diff options
Diffstat (limited to 'etc/psi-plus.profile')
| -rw-r--r-- | etc/psi-plus.profile | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile index e3ffad9a1..9500731fe 100644 --- a/etc/psi-plus.profile +++ b/etc/psi-plus.profile | |||
| @@ -8,7 +8,9 @@ include /etc/firejail/psi-plus.local | |||
| 8 | # Firejail profile for Psi+ | 8 | # Firejail profile for Psi+ |
| 9 | noblacklist ${HOME}/.config/psi+ | 9 | noblacklist ${HOME}/.config/psi+ |
| 10 | noblacklist ${HOME}/.local/share/psi+ | 10 | noblacklist ${HOME}/.local/share/psi+ |
| 11 | |||
| 11 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 13 | include /etc/firejail/disable-devel.inc | ||
| 12 | include /etc/firejail/disable-programs.inc | 14 | include /etc/firejail/disable-programs.inc |
| 13 | include /etc/firejail/disable-passwdmgr.inc | 15 | include /etc/firejail/disable-passwdmgr.inc |
| 14 | 16 | ||
| @@ -20,10 +22,22 @@ whitelist ~/.local/share/psi+ | |||
| 20 | mkdir ~/.cache/psi+ | 22 | mkdir ~/.cache/psi+ |
| 21 | whitelist ~/.cache/psi+ | 23 | whitelist ~/.cache/psi+ |
| 22 | 24 | ||
| 25 | include /etc/firejail/whitelist-common.inc | ||
| 26 | |||
| 23 | caps.drop all | 27 | caps.drop all |
| 24 | netfilter | 28 | netfilter |
| 29 | no3d | ||
| 30 | nogroups | ||
| 31 | nonewprivs | ||
| 25 | noroot | 32 | noroot |
| 33 | novideo | ||
| 26 | protocol unix,inet,inet6 | 34 | protocol unix,inet,inet6 |
| 27 | seccomp | 35 | seccomp |
| 36 | shell none | ||
| 28 | 37 | ||
| 29 | include /etc/firejail/whitelist-common.inc | 38 | private-dev |
| 39 | private-tmp | ||
| 40 | disable-mnt | ||
| 41 | |||
| 42 | noexec ${HOME} | ||
| 43 | noexec /tmp | ||