From b4c84b85a03da21179803077616fc77aeb9c8e22 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 18 Oct 2017 09:15:19 -0400
Subject: profile updates

---
 etc/clementine.profile | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'etc/clementine.profile')

diff --git a/etc/clementine.profile b/etc/clementine.profile
index 1d93e5f2c..619086437 100644
--- a/etc/clementine.profile
+++ b/etc/clementine.profile
@@ -12,6 +12,8 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 
+include /etc/firejail/whitelist-var-common.inc
+
 caps.drop all
 nonewprivs
 noroot
@@ -20,3 +22,6 @@ novideo
 protocol unix,inet,inet6
 # Clementine makes ioprio_set system calls, which are blacklisted by default.
 seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice
+
+private-dev
+private-tmp
-- 
cgit v1.2.3-54-g00ecf