diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/bless.profile | 20 | ||||
-rw-r--r-- | etc/disable-programs.inc | 7 | ||||
-rw-r--r-- | etc/gnome-2048.profile | 25 | ||||
-rw-r--r-- | etc/gnome-calculator.profile | 19 | ||||
-rw-r--r-- | etc/gnome-contacts.profile | 19 | ||||
-rw-r--r-- | etc/jd-gui.profile | 19 | ||||
-rw-r--r-- | etc/lollypop.profile | 20 | ||||
-rw-r--r-- | etc/multimc5.profile | 27 | ||||
-rw-r--r-- | etc/pdfsam.profile | 17 | ||||
-rw-r--r-- | etc/pithos.profile | 19 | ||||
-rw-r--r-- | etc/xonotic-glx.profile | 5 | ||||
-rw-r--r-- | etc/xonotic-sdl.profile | 5 | ||||
-rw-r--r-- | etc/xonotic.profile | 25 |
13 files changed, 227 insertions, 0 deletions
diff --git a/etc/bless.profile b/etc/bless.profile new file mode 100644 index 000000000..752edadf7 --- /dev/null +++ b/etc/bless.profile | |||
@@ -0,0 +1,20 @@ | |||
1 | # | ||
2 | #Profile for bless | ||
3 | # | ||
4 | |||
5 | #No Blacklist Paths | ||
6 | noblacklist ${HOME}/.config/bless | ||
7 | |||
8 | #Blacklist Paths | ||
9 | include /etc/firejail/disable-common.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | include /etc/firejail/disable-passwdmgr.inc | ||
12 | include /etc/firejail/disable-devel.inc | ||
13 | |||
14 | #Options | ||
15 | caps.drop all | ||
16 | netfilter | ||
17 | nonewprivs | ||
18 | noroot | ||
19 | protocol unix,inet,inet6 | ||
20 | seccomp | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index f87053b7c..8d0d75d63 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -10,6 +10,7 @@ blacklist ${HOME}/.stellarium | |||
10 | blacklist ${HOME}/.sword | 10 | blacklist ${HOME}/.sword |
11 | blacklist ${HOME}/.xiphos | 11 | blacklist ${HOME}/.xiphos |
12 | blacklist ${HOME}/.config/Atom | 12 | blacklist ${HOME}/.config/Atom |
13 | blacklist ${HOME}/.config/bless | ||
13 | blacklist ${HOME}/.config/gthumb | 14 | blacklist ${HOME}/.config/gthumb |
14 | blacklist ${HOME}/.config/mupen64plus | 15 | blacklist ${HOME}/.config/mupen64plus |
15 | blacklist ${HOME}/.config/transmission | 16 | blacklist ${HOME}/.config/transmission |
@@ -44,6 +45,7 @@ blacklist ${HOME}/.openshot_qt | |||
44 | blacklist ${HOME}/.flowblade | 45 | blacklist ${HOME}/.flowblade |
45 | blacklist ${HOME}/.config/flowblade | 46 | blacklist ${HOME}/.config/flowblade |
46 | blacklist ${HOME}/.config/eog | 47 | blacklist ${HOME}/.config/eog |
48 | blacklist ${HOME}/.config/jd-gui.cfg | ||
47 | blacklist ${HOME}/.config/arkrc | 49 | blacklist ${HOME}/.config/arkrc |
48 | blacklist ${HOME}/.config/atril | 50 | blacklist ${HOME}/.config/atril |
49 | blacklist ${HOME}/.config/aweather | 51 | blacklist ${HOME}/.config/aweather |
@@ -77,6 +79,7 @@ blacklist ${HOME}/.config/xplayer | |||
77 | blacklist ${HOME}/.audacity-data | 79 | blacklist ${HOME}/.audacity-data |
78 | blacklist ${HOME}/.guayadeque | 80 | blacklist ${HOME}/.guayadeque |
79 | blacklist ${HOME}/.config/dragonplayerrc | 81 | blacklist ${HOME}/.config/dragonplayerrc |
82 | blacklist ${HOME}/.local/share/lollypop | ||
80 | 83 | ||
81 | # HTTP / FTP / Mail | 84 | # HTTP / FTP / Mail |
82 | blacklist ${HOME}/.icedove | 85 | blacklist ${HOME}/.icedove |
@@ -144,6 +147,10 @@ blacklist ${HOME}/.config/0ad | |||
144 | blacklist ${HOME}/.warzone2100-3.1 | 147 | blacklist ${HOME}/.warzone2100-3.1 |
145 | blacklist ${HOME}/.dosbox | 148 | blacklist ${HOME}/.dosbox |
146 | blacklist ${HOME}/.local/share/gnome-chess | 149 | blacklist ${HOME}/.local/share/gnome-chess |
150 | blacklist ${HOME}/.local/share/gnome-2048 | ||
151 | blacklist ${HOME}/.local/share/multimc5 | ||
152 | blacklist ${HOME}/.multimc5 | ||
153 | blacklist ${HOME}/.xonotic | ||
147 | 154 | ||
148 | # Cryptocoins | 155 | # Cryptocoins |
149 | blacklist ${HOME}/.*coin | 156 | blacklist ${HOME}/.*coin |
diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile new file mode 100644 index 000000000..f9982da61 --- /dev/null +++ b/etc/gnome-2048.profile | |||
@@ -0,0 +1,25 @@ | |||
1 | # | ||
2 | #Profile for gnome-2048 | ||
3 | # | ||
4 | |||
5 | #No Blacklist Paths | ||
6 | noblacklist ${HOME}/.local/share/gnome-2048 | ||
7 | |||
8 | #Blacklist Paths | ||
9 | include /etc/firejail/disable-common.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | include /etc/firejail/disable-passwdmgr.inc | ||
12 | include /etc/firejail/disable-devel.inc | ||
13 | |||
14 | #Whitelist Paths | ||
15 | mkdir ${HOME}/.local/share/gnome-2048 | ||
16 | whitelist ${HOME}/.local/share/gnome-2048 | ||
17 | include /etc/firejail/whitelist-common.inc | ||
18 | |||
19 | #Options | ||
20 | caps.drop all | ||
21 | netfilter | ||
22 | nonewprivs | ||
23 | noroot | ||
24 | protocol unix,inet,inet6 | ||
25 | seccomp | ||
diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile new file mode 100644 index 000000000..49e068171 --- /dev/null +++ b/etc/gnome-calculator.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # | ||
2 | #Profile for gnome-calculator | ||
3 | # | ||
4 | |||
5 | #Blacklist Paths | ||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | |||
11 | include /etc/firejail/whitelist-common.inc | ||
12 | |||
13 | #Options | ||
14 | caps.drop all | ||
15 | netfilter | ||
16 | nonewprivs | ||
17 | noroot | ||
18 | protocol unix,inet,inet6 | ||
19 | seccomp | ||
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile new file mode 100644 index 000000000..9dc25b26c --- /dev/null +++ b/etc/gnome-contacts.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # | ||
2 | #Profile for gnome-contacts | ||
3 | # | ||
4 | |||
5 | #Blacklist Paths | ||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | |||
11 | include /etc/firejail/whitelist-common.inc | ||
12 | |||
13 | #Options | ||
14 | caps.drop all | ||
15 | netfilter | ||
16 | nonewprivs | ||
17 | noroot | ||
18 | protocol unix,inet,inet6 | ||
19 | seccomp | ||
diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile new file mode 100644 index 000000000..1d6eb41f8 --- /dev/null +++ b/etc/jd-gui.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # | ||
2 | #Profile for jd-gui | ||
3 | # | ||
4 | |||
5 | noblacklist ${HOME}/.config/jd-gui.cfg | ||
6 | |||
7 | #Blacklist Paths | ||
8 | include /etc/firejail/disable-common.inc | ||
9 | include /etc/firejail/disable-programs.inc | ||
10 | include /etc/firejail/disable-passwdmgr.inc | ||
11 | include /etc/firejail/disable-devel.inc | ||
12 | |||
13 | #Options | ||
14 | caps.drop all | ||
15 | netfilter | ||
16 | nonewprivs | ||
17 | noroot | ||
18 | protocol unix,inet,inet6 | ||
19 | seccomp | ||
diff --git a/etc/lollypop.profile b/etc/lollypop.profile new file mode 100644 index 000000000..41a662bca --- /dev/null +++ b/etc/lollypop.profile | |||
@@ -0,0 +1,20 @@ | |||
1 | # | ||
2 | #Profile for lollypop | ||
3 | # | ||
4 | |||
5 | #No Blacklist Paths | ||
6 | noblacklist ${HOME}/.local/share/lollypop | ||
7 | |||
8 | #Blacklist Paths | ||
9 | include /etc/firejail/disable-common.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | include /etc/firejail/disable-passwdmgr.inc | ||
12 | include /etc/firejail/disable-devel.inc | ||
13 | |||
14 | #Options | ||
15 | caps.drop all | ||
16 | netfilter | ||
17 | nonewprivs | ||
18 | noroot | ||
19 | protocol unix,inet,inet6 | ||
20 | seccomp | ||
diff --git a/etc/multimc5.profile b/etc/multimc5.profile new file mode 100644 index 000000000..cc310f294 --- /dev/null +++ b/etc/multimc5.profile | |||
@@ -0,0 +1,27 @@ | |||
1 | # | ||
2 | #Profile for multimc5 | ||
3 | # | ||
4 | |||
5 | #No Blacklist Paths | ||
6 | noblacklist ${HOME}/.local/share/multimc5 | ||
7 | noblacklist ${HOME}/.multimc5 | ||
8 | |||
9 | #Blacklist Paths | ||
10 | include /etc/firejail/disable-common.inc | ||
11 | include /etc/firejail/disable-programs.inc | ||
12 | include /etc/firejail/disable-passwdmgr.inc | ||
13 | include /etc/firejail/disable-devel.inc | ||
14 | |||
15 | #Whitelist Paths | ||
16 | mkdir ${HOME}/.local/share/multimc5 | ||
17 | whitelist ${HOME}/.local/share/multimc5 | ||
18 | mkdir ${HOME}/.multimc5 | ||
19 | whitelist ${HOME}/.multimc5 | ||
20 | include /etc/firejail/whitelist-common.inc | ||
21 | |||
22 | #Options | ||
23 | caps.drop all | ||
24 | netfilter | ||
25 | nonewprivs | ||
26 | noroot | ||
27 | protocol unix,inet,inet6 | ||
diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile new file mode 100644 index 000000000..6e50f37cf --- /dev/null +++ b/etc/pdfsam.profile | |||
@@ -0,0 +1,17 @@ | |||
1 | # | ||
2 | #Profile for pdfsam | ||
3 | # | ||
4 | |||
5 | #Blacklist Paths | ||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | |||
11 | #Options | ||
12 | caps.drop all | ||
13 | netfilter | ||
14 | nonewprivs | ||
15 | noroot | ||
16 | protocol unix,inet,inet6 | ||
17 | seccomp | ||
diff --git a/etc/pithos.profile b/etc/pithos.profile new file mode 100644 index 000000000..8270b8bee --- /dev/null +++ b/etc/pithos.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # | ||
2 | #Profile for pithos | ||
3 | # | ||
4 | |||
5 | #Blacklist Paths | ||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | |||
11 | include /etc/firejail/whitelist-common.inc | ||
12 | |||
13 | #Options | ||
14 | caps.drop all | ||
15 | netfilter | ||
16 | nonewprivs | ||
17 | noroot | ||
18 | protocol unix,inet,inet6 | ||
19 | seccomp | ||
diff --git a/etc/xonotic-glx.profile b/etc/xonotic-glx.profile new file mode 100644 index 000000000..b255ffdbb --- /dev/null +++ b/etc/xonotic-glx.profile | |||
@@ -0,0 +1,5 @@ | |||
1 | # | ||
2 | #Profile for xonotic:xonotic-glx | ||
3 | # | ||
4 | |||
5 | include /etc/firejail/xonotic.profile | ||
diff --git a/etc/xonotic-sdl.profile b/etc/xonotic-sdl.profile new file mode 100644 index 000000000..783667304 --- /dev/null +++ b/etc/xonotic-sdl.profile | |||
@@ -0,0 +1,5 @@ | |||
1 | # | ||
2 | #Profile for xonotic:xonotic-sdl | ||
3 | # | ||
4 | |||
5 | include /etc/firejail/xonotic.profile | ||
diff --git a/etc/xonotic.profile b/etc/xonotic.profile new file mode 100644 index 000000000..75d649619 --- /dev/null +++ b/etc/xonotic.profile | |||
@@ -0,0 +1,25 @@ | |||
1 | # | ||
2 | #Profile for xonotic | ||
3 | # | ||
4 | |||
5 | #No Blacklist Paths | ||
6 | noblacklist ${HOME}/.xonotic | ||
7 | |||
8 | #Blacklist Paths | ||
9 | include /etc/firejail/disable-common.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | include /etc/firejail/disable-passwdmgr.inc | ||
12 | include /etc/firejail/disable-devel.inc | ||
13 | |||
14 | #Whitelist Paths | ||
15 | mkdir ${HOME}/.xonotic | ||
16 | whitelist ${HOME}/.xonotic | ||
17 | include /etc/firejail/whitelist-common.inc | ||
18 | |||
19 | #Options | ||
20 | caps.drop all | ||
21 | netfilter | ||
22 | nonewprivs | ||
23 | noroot | ||
24 | protocol unix,inet,inet6 | ||
25 | seccomp | ||