diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/mate-calc.profile | 26 | ||||
-rw-r--r-- | etc/mate-calculator.profile | 2 | ||||
-rw-r--r-- | etc/mate-color-select.profile | 26 | ||||
-rw-r--r-- | etc/mate-dictionary.profile | 26 |
5 files changed, 82 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 285a7f7e3..0f6ed5fa1 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -96,6 +96,8 @@ blacklist ${HOME}/.config/katevirc | |||
96 | blacklist ${HOME}/.config/kdeconnect | 96 | blacklist ${HOME}/.config/kdeconnect |
97 | blacklist ${HOME}/.config/libreoffice | 97 | blacklist ${HOME}/.config/libreoffice |
98 | blacklist ${HOME}/.config/mate/eom | 98 | blacklist ${HOME}/.config/mate/eom |
99 | blacklist ${HOME}/.config/mate/mate-dictionary | ||
100 | blacklist ${HOME}/.config/mate-calc | ||
99 | blacklist ${HOME}/.config/midori | 101 | blacklist ${HOME}/.config/midori |
100 | blacklist ${HOME}/.config/mpv | 102 | blacklist ${HOME}/.config/mpv |
101 | blacklist ${HOME}/.config/mupen64plus | 103 | blacklist ${HOME}/.config/mupen64plus |
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile new file mode 100644 index 000000000..81e8ddc03 --- /dev/null +++ b/etc/mate-calc.profile | |||
@@ -0,0 +1,26 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include /etc/firejail/mate-calc.local | ||
4 | |||
5 | noblacklist ${HOME}/.config/mate-calc | ||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | |||
10 | caps.drop all | ||
11 | netfilter | ||
12 | nonewprivs | ||
13 | noroot | ||
14 | protocol unix,inet,inet6 | ||
15 | seccomp | ||
16 | |||
17 | # | ||
18 | # depending on your usage, you can enable some of the commands below: | ||
19 | # | ||
20 | nogroups | ||
21 | shell none | ||
22 | # private-bin program | ||
23 | # private-etc none | ||
24 | # private-dev | ||
25 | # private-tmp | ||
26 | nosound | ||
diff --git a/etc/mate-calculator.profile b/etc/mate-calculator.profile new file mode 100644 index 000000000..0267a4b84 --- /dev/null +++ b/etc/mate-calculator.profile | |||
@@ -0,0 +1,2 @@ | |||
1 | #include /etc/firejail/mate-calc.profile | ||
2 | |||
diff --git a/etc/mate-color-select.profile b/etc/mate-color-select.profile new file mode 100644 index 000000000..e513d9b3b --- /dev/null +++ b/etc/mate-color-select.profile | |||
@@ -0,0 +1,26 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include /etc/firejail/default.local | ||
4 | |||
5 | private | ||
6 | #include /etc/firejail/disable-common.inc | ||
7 | #include /etc/firejail/disable-programs.inc | ||
8 | #include /etc/firejail/disable-passwdmgr.inc | ||
9 | |||
10 | caps.drop all | ||
11 | netfilter | ||
12 | nonewprivs | ||
13 | noroot | ||
14 | protocol unix,inet,inet6 | ||
15 | seccomp | ||
16 | |||
17 | # | ||
18 | # depending on your usage, you can enable some of the commands below: | ||
19 | # | ||
20 | nogroups | ||
21 | shell none | ||
22 | # private-bin program | ||
23 | # private-etc none | ||
24 | # private-dev | ||
25 | # private-tmp | ||
26 | nosound | ||
diff --git a/etc/mate-dictionary.profile b/etc/mate-dictionary.profile new file mode 100644 index 000000000..0a472fca7 --- /dev/null +++ b/etc/mate-dictionary.profile | |||
@@ -0,0 +1,26 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include /etc/firejail/mate-dictionary.local | ||
4 | |||
5 | noblacklist ${HOME}/.config/mate/mate-dictionary | ||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | |||
10 | caps.drop all | ||
11 | netfilter | ||
12 | nonewprivs | ||
13 | noroot | ||
14 | protocol unix,inet,inet6 | ||
15 | seccomp | ||
16 | |||
17 | # | ||
18 | # depending on your usage, you can enable some of the commands below: | ||
19 | # | ||
20 | nogroups | ||
21 | shell none | ||
22 | # private-bin program | ||
23 | # private-etc none | ||
24 | # private-dev | ||
25 | # private-tmp | ||
26 | nosound | ||