diff options
author | rusty-snake <print_hello_world+GitHub@protonmail.com> | 2018-12-31 04:14:38 +0000 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2018-12-30 22:14:38 -0600 |
commit | 803d629fcc2517e3423c9a3e6865997f080517eb (patch) | |
tree | 51b41ead9a7fd3c79c639a9668703ff1c08789cd /etc | |
parent | Merge pull request #2313 from rusty-snake/patch-1 (diff) | |
download | firejail-803d629fcc2517e3423c9a3e6865997f080517eb.tar.gz firejail-803d629fcc2517e3423c9a3e6865997f080517eb.tar.zst firejail-803d629fcc2517e3423c9a3e6865997f080517eb.zip |
Add a profile for ghostwriter (#2319)
* Add a profile for ghostwriter
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/ghostwriter.profile | 61 |
2 files changed, 62 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 68c2da174..08438a165 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -148,6 +148,7 @@ blacklist ${HOME}/.config/geany | |||
148 | blacklist ${HOME}/.config/gedit | 148 | blacklist ${HOME}/.config/gedit |
149 | blacklist ${HOME}/.config/geeqie | 149 | blacklist ${HOME}/.config/geeqie |
150 | blacklist ${HOME}/.config/ghb | 150 | blacklist ${HOME}/.config/ghb |
151 | blacklist ${HOME}/.config/ghostwriter | ||
151 | blacklist ${HOME}/.config/globaltime | 152 | blacklist ${HOME}/.config/globaltime |
152 | blacklist ${HOME}/.config/gnome-mplayer | 153 | blacklist ${HOME}/.config/gnome-mplayer |
153 | blacklist ${HOME}/.config/gnome-mpv | 154 | blacklist ${HOME}/.config/gnome-mpv |
diff --git a/etc/ghostwriter.profile b/etc/ghostwriter.profile new file mode 100644 index 000000000..bdca281ed --- /dev/null +++ b/etc/ghostwriter.profile | |||
@@ -0,0 +1,61 @@ | |||
1 | # Firejail profile for ghostwriter | ||
2 | # Description: Cross-platform, aesthetic, distraction-free Markdown editor. | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include ghostwriter.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/ghostwriter | ||
10 | noblacklist ${DOCUMENTS} | ||
11 | noblacklist ${PICTURES} | ||
12 | |||
13 | include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-interpreters.inc | ||
16 | include disable-passwdmgr.inc | ||
17 | include disable-programs.inc | ||
18 | include disable-xdg.inc | ||
19 | |||
20 | #mkdir ${HOME}/.config/ghostwriter | ||
21 | #mkdir ${DESKTOP} | ||
22 | #mkdir ${DOCUMENTS} | ||
23 | #mkdir ${DOWNLOADS} | ||
24 | #mkdir ${PICTURES} | ||
25 | #whitelist ${HOME}/.config/ghostwriter | ||
26 | #whitelist ${DESKTOP} | ||
27 | #whitelist ${DOCUMENTS} | ||
28 | #whitelist ${DOWNLOADS} | ||
29 | #whitelist ${PICTURES} | ||
30 | #include whitelist-common.inc | ||
31 | |||
32 | apparmor | ||
33 | caps.drop all | ||
34 | machine-id | ||
35 | netfilter | ||
36 | #no3d | ||
37 | #nodbus | ||
38 | nodvd | ||
39 | nogroups | ||
40 | nonewprivs | ||
41 | noroot | ||
42 | nosound | ||
43 | notv | ||
44 | nou2f | ||
45 | novideo | ||
46 | protocol unix,inet,netlink | ||
47 | seccomp | ||
48 | shell none | ||
49 | tracelog | ||
50 | |||
51 | # Breaks Translation | ||
52 | #private-bin ghostwriter,pandoc | ||
53 | private-cache | ||
54 | private-dev | ||
55 | private-etc cups,crypto-policies,localtime,drirc,fonts,gtk-3.0,dconf,machine-id | ||
56 | # Breaks Translation | ||
57 | #private-lib | ||
58 | private-tmp | ||
59 | |||
60 | noexec ${HOME} | ||
61 | noexec /tmp | ||