summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjc_gargma <jc_gargma@iserlohn-fortress.net>2020-06-29 02:22:14 -0700
committerjc_gargma <jc_gargma@iserlohn-fortress.net>2020-06-29 02:22:14 -0700
commit56b07a8606b692da2f7937d133ead6ccc93182f0 (patch)
treed6d1cf69f787eaa6316353fc92bee0fa1bf9e3d1
parentAllow vlc to read from pictures (diff)
downloadfirejail-profiles-56b07a8606b692da2f7937d133ead6ccc93182f0.tar.xz
Update profiles for cataclysm and singularity
Diffstat
-rw-r--r--PKGBUILD4
-rw-r--r--profiles/cataclysm.profile8
-rw-r--r--profiles/singularity.profile20
3 files changed, 22 insertions, 10 deletions
diff --git a/PKGBUILD b/PKGBUILD
index e35bd2d..7c7698d 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,7 +1,7 @@
# Maintainer: jc_gargma <jc_gargma@iserlohn-fortress.net>
pkgname=firejail-profiles
-pkgver=20200620
+pkgver=20200629
pkgrel=1
pkgdesc="Additional firejail profiles and locals"
arch=('any')
@@ -9,7 +9,7 @@ url="https://library.iserlohn-fortress.net/firejail-profiles.git"
license=('GPLv3')
depends=('firejail' 'hardened-malloc')
source=(profiles.tar.gz)
-b2sums=('718acc400843f4d3cf3e0c605aa9a7f6c74b3fd073fdc3fa1cfa2248025165d50bd67bacf976338f56ee715776047310ec707b152c5876b9a17e231a9b011339')
+b2sums=('67258684dc1105f43d92a96a74fc6b8b8846ff37582d730a0f3bcd9efa0de6ebf2e25000d0752cb6efe559cce63bb615dc8a9e054852dce096cf5cb414a7a158')
package() {
install --directory ${pkgdir}/etc/firejail
diff --git a/profiles/cataclysm.profile b/profiles/cataclysm.profile
index 5773161..48ea340 100644
--- a/profiles/cataclysm.profile
+++ b/profiles/cataclysm.profile
@@ -8,8 +8,16 @@ noblacklist ${HOME}/.config/cataclysm-dda
noblacklist ${HOME}/.local/share/cataclysm-dda
mkdir ${HOME}/.config/cataclysm-dda
mkdir ${HOME}/.local/share/cataclysm-dda
+mkdir ${HOME}/.local/share/cataclysm-dda/font
+mkdir ${HOME}/.local/share/cataclysm-dda/gfx
+mkdir ${HOME}/.local/share/cataclysm-dda/mods
+mkdir ${HOME}/.local/share/cataclysm-dda/sound
whitelist ${HOME}/.config/cataclysm-dda
whitelist ${HOME}/.local/share/cataclysm-dda
+read-only ${HOME}/.local/share/cataclysm-dda/font
+read-only ${HOME}/.local/share/cataclysm-dda/gfx
+read-only ${HOME}/.local/share/cataclysm-dda/mods
+read-only ${HOME}/.local/share/cataclysm-dda/sound
seccomp !name_to_handle_at
diff --git a/profiles/singularity.profile b/profiles/singularity.profile
index e1785eb..f017d21 100644
--- a/profiles/singularity.profile
+++ b/profiles/singularity.profile
@@ -4,16 +4,20 @@ include singularity.local
# Persistent global definitions
include globals.local
-noblacklist ${PATH}/python2*
-noblacklist /usr/include/python2*
-noblacklist /usr/lib/python2*
-noblacklist /usr/local/lib/python2*
-noblacklist /usr/share/python2
+noblacklist ${PATH}/python*
+noblacklist /usr/include/python*
+noblacklist /usr/lib/python*
+noblacklist /usr/local/lib/python*
+noblacklist /usr/share/python
-noblacklist ${HOME}/.endgame
+noblacklist ${HOME}/.config/singularity
+noblacklist ${HOME}/.local/share/singularity
-mkdir ${HOME}/.endgame
-whitelist ${HOME}/.endgame
+mkdir ${HOME}/.config/singularity
+mkdir ${HOME}/.local/share/singularity
+
+whitelist ${HOME}/.config/singularity
+whitelist ${HOME}/.local/share/singularity
ignore memory-deny-write-execute
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-26 02:48:46 +0000