From f39d735e2ba625a31a7dbf6fb8bdd62501379ad1 Mon Sep 17 00:00:00 2001 From: zachir Date: Wed, 5 Oct 2022 22:00:32 -0500 Subject: Initial Commit --- firejail/disable-exec.local | 1 + firejail/dolphin-emu.local | 4 ++++ firejail/librewolf.local | 4 ++++ firejail/lynx.local | 3 +++ firejail/mpv.local | 3 +++ firejail/neomutt.local | 24 ++++++++++++++++++++++++ firejail/nextcloud.local | 4 ++++ firejail/qutebrowser.local | 4 ++++ firejail/steam.local | 2 ++ 9 files changed, 49 insertions(+) create mode 100644 firejail/disable-exec.local create mode 100644 firejail/dolphin-emu.local create mode 100644 firejail/librewolf.local create mode 100644 firejail/lynx.local create mode 100644 firejail/mpv.local create mode 100644 firejail/neomutt.local create mode 100644 firejail/nextcloud.local create mode 100644 firejail/qutebrowser.local create mode 100644 firejail/steam.local (limited to 'firejail') diff --git a/firejail/disable-exec.local b/firejail/disable-exec.local new file mode 100644 index 0000000..3162dc1 --- /dev/null +++ b/firejail/disable-exec.local @@ -0,0 +1 @@ +ignore noexec ${HOME} diff --git a/firejail/dolphin-emu.local b/firejail/dolphin-emu.local new file mode 100644 index 0000000..43c8046 --- /dev/null +++ b/firejail/dolphin-emu.local @@ -0,0 +1,4 @@ +noblacklist ${HOME}/roms + +mkdir ${HOME}/roms +whitelist ${HOME}/roms diff --git a/firejail/librewolf.local b/firejail/librewolf.local new file mode 100644 index 0000000..cede7d2 --- /dev/null +++ b/firejail/librewolf.local @@ -0,0 +1,4 @@ +noblacklist ${HOME}/dwhelper + +mkdir ${HOME}/dwhelper +whitelist ${HOME}/dwhelper diff --git a/firejail/lynx.local b/firejail/lynx.local new file mode 100644 index 0000000..acdd06c --- /dev/null +++ b/firejail/lynx.local @@ -0,0 +1,3 @@ +noblacklist /tmp/neomutt.html + +whitelist /tmp/neomutt.html diff --git a/firejail/mpv.local b/firejail/mpv.local new file mode 100644 index 0000000..b6915f0 --- /dev/null +++ b/firejail/mpv.local @@ -0,0 +1,3 @@ +whitelist ${HOME}/videos +whitelist ${HOME}/Videos +whitelist ${HOME}/Media diff --git a/firejail/neomutt.local b/firejail/neomutt.local new file mode 100644 index 0000000..ce84d3f --- /dev/null +++ b/firejail/neomutt.local @@ -0,0 +1,24 @@ +noblacklist ${HOME}/.mbsyncrc +noblacklist ${HOME}/.local/scripts +noblacklist ${HOME}/.local/share/mail +noblacklist ${HOME}/.local/share/pass +noblacklist ${HOME}/.local/share/gnupg +noblacklist /etc/ld.so.preload +noblacklist /etc/lynx.cfg +noblacklist /etc/ssl/certs/ca-certificates.crt +noblacklist /usr/share/mutt-wizard + +mkdir ${HOME}/.local/share/mail +mkdir ${HOME}/.local/share/pass +mkdir ${HOME}/.local/share/gnupg +whitelist ${HOME}/.mbsyncrc +whitelist ${HOME}/.local/scripts +whitelist ${HOME}/.local/share/mail +whitelist ${HOME}/.local/share/pass +whitelist ${HOME}/.local/share/gnupg +whitelist /etc/ld.so.preload +whitelist /etc/lynx.cfg +whitelist /etc/ssl/certs/ca-certificates.crt +whitelist /usr/share/mutt-wizard + +ignore apparmor diff --git a/firejail/nextcloud.local b/firejail/nextcloud.local new file mode 100644 index 0000000..94f4aec --- /dev/null +++ b/firejail/nextcloud.local @@ -0,0 +1,4 @@ +noblacklist ${HOME}/nc + +mkdir ${HOME}/nc +whitelist ${HOME}/nc diff --git a/firejail/qutebrowser.local b/firejail/qutebrowser.local new file mode 100644 index 0000000..82a6106 --- /dev/null +++ b/firejail/qutebrowser.local @@ -0,0 +1,4 @@ +noblacklist ${HOME}/.local/share/qutebrowser-profiles + +mkdir ${HOME}/.local/share/qutebrowser-profiles +whitelist ${HOME}/.local/share/qutebrowser-profiles diff --git a/firejail/steam.local b/firejail/steam.local new file mode 100644 index 0000000..33c6b88 --- /dev/null +++ b/firejail/steam.local @@ -0,0 +1,2 @@ +seccomp !ptrace,!mount,!name_to_handle_at,!pivot_root,!umount2,!chroot +ignore seccomp -- cgit v1.2.3