diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/profile-m-z/telegram.profile | 10 | ||||
-rw-r--r-- | etc/profile-m-z/virtualbox.profile | 1 | ||||
-rw-r--r-- | etc/profile-m-z/youtube-dl-gui.profile | 56 |
4 files changed, 68 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 806a94eac..7a37c9fb4 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -438,6 +438,7 @@ blacklist ${HOME}/.config/yandex-browser | |||
438 | blacklist ${HOME}/.config/yandex-browser-beta | 438 | blacklist ${HOME}/.config/yandex-browser-beta |
439 | blacklist ${HOME}/.config/yelp | 439 | blacklist ${HOME}/.config/yelp |
440 | blacklist ${HOME}/.config/youtube-dl | 440 | blacklist ${HOME}/.config/youtube-dl |
441 | blacklist ${HOME}/.config/youtube-dlg | ||
441 | blacklist ${HOME}/.config/youtubemusic-nativefier-040164 | 442 | blacklist ${HOME}/.config/youtubemusic-nativefier-040164 |
442 | blacklist ${HOME}/.config/youtube-music-desktop-app | 443 | blacklist ${HOME}/.config/youtube-music-desktop-app |
443 | blacklist ${HOME}/.config/youtube-viewer | 444 | blacklist ${HOME}/.config/youtube-viewer |
diff --git a/etc/profile-m-z/telegram.profile b/etc/profile-m-z/telegram.profile index fce7dc461..38d291324 100644 --- a/etc/profile-m-z/telegram.profile +++ b/etc/profile-m-z/telegram.profile | |||
@@ -36,10 +36,20 @@ noroot | |||
36 | notv | 36 | notv |
37 | protocol unix,inet,inet6,netlink | 37 | protocol unix,inet,inet6,netlink |
38 | seccomp | 38 | seccomp |
39 | seccomp.block-secondary | ||
39 | shell none | 40 | shell none |
41 | tracelog | ||
40 | 42 | ||
41 | disable-mnt | 43 | disable-mnt |
44 | #private-bin telegram,Telegram,telegram-desktop | ||
42 | private-cache | 45 | private-cache |
43 | private-dev | 46 | private-dev |
44 | private-etc alsa,alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,localtime,machine-id,os-release,passwd,pki,pulse,resolv.conf,ssl,xdg | 47 | private-etc alsa,alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,localtime,machine-id,os-release,passwd,pki,pulse,resolv.conf,ssl,xdg |
45 | private-tmp | 48 | private-tmp |
49 | |||
50 | dbus-user filter | ||
51 | dbus-user.talk org.freedesktop.Notifications | ||
52 | dbus-user.talk org.kde.StatusNotifierWatcher | ||
53 | dbus-user.talk org.gnome.Mutter.IdleMonitor | ||
54 | dbus-user.talk org.freedesktop.ScreenSaver | ||
55 | dbus-system none | ||
diff --git a/etc/profile-m-z/virtualbox.profile b/etc/profile-m-z/virtualbox.profile index 232ff8ae4..64d787bfb 100644 --- a/etc/profile-m-z/virtualbox.profile +++ b/etc/profile-m-z/virtualbox.profile | |||
@@ -44,6 +44,7 @@ shell none | |||
44 | tracelog | 44 | tracelog |
45 | 45 | ||
46 | #disable-mnt | 46 | #disable-mnt |
47 | #private-bin basename,bash,env,gawk,grep,ps,readlink,sh,virtualbox,VirtualBox,VBox*,vbox*,whoami | ||
47 | private-cache | 48 | private-cache |
48 | private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,hostname,hosts,ld.so.cache,localtime,machine-id,pki,pulse,resolv.conf,ssl | 49 | private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,hostname,hosts,ld.so.cache,localtime,machine-id,pki,pulse,resolv.conf,ssl |
49 | private-tmp | 50 | private-tmp |
diff --git a/etc/profile-m-z/youtube-dl-gui.profile b/etc/profile-m-z/youtube-dl-gui.profile new file mode 100644 index 000000000..c072d6267 --- /dev/null +++ b/etc/profile-m-z/youtube-dl-gui.profile | |||
@@ -0,0 +1,56 @@ | |||
1 | # Firejail profile for youtube-dl-gui | ||
2 | # Description: A cross platform front-end GUI of the popular youtube-dl media downloader | ||
3 | include youtube-dl-gui.local | ||
4 | # This file is overwritten after every install/update | ||
5 | include globals.local | ||
6 | |||
7 | #These are blacklisted by disable-interpreters.inc | ||
8 | include allow-python2.inc | ||
9 | include allow-python3.inc | ||
10 | |||
11 | noblacklist ${HOME}/.config/youtube-dlg | ||
12 | |||
13 | include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | ||
17 | include disable-passwdmgr.inc | ||
18 | include disable-programs.inc | ||
19 | include disable-shell.inc | ||
20 | include disable-xdg.inc | ||
21 | |||
22 | mkdir ${HOME}/.config/youtube-dlg | ||
23 | whitelist ${HOME}/.config/youtube-dlg | ||
24 | whitelist ${DOWNLOADS} | ||
25 | include whitelist-common.inc | ||
26 | include whitelist-runuser-common.inc | ||
27 | include whitelist-usr-share-common.inc | ||
28 | include whitelist-var-common.inc | ||
29 | |||
30 | apparmor | ||
31 | caps.drop all | ||
32 | machine-id | ||
33 | netfilter | ||
34 | nodvd | ||
35 | nogroups | ||
36 | nonewprivs | ||
37 | noroot | ||
38 | nosound | ||
39 | notv | ||
40 | nou2f | ||
41 | novideo | ||
42 | protocol unix,inet,inet6 | ||
43 | seccomp | ||
44 | seccomp.block-secondary | ||
45 | shell none | ||
46 | tracelog | ||
47 | |||
48 | disable-mnt | ||
49 | private-bin atomicparsley,ffmpeg,ffprobe,python*,youtube-dl-gui | ||
50 | private-cache | ||
51 | private-dev | ||
52 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,locale,locale.conf,passwd,pki,resolv.conf,ssl | ||
53 | private-tmp | ||
54 | |||
55 | dbus-user none | ||
56 | dbus-system none | ||