aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2018-03-05 14:08:32 +0100
committerLibravatar smitsohu <smitsohu@gmail.com>2018-03-05 14:08:32 +0100
commitb12589f30c1cb6b5b214ee12dcdb4dd847d7da41 (patch)
treeb436b71e6ac6400e3eb64116e1209c1d05a17851 /etc
parentblacklist smartgit password file - #1796 (diff)
parentAdd VS Code profile - see request in #1139 (diff)
downloadfirejail-b12589f30c1cb6b5b214ee12dcdb4dd847d7da41.tar.gz
firejail-b12589f30c1cb6b5b214ee12dcdb4dd847d7da41.tar.zst
firejail-b12589f30c1cb6b5b214ee12dcdb4dd847d7da41.zip
Merge branch 'master' of https://github.com/netblue30/firejail
Diffstat (limited to 'etc')
-rw-r--r--etc/brackets.profile4
-rw-r--r--etc/code.profile36
-rw-r--r--etc/disable-programs.inc2
3 files changed, 40 insertions, 2 deletions
diff --git a/etc/brackets.profile b/etc/brackets.profile
index a5a06f9f3..22a8dffea 100644
--- a/etc/brackets.profile
+++ b/etc/brackets.profile
@@ -22,8 +22,8 @@ noroot
22nosound 22nosound
23notv 23notv
24novideo 24novideo
25protocol unix,inet,inet6 25protocol unix,inet,inet6,netlink
26seccomp 26seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplic
27shell none 27shell none
28 28
29private-dev 29private-dev
diff --git a/etc/code.profile b/etc/code.profile
new file mode 100644
index 000000000..af7d379ed
--- /dev/null
+++ b/etc/code.profile
@@ -0,0 +1,36 @@
1# Firejail profile for Visual Studio Code
2# This file is overwritten after every install/update
3# Persistent local customizations
4include /etc/firejail/code.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7
8noblacklist ${HOME}/.vscode
9noblacklist ${HOME}/.config/Code
10
11include /etc/firejail/disable-common.inc
12include /etc/firejail/disable-passwdmgr.inc
13include /etc/firejail/disable-programs.inc
14
15caps.drop all
16net none
17netfilter
18nodvd
19nogroups
20nonewprivs
21noroot
22nosound
23notv
24novideo
25protocol unix,inet,inet6,netlink
26seccomp
27shell none
28
29private-dev
30private-tmp
31
32# Disabling noexec ${HOME} for now since it will
33# probably interfere with running some programmes
34# in VS Code
35# noexec ${HOME}
36noexec /tmp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index c6cf453e5..a78355031 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -40,6 +40,7 @@ blacklist ${HOME}/.config/Atom
40blacklist ${HOME}/.config/Audaciousrc 40blacklist ${HOME}/.config/Audaciousrc
41blacklist ${HOME}/.config/Brackets 41blacklist ${HOME}/.config/Brackets
42blacklist ${HOME}/.config/Clementine 42blacklist ${HOME}/.config/Clementine
43blacklist ${HOME}/.config/Code
43blacklist ${HOME}/.config/Cryptocat 44blacklist ${HOME}/.config/Cryptocat
44blacklist ${HOME}/.config/Franz 45blacklist ${HOME}/.config/Franz
45blacklist ${HOME}/.config/FreeCAD 46blacklist ${HOME}/.config/FreeCAD
@@ -461,6 +462,7 @@ blacklist ${HOME}/.tuxguitar*
461blacklist ${HOME}/.unknown-horizons 462blacklist ${HOME}/.unknown-horizons
462blacklist ${HOME}/.viking 463blacklist ${HOME}/.viking
463blacklist ${HOME}/.viking-maps 464blacklist ${HOME}/.viking-maps
465blacklist ${HOME}/.vscode
464blacklist ${HOME}/.vst 466blacklist ${HOME}/.vst
465blacklist ${HOME}/.w3m 467blacklist ${HOME}/.w3m
466blacklist ${HOME}/.warzone2100-3.* 468blacklist ${HOME}/.warzone2100-3.*
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 22:09:44 +0000