cdd25ee3a662ab76773fda427dd /etc
parent: cleanup (diff)
parent: Apply suggestions from code review (diff)
download: firejail-0330e04ec3eab46bb4150dbb593ca7d4ff1665cd.tar.gz
firejail-0330e04ec3eab46bb4150dbb593ca7d4ff1665cd.tar.zst
firejail-0330e04ec3eab46bb4150dbb593ca7d4ff1665cd.zip
1 files changed, 45 insertions, 0 deletions
diff --git a/etc/udiskie.profile b/etc/udiskie.profile
new file mode 100644
index 000000000..7960b4bc3
--- /dev/null
+++ b/etc/udiskie.profile
@@ -0,0 +1,45 @@
+# Firejail profile for udiskie
+# Description: Removable disk automounter using udisks
+# This file is overwritten after every install/update
+# Persistent local customizations
+include udiskie.local
+# Persistent global definitions
+include globals.local
+# Allow python (blacklisted by disable-interpreters.inc)
+include allow-python3.inc
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+include whitelist-var-common.inc
+caps.drop all
+machine-id
+net none
+no3d
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+private-bin awk,cut,dbus-send,egrep,file,grep,head,python,python3,readlink,sed,sh,udiskie,uname,which,xdg-mime,xdg-open,xprop
+# add your configured file browser in udiskie.local, e. g.
+# private-bin nautilus
+# private-bin thunar
+private-cache
+private-dev
+private-etc ld.so.cache,ld.so.preload,ld.so.conf,ld.so.conf.d,locale,locale.alias,locale.conf,localtime,alternatives,mime.types,xdg
+private-tmp
author	rusty-snake <print_hello_world+Public@protonmail.com>	2019-06-17 09:52:29 +0000
committer	GitHub <noreply@github.com>	2019-06-17 09:52:29 +0000
commit	0330e04ec3eab46bb4150dbb593ca7d4ff1665cd (patch)
tree	bc378e19845f5cdd25ee3a662ab76773fda427dd /etc
parent	cleanup (diff)
parent	Apply suggestions from code review (diff)
download	firejail-0330e04ec3eab46bb4150dbb593ca7d4ff1665cd.tar.gz firejail-0330e04ec3eab46bb4150dbb593ca7d4ff1665cd.tar.zst firejail-0330e04ec3eab46bb4150dbb593ca7d4ff1665cd.zip

diff --git a/etc/udiskie.profile b/etc/udiskie.profile new file mode 100644 index 000000000..7960b4bc3 --- /dev/null +++ b/etc/udiskie.profile
@@ -0,0 +1,45 @@
	1	# Firejail profile for udiskie
	2	# Description: Removable disk automounter using udisks
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include udiskie.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	# Allow python (blacklisted by disable-interpreters.inc)
	10	include allow-python3.inc
	11
	12	include disable-common.inc
	13	include disable-devel.inc
	14	include disable-exec.inc
	15	include disable-interpreters.inc
	16	include disable-passwdmgr.inc
	17	include disable-programs.inc
	18	include disable-xdg.inc
	19
	20	include whitelist-var-common.inc
	21
	22	caps.drop all
	23	machine-id
	24	net none
	25	no3d
	26	nogroups
	27	nonewprivs
	28	noroot
	29	nosound
	30	notv
	31	nou2f
	32	novideo
	33	protocol unix
	34	seccomp
	35	shell none
	36	tracelog
	37
	38	private-bin awk,cut,dbus-send,egrep,file,grep,head,python,python3,readlink,sed,sh,udiskie,uname,which,xdg-mime,xdg-open,xprop
	39	# add your configured file browser in udiskie.local, e. g.
	40	# private-bin nautilus
	41	# private-bin thunar
	42	private-cache
	43	private-dev
	44	private-etc ld.so.cache,ld.so.preload,ld.so.conf,ld.so.conf.d,locale,locale.alias,locale.conf,localtime,alternatives,mime.types,xdg
	45	private-tmp