diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/Discord.profile | 17 | ||||
-rw-r--r-- | etc/DiscordCanary.profile | 18 | ||||
-rw-r--r-- | etc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/discord-canary.profile | 21 | ||||
-rw-r--r-- | etc/discord-common.profile | 32 | ||||
-rw-r--r-- | etc/discord.profile | 28 |
6 files changed, 83 insertions, 35 deletions
diff --git a/etc/Discord.profile b/etc/Discord.profile new file mode 100644 index 000000000..d485518a8 --- /dev/null +++ b/etc/Discord.profile | |||
@@ -0,0 +1,17 @@ | |||
1 | # Firejail profile for Discord | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/Discord.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | |||
9 | noblacklist ${HOME}/.config/discord | ||
10 | |||
11 | mkdir ${HOME}/.config/discord | ||
12 | whitelist ${HOME}/.config/discord | ||
13 | |||
14 | private-bin Discord | ||
15 | private-opt Discord | ||
16 | |||
17 | include /etc/firejail/discord-common.profile | ||
diff --git a/etc/DiscordCanary.profile b/etc/DiscordCanary.profile new file mode 100644 index 000000000..f7b0e2c56 --- /dev/null +++ b/etc/DiscordCanary.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # Firejail profile for DiscordCanary | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/DiscordCanary.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | |||
9 | noblacklist ${HOME}/.config/discordcanary | ||
10 | |||
11 | mkdir ${HOME}/.config/discordcanary | ||
12 | whitelist ${HOME}/.config/discordcanary | ||
13 | |||
14 | private-bin DiscordCanary | ||
15 | private-opt DiscordCanary | ||
16 | |||
17 | #Redirect | ||
18 | include /etc/firejail/discord-common.profile | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index c7605d660..f1107d4a2 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -110,6 +110,8 @@ blacklist ${HOME}/.config/deadbeef | |||
110 | blacklist ${HOME}/.config/deluge | 110 | blacklist ${HOME}/.config/deluge |
111 | blacklist ${HOME}/.config/digikam | 111 | blacklist ${HOME}/.config/digikam |
112 | blacklist ${HOME}/.config/digikamrc | 112 | blacklist ${HOME}/.config/digikamrc |
113 | blacklist ${HOME}/.config/discord | ||
114 | blacklist ${HOME}/.config/discordcanary | ||
113 | blacklist ${HOME}/.config/dolphinrc | 115 | blacklist ${HOME}/.config/dolphinrc |
114 | blacklist ${HOME}/.config/dragonplayerrc | 116 | blacklist ${HOME}/.config/dragonplayerrc |
115 | blacklist ${HOME}/.config/emaildefaults | 117 | blacklist ${HOME}/.config/emaildefaults |
diff --git a/etc/discord-canary.profile b/etc/discord-canary.profile index 391af668e..b6958cbd3 100644 --- a/etc/discord-canary.profile +++ b/etc/discord-canary.profile | |||
@@ -5,19 +5,14 @@ include /etc/firejail/discord-canary.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | include /etc/firejail/disable-common.inc | ||
9 | include /etc/firejail/disable-passwdmgr.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | 8 | ||
12 | whitelist ${DOWNLOADS} | 9 | noblacklist ${HOME}/.config/discordcanary |
10 | |||
11 | mkdir ${HOME}/.config/discordcanary | ||
13 | whitelist ${HOME}/.config/discordcanary | 12 | whitelist ${HOME}/.config/discordcanary |
14 | 13 | ||
15 | caps.drop all | 14 | private-bin discord-canary |
16 | netfilter | 15 | private-opt discord-canary |
17 | nodvd | 16 | |
18 | nogroups | 17 | #Redirect |
19 | nonewprivs | 18 | include /etc/firejail/discord-common.profile |
20 | noroot | ||
21 | notv | ||
22 | protocol unix,inet,inet6,netlink | ||
23 | seccomp | ||
diff --git a/etc/discord-common.profile b/etc/discord-common.profile new file mode 100644 index 000000000..5cd8d6bb6 --- /dev/null +++ b/etc/discord-common.profile | |||
@@ -0,0 +1,32 @@ | |||
1 | # Firejail profile for discord | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/discord-common.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | include /etc/firejail/disable-common.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | include /etc/firejail/disable-passwdmgr.inc | ||
11 | include /etc/firejail/disable-programs.inc | ||
12 | |||
13 | whitelist ${DOWNLOADS} | ||
14 | |||
15 | caps.drop all | ||
16 | netfilter | ||
17 | nodvd | ||
18 | nogroups | ||
19 | nonewprivs | ||
20 | noroot | ||
21 | notv | ||
22 | novideo | ||
23 | protocol unix,inet,inet6,netlink | ||
24 | seccomp | ||
25 | |||
26 | private-bin sh,xdg-mime,tr,sed,echo,head,cut,xdg-open,grep,egrep | ||
27 | private-dev | ||
28 | private-etc fonts,machine-id | ||
29 | private-tmp | ||
30 | |||
31 | noexec ${HOME} | ||
32 | noexec /tmp | ||
diff --git a/etc/discord.profile b/etc/discord.profile index 40deae2fc..21d46193e 100644 --- a/etc/discord.profile +++ b/etc/discord.profile | |||
@@ -1,33 +1,17 @@ | |||
1 | # Firejail profile for Discord | 1 | # Firejail profile for discord |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include /etc/firejail/discord.local | 4 | include /etc/firejail/discord.local |
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | include /etc/firejail/disable-common.inc | 8 | |
9 | include /etc/firejail/disable-devel.inc | 9 | noblacklist ${HOME}/.config/discord |
10 | include /etc/firejail/disable-passwdmgr.inc | ||
11 | include /etc/firejail/disable-programs.inc | ||
12 | 10 | ||
13 | mkdir ${HOME}/.config/discord | 11 | mkdir ${HOME}/.config/discord |
14 | whitelist ${HOME}/.config/discord | 12 | whitelist ${HOME}/.config/discord |
15 | 13 | ||
16 | caps.drop all | 14 | private-bin discord |
17 | netfilter | 15 | private-opt discord |
18 | nodvd | ||
19 | nogroups | ||
20 | nonewprivs | ||
21 | noroot | ||
22 | notv | ||
23 | novideo | ||
24 | protocol unix,inet,inet6,netlink | ||
25 | seccomp | ||
26 | |||
27 | private-bin discord,sh,xdg-mime,tr,sed,echo,head,cut,xdg-open,grep,egrep | ||
28 | private-dev | ||
29 | private-etc fonts,machine-id | ||
30 | private-tmp | ||
31 | 16 | ||
32 | noexec ${HOME} | 17 | include /etc/firejail/discord-common.profile |
33 | noexec /tmp | ||