From 4a5449b4c6869835b743a6a4566d89d84df3ce67 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Thu, 13 Jun 2019 08:38:16 -0400
Subject: OpenArena profile

---
 README.md                  |  2 +-
 etc/disable-programs.inc   |  1 +
 etc/openarena.profile      | 51 ++++++++++++++++++++++++++++++++++++++++++++++
 src/firecfg/firecfg.config |  1 +
 4 files changed, 54 insertions(+), 1 deletion(-)
 create mode 100644 etc/openarena.profile

diff --git a/README.md b/README.md
index e6c3ecaca..c677a2cbb 100644
--- a/README.md
+++ b/README.md
@@ -111,4 +111,4 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe
 
 ## New profiles:
 
-klatexformula, klatexformula_cmdl, links, pandoc, qgis, teams-for-linux, xlinks
+klatexformula, klatexformula_cmdl, links, pandoc, qgis, teams-for-linux, xlinks. OpenArena
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 9d3f3ab68..7684aefff 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -575,6 +575,7 @@ blacklist ${HOME}/.neverball
 blacklist ${HOME}/.newsboat
 blacklist ${HOME}/.nv
 blacklist ${HOME}/.nylas-mail
+blacklist ${HOME}/.openarena
 blacklist ${HOME}/.opencity
 blacklist ${HOME}/.openinvaders
 blacklist ${HOME}/.openshot
diff --git a/etc/openarena.profile b/etc/openarena.profile
new file mode 100644
index 000000000..f36d3270f
--- /dev/null
+++ b/etc/openarena.profile
@@ -0,0 +1,51 @@
+# Firejail profile for OpenArena
+# Description: deathmatch FPS game based on GPL idTech3 technology
+# This file is overwritten after every install/update
+# Persistent local customizations
+include openarena.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.openarena
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+# ipc-namespace
+# machine-id
+# net none
+# netfilter
+# no3d
+# nodbus
+# nodvd
+# nogroups
+nonewprivs
+noroot
+# nosound
+notv
+# nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+# tracelog
+
+# disable-mnt
+# private
+# private-bin openarena
+private-cache
+private-dev
+# private-etc machine-id,xdg,openal,udev,drirc,passwd,selinux
+# private-lib
+private-tmp
+
+# memory-deny-write-execute
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index d21abbc9a..ad8b99270 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -416,6 +416,7 @@ oggsplt
 okular
 onionshare-gui
 open-invaders
+openarena
 opencity
 openshot
 openshot-qt
-- 
cgit v1.2.3-70-g09d2