From c6259375dff79484b9f3d587da9fbfa76a3b68b9 Mon Sep 17 00:00:00 2001
From: Fred-Barclay <Fred-Barclay@users.noreply.github.com>
Date: Wed, 4 Oct 2017 16:24:36 -0500
Subject: Tighten multiple profiles.

This adds whitelist-var-common, machine-id, memory-deny-write-execute,
and noexec home and tmp when possible.
---
 etc/keepassx2.profile | 37 ++-----------------------------------
 1 file changed, 2 insertions(+), 35 deletions(-)

(limited to 'etc/keepassx2.profile')

diff --git a/etc/keepassx2.profile b/etc/keepassx2.profile
index e20e06b76..ba98df19d 100644
--- a/etc/keepassx2.profile
+++ b/etc/keepassx2.profile
@@ -1,38 +1,5 @@
 # Firejail profile for keepassx2
 # This file is overwritten after every install/update
-# Persistent local customizations
-include /etc/firejail/keepassx2.local
-# Persistent global definitions
-include /etc/firejail/globals.local
 
-noblacklist ${HOME}/*.kdb
-noblacklist ${HOME}/*.kdbx
-noblacklist ${HOME}/.config/keepassx
-noblacklist ${HOME}/.keepassx
-
-include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-devel.inc
-include /etc/firejail/disable-passwdmgr.inc
-include /etc/firejail/disable-programs.inc
-
-caps.drop all
-net none
-no3d
-nodvd
-nogroups
-nonewprivs
-noroot
-nosound
-notv
-novideo
-protocol unix
-seccomp
-shell none
-
-private-bin keepassx2
-private-dev
-private-etc fonts
-private-tmp
-
-noexec ${HOME}
-noexec /tmp
+# Redirects
+include /etc/firejail/keepassx.profile
-- 
cgit v1.2.3-70-g09d2