diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/Thunar.profile | 10 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/pcmanfm.profile | 30 |
3 files changed, 40 insertions, 1 deletions
diff --git a/etc/Thunar.profile b/etc/Thunar.profile index 5a27177e0..f1b75b1f3 100644 --- a/etc/Thunar.profile +++ b/etc/Thunar.profile | |||
@@ -7,7 +7,7 @@ noblacklist ~/.config/Thunar | |||
7 | noblacklist ~/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml | 7 | noblacklist ~/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml |
8 | 8 | ||
9 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 10 | #include /etc/firejail/disable-programs.inc |
11 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
12 | include /etc/firejail/disable-passwdmgr.inc | 12 | include /etc/firejail/disable-passwdmgr.inc |
13 | 13 | ||
@@ -21,3 +21,11 @@ protocol unix | |||
21 | seccomp | 21 | seccomp |
22 | shell none | 22 | shell none |
23 | tracelog | 23 | tracelog |
24 | |||
25 | # | ||
26 | # depending on you usage, you can enable some of the commands below: | ||
27 | # | ||
28 | # private-bin program | ||
29 | # private-etc none | ||
30 | # private-dev | ||
31 | # private-tmp | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 9b84f5e8a..18b644987 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -107,6 +107,7 @@ blacklist ${HOME}/.config/opera | |||
107 | blacklist ${HOME}/.config/opera-beta | 107 | blacklist ${HOME}/.config/opera-beta |
108 | blacklist ${HOME}/.config/orage | 108 | blacklist ${HOME}/.config/orage |
109 | blacklist ${HOME}/.config/org.kde.gwenviewrc | 109 | blacklist ${HOME}/.config/org.kde.gwenviewrc |
110 | blacklist ${HOME}/.config/pcmanfm | ||
110 | blacklist ${HOME}/.config/pix | 111 | blacklist ${HOME}/.config/pix |
111 | blacklist ${HOME}/.config/pluma | 112 | blacklist ${HOME}/.config/pluma |
112 | blacklist ${HOME}/.config/psi+ | 113 | blacklist ${HOME}/.config/psi+ |
diff --git a/etc/pcmanfm.profile b/etc/pcmanfm.profile new file mode 100644 index 000000000..e51c5e3b8 --- /dev/null +++ b/etc/pcmanfm.profile | |||
@@ -0,0 +1,30 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include /etc/firejail/pcmanfm.local | ||
4 | |||
5 | noblacklist ~/.config/pcmanfm | ||
6 | noblacklist ~/.config/libfm | ||
7 | include /etc/firejail/disable-common.inc | ||
8 | #include /etc/firejail/disable-programs.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | include /etc/firejail/disable-passwdmgr.inc | ||
11 | |||
12 | caps.drop all | ||
13 | netfilter | ||
14 | nogroups | ||
15 | nonewprivs | ||
16 | noroot | ||
17 | nosound | ||
18 | protocol unix | ||
19 | seccomp | ||
20 | shell none | ||
21 | tracelog | ||
22 | |||
23 | # | ||
24 | # depending on you usage, you can enable some of the commands below: | ||
25 | # | ||
26 | # private-bin program | ||
27 | # private-etc none | ||
28 | # private-dev | ||
29 | # private-tmp | ||
30 | |||