diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/webstorm.profile | 36 |
2 files changed, 37 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index d3dc87089..4abf4da78 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -23,6 +23,7 @@ blacklist ${HOME}/.Steampid | |||
23 | blacklist ${HOME}/.TelegramDesktop | 23 | blacklist ${HOME}/.TelegramDesktop |
24 | blacklist ${HOME}/.ViberPC | 24 | blacklist ${HOME}/.ViberPC |
25 | blacklist ${HOME}/.VirtualBox | 25 | blacklist ${HOME}/.VirtualBox |
26 | blacklist ${HOME}/.WebStorm* | ||
26 | blacklist ${HOME}/.Wolfram Research | 27 | blacklist ${HOME}/.Wolfram Research |
27 | blacklist ${HOME}/.ZAP | 28 | blacklist ${HOME}/.ZAP |
28 | blacklist ${HOME}/.aMule | 29 | blacklist ${HOME}/.aMule |
diff --git a/etc/webstorm.profile b/etc/webstorm.profile new file mode 100644 index 000000000..6da71224f --- /dev/null +++ b/etc/webstorm.profile | |||
@@ -0,0 +1,36 @@ | |||
1 | # Firejail profile for WebStorm | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/webstorm.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | noblacklist ${HOME}/.WebStorm* | ||
9 | noblacklist ${HOME}/.gitconfig | ||
10 | noblacklist ${HOME}/.java | ||
11 | noblacklist ${HOME}/.local/share/JetBrains | ||
12 | noblacklist ${HOME}/.ssh | ||
13 | noblacklist ${HOME}/.tooling | ||
14 | |||
15 | include /etc/firejail/disable-common.inc | ||
16 | include /etc/firejail/disable-passwdmgr.inc | ||
17 | include /etc/firejail/disable-programs.inc | ||
18 | include /etc/firejail/disable-devel.inc | ||
19 | include /etc/firejail/disable-interpreters.inc | ||
20 | |||
21 | caps.drop all | ||
22 | netfilter | ||
23 | nodvd | ||
24 | nogroups | ||
25 | nonewprivs | ||
26 | noroot | ||
27 | notv | ||
28 | novideo | ||
29 | protocol unix,inet,inet6 | ||
30 | seccomp | ||
31 | shell none | ||
32 | |||
33 | private-dev | ||
34 | # private-tmp | ||
35 | |||
36 | noexec /tmp | ||