1 files changed, 56 insertions, 0 deletions
diff --git a/etc/gnome-passwordsafe.profile b/etc/gnome-passwordsafe.profile
new file mode 100644
index 000000000..685a5cc3f
--- /dev/null
+++ b/etc/gnome-passwordsafe.profile
@@ -0,0 +1,56 @@
+# Firejail profile for gnome-passwordsafe
+# Description: Password manager for GNOME
+# This file is overwritten after every install/update
+# Persistent local customizations
+include gnome-passwordsafe.local
+# Persistent global definitions
+include globals.local
+noblacklist ${DOCUMENTS}
+noblacklist ${HOME}/*.kdb
+noblacklist ${HOME}/*.kdbx
+# Allow python (blacklisted by disable-interpreters.inc)
+include allow-python3.inc
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+whitelist ${RUNUSER}/bus
+whitelist ${RUNUSER}/wayland-?
+whitelist ${RUNUSER}/gdm/Xauthority
+whitelist /usr/share/cracklib
+whitelist /usr/share/passwordsafe
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+disable-mnt
+private-bin gnome-passwordsafe,python3*
+private-cache
+private-dev
+private-etc dconf,fonts,gtk-3.0,passwd
+private-tmp

diff --git a/etc/gnome-passwordsafe.profile b/etc/gnome-passwordsafe.profile new file mode 100644 index 000000000..685a5cc3f --- /dev/null +++ b/etc/gnome-passwordsafe.profile
@@ -0,0 +1,56 @@
	1	# Firejail profile for gnome-passwordsafe
	2	# Description: Password manager for GNOME
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include gnome-passwordsafe.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${DOCUMENTS}
	10	noblacklist ${HOME}/*.kdb
	11	noblacklist ${HOME}/*.kdbx
	12
	13	# Allow python (blacklisted by disable-interpreters.inc)
	14	include allow-python3.inc
	15
	16	include disable-common.inc
	17	include disable-devel.inc
	18	include disable-exec.inc
	19	include disable-interpreters.inc
	20	include disable-passwdmgr.inc
	21	include disable-programs.inc
	22	include disable-xdg.inc
	23
	24	whitelist ${RUNUSER}/bus
	25	whitelist ${RUNUSER}/wayland-?
	26	whitelist ${RUNUSER}/gdm/Xauthority
	27
	28	whitelist /usr/share/cracklib
	29	whitelist /usr/share/passwordsafe
	30	include whitelist-usr-share-common.inc
	31	include whitelist-var-common.inc
	32
	33	apparmor
	34	caps.drop all
	35	machine-id
	36	net none
	37	no3d
	38	nodvd
	39	nogroups
	40	nonewprivs
	41	noroot
	42	nosound
	43	notv
	44	nou2f
	45	novideo
	46	protocol unix
	47	seccomp
	48	shell none
	49	tracelog
	50
	51	disable-mnt
	52	private-bin gnome-passwordsafe,python3*
	53	private-cache
	54	private-dev
	55	private-etc dconf,fonts,gtk-3.0,passwd
	56	private-tmp