use default firejail mpd profile

requires >= 0.9.52

roles/mpd/files/firejail/mpd.profile

@@ -1,11 +0,0 @@
-include /etc/firejail/globals.local
-include /etc/firejail/disable-devel.inc
-include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
-include /etc/firejail/disable-passwdmgr.inc
-
-caps.drop all
-netfilter
-nonewprivs
-noroot
-protocol unix,inet,inet6,netlink

roles/mpd/tasks/main.yml

@@ -9,10 +9,16 @@
   tags:
     - firejail
 
-- name: Push mpd firejail profile
-  copy: src=firejail/mpd.profile dest=/usr/local/etc/firejail/mpd.profile
-  notify:
-    - activate firejail profiles
+- name: Verify mpd firejail local profile exists
+  file: path=/etc/firejail/mpd.local state=touch
+  tags:
+    - firejail
+
+- name: Set mpd firejail protocols
+  lineinfile:
+    dest: /etc/firejail/mpd.local
+    regexp: "^protocol"
+    line: "protocol unix,inet,inet6,netlink"
   tags:
     - firejail