From b51d44a29a07772cf4b38b6133aad343e76185d8 Mon Sep 17 00:00:00 2001
From: Fred Barclay <Fred-Barclay@users.noreply.github.com>
Date: Sun, 26 Mar 2017 13:37:13 -0500
Subject: GPicViewer profile

---
 etc/disable-programs.inc |  1 +
 etc/gpicview.profile     | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+)
 create mode 100644 etc/gpicview.profile

(limited to 'etc')

diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 00c6e195a..6b2b1d994 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -70,6 +70,7 @@ blacklist ${HOME}/.config/gedit
 blacklist ${HOME}/.config/google-chrome
 blacklist ${HOME}/.config/google-chrome-beta
 blacklist ${HOME}/.config/google-chrome-unstable
+blacklist ${HOME}./config/gpicview
 blacklist ${HOME}/.config/gthumb
 blacklist ${HOME}/.config/hexchat
 blacklist ${HOME}/.config/inox
diff --git a/etc/gpicview.profile b/etc/gpicview.profile
new file mode 100644
index 000000000..7a8188665
--- /dev/null
+++ b/etc/gpicview.profile
@@ -0,0 +1,27 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/gpicview.local
+
+# Firejail profile for GPicView
+noblacklist ~/.config/gpicview
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+net none
+nogroups
+nonewprivs
+noroot
+nosound
+protocol unix
+seccomp
+shell none
+tracelog
+
+private-bin gpicview
+private-dev
+private-etc fonts
+private-tmp
-- 
cgit v1.2.3-54-g00ecf