From 5ce8a913a4eca3e3e0b23cf1931bbfae7cb3ae9d Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Fri, 15 Apr 2016 08:29:50 -0400
Subject: [PATCH] merged 0ad profile from Fred-Barclay

---
 Makefile.in               |  1 +
 README                    |  1 +
 README.md                 |  2 +-
 RELNOTES                  |  2 +-
 etc/0ad.profile           | 30 ++++++++++++++++++++++++++++++
 etc/disable-programs.inc  |  3 +++
 platform/debian/conffiles |  1 +
 7 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 etc/0ad.profile

diff --git a/Makefile.in b/Makefile.in
index 3a555f55c..16f8e8717 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -163,6 +163,7 @@ realinstall:
 	install -c -m 0644 .etc/palemoon.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/icedove.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/abrowser.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+	install -c -m 0644 .etc/0ad.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
 	sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
 	rm -fr .etc
diff --git a/README b/README
index ee58143b5..81481f512 100644
--- a/README
+++ b/README
@@ -24,6 +24,7 @@ Fred-Barclay (https://github.com/Fred-Barclay)
 	- added Vivaldi, Atril profiles
 	- added PaleMoon profile
 	- split Icedove and Thunderbird profiles
+	- added 0ad profile
 avoidr (https://github.com/avoidr)
 	- whitelist fix
 	- recently-used.xbel fix
diff --git a/README.md b/README.md
index e18777bf5..7f6f573b4 100644
--- a/README.md
+++ b/README.md
@@ -281,5 +281,5 @@ $ man firejail-profile
 
 ## New security profiles
 lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril, qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars, qTox,
-OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon, Icedove, abrowser
+OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon, Icedove, abrowser, 0ad
 
diff --git a/RELNOTES b/RELNOTES
index 9f231a7f3..d1675e7b0 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -18,7 +18,7 @@ firejail (0.9.40-rc1) baseline; urgency=low
   * new profiles: lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril
   * new profiles: qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars
   * new profiles: qTox, OpenSSH client, OpenBox, Dillo, cmus, dnsmasq
-  * new profiles: PaleMoon, Icedove
+  * new profiles: PaleMoon, Icedove, 0ad
   * build rpm packages using "make rpms"
   * bugfixes
  -- netblue30 <netblue30@yahoo.com>  Sun, 3 Apr 2016 08:00:00 -0500
diff --git a/etc/0ad.profile b/etc/0ad.profile
new file mode 100644
index 000000000..f8a3ce23d
--- /dev/null
+++ b/etc/0ad.profile
@@ -0,0 +1,30 @@
+# Firejail profile for 0ad.
+noblacklist ~/.config/0ad
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+
+# Call these options
+caps.drop all
+seccomp
+protocol unix,inet,inet6,netlink
+netfilter
+tracelog
+noroot
+
+# Whitelists
+noblacklist ~/.cache/0ad
+mkdir ~/.cache
+mkdir ~/.cache/0ad
+whitelist ~/.cache/0ad
+
+mkdir ~/.config
+mkdir ~/.config/0ad
+whitelist ~/.config/0ad
+
+noblacklist ~/.local/share/0ad
+mkdir ~/.local
+mkdir ~/.local/share
+mkdir ~/.local/share/0ad
+whitelist ~/.local/share/0ad
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 7faf75638..7f18aa16f 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -53,6 +53,7 @@ blacklist ${HOME}/.TelegramDesktop
 blacklist ${HOME}/.hedgewars
 blacklist ${HOME}/.steam
 blacklist ${HOME}/.config/wesnoth
+blacklist ${HOME}/.config/0ad
 
 # Cryptocoins
 blacklist ${HOME}/.*coin
@@ -81,6 +82,7 @@ blacklist ${HOME}/.cache/thunderbird
 blacklist ${HOME}/.cache/icedove
 blacklist ${HOME}/.cache/transmission
 blacklist ${HOME}/.cache/wesnoth
+blacklist ${HOME}/.cache/0ad
 
 # share
 blacklist ${HOME}/.local/share/epiphany
@@ -88,3 +90,4 @@ blacklist ${HOME}/.local/share/mupen64plus
 blacklist ${HOME}/.local/share/spotify
 blacklist ${HOME}/.local/share/steam
 blacklist ${HOME}/.local/share/wesnoth
+blacklist ${HOME}/.local/share/0ad
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index 7ed4c3152..dc8640147 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -82,3 +82,4 @@
 /etc/firejail/dnsmasq.profile
 /etc/firejail/palemoon.profile
 /etc/firejail/abrowser.profile
+/etc/firejail/0ad.profile