aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--etc/inc/disable-programs.inc2
-rw-r--r--etc/profile-m-z/openmw-launcher.profile7
-rw-r--r--etc/profile-m-z/openmw.profile60
3 files changed, 69 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 27f6a938b..33cfbf6f0 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -347,6 +347,7 @@ blacklist ${HOME}/.config/okularrc
347blacklist ${HOME}/.config/onboard 347blacklist ${HOME}/.config/onboard
348blacklist ${HOME}/.config/onionshare 348blacklist ${HOME}/.config/onionshare
349blacklist ${HOME}/.config/onlyoffice 349blacklist ${HOME}/.config/onlyoffice
350blacklist ${HOME}/.config/openmw
350blacklist ${HOME}/.config/opera 351blacklist ${HOME}/.config/opera
351blacklist ${HOME}/.config/opera-beta 352blacklist ${HOME}/.config/opera-beta
352blacklist ${HOME}/.config/orage 353blacklist ${HOME}/.config/orage
@@ -713,6 +714,7 @@ blacklist ${HOME}/.local/share/notes
713blacklist ${HOME}/.local/share/ocenaudio 714blacklist ${HOME}/.local/share/ocenaudio
714blacklist ${HOME}/.local/share/okular 715blacklist ${HOME}/.local/share/okular
715blacklist ${HOME}/.local/share/onlyoffice 716blacklist ${HOME}/.local/share/onlyoffice
717blacklist ${HOME}/.local/share/openmw
716blacklist ${HOME}/.local/share/orage 718blacklist ${HOME}/.local/share/orage
717blacklist ${HOME}/.local/share/org.kde.gwenview 719blacklist ${HOME}/.local/share/org.kde.gwenview
718blacklist ${HOME}/.local/share/Paradox Interactive 720blacklist ${HOME}/.local/share/Paradox Interactive
diff --git a/etc/profile-m-z/openmw-launcher.profile b/etc/profile-m-z/openmw-launcher.profile
new file mode 100644
index 000000000..c9cc144e4
--- /dev/null
+++ b/etc/profile-m-z/openmw-launcher.profile
@@ -0,0 +1,7 @@
1# Firejail profile for openmw-launcher
2# This file is overwritten after every install/update
3# Persistent local customizations
4include openmw-launcher.local
5
6# Redirect
7include openmw.profile
diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile
new file mode 100644
index 000000000..49819f117
--- /dev/null
+++ b/etc/profile-m-z/openmw.profile
@@ -0,0 +1,60 @@
1# Firejail profile for openmw
2# Description: Open source engine re-implementation for Morrowind
3# This file is overwritten after every install/update
4# Persistent local customizations
5include openmw.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/openmw
10noblacklist ${HOME}/.local/share/openmw
11
12include disable-common.inc
13include disable-devel.inc
14include disable-exec.inc
15include disable-interpreters.inc
16include disable-passwdmgr.inc
17include disable-programs.inc
18include disable-shell.inc
19include disable-write-mnt.inc
20include disable-xdg.inc
21
22mkdir ${HOME}/.config/openmw
23mkdir ${HOME}/.local/share/openmw
24whitelist ${HOME}/Downloads/Morrowind
25whitelist ${HOME}/.config/openmw
26whitelist ${HOME}/.local/share/openmw
27whitelist /usr/share/openmw
28include whitelist-common.inc
29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc
31include whitelist-var-common.inc
32
33apparmor
34caps.drop all
35ipc-namespace
36net none
37netfilter
38# Uncomment the following line if installing from disc
39nodvd
40nogroups
41nonewprivs
42noroot
43notv
44nou2f
45novideo
46protocol unix,netlink
47seccomp
48seccomp.block-secondary
49shell none
50tracelog
51
52private-bin bsatool,esmtool,niftest,openmw*
53private-cache
54private-dev
55private-etc alsa,alternatives,asound.conf,bumblebee,drirc,fonts,glvnd,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nvidia,openmw,pango,pulse,Trolltech.conf,X11,xdg
56private-opt none
57private-tmp
58
59dbus-user none
60dbus-system none
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-09 13:29:42 +0000