From dcfb4b9522cf0cc074c36d73bf5eb108a658eee7 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 18 Sep 2017 12:19:15 -0400
Subject: Add a profile for ClamAV's clamscan

---
 etc/clamscan.profile       | 32 ++++++++++++++++++++++++++++++++
 src/firecfg/firecfg.config |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 etc/clamscan.profile

diff --git a/etc/clamscan.profile b/etc/clamscan.profile
new file mode 100644
index 000000000..2fd10171f
--- /dev/null
+++ b/etc/clamscan.profile
@@ -0,0 +1,32 @@
+# Firejail profile for clamscan
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include /etc/firejail/clamscan.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+
+
+caps.drop all
+ipc-namespace
+net none
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+x11 none
+
+private-dev
+read-only ${HOME}
+
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 3f73ac635..e623a1aa2 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -41,6 +41,7 @@ catfish
 cherrytree
 chromium
 chromium-browser
+clamscan
 claws-mail
 clementine
 clipit
-- 
cgit v1.2.3-70-g09d2