summaryrefslogtreecommitdiff
path: root/profiles/nyamp.profile
diff options
context:
space:
mode:
Diffstat (limited to 'profiles/nyamp.profile')
-rw-r--r--profiles/nyamp.profile52
1 files changed, 52 insertions, 0 deletions
diff --git a/profiles/nyamp.profile b/profiles/nyamp.profile
new file mode 100644
index 0000000..876b869
--- /dev/null
+++ b/profiles/nyamp.profile
@@ -0,0 +1,52 @@
+# This file is overwritten after every install/update
+# Persistent local customizations
+include nyamp.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.config/iserlohn-fortress.net/nyamp
+noblacklist ${MUSIC}
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.config/iserlohn-fortress.net
+mkdir ${HOME}/.config/iserlohn-fortress.net/nyamp
+
+whitelist ${HOME}/.config/iserlohn-fortress.net/nyamp
+whitelist ${MUSIC}
+read-only ${MUSIC}
+include whitelist-common.inc
+
+
+caps.drop all
+# machine-id
+net none
+no3d
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin bash,nyamp
+private-cache
+private-dev
+private-etc fonts,machine-id
+# private-etc asound.conf,fonts,machine-id,pulse
+private-tmp
+
+memory-deny-write-execute
generated by cgit v1.2.1 (git 2.18.0) at 2025-01-14 14:00:49 +0000