From 67a6d8712f1ec3a43dc5bcf7ffa471c19b0e218e Mon Sep 17 00:00:00 2001
From: Fred Barclay <Fred-Barclay@users.noreply.github.com>
Date: Fri, 2 Jun 2017 18:36:46 -0500
Subject: Added Catfish profile

---
 etc/catfish.profile      | 31 +++++++++++++++++++++++++++++++
 etc/disable-programs.inc |  1 +
 2 files changed, 32 insertions(+)
 create mode 100644 etc/catfish.profile

(limited to 'etc')

diff --git a/etc/catfish.profile b/etc/catfish.profile
new file mode 100644
index 000000000..e0039a042
--- /dev/null
+++ b/etc/catfish.profile
@@ -0,0 +1,31 @@
+# Persistent global definitions go here
+include /etc/firejail/globals.local
+
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/catfish.local
+
+# Firejail profile for catfish
+noblacklist ~/.config/catfish
+
+# We can't blacklist much since catfish
+# is for finding files/content
+include /etc/firejail/disable-devel.inc
+
+caps.drop all
+net none
+no3d
+nogroups
+nonewprivs
+noroot
+nosound
+protocol unix
+seccomp
+shell none
+tracelog
+
+# These options work but are disabled in case
+# a users wants to search in these directories.
+#private-bin bash,catfish,env,locate,ls,mlocate,python,python2,python2.7,python3,python3.5,python3.5m,python3m
+#private-dev
+#private-tmp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index f2cf99188..4d975a8ae 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -62,6 +62,7 @@ blacklist ${HOME}/.config/borg
 blacklist ${HOME}/.config/brasero
 blacklist ${HOME}/.config/brave
 blacklist ${HOME}/.config/caja
+blacklist ${HOME}/.config/catfish
 blacklist ${HOME}/.config/cherrytree
 blacklist ${HOME}/.config/chromium
 blacklist ${HOME}/.config/chromium-dev
-- 
cgit v1.2.3-70-g09d2