diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-10-18 20:54:47 -0700 |
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-10-18 20:54:47 -0700 |
| commit | 6ea485a808c1bc86cdbff55b99b5e5e9e03ab65b (patch) | |
| tree | 5856536d3208d494856509915436610b4c5c679b /profiles/strawberry.local | |
| parent | Fix bannerlord profile (diff) | |
| download | firejail-profiles-6ea485a808c1bc86cdbff55b99b5e5e9e03ab65b.tar.xz | |
Updated for firejail 0.9.64-rc1
Diffstat (limited to 'profiles/strawberry.local')
| -rw-r--r-- | profiles/strawberry.local | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/profiles/strawberry.local b/profiles/strawberry.local new file mode 100644 index 0000000..cf3da43 --- /dev/null +++ b/profiles/strawberry.local @@ -0,0 +1,45 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include strawberry.local +# Persistent global definitions +include globals.local + +#noblacklist ${HOME}/.cache/strawberry +noblacklist ${HOME}/.config/strawberry +noblacklist ${HOME}/.local/share/strawberry +noblacklist ${MUSIC} +#whitelist ${HOME}/.cache/strawberry +whitelist ${HOME}/.config/strawberry +whitelist ${HOME}/.local/share/strawberry +whitelist ${MUSIC} + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +include disable-programs.inc +include disable-xdg.inc + +include whitelist-var-common.inc +include whitelist-common.inc + +caps.drop all +#net none +netfilter +nonewprivs +noroot +notv +nou2f +novideo +protocol unix,inet,inet6 +# blacklisting of ioprio_set system calls breaks strawberry +seccomp !ioprio +shell none +tracelog + +# disable-mnt +private-cache +private-dev +private-etc asound.conf,group,localtime,machine-id,pulse,resolv.conf +private-tmp |