From e339ac359f57e2f263961c7f68884ee2220480d9 Mon Sep 17 00:00:00 2001
From: Tom Mellor <thomascmellor@gmail.com>
Date: Sat, 30 Jan 2016 14:09:34 -0500
Subject: [PATCH] add mupen64plus profile

---
 Makefile.in             |  1 +
 etc/mupen64plus.profile | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 etc/mupen64plus.profile

diff --git a/Makefile.in b/Makefile.in
index 591e53cf0..1ed3e4df1 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -135,6 +135,7 @@ realinstall:
 	install -c -m 0644 .etc/mathematica.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/Mathematica.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/uget-gtk.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+	install -c -m 0644 .etc/mupen64plus.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
 	rm -fr .etc
 	# man pages
diff --git a/etc/mupen64plus.profile b/etc/mupen64plus.profile
new file mode 100644
index 000000000..f21c35609
--- /dev/null
+++ b/etc/mupen64plus.profile
@@ -0,0 +1,12 @@
+# mupen64plus profile
+# manually whitelist ROM files
+include /etc/firejail/disable-mgmt.inc
+include /etc/firejail/disable-secret.inc
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+whitelist ${HOME}/.local/share/mupen64plus/
+whitelist ${HOME}/.config/mupen64plus/
+noroot
+caps.drop all
+seccomp
+net none