mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-21 06:45:29 -06:00
37 lines
984 B
Text
37 lines
984 B
Text
# Firejail profile for flashpeak-slimjet
|
|
# This file is overwritten after every install/update
|
|
# Persistent local customizations
|
|
include /etc/firejail/flashpeak-slimjet.local
|
|
# Persistent global definitions
|
|
include /etc/firejail/globals.local
|
|
|
|
# This is a whitelisted profile, the internal browser sandbox
|
|
# is disabled because it requires sudo password. The command
|
|
# to run it is as follows:
|
|
# firejail flashpeak-slimjet --no-sandbox
|
|
|
|
noblacklist ~/.cache/slimjet
|
|
noblacklist ~/.config/slimjet
|
|
noblacklist ~/.pki
|
|
|
|
include /etc/firejail/disable-common.inc
|
|
# chromium is distributed with a perl script on Arch
|
|
# include /etc/firejail/disable-devel.inc
|
|
include /etc/firejail/disable-programs.inc
|
|
|
|
mkdir ~/.cache/slimjet
|
|
mkdir ~/.config/slimjet
|
|
mkdir ~/.pki
|
|
whitelist ${DOWNLOADS}
|
|
whitelist ~/.cache/slimjet
|
|
whitelist ~/.config/slimjet
|
|
whitelist ~/.pki
|
|
include /etc/firejail/whitelist-common.inc
|
|
|
|
caps.drop all
|
|
netfilter
|
|
nonewprivs
|
|
noroot
|
|
protocol unix,inet,inet6,netlink
|
|
seccomp
|
|
notv
|