2 files changed, 32 insertions, 1 deletions
diff --git a/etc/arduino.profile b/etc/arduino.profile
new file mode 100644
index 000000000..e80222bb6
--- /dev/null
+++ b/etc/arduino.profile
@@ -0,0 +1,28 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/arduino.local
+# Firejail profile for arduino
+noblacklist ${HOME}/.arduino15
+noblacklist ${HOME}/Arduino
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+caps.drop all
+netfilter
+no3d
+nogroups
+nonewprivs
+noroot
+nosound
+protocol unix,inet,inet6
+seccomp
+shell none
+private-tmp
+noexec ${HOME}
+noexec /tmp
diff --git a/etc/qtox.profile b/etc/qtox.profile
index 40a959d05..f3158b206 100644
--- a/etc/qtox.profile
+++ b/etc/qtox.profile
@@ -3,7 +3,8 @@
 include /etc/firejail/qtox.local
 # qTox instant messaging profile
-noblacklist ${HOME}/.config/tox
+noblacklist ~/.config/tox
+noblacklist ~/.config/qt5ct
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
@@ -11,6 +12,8 @@ include /etc/firejail/disable-passwdmgr.inc
 mkdir ${HOME}/.config/tox
 whitelist ${HOME}/.config/tox
+mkdir ${HOME}/.config/qt5ct
+whitelist ${HOME}/.config/qt5ct
 whitelist ${DOWNLOADS}
 caps.drop all

diff --git a/etc/arduino.profile b/etc/arduino.profile new file mode 100644 index 000000000..e80222bb6 --- /dev/null +++ b/etc/arduino.profile
@@ -0,0 +1,28 @@
		1	# This file is overwritten during software install.
		2	# Persistent customizations should go in a .local file.
		3	include /etc/firejail/arduino.local
		4
		5	# Firejail profile for arduino
		6	noblacklist ${HOME}/.arduino15
		7	noblacklist ${HOME}/Arduino
		8
		9	include /etc/firejail/disable-common.inc
		10	include /etc/firejail/disable-programs.inc
		11	include /etc/firejail/disable-passwdmgr.inc
		12	include /etc/firejail/disable-devel.inc
		13
		14	caps.drop all
		15	netfilter
		16	no3d
		17	nogroups
		18	nonewprivs
		19	noroot
		20	nosound
		21	protocol unix,inet,inet6
		22	seccomp
		23	shell none
		24
		25	private-tmp
		26
		27	noexec ${HOME}
		28	noexec /tmp


diff --git a/etc/qtox.profile b/etc/qtox.profile index 40a959d05..f3158b206 100644 --- a/etc/qtox.profile +++ b/etc/qtox.profile
@@ -3,7 +3,8 @@
3	include /etc/firejail/qtox.local	3	include /etc/firejail/qtox.local
4		4
5	# qTox instant messaging profile	5	# qTox instant messaging profile
6	noblacklist ${HOME}/.config/tox	6	noblacklist ~/.config/tox
		7	noblacklist ~/.config/qt5ct
7	include /etc/firejail/disable-common.inc	8	include /etc/firejail/disable-common.inc
8	include /etc/firejail/disable-programs.inc	9	include /etc/firejail/disable-programs.inc
9	include /etc/firejail/disable-devel.inc	10	include /etc/firejail/disable-devel.inc
@@ -11,6 +12,8 @@ include /etc/firejail/disable-passwdmgr.inc
11		12
12	mkdir ${HOME}/.config/tox	13	mkdir ${HOME}/.config/tox
13	whitelist ${HOME}/.config/tox	14	whitelist ${HOME}/.config/tox
		15	mkdir ${HOME}/.config/qt5ct
		16	whitelist ${HOME}/.config/qt5ct
14	whitelist ${DOWNLOADS}	17	whitelist ${DOWNLOADS}
15		18
16	caps.drop all	19	caps.drop all