From 2d49d9ec987c31be0949f9c58b1a4820812346f3 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Thu, 11 Oct 2018 06:41:27 +0000 Subject: Create aria2c.profile --- etc/aria2c.profile | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 etc/aria2c.profile (limited to 'etc') diff --git a/etc/aria2c.profile b/etc/aria2c.profile new file mode 100644 index 000000000..4231c58ff --- /dev/null +++ b/etc/aria2c.profile @@ -0,0 +1,45 @@ +# Firejail profile for aria2c +# Description: Download utility that supports HTTP(S), FTP, BitTorrent and Metalink +# This file is overwritten after every install/update +# Persistent local customizations +include /etc/firejail/aria2c.local +# Persistent global definitions +include /etc/firejail/globals.local + +noblacklist ${HOME}/.aria2 + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-interpreters.inc +include /etc/firejail/disable-passwdmgr.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-xdg.inc + +caps.drop all +ipc-namespace +netfilter +no3d +nodbus +nodvd +nogroups +nonewprivs +noroot +nosound +notv +novideo +protocol unix,inet,inet6 +seccomp +shell none + +disable-mnt +# private +private-bin aria2c,gzip +private-cache +private-dev +private-etc ca-certificates,ssl +private-lib libreadline.so.* +private-tmp + +memory-deny-write-execute +noexec ${HOME} +noexec /tmp -- cgit v1.2.3-70-g09d2 From ac155d1f71926388c74e1fe66ef9d26ca3db2ede Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Thu, 11 Oct 2018 06:43:26 +0000 Subject: Add aria2c config --- etc/disable-programs.inc | 1 + 1 file changed, 1 insertion(+) (limited to 'etc') diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 1213e4f24..9ecf1cfc1 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -32,6 +32,7 @@ blacklist ${HOME}/.aMule blacklist ${HOME}/.android blacklist ${HOME}/.anydesk blacklist ${HOME}/.arduino15 +blacklist ${HOME}/.aria2 blacklist ${HOME}/.arm blacklist ${HOME}/.asunder_album_genre blacklist ${HOME}/.asunder_album_title -- cgit v1.2.3-70-g09d2