diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-11-17 21:12:37 -0800 |
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-11-17 21:12:37 -0800 |
| commit | a0bf93743858985f7830a1eca8506d2ca748a212 (patch) | |
| tree | 320aa10b8d513bbb3146fccf61d57155b2c13438 | |
| parent | Fix vlc.local causing vlc to zombie (diff) | |
| download | firejail-profiles-a0bf93743858985f7830a1eca8506d2ca748a212.tar.xz | |
Add warhammer 40k mechanicus profile
Add private-cache to wine-generic
| -rw-r--r-- | PKGBUILD | 4 | ||||
| -rw-r--r-- | profiles/disable-programs.local | 2 | ||||
| -rw-r--r-- | profiles/generic-wine-game.inc | 1 | ||||
| -rw-r--r-- | profiles/warhammer40k-mechanicus.profile | 26 |
4 files changed, 31 insertions, 2 deletions
@@ -1,7 +1,7 @@ # Maintainer: jc_gargma <jc_gargma@iserlohn-fortress.net> pkgname=firejail-profiles -pkgver=20201113 +pkgver=20201117 pkgrel=1 pkgdesc="Additional firejail profiles and locals" arch=('any') @@ -9,7 +9,7 @@ url="https://library.iserlohn-fortress.net/firejail-profiles.git" license=('GPLv3') depends=('firejail' 'hardened-malloc') source=(profiles.tar.gz) -b2sums=('beeaa9b7e4ff974c439b794951dfa92c9fe994183f95bb8f1de480caa6303995b1a9d1f7525b0c5aa018bb0ea0004b306b5dcb64f0e75b70d3a83401ecd48f75') +b2sums=('b24393c349656706e8d35449a674c42640632e5fa6c12aab93b43ed2fde91c6ea63d0a76ebbf9c50e263892457dd6cdb086731d523c40888bd449bc23b362750') package() { install --directory ${pkgdir}/etc/firejail diff --git a/profiles/disable-programs.local b/profiles/disable-programs.local index 81b82c5..49410f9 100644 --- a/profiles/disable-programs.local +++ b/profiles/disable-programs.local @@ -20,6 +20,8 @@ blacklist ${HOME}/.config/Proxy Studios/Pandora blacklist ${HOME}/.config/smolbote blacklist ${HOME}/.config/StardewValley blacklist ${HOME}/.config/unity3d +blacklist ${HOME}/.config/unity3d/BulwarkStudios +blacklist ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus blacklist ${HOME}/.config/unity3d/DevespressoGames blacklist ${HOME}/.config/unity3d/DevespressoGames/VambraceColdSoul blacklist ${HOME}/.config/unity3d/Dinosaur Polo Club diff --git a/profiles/generic-wine-game.inc b/profiles/generic-wine-game.inc index 1ed2b27..55676a7 100644 --- a/profiles/generic-wine-game.inc +++ b/profiles/generic-wine-game.inc @@ -49,6 +49,7 @@ shell none tracelog disable-mnt +private-cache private-dev # wine games require passwd private-etc asound.conf,group,localtime,machine-id,passwd,pulse diff --git a/profiles/warhammer40k-mechanicus.profile b/profiles/warhammer40k-mechanicus.profile new file mode 100644 index 0000000..32948eb --- /dev/null +++ b/profiles/warhammer40k-mechanicus.profile @@ -0,0 +1,26 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include warhammer40k-mechanicus.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.config/unity3d +noblacklist ${HOME}/.config/unity3d/BulwarkStudios +noblacklist ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus + +mkdir ${HOME}/.config/unity3d +mkdir ${HOME}/.config/unity3d/BulwarkStudios +mkdir ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus +whitelist ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus +whitelist ${HOME}/games/Warhammer 40k - Mechanicus +read-only ${HOME}/games/Warhammer 40k - Mechanicus + +#ignore machine-id +protocol unix,netlink +seccomp !name_to_handle_at + +ignore memory-deny-write-execute + +ignore noexec ${HOME} + +include generic-game.inc |