From 3a1ed1614c08f33e7fe3f3959c87f6532abbe24a Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Sat, 21 Apr 2018 13:23:46 -0400 Subject: Add WebStorm profile --- etc/disable-programs.inc | 1 + etc/webstorm.profile | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 etc/webstorm.profile diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index b68dde0c4..879107e4f 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -22,6 +22,7 @@ blacklist ${HOME}/.Steampid blacklist ${HOME}/.TelegramDesktop blacklist ${HOME}/.ViberPC blacklist ${HOME}/.VirtualBox +blacklist ${HOME}/.WebStorm* blacklist ${HOME}/.Wolfram Research blacklist ${HOME}/.ZAP blacklist ${HOME}/.aMule diff --git a/etc/webstorm.profile b/etc/webstorm.profile new file mode 100644 index 000000000..fe83a6407 --- /dev/null +++ b/etc/webstorm.profile @@ -0,0 +1,36 @@ +# Firejail profile for WebStorm +# This file is overwritten after every install/update +# Persistent local customizations +include /etc/firejail/webstorm.local +# Persistent global definitions +include /etc/firejail/globals.local + +noblacklist ${HOME}/.WebStorm* +noblacklist ${HOME}/.gitconfig +noblacklist ${HOME}/.jack-server +noblacklist ${HOME}/.jack-settings +noblacklist ${HOME}/.java +noblacklist ${HOME}/.local/share/JetBrains +noblacklist ${HOME}/.ssh +noblacklist ${HOME}/.tooling + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-passwdmgr.inc +include /etc/firejail/disable-programs.inc + +caps.drop all +netfilter +nodvd +nogroups +nonewprivs +noroot +notv +novideo +protocol unix,inet,inet6 +seccomp +shell none + +private-dev +# private-tmp + +noexec /tmp -- cgit v1.2.3-70-g09d2 From 2543478722d7477d7bef5b96a0d2ec07f3cc0360 Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Tue, 24 Apr 2018 21:52:40 -0400 Subject: Amend WebStorm profile --- etc/webstorm.profile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/webstorm.profile b/etc/webstorm.profile index fe83a6407..6da71224f 100644 --- a/etc/webstorm.profile +++ b/etc/webstorm.profile @@ -7,8 +7,6 @@ include /etc/firejail/globals.local noblacklist ${HOME}/.WebStorm* noblacklist ${HOME}/.gitconfig -noblacklist ${HOME}/.jack-server -noblacklist ${HOME}/.jack-settings noblacklist ${HOME}/.java noblacklist ${HOME}/.local/share/JetBrains noblacklist ${HOME}/.ssh @@ -17,6 +15,8 @@ noblacklist ${HOME}/.tooling include /etc/firejail/disable-common.inc include /etc/firejail/disable-passwdmgr.inc include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-interpreters.inc caps.drop all netfilter -- cgit v1.2.3-70-g09d2