1 files changed, 51 insertions, 0 deletions
diff --git a/etc/profile-a-l/kiwix-desktop.profile b/etc/profile-a-l/kiwix-desktop.profile
new file mode 100644
index 000000000..d222d6d24
--- /dev/null
+++ b/etc/profile-a-l/kiwix-desktop.profile
@@ -0,0 +1,51 @@
+# Firejail profile for kiwix-desktop
+# Description: view/manage ZIM files
+# This file is overwritten after every install/update
+# Persistent local customizations
+include kiwix-desktop.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.local/share/kiwix
+noblacklist ${HOME}/.local/share/kiwix-desktop
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+mkdir ${HOME}/.local/share/kiwix
+mkdir ${HOME}/.local/share/kiwix-desktop
+whitelist ${HOME}/.local/share/kiwix
+whitelist ${HOME}/.local/share/kiwix-desktop
+include whitelist-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+ipc-namespace
+netfilter
+# no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+# nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp !chroot
+shell none
+disable-mnt
+private-cache
+private-dev
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.cache,machine-id,pki,pulse,resolv.conf,ssl
+private-tmp
+dbus-user none
+dbus-system none

diff --git a/etc/profile-a-l/kiwix-desktop.profile b/etc/profile-a-l/kiwix-desktop.profile new file mode 100644 index 000000000..d222d6d24 --- /dev/null +++ b/etc/profile-a-l/kiwix-desktop.profile
@@ -0,0 +1,51 @@
	1	# Firejail profile for kiwix-desktop
	2	# Description: view/manage ZIM files
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include kiwix-desktop.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${HOME}/.local/share/kiwix
	10	noblacklist ${HOME}/.local/share/kiwix-desktop
	11
	12	include disable-common.inc
	13	include disable-devel.inc
	14	include disable-exec.inc
	15	include disable-interpreters.inc
	16	include disable-passwdmgr.inc
	17	include disable-programs.inc
	18	include disable-xdg.inc
	19
	20	mkdir ${HOME}/.local/share/kiwix
	21	mkdir ${HOME}/.local/share/kiwix-desktop
	22	whitelist ${HOME}/.local/share/kiwix
	23	whitelist ${HOME}/.local/share/kiwix-desktop
	24	include whitelist-common.inc
	25	include whitelist-var-common.inc
	26
	27	apparmor
	28	caps.drop all
	29	ipc-namespace
	30	netfilter
	31	# no3d
	32	nodvd
	33	nogroups
	34	nonewprivs
	35	noroot
	36	# nosound
	37	notv
	38	nou2f
	39	novideo
	40	protocol unix,inet,inet6,netlink
	41	seccomp !chroot
	42	shell none
	43
	44	disable-mnt
	45	private-cache
	46	private-dev
	47	private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.cache,machine-id,pki,pulse,resolv.conf,ssl
	48	private-tmp
	49
	50	dbus-user none
	51	dbus-system none