Add options to common.inc, start modifying profiles to get them worki…

…ng again
chiraag-nataraj · May 28, 2019 · 5bcddbe · 5bcddbe
1 parent f3786e4
commit 5bcddbe
Show file tree

Hide file tree

Showing 6 changed files with 19 additions and 3 deletions.
diff --git a/ardour5.profile b/ardour5.profile
@@ -1,4 +1,5 @@
 ignore nodbus
+ignore nosound
 
 include ${HOME}/.config/firejail/common.inc
 
@@ -12,5 +13,5 @@ whitelist ${HOME}/.config/ardour5
 whitelist ${HOME}/.lv2
 whitelist ${HOME}/.vst
 
-# private-bin sh,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,sed,ldd,nm
+private-bin sh,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,sed,ldd,nm,jackd
 # private-etc pulse,X11,alternatives,ardour4,ardour5,fonts
diff --git a/common.inc b/common.inc
@@ -6,6 +6,12 @@ blacklist /boot
 private-tmp
 read-only /tmp/.X11-unix
 private-dev
+nodvd
+nosound
+notv
+nou2f
+novideo
+no3d
 disable-mnt
 private-opt emp
 private-srv emp
@@ -20,11 +26,11 @@ nonewprivs
 ipc-namespace
 machine-id
 nodbus
-nou2f
 nogroups
 net none
 netfilter
 memory-deny-write-execute
 
 noexec ${HOME}
 noexec /tmp
+noexec ${RUNUSER}
diff --git a/darktable.profile b/darktable.profile
@@ -1,3 +1,5 @@
+ignore no3d
+
 include ${HOME}/.config/firejail/common.inc
 
 mkdir ${HOME}/.config/darktable

diff --git a/discord.profile b/discord.profile
@@ -1,4 +1,7 @@
 ignore net none
+ignore nosound
+ignore novideo
+ignore no3d
 ignore memory-deny-write-execute
 ignore private-tmp
 ignore apparmor

diff --git a/firefox.profile b/firefox.profile
@@ -1,7 +1,10 @@
 ignore private-dev
 ignore nou2f
-ignore net
+ignore net none
 ignore nodbus
+ignore nosound
+ignore novideo
+ignore no3d
 ignore memory-deny-write-execute
 
 include ${HOME}/.config/firejail/common.inc

diff --git a/flameshot.profile b/flameshot.profile
@@ -1,4 +1,5 @@
 ignore memory-deny-write-execute
+ignore no3d
 
 include ${HOME}/.config/firejail/common.inc