From c84ca511f6b3a42d6b23f3431dde75b279cf64ed Mon Sep 17 00:00:00 2001 From: Your Name Date: Sat, 30 Dec 2017 11:43:30 -0400 Subject: inox edgy flavours --- etc/bnox.profile | 36 +++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) (limited to 'etc/bnox.profile') diff --git a/etc/bnox.profile b/etc/bnox.profile index bd458e1db..4270755c8 100644 --- a/etc/bnox.profile +++ b/etc/bnox.profile @@ -1,6 +1,36 @@ -# Firejail profile alias for inox +# Firejail profile for bnox # This file is overwritten after every install/update +# Persistent local customizations +include /etc/firejail/bnox.local +# Persistent global definitions +include /etc/firejail/globals.local +noblacklist ${HOME}/.cache/bnox +noblacklist ${HOME}/.config/bnox +noblacklist ${HOME}/.pki -# Redirect -include /etc/firejail/inox.profile +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc + +mkdir ${HOME}/.cache/bnox +mkdir ${HOME}/.config/bnox +mkdir ${HOME}/.pki +whitelist ${DOWNLOADS} +whitelist ${HOME}/.cache/bnox +whitelist ${HOME}/.config/bnox +whitelist ${HOME}/.pki +include /etc/firejail/whitelist-common.inc +include /etc/firejail/whitelist-var-common.inc + +caps.keep sys_chroot,sys_admin +netfilter +nodvd +nogroups +notv +shell none + +private-dev +# private-tmp - problems with multiple browser sessions + +noexec ${HOME} +noexec /tmp -- cgit v1.2.3-54-g00ecf