aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar Tad <tad@spotco.us>2019-03-28 14:32:02 -0400
committerLibravatar Tad <tad@spotco.us>2019-03-28 14:32:02 -0400
commit8e5ad206ecd3b6def06ef9c36e0a02dd22f33625 (patch)
treed6c452d9ca914319ea931e766687dbc206738ad8 /etc
parentAdd VCS support to meld (#2615) (diff)
downloadfirejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.tar.gz
firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.tar.zst
firejail-8e5ad206ecd3b6def06ef9c36e0a02dd22f33625.zip
Five more game profiles
Diffstat (limited to 'etc')
-rw-r--r--etc/disable-programs.inc10
-rw-r--r--etc/freecol.profile60
-rw-r--r--etc/nethack-vultures.profile47
-rw-r--r--etc/opencity.profile44
-rw-r--r--etc/openclonk.profile44
-rw-r--r--etc/slashem.profile47
-rw-r--r--etc/vulturesclaw.profile8
-rw-r--r--etc/vultureseye.profile8
8 files changed, 268 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 35b294955..f5a40ff5f 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -51,6 +51,7 @@ blacklist ${HOME}/.bogofilter
51blacklist ${HOME}/.bzf 51blacklist ${HOME}/.bzf
52blacklist ${HOME}/.claws-mail 52blacklist ${HOME}/.claws-mail
53blacklist ${HOME}/.cliqz 53blacklist ${HOME}/.cliqz
54blacklist ${HOME}/.clonk
54blacklist ${HOME}/.config/0ad 55blacklist ${HOME}/.config/0ad
55blacklist ${HOME}/.config/2048-qt 56blacklist ${HOME}/.config/2048-qt
56blacklist ${HOME}/.config/Atom 57blacklist ${HOME}/.config/Atom
@@ -157,6 +158,7 @@ blacklist ${HOME}/.config/falkon
157blacklist ${HOME}/.config/filezilla 158blacklist ${HOME}/.config/filezilla
158blacklist ${HOME}/.config/flowblade 159blacklist ${HOME}/.config/flowblade
159blacklist ${HOME}/.config/font-manager 160blacklist ${HOME}/.config/font-manager
161blacklist ${HOME}/.config/freecol
160blacklist ${HOME}/.config/gajim 162blacklist ${HOME}/.config/gajim
161blacklist ${HOME}/.config/galculator 163blacklist ${HOME}/.config/galculator
162blacklist ${HOME}/.config/gconf 164blacklist ${HOME}/.config/gconf
@@ -325,6 +327,7 @@ blacklist ${HOME}/.flowblade
325blacklist ${HOME}/.fltk 327blacklist ${HOME}/.fltk
326blacklist ${HOME}/.fossamail 328blacklist ${HOME}/.fossamail
327blacklist ${HOME}/.freeciv 329blacklist ${HOME}/.freeciv
330blacklist ${HOME}/.freecol
328blacklist ${HOME}/.freemind 331blacklist ${HOME}/.freemind
329blacklist ${HOME}/.frozen-bubble 332blacklist ${HOME}/.frozen-bubble
330blacklist ${HOME}/.gimp* 333blacklist ${HOME}/.gimp*
@@ -455,6 +458,7 @@ blacklist ${HOME}/.local/share/epiphany
455blacklist ${HOME}/.local/share/evolution 458blacklist ${HOME}/.local/share/evolution
456blacklist ${HOME}/.local/share/feedreader 459blacklist ${HOME}/.local/share/feedreader
457blacklist ${HOME}/.local/share/feral-interactive 460blacklist ${HOME}/.local/share/feral-interactive
461blacklist ${HOME}/.local/share/freecol
458blacklist ${HOME}/.local/share/gajim 462blacklist ${HOME}/.local/share/gajim
459blacklist ${HOME}/.local/share/geary 463blacklist ${HOME}/.local/share/geary
460blacklist ${HOME}/.local/share/geeqie 464blacklist ${HOME}/.local/share/geeqie
@@ -546,6 +550,7 @@ blacklist ${HOME}/.netactview
546blacklist ${HOME}/.neverball 550blacklist ${HOME}/.neverball
547blacklist ${HOME}/.nv 551blacklist ${HOME}/.nv
548blacklist ${HOME}/.nylas-mail 552blacklist ${HOME}/.nylas-mail
553blacklist ${HOME}/.opencity
549blacklist ${HOME}/.openinvaders 554blacklist ${HOME}/.openinvaders
550blacklist ${HOME}/.openshot 555blacklist ${HOME}/.openshot
551blacklist ${HOME}/.openshot_qt 556blacklist ${HOME}/.openshot_qt
@@ -595,6 +600,7 @@ blacklist ${HOME}/.viking-maps
595blacklist ${HOME}/.vscode 600blacklist ${HOME}/.vscode
596blacklist ${HOME}/.vscode-oss 601blacklist ${HOME}/.vscode-oss
597blacklist ${HOME}/.vst 602blacklist ${HOME}/.vst
603blacklist ${HOME}/.vultures
598blacklist ${HOME}/.w3m 604blacklist ${HOME}/.w3m
599blacklist ${HOME}/.warzone2100-3.* 605blacklist ${HOME}/.warzone2100-3.*
600blacklist ${HOME}/.waterfox 606blacklist ${HOME}/.waterfox
@@ -644,6 +650,7 @@ blacklist ${HOME}/.cache/falkon
644blacklist ${HOME}/.cache/feedreader 650blacklist ${HOME}/.cache/feedreader
645blacklist ${HOME}/.cache/font-manager 651blacklist ${HOME}/.cache/font-manager
646blacklist ${HOME}/.cache/fossamail 652blacklist ${HOME}/.cache/fossamail
653blacklist ${HOME}/.cache/freecol
647blacklist ${HOME}/.cache/gajim 654blacklist ${HOME}/.cache/gajim
648blacklist ${HOME}/.cache/geeqie 655blacklist ${HOME}/.cache/geeqie
649blacklist ${HOME}/.cache/google-chrome 656blacklist ${HOME}/.cache/google-chrome
@@ -717,4 +724,7 @@ blacklist ${HOME}/.cache/yandex-browser
717blacklist ${HOME}/.cache/yandex-browser-beta 724blacklist ${HOME}/.cache/yandex-browser-beta
718 725
719blacklist /var/games/nethack 726blacklist /var/games/nethack
727blacklist /var/games/slashem
728blacklist /var/games/vulturesclaw
729blacklist /var/games/vultureseye
720blacklist /var/lib/games/Maelstrom-Scores 730blacklist /var/lib/games/Maelstrom-Scores
diff --git a/etc/freecol.profile b/etc/freecol.profile
new file mode 100644
index 000000000..7987cc076
--- /dev/null
+++ b/etc/freecol.profile
@@ -0,0 +1,60 @@
1# Firejail profile for freecol
2# Description: Turn-based multi-player strategy game
3# This file is overwritten after every install/update
4# Persistent local customizations
5include freecol.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.freecol
10noblacklist ${HOME}/.java
11noblacklist ${HOME}/.cache/freecol
12noblacklist ${HOME}/.config/freecol
13noblacklist ${HOME}/.local/share/freecol
14
15# Allow access to java
16noblacklist ${PATH}/java
17noblacklist /usr/lib/java
18noblacklist /etc/java
19noblacklist /usr/share/java
20
21include disable-common.inc
22include disable-devel.inc
23include disable-exec.inc
24include disable-interpreters.inc
25include disable-passwdmgr.inc
26include disable-programs.inc
27include disable-xdg.inc
28
29mkdir ${HOME}/.java
30mkdir ${HOME}/.cache/freecol
31mkdir ${HOME}/.config/freecol
32mkdir ${HOME}/.local/share/freecol
33whitelist ${HOME}/.freecol
34whitelist ${HOME}/.java
35whitelist ${HOME}/.cache/freecol
36whitelist ${HOME}/.config/freecol
37whitelist ${HOME}/.local/share/freecol
38include whitelist-common.inc
39include whitelist-var-common.inc
40
41caps.drop all
42ipc-namespace
43netfilter
44nodbus
45nodvd
46nogroups
47nonewprivs
48noroot
49notv
50nou2f
51novideo
52protocol unix,inet,inet6
53seccomp
54shell none
55tracelog
56
57disable-mnt
58private-cache
59private-dev
60private-tmp
diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile
new file mode 100644
index 000000000..771430337
--- /dev/null
+++ b/etc/nethack-vultures.profile
@@ -0,0 +1,47 @@
1# Firejail profile for nethack-vultures
2# Description: A rogue-like single player dungeon exploration game
3# This file is overwritten after every install/update
4# Persistent local customizations
5include nethack.local
6# Persistent global definitions
7include globals.local
8
9
10noblacklist ${HOME}/.vultures
11noblacklist /var/log
12
13include disable-common.inc
14include disable-devel.inc
15include disable-interpreters.inc
16include disable-passwdmgr.inc
17include disable-programs.inc
18
19mkdir ${HOME}/.vultures
20whitelist ${HOME}/.vultures
21whitelist /var/log/vultures
22include whitelist-common.inc
23include whitelist-var-common.inc
24
25caps.drop all
26ipc-namespace
27net none
28nodbus
29nodvd
30nogroups
31#nonewprivs
32#noroot
33notv
34novideo
35#protocol unix,netlink
36#seccomp
37shell none
38
39disable-mnt
40#private
41private-cache
42private-dev
43private-tmp
44writable-var
45
46noexec ${HOME}
47noexec /tmp
diff --git a/etc/opencity.profile b/etc/opencity.profile
new file mode 100644
index 000000000..6a27c8095
--- /dev/null
+++ b/etc/opencity.profile
@@ -0,0 +1,44 @@
1# Firejail profile for opencity
2# Description: Full 3D city simulator game project
3# This file is overwritten after every install/update
4# Persistent local customizations
5include opencity.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.opencity
10
11include disable-common.inc
12include disable-devel.inc
13include disable-exec.inc
14include disable-interpreters.inc
15include disable-passwdmgr.inc
16include disable-programs.inc
17include disable-xdg.inc
18
19mkdir ${HOME}/.opencity
20whitelist ${HOME}/.opencity
21include whitelist-common.inc
22include whitelist-var-common.inc
23
24caps.drop all
25ipc-namespace
26net none
27nodbus
28nodvd
29nogroups
30nonewprivs
31noroot
32notv
33nou2f
34novideo
35protocol unix
36seccomp
37shell none
38tracelog
39
40disable-mnt
41private-bin opencity
42private-cache
43private-dev
44private-tmp
diff --git a/etc/openclonk.profile b/etc/openclonk.profile
new file mode 100644
index 000000000..02663c2f4
--- /dev/null
+++ b/etc/openclonk.profile
@@ -0,0 +1,44 @@
1# Firejail profile for openclonk
2# Description: Multiplayer action, tactics and skill game
3# This file is overwritten after every install/update
4# Persistent local customizations
5include openclonk.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.clonk
10
11include disable-common.inc
12include disable-devel.inc
13include disable-exec.inc
14include disable-interpreters.inc
15include disable-passwdmgr.inc
16include disable-programs.inc
17include disable-xdg.inc
18
19mkdir ${HOME}/.clonk
20whitelist ${HOME}/.clonk
21include whitelist-common.inc
22include whitelist-var-common.inc
23
24caps.drop all
25ipc-namespace
26net none
27nodbus
28nodvd
29nogroups
30nonewprivs
31noroot
32notv
33nou2f
34novideo
35protocol unix
36seccomp
37shell none
38tracelog
39
40disable-mnt
41private-bin openclonk,c4group
42private-cache
43private-dev
44private-tmp
diff --git a/etc/slashem.profile b/etc/slashem.profile
new file mode 100644
index 000000000..0a372ce5f
--- /dev/null
+++ b/etc/slashem.profile
@@ -0,0 +1,47 @@
1# Firejail profile for slashem
2# Description: A rogue-like single player dungeon exploration game
3# This file is overwritten after every install/update
4# Persistent local customizations
5include slashem.local
6# Persistent global definitions
7include globals.local
8
9
10noblacklist /var/games/slashem
11
12include disable-common.inc
13include disable-devel.inc
14include disable-interpreters.inc
15include disable-passwdmgr.inc
16include disable-programs.inc
17
18whitelist /var/games/slashem
19include whitelist-common.inc
20include whitelist-var-common.inc
21
22caps.drop all
23ipc-namespace
24net none
25no3d
26nodbus
27nodvd
28nogroups
29#nonewprivs
30#noroot
31nosound
32notv
33novideo
34#protocol unix,netlink
35#seccomp
36shell none
37
38disable-mnt
39#private
40private-cache
41private-dev
42private-tmp
43writable-var
44
45#memory-deny-write-execute
46noexec ${HOME}
47noexec /tmp
diff --git a/etc/vulturesclaw.profile b/etc/vulturesclaw.profile
new file mode 100644
index 000000000..2e9078a7b
--- /dev/null
+++ b/etc/vulturesclaw.profile
@@ -0,0 +1,8 @@
1# Firejail profile alias for nethack-vultures
2# This file is overwritten after every install/update
3
4noblacklist /var/games/vulturesclaw
5whitelist /var/games/vulturesclaw
6
7# Redirect
8include nethack-vultures.profile
diff --git a/etc/vultureseye.profile b/etc/vultureseye.profile
new file mode 100644
index 000000000..44c263cfc
--- /dev/null
+++ b/etc/vultureseye.profile
@@ -0,0 +1,8 @@
1# Firejail profile alias for nethack-vultures
2# This file is overwritten after every install/update
3
4noblacklist /var/games/vultureseye
5whitelist /var/games/vultureseye
6
7# Redirect
8include nethack-vultures.profile
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 04:44:31 +0000