1 files changed, 8 insertions, 17 deletions
diff --git a/etc/xonotic.profile b/etc/xonotic.profile
index 957636124..95a2a2dbd 100644
--- a/etc/xonotic.profile
+++ b/etc/xonotic.profile
@@ -1,31 +1,22 @@
-# Persistent global definitions go here
+# Firejail profile for xonotic
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
 include /etc/firejail/xonotic.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-#
-#Profile for xonotic
-#
-#No Blacklist Paths
 noblacklist ${HOME}/.xonotic
-#Blacklist Paths
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
-include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
-#Whitelist Paths
 mkdir ${HOME}/.xonotic
 whitelist ${HOME}/.xonotic
 include /etc/firejail/whitelist-common.inc
-#Options
 caps.drop all
-#ipc-namespace
 netfilter
 nogroups
 nonewprivs
@@ -35,10 +26,10 @@ protocol unix,inet,inet6
 seccomp
 shell none
+disable-mnt
 private-bin xonotic-sdl,xonotic-glx,blind-id
 private-dev
 private-tmp
-disable-mnt
 noexec ${HOME}
 noexec /tmp

diff --git a/etc/xonotic.profile b/etc/xonotic.profile index 957636124..95a2a2dbd 100644 --- a/etc/xonotic.profile +++ b/etc/xonotic.profile
@@ -1,31 +1,22 @@
1	# Persistent global definitions go here	1	# Firejail profile for xonotic
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	# This file is overwritten during software install.
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/xonotic.local	4	include /etc/firejail/xonotic.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	#
9	#Profile for xonotic
10	#
11
12	#No Blacklist Paths
13	noblacklist ${HOME}/.xonotic	8	noblacklist ${HOME}/.xonotic
14		9
15	#Blacklist Paths
16	include /etc/firejail/disable-common.inc	10	include /etc/firejail/disable-common.inc
17	include /etc/firejail/disable-programs.inc
18	include /etc/firejail/disable-passwdmgr.inc
19	include /etc/firejail/disable-devel.inc	11	include /etc/firejail/disable-devel.inc
		12	include /etc/firejail/disable-passwdmgr.inc
		13	include /etc/firejail/disable-programs.inc
20		14
21	#Whitelist Paths
22	mkdir ${HOME}/.xonotic	15	mkdir ${HOME}/.xonotic
23	whitelist ${HOME}/.xonotic	16	whitelist ${HOME}/.xonotic
24	include /etc/firejail/whitelist-common.inc	17	include /etc/firejail/whitelist-common.inc
25		18
26	#Options
27	caps.drop all	19	caps.drop all
28	#ipc-namespace
29	netfilter	20	netfilter
30	nogroups	21	nogroups
31	nonewprivs	22	nonewprivs
@@ -35,10 +26,10 @@ protocol unix,inet,inet6
35	seccomp	26	seccomp
36	shell none	27	shell none
37		28
		29	disable-mnt
38	private-bin xonotic-sdl,xonotic-glx,blind-id	30	private-bin xonotic-sdl,xonotic-glx,blind-id
39	private-dev	31	private-dev
40	private-tmp	32	private-tmp
41	disable-mnt
42		33
43	noexec ${HOME}	34	noexec ${HOME}
44	noexec /tmp	35	noexec /tmp