1 files changed, 12 insertions, 17 deletions

diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile
index 490255fa6..3c783322b 100644
--- a/etc/wire-desktop.profile
+++ b/etc/wire-desktop.profile
@@ -1,40 +1,35 @@
 # Firejail profile for wire-desktop
+# Description: End-to-end encrypted messenger with file sharing, voice calls and video conferences
 # This file is overwritten after every install/update
 # Persistent local customizations
 include wire-desktop.local
 # Persistent global definitions
-include globals.local
+# added by included profile
+#include globals.local
+
+# Debian/Ubuntu use /opt/Wire. As that is not in PATH by default, run `firejail /opt/Wire/wire-desktop` to start it.
+
+ignore caps.drop all
+ignore nodbus
 
 noblacklist ${HOME}/.config/Wire
 
-include disable-common.inc
 include disable-devel.inc
 include disable-interpreters.inc
-include disable-passwdmgr.inc
-include disable-programs.inc
 
 mkdir ${HOME}/.config/Wire
 whitelist ${HOME}/.config/Wire
-whitelist ${DOWNLOADS}
 include whitelist-common.inc
 
-caps.drop all
-netfilter
-nodvd
-nogroups
-nonewprivs
-noroot
-notv
+caps.keep sys_admin,sys_chroot
 nou2f
-protocol unix,inet,inet6,netlink
-seccomp
 shell none
 
-# Note: The current version of Wire is located in /opt/wire-desktop/wire-desktop, and therefore
-# it is not in PATH. To use Wire with firejail, run "firejail /opt/wire-desktop/wire-desktop"
-
 disable-mnt
 private-bin bash,electron,electron4,env,sh,wire-desktop
 private-dev
 private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl
 private-tmp
+
+# Redirect
+include electron.profile