diff options
-rw-r--r-- | etc/cantata.profile | 40 | ||||
-rw-r--r-- | etc/disable-programs.inc | 3 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
3 files changed, 44 insertions, 0 deletions
diff --git a/etc/cantata.profile b/etc/cantata.profile new file mode 100644 index 000000000..e4a4de9c1 --- /dev/null +++ b/etc/cantata.profile | |||
@@ -0,0 +1,40 @@ | |||
1 | # Firejail profile for Cantata | ||
2 | # Description: Multimedia player - Qt5 client for the music Player daemon (MPD) | ||
3 | # This file is overwritten during software install. | ||
4 | # Persistent local customizations | ||
5 | include cantata.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.cache/cantata | ||
10 | noblacklist ${HOME}/.config/cantata | ||
11 | noblacklist ${HOME}/.local/share/cantata | ||
12 | noblacklist ${MUSIC} | ||
13 | |||
14 | noblacklist ${PATH}/perl | ||
15 | noblacklist /usr/lib/perl* | ||
16 | noblacklist /usr/share/perl* | ||
17 | |||
18 | include disable-common.inc | ||
19 | include disable-devel.inc | ||
20 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | ||
22 | include disable-passwdmgr.inc | ||
23 | include disable-programs.inc | ||
24 | include disable-xdg.inc | ||
25 | |||
26 | # apparmor | ||
27 | caps.drop all | ||
28 | ipc-namespace | ||
29 | netfilter | ||
30 | nonewprivs | ||
31 | noroot | ||
32 | nou2f | ||
33 | novideo | ||
34 | protocol unix,inet,inet6,netlink | ||
35 | seccomp | ||
36 | shell none | ||
37 | |||
38 | # private-etc samba,gcrypt,drirc,fonts,mpd.conf,kde5rc,passwd,xdg,hosts,ssl | ||
39 | private-bin cantata,mpd,perl | ||
40 | private-dev | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7de2a620f..cd0cb1f2e 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -128,6 +128,7 @@ blacklist ${HOME}/.config/brasero | |||
128 | blacklist ${HOME}/.config/brave | 128 | blacklist ${HOME}/.config/brave |
129 | blacklist ${HOME}/.config/caja | 129 | blacklist ${HOME}/.config/caja |
130 | blacklist ${HOME}/.config/calibre | 130 | blacklist ${HOME}/.config/calibre |
131 | blacklist ${HOME}/.config/cantata | ||
131 | blacklist ${HOME}/.config/catfish | 132 | blacklist ${HOME}/.config/catfish |
132 | blacklist ${HOME}/.config/celluloid | 133 | blacklist ${HOME}/.config/celluloid |
133 | blacklist ${HOME}/.config/cherrytree | 134 | blacklist ${HOME}/.config/cherrytree |
@@ -451,6 +452,7 @@ blacklist ${HOME}/.local/share/aspyr-media | |||
451 | blacklist ${HOME}/.local/share/baloo | 452 | blacklist ${HOME}/.local/share/baloo |
452 | blacklist ${HOME}/.local/share/bibletime | 453 | blacklist ${HOME}/.local/share/bibletime |
453 | blacklist ${HOME}/.local/share/caja-python | 454 | blacklist ${HOME}/.local/share/caja-python |
455 | blacklist ${HOME}/.local/share/cantata | ||
454 | blacklist ${HOME}/.local/share/cdprojektred | 456 | blacklist ${HOME}/.local/share/cdprojektred |
455 | blacklist ${HOME}/.local/share/clipit | 457 | blacklist ${HOME}/.local/share/clipit |
456 | blacklist ${HOME}/.local/share/contacts | 458 | blacklist ${HOME}/.local/share/contacts |
@@ -648,6 +650,7 @@ blacklist ${HOME}/.cache/attic | |||
648 | blacklist ${HOME}/.cache/bnox | 650 | blacklist ${HOME}/.cache/bnox |
649 | blacklist ${HOME}/.cache/borg | 651 | blacklist ${HOME}/.cache/borg |
650 | blacklist ${HOME}/.cache/calibre | 652 | blacklist ${HOME}/.cache/calibre |
653 | blacklist ${HOME}/.cache/cantata | ||
651 | blacklist ${HOME}/.cache/champlain | 654 | blacklist ${HOME}/.cache/champlain |
652 | blacklist ${HOME}/.cache/chromium | 655 | blacklist ${HOME}/.cache/chromium |
653 | blacklist ${HOME}/.cache/chromium-dev | 656 | blacklist ${HOME}/.cache/chromium-dev |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 2d4902b91..aba0e9f60 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -92,6 +92,7 @@ calligraplanwork | |||
92 | calligrasheets | 92 | calligrasheets |
93 | calligrastage | 93 | calligrastage |
94 | calligrawords | 94 | calligrawords |
95 | cantata | ||
95 | catfish | 96 | catfish |
96 | celluloid | 97 | celluloid |
97 | checkbashisms | 98 | checkbashisms |