diff options
| author |  Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-04-15 22:07:04 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2017-04-15 22:07:04 +0000 |
| commit | ab093e0e560cd72fbb57edce2ef7a0ed12a5a57e (patch) | |
| tree | 29f9cd3e54c5c6aaed98d873d9b9844367452c6b /etc | |
| parent | Merge pull request #1220 from SpotComms/harden (diff) | |
| parent | Add 'tracelog' to Kodi profile (diff) | |
| download | firejail-ab093e0e560cd72fbb57edce2ef7a0ed12a5a57e.tar.gz firejail-ab093e0e560cd72fbb57edce2ef7a0ed12a5a57e.tar.zst firejail-ab093e0e560cd72fbb57edce2ef7a0ed12a5a57e.zip | |
Merge pull request #1221 from SpotComms/kodi
Add a profile for Kodi
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/kodi.profile | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/etc/kodi.profile b/etc/kodi.profile new file mode 100644 index 000000000..45a8430f1 --- /dev/null +++ b/etc/kodi.profile | |||
| @@ -0,0 +1,28 @@ | |||
| 1 | # This file is overwritten during software install. | ||
| 2 | # Persistent customizations should go in a .local file. | ||
| 3 | include /etc/firejail/kodi.local | ||
| 4 | |||
| 5 | # Firejail profile for kodi | ||
| 6 | noblacklist ${HOME}/.kodi | ||
| 7 | mkdir ${HOME}/.kodi | ||
| 8 | |||
| 9 | include /etc/firejail/disable-common.inc | ||
| 10 | include /etc/firejail/disable-passwdmgr.inc | ||
| 11 | include /etc/firejail/disable-programs.inc | ||
| 12 | include /etc/firejail/disable-devel.inc | ||
| 13 | |||
| 14 | caps.drop all | ||
| 15 | netfilter | ||
| 16 | nogroups | ||
| 17 | nonewprivs | ||
| 18 | noroot | ||
| 19 | protocol unix,inet,inet6,netlink | ||
| 20 | seccomp | ||
| 21 | shell none | ||
| 22 | tracelog | ||
| 23 | |||
| 24 | private-dev | ||
| 25 | private-tmp | ||
| 26 | |||
| 27 | noexec ${HOME} | ||
| 28 | noexec /tmp | ||