1 files changed, 55 insertions, 0 deletions
diff --git a/etc/profile-a-l/geekbench.profile b/etc/profile-a-l/geekbench.profile
new file mode 100644
index 000000000..e06a9afad
--- /dev/null
+++ b/etc/profile-a-l/geekbench.profile
@@ -0,0 +1,55 @@
+# Firejail profile for geekbench
+# Description: A cross-platform benchmark that measures processor and memory performance
+# This file is overwritten after every install/update
+# Persistent local customizations
+include geekbench.local
+# Persistent global definitions
+include globals.local
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+include whitelist-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+hostname geekbench
+ipc-namespace
+machine-id
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+tracelog
+disable-mnt
+private-bin bash,geekbenc*,sh
+private-cache
+private-dev
+private-etc alternatives,group,lsb-release,passwd
+private-lib gcc/*/*/libstdc++.so.*
+private-opt none
+private-tmp
+dbus-user none
+dbus-system none
+#memory-deny-write-execute - breaks on Arch (see issue #1803)
+read-only ${HOME}

diff --git a/etc/profile-a-l/geekbench.profile b/etc/profile-a-l/geekbench.profile new file mode 100644 index 000000000..e06a9afad --- /dev/null +++ b/etc/profile-a-l/geekbench.profile
@@ -0,0 +1,55 @@
	1	# Firejail profile for geekbench
	2	# Description: A cross-platform benchmark that measures processor and memory performance
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include geekbench.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	include disable-common.inc
	10	include disable-devel.inc
	11	include disable-exec.inc
	12	include disable-interpreters.inc
	13	include disable-passwdmgr.inc
	14	include disable-programs.inc
	15	include disable-xdg.inc
	16
	17	include whitelist-common.inc
	18	include whitelist-usr-share-common.inc
	19	include whitelist-var-common.inc
	20
	21	apparmor
	22	caps.drop all
	23	hostname geekbench
	24	ipc-namespace
	25	machine-id
	26	netfilter
	27	no3d
	28	nodvd
	29	nogroups
	30	nonewprivs
	31	noroot
	32	nosound
	33	notv
	34	nou2f
	35	novideo
	36	protocol unix,inet,inet6
	37	seccomp
	38	shell none
	39	tracelog
	40
	41	disable-mnt
	42	private-bin bash,geekbenc*,sh
	43	private-cache
	44	private-dev
	45	private-etc alternatives,group,lsb-release,passwd
	46	private-lib gcc///libstdc++.so.*
	47	private-opt none
	48	private-tmp
	49
	50	dbus-user none
	51	dbus-system none
	52
	53	#memory-deny-write-execute - breaks on Arch (see issue #1803)
	54
	55	read-only ${HOME}