From 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 7 Aug 2017 01:22:08 -0400
Subject: Unify all profiles

---
 etc/psi-plus.profile | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

(limited to 'etc/psi-plus.profile')

diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile
index 9500731fe..27ee2500c 100644
--- a/etc/psi-plus.profile
+++ b/etc/psi-plus.profile
@@ -1,27 +1,25 @@
-# Persistent global definitions go here
-include /etc/firejail/globals.local
-
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
+# Firejail profile for psi-plus
+# This file is overwritten after every install/update
+# Persistent local customizations
 include /etc/firejail/psi-plus.local
+# Persistent global definitions
+include /etc/firejail/globals.local
 
-# Firejail profile for Psi+
 noblacklist ${HOME}/.config/psi+
 noblacklist ${HOME}/.local/share/psi+
 
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-devel.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 
-whitelist ${DOWNLOADS}
+mkdir ~/.cache/psi+
 mkdir ~/.config/psi+
-whitelist ~/.config/psi+
 mkdir ~/.local/share/psi+
-whitelist ~/.local/share/psi+
-mkdir ~/.cache/psi+
+whitelist ${DOWNLOADS}
 whitelist ~/.cache/psi+
-
+whitelist ~/.config/psi+
+whitelist ~/.local/share/psi+
 include /etc/firejail/whitelist-common.inc
 
 caps.drop all
@@ -35,9 +33,9 @@ protocol unix,inet,inet6
 seccomp
 shell none
 
+disable-mnt
 private-dev
 private-tmp
-disable-mnt
 
 noexec ${HOME}
 noexec /tmp
-- 
cgit v1.2.3-70-g09d2