From 67ece7fc43e92f68ebf4fd6547030618e5ddc74c Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sun, 24 Nov 2019 19:44:23 +0000 Subject: Add new profile: cameramonitor (#3056) * Create cameramonitor.profile * Add cameramonitor to firecfg.config --- etc/cameramonitor.profile | 53 ++++++++++++++++++++++++++++++++++++++++++++++ src/firecfg/firecfg.config | 1 + 2 files changed, 54 insertions(+) create mode 100644 etc/cameramonitor.profile diff --git a/etc/cameramonitor.profile b/etc/cameramonitor.profile new file mode 100644 index 000000000..1d7aa0f9c --- /dev/null +++ b/etc/cameramonitor.profile @@ -0,0 +1,53 @@ +# Firejail profile for cameramonitor +# Description: A little monitor to check your webcam status +# This file is overwritten after every install/update +quiet +# Persistent local customizations +include cameramonitor.local +# Persistent global definitions +include globals.local + +# Allow python (blacklisted by disable-interpreters.inc) +include allow-python2.inc +include allow-python3.inc + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +include disable-programs.inc +include disable-xdg.inc + +whitelist /usr/share/cameramonitor +include whitelist-common.inc +include whitelist-usr-share-common.inc +include whitelist-var-common.inc + +apparmor +caps.drop all +ipc-namespace +machine-id +net none +no3d +#nodbus +nodvd +nogroups +nonewprivs +noroot +nosound +notv +nou2f +novideo +protocol unix +seccomp +shell none +tracelog + +disable-mnt +private-bin cameramonitor,python* +private-cache +private-etc alternatives,fonts +private-tmp + +# memory-deny-write-execute - breaks on Arch diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 9ad97f030..ffedf486f 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -97,6 +97,7 @@ calligraplanwork calligrasheets calligrastage calligrawords +cameramonitor cantata catfish celluloid -- cgit v1.2.3-54-g00ecf