diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/github-desktop.profile (renamed from etc/desktop.profile) | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/etc/desktop.profile b/etc/github-desktop.profile index bfb1618b2..9ac212fe8 100644 --- a/etc/desktop.profile +++ b/etc/github-desktop.profile | |||
@@ -1,4 +1,4 @@ | |||
1 | # Firejail profile for desktop | 1 | # Firejail profile for github-desktop |
2 | # Description: Extend your GitHub workflow beyond your browser with GitHub Desktop | 2 | # Description: Extend your GitHub workflow beyond your browser with GitHub Desktop |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
@@ -6,8 +6,8 @@ include github-desktop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | whitelist ${HOME}/.gitconfig | 9 | noblacklist ${HOME}/.gitconfig |
10 | whitelist ${HOME}/.config/GitHub Desktop | 10 | noblacklist ${HOME}/.config/GitHub Desktop |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
@@ -15,8 +15,6 @@ include disable-programs.inc | |||
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
17 | 17 | ||
18 | include whitelist-common.inc | ||
19 | |||
20 | caps.drop all | 18 | caps.drop all |
21 | netfilter | 19 | netfilter |
22 | # no3d | 20 | # no3d |
@@ -31,14 +29,20 @@ novideo | |||
31 | protocol unix,inet,inet6,netlink | 29 | protocol unix,inet,inet6,netlink |
32 | seccomp | 30 | seccomp |
33 | 31 | ||
32 | # Note: On debian-based distributions the binary might be located in | ||
33 | # /opt/GitHub Desktop/github-desktop, and therefore not be in PATH. | ||
34 | # If that's the case you can start GitHub Desktop with firejail via | ||
35 | # `firejail "/opt/GitHub Desktop/github-desktop"`. | ||
36 | |||
34 | disable-mnt | 37 | disable-mnt |
35 | # private-bin Atom,desktop | 38 | # private-bin github-desktop |
36 | # private-cache | 39 | private-cache |
37 | # private-dev | 40 | ?HAS_APPIMAGE: ignore private-dev |
41 | private-dev | ||
38 | # private-etc none | 42 | # private-etc none |
39 | # private-lib | 43 | # private-lib |
40 | # private-tmp | 44 | private-tmp |
41 | 45 | ||
42 | # memory-deny-write-execute | 46 | # memory-deny-write-execute |
43 | # noexec ${HOME} | 47 | noexec ${HOME} |
44 | # noexec /tmp | 48 | noexec /tmp |