github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 06:45:29 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1

added lxterminal profile

Browse source
This commit is contained in:
netblue30 2016-02-12 17:55:26 -05:00
parent d88a941d52
commit 5dd4748076
3 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Makefile.in
View file

@ -137,6 +137,7 @@ realinstall:
install -c -m 0644 .etc/uget-gtk.profile $(DESTDIR)/$(sysconfdir)/firejail/.
install -c -m 0644 .etc/mupen64plus.profile $(DESTDIR)/$(sysconfdir)/firejail/.
install -c -m 0644 .etc/disable-terminals.inc $(DESTDIR)/$(sysconfdir)/firejail/.
install -c -m 0644 .etc/lxterminal.profile $(DESTDIR)/$(sysconfdir)/firejail/.
bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
rm -fr .etc
# man pages

19
etc/lxterminal.profile Normal file
View file

@ -0,0 +1,19 @@
# lxterminal (LXDE) profile
include /etc/firejail/disable-mgmt.inc
include /etc/firejail/disable-secret.inc
include /etc/firejail/disable-common.inc
blacklist ${HOME}/.pki/nssdb
blacklist ${HOME}/.lastpass
blacklist ${HOME}/.keepassx
blacklist ${HOME}/.password-store
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
#noroot - somehow this breaks on Debian Jessie!
# lxterminal is a single-instence program
# blacklist any existing lxterminal socket in order to force a second process instance
blacklist /tmp/.lxterminal-socket*

2
platform/debian/conffiles
View file

@ -62,3 +62,5 @@
/etc/firejail/Mathematica.profile
/etc/firejail/uget-gtk.profile
/etc/firejail/mupen64plus.profile
/etc/disable-terminals.inc
/etc/lxterminal.profile