diff options
Diffstat (limited to 'etc/dino.profile')
-rw-r--r-- | etc/dino.profile | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/etc/dino.profile b/etc/dino.profile index 94563fa1d..0501cd408 100644 --- a/etc/dino.profile +++ b/etc/dino.profile | |||
@@ -1,11 +1,10 @@ | |||
1 | # Persistent global definitions go here | 1 | # Firejail profile for dino |
2 | include /etc/firejail/globals.local | 2 | # This file is overwritten after every install/update |
3 | 3 | # Persistent local customizations | |
4 | # This file is overwritten during software install. | ||
5 | # Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/dino.local | 4 | include /etc/firejail/dino.local |
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | 7 | ||
8 | # Firejail profile for Dino | ||
9 | noblacklist ${HOME}/.local/share/dino | 8 | noblacklist ${HOME}/.local/share/dino |
10 | 9 | ||
11 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
@@ -13,13 +12,12 @@ include /etc/firejail/disable-devel.inc | |||
13 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
14 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
15 | 14 | ||
16 | whitelist ${HOME}/Downloads | ||
17 | mkdir ${HOME}/.local/share/dino | 15 | mkdir ${HOME}/.local/share/dino |
18 | whitelist ${HOME}/.local/share/dino | 16 | whitelist ${HOME}/.local/share/dino |
17 | whitelist ${HOME}/Downloads | ||
19 | include /etc/firejail/whitelist-common.inc | 18 | include /etc/firejail/whitelist-common.inc |
20 | 19 | ||
21 | caps.drop all | 20 | caps.drop all |
22 | #ipc-namespace | ||
23 | netfilter | 21 | netfilter |
24 | no3d | 22 | no3d |
25 | nogroups | 23 | nogroups |
@@ -31,11 +29,11 @@ protocol unix,inet,inet6 | |||
31 | seccomp | 29 | seccomp |
32 | shell none | 30 | shell none |
33 | 31 | ||
32 | disable-mnt | ||
34 | private-bin dino | 33 | private-bin dino |
35 | #private-etc fonts #breaks server connection | ||
36 | private-dev | 34 | private-dev |
35 | # private-etc fonts # breaks server connection | ||
37 | private-tmp | 36 | private-tmp |
38 | disable-mnt | ||
39 | 37 | ||
40 | noexec ${HOME} | 38 | noexec ${HOME} |
41 | noexec /tmp | 39 | noexec /tmp |