mirror of
https://github.com/netblue30/firejail.git
synced 2026-05-21 06:45:29 -06:00
39 lines
1.3 KiB
Text
39 lines
1.3 KiB
Text
# Firejail profile for brave
|
|
# Description: Web browser that blocks ads and trackers by default.
|
|
# This file is overwritten after every install/update
|
|
# Persistent local customizations
|
|
include brave.local
|
|
# Persistent global definitions
|
|
include globals.local
|
|
|
|
# noexec /tmp is included in chromium-common.profile and breaks Brave
|
|
ignore noexec /tmp
|
|
# TOR is installed in ${HOME}.
|
|
# NOTE: chromium-common.profile enables apparmor. To keep that intact
|
|
# you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default.
|
|
# Alternatively you can add 'ignore apparmor' to your brave.local.
|
|
ignore noexec ${HOME}
|
|
# Causes slow starts (#4604)
|
|
ignore private-cache
|
|
|
|
noblacklist ${HOME}/.cache/BraveSoftware
|
|
noblacklist ${HOME}/.config/BraveSoftware
|
|
noblacklist ${HOME}/.config/brave
|
|
noblacklist ${HOME}/.config/brave-flags.conf
|
|
# brave uses gpg for built-in password manager
|
|
noblacklist ${HOME}/.gnupg
|
|
|
|
mkdir ${HOME}/.cache/BraveSoftware
|
|
mkdir ${HOME}/.config/BraveSoftware
|
|
mkdir ${HOME}/.config/brave
|
|
whitelist ${HOME}/.cache/BraveSoftware
|
|
whitelist ${HOME}/.config/BraveSoftware
|
|
whitelist ${HOME}/.config/brave
|
|
whitelist ${HOME}/.config/brave-flags.conf
|
|
whitelist ${HOME}/.gnupg
|
|
|
|
# Brave sandbox needs read access to /proc/config.gz
|
|
noblacklist /proc/config.gz
|
|
|
|
# Redirect
|
|
include chromium-common.profile
|