diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 5 | ||||
-rw-r--r-- | etc/teeworlds.profile | 44 | ||||
-rw-r--r-- | etc/torcs.profile | 43 | ||||
-rw-r--r-- | etc/tremulous.profile | 44 | ||||
-rw-r--r-- | etc/warsow.profile | 49 |
5 files changed, 185 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 0237ad2ba..69ffb5d45 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -514,6 +514,7 @@ blacklist ${HOME}/.local/share/uzbl | |||
514 | blacklist ${HOME}/.local/share/vlc | 514 | blacklist ${HOME}/.local/share/vlc |
515 | blacklist ${HOME}/.local/share/vpltd | 515 | blacklist ${HOME}/.local/share/vpltd |
516 | blacklist ${HOME}/.local/share/vulkan | 516 | blacklist ${HOME}/.local/share/vulkan |
517 | blacklist ${HOME}/.local/share/warsow-2.1 | ||
517 | blacklist ${HOME}/.local/share/wesnoth | 518 | blacklist ${HOME}/.local/share/wesnoth |
518 | blacklist ${HOME}/.local/share/xplayer | 519 | blacklist ${HOME}/.local/share/xplayer |
519 | blacklist ${HOME}/.local/share/xreader | 520 | blacklist ${HOME}/.local/share/xreader |
@@ -569,11 +570,14 @@ blacklist ${HOME}/.sword | |||
569 | blacklist ${HOME}/.sylpheed-2.0 | 570 | blacklist ${HOME}/.sylpheed-2.0 |
570 | blacklist ${HOME}/.synfig | 571 | blacklist ${HOME}/.synfig |
571 | blacklist ${HOME}/.tconn | 572 | blacklist ${HOME}/.tconn |
573 | blacklist ${HOME}/.teeworlds | ||
572 | blacklist ${HOME}/.thunderbird | 574 | blacklist ${HOME}/.thunderbird |
573 | blacklist ${HOME}/.tilp | 575 | blacklist ${HOME}/.tilp |
574 | blacklist ${HOME}/.tooling | 576 | blacklist ${HOME}/.tooling |
575 | blacklist ${HOME}/.tor-browser-* | 577 | blacklist ${HOME}/.tor-browser-* |
576 | blacklist ${HOME}/.tor-browser_* | 578 | blacklist ${HOME}/.tor-browser_* |
579 | blacklist ${HOME}/.torcs | ||
580 | blacklist ${HOME}/.tremulous | ||
577 | blacklist ${HOME}/.ts3client | 581 | blacklist ${HOME}/.ts3client |
578 | blacklist ${HOME}/.tuxguitar* | 582 | blacklist ${HOME}/.tuxguitar* |
579 | blacklist ${HOME}/.unknown-horizons | 583 | blacklist ${HOME}/.unknown-horizons |
@@ -694,6 +698,7 @@ blacklist ${HOME}/.cache/transmission | |||
694 | blacklist ${HOME}/.cache/vivaldi | 698 | blacklist ${HOME}/.cache/vivaldi |
695 | blacklist ${HOME}/.cache/vivaldi-snapshot | 699 | blacklist ${HOME}/.cache/vivaldi-snapshot |
696 | blacklist ${HOME}/.cache/vlc | 700 | blacklist ${HOME}/.cache/vlc |
701 | blacklist ${HOME}/.cache/warsow-2.1 | ||
697 | blacklist ${HOME}/.cache/waterfox | 702 | blacklist ${HOME}/.cache/waterfox |
698 | blacklist ${HOME}/.cache/wesnoth | 703 | blacklist ${HOME}/.cache/wesnoth |
699 | blacklist ${HOME}/.cache/xmms2 | 704 | blacklist ${HOME}/.cache/xmms2 |
diff --git a/etc/teeworlds.profile b/etc/teeworlds.profile new file mode 100644 index 000000000..782f337d3 --- /dev/null +++ b/etc/teeworlds.profile | |||
@@ -0,0 +1,44 @@ | |||
1 | # Firejail profile for teeworlds | ||
2 | # Description: Online multi-player platform 2D shooter | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include teeworlds.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.teeworlds | ||
10 | |||
11 | include disable-common.inc | ||
12 | include disable-devel.inc | ||
13 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | ||
15 | include disable-passwdmgr.inc | ||
16 | include disable-programs.inc | ||
17 | include disable-xdg.inc | ||
18 | |||
19 | mkdir ${HOME}/.teeworlds | ||
20 | whitelist ${HOME}/.teeworlds | ||
21 | include whitelist-common.inc | ||
22 | include whitelist-var-common.inc | ||
23 | |||
24 | caps.drop all | ||
25 | ipc-namespace | ||
26 | netfilter | ||
27 | nodbus | ||
28 | nodvd | ||
29 | nogroups | ||
30 | nonewprivs | ||
31 | noroot | ||
32 | notv | ||
33 | nou2f | ||
34 | novideo | ||
35 | protocol unix,inet,inet6 | ||
36 | seccomp | ||
37 | shell none | ||
38 | tracelog | ||
39 | |||
40 | disable-mnt | ||
41 | private-bin teeworlds | ||
42 | private-cache | ||
43 | private-dev | ||
44 | private-tmp | ||
diff --git a/etc/torcs.profile b/etc/torcs.profile new file mode 100644 index 000000000..d9c59b276 --- /dev/null +++ b/etc/torcs.profile | |||
@@ -0,0 +1,43 @@ | |||
1 | # Firejail profile for torcs | ||
2 | # Description: The Open Racing Car Simulator | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include torcs.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.torcs | ||
10 | |||
11 | include disable-common.inc | ||
12 | include disable-devel.inc | ||
13 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | ||
15 | include disable-passwdmgr.inc | ||
16 | include disable-programs.inc | ||
17 | include disable-xdg.inc | ||
18 | |||
19 | mkdir ${HOME}/.torcs | ||
20 | whitelist ${HOME}/.torcs | ||
21 | include whitelist-common.inc | ||
22 | include whitelist-var-common.inc | ||
23 | |||
24 | caps.drop all | ||
25 | ipc-namespace | ||
26 | net none | ||
27 | nodbus | ||
28 | nodvd | ||
29 | nogroups | ||
30 | nonewprivs | ||
31 | noroot | ||
32 | notv | ||
33 | nou2f | ||
34 | novideo | ||
35 | protocol unix | ||
36 | seccomp | ||
37 | shell none | ||
38 | tracelog | ||
39 | |||
40 | disable-mnt | ||
41 | private-cache | ||
42 | private-dev | ||
43 | private-tmp | ||
diff --git a/etc/tremulous.profile b/etc/tremulous.profile new file mode 100644 index 000000000..a56ac2c07 --- /dev/null +++ b/etc/tremulous.profile | |||
@@ -0,0 +1,44 @@ | |||
1 | # Firejail profile for tremulous | ||
2 | # Description: First Person Shooter game based on the Quake 3 engine | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include tremulous.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.tremulous | ||
10 | |||
11 | include disable-common.inc | ||
12 | include disable-devel.inc | ||
13 | include disable-exec.inc | ||
14 | include disable-interpreters.inc | ||
15 | include disable-passwdmgr.inc | ||
16 | include disable-programs.inc | ||
17 | include disable-xdg.inc | ||
18 | |||
19 | mkdir ${HOME}/.tremulous | ||
20 | whitelist ${HOME}/.tremulous | ||
21 | include whitelist-common.inc | ||
22 | include whitelist-var-common.inc | ||
23 | |||
24 | caps.drop all | ||
25 | ipc-namespace | ||
26 | netfilter | ||
27 | nodbus | ||
28 | nodvd | ||
29 | nogroups | ||
30 | nonewprivs | ||
31 | noroot | ||
32 | notv | ||
33 | nou2f | ||
34 | novideo | ||
35 | protocol unix,inet,inet6 | ||
36 | seccomp | ||
37 | shell none | ||
38 | tracelog | ||
39 | |||
40 | disable-mnt | ||
41 | private-bin tremulous,tremulous-wrapper,tremded | ||
42 | private-cache | ||
43 | private-dev | ||
44 | private-tmp | ||
diff --git a/etc/warsow.profile b/etc/warsow.profile new file mode 100644 index 000000000..e884ab07a --- /dev/null +++ b/etc/warsow.profile | |||
@@ -0,0 +1,49 @@ | |||
1 | # Firejail profile for warsow | ||
2 | # Description: Fast paced 3D first person shooter | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include warsow.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | ignore noexec ${HOME} | ||
10 | |||
11 | noblacklist ${HOME}/.cache/warsow-2.1 | ||
12 | noblacklist ${HOME}/.local/share/warsow-2.1 | ||
13 | |||
14 | include disable-common.inc | ||
15 | include disable-devel.inc | ||
16 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | ||
18 | include disable-passwdmgr.inc | ||
19 | include disable-programs.inc | ||
20 | include disable-xdg.inc | ||
21 | |||
22 | mkdir ${HOME}/.cache/warsow-2.1 | ||
23 | mkdir ${HOME}/.local/share/warsow-2.1 | ||
24 | whitelist ${HOME}/.cache/warsow-2.1 | ||
25 | whitelist ${HOME}/.local/share/warsow-2.1 | ||
26 | include whitelist-common.inc | ||
27 | include whitelist-var-common.inc | ||
28 | |||
29 | caps.drop all | ||
30 | ipc-namespace | ||
31 | netfilter | ||
32 | nodbus | ||
33 | nodvd | ||
34 | nogroups | ||
35 | nonewprivs | ||
36 | noroot | ||
37 | notv | ||
38 | nou2f | ||
39 | novideo | ||
40 | protocol unix,inet,inet6 | ||
41 | seccomp | ||
42 | shell none | ||
43 | tracelog | ||
44 | |||
45 | disable-mnt | ||
46 | private-bin warsow | ||
47 | private-cache | ||
48 | private-dev | ||
49 | private-tmp | ||