diff options
-rw-r--r-- | etc/inc/disable-common.inc | 3 | ||||
-rw-r--r-- | etc/inc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/profile-m-z/nvim.profile | 52 |
3 files changed, 58 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 543fc235d..43332b4d0 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -18,6 +18,7 @@ blacklist-nolog ${HOME}/.kde4/share/apps/klipper | |||
18 | blacklist-nolog ${HOME}/.local/share/fish/fish_history | 18 | blacklist-nolog ${HOME}/.local/share/fish/fish_history |
19 | blacklist-nolog ${HOME}/.local/share/ibus-typing-booster | 19 | blacklist-nolog ${HOME}/.local/share/ibus-typing-booster |
20 | blacklist-nolog ${HOME}/.local/share/klipper | 20 | blacklist-nolog ${HOME}/.local/share/klipper |
21 | blacklist-nolog ${HOME}/.local/share/nvim | ||
21 | blacklist-nolog ${HOME}/.macromedia | 22 | blacklist-nolog ${HOME}/.macromedia |
22 | blacklist-nolog ${HOME}/.mupdf.history | 23 | blacklist-nolog ${HOME}/.mupdf.history |
23 | blacklist-nolog ${HOME}/.python-history | 24 | blacklist-nolog ${HOME}/.python-history |
@@ -323,6 +324,7 @@ read-only ${HOME}/.ssh/config.d | |||
323 | # Initialization files that allow arbitrary command execution | 324 | # Initialization files that allow arbitrary command execution |
324 | read-only ${HOME}/.caffrc | 325 | read-only ${HOME}/.caffrc |
325 | read-only ${HOME}/.cargo/env | 326 | read-only ${HOME}/.cargo/env |
327 | read-only ${HOME}/.config/nvim | ||
326 | read-only ${HOME}/.dotfiles | 328 | read-only ${HOME}/.dotfiles |
327 | read-only ${HOME}/.emacs | 329 | read-only ${HOME}/.emacs |
328 | read-only ${HOME}/.emacs.d | 330 | read-only ${HOME}/.emacs.d |
@@ -332,6 +334,7 @@ read-only ${HOME}/.homesick | |||
332 | read-only ${HOME}/.iscreenrc | 334 | read-only ${HOME}/.iscreenrc |
333 | read-only ${HOME}/.local/lib | 335 | read-only ${HOME}/.local/lib |
334 | read-only ${HOME}/.local/share/cool-retro-term | 336 | read-only ${HOME}/.local/share/cool-retro-term |
337 | read-only ${HOME}/.local/share/nvim | ||
335 | read-only ${HOME}/.mailcap | 338 | read-only ${HOME}/.mailcap |
336 | read-only ${HOME}/.msmtprc | 339 | read-only ${HOME}/.msmtprc |
337 | read-only ${HOME}/.mutt/muttrc | 340 | read-only ${HOME}/.mutt/muttrc |
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 104f67e1f..5a189559a 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -173,6 +173,7 @@ blacklist ${HOME}/.cache/mutt | |||
173 | blacklist ${HOME}/.cache/mypaint | 173 | blacklist ${HOME}/.cache/mypaint |
174 | blacklist ${HOME}/.cache/netsurf | 174 | blacklist ${HOME}/.cache/netsurf |
175 | blacklist ${HOME}/.cache/nheko | 175 | blacklist ${HOME}/.cache/nheko |
176 | blacklist ${HOME}/.cache/nvim | ||
176 | blacklist ${HOME}/.cache/okular | 177 | blacklist ${HOME}/.cache/okular |
177 | blacklist ${HOME}/.cache/opera | 178 | blacklist ${HOME}/.cache/opera |
178 | blacklist ${HOME}/.cache/opera-beta | 179 | blacklist ${HOME}/.cache/opera-beta |
@@ -541,6 +542,7 @@ blacklist ${HOME}/.config/newsflash | |||
541 | blacklist ${HOME}/.config/nheko | 542 | blacklist ${HOME}/.config/nheko |
542 | blacklist ${HOME}/.config/nomacs | 543 | blacklist ${HOME}/.config/nomacs |
543 | blacklist ${HOME}/.config/nuclear | 544 | blacklist ${HOME}/.config/nuclear |
545 | blacklist ${HOME}/.config/nvim | ||
544 | blacklist ${HOME}/.config/obs-studio | 546 | blacklist ${HOME}/.config/obs-studio |
545 | blacklist ${HOME}/.config/okularpartrc | 547 | blacklist ${HOME}/.config/okularpartrc |
546 | blacklist ${HOME}/.config/okularrc | 548 | blacklist ${HOME}/.config/okularrc |
@@ -947,6 +949,7 @@ blacklist ${HOME}/.local/share/newsboat | |||
947 | blacklist ${HOME}/.local/share/nheko | 949 | blacklist ${HOME}/.local/share/nheko |
948 | blacklist ${HOME}/.local/share/nomacs | 950 | blacklist ${HOME}/.local/share/nomacs |
949 | blacklist ${HOME}/.local/share/notes | 951 | blacklist ${HOME}/.local/share/notes |
952 | blacklist ${HOME}/.local/share/nvim | ||
950 | blacklist ${HOME}/.local/share/ocenaudio | 953 | blacklist ${HOME}/.local/share/ocenaudio |
951 | blacklist ${HOME}/.local/share/okular | 954 | blacklist ${HOME}/.local/share/okular |
952 | blacklist ${HOME}/.local/share/onlyoffice | 955 | blacklist ${HOME}/.local/share/onlyoffice |
diff --git a/etc/profile-m-z/nvim.profile b/etc/profile-m-z/nvim.profile new file mode 100644 index 000000000..27a0aec28 --- /dev/null +++ b/etc/profile-m-z/nvim.profile | |||
@@ -0,0 +1,52 @@ | |||
1 | # Firejail profile for neovim | ||
2 | # Description: Nvim is open source and freely distributable | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include nvim.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.vim | ||
10 | noblacklist ${HOME}/.vimrc | ||
11 | noblacklist ${HOME}/.cache/nvim | ||
12 | noblacklist ${HOME}/.config/nvim | ||
13 | noblacklist ${HOME}/.local/share/nvim | ||
14 | |||
15 | include disable-common.inc | ||
16 | include disable-devel.inc | ||
17 | include disable-programs.inc | ||
18 | include disable-xdg.inc | ||
19 | |||
20 | blacklist ${RUNUSER} | ||
21 | |||
22 | include whitelist-runuser-common.inc | ||
23 | |||
24 | ipc-namespace | ||
25 | machine-id | ||
26 | net none | ||
27 | no3d | ||
28 | nodvd | ||
29 | nogroups | ||
30 | noinput | ||
31 | nonewprivs | ||
32 | noroot | ||
33 | notv | ||
34 | nou2f | ||
35 | novideo | ||
36 | protocol unix,inet,inet6 | ||
37 | seccomp | ||
38 | seccomp.block-secondary | ||
39 | shell none | ||
40 | tracelog | ||
41 | x11 none | ||
42 | |||
43 | private-dev | ||
44 | |||
45 | dbus-user none | ||
46 | dbus-system none | ||
47 | |||
48 | read-only ${HOME}/.config | ||
49 | read-write ${HOME}/.config/nvim | ||
50 | read-write ${HOME}/.local/share/nvim | ||
51 | read-write ${HOME}/.vim | ||
52 | read-write ${HOME}/.vimrc | ||