1 files changed, 53 insertions, 0 deletions
diff --git a/etc/profile-a-l/drawio.profile b/etc/profile-a-l/drawio.profile
new file mode 100644
index 000000000..4132caa4f
--- /dev/null
+++ b/etc/profile-a-l/drawio.profile
@@ -0,0 +1,53 @@
+# Firejail profile for drawio
+# Description: Diagram drawing application built on web technology - desktop version
+# This file is overwritten after every install/update
+# Persistent local customizations
+include drawio.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.config/draw.io
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+mkdir ${HOME}/.config/draw.io
+whitelist ${HOME}/.config/draw.io
+whitelist ${DOWNLOADS}
+include whitelist-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+ipc-namespace
+machine-id
+net none
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp !chroot
+shell none
+# tracelog - breaks on Arch
+private-bin drawio
+private-cache
+private-dev
+private-etc alternatives,fonts
+private-tmp
+dbus-user none
+dbus-system none
+# memory-deny-write-execute - breaks on Arch

diff --git a/etc/profile-a-l/drawio.profile b/etc/profile-a-l/drawio.profile new file mode 100644 index 000000000..4132caa4f --- /dev/null +++ b/etc/profile-a-l/drawio.profile
@@ -0,0 +1,53 @@
	1	# Firejail profile for drawio
	2	# Description: Diagram drawing application built on web technology - desktop version
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include drawio.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${HOME}/.config/draw.io
	10
	11	include disable-common.inc
	12	include disable-devel.inc
	13	include disable-exec.inc
	14	include disable-interpreters.inc
	15	include disable-passwdmgr.inc
	16	include disable-programs.inc
	17	include disable-xdg.inc
	18
	19	mkdir ${HOME}/.config/draw.io
	20	whitelist ${HOME}/.config/draw.io
	21	whitelist ${DOWNLOADS}
	22	include whitelist-common.inc
	23	include whitelist-usr-share-common.inc
	24	include whitelist-var-common.inc
	25
	26	apparmor
	27	caps.drop all
	28	ipc-namespace
	29	machine-id
	30	net none
	31	nodvd
	32	nogroups
	33	nonewprivs
	34	noroot
	35	nosound
	36	notv
	37	nou2f
	38	novideo
	39	protocol unix
	40	seccomp !chroot
	41	shell none
	42	# tracelog - breaks on Arch
	43
	44	private-bin drawio
	45	private-cache
	46	private-dev
	47	private-etc alternatives,fonts
	48	private-tmp
	49
	50	dbus-user none
	51	dbus-system none
	52
	53	# memory-deny-write-execute - breaks on Arch