New profile: aria2p/aria2rpc

https://github.com/pawamoy/aria2p is Command-line tool and library to interact with an aria2c daemon process with
JSON-RPC.

aria2rpc from https://github.com/aria2/aria2 is command line tool for connecting to a remote instance of aria2c

etc/profile-a-l/aria2p.profile

@@ -0,0 +1,65 @@
+# Firejail profile for aria2p
+# Description: Command-line tool and library to interact with an aria2c daemon process with JSON-RPC.
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include aria2p.local
+# Persistent global definitions
+include globals.local
+
+# Allow python (blacklisted by disable-interpreters.inc)
+include allow-python3.inc
+
+blacklist /usr/libexec
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-proc.inc
+include disable-programs.inc
+include disable-shell.inc
+#include disable-write-mnt.inc
+# xclip and xsel require X11.
+#include disable-X11.inc
+include disable-xdg.inc
+
+include whitelist-common.inc
+include whitelist-run-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+ipc-namespace
+machine-id
+netfilter
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notpm
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+seccomp.block-secondary
+tracelog
+
+disable-mnt
+private
+private-bin aria2p,cat,python*,wl-copy,wl-paste,xclip,xsel
+private-dev
+private-tmp
+
+dbus-user none
+dbus-system none
+
+deterministic-shutdown
+memory-deny-write-execute

etc/profile-a-l/aria2rpc.profile

@@ -0,0 +1,65 @@
+# Firejail profile for aria2rpc
+# Description: Command line tool for connecting to a remote instance of aria2c
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include aria2rpc.local
+# Persistent global definitions
+include globals.local
+
+# Allow ruby (blacklisted by disable-interpreters.inc)
+include allow-ruby.inc
+
+blacklist ${RUNUSER}
+blacklist /usr/libexec
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-proc.inc
+include disable-programs.inc
+include disable-shell.inc
+#include disable-write-mnt.inc
+include disable-X11.inc
+include disable-xdg.inc
+
+include whitelist-common.inc
+include whitelist-run-common.inc
+#include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+ipc-namespace
+machine-id
+netfilter
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notpm
+notv
+nou2f
+novideo
+protocol inet,inet6
+seccomp
+seccomp.block-secondary
+tracelog
+
+disable-mnt
+private
+private-bin aria2rpc,env,ruby*
+private-dev
+private-tmp
+
+dbus-user none
+dbus-system none
+
+deterministic-shutdown
+memory-deny-write-execute