Created
January 18, 2019 17:10
-
-
Save fl64/e2e9db2d9be905fc2faf8972071264f2 to your computer and use it in GitHub Desktop.
Chromium firejail profile ~/.config/firejail/chromium-browser.profile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Firejail profile for chromium | |
| # This file is overwritten after every install/update | |
| # Persistent local customizations | |
| include /etc/firejail/chromium.local | |
| # Persistent global definitions | |
| include /etc/firejail/globals.local | |
| noblacklist ${HOME}/.cache/chromium | |
| noblacklist ${HOME}/.config/chromium | |
| noblacklist ${HOME}/.config/chromium-flags.conf | |
| noblacklist ${HOME}/.pki | |
| include /etc/firejail/disable-common.inc | |
| include /etc/firejail/disable-devel.inc | |
| include /etc/firejail/disable-programs.inc | |
| mkdir ${HOME}/.cache/chromium | |
| mkdir ${HOME}/.config/chromium | |
| mkdir ${HOME}/.pki | |
| whitelist ${DOWNLOADS} | |
| whitelist ${HOME}/.cache/chromium | |
| whitelist ${HOME}/.config/chromium | |
| whitelist ${HOME}/.config/chromium-flags.conf | |
| whitelist ${HOME}/.pki | |
| include /etc/firejail/whitelist-common.inc | |
| include /etc/firejail/whitelist-var-common.inc | |
| caps.keep sys_chroot,sys_admin | |
| netfilter | |
| #nodbus | |
| nodvd | |
| nogroups | |
| notv | |
| shell none | |
| disable-mnt | |
| # private-bin chromium,chromium-browser,chromedriver | |
| # private-dev disabled for u2f keys. | |
| # private-dev | |
| # private-tmp - problems with multiple browser sessions | |
| noexec ${HOME} | |
| noexec /tmp | |
| # the file dialog needs to work without d-bus | |
| #env NO_CHROME_KDE_FILE_DIALOG=1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment