diff options
Diffstat (limited to 'unmaintained/amfora.profile')
| -rw-r--r-- | unmaintained/amfora.profile | 62 |
1 files changed, 62 insertions, 0 deletions
diff --git a/unmaintained/amfora.profile b/unmaintained/amfora.profile new file mode 100644 index 0000000..411a4ff --- /dev/null +++ b/unmaintained/amfora.profile @@ -0,0 +1,62 @@ +# Firejail profile for amfora +# This file is overwritten after every install/update +quiet +# Persistent local customizations +include amfora.local +# Persistent global definitions +include globals.local + + +noblacklist ${HOME}/.config/amfora +noblacklist ${HOME}/.local/share/amfora + +blacklist /tmp/.X11-unix +blacklist ${RUNUSER}/wayland-* + +include disable-common.inc +include disable-devel.inc +include disable-interpreters.inc +include disable-programs.inc +include disable-write-mnt.inc +include disable-xdg.inc + +mkdir ${HOME}/.config/amfora +mkdir ${HOME}/.local/share/amfora + +whitelist ${HOME}/.config/amfora +whitelist ${HOME}/.local/share/amfora +include whitelist-runuser-common.inc + +caps.drop all +machine-id +netfilter +no3d +nodvd +nogroups +noinput +nonewprivs +noroot +nosound +notv +nou2f +novideo +protocol inet,inet6 +seccomp +shell none +tracelog + +disable-mnt +private-bin amfora +private-cache +private-dev +private-etc ca-certificates,resolv.conf,ssl +private-tmp + +dbus-user none +dbus-system none + +noexec ${HOME} +noexec /tmp + +# # Use with hardened-malloc package +env LD_PRELOAD=/usr/lib/libhardened_malloc.so |