diff options
-rw-r--r-- | Makefile.in | 1 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/warzone2100.profile | 19 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
5 files changed, 23 insertions, 0 deletions
diff --git a/Makefile.in b/Makefile.in index 64a6fbd76..590f2cd5f 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -165,6 +165,7 @@ realinstall: | |||
165 | install -c -m 0644 .etc/abrowser.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 165 | install -c -m 0644 .etc/abrowser.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
166 | install -c -m 0644 .etc/0ad.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 166 | install -c -m 0644 .etc/0ad.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
167 | install -c -m 0644 .etc/netsurf.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 167 | install -c -m 0644 .etc/netsurf.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
168 | install -c -m 0644 .etc/warzone2100.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
168 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 169 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
169 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 170 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
170 | rm -fr .etc | 171 | rm -fr .etc |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7f18aa16f..43b9cff38 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -54,6 +54,7 @@ blacklist ${HOME}/.hedgewars | |||
54 | blacklist ${HOME}/.steam | 54 | blacklist ${HOME}/.steam |
55 | blacklist ${HOME}/.config/wesnoth | 55 | blacklist ${HOME}/.config/wesnoth |
56 | blacklist ${HOME}/.config/0ad | 56 | blacklist ${HOME}/.config/0ad |
57 | blacklist ${HOME}/.warzone2100-3.1 | ||
57 | 58 | ||
58 | # Cryptocoins | 59 | # Cryptocoins |
59 | blacklist ${HOME}/.*coin | 60 | blacklist ${HOME}/.*coin |
diff --git a/etc/warzone2100.profile b/etc/warzone2100.profile new file mode 100644 index 000000000..73408ffb1 --- /dev/null +++ b/etc/warzone2100.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # Firejail profile for warzone2100 | ||
2 | # Currently supports warzone2100-3.1 | ||
3 | include /etc/firejail/disable-common.inc | ||
4 | include /etc/firejail/disable-devel.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | |||
8 | # Call these options | ||
9 | caps.drop all | ||
10 | netfilter | ||
11 | noroot | ||
12 | protocol unix,inet,inet6,netlink | ||
13 | seccomp | ||
14 | tracelog | ||
15 | |||
16 | # Whitelist | ||
17 | noblacklist ~/.warzone2100-3.1 | ||
18 | mkdir ~/.warzone2100-3.1 | ||
19 | whitelist ~/.warzone2100-3.1 | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 5f1546a4f..2413965ba 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -84,3 +84,4 @@ | |||
84 | /etc/firejail/abrowser.profile | 84 | /etc/firejail/abrowser.profile |
85 | /etc/firejail/0ad.profile | 85 | /etc/firejail/0ad.profile |
86 | /etc/firejail/netsurf.profile | 86 | /etc/firejail/netsurf.profile |
87 | /etc/firejail/warzone2100.profile | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index fed477f44..80433f1e5 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -75,3 +75,4 @@ xchat | |||
75 | # games | 75 | # games |
76 | hedgewars | 76 | hedgewars |
77 | wesnot | 77 | wesnot |
78 | warzone2100 | ||