dino.profile 803 Bytes
Newer Older
Tad's avatar
Tad committed
1 2 3
# Firejail profile for dino
# This file is overwritten after every install/update
# Persistent local customizations
4
include dino.local
Tad's avatar
Tad committed
5
# Persistent global definitions
6
include globals.local
Tad's avatar
Tad committed
7 8 9

noblacklist ${HOME}/.local/share/dino

10 11 12 13 14
include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-passwdmgr.inc
include disable-programs.inc
15 16 17

mkdir ${HOME}/.local/share/dino
whitelist ${HOME}/.local/share/dino
Tad's avatar
Tad committed
18
whitelist ${HOME}/Downloads
19
include whitelist-common.inc
Tad's avatar
Tad committed
20 21 22

caps.drop all
netfilter
23
no3d
Tad's avatar
Tad committed
24
nodvd
Tad's avatar
Tad committed
25 26 27
nogroups
nonewprivs
noroot
28
nosound
Tad's avatar
Tad committed
29
notv
30
nou2f
31
novideo
Tad's avatar
Tad committed
32 33 34 35
protocol unix,inet,inet6
seccomp
shell none

Tad's avatar
Tad committed
36
disable-mnt
Tad's avatar
Tad committed
37 38
private-bin dino
private-dev
39
# private-etc fonts,ca-certificates,ssl,pki,crypto-policies # breaks server connection
Tad's avatar
Tad committed
40
private-tmp
Tad's avatar
Tad committed
41 42 43

noexec ${HOME}
noexec /tmp