From 5bcddbefd7e906c6292fc146b64bcb6ea445c4e2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=B2=9A=E0=B2=BF=E0=B2=B0=E0=B2=BE=E0=B2=97=E0=B3=8D=20?=
 =?UTF-8?q?=E0=B2=A8=E0=B2=9F=E0=B2=B0=E0=B2=BE=E0=B2=9C=E0=B3=8D?=
 <chiraag.nataraj@gmail.com>
Date: Tue, 28 May 2019 13:43:29 +0000
Subject: [PATCH] Add options to common.inc, start modifying profiles to get
 them working again

---
 ardour5.profile   | 3 ++-
 common.inc        | 8 +++++++-
 darktable.profile | 2 ++
 discord.profile   | 3 +++
 firefox.profile   | 5 ++++-
 flameshot.profile | 1 +
 6 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/ardour5.profile b/ardour5.profile
index e3d71f8d..df3970c2 100644
--- a/ardour5.profile
+++ b/ardour5.profile
@@ -1,4 +1,5 @@
 ignore nodbus
+ignore nosound
 
 include ${HOME}/.config/firejail/common.inc
 
@@ -12,5 +13,5 @@ whitelist ${HOME}/.config/ardour5
 whitelist ${HOME}/.lv2
 whitelist ${HOME}/.vst
 
-# private-bin sh,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,sed,ldd,nm
+private-bin sh,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,sed,ldd,nm,jackd
 # private-etc pulse,X11,alternatives,ardour4,ardour5,fonts
diff --git a/common.inc b/common.inc
index e7b928cf..1cbb0471 100644
--- a/common.inc
+++ b/common.inc
@@ -6,6 +6,12 @@ blacklist /boot
 private-tmp
 read-only /tmp/.X11-unix
 private-dev
+nodvd
+nosound
+notv
+nou2f
+novideo
+no3d
 disable-mnt
 private-opt emp
 private-srv emp
@@ -20,7 +26,6 @@ nonewprivs
 ipc-namespace
 machine-id
 nodbus
-nou2f
 nogroups
 net none
 netfilter
@@ -28,3 +33,4 @@ memory-deny-write-execute
 
 noexec ${HOME}
 noexec /tmp
+noexec ${RUNUSER}
diff --git a/darktable.profile b/darktable.profile
index f0fb4760..db7cde08 100644
--- a/darktable.profile
+++ b/darktable.profile
@@ -1,3 +1,5 @@
+ignore no3d
+
 include ${HOME}/.config/firejail/common.inc
 
 mkdir ${HOME}/.config/darktable
diff --git a/discord.profile b/discord.profile
index 5ccb2d8a..74fc9fed 100644
--- a/discord.profile
+++ b/discord.profile
@@ -1,4 +1,7 @@
 ignore net none
+ignore nosound
+ignore novideo
+ignore no3d
 ignore memory-deny-write-execute
 ignore private-tmp
 ignore apparmor
diff --git a/firefox.profile b/firefox.profile
index 407a4dd4..dcf1acb0 100644
--- a/firefox.profile
+++ b/firefox.profile
@@ -1,7 +1,10 @@
 ignore private-dev
 ignore nou2f
-ignore net
+ignore net none
 ignore nodbus
+ignore nosound
+ignore novideo
+ignore no3d
 ignore memory-deny-write-execute
 
 include ${HOME}/.config/firejail/common.inc
diff --git a/flameshot.profile b/flameshot.profile
index 074e2ea3..5b9d697e 100644
--- a/flameshot.profile
+++ b/flameshot.profile
@@ -1,4 +1,5 @@
 ignore memory-deny-write-execute
+ignore no3d
 
 include ${HOME}/.config/firejail/common.inc