1 files changed, 13 insertions, 17 deletions
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile
index e6fceadec..f0d452841 100644
--- a/etc/google-chrome.profile
+++ b/etc/google-chrome.profile
@@ -1,39 +1,35 @@
-# Persistent global definitions go here
+# Firejail profile for google-chrome
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
 include /etc/firejail/google-chrome.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-# Google Chrome browser profile
-noblacklist ~/.config/google-chrome
 noblacklist ~/.cache/google-chrome
+noblacklist ~/.config/google-chrome
 noblacklist ~/.pki
-include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-common.inc
 # chromium is distributed with a perl script on Arch
 # include /etc/firejail/disable-devel.inc
-#
+include /etc/firejail/disable-programs.inc
-whitelist ${DOWNLOADS}
-mkdir ~/.config/google-chrome
-whitelist ~/.config/google-chrome
 mkdir ~/.cache/google-chrome
-whitelist ~/.cache/google-chrome
+mkdir ~/.config/google-chrome
 mkdir ~/.pki
+whitelist ${DOWNLOADS}
+whitelist ~/.cache/google-chrome
+whitelist ~/.config/google-chrome
 whitelist ~/.pki
 include /etc/firejail/whitelist-common.inc
 caps.keep sys_chroot,sys_admin
-#ipc-namespace
 netfilter
 nogroups
 shell none
 private-dev
-#private-tmp - problems with multiple browser sessions
+# private-tmp - problems with multiple browser sessions
-#disable-mnt
 noexec ${HOME}
 noexec /tmp

diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile index e6fceadec..f0d452841 100644 --- a/etc/google-chrome.profile +++ b/etc/google-chrome.profile
@@ -1,39 +1,35 @@
1	# Persistent global definitions go here	1	# Firejail profile for google-chrome
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	# This file is overwritten during software install.
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/google-chrome.local	4	include /etc/firejail/google-chrome.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	# Google Chrome browser profile
9	noblacklist ~/.config/google-chrome
10	noblacklist ~/.cache/google-chrome	8	noblacklist ~/.cache/google-chrome
		9	noblacklist ~/.config/google-chrome
11	noblacklist ~/.pki	10	noblacklist ~/.pki
12	include /etc/firejail/disable-common.inc
13	include /etc/firejail/disable-programs.inc
14		11
		12	include /etc/firejail/disable-common.inc
15	# chromium is distributed with a perl script on Arch	13	# chromium is distributed with a perl script on Arch
16	# include /etc/firejail/disable-devel.inc	14	# include /etc/firejail/disable-devel.inc
17	#	15	include /etc/firejail/disable-programs.inc
18		16
19	whitelist ${DOWNLOADS}
20	mkdir ~/.config/google-chrome
21	whitelist ~/.config/google-chrome
22	mkdir ~/.cache/google-chrome	17	mkdir ~/.cache/google-chrome
23	whitelist ~/.cache/google-chrome	18	mkdir ~/.config/google-chrome
24	mkdir ~/.pki	19	mkdir ~/.pki
		20	whitelist ${DOWNLOADS}
		21	whitelist ~/.cache/google-chrome
		22	whitelist ~/.config/google-chrome
25	whitelist ~/.pki	23	whitelist ~/.pki
26	include /etc/firejail/whitelist-common.inc	24	include /etc/firejail/whitelist-common.inc
27		25
28	caps.keep sys_chroot,sys_admin	26	caps.keep sys_chroot,sys_admin
29	#ipc-namespace
30	netfilter	27	netfilter
31	nogroups	28	nogroups
32	shell none	29	shell none
33		30
34	private-dev	31	private-dev
35	#private-tmp - problems with multiple browser sessions	32	# private-tmp - problems with multiple browser sessions
36	#disable-mnt
37		33
38	noexec ${HOME}	34	noexec ${HOME}
39	noexec /tmp	35	noexec /tmp