glitsj16/fj-issue-5032.profile

## fj-issue-5032.profile
# Firejail profile for issue testing
# Persistent local customizations

# https://github.com/netblue30/firejail/issues/5032
private ${HOME}/Data/jail
whitelist ${HOME}/Data/jail/Downloads

# noexec ${HOME} breaks DRM binaries
ignore noexec ${HOME}

# https://github.com/netblue30/firejail/issues/4965
ignore whitelist /usr/share/mozilla/extensions
ignore whitelist /usr/share/webext

# disable apparmor while testing
ignore apparmor

# fully allow D-Bus user access
ignore dbus-user none

# force using KDE's file dialog
env NO_CHROME_KDE_FILE_DIALOG=1

# Redirect
# extra hardening on kernels allowing unprivileged userns clone
include chromium-common-hardened.inc.profile
include chromium.profile
	# Firejail profile for issue testing
	# Persistent local customizations

	# https://github.com/netblue30/firejail/issues/5032
	private ${HOME}/Data/jail
	whitelist ${HOME}/Data/jail/Downloads

	# noexec ${HOME} breaks DRM binaries
	ignore noexec ${HOME}

	# https://github.com/netblue30/firejail/issues/4965
	ignore whitelist /usr/share/mozilla/extensions
	ignore whitelist /usr/share/webext

	# disable apparmor while testing
	ignore apparmor

	# fully allow D-Bus user access
	ignore dbus-user none

	# force using KDE's file dialog
	env NO_CHROME_KDE_FILE_DIALOG=1

	# Redirect
	# extra hardening on kernels allowing unprivileged userns clone
	include chromium-common-hardened.inc.profile
	include chromium.profile