From beb9638e2fc9d07f26671ff010cee1ed93ff8a9e Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 22 Jan 2019 00:09:08 +0000 Subject: [PATCH] Refactor github-desktop.profile --- ...desktop.profile => github-desktop.profile} | 24 +++++++++++++------ 1 file changed, 17 insertions(+), 7 deletions(-) rename etc/{desktop.profile => github-desktop.profile} (55%) diff --git a/etc/desktop.profile b/etc/github-desktop.profile similarity index 55% rename from etc/desktop.profile rename to etc/github-desktop.profile index bfb1618b2..d7c894ac5 100644 --- a/etc/desktop.profile +++ b/etc/github-desktop.profile @@ -1,4 +1,4 @@ -# Firejail profile for desktop +# Firejail profile for github-desktop # Description: Extend your GitHub workflow beyond your browser with GitHub Desktop # This file is overwritten after every install/update # Persistent local customizations @@ -6,7 +6,12 @@ include github-desktop.local # Persistent global definitions include globals.local +# Note: add noblacklist/whitelist entrees below for any +# location where you keep local repository clones. + +noblacklist ${HOME}/.gitconfig whitelist ${HOME}/.gitconfig +noblacklist ${HOME}/.config/GitHub Desktop whitelist ${HOME}/.config/GitHub Desktop include disable-common.inc @@ -31,14 +36,19 @@ novideo protocol unix,inet,inet6,netlink seccomp +# Note: On debian-based distributions the binary might be located in +# /opt/GitHub Desktop/github-desktop, and therefore not be in PATH. +# If that's the case you can start GitHub Desktop with firejail via +# `firejail "/opt/GitHub Desktop/github-desktop"`. + disable-mnt -# private-bin Atom,desktop -# private-cache -# private-dev +# private-bin github-desktop +private-cache +private-dev # private-etc none # private-lib -# private-tmp +private-tmp # memory-deny-write-execute -# noexec ${HOME} -# noexec /tmp +noexec ${HOME} +noexec /tmp