From 5a982a1e5e32be3fd99e7988b2f052d49c1f8a12 Mon Sep 17 00:00:00 2001
From: Fred Barclay <Fred-Barclay@users.noreply.github.com>
Date: Wed, 29 Mar 2017 20:28:58 -0500
Subject: KeePassXC profile

---
 etc/disable-passwdmgr.inc | 12 +++++++-----
 etc/keepassxc.profile     | 29 +++++++++++++++++++++++++++++
 2 files changed, 36 insertions(+), 5 deletions(-)
 create mode 100644 etc/keepassxc.profile

(limited to 'etc')

diff --git a/etc/disable-passwdmgr.inc b/etc/disable-passwdmgr.inc
index b5260e897..a61516771 100644
--- a/etc/disable-passwdmgr.inc
+++ b/etc/disable-passwdmgr.inc
@@ -2,10 +2,12 @@
 # Persistent customizations should go in a .local file.
 include /etc/firejail/disable-passwdmgr.local
 
-blacklist ${HOME}/.lastpass
-blacklist ${HOME}/.keepassx
+blacklist ${HOME}/.config/KeePass
+blacklist ${HOME}/.config/keepass
+blacklist ${HOME}/.config/keepassx
+blacklist ${HOME}/.config/keepassxc
 blacklist ${HOME}/.keepass
+blacklist ${HOME}/.keepassx
+blacklist ${HOME}/.keepassxc
+blacklist ${HOME}/.lastpass
 blacklist ${HOME}/.password-store
-blacklist ${HOME}/.config/keepassx
-blacklist ${HOME}/.config/keepass
-blacklist ${HOME}/.config/KeePass
diff --git a/etc/keepassxc.profile b/etc/keepassxc.profile
new file mode 100644
index 000000000..b11a0cc5d
--- /dev/null
+++ b/etc/keepassxc.profile
@@ -0,0 +1,29 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/keepassxc.local
+
+# Firejail profile for KeepassXC
+noblacklist ${HOME}/.config/keepassxc
+noblacklist ${HOME}/.keepassxc
+noblacklist ${HOME}/.*kdbx
+noblacklist ${HOME}/.*kdb
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+net none
+nogroups
+nonewprivs
+noroot
+nosound
+#protocol unix
+seccomp
+shell none
+
+private-bin keepassxc
+#private-etc fonts
+#private-dev
+private-tmp
-- 
cgit v1.2.3-54-g00ecf