Add vmware profile #3526

author: Neo00001 <40570803+Neo00001@users.noreply.github.com> 2020-07-30 23:18:40 +0200
committer: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-07-30 23:21:16 +0200
commit: 6fa68d11ae3f8764e5acca9bfc09fcd2352619d9 (patch)
tree: a6ec48b41cb198ca1913c6682e94b04e8ff37758 /etc
parent: new profile: gnome-calendar (diff)
download: firejail-6fa68d11ae3f8764e5acca9bfc09fcd2352619d9.tar.gz
firejail-6fa68d11ae3f8764e5acca9bfc09fcd2352619d9.tar.zst
firejail-6fa68d11ae3f8764e5acca9bfc09fcd2352619d9.zip
2 files changed, 42 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index f9dc52924..474b59c40 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -773,6 +773,7 @@ blacklist ${HOME}/.viking
 blacklist ${HOME}/.viking-maps
 blacklist ${HOME}/.vim
 blacklist ${HOME}/.vimrc
+blacklist ${HOME}/.vmware
 blacklist ${HOME}/.vscode
 blacklist ${HOME}/.vscode-oss
 blacklist ${HOME}/.vst
@@ -933,6 +934,7 @@ blacklist ${HOME}/.cache/transmission
 blacklist ${HOME}/.cache/vivaldi
 blacklist ${HOME}/.cache/vivaldi-snapshot
 blacklist ${HOME}/.cache/vlc
+blacklist ${HOME}/.cache/vmware
 blacklist ${HOME}/.cache/warsow-2.1
 blacklist ${HOME}/.cache/waterfox
 blacklist ${HOME}/.cache/wesnoth
diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile
new file mode 100644
index 000000000..db5786f82
--- /dev/null
+++ b/etc/profile-m-z/vmware.profile
@@ -0,0 +1,40 @@
+# Firejail profile for vmware
+# Description: The industry standard for running multiple operating systems as virtual machines on a single Linux PC.
+# This file is overwritten after every install/update
+# Persistent local customizations
+include vmware.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.vmware
+noblacklist ${HOME}/.cache/vmware
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+mkdir ${HOME}/.vmware
+mkdir ${HOME}/.cache/vmware
+whitelist ${HOME}/.vmware
+whitelist ${HOME}/.cache/vmware
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+caps.keep chown,net_raw,sys_nice,sys_rawio
+netfilter
+nogroups
+notv
+shell none
+tracelog
+#disable-mnt
+private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,pulse,pki,resolv.conf,ssl,vmware,vmware-installer,vmware-vix
+dbus-user none
+dbus-system none
author	Neo00001 <40570803+Neo00001@users.noreply.github.com>	2020-07-30 23:18:40 +0200
committer	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-07-30 23:21:16 +0200
commit	6fa68d11ae3f8764e5acca9bfc09fcd2352619d9 (patch)
tree	a6ec48b41cb198ca1913c6682e94b04e8ff37758 /etc
parent	new profile: gnome-calendar (diff)
download	firejail-6fa68d11ae3f8764e5acca9bfc09fcd2352619d9.tar.gz firejail-6fa68d11ae3f8764e5acca9bfc09fcd2352619d9.tar.zst firejail-6fa68d11ae3f8764e5acca9bfc09fcd2352619d9.zip

diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index f9dc52924..474b59c40 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc
@@ -773,6 +773,7 @@ blacklist ${HOME}/.viking
773	blacklist ${HOME}/.viking-maps	773	blacklist ${HOME}/.viking-maps
774	blacklist ${HOME}/.vim	774	blacklist ${HOME}/.vim
775	blacklist ${HOME}/.vimrc	775	blacklist ${HOME}/.vimrc
		776	blacklist ${HOME}/.vmware
776	blacklist ${HOME}/.vscode	777	blacklist ${HOME}/.vscode
777	blacklist ${HOME}/.vscode-oss	778	blacklist ${HOME}/.vscode-oss
778	blacklist ${HOME}/.vst	779	blacklist ${HOME}/.vst
@@ -933,6 +934,7 @@ blacklist ${HOME}/.cache/transmission
933	blacklist ${HOME}/.cache/vivaldi	934	blacklist ${HOME}/.cache/vivaldi
934	blacklist ${HOME}/.cache/vivaldi-snapshot	935	blacklist ${HOME}/.cache/vivaldi-snapshot
935	blacklist ${HOME}/.cache/vlc	936	blacklist ${HOME}/.cache/vlc
		937	blacklist ${HOME}/.cache/vmware
936	blacklist ${HOME}/.cache/warsow-2.1	938	blacklist ${HOME}/.cache/warsow-2.1
937	blacklist ${HOME}/.cache/waterfox	939	blacklist ${HOME}/.cache/waterfox
938	blacklist ${HOME}/.cache/wesnoth	940	blacklist ${HOME}/.cache/wesnoth


diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile new file mode 100644 index 000000000..db5786f82 --- /dev/null +++ b/etc/profile-m-z/vmware.profile
@@ -0,0 +1,40 @@
		1	# Firejail profile for vmware
		2	# Description: The industry standard for running multiple operating systems as virtual machines on a single Linux PC.
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include vmware.local
		6	# Persistent global definitions
		7	include globals.local
		8
		9	noblacklist ${HOME}/.vmware
		10	noblacklist ${HOME}/.cache/vmware
		11
		12	include disable-common.inc
		13	include disable-devel.inc
		14	include disable-exec.inc
		15	include disable-interpreters.inc
		16	include disable-passwdmgr.inc
		17	include disable-programs.inc
		18	include disable-xdg.inc
		19
		20	mkdir ${HOME}/.vmware
		21	mkdir ${HOME}/.cache/vmware
		22	whitelist ${HOME}/.vmware
		23	whitelist ${HOME}/.cache/vmware
		24	include whitelist-common.inc
		25	include whitelist-runuser-common.inc
		26	include whitelist-usr-share-common.inc
		27	include whitelist-var-common.inc
		28
		29	caps.keep chown,net_raw,sys_nice,sys_rawio
		30	netfilter
		31	nogroups
		32	notv
		33	shell none
		34	tracelog
		35
		36	#disable-mnt
		37	private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,pulse,pki,resolv.conf,ssl,vmware,vmware-installer,vmware-vix
		38
		39	dbus-user none
		40	dbus-system none