From 204f2008600fd1f1cdbf52fd4d029c75d89bf2ea Mon Sep 17 00:00:00 2001
From: startx2017 <vradu.startx@yandex.com>
Date: Tue, 9 May 2017 10:32:26 -0400
Subject: blender and 2048-qt profiles

---
 README                     |  1 +
 README.md                  |  2 +-
 RELNOTES                   |  1 +
 etc/2048-qt.profile        | 27 +++++++++++++++++++++++++++
 etc/blender.profile        | 28 ++++++++++++++++++++++++++++
 etc/disable-programs.inc   |  2 ++
 platform/debian/conffiles  |  2 ++
 src/firecfg/firecfg.config |  2 ++
 8 files changed, 64 insertions(+), 1 deletion(-)
 create mode 100644 etc/2048-qt.profile
 create mode 100644 etc/blender.profile

diff --git a/README b/README
index 998037e31..915001ec2 100644
--- a/README
+++ b/README
@@ -394,6 +394,7 @@ startx2017 (https://github.com/startx2017)
 	- --quiet fixes
 	- 0.9.38-LTS branch maintainer
 	- firemon --top speed-up
+	- Blender and 2048-qt profiles
 thewisenerd (https://github.com/thewisenerd)
 	- allow multiple private-home commands
 	- use $SHELL variable if the shell is not specified
diff --git a/README.md b/README.md
index 65ae6457a..fdcca9e6e 100644
--- a/README.md
+++ b/README.md
@@ -219,4 +219,4 @@ Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, Me
 Nylas, dino, BibleTime, viewnior, Kodi, viking, youtube-dl, meld, Arduino, Akregator, KCalc, KTorrent,
 Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict, Ristretto, PCManFM, Dia, FontForge, Geany, Hugin,
 mate-calc, mate-dictionary, mate-color-select, caja, galculator, Nemo, gnome-font-viewer, gucharmap,
-knotes, clipit, leafpad, lximage-qt, lxmusic, qlipper, Xvfb, Xephyr 
+knotes, clipit, leafpad, lximage-qt, lxmusic, qlipper, Xvfb, Xephyr, Blender, 2048-qt 
diff --git a/RELNOTES b/RELNOTES
index ccd841e27..be9e35af7 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -49,6 +49,7 @@ firejail (0.9.46-rc1) baseline; urgency=low
   * new profiles: mate-calc, mate-dictionary, mate-color-select, caja,
   * new profiles: galculator, Nemo, gnome-font-viewer, gucharmap, knotes
   * new profiles: clipit, leafpad, lximage-qt, lxmusic, qlipper, Xvfb, Xephyr
+  * new profiles: Blender, 2048-qt
   * bugfixes
  -- netblue30 <netblue30@yahoo.com>  Fri, 7 Apr 2017 08:00:00 -0500
 
diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile
new file mode 100644
index 000000000..f0ec90ee7
--- /dev/null
+++ b/etc/2048-qt.profile
@@ -0,0 +1,27 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/2048-qt.local
+
+noblacklist ~/.config/xiaoyong
+noblacklist ~/.config/2048-qt
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
+
+#
+# depending on your usage, you can enable some of the commands below: 
+#
+nogroups
+shell none
+# private-bin program
+# private-etc none
+# private-dev
+# private-tmp
+nosound
diff --git a/etc/blender.profile b/etc/blender.profile
new file mode 100644
index 000000000..fac6f7731
--- /dev/null
+++ b/etc/blender.profile
@@ -0,0 +1,28 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/blender.local
+
+noblacklist ~/.config/blender
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6,netlink
+seccomp
+
+#
+# depending on your usage, you can enable some of the commands below: 
+#
+nogroups
+shell none
+# private-bin program
+# private-etc none
+# private-dev
+# private-tmp
+
+# blender uses the sound system
+# nosound
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 29da32bbf..0ee47a89e 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -21,6 +21,7 @@ blacklist ${HOME}/.bcast5
 blacklist ${HOME}/.bibletime
 blacklist ${HOME}/.claws-mail
 blacklist ${HOME}/.config/0ad
+blacklist ${HOME}/.config/2048-qt
 blacklist ${HOME}/.config/akregatorrc
 blacklist ${HOME}/.config/Atom
 blacklist ${HOME}/.config/Audaciousrc
@@ -151,6 +152,7 @@ blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
 blacklist ${HOME}/.config/xfce4/xfce4-notes.rc
 blacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc
 blacklist ${HOME}/.config/xfce4-dict
+blacklist ${HOME}/.config/xiaoyong
 blacklist ${HOME}/.config/xmms2
 blacklist ${HOME}/.config/xplayer
 blacklist ${HOME}/.config/xreader
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index ae7924140..af2f72d01 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -298,3 +298,5 @@
 /etc/firejail/qlipper.profile
 /etc/firejail/Xvfb.profile
 /etc/firejail/Xephyr.profile
+/etc/firejail/blender.profile
+/etc/firejail/2048-qt.profile
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 3869a5bdb..60e414755 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -2,6 +2,7 @@
 # This is the list of programs in alfabetical order handled by firecfg utility
 #
 0ad
+2048-qt
 abrowser
 akregator
 amarok
@@ -19,6 +20,7 @@ bibletime
 bitlbee
 bleachbit
 bless
+blender
 brasero
 brave
 cherrytree
-- 
cgit v1.2.3-70-g09d2