1 files changed, 30 insertions, 0 deletions
diff --git a/etc/xiphos.profile b/etc/xiphos.profile
new file mode 100644
index 000000000..b7fb6ecf3
--- /dev/null
+++ b/etc/xiphos.profile
@@ -0,0 +1,30 @@
+# Firejail profile for xiphos
+noblacklist ~/.sword
+noblacklist ~/.xiphos
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+blacklist ~/.bashrc
+blacklist ~/.Xauthority
+caps.drop all
+netfilter
+nogroups
+nonewprivs
+noroot
+nosound
+protocol unix,inet,inet6
+seccomp
+shell none
+tracelog
+private-bin xiphos
+private-etc fonts,resolv.conf,sword
+private-dev
+private-tmp
+whitelist ${HOME}/.sword
+whitelist ${HOME}/.xiphos

diff --git a/etc/xiphos.profile b/etc/xiphos.profile new file mode 100644 index 000000000..b7fb6ecf3 --- /dev/null +++ b/etc/xiphos.profile
@@ -0,0 +1,30 @@
	1	# Firejail profile for xiphos
	2	noblacklist ~/.sword
	3	noblacklist ~/.xiphos
	4
	5	include /etc/firejail/disable-common.inc
	6	include /etc/firejail/disable-devel.inc
	7	include /etc/firejail/disable-passwdmgr.inc
	8	include /etc/firejail/disable-programs.inc
	9
	10	blacklist ~/.bashrc
	11	blacklist ~/.Xauthority
	12
	13	caps.drop all
	14	netfilter
	15	nogroups
	16	nonewprivs
	17	noroot
	18	nosound
	19	protocol unix,inet,inet6
	20	seccomp
	21	shell none
	22	tracelog
	23
	24	private-bin xiphos
	25	private-etc fonts,resolv.conf,sword
	26	private-dev
	27	private-tmp
	28
	29	whitelist ${HOME}/.sword
	30	whitelist ${HOME}/.xiphos