From a0bf93743858985f7830a1eca8506d2ca748a212 Mon Sep 17 00:00:00 2001 From: jc_gargma Date: Tue, 17 Nov 2020 21:12:37 -0800 Subject: Add warhammer 40k mechanicus profile Add private-cache to wine-generic --- PKGBUILD | 4 ++-- profiles/disable-programs.local | 2 ++ profiles/generic-wine-game.inc | 1 + profiles/warhammer40k-mechanicus.profile | 26 ++++++++++++++++++++++++++ 4 files changed, 31 insertions(+), 2 deletions(-) create mode 100644 profiles/warhammer40k-mechanicus.profile diff --git a/PKGBUILD b/PKGBUILD index 16e77d8..21ca4c4 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -1,7 +1,7 @@ # Maintainer: jc_gargma pkgname=firejail-profiles -pkgver=20201113 +pkgver=20201117 pkgrel=1 pkgdesc="Additional firejail profiles and locals" arch=('any') @@ -9,7 +9,7 @@ url="https://library.iserlohn-fortress.net/firejail-profiles.git" license=('GPLv3') depends=('firejail' 'hardened-malloc') source=(profiles.tar.gz) -b2sums=('beeaa9b7e4ff974c439b794951dfa92c9fe994183f95bb8f1de480caa6303995b1a9d1f7525b0c5aa018bb0ea0004b306b5dcb64f0e75b70d3a83401ecd48f75') +b2sums=('b24393c349656706e8d35449a674c42640632e5fa6c12aab93b43ed2fde91c6ea63d0a76ebbf9c50e263892457dd6cdb086731d523c40888bd449bc23b362750') package() { install --directory ${pkgdir}/etc/firejail diff --git a/profiles/disable-programs.local b/profiles/disable-programs.local index 81b82c5..49410f9 100644 --- a/profiles/disable-programs.local +++ b/profiles/disable-programs.local @@ -20,6 +20,8 @@ blacklist ${HOME}/.config/Proxy Studios/Pandora blacklist ${HOME}/.config/smolbote blacklist ${HOME}/.config/StardewValley blacklist ${HOME}/.config/unity3d +blacklist ${HOME}/.config/unity3d/BulwarkStudios +blacklist ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus blacklist ${HOME}/.config/unity3d/DevespressoGames blacklist ${HOME}/.config/unity3d/DevespressoGames/VambraceColdSoul blacklist ${HOME}/.config/unity3d/Dinosaur Polo Club diff --git a/profiles/generic-wine-game.inc b/profiles/generic-wine-game.inc index 1ed2b27..55676a7 100644 --- a/profiles/generic-wine-game.inc +++ b/profiles/generic-wine-game.inc @@ -49,6 +49,7 @@ shell none tracelog disable-mnt +private-cache private-dev # wine games require passwd private-etc asound.conf,group,localtime,machine-id,passwd,pulse diff --git a/profiles/warhammer40k-mechanicus.profile b/profiles/warhammer40k-mechanicus.profile new file mode 100644 index 0000000..32948eb --- /dev/null +++ b/profiles/warhammer40k-mechanicus.profile @@ -0,0 +1,26 @@ +# This file is overwritten after every install/update +# Persistent local customizations +include warhammer40k-mechanicus.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.config/unity3d +noblacklist ${HOME}/.config/unity3d/BulwarkStudios +noblacklist ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus + +mkdir ${HOME}/.config/unity3d +mkdir ${HOME}/.config/unity3d/BulwarkStudios +mkdir ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus +whitelist ${HOME}/.config/unity3d/BulwarkStudios/Mechanicus +whitelist ${HOME}/games/Warhammer 40k - Mechanicus +read-only ${HOME}/games/Warhammer 40k - Mechanicus + +#ignore machine-id +protocol unix,netlink +seccomp !name_to_handle_at + +ignore memory-deny-write-execute + +ignore noexec ${HOME} + +include generic-game.inc -- cgit v1.2.1