From df53dcec8aa036ca99b244df3ddddd6ac48aa28b Mon Sep 17 00:00:00 2001
From: lecso7 <74806639+lecso7@users.noreply.github.com>
Date: Sun, 19 Sep 2021 18:31:52 -0800
Subject: Create goldendict.profile

---
 etc/inc/disable-programs.inc       |  2 ++
 etc/profile-a-l/goldendict.profile | 57 ++++++++++++++++++++++++++++++++++++++
 src/firecfg/firecfg.config         |  1 +
 3 files changed, 60 insertions(+)
 create mode 100644 etc/profile-a-l/goldendict.profile

diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 4941630a2..e77ceb41c 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -502,6 +502,7 @@ blacklist ${HOME}/.gitconfig
 blacklist ${HOME}/.gl-117
 blacklist ${HOME}/.glaxiumrc
 blacklist ${HOME}/.gnome/gnome-schedule
+blacklist ${HOME}/.goldendict
 blacklist ${HOME}/.googleearth
 blacklist ${HOME}/.gradle
 blacklist ${HOME}/.gramps
@@ -967,6 +968,7 @@ blacklist ${HOME}/.cache/Enpass
 blacklist ${HOME}/.cache/Ferdi
 blacklist ${HOME}/.cache/Flavio Tordini
 blacklist ${HOME}/.cache/Franz
+blacklist ${HOME}/.cache/GoldenDict
 blacklist ${HOME}/.cache/INRIA
 blacklist ${HOME}/.cache/INRIA/Natron
 blacklist ${HOME}/.cache/KDE/neochat
diff --git a/etc/profile-a-l/goldendict.profile b/etc/profile-a-l/goldendict.profile
new file mode 100644
index 000000000..59a572319
--- /dev/null
+++ b/etc/profile-a-l/goldendict.profile
@@ -0,0 +1,57 @@
+# Firejail profile for goldendict
+# This file is overwritten after every install/update
+# Persistent local customizations
+include goldendict.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.goldendict
+noblacklist ${HOME}/.cache/GoldenDict
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.goldendict
+mkdir ${HOME}/.cache/GoldenDict
+whitelist ${HOME}/.goldendict
+whitelist ${HOME}/.cache/GoldenDict
+# The default path of dictionaries
+whitelist /usr/share/stardict/dic
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+netfilter
+# no3d leads to the libGL MESA-LOADER errors
+#no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noroot
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+seccomp.block-secondary
+shell none
+tracelog
+
+disable-mnt
+private-bin goldendict
+private-cache
+private-dev
+private-etc ca-certificates,crypto-policies,fonts,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl
+private-tmp
+
+dbus-user none
+dbus-system none
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 698630180..a544e25f2 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -348,6 +348,7 @@ gnome-weather
 gnote
 gnubik
 godot
+goldendict
 goobox
 google-chrome
 google-chrome-beta
-- 
cgit v1.2.3-54-g00ecf