From f6502ebf237a54a9914c80f386f321772f0e8063 Mon Sep 17 00:00:00 2001 From: Fred-Barclay Date: Sat, 3 Mar 2018 23:24:50 -0600 Subject: Add VS Code profile - see request in #1139 --- etc/code.profile | 36 ++++++++++++++++++++++++++++++++++++ etc/disable-programs.inc | 2 ++ 2 files changed, 38 insertions(+) create mode 100644 etc/code.profile (limited to 'etc') diff --git a/etc/code.profile b/etc/code.profile new file mode 100644 index 000000000..af7d379ed --- /dev/null +++ b/etc/code.profile @@ -0,0 +1,36 @@ +# Firejail profile for Visual Studio Code +# This file is overwritten after every install/update +# Persistent local customizations +include /etc/firejail/code.local +# Persistent global definitions +include /etc/firejail/globals.local + +noblacklist ${HOME}/.vscode +noblacklist ${HOME}/.config/Code + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-passwdmgr.inc +include /etc/firejail/disable-programs.inc + +caps.drop all +net none +netfilter +nodvd +nogroups +nonewprivs +noroot +nosound +notv +novideo +protocol unix,inet,inet6,netlink +seccomp +shell none + +private-dev +private-tmp + +# Disabling noexec ${HOME} for now since it will +# probably interfere with running some programmes +# in VS Code +# noexec ${HOME} +noexec /tmp diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index b20500734..ac6f3fe1f 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -40,6 +40,7 @@ blacklist ${HOME}/.config/Atom blacklist ${HOME}/.config/Audaciousrc blacklist ${HOME}/.config/Brackets blacklist ${HOME}/.config/Clementine +blacklist ${HOME}/.config/Code blacklist ${HOME}/.config/Cryptocat blacklist ${HOME}/.config/Franz blacklist ${HOME}/.config/FreeCAD @@ -460,6 +461,7 @@ blacklist ${HOME}/.tuxguitar* blacklist ${HOME}/.unknown-horizons blacklist ${HOME}/.viking blacklist ${HOME}/.viking-maps +blacklist ${HOME}/.vscode blacklist ${HOME}/.vst blacklist ${HOME}/.w3m blacklist ${HOME}/.warzone2100-3.* -- cgit v1.2.3-54-g00ecf