Add a profile for Jami

Left out of firecfg because I think it was buggy.
2026-05-21 06:45:29 -06:00 · 2021-03-15 14:21:07 -04:00 · 2021-03-15 14:21:07 -04:00 · ce6925c810
commit ce6925c810
parent 69f9601283
2 changed files with 44 additions and 0 deletions
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@ -267,6 +267,7 @@ blacklist ${HOME}/.config/inkscape
 blacklist ${HOME}/.config/inox
 blacklist ${HOME}/.config/iridium
 blacklist ${HOME}/.config/itch
+blacklist ${HOME}/.config/jami
 blacklist ${HOME}/.config/jd-gui.cfg
 blacklist ${HOME}/.config/k3brc
 blacklist ${HOME}/.config/kaffeinerc
@ -662,6 +663,7 @@ blacklist ${HOME}/.local/share/gradio
 blacklist ${HOME}/.local/share/gwenview
 blacklist ${HOME}/.local/share/i2p
 blacklist ${HOME}/.local/share/IntoTheBreach
+blacklist ${HOME}/.local/share/jami
 blacklist ${HOME}/.local/share/kaffeine
 blacklist ${HOME}/.local/share/kalgebra
 blacklist ${HOME}/.local/share/kate
--- a/etc/profile-a-l/jami-gnome.profile
+++ b/etc/profile-a-l/jami-gnome.profile
@ -0,0 +1,42 @@
+# Firejail profile for jami-gnome
+# Description: An encrypted peer-to-peer messenger
+# This file is overwritten after every install/update
+# Persistent local customizations
+include jami-gnome.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.config/jami
+noblacklist ${HOME}/.local/share/jami
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+#include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+
+mkdir ${HOME}/.config/jami
+mkdir ${HOME}/.local/share/jami
+whitelist ${HOME}/.config/jami
+whitelist ${HOME}/.local/share/jami
+include whitelist-common.inc
+include whitelist-var-common.inc
+
+caps.drop all
+ipc-namespace
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+
+disable-mnt
+private-dev
+private-tmp
+
+env QT_QPA_PLATFORM=xcb