1 files changed, 59 insertions, 0 deletions
diff --git a/etc/profile-a-l/default.profile b/etc/profile-a-l/default.profile
new file mode 100644
index 000000000..74314cf92
--- /dev/null
+++ b/etc/profile-a-l/default.profile
@@ -0,0 +1,59 @@
+# Firejail profile for default
+# This file is overwritten after every install/update
+# Persistent local customizations
+include default.local
+# Persistent global definitions
+include globals.local
+# generic gui profile
+# depending on your usage, you can enable some of the commands below:
+include disable-common.inc
+# include disable-devel.inc
+# include disable-exec.inc
+# include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+# include disable-xdg.inc
+# include whitelist-common.inc
+# include whitelist-usr-share-common.inc
+# include whitelist-runuser-common.inc
+# include whitelist-var-common.inc
+# apparmor
+caps.drop all
+# ipc-namespace
+# machine-id
+# net none
+netfilter
+# no3d
+# nodvd
+# nogroups
+nonewprivs
+noroot
+# nosound
+# notv
+# nou2f
+# novideo
+protocol unix,inet,inet6
+seccomp
+# shell none
+# tracelog
+# disable-mnt
+# private
+# private-bin program
+# private-cache
+# private-dev
+# see /usr/share/doc/firejail/profile.template for more common private-etc paths.
+# private-etc alternatives,fonts,machine-id
+# private-lib
+# private-opt none
+# private-tmp
+# dbus-user none
+# dbus-system none
+# memory-deny-write-execute
+# read-only ${HOME}

diff --git a/etc/profile-a-l/default.profile b/etc/profile-a-l/default.profile new file mode 100644 index 000000000..74314cf92 --- /dev/null +++ b/etc/profile-a-l/default.profile
@@ -0,0 +1,59 @@
	1	# Firejail profile for default
	2	# This file is overwritten after every install/update
	3	# Persistent local customizations
	4	include default.local
	5	# Persistent global definitions
	6	include globals.local
	7
	8	# generic gui profile
	9	# depending on your usage, you can enable some of the commands below:
	10
	11	include disable-common.inc
	12	# include disable-devel.inc
	13	# include disable-exec.inc
	14	# include disable-interpreters.inc
	15	include disable-passwdmgr.inc
	16	include disable-programs.inc
	17	# include disable-xdg.inc
	18
	19	# include whitelist-common.inc
	20	# include whitelist-usr-share-common.inc
	21	# include whitelist-runuser-common.inc
	22	# include whitelist-var-common.inc
	23
	24	# apparmor
	25	caps.drop all
	26	# ipc-namespace
	27	# machine-id
	28	# net none
	29	netfilter
	30	# no3d
	31	# nodvd
	32	# nogroups
	33	nonewprivs
	34	noroot
	35	# nosound
	36	# notv
	37	# nou2f
	38	# novideo
	39	protocol unix,inet,inet6
	40	seccomp
	41	# shell none
	42	# tracelog
	43
	44	# disable-mnt
	45	# private
	46	# private-bin program
	47	# private-cache
	48	# private-dev
	49	# see /usr/share/doc/firejail/profile.template for more common private-etc paths.
	50	# private-etc alternatives,fonts,machine-id
	51	# private-lib
	52	# private-opt none
	53	# private-tmp
	54
	55	# dbus-user none
	56	# dbus-system none
	57
	58	# memory-deny-write-execute
	59	# read-only ${HOME}