From 1265803f63a2f7e5fcb778dac34efe7436eba8c1 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 16 Sep 2015 07:33:08 -0400
Subject: Default profiles work

---
 etc/disable-common.inc | 20 ++++++++++++++++++++
 etc/fbreader.profile   | 11 +++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 etc/fbreader.profile

(limited to 'etc')

diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index f4aea1b6a..984bbe628 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -20,3 +20,23 @@ blacklist ${HOME}/.remmina
 
 # Other
 blacklist ${HOME}/.tconn
+blacklist ${HOME}/.FBReader
+
+# X11 session autostart
+blacklist ${HOME}/.xinitrc
+blacklist ${HOME}/.xprofile
+blacklist ${HOME}/.config/autostart
+blacklist /etc/xdg/autostart
+blacklist ${HOME}/.kde4/Autostart
+blacklist ${HOME}/.kde/Autostart
+blacklist ${HOME}/.config/plasma-workspace/shutdown
+blacklist ${HOME}/.config/plasma-workspace/env
+blacklist ${HOME}/.config/lxsession/LXDE/autostart
+blacklist ${HOME}/.fluxbox/startup
+blacklist ${HOME}/.config/openbox/autostart
+blacklist ${HOME}/.config/openbox/environment
+
+# git, subversion
+blacklist ${HOME}/.subversion
+blacklist ${HOME}/.gitconfig
+blacklist ${HOME}/.git-credential-cache
diff --git a/etc/fbreader.profile b/etc/fbreader.profile
new file mode 100644
index 000000000..97baa2a3e
--- /dev/null
+++ b/etc/fbreader.profile
@@ -0,0 +1,11 @@
+# fbreader profile
+noblacklist ${HOME}/.FBReader
+include /etc/firejail/disable-mgmt.inc
+include /etc/firejail/disable-secret.inc
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-history.inc
+caps.drop all
+seccomp
+netfilter
+noroot
+
-- 
cgit v1.2.3-54-g00ecf