diff options
| -rw-r--r-- | PKGBUILD | 4 | ||||
| -rw-r--r-- | profiles/mgba.profile | 5 | ||||
| -rw-r--r-- | profiles/mupen64plus-qt.profile | 30 | ||||
| -rw-r--r-- | profiles/mupen64plus.local | 2 |
4 files changed, 12 insertions, 29 deletions
@@ -1,7 +1,7 @@ # Maintainer: jc_gargma <jc_gargma@iserlohn-fortress.net> pkgname=firejail-profiles -pkgver=20200903 +pkgver=20200904 pkgrel=1 pkgdesc="Additional firejail profiles and locals" arch=('any') @@ -9,7 +9,7 @@ url="https://library.iserlohn-fortress.net/firejail-profiles.git" license=('GPLv3') depends=('firejail' 'hardened-malloc') source=(profiles.tar.gz) -b2sums=('cb9ae4ffbc36c5b18f941488353e48f247613d64563be7d6abe2941944918eebceef80b105a3d3b4c665546535375e439f0fd86ede80a3198c1419d633a37566') +b2sums=('713363249c8b898392fd13ea1611580eb035d06549cf42eaf270e7a860fe5b835015d7e7568a5585cb477a4b5bf59580ac4804798c01691fc3dbbafd655c986c') package() { install --directory ${pkgdir}/etc/firejail diff --git a/profiles/mgba.profile b/profiles/mgba.profile index 6a2fd69..dae77b6 100644 --- a/profiles/mgba.profile +++ b/profiles/mgba.profile @@ -20,7 +20,10 @@ include whitelist-common.inc # kcmp required for amdgpu seccomp !name_to_handle_at,!kcmp -# private-dev breaks joysticks +# netlink required for controller support +protocol unix,netlink + +# private-dev breaks controllers ignore private-dev ignore memory-deny-write-execute diff --git a/profiles/mupen64plus-qt.profile b/profiles/mupen64plus-qt.profile index f1c3931..b139abe 100644 --- a/profiles/mupen64plus-qt.profile +++ b/profiles/mupen64plus-qt.profile @@ -6,32 +6,10 @@ include mupen64plus-qt.local # Persistent global definitions include globals.local -noblacklist ${HOME}/.config/mupen64plus -noblacklist ${HOME}/.local/share/mupen64plus - -include disable-common.inc -include disable-devel.inc -include disable-passwdmgr.inc -include disable-passwdmgr.inc -include disable-programs.inc - -# you'll need to manually whitelist ROM files -mkdir ${HOME}/.config/mupen64plus -mkdir ${HOME}/.local/share/mupen64plus mkdir ${HOME}/.local/share/mupen64plus-qt -whitelist ${HOME}/.config/mupen64plus -whitelist ${HOME}/.local/share/mupen64plus whitelist ${HOME}/.local/share/mupen64plus-qt -whitelist ${HOME}/games/Emulators/N64GAMES -read-only ${HOME}/games/Emulators/N64GAMES -include whitelist-common.inc -caps.drop all -net none -nodbus -nodvd -nonewprivs -noroot -notv -novideo -seccomp +# name_to_handle_at required for kde file manager +seccomp !name_to_handle_at + +include mupen64plus.profile diff --git a/profiles/mupen64plus.local b/profiles/mupen64plus.local index 4c42d1e..67a8550 100644 --- a/profiles/mupen64plus.local +++ b/profiles/mupen64plus.local @@ -1,2 +1,4 @@ whitelist ${HOME}/games/Emulators/N64GAMES read-only ${HOME}/games/Emulators/N64GAMES + +protocol unix |