API tools faq
paste
Advertisement
Tritonio

Barony firejail profile

Tritonio
Jun 26th, 2019
149
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.69 KB | None | 0 0
raw download clone embed print report
  1. # Persistent global definitions
  2. include globals.local
  3.  
  4. noblacklist ${HOME}/GOG Games
  5. noblacklist ${HOME}/.barony
  6.  
  7. include disable-common.inc
  8. include disable-devel.inc
  9. include disable-interpreters.inc
  10. include disable-passwdmgr.inc
  11. include disable-programs.inc
  12.  
  13. mkdir ${HOME}/.barony
  14. whitelist ${HOME}/.barony
  15. whitelist ${HOME}/GOG Games
  16. include whitelist-common.inc
  17. include whitelist-var-common.inc
  18.  
  19. caps.drop all
  20. machine-id
  21. netfilter
  22. #no3d
  23. nodvd
  24. nogroups
  25. nonewprivs
  26. noroot
  27. #nosound
  28. notv
  29. nou2f
  30. novideo
  31. protocol unix,inet,inet6,netlink
  32. seccomp
  33. shell none
  34.  
  35. # private-bin
  36. private-dev
  37. # private-lib - problems on Arch
  38. private-tmp
  39.  
  40. # memory-deny-write-execute
  41. noexec /tmp
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!