From 5aa533f9e1bb64ea5cb683e668da04b879e4f14f Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Mon, 18 Mar 2024 14:31:05 +0000 Subject: New profile: rymdport.profile (#6251) Description: Encrypted sharing of files, folders, and text between devices. https://github.com/Jacalz/rymdport --- etc/inc/disable-programs.inc | 1 + etc/profile-m-z/rymdport.profile | 62 ++++++++++++++++++++++++++++++++++++++++ src/firecfg/firecfg.config | 1 + 3 files changed, 64 insertions(+) create mode 100644 etc/profile-m-z/rymdport.profile diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 6c4e782c6..2da55c8ea 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc @@ -451,6 +451,7 @@ blacklist ${HOME}/.config/flaska.net blacklist ${HOME}/.config/flowblade blacklist ${HOME}/.config/font-manager blacklist ${HOME}/.config/freecol +blacklist ${HOME}/.config/fyne blacklist ${HOME}/.config/gajim blacklist ${HOME}/.config/galculator blacklist ${HOME}/.config/gallery-dl diff --git a/etc/profile-m-z/rymdport.profile b/etc/profile-m-z/rymdport.profile new file mode 100644 index 000000000..b357eb75c --- /dev/null +++ b/etc/profile-m-z/rymdport.profile @@ -0,0 +1,62 @@ +# Firejail profile for rymdport +# Description: Encrypted sharing of files, folders, and text between devices +# This file is overwritten after every install/update +# Persistent local customizations +include rymdport.local +# Persistent global definitions +include globals.local + +blacklist /usr/libexec + +noblacklist ${HOME}/.config/fyne + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-proc.inc +include disable-programs.inc +include disable-shell.inc +#include disable-xdg.inc + +#mkdir ${HOME}/.config/fyne +#whitelist ${HOME}/.config/fyne +#whitelist ${DOWNLOADS} +#include whitelist-common.inc +include whitelist-run-common.inc +include whitelist-runuser-common.inc +include whitelist-usr-share-common.inc +include whitelist-var-common.inc + +apparmor +caps.drop all +ipc-namespace +machine-id +netfilter +no3d +nodvd +nogroups +noinput +nonewprivs +noprinters +noroot +nosound +notv +nou2f +novideo +protocol unix,inet,inet6 +seccomp +seccomp.block-secondary +tracelog + +#disable-mnt +private-bin rymdport +private-cache +private-dev +private-etc @network,@tls-ca,@x11 +private-tmp + +dbus-user none +dbus-system none + +restrict-namespaces diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 79f425c51..f113e3760 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -768,6 +768,7 @@ rpcs3 rssguard rtorrent runenpass.sh +rymdport sayonara scallion scorched3d -- cgit v1.2.3-54-g00ecf