diff options
Diffstat (limited to 'etc/qtox.profile')
-rw-r--r-- | etc/qtox.profile | 31 |
1 files changed, 16 insertions, 15 deletions
diff --git a/etc/qtox.profile b/etc/qtox.profile index cc2a45bb2..08cbcd332 100644 --- a/etc/qtox.profile +++ b/etc/qtox.profile | |||
@@ -1,23 +1,24 @@ | |||
1 | # Persistent global definitions go here | 1 | # Firejail profile for qtox |
2 | include /etc/firejail/globals.local | 2 | # This file is overwritten after every install/update |
3 | 3 | # Persistent local customizations | |
4 | # This file is overwritten during software install. | ||
5 | # Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/qtox.local | 4 | include /etc/firejail/qtox.local |
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | 7 | ||
8 | # qTox instant messaging profile | ||
9 | noblacklist ~/.config/tox | ||
10 | noblacklist ~/.config/qt5ct | 8 | noblacklist ~/.config/qt5ct |
9 | noblacklist ~/.config/tox | ||
10 | |||
11 | include /etc/firejail/disable-common.inc | 11 | include /etc/firejail/disable-common.inc |
12 | include /etc/firejail/disable-programs.inc | ||
13 | include /etc/firejail/disable-devel.inc | 12 | include /etc/firejail/disable-devel.inc |
14 | include /etc/firejail/disable-passwdmgr.inc | 13 | include /etc/firejail/disable-passwdmgr.inc |
14 | include /etc/firejail/disable-programs.inc | ||
15 | 15 | ||
16 | mkdir ${HOME}/.config/tox | ||
17 | whitelist ${HOME}/.config/tox | ||
18 | mkdir ${HOME}/.config/qt5ct | 16 | mkdir ${HOME}/.config/qt5ct |
19 | whitelist ${HOME}/.config/qt5ct | 17 | mkdir ${HOME}/.config/tox |
20 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
19 | whitelist ${HOME}/.config/qt5ct | ||
20 | whitelist ${HOME}/.config/tox | ||
21 | include /etc/firejail/whitelist-common.inc | ||
21 | 22 | ||
22 | caps.drop all | 23 | caps.drop all |
23 | netfilter | 24 | netfilter |
@@ -29,9 +30,9 @@ seccomp | |||
29 | shell none | 30 | shell none |
30 | tracelog | 31 | tracelog |
31 | 32 | ||
32 | noexec ${HOME} | 33 | disable-mnt |
33 | noexec /tmp | ||
34 | |||
35 | private-bin qtox | 34 | private-bin qtox |
36 | private-tmp | 35 | private-tmp |
37 | disable-mnt | 36 | |
37 | noexec ${HOME} | ||
38 | noexec /tmp | ||