From 3b28962a8f0e2f21f5e8ec1df125f742bf5ce8f8 Mon Sep 17 00:00:00 2001 From: jc_gargma Date: Sat, 12 Dec 2020 04:54:26 -0800 Subject: Add profile for hearts of iron iv Add local for rtorrent --- PKGBUILD | 4 ++-- profiles/hearts-of-iron-iv.profile | 29 +++++++++++++++++++++++++++++ profiles/rtorrent.local | 24 ++++++++++++++++++++++++ 3 files changed, 55 insertions(+), 2 deletions(-) create mode 100644 profiles/hearts-of-iron-iv.profile create mode 100644 profiles/rtorrent.local diff --git a/PKGBUILD b/PKGBUILD index 74dc860..309701e 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -1,7 +1,7 @@ # Maintainer: jc_gargma pkgname=firejail-profiles -pkgver=20201209 +pkgver=20201212 pkgrel=1 pkgdesc="Additional firejail profiles and locals" arch=('any') @@ -9,7 +9,7 @@ url="https://library.iserlohn-fortress.net/firejail-profiles.git" license=('GPLv3') depends=('firejail' 'hardened-malloc') source=(profiles.tar.gz) -b2sums=('8173d250a795ec33d9d05eb9ec6e4bca1977b1e5698cbcd4ee76e3da733379c5a81865c304a87b22cc7b935644ec98c1311dd77441c24d1b5a75d83cec6e56c0') +b2sums=('b6c973d8b55e9309894cbb2936d32e153b75dd1e70169c1a00f01ec48996ba0021370dccaeebe077cbe7ea40d720eee1bfaf1e78473c88860fa376ed9debdbf8') package() { install --directory ${pkgdir}/etc/firejail diff --git a/profiles/hearts-of-iron-iv.profile b/profiles/hearts-of-iron-iv.profile new file mode 100644 index 0000000..6749b14 --- /dev/null +++ b/profiles/hearts-of-iron-iv.profile @@ -0,0 +1,29 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include hearts-of-iron-iv.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/games/Hearts of Iron IV +noblacklist ${HOME}/.local/share/Paradox Interactive +noblacklist ${HOME}/.local/share/Paradox Interactive/Hearts of Iron IV + +whitelist ${HOME}/games/Hearts of Iron IV +read-only ${HOME}/games/Hearts of Iron IV +mkdir ${HOME}/.local/share/Paradox Interactive +mkdir ${HOME}/.local/share/Paradox Interactive/Hearts of Iron IV +whitelist ${HOME}/.local/share/Paradox Interactive +read-only ${HOME}/.local/share/Paradox Interactive +whitelist ${HOME}/.local/share/Paradox Interactive/Hearts of Iron IV +read-write ${HOME}/.local/share/Paradox Interactive/Hearts of Iron IV + +# HoI4 requires ptrace to function +seccomp !ptrace + +private-etc asound.conf,group,localtime,machine-id,passwd,pulse + +ignore memory-deny-write-execute + +ignore noexec ${HOME} + +include generic-game.inc diff --git a/profiles/rtorrent.local b/profiles/rtorrent.local new file mode 100644 index 0000000..5bbc634 --- /dev/null +++ b/profiles/rtorrent.local @@ -0,0 +1,24 @@ +noblacklist ${HOME}/rtorrent +noblacklist ${HOME}/.rtorrent.rc +whitelist ${HOME}/rtorrent +whitelist ${HOME}/.rtorrent.rc + +include disable-xdg.inc + +ipc-namespace +no3d +noautopulse +nogroups +tracelog + +disable-mnt +private-bin rtorrent,mkdir,mv +private-etc ca-certificates,machine-id,passwd,resolv.conf,ssl,xdg + +memory-deny-write-execute + +dbus-user none +dbus-system none + +# # Use with hardened-malloc package +env LD_PRELOAD=/usr/lib/libhardened_malloc.so -- cgit v1.2.1