4 files changed, 40 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 6288f14e2..4d9c4d85f 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -416,6 +416,7 @@ blacklist ${HOME}/.passwd-s3fs
 blacklist ${HOME}/.pingus
 blacklist ${HOME}/.purple
 blacklist ${HOME}/.qemu-launcher
+blacklist ${HOME}/.redeclipse
 blacklist ${HOME}/.remmina
 blacklist ${HOME}/.repo_.gitconfig.json
 blacklist ${HOME}/.repoconfig
diff --git a/etc/redeclipse.profile b/etc/redeclipse.profile
new file mode 100644
index 000000000..f0a993c54
--- /dev/null
+++ b/etc/redeclipse.profile
@@ -0,0 +1,37 @@
+# Firejail profile for redeclipse
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/redeclipse.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+noblacklist ${HOME}/.redeclipse
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+mkdir ${HOME}/.redeclipse
+whitelist ${HOME}/.redeclipse
+include /etc/firejail/whitelist-common.inc
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+disable-mnt
+private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
diff --git a/etc/xonotic.profile b/etc/xonotic.profile
index d17d2b612..7a466db9b 100644
--- a/etc/xonotic.profile
+++ b/etc/xonotic.profile
@@ -15,6 +15,7 @@ include /etc/firejail/disable-programs.inc
 mkdir ${HOME}/.xonotic
 whitelist ${HOME}/.xonotic
 include /etc/firejail/whitelist-common.inc
+include /etc/firejail/whitelist-var-common.inc
 caps.drop all
 netfilter
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index aff20d998..e9e1db287 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -293,6 +293,7 @@ qupzilla
 qutebrowser
 rambox
 ranger
+redeclipse
 remmina
 rhythmbox
 ricochet

diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 6288f14e2..4d9c4d85f 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc
@@ -416,6 +416,7 @@ blacklist ${HOME}/.passwd-s3fs
416	blacklist ${HOME}/.pingus	416	blacklist ${HOME}/.pingus
417	blacklist ${HOME}/.purple	417	blacklist ${HOME}/.purple
418	blacklist ${HOME}/.qemu-launcher	418	blacklist ${HOME}/.qemu-launcher
		419	blacklist ${HOME}/.redeclipse
419	blacklist ${HOME}/.remmina	420	blacklist ${HOME}/.remmina
420	blacklist ${HOME}/.repo_.gitconfig.json	421	blacklist ${HOME}/.repo_.gitconfig.json
421	blacklist ${HOME}/.repoconfig	422	blacklist ${HOME}/.repoconfig


diff --git a/etc/redeclipse.profile b/etc/redeclipse.profile new file mode 100644 index 000000000..f0a993c54 --- /dev/null +++ b/etc/redeclipse.profile
@@ -0,0 +1,37 @@
		1	# Firejail profile for redeclipse
		2	# This file is overwritten after every install/update
		3	# Persistent local customizations
		4	include /etc/firejail/redeclipse.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
		7
		8	noblacklist ${HOME}/.redeclipse
		9
		10	include /etc/firejail/disable-common.inc
		11	include /etc/firejail/disable-devel.inc
		12	include /etc/firejail/disable-passwdmgr.inc
		13	include /etc/firejail/disable-programs.inc
		14
		15	mkdir ${HOME}/.redeclipse
		16	whitelist ${HOME}/.redeclipse
		17	include /etc/firejail/whitelist-common.inc
		18	include /etc/firejail/whitelist-var-common.inc
		19
		20	caps.drop all
		21	netfilter
		22	nodvd
		23	nogroups
		24	nonewprivs
		25	noroot
		26	notv
		27	novideo
		28	protocol unix,inet,inet6
		29	seccomp
		30	shell none
		31
		32	disable-mnt
		33	private-dev
		34	private-tmp
		35
		36	noexec ${HOME}
		37	noexec /tmp


diff --git a/etc/xonotic.profile b/etc/xonotic.profile index d17d2b612..7a466db9b 100644 --- a/etc/xonotic.profile +++ b/etc/xonotic.profile
@@ -15,6 +15,7 @@ include /etc/firejail/disable-programs.inc
15	mkdir ${HOME}/.xonotic	15	mkdir ${HOME}/.xonotic
16	whitelist ${HOME}/.xonotic	16	whitelist ${HOME}/.xonotic
17	include /etc/firejail/whitelist-common.inc	17	include /etc/firejail/whitelist-common.inc
		18	include /etc/firejail/whitelist-var-common.inc
18		19
19	caps.drop all	20	caps.drop all
20	netfilter	21	netfilter


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index aff20d998..e9e1db287 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -293,6 +293,7 @@ qupzilla
293	qutebrowser	293	qutebrowser
294	rambox	294	rambox
295	ranger	295	ranger
		296	redeclipse
296	remmina	297	remmina
297	rhythmbox	298	rhythmbox
298	ricochet	299	ricochet