From c34312176b7aa77f09598da56809e7156af3c860 Mon Sep 17 00:00:00 2001
From: Vasya Novikov <n1dr+cm3513git@ya.ru>
Date: Wed, 2 Mar 2016 22:28:56 +0300
Subject: add hedgewars profile (whitelist)

---
 Makefile.in               |  1 +
 README                    |  1 +
 README.md                 |  2 +-
 etc/hedgewars.profile     | 17 +++++++++++++++++
 platform/debian/conffiles |  1 +
 5 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 etc/hedgewars.profile

diff --git a/Makefile.in b/Makefile.in
index 0f5e2344d..561dea897 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -142,6 +142,7 @@ realinstall:
 	install -c -m 0644 .etc/lxterminal.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/cherrytree.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/wesnoth.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+	install -c -m 0644 .etc/hedgewars.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/vivaldi.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/vivaldi-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
diff --git a/README b/README
index 29189e751..53ab416e7 100644
--- a/README
+++ b/README
@@ -25,6 +25,7 @@ yumkam (https://github.com/yumkam)
 	- man page fixes
 Vasya Novikov (https://github.com/vn971)
 	- Wesnoth profile
+	- Hedegewars profile
 	- manpage fixes
 mahdi1234 (https://github.com/mahdi1234)
 	- cherrytree profile
diff --git a/README.md b/README.md
index fa622eee5..ac436cd8e 100644
--- a/README.md
+++ b/README.md
@@ -113,4 +113,4 @@ $ man firejail-profile
 
 ## New security profiles
 
-lxterminal, Epiphany, cherrytree, Battle for Wesnoth
+lxterminal, Epiphany, cherrytree, Battle for Wesnoth, Hedgewars
diff --git a/etc/hedgewars.profile b/etc/hedgewars.profile
new file mode 100644
index 000000000..03a376e2f
--- /dev/null
+++ b/etc/hedgewars.profile
@@ -0,0 +1,17 @@
+# whitelist profile for Hedgewars (game)
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-mgmt.inc
+include /etc/firejail/disable-secret.inc
+include /etc/firejail/disable-terminals.inc
+
+caps.drop all
+noroot
+private-dev
+whitelist /tmp/.X11-unix
+seccomp
+tracelog
+
+mkdir     ~/.hedgewars
+whitelist ~/.hedgewars
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index d8b3dadb8..7c5cba882 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -68,5 +68,6 @@
 /etc/firejail/lxterminal.profile
 /etc/firejail/cherrytree.profile
 /etc/firejail/wesnoth.profile
+/etc/firejail/hedgewars.profile
 /etc/firejail/vivaldi.profile
 /etc/firejail/vivaldi-beta.profile
-- 
cgit v1.2.3-70-g09d2