1 files changed, 74 insertions, 0 deletions
diff --git a/etc/profile-m-z/tvnamer.profile b/etc/profile-m-z/tvnamer.profile
new file mode 100644
index 000000000..ccfd07e40
--- /dev/null
+++ b/etc/profile-m-z/tvnamer.profile
@@ -0,0 +1,74 @@
+# Firejail profile for tvnamer
+# Description: Automatic TV episode file renamer
+quiet
+# Persistent local customizations
+include tvnamer.local
+# Persistent global definitions
+include globals.local
+blacklist /tmp/.X11-unix
+blacklist /usr/libexec
+blacklist ${RUNUSER}
+noblacklist ${HOME}/.config/tvnamer
+noblacklist ${VIDEOS}
+# Allow python (blacklisted by disable-interpreters.inc)
+include allow-python2.inc
+include allow-python3.inc
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-programs.inc
+include disable-proc.inc
+include disable-shell.inc
+include disable-xdg.inc
+mkdir ${HOME}/.config/tvnamer
+whitelist ${HOME}/.config/tvnamer
+whitelist ${DOWNLOADS}
+whitelist ${VIDEOS}
+include whitelist-common.inc
+include whitelist-run-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+ipc-namespace
+machine-id
+netfilter
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+seccomp.block-secondary
+tracelog
+x11 none
+#disable-mnt
+private-bin python*,tvnamer
+private-cache
+private-dev
+private-etc @network,@tls-ca
+private-tmp
+dbus-user none
+dbus-system none
+read-only ${HOME}
+read-write ${HOME}/.config/tvnamer
+read-write ${DOWNLOADS}
+read-write ${VIDEOS}
+restrict-namespaces

diff --git a/etc/profile-m-z/tvnamer.profile b/etc/profile-m-z/tvnamer.profile new file mode 100644 index 000000000..ccfd07e40 --- /dev/null +++ b/etc/profile-m-z/tvnamer.profile
@@ -0,0 +1,74 @@
	1	# Firejail profile for tvnamer
	2	# Description: Automatic TV episode file renamer
	3	quiet
	4	# Persistent local customizations
	5	include tvnamer.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	blacklist /tmp/.X11-unix
	10	blacklist /usr/libexec
	11	blacklist ${RUNUSER}
	12
	13	noblacklist ${HOME}/.config/tvnamer
	14	noblacklist ${VIDEOS}
	15
	16	# Allow python (blacklisted by disable-interpreters.inc)
	17	include allow-python2.inc
	18	include allow-python3.inc
	19
	20	include disable-common.inc
	21	include disable-devel.inc
	22	include disable-exec.inc
	23	include disable-interpreters.inc
	24	include disable-programs.inc
	25	include disable-proc.inc
	26	include disable-shell.inc
	27	include disable-xdg.inc
	28
	29	mkdir ${HOME}/.config/tvnamer
	30	whitelist ${HOME}/.config/tvnamer
	31	whitelist ${DOWNLOADS}
	32	whitelist ${VIDEOS}
	33	include whitelist-common.inc
	34	include whitelist-run-common.inc
	35	include whitelist-usr-share-common.inc
	36	include whitelist-var-common.inc
	37
	38	apparmor
	39	caps.drop all
	40	ipc-namespace
	41	machine-id
	42	netfilter
	43	no3d
	44	nodvd
	45	nogroups
	46	noinput
	47	nonewprivs
	48	noprinters
	49	noroot
	50	nosound
	51	notv
	52	nou2f
	53	novideo
	54	protocol unix,inet,inet6
	55	seccomp
	56	seccomp.block-secondary
	57	tracelog
	58	x11 none
	59
	60	#disable-mnt
	61	private-bin python*,tvnamer
	62	private-cache
	63	private-dev
	64	private-etc @network,@tls-ca
	65	private-tmp
	66
	67	dbus-user none
	68	dbus-system none
	69
	70	read-only ${HOME}
	71	read-write ${HOME}/.config/tvnamer
	72	read-write ${DOWNLOADS}
	73	read-write ${VIDEOS}
	74	restrict-namespaces