4 files changed, 48 insertions, 1 deletions

diff --git a/README b/README
index e3169e161..239cd26b0 100644
--- a/README
+++ b/README
@@ -112,6 +112,10 @@ creideiki (https://github.com/creideiki)
         - make the sandbox process reap all children
 chiraag-nataraj (https://github.com/chiraag-nataraj)
         - support for newer Xpra versions (2.1+)
+        - added Viber, amule, ardour5, brackets, calligra, cin, fetchmail profiles
+        - added freecad, google-earth, imagej, kdenlive, linphone, lmms profiles
+        - added macrofusion, mpd, natron, ricochet, shotcut, tor-browser-en profiles
+        - added tor, x-terminal-emulator, zart profiles
 Christian Stadelmann (https://github.com/genodeftest)
         - profile fixes
         - evolution profile fix
@@ -241,6 +245,8 @@ Impyy (https://github.com/Impyy)
         - added mumble profile
 irregulator (https://github.com/irregulator)
         - thunderbird profile fixes for debian stretch
+Irvine (https://github.com/Irvinehimself)
+        - added conky profile
 Ivan Kozik (https://github.com/ivan)
         - speed up sandbox exit
 Jaykishan Mutkawoa (https://github.com/jmutkawoa)
@@ -307,6 +313,8 @@ Mattias Wadman (https://github.com/wader)
         - seccomp errno filter support
 Matthew Gyurgyik (https://github.com/pyther)
         - rpm spec and several fixes
+melvinvermeeren (https://github.com/melvinvermeeren)
+        - added teamspeak3 profile
 Michael Haas (https://github.com/mhaas)
         - bugfixes
 Mike Frysinger (vapier@gentoo.org)
@@ -320,6 +328,8 @@ n1trux (https://github.com/n1trux)
 netblue30 (netblue30@yahoo.com)
 Niklas Haas (https://github.com/haasn)
         - blacklisting for keybase.io's client
+nyancat18 (https://github.com/nyancat18)
+        - added ardour4, dooble, karbon, krita profiles
 Ondra Nekola (https://github.com/satai)
         - allow firefox theming with non-global themes
 Panzerfather (https://github.com/Panzerfather)
diff --git a/README.md b/README.md
index c694bc8db..efc102ba1 100644
--- a/README.md
+++ b/README.md
@@ -179,4 +179,5 @@ amule, ardour4, ardour5, brackets, calligra, calligraauthor, calligraconverter,
 calligraflow, calligraplan, calligraplanwork, calligrasheets, calligrastage,
 calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd, google-earth,
 imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron,
-ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart
+ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart,
+conky
diff --git a/etc/conky.profile b/etc/conky.profile
new file mode 100644
index 000000000..4ee25f099
--- /dev/null
+++ b/etc/conky.profile
@@ -0,0 +1,35 @@
+# Firejail profile for conky
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/conky.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+
+caps.drop all
+ipc-namespace
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+
+disable-mnt
+private-dev
+private-tmp
+
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 5d6afe68b..95fc14d04 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -65,6 +65,7 @@ clementine
 clipit
 cmus
 conkeror
+conky
 corebird
 cvlc
 cyberfox