diff options
author | Aqua-sama <aqua@iserlohn-fortress.net> | 2018-07-22 13:29:14 +0200 |
---|---|---|
committer | Aqua-sama <aqua@iserlohn-fortress.net> | 2018-07-22 13:29:14 +0200 |
commit | f005690d55bbbfb9658693454ae45e3e53e914a3 (patch) | |
tree | ee10944cdfa7bddab04ec357e156ae5ddca6cd50 /paradox-launcher.local | |
parent | [paradox-launcher] Update pkgver (diff) | |
download | paradox-launcher-f005690d55bbbfb9658693454ae45e3e53e914a3.tar.xz |
Add firejail profile
Diffstat (limited to 'paradox-launcher.local')
-rw-r--r-- | paradox-launcher.local | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/paradox-launcher.local b/paradox-launcher.local new file mode 100644 index 0000000..2f7caca --- /dev/null +++ b/paradox-launcher.local @@ -0,0 +1,48 @@ +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-interpreters.inc +include /etc/firejail/disable-passwdmgr.inc +include /etc/firejail/disable-programs.inc + +mkdir ${HOME}/.cache/paradox-launcher +whitelist ${HOME}/.cache/paradox-launcher +mkdir ${HOME}/.config/MonoGame +whitelist ${HOME}/.config/MonoGame +mkdir ${HOME}/.config/unity3d +whitelist ${HOME}/.config/unity3d +mkdir ${HOME}/.local/share/Colossal Order +whitelist ${HOME}/.local/share/Colossal Order +mkdir ${HOME}/.local/share/Paradox Interactive +whitelist ${HOME}/.local/share/Paradox Interactive +mkdir ${HOME}/.paradox-launcher +whitelist ${HOME}/.paradox-launcher +mkdir ${HOME}/.paradoxinteractive +whitelist ${HOME}/.paradoxinteractive +whitelist /opt/paradox-launcher + +caps.drop all +ipc-namespace +machine-id +# net none +netfilter +# no3d +nodvd +nogroups +nonewprivs +noroot +notv +novideo +# protocol unix +protocol unix,inet,inet6 +seccomp +shell none +tracelog + +memory-deny-write-execute +disable-mnt +private-dev +private-etc asound.conf,machine-id,pulse,resolv.conf +private-tmp + +# noexec ${HOME} +# noexec /tmp |