Refactor electron.profile and electron based programs

[rusty-snake]

• [x] Allow chrome-sandbox

Add caps.keep sys_admin,sys_chroot to electron.profile and remove the following. Additional add #include chromium-common-hardened.inc with a note.

caps.drop all
nonewprivs
noroot
protocol unix,inet,inet6,netlink
seccomp

• [x] Move include whitelist-common.inc to electron.profile
• [x] Discover which command are common enough to be part of electron.profile. Consider these:
  • [x] include disable-devel.inc
  • [x] include disable-exec.inc
  • [x] include disable-interpreters.inc
  • [x] include disable-xdg.inc
  • [x] shell none
  • [x] ~private-bin electron[0-9],electron[0-9][0-9]~
  • [x] nou2f
  • [x] novideo
  • [x] private-tmp
  • [x] include whitelist-var-common.inc
  • [x] include whitelist-usr-share-common.inc
  • [x] include whitelist-runuser-common.inc
  • [x] disable-mnt
  • [x] private-cache
  • [x] private-dev
• [x] consistent include globals.local
• [x] Make all electron based programs, electron redirect profiles. Current redirect profiles are below. If you know any missing post it.

$ grep -l "include electron.profile" /etc/firejail/*.profile
/etc/firejail/beaker.profile
/etc/firejail/freetube.profile
/etc/firejail/jitsi-meet-desktop.profile
/etc/firejail/nuclear.profile
/etc/firejail/riot-web.profile
/etc/firejail/rocketchat.profile
/etc/firejail/teams-for-linux.profile
/etc/firejail/teams.profile
/etc/firejail/twitch.profile
/etc/firejail/whalebird.profile
/etc/firejail/wire-desktop.profile
/etc/firejail/youtubemusic-nativefier.profile
/etc/firejail/youtube.profile
/etc/firejail/ytmdesktop.profile

Needs update:

• [x] beaker.profile
• [x] freetube.profile
• [x] jitsi-meet-desktop.profile
• [x] nuclear.profile
• [x] riot-web.profile
• [x] rocketchat.profile
• [x] teams-for-linux.profile
• [x] teams.profile
• [x] twitch.profile
• [x] whalebird.profile
• [x] wire-desktop.profile
• [x] youtubemusic-nativefier.profile
• [x] youtube.profile
• [x] ytmdesktop.profile

[rusty-snake]

• [x] atom
• [x] slack
• [x] signal-desktop
• [x] skypeforlinux
• [x] github-desktop
• [x] discord-common
• [x] zoom

[glitsj16]

Very nice idea :+1:, love it.

[rusty-snake]

• [x] bitwarden
• [x] code
• [x] mattermost-desktop