From e5aab2aa6f2423af9dd2f7830c6311995965204e Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 15 Mar 2021 14:30:07 -0400
Subject: Add a profile for openmw

---
 etc/inc/disable-programs.inc            |  2 ++
 etc/profile-m-z/openmw-launcher.profile |  7 ++++
 etc/profile-m-z/openmw.profile          | 60 +++++++++++++++++++++++++++++++++
 3 files changed, 69 insertions(+)
 create mode 100644 etc/profile-m-z/openmw-launcher.profile
 create mode 100644 etc/profile-m-z/openmw.profile

diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 27f6a938b..33cfbf6f0 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -347,6 +347,7 @@ blacklist ${HOME}/.config/okularrc
 blacklist ${HOME}/.config/onboard
 blacklist ${HOME}/.config/onionshare
 blacklist ${HOME}/.config/onlyoffice
+blacklist ${HOME}/.config/openmw
 blacklist ${HOME}/.config/opera
 blacklist ${HOME}/.config/opera-beta
 blacklist ${HOME}/.config/orage
@@ -713,6 +714,7 @@ blacklist ${HOME}/.local/share/notes
 blacklist ${HOME}/.local/share/ocenaudio
 blacklist ${HOME}/.local/share/okular
 blacklist ${HOME}/.local/share/onlyoffice
+blacklist ${HOME}/.local/share/openmw
 blacklist ${HOME}/.local/share/orage
 blacklist ${HOME}/.local/share/org.kde.gwenview
 blacklist ${HOME}/.local/share/Paradox Interactive
diff --git a/etc/profile-m-z/openmw-launcher.profile b/etc/profile-m-z/openmw-launcher.profile
new file mode 100644
index 000000000..c9cc144e4
--- /dev/null
+++ b/etc/profile-m-z/openmw-launcher.profile
@@ -0,0 +1,7 @@
+# Firejail profile for openmw-launcher
+# This file is overwritten after every install/update
+# Persistent local customizations
+include openmw-launcher.local
+
+# Redirect
+include openmw.profile
diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile
new file mode 100644
index 000000000..49819f117
--- /dev/null
+++ b/etc/profile-m-z/openmw.profile
@@ -0,0 +1,60 @@
+# Firejail profile for openmw
+# Description: Open source engine re-implementation for Morrowind
+# This file is overwritten after every install/update
+# Persistent local customizations
+include openmw.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.config/openmw
+noblacklist ${HOME}/.local/share/openmw
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-write-mnt.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.config/openmw
+mkdir ${HOME}/.local/share/openmw
+whitelist ${HOME}/Downloads/Morrowind
+whitelist ${HOME}/.config/openmw
+whitelist ${HOME}/.local/share/openmw
+whitelist /usr/share/openmw
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+ipc-namespace
+net none
+netfilter
+# Uncomment the following line if installing from disc
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+novideo
+protocol unix,netlink
+seccomp
+seccomp.block-secondary
+shell none
+tracelog
+
+private-bin bsatool,esmtool,niftest,openmw*
+private-cache
+private-dev
+private-etc alsa,alternatives,asound.conf,bumblebee,drirc,fonts,glvnd,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nvidia,openmw,pango,pulse,Trolltech.conf,X11,xdg
+private-opt none
+private-tmp
+
+dbus-user none
+dbus-system none
-- 
cgit v1.2.3-54-g00ecf