diff options
| author | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2021-08-26 00:26:50 -0700 |
|---|---|---|
| committer | jc_gargma <jc_gargma@iserlohn-fortress.net> | 2021-08-26 00:26:50 -0700 |
| commit | 9d8afb4590cfb85e0da393dc6640c69243b89b33 (patch) | |
| tree | 084e1f63ecada9133c7ac471c7cdf57a115f1253 /profiles | |
| parent | Fix renpy.profile by ignoring disable-shell.inc (diff) | |
| download | firejail-profiles-9d8afb4590cfb85e0da393dc6640c69243b89b33.tar.xz | |
Update hg, renpy profiles
Add fallout for wine profile
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/fallout.profile | 10 | ||||
| -rw-r--r-- | profiles/hg.profile | 16 | ||||
| -rw-r--r-- | profiles/renpy.profile | 11 |
3 files changed, 35 insertions, 2 deletions
diff --git a/profiles/fallout.profile b/profiles/fallout.profile new file mode 100644 index 0000000..1ec3b24 --- /dev/null +++ b/profiles/fallout.profile @@ -0,0 +1,10 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include fallout.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.local/share/wineprefixes/Fallout +whitelist ${HOME}/.local/share/wineprefixes/Fallout + +include generic-wine-game.inc diff --git a/profiles/hg.profile b/profiles/hg.profile index ac5943d..c72365f 100644 --- a/profiles/hg.profile +++ b/profiles/hg.profile @@ -17,12 +17,17 @@ noblacklist ${HOME}/.oh-my-zsh noblacklist ${HOME}/.vim noblacklist ${HOME}/.viminfo +# Allow ssh (blacklisted by disable-common.inc) +include allow-ssh.inc + +blacklist /tmp/.X11-unix +blacklist ${RUNUSER}/wayland-* + include disable-common.inc +include disable-exec.inc include disable-passwdmgr.inc include disable-programs.inc -blacklist /tmp/.X11-unix - whitelist ${HOME}/.config/nano whitelist ${HOME}/.emacs whitelist ${HOME}/.emacs.d @@ -40,15 +45,18 @@ whitelist ${HOME}/build whitelist ${HOME}/workspace caps.drop all +ipc-namespace machine-id netfilter no3d nodvd nogroups +noinput nonewprivs noroot nosound notv +nou2f novideo protocol inet,inet6 #protocol unix,inet,inet6 @@ -56,4 +64,8 @@ seccomp shell none private-bin hg,python2 +private-cache private-dev + +memory-deny-write-execute + diff --git a/profiles/renpy.profile b/profiles/renpy.profile index 7e213bc..ea5a8a5 100644 --- a/profiles/renpy.profile +++ b/profiles/renpy.profile @@ -13,6 +13,17 @@ whitelist ${HOME}/.renpy whitelist ${HOME}/games read-only ${HOME}/games +# # Games requiring special rules +# Maid with Perfection +#read-write ${HOME}/games/Maid With Perfection/zipfile.txt + +# Nachigal +#allusers + +# Roommates +#allusers + + ignore memory-deny-write-execute ignore noexec ${HOME} |