From 204f2008600fd1f1cdbf52fd4d029c75d89bf2ea Mon Sep 17 00:00:00 2001
From: startx2017 <vradu.startx@yandex.com>
Date: Tue, 9 May 2017 10:32:26 -0400
Subject: blender and 2048-qt profiles

---
 etc/2048-qt.profile      | 27 +++++++++++++++++++++++++++
 etc/blender.profile      | 28 ++++++++++++++++++++++++++++
 etc/disable-programs.inc |  2 ++
 3 files changed, 57 insertions(+)
 create mode 100644 etc/2048-qt.profile
 create mode 100644 etc/blender.profile

(limited to 'etc')

diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile
new file mode 100644
index 000000000..f0ec90ee7
--- /dev/null
+++ b/etc/2048-qt.profile
@@ -0,0 +1,27 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/2048-qt.local
+
+noblacklist ~/.config/xiaoyong
+noblacklist ~/.config/2048-qt
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6
+seccomp
+
+#
+# depending on your usage, you can enable some of the commands below: 
+#
+nogroups
+shell none
+# private-bin program
+# private-etc none
+# private-dev
+# private-tmp
+nosound
diff --git a/etc/blender.profile b/etc/blender.profile
new file mode 100644
index 000000000..fac6f7731
--- /dev/null
+++ b/etc/blender.profile
@@ -0,0 +1,28 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/blender.local
+
+noblacklist ~/.config/blender
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix,inet,inet6,netlink
+seccomp
+
+#
+# depending on your usage, you can enable some of the commands below: 
+#
+nogroups
+shell none
+# private-bin program
+# private-etc none
+# private-dev
+# private-tmp
+
+# blender uses the sound system
+# nosound
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 29da32bbf..0ee47a89e 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -21,6 +21,7 @@ blacklist ${HOME}/.bcast5
 blacklist ${HOME}/.bibletime
 blacklist ${HOME}/.claws-mail
 blacklist ${HOME}/.config/0ad
+blacklist ${HOME}/.config/2048-qt
 blacklist ${HOME}/.config/akregatorrc
 blacklist ${HOME}/.config/Atom
 blacklist ${HOME}/.config/Audaciousrc
@@ -151,6 +152,7 @@ blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
 blacklist ${HOME}/.config/xfce4/xfce4-notes.rc
 blacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc
 blacklist ${HOME}/.config/xfce4-dict
+blacklist ${HOME}/.config/xiaoyong
 blacklist ${HOME}/.config/xmms2
 blacklist ${HOME}/.config/xplayer
 blacklist ${HOME}/.config/xreader
-- 
cgit v1.2.3-54-g00ecf