github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6
firejail/etc/profile-a-l/0ad.profile
Kelvin M. Klann a0770eb333 profiles: run sort.py to fix ci 
Command used:

    $ ./ci/check/profiles/sort.py etc/inc/*.inc etc/profile-*/*.profile

This amends commit a98a1d281 ("bwrap replacement - part 6 - allow
/lib/libexec", 2025-12-20).
2025-12-20 18:23:27 -03:00

63 lines
1.3 KiB
Text
Raw Permalink Blame History

# Firejail profile for 0ad
# Description: Real-time strategy game of ancient warfare
# This file is overwritten after every install/update
# Persistent local customizations
include 0ad.local
# Persistent global definitions
include globals.local
noblacklist ${HOME}/.cache/0ad
noblacklist ${HOME}/.config/0ad
noblacklist ${HOME}/.local/share/0ad
# Allow gjs (blacklisted by disable-interpreters.inc)
include allow-gjs.inc
# uses libgdk-pixbuf and/or glycin - see #6906
# blacklist /usr/libexec
include disable-common.inc
include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-xdg.inc
mkdir ${HOME}/.cache/0ad
mkdir ${HOME}/.config/0ad
mkdir ${HOME}/.local/share/0ad
whitelist ${HOME}/.cache/0ad
whitelist ${HOME}/.config/0ad
whitelist ${HOME}/.local/share/0ad
whitelist /usr/share/0ad
whitelist /usr/share/games
include whitelist-common.inc
include whitelist-usr-share-common.inc
include whitelist-var-common.inc
caps.drop all
netfilter
nodvd
nogroups
noinput
nonewprivs
noroot
notv
nou2f
novideo
protocol unix,inet,inet6
seccomp
seccomp.block-secondary
tracelog
disable-mnt
private-bin 0ad,pyrogenesis,sh,which
private-cache
private-dev
private-etc @games,@sound,@x11,ldap
private-tmp
dbus-user none
dbus-system none
restrict-namespaces
Reference in a new issue View git blame Copy permalink