diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-05-07 01:32:59 -0700 |
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2020-05-07 01:32:59 -0700 |
| commit | 883338fd66681d136fc45549424140dc52ed3715 (patch) | |
| tree | 0366ad3f4bfc5fdc3ccc73681c5070f6f05589c4 /profiles | |
| parent | Add calcurse profile (diff) | |
| download | firejail-profiles-883338fd66681d136fc45549424140dc52ed3715.tar.xz | |
Add mupen64plus-qt profile
Add note for qtox
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/mupen64plus-qt.profile | 37 | ||||
| -rw-r--r-- | profiles/qtox.local | 1 | ||||
| -rw-r--r-- | profiles/vlc.local | 3 |
3 files changed, 40 insertions, 1 deletions
diff --git a/profiles/mupen64plus-qt.profile b/profiles/mupen64plus-qt.profile new file mode 100644 index 0000000..b1971d7 --- /dev/null +++ b/profiles/mupen64plus-qt.profile @@ -0,0 +1,37 @@ +# Firejail profile for mupen64plus +# Description: Nintendo64 Emulator +# This file is overwritten after every install/update +# Persistent local customizations +include mupen64plus.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.config/mupen64plus +noblacklist ${HOME}/.local/share/mupen64plus + +include disable-common.inc +include disable-devel.inc +include disable-passwdmgr.inc +include disable-passwdmgr.inc +include disable-programs.inc + +# you'll need to manually whitelist ROM files +mkdir ${HOME}/.config/mupen64plus +mkdir ${HOME}/.local/share/mupen64plus +mkdir ${HOME}/.local/share/mupen64plus-qt +whitelist ${HOME}/.config/mupen64plus +whitelist ${HOME}/.local/share/mupen64plus +whitelist ${HOME}/.local/share/mupen64plus-qt +whitelist ${HOME}/games/Emulators/N64GAMES +read-only ${HOME}/games/Emulators/N64GAMES +include whitelist-common.inc + +caps.drop all +net none +nodbus +nodvd +nonewprivs +noroot +notv +novideo +seccomp diff --git a/profiles/qtox.local b/profiles/qtox.local index 45bd4c7..28cfcdb 100644 --- a/profiles/qtox.local +++ b/profiles/qtox.local @@ -20,4 +20,5 @@ private-bin qtox,dbus-launch private-etc asound.conf,fonts,group,ld.so.cache,localtime,machine-id,passwd,pulse,resolv.conf # # Use with hardened-malloc package +# This breaks qtox on amdgpu for some reason env LD_PRELOAD=/usr/lib/libhardened_malloc.so diff --git a/profiles/vlc.local b/profiles/vlc.local index 29c9ed8..e34e172 100644 --- a/profiles/vlc.local +++ b/profiles/vlc.local @@ -7,4 +7,5 @@ nodbus # # seccomp breaks integrated file manager on kde applications # # due to syscall name_to_handle_at -seccomp !name_to_handle_at +# # kcmp syscall requied by amdgpu hardware acceleration +seccomp !name_to_handle_at,!kcmp |