guayadeque.profile 624 Bytes
Newer Older
Tad's avatar
Tad committed
1 2 3
# Firejail profile for guayadeque
# This file is overwritten after every install/update
# Persistent local customizations
4
include guayadeque.local
Tad's avatar
Tad committed
5
# Persistent global definitions
6
include globals.local
7

netblue30's avatar
netblue30 committed
8
noblacklist ${HOME}/.guayadeque
9
noblacklist ${MUSIC}
netblue30's avatar
netblue30 committed
10

11 12 13 14 15 16
include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-passwdmgr.inc
include disable-programs.inc
include disable-xdg.inc
netblue30's avatar
netblue30 committed
17 18 19 20 21 22

caps.drop all
netfilter
nogroups
nonewprivs
noroot
Tad's avatar
Tad committed
23
notv
24
nou2f
25
novideo
netblue30's avatar
netblue30 committed
26 27 28 29 30 31 32
protocol unix,inet,inet6,netlink
seccomp
shell none

private-bin guayadeque
private-dev
private-tmp
33 34 35

noexec ${HOME}
noexec /tmp