From b806f35192817e78b95a92dd658f1430bcc6fb56 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Fri, 30 Sep 2016 10:13:00 -0400
Subject: gimp and inkscape profiles

---
 etc/disable-programs.inc  |  2 ++
 etc/gimp.profile          | 18 ++++++++++++++++++
 etc/inkscape.profile      | 18 ++++++++++++++++++
 etc/luminance-hdr.profile |  2 --
 4 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 etc/gimp.profile
 create mode 100644 etc/inkscape.profile

(limited to 'etc')

diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 8566ea0c5..1e2b81d27 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -30,6 +30,8 @@ blacklist ${HOME}/.config/qpdfview
 blacklist ${HOME}/.config/Luminance
 blacklist ${HOME}/.config/synfig
 blacklist ${HOME}/.synfig
+blacklist ${HOME}/.inkscape
+blacklist ${HOME}/.gimp*
 
 # Media players
 blacklist ${HOME}/.config/cmus
diff --git a/etc/gimp.profile b/etc/gimp.profile
new file mode 100644
index 000000000..23361b771
--- /dev/null
+++ b/etc/gimp.profile
@@ -0,0 +1,18 @@
+# gimp
+noblacklist ${HOME}/.gimp*
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix
+seccomp
+private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
+nogroups
+nosound
diff --git a/etc/inkscape.profile b/etc/inkscape.profile
new file mode 100644
index 000000000..cf885fba2
--- /dev/null
+++ b/etc/inkscape.profile
@@ -0,0 +1,18 @@
+# inkscape
+noblacklist ${HOME}/.inkscape
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+netfilter
+nonewprivs
+noroot
+protocol unix
+seccomp
+private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
+nogroups
+nosound
diff --git a/etc/luminance-hdr.profile b/etc/luminance-hdr.profile
index e9207fba3..6e059ea52 100644
--- a/etc/luminance-hdr.profile
+++ b/etc/luminance-hdr.profile
@@ -3,8 +3,6 @@ noblacklist ${HOME}/.config/Luminance
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-passwdmgr.inc
-include /etc/firejail/disable-devel.inc
-
 
 caps.drop all
 netfilter
-- 
cgit v1.2.3-54-g00ecf