diff options
| -rw-r--r-- | PKGBUILD | 4 | ||||
| -rw-r--r-- | profiles/antichamber.profile | 2 | ||||
| -rw-r--r-- | profiles/dins-curse.profile | 2 | ||||
| -rw-r--r-- | profiles/othercide.profile | 1 | ||||
| -rw-r--r-- | profiles/wasteland-2.profile | 29 | ||||
| -rw-r--r-- | profiles/xenonauts-2.profile | 19 |
6 files changed, 55 insertions, 2 deletions
@@ -2,14 +2,14 @@ pkgname=firejail-profiles pkgver=20210704 -pkgrel=1 +pkgrel=4 pkgdesc="Additional firejail profiles and locals" arch=('any') url="https://library.iserlohn-fortress.net/firejail-profiles.git" license=('GPLv3') depends=('firejail' 'hardened-malloc') source=(profiles.tar.gz) -b2sums=('161cda200f18d68666b590b0f8e29cbf7be1bc64944855bd5ed5c851c95ad37c79f69a37da8be28a3429a1186ad954fcd43f8f0e97add2c408fef42b9ca90243') +b2sums=('c7fb1ea5bcd050c7b925c718a8bce64bcffff894ca46b6ca8e2575fe96b51acb31aae98d05fd6c3e258a037d00cbeebdec51d51557757ab15f1739cdcaf489f4') package() { install --directory ${pkgdir}/etc/firejail diff --git a/profiles/antichamber.profile b/profiles/antichamber.profile index cc1136e..80397e2 100644 --- a/profiles/antichamber.profile +++ b/profiles/antichamber.profile @@ -18,6 +18,8 @@ whitelist ${HOME}/.local/share/AlexanderBruce/Antichamber #seccomp !name_to_handle_at ignore seccomp +ignore memory-deny-write-execute + ignore noexec ${HOME} include generic-game.inc diff --git a/profiles/dins-curse.profile b/profiles/dins-curse.profile index 7079096..b4f8eda 100644 --- a/profiles/dins-curse.profile +++ b/profiles/dins-curse.profile @@ -15,6 +15,8 @@ whitelist ${HOME}/.local/DinsCurse private-etc asound.conf,group,localtime,machine-id,protocols,pulse,resolv.conf +ignore memory-deny-write-execute + ignore noexec ${HOME} include generic-game-networked.inc diff --git a/profiles/othercide.profile b/profiles/othercide.profile index c904949..12e9df3 100644 --- a/profiles/othercide.profile +++ b/profiles/othercide.profile @@ -10,6 +10,7 @@ whitelist ${HOME}/.local/share/wineprefixes/Othercide # machine-id, obs, and alsa don't get along #ignore machine-id +protocol unix,netlink seccomp !name_to_handle_at diff --git a/profiles/wasteland-2.profile b/profiles/wasteland-2.profile new file mode 100644 index 0000000..ce02383 --- /dev/null +++ b/profiles/wasteland-2.profile @@ -0,0 +1,29 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include wasteland-2.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.config/unity3d +noblacklist ${HOME}/.config/unity3d/inXile Entertainment +#noblacklist ${HOME}/.config/unity3d/inXile Entertainment/Wasteland 2: Director's Cut + +#blacklist /usr/lib/libpulse* + +mkdir ${HOME}/.config/unity3d +mkdir ${HOME}/.config/unity3d/inXile Entertainment +#mkdir ${HOME}/.config/unity3d/inXile Entertainment/Wasteland 2: Director's Cut +#whitelist ${HOME}/.config/unity3d/inXile Entertainment/Wasteland 2: Director's Cut +whitelist ${HOME}/.config/unity3d/inXile Entertainment +whitelist ${HOME}/games/Wasteland 2 +read-only ${HOME}/games/Wasteland 2 + +protocol unix,netlink +seccomp !name_to_handle_at +#seccomp.drop @clock,@cpu-emulation,@module,@obsolete,@privileged,@raw-io,@reboot,@resources,@swap,ptrace + +ignore memory-deny-write-execute + +ignore noexec ${HOME} + +include generic-game.inc diff --git a/profiles/xenonauts-2.profile b/profiles/xenonauts-2.profile new file mode 100644 index 0000000..0a5351e --- /dev/null +++ b/profiles/xenonauts-2.profile @@ -0,0 +1,19 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include xenonauts-2.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.local/share/wineprefixes/Xenonauts2 +whitelist ${HOME}/.local/share/wineprefixes/Xenonauts2 + +# machine-id, obs, and alsa don't get along +#ignore machine-id + +seccomp !name_to_handle_at + +ignore memory-deny-write-execute + +ignore noexec ${HOME} + +include generic-wine-game.inc |