diff options
-rw-r--r-- | etc/gedit.profile | 2 | ||||
-rw-r--r-- | etc/gnome-2048.profile | 2 | ||||
-rw-r--r-- | etc/gnome-books.profile | 2 | ||||
-rw-r--r-- | etc/gnome-chess.profile | 2 | ||||
-rw-r--r-- | etc/gnome-clocks.profile | 2 | ||||
-rw-r--r-- | etc/gnome-contacts.profile | 4 | ||||
-rw-r--r-- | etc/gnome-font-viewer.profile | 2 | ||||
-rw-r--r-- | etc/gnome-maps.profile | 2 | ||||
-rw-r--r-- | etc/gnome-music.profile | 2 | ||||
-rw-r--r-- | etc/gnome-photos.profile | 2 | ||||
-rw-r--r-- | etc/gnome-weather.profile | 2 | ||||
-rw-r--r-- | etc/rhythmbox.profile | 2 | ||||
-rw-r--r-- | etc/totem.profile | 2 |
13 files changed, 27 insertions, 1 deletions
diff --git a/etc/gedit.profile b/etc/gedit.profile index e17d94da0..928006d08 100644 --- a/etc/gedit.profile +++ b/etc/gedit.profile | |||
@@ -15,6 +15,8 @@ include /etc/firejail/disable-common.inc | |||
15 | include /etc/firejail/disable-passwdmgr.inc | 15 | include /etc/firejail/disable-passwdmgr.inc |
16 | include /etc/firejail/disable-programs.inc | 16 | include /etc/firejail/disable-programs.inc |
17 | 17 | ||
18 | include /etc/firejail/whitelist-var-common.inc | ||
19 | |||
18 | caps.drop all | 20 | caps.drop all |
19 | # net none - makes settings immutable | 21 | # net none - makes settings immutable |
20 | no3d | 22 | no3d |
diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile index b07015173..a292633c3 100644 --- a/etc/gnome-2048.profile +++ b/etc/gnome-2048.profile | |||
@@ -12,6 +12,8 @@ include /etc/firejail/disable-devel.inc | |||
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
14 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | ||
16 | |||
15 | mkdir ${HOME}/.local/share/gnome-2048 | 17 | mkdir ${HOME}/.local/share/gnome-2048 |
16 | whitelist ${HOME}/.local/share/gnome-2048 | 18 | whitelist ${HOME}/.local/share/gnome-2048 |
17 | include /etc/firejail/whitelist-common.inc | 19 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile index 5c1d5f137..6998a3a42 100644 --- a/etc/gnome-books.profile +++ b/etc/gnome-books.profile | |||
@@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc | |||
14 | include /etc/firejail/disable-passwdmgr.inc | 14 | include /etc/firejail/disable-passwdmgr.inc |
15 | include /etc/firejail/disable-programs.inc | 15 | include /etc/firejail/disable-programs.inc |
16 | 16 | ||
17 | include /etc/firejail/whitelist-var-common.inc | ||
18 | |||
17 | caps.drop all | 19 | caps.drop all |
18 | netfilter | 20 | netfilter |
19 | no3d | 21 | no3d |
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile index 688df6dfe..4caf971dd 100644 --- a/etc/gnome-chess.profile +++ b/etc/gnome-chess.profile | |||
@@ -12,6 +12,8 @@ include /etc/firejail/disable-devel.inc | |||
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
14 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | ||
16 | |||
15 | caps.drop all | 17 | caps.drop all |
16 | no3d | 18 | no3d |
17 | nodvd | 19 | nodvd |
diff --git a/etc/gnome-clocks.profile b/etc/gnome-clocks.profile index d9bac48eb..be294ae9a 100644 --- a/etc/gnome-clocks.profile +++ b/etc/gnome-clocks.profile | |||
@@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc | |||
11 | include /etc/firejail/disable-passwdmgr.inc | 11 | include /etc/firejail/disable-passwdmgr.inc |
12 | include /etc/firejail/disable-programs.inc | 12 | include /etc/firejail/disable-programs.inc |
13 | 13 | ||
14 | include /etc/firejail/whitelist-var-common.inc | ||
15 | |||
14 | caps.drop all | 16 | caps.drop all |
15 | netfilter | 17 | netfilter |
16 | no3d | 18 | no3d |
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile index 90c2c2628..3a3808e56 100644 --- a/etc/gnome-contacts.profile +++ b/etc/gnome-contacts.profile | |||
@@ -12,6 +12,8 @@ include /etc/firejail/disable-passwdmgr.inc | |||
12 | include /etc/firejail/disable-programs.inc | 12 | include /etc/firejail/disable-programs.inc |
13 | include /etc/firejail/whitelist-common.inc | 13 | include /etc/firejail/whitelist-common.inc |
14 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | ||
16 | |||
15 | caps.drop all | 17 | caps.drop all |
16 | netfilter | 18 | netfilter |
17 | no3d | 19 | no3d |
@@ -21,7 +23,7 @@ noroot | |||
21 | nosound | 23 | nosound |
22 | notv | 24 | notv |
23 | novideo | 25 | novideo |
24 | protocol unix,inet,inet6 | 26 | protocol unix,inet,inet6,netlink |
25 | seccomp | 27 | seccomp |
26 | 28 | ||
27 | disable-mnt | 29 | disable-mnt |
diff --git a/etc/gnome-font-viewer.profile b/etc/gnome-font-viewer.profile index 5ccb28840..cca0313cc 100644 --- a/etc/gnome-font-viewer.profile +++ b/etc/gnome-font-viewer.profile | |||
@@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc | |||
11 | include /etc/firejail/disable-passwdmgr.inc | 11 | include /etc/firejail/disable-passwdmgr.inc |
12 | include /etc/firejail/disable-programs.inc | 12 | include /etc/firejail/disable-programs.inc |
13 | 13 | ||
14 | include /etc/firejail/whitelist-var-common.inc | ||
15 | |||
14 | caps.drop all | 16 | caps.drop all |
15 | netfilter | 17 | netfilter |
16 | no3d | 18 | no3d |
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile index cdbf5cbe0..b1030597c 100644 --- a/etc/gnome-maps.profile +++ b/etc/gnome-maps.profile | |||
@@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc | |||
14 | include /etc/firejail/disable-passwdmgr.inc | 14 | include /etc/firejail/disable-passwdmgr.inc |
15 | include /etc/firejail/disable-programs.inc | 15 | include /etc/firejail/disable-programs.inc |
16 | 16 | ||
17 | include /etc/firejail/whitelist-var-common.inc | ||
18 | |||
17 | caps.drop all | 19 | caps.drop all |
18 | netfilter | 20 | netfilter |
19 | nodvd | 21 | nodvd |
diff --git a/etc/gnome-music.profile b/etc/gnome-music.profile index d3c61d9b4..d1ef20e6b 100644 --- a/etc/gnome-music.profile +++ b/etc/gnome-music.profile | |||
@@ -12,6 +12,8 @@ include /etc/firejail/disable-devel.inc | |||
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
14 | 14 | ||
15 | include /etc/firejail/whitelist-var-common.inc | ||
16 | |||
15 | caps.drop all | 17 | caps.drop all |
16 | netfilter | 18 | netfilter |
17 | no3d | 19 | no3d |
diff --git a/etc/gnome-photos.profile b/etc/gnome-photos.profile index 0e150f525..f9be4c4de 100644 --- a/etc/gnome-photos.profile +++ b/etc/gnome-photos.profile | |||
@@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc | |||
14 | include /etc/firejail/disable-passwdmgr.inc | 14 | include /etc/firejail/disable-passwdmgr.inc |
15 | include /etc/firejail/disable-programs.inc | 15 | include /etc/firejail/disable-programs.inc |
16 | 16 | ||
17 | include /etc/firejail/whitelist-var-common.inc | ||
18 | |||
17 | caps.drop all | 19 | caps.drop all |
18 | netfilter | 20 | netfilter |
19 | nodvd | 21 | nodvd |
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index 4ddbbbde2..e5804687c 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile | |||
@@ -14,6 +14,8 @@ include /etc/firejail/disable-devel.inc | |||
14 | include /etc/firejail/disable-passwdmgr.inc | 14 | include /etc/firejail/disable-passwdmgr.inc |
15 | include /etc/firejail/disable-programs.inc | 15 | include /etc/firejail/disable-programs.inc |
16 | 16 | ||
17 | include /etc/firejail/whitelist-var-common.inc | ||
18 | |||
17 | caps.drop all | 19 | caps.drop all |
18 | netfilter | 20 | netfilter |
19 | no3d | 21 | no3d |
diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile index bcd72be9a..9401f6681 100644 --- a/etc/rhythmbox.profile +++ b/etc/rhythmbox.profile | |||
@@ -11,6 +11,8 @@ include /etc/firejail/disable-devel.inc | |||
11 | include /etc/firejail/disable-passwdmgr.inc | 11 | include /etc/firejail/disable-passwdmgr.inc |
12 | include /etc/firejail/disable-programs.inc | 12 | include /etc/firejail/disable-programs.inc |
13 | 13 | ||
14 | include /etc/firejail/whitelist-var-common.inc | ||
15 | |||
14 | caps.drop all | 16 | caps.drop all |
15 | netfilter | 17 | netfilter |
16 | # no3d | 18 | # no3d |
diff --git a/etc/totem.profile b/etc/totem.profile index a364e4c02..ccf292da0 100644 --- a/etc/totem.profile +++ b/etc/totem.profile | |||
@@ -13,6 +13,8 @@ include /etc/firejail/disable-devel.inc | |||
13 | include /etc/firejail/disable-passwdmgr.inc | 13 | include /etc/firejail/disable-passwdmgr.inc |
14 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
15 | 15 | ||
16 | include /etc/firejail/whitelist-var-common.inc | ||
17 | |||
16 | caps.drop all | 18 | caps.drop all |
17 | netfilter | 19 | netfilter |
18 | nogroups | 20 | nogroups |