diff options
author | netblue30 <netblue30@yahoo.com> | 2016-04-18 09:38:54 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-04-18 09:38:54 -0400 |
commit | 96e801fd8a8f4a743e2286b9367177ce8f7b3c65 (patch) | |
tree | b2f89daf4ae9655535fc4cadd480fe2f53279797 /etc | |
parent | added --writable-etc and --writable-var options (diff) | |
download | firejail-96e801fd8a8f4a743e2286b9367177ce8f7b3c65.tar.gz firejail-96e801fd8a8f4a743e2286b9367177ce8f7b3c65.tar.zst firejail-96e801fd8a8f4a743e2286b9367177ce8f7b3c65.zip |
added okular and gwenview profiles
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 5 | ||||
-rw-r--r-- | etc/gwenview.profile | 19 | ||||
-rw-r--r-- | etc/okular.profile | 21 |
3 files changed, 45 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 43b9cff38..23dd8e025 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -8,6 +8,11 @@ blacklist ${HOME}/.Wolfram Research | |||
8 | blacklist ${HOME}/.config/mupen64plus | 8 | blacklist ${HOME}/.config/mupen64plus |
9 | blacklist ${HOME}/.config/transmission | 9 | blacklist ${HOME}/.config/transmission |
10 | blacklist ${HOME}/.config/uGet | 10 | blacklist ${HOME}/.config/uGet |
11 | blacklist ~/.kde/share/apps/okular | ||
12 | blacklist ~/.kde/share/config/okularrc | ||
13 | blacklist ~/.kde/share/config/okularpartrc | ||
14 | blacklist ~/.kde/share/apps/gwenview | ||
15 | blacklist ~/.kde/share/config/gwenviewrc | ||
11 | 16 | ||
12 | # Media players | 17 | # Media players |
13 | blacklist ${HOME}/.config/cmus | 18 | blacklist ${HOME}/.config/cmus |
diff --git a/etc/gwenview.profile b/etc/gwenview.profile new file mode 100644 index 000000000..d61c57adc --- /dev/null +++ b/etc/gwenview.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # KDE gwenview profile | ||
2 | noblacklist ~/.kde/share/apps/gwenview | ||
3 | noblacklist ~/.kde/share/config/gwenviewrc | ||
4 | include /etc/firejail/disable-common.inc | ||
5 | include /etc/firejail/disable-programs.inc | ||
6 | include /etc/firejail/disable-devel.inc | ||
7 | include /etc/firejail/disable-passwdmgr.inc | ||
8 | caps.drop all | ||
9 | seccomp | ||
10 | protocol unix | ||
11 | noroot | ||
12 | nogroups | ||
13 | private-dev | ||
14 | |||
15 | #Experimental: | ||
16 | #shell none | ||
17 | #private-bin gwenview | ||
18 | #private-etc X11 | ||
19 | |||
diff --git a/etc/okular.profile b/etc/okular.profile new file mode 100644 index 000000000..7929a8796 --- /dev/null +++ b/etc/okular.profile | |||
@@ -0,0 +1,21 @@ | |||
1 | # KDE okular profile | ||
2 | noblacklist ~/.kde/share/apps/okular | ||
3 | noblacklist ~/.kde/share/config/okularrc | ||
4 | noblacklist ~/.kde/share/config/okularpartrc | ||
5 | include /etc/firejail/disable-common.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-devel.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | caps.drop all | ||
10 | seccomp | ||
11 | protocol unix | ||
12 | noroot | ||
13 | nogroups | ||
14 | private-dev | ||
15 | |||
16 | #Experimental: | ||
17 | #net none | ||
18 | #shell none | ||
19 | #private-bin okular,kbuildsycoca4,kbuildsycoca5 | ||
20 | #private-etc X11 | ||
21 | |||