From e934c66dba83d30fbfdbe16c8d64406f6c2e6bd3 Mon Sep 17 00:00:00 2001
From: glitsj16 <glitsj16@users.noreply.github.com>
Date: Tue, 5 Mar 2019 07:06:21 +0000
Subject: Refactor Transmission profiles (#2516)

* Harden transmission-cli.profile

* Harden transmission-gtk.profile

* Harden transmission-qt.profile

* Harden transmission-show.profile

* Create transmission-create.profile

* Create transmission-daemon.profile

* Create transmission-edit.profile

* Create transmission-remote.profile

* Create transmission-remote-cli.profile

* Create transmission-remote-gtk.profile

* Fix spacing in transmission-remote-cli.profile

* Add transmission-daemon to firecfg
---
 etc/transmission-cli.profile | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'etc/transmission-cli.profile')

diff --git a/etc/transmission-cli.profile b/etc/transmission-cli.profile
index 89b9b21dc..65682df52 100644
--- a/etc/transmission-cli.profile
+++ b/etc/transmission-cli.profile
@@ -1,5 +1,5 @@
 # Firejail profile for transmission-cli
-# Description: Lightweight BitTorrent client
+# Description: Fast, easy and free BitTorrent client (CLI tools and web client)
 # This file is overwritten after every install/update
 quiet
 # Persistent local customizations
@@ -16,9 +16,11 @@ include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
 
+apparmor
 caps.drop all
 machine-id
 netfilter
+nodbus
 nodvd
 nonewprivs
 noroot
@@ -26,14 +28,17 @@ nosound
 notv
 nou2f
 novideo
-protocol unix,inet,inet6
+protocol inet,inet6
 seccomp
 shell none
 tracelog
 
 # private-bin transmission-cli
 private-dev
-private-etc alternatives,ca-certificates,ssl,pki,crypto-policies
+private-etc alternatives,ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl
+private-lib
 private-tmp
 
 memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-54-g00ecf