krita.profile 996 Bytes
Newer Older
1
# Firejail profile for krita
2
# Description: Pixel-based image manipulation program
Chiraag Nataraj's avatar
Chiraag Nataraj committed
3 4
# This file is overwritten after every install/update
# Persistent local customizations
5
include krita.local
Chiraag Nataraj's avatar
Chiraag Nataraj committed
6
# Persistent global definitions
7
include globals.local
Chiraag Nataraj's avatar
Chiraag Nataraj committed
8

9
noblacklist ${HOME}/.config/kritarc
10
noblacklist ${HOME}/.local/share/krita
11 12
noblacklist ${DOCUMENTS}
noblacklist ${PICTURES}
13 14 15 16 17 18

# Allow python (blacklisted by disable-interpreters.inc)
noblacklist ${PATH}/python2*
noblacklist ${PATH}/python3*
noblacklist /usr/lib/python2*
noblacklist /usr/lib/python3*
Chiraag Nataraj's avatar
Chiraag Nataraj committed
19

20 21 22 23 24 25
include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-passwdmgr.inc
include disable-programs.inc
include disable-xdg.inc
Chiraag Nataraj's avatar
Chiraag Nataraj committed
26

27
apparmor
Chiraag Nataraj's avatar
Chiraag Nataraj committed
28
caps.drop all
29 30
ipc-namespace
# net none
31
netfilter
32
# nodbus
Tad's avatar
Tad committed
33
nodvd
34 35 36 37
nogroups
nonewprivs
noroot
nosound
Tad's avatar
Tad committed
38
notv
39
nou2f
40 41
novideo
protocol unix
Chiraag Nataraj's avatar
Chiraag Nataraj committed
42
seccomp
43 44
shell none

45
private-cache
46 47 48
private-dev
private-tmp

49 50
# noexec ${HOME} may break krita, see issue #1953
# noexec ${HOME}
51
noexec /tmp