diff options
Diffstat (limited to 'etc/profile-m-z/npm.profile')
-rw-r--r-- | etc/profile-m-z/npm.profile | 53 |
1 files changed, 9 insertions, 44 deletions
diff --git a/etc/profile-m-z/npm.profile b/etc/profile-m-z/npm.profile index 2136fb443..e95e875be 100644 --- a/etc/profile-m-z/npm.profile +++ b/etc/profile-m-z/npm.profile | |||
@@ -1,64 +1,29 @@ | |||
1 | # Firejail profile for npm | 1 | # Firejail profile for npm |
2 | # Description: The Node.js Package Manager | 2 | # Description: The Node.js Package Manager |
3 | quiet | ||
3 | # This file is overwritten after every install/update | 4 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 5 | # Persistent local customizations |
5 | include npm.local | 6 | include npm.local |
6 | # Persistent global definitions | 7 | # Persistent global definitions |
7 | include globals.local | 8 | include globals.local |
8 | 9 | ||
9 | blacklist /tmp/.X11-unix | 10 | ignore read-only ${HOME}/.npm-packages |
10 | blacklist ${RUNUSER} | 11 | ignore read-only ${HOME}/.npmrc |
11 | 12 | ||
13 | noblacklist ${HOME}/.node-gyp | ||
12 | noblacklist ${HOME}/.npm | 14 | noblacklist ${HOME}/.npm |
13 | noblacklist ${HOME}/.npmrc | 15 | noblacklist ${HOME}/.npmrc |
14 | 16 | ||
15 | noblacklist ${PATH}/bash | 17 | # If you want whitelisting, change ${HOME}/Projects below to your npm projects directory |
16 | noblacklist ${PATH}/dash | ||
17 | noblacklist ${PATH}/sh | ||
18 | |||
19 | ignore noexec ${HOME} | ||
20 | |||
21 | include disable-common.inc | ||
22 | include disable-exec.inc | ||
23 | include disable-passwdmgr.inc | ||
24 | include disable-programs.inc | ||
25 | include disable-shell.inc | ||
26 | include disable-xdg.inc | ||
27 | |||
28 | # If you want whitelisting, change the line below to your npm projects directory | ||
29 | # and uncomment the lines below. | 18 | # and uncomment the lines below. |
19 | #mkdir ${HOME}/.node-gyp | ||
30 | #mkdir ${HOME}/.npm | 20 | #mkdir ${HOME}/.npm |
31 | #mkfile ${HOME}/.npmrc | 21 | #mkfile ${HOME}/.npmrc |
22 | #whitelist ${HOME}/.node-gyp | ||
32 | #whitelist ${HOME}/.npm | 23 | #whitelist ${HOME}/.npm |
33 | #whitelist ${HOME}/.npmrc | 24 | #whitelist ${HOME}/.npmrc |
34 | #whitelist ${HOME}/Projects | 25 | #whitelist ${HOME}/Projects |
35 | #include whitelist-common.inc | 26 | #include whitelist-common.inc |
36 | include whitelist-runuser-common.inc | ||
37 | include whitelist-usr-share-common.inc | ||
38 | include whitelist-var-common.inc | ||
39 | |||
40 | caps.drop all | ||
41 | ipc-namespace | ||
42 | machine-id | ||
43 | netfilter | ||
44 | no3d | ||
45 | nodvd | ||
46 | nogroups | ||
47 | nonewprivs | ||
48 | noroot | ||
49 | nosound | ||
50 | notv | ||
51 | nou2f | ||
52 | novideo | ||
53 | protocol unix,inet,inet6,netlink | ||
54 | seccomp | ||
55 | seccomp.block-secondary | ||
56 | shell none | ||
57 | |||
58 | disable-mnt | ||
59 | private-dev | ||
60 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,login.defs,mime.types,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl,xdg | ||
61 | private-tmp | ||
62 | 27 | ||
63 | dbus-user none | 28 | # Redirect |
64 | dbus-system none | 29 | include nodejs-common.profile |