# Firejail profile for PROGRAM_NAME
# Description: DESCRIPTION
# This file is overwritten after every install/update
##quiet
# Persistent local customizations
#include PROFILE.local
# Persistent global definitions
#include globals.local

##ignore noexec ${HOME}

##blacklist PATH

#noblacklist PATH

# Allow python (blacklisted by disable-interpreters.inc)
#noblacklist ${PATH}/python2*
#noblacklist ${PATH}/python3*
#noblacklist /usr/lib/python2*
#noblacklist /usr/lib/python3*
#noblacklist /usr/local/lib/python2*
#noblacklist /usr/local/lib/python3*

#include disable-common.inc
#include disable-devel.inc
#include disable-exec.inc
#include disable-interpreters.inc
#include disable-passwdmgr.inc
#include disable-programs.inc
#include disable-xdg.inc

#mkdir PATH
#mkfile PATH
#whitelist PATH
#include whitelist-common.inc
#include whitelist-var-common.inc

#apparmor
#caps.drop all
# CLI only
##ipc-namespace
#machine-id
# 'net none' or 'netfilter'
#net none
#netfilter
#no3d
#nodbus
#nodvd
#nogroups
#nonewprivs
#noroot
#nosound
#notv
#nou2f
#novideo
#protocol unix,inet,inet6,netlink
#seccomp
##seccomp.drop SYSCALLS
#shell none
#tracelog

#disable-mnt
##private
#private-bin PROGRAMS
#private-cache
#private-dev
#private-etc FILES
# private-etc templates (see also #1734)
#  Internet: ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl
#  Sound: alsa,asound.conf,machine-id,openal,pulse
#  GTK: dconf,fonts,gtk-2.0,gtk-3.0,pango,xdg
#  KDE/QT: fonts,kde4rc,kde5rc,ld.so.cache,machine-id,Trolltech.conf,xdg
#  GUIs: fonts
#  Alternatives: alternatives
##private-lib LIBS
##private-opt NAME
#private-tmp

##env VAR=VALUE
#memory-deny-write-execute
##read-only ${HOME}
##join-or-start NAME