From f6df6db285f6fe66fbcee281594d069c613d5295 Mon Sep 17 00:00:00 2001 From: rusty-snake Date: Wed, 10 Apr 2019 20:39:27 +0200 Subject: Add utox.profile Requested by @nyancat18 in https://github.com/netblue30/firejail/issues/1139#issuecomment-314527143 --- etc/utox.profile | 47 ++++++++++++++++++++++++++++++++++++++++++++++ src/firecfg/firecfg.config | 2 ++ 2 files changed, 49 insertions(+) create mode 100644 etc/utox.profile diff --git a/etc/utox.profile b/etc/utox.profile new file mode 100644 index 000000000..9216a6a05 --- /dev/null +++ b/etc/utox.profile @@ -0,0 +1,47 @@ +# Firejail profile for utox +# Description: Lightweight Tox client +# This file is overwritten after every install/update +# Persistent local customizations +include utox.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.config/tox + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +include disable-programs.inc +include disable-xdg.inc + +mkdir ${HOME}/.config/tox +whitelist ${DOWNLOADS} +whitelist ${HOME}/.config/tox +include whitelist-common.inc +include whitelist-var-common.inc + +apparmor +caps.drop all +ipc-namespace +netfilter +nodvd +nogroups +nonewprivs +noroot +notv +nou2f +protocol unix,inet,inet6 +seccomp +shell none +tracelog + +disable-mnt +private-bin utox +private-cache +private-dev +private-etc alternatives,fonts,resolv.conf,ld.so.cache,localtime,ca-certificates,ssl,pki,crypto-policies,machine-id,pulse,openal +private-tmp + +memory-deny-write-execute diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 5125d0cca..7aec0f82a 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -9,6 +9,7 @@ Cryptocat Cyberfox Discord DiscordCanary +Documents FossaMail Fritzing Gitter @@ -565,6 +566,7 @@ uefitool uget-gtk unbound unknown-horizons +utox uudeview uzbl-browser viewnior -- cgit v1.2.3-54-g00ecf