Add kristall profile

Update amfora profile

1 files changed, 59 insertions, 0 deletions

diff --git a/profiles/kristall.profile b/profiles/kristall.profile
new file mode 100644
index 0000000..4e570b2
--- /dev/null
+++ b/profiles/kristall.profile
@@ -0,0 +1,59 @@
+# Firejail profile for kristall
+# This file is overwritten after every install/update
+# Persistent local customizations
+include kristall.local
+# Persistent global definitions
+include globals.local
+
+
+noblacklist ${HOME}/.cache/kristall
+noblacklist ${HOME}/.config/xqTechnologies
+#noblacklist ${HOME}/.local/share/kristall
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-interpreters.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
+
+mkdir ${HOME}/.config/xqTechnologies
+#mkdir ${HOME}/.local/share/kristall
+
+whitelist ${DOWNLOADS}
+#whitelist ${HOME}/.cache/kristall
+whitelist ${HOME}/.config/xqTechnologies
+#whitelist ${HOME}/.local/share/kristall
+include /etc/firejail/whitelist-common.inc
+
+
+caps.drop all
+machine-id
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp !name_to_handle_at
+shell none
+tracelog
+
+disable-mnt
+private-bin bash,kristall
+private-cache
+private-dev
+private-etc ca-certificates,fonts,machine-id,resolv.conf,ssl
+private-tmp
+
+dbus-user none
+dbus-system none
+
+noexec ${HOME}
+noexec /tmp
+
+# # Use with hardened-malloc package
+env LD_PRELOAD=/usr/lib/libhardened_malloc.so