From 4b36eeb59618b1b1b14e66aedb220e7392f1b6a6 Mon Sep 17 00:00:00 2001
From: veloute <21003408+veloute@users.noreply.github.com>
Date: Sun, 22 Jul 2018 12:52:49 +1000
Subject: Create standardnotes-desktop.profile

---
 etc/standardnotes-desktop.profile | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 etc/standardnotes-desktop.profile

diff --git a/etc/standardnotes-desktop.profile b/etc/standardnotes-desktop.profile
new file mode 100644
index 000000000..463f51de9
--- /dev/null
+++ b/etc/standardnotes-desktop.profile
@@ -0,0 +1,25 @@
+# Firejail profile for standardnotes-desktop
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/standardnotes-desktop.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+
+whitelist ${HOME}/Standard Notes Backups
+whitelist ${HOME}/.config/Standard Notes
+
+apparmor
+caps.drop all
+netfilter
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+protocol unix,inet,inet6,netlink
+seccomp
-- 
cgit v1.2.3-54-g00ecf


From 3d1d289566fb0b842d0faad13c9e3e3c30d397ef Mon Sep 17 00:00:00 2001
From: veloute <21003408+veloute@users.noreply.github.com>
Date: Sun, 22 Jul 2018 13:52:28 +1000
Subject: Added changes

---
 etc/standardnotes-desktop.profile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/etc/standardnotes-desktop.profile b/etc/standardnotes-desktop.profile
index 463f51de9..45d36e689 100644
--- a/etc/standardnotes-desktop.profile
+++ b/etc/standardnotes-desktop.profile
@@ -8,6 +8,8 @@ include /etc/firejail/globals.local
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-interpreters.inc
 
 whitelist ${HOME}/Standard Notes Backups
 whitelist ${HOME}/.config/Standard Notes
@@ -15,11 +17,13 @@ whitelist ${HOME}/.config/Standard Notes
 apparmor
 caps.drop all
 netfilter
+machine-id
 nodbus
 nodvd
 nogroups
 nonewprivs
 noroot
+nosound
 notv
 protocol unix,inet,inet6,netlink
-seccomp
+seccom
-- 
cgit v1.2.3-54-g00ecf


From 41b230c899cdd33f2f2b24f13fd0902cbe77e0b0 Mon Sep 17 00:00:00 2001
From: veloute <21003408+veloute@users.noreply.github.com>
Date: Sun, 22 Jul 2018 19:31:37 +1000
Subject: alphabetised and added whitelist-var-common

---
 etc/standardnotes-desktop.profile | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/etc/standardnotes-desktop.profile b/etc/standardnotes-desktop.profile
index 45d36e689..5f24a1618 100644
--- a/etc/standardnotes-desktop.profile
+++ b/etc/standardnotes-desktop.profile
@@ -6,11 +6,12 @@ include /etc/firejail/standardnotes-desktop.local
 include /etc/firejail/globals.local
 
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-passwdmgr.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 
+include /etc/firejail/whitelist-var-common.inc
 whitelist ${HOME}/Standard Notes Backups
 whitelist ${HOME}/.config/Standard Notes
 
-- 
cgit v1.2.3-54-g00ecf


From f3102b2b493e30b64477d1303982ac0806ec6721 Mon Sep 17 00:00:00 2001
From: veloute <21003408+veloute@users.noreply.github.com>
Date: Sun, 22 Jul 2018 19:37:06 +1000
Subject: more changes

---
 etc/standardnotes-desktop.profile | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/etc/standardnotes-desktop.profile b/etc/standardnotes-desktop.profile
index 5f24a1618..93c6eeec2 100644
--- a/etc/standardnotes-desktop.profile
+++ b/etc/standardnotes-desktop.profile
@@ -27,4 +27,11 @@ noroot
 nosound
 notv
 protocol unix,inet,inet6,netlink
-seccom
+seccomp
+disable-mnt
+private-dev
+private-tmp
+private-etc ca-certificates,fonts,host.conf,hostname,hosts,resolv.conf,ssl,pki,crypto-policies,xdg
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-54-g00ecf


From 3d963bb29a1ae8a08e99a326e1f93f4196bf4d89 Mon Sep 17 00:00:00 2001
From: veloute <21003408+veloute@users.noreply.github.com>
Date: Sun, 22 Jul 2018 19:39:30 +1000
Subject: added mkdir for whitelisted folders

---
 etc/standardnotes-desktop.profile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/etc/standardnotes-desktop.profile b/etc/standardnotes-desktop.profile
index 93c6eeec2..202d3761d 100644
--- a/etc/standardnotes-desktop.profile
+++ b/etc/standardnotes-desktop.profile
@@ -12,6 +12,9 @@ include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
 include /etc/firejail/whitelist-var-common.inc
+
+mkdir ${HOME}/Standard Notes Backups
+mkdir ${HOME}/.config/Standard Notes
 whitelist ${HOME}/Standard Notes Backups
 whitelist ${HOME}/.config/Standard Notes
 
-- 
cgit v1.2.3-54-g00ecf