From 69009709796704a6d67827758be8b382672cf8f2 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Tue, 29 Nov 2016 06:47:23 -0500
Subject: Add 10 new profiles

Added profiles for Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, and Xonotic
---
 etc/bless.profile            | 20 ++++++++++++++++++++
 etc/disable-programs.inc     |  7 +++++++
 etc/gnome-2048.profile       | 25 +++++++++++++++++++++++++
 etc/gnome-calculator.profile | 19 +++++++++++++++++++
 etc/gnome-contacts.profile   | 19 +++++++++++++++++++
 etc/jd-gui.profile           | 19 +++++++++++++++++++
 etc/lollypop.profile         | 20 ++++++++++++++++++++
 etc/multimc5.profile         | 27 +++++++++++++++++++++++++++
 etc/pdfsam.profile           | 17 +++++++++++++++++
 etc/pithos.profile           | 19 +++++++++++++++++++
 etc/xonotic-glx.profile      |  5 +++++
 etc/xonotic-sdl.profile      |  5 +++++
 etc/xonotic.profile          | 25 +++++++++++++++++++++++++
 13 files changed, 227 insertions(+)
 create mode 100644 etc/bless.profile
 create mode 100644 etc/gnome-2048.profile
 create mode 100644 etc/gnome-calculator.profile
 create mode 100644 etc/gnome-contacts.profile
 create mode 100644 etc/jd-gui.profile
 create mode 100644 etc/lollypop.profile
 create mode 100644 etc/multimc5.profile
 create mode 100644 etc/pdfsam.profile
 create mode 100644 etc/pithos.profile
 create mode 100644 etc/xonotic-glx.profile
 create mode 100644 etc/xonotic-sdl.profile
 create mode 100644 etc/xonotic.profile

diff --git a/etc/bless.profile b/etc/bless.profile
new file mode 100644
index 000000000..752edadf7
--- /dev/null
+++ b/etc/bless.profile
@@ -0,0 +1,20 @@
+#
+#Profile for bless
+#
+
+#No Blacklist Paths
+noblacklist ${HOME}/.config/bless
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 76a4c4607..f46274545 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -10,6 +10,7 @@ blacklist ${HOME}/.stellarium
 blacklist ${HOME}/.sword
 blacklist ${HOME}/.xiphos
 blacklist ${HOME}/.config/Atom
+blacklist ${HOME}/.config/bless
 blacklist ${HOME}/.config/gthumb
 blacklist ${HOME}/.config/mupen64plus
 blacklist ${HOME}/.config/transmission
@@ -44,6 +45,7 @@ blacklist ${HOME}/.openshot_qt
 blacklist ${HOME}/.flowblade
 blacklist ${HOME}/.config/flowblade
 blacklist ${HOME}/.config/eog
+blacklist ${HOME}/.config/jd-gui.cfg
 
 
 # Media players
@@ -56,6 +58,7 @@ blacklist ${HOME}/.config/totem
 blacklist ${HOME}/.config/xplayer
 blacklist ${HOME}/.audacity-data
 blacklist ${HOME}/.guayadeque
+blacklist ${HOME}/.local/share/lollypop
 
 # HTTP / FTP / Mail
 blacklist ${HOME}/.icedove
@@ -119,6 +122,10 @@ blacklist ${HOME}/.config/wesnoth
 blacklist ${HOME}/.config/0ad
 blacklist ${HOME}/.warzone2100-3.1
 blacklist ${HOME}/.dosbox
+blacklist ${HOME}/.local/share/gnome-2048
+blacklist ${HOME}/.local/share/multimc5
+blacklist ${HOME}/.multimc5
+blacklist ${HOME}/.xonotic
 
 # Cryptocoins
 blacklist ${HOME}/.*coin
diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile
new file mode 100644
index 000000000..f9982da61
--- /dev/null
+++ b/etc/gnome-2048.profile
@@ -0,0 +1,25 @@
+#
+#Profile for gnome-2048
+#
+
+#No Blacklist Paths
+noblacklist ${HOME}/.local/share/gnome-2048
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Whitelist Paths
+mkdir ${HOME}/.local/share/gnome-2048
+whitelist ${HOME}/.local/share/gnome-2048
+include /etc/firejail/whitelist-common.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile
new file mode 100644
index 000000000..49e068171
--- /dev/null
+++ b/etc/gnome-calculator.profile
@@ -0,0 +1,19 @@
+#
+#Profile for gnome-calculator
+#
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+include /etc/firejail/whitelist-common.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile
new file mode 100644
index 000000000..9dc25b26c
--- /dev/null
+++ b/etc/gnome-contacts.profile
@@ -0,0 +1,19 @@
+#
+#Profile for gnome-contacts
+#
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+include /etc/firejail/whitelist-common.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile
new file mode 100644
index 000000000..1d6eb41f8
--- /dev/null
+++ b/etc/jd-gui.profile
@@ -0,0 +1,19 @@
+#
+#Profile for jd-gui
+#
+
+noblacklist ${HOME}/.config/jd-gui.cfg
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/lollypop.profile b/etc/lollypop.profile
new file mode 100644
index 000000000..41a662bca
--- /dev/null
+++ b/etc/lollypop.profile
@@ -0,0 +1,20 @@
+#
+#Profile for lollypop
+#
+
+#No Blacklist Paths
+noblacklist ${HOME}/.local/share/lollypop
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/multimc5.profile b/etc/multimc5.profile
new file mode 100644
index 000000000..cc310f294
--- /dev/null
+++ b/etc/multimc5.profile
@@ -0,0 +1,27 @@
+#
+#Profile for multimc5
+#
+
+#No Blacklist Paths
+noblacklist ${HOME}/.local/share/multimc5
+noblacklist ${HOME}/.multimc5
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Whitelist Paths
+mkdir ${HOME}/.local/share/multimc5
+whitelist ${HOME}/.local/share/multimc5
+mkdir ${HOME}/.multimc5
+whitelist ${HOME}/.multimc5
+include /etc/firejail/whitelist-common.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile
new file mode 100644
index 000000000..6e50f37cf
--- /dev/null
+++ b/etc/pdfsam.profile
@@ -0,0 +1,17 @@
+#
+#Profile for pdfsam
+#
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/pithos.profile b/etc/pithos.profile
new file mode 100644
index 000000000..8270b8bee
--- /dev/null
+++ b/etc/pithos.profile
@@ -0,0 +1,19 @@
+#
+#Profile for pithos
+#
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+include /etc/firejail/whitelist-common.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
diff --git a/etc/xonotic-glx.profile b/etc/xonotic-glx.profile
new file mode 100644
index 000000000..b255ffdbb
--- /dev/null
+++ b/etc/xonotic-glx.profile
@@ -0,0 +1,5 @@
+#
+#Profile for xonotic:xonotic-glx
+#
+
+include /etc/firejail/xonotic.profile
diff --git a/etc/xonotic-sdl.profile b/etc/xonotic-sdl.profile
new file mode 100644
index 000000000..783667304
--- /dev/null
+++ b/etc/xonotic-sdl.profile
@@ -0,0 +1,5 @@
+#
+#Profile for xonotic:xonotic-sdl
+#
+
+include /etc/firejail/xonotic.profile
diff --git a/etc/xonotic.profile b/etc/xonotic.profile
new file mode 100644
index 000000000..75d649619
--- /dev/null
+++ b/etc/xonotic.profile
@@ -0,0 +1,25 @@
+#
+#Profile for xonotic
+#
+
+#No Blacklist Paths
+noblacklist ${HOME}/.xonotic
+
+#Blacklist Paths
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-devel.inc
+
+#Whitelist Paths
+mkdir ${HOME}/.xonotic
+whitelist ${HOME}/.xonotic
+include /etc/firejail/whitelist-common.inc
+
+#Options
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
-- 
cgit v1.2.3-54-g00ecf