diff options
Diffstat (limited to 'etc/profile-a-l')
-rw-r--r-- | etc/profile-a-l/brave.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/cinelerra-gg | 10 | ||||
-rw-r--r-- | etc/profile-a-l/deluge.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/evince.profile | 13 | ||||
-rw-r--r-- | etc/profile-a-l/godot3.profile | 11 |
5 files changed, 30 insertions, 8 deletions
diff --git a/etc/profile-a-l/brave.profile b/etc/profile-a-l/brave.profile index 09548c761..071a279b0 100644 --- a/etc/profile-a-l/brave.profile +++ b/etc/profile-a-l/brave.profile | |||
@@ -13,6 +13,8 @@ ignore noexec /tmp | |||
13 | # you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default. | 13 | # you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default. |
14 | # Alternatively you can add 'ignore apparmor' to your brave.local. | 14 | # Alternatively you can add 'ignore apparmor' to your brave.local. |
15 | ignore noexec ${HOME} | 15 | ignore noexec ${HOME} |
16 | # Causes slow starts (#4604) | ||
17 | ignore private-cache | ||
16 | 18 | ||
17 | noblacklist ${HOME}/.cache/BraveSoftware | 19 | noblacklist ${HOME}/.cache/BraveSoftware |
18 | noblacklist ${HOME}/.config/BraveSoftware | 20 | noblacklist ${HOME}/.config/BraveSoftware |
diff --git a/etc/profile-a-l/cinelerra-gg b/etc/profile-a-l/cinelerra-gg new file mode 100644 index 000000000..ccb9fe04b --- /dev/null +++ b/etc/profile-a-l/cinelerra-gg | |||
@@ -0,0 +1,10 @@ | |||
1 | # Firejail profile alias for cin | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include cinelerra-gg.local | ||
5 | # Persistent global definitions | ||
6 | # added by included profile | ||
7 | #include globals.local | ||
8 | |||
9 | # Redirect | ||
10 | include cin.profile | ||
diff --git a/etc/profile-a-l/deluge.profile b/etc/profile-a-l/deluge.profile index fddd613e2..d8a27da62 100644 --- a/etc/profile-a-l/deluge.profile +++ b/etc/profile-a-l/deluge.profile | |||
@@ -36,7 +36,7 @@ nosound | |||
36 | notv | 36 | notv |
37 | nou2f | 37 | nou2f |
38 | novideo | 38 | novideo |
39 | protocol unix,inet,inet6 | 39 | protocol unix,inet,inet6,netlink |
40 | seccomp | 40 | seccomp |
41 | 41 | ||
42 | # deluge is using python on Debian | 42 | # deluge is using python on Debian |
diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index 21bf7eabf..eec9f86db 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile | |||
@@ -6,9 +6,9 @@ include evince.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # WARNING: using bookmarks possibly exposes information, including file history from other programs. | 9 | # WARNING: This exposes information like file history from other programs. |
10 | # Add the next line to your evince.local if you need bookmarks support. This also needs additional dbus-user filtering (see below). | 10 | # You can add a blacklist for it in your evince.local for additional hardening if you can live with some restrictions. |
11 | #noblacklist ${HOME}/.local/share/gvfs-metadata | 11 | noblacklist ${HOME}/.local/share/gvfs-metadata |
12 | 12 | ||
13 | noblacklist ${HOME}/.config/evince | 13 | noblacklist ${HOME}/.config/evince |
14 | noblacklist ${DOCUMENTS} | 14 | noblacklist ${DOCUMENTS} |
@@ -59,9 +59,8 @@ private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd | |||
59 | private-lib evince,gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,gconv,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libarchive.so.*,libdjvulibre.so.*,libgconf-2.so.*,libgraphite2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,libspectre.so.* | 59 | private-lib evince,gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,gconv,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libarchive.so.*,libdjvulibre.so.*,libgconf-2.so.*,libgraphite2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,libspectre.so.* |
60 | private-tmp | 60 | private-tmp |
61 | 61 | ||
62 | # dbus-user filtering might break two-page-view on some systems | ||
63 | dbus-user filter | 62 | dbus-user filter |
64 | # Add the next two lines to your evince.local if you need bookmarks support. | 63 | dbus-user.talk ca.desrt.dconf |
65 | #dbus-user.talk org.gtk.vfs.Daemon | 64 | dbus-user.talk org.gtk.vfs.Daemon |
66 | #dbus-user.talk org.gtk.vfs.Metadata | 65 | dbus-user.talk org.gtk.vfs.Metadata |
67 | dbus-system none | 66 | dbus-system none |
diff --git a/etc/profile-a-l/godot3.profile b/etc/profile-a-l/godot3.profile new file mode 100644 index 000000000..90d1b15b7 --- /dev/null +++ b/etc/profile-a-l/godot3.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # Firejail profile for godot | ||
2 | # Description: multi-platform 2D and 3D game engine with a feature-rich editor | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include godot3.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include globals.local | ||
9 | |||
10 | # Redirect | ||
11 | include godot.profile | ||