Merge pull request #1853 from glitsj16/gnome-logs

Create gnome-logs.profile
author: SkewedZeppelin <8296104+SkewedZeppelin@users.noreply.github.com> 2018-04-01 06:13:40 -0400
committer: GitHub <noreply@github.com> 2018-04-01 06:13:40 -0400
commit: 11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46 (patch)
tree: cef1104fd030c8054f18f4c61c362ea93ab7a472
parent: Disable mdwe in bleachbit - fix #1850. (diff)
parent: Cleanup gnome-logs (diff)
download: firejail-11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46.tar.gz
firejail-11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46.tar.zst
firejail-11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46.zip
5 files changed, 44 insertions, 3 deletions
diff --git a/README b/README
index ff0500504..124f40219 100644
--- a/README
+++ b/README
@@ -246,7 +246,7 @@ geg2048 (https://github.com/geg2048)
        - kwallet profile fixes
 glitsj16 (https://github.com/glitsj16)
        - evince-previewer, evince-thumbnailer profiles
-        - gnome-recipes profile
+        - gnome-recipes, gnome-logs profiles
 graywolf (https://github.com/graywolf)
        - spelling fix
 greigdp (https://github.com/greigdp)
diff --git a/README.md b/README.md
index 277517d34..27f4c2fc4 100644
--- a/README.md
+++ b/README.md
@@ -308,4 +308,4 @@ Basilisk browser, Tor Browser language packs, PlayOnLinux, sylpheed, discord-can
 pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing, Kaffeine, pdfchain,
 tilp, vivaldi-snapshot, bitcoin-qt, VS Code, falkon, gnome-builder, lobase, asunder,
 gnome-recipes, akonadi_control, evince-previewer, evince-thumbnailer, blender-2.8,
-thunderbird-beta, ncdu
+thunderbird-beta, ncdu, gnome-logs
diff --git a/RELNOTES b/RELNOTES
index 91fb87b15..f62f6d674 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -30,7 +30,7 @@ firejail (0.9.53) baseline; urgency=low
  * new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine,
  * new profiles: falkon, gnome-builder, asunder, VS Code, gnome-recipes
  * new profiles: akonadi_controle, evince-previewer, evince-thumbnailer,
-  * new profiles: blender-2.8, thunderbird-beta, ncdu
+  * new profiles: blender-2.8, thunderbird-beta, ncdu, gnome-logs
 -- netblue30 <netblue30@yahoo.com>  Thu, 1 Mar 2018 08:00:00 -0500
 firejail (0.9.52) baseline; urgency=low
diff --git a/etc/gnome-logs.profile b/etc/gnome-logs.profile
new file mode 100644
index 000000000..7e7902dff
--- /dev/null
+++ b/etc/gnome-logs.profile
@@ -0,0 +1,40 @@
+# Firejail profile for gnome-logs
+# This file is overwritten after every install/update
+# Persistent local customizations
+include /etc/firejail/gnome-logs.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+whitelist /var/log/journal
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+net none
+no3d
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix
+seccomp
+shell none
+disable-mnt
+private-bin gnome-logs
+private-dev
+#private-etc fonts
+#private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.4,librsvg-2.so.2
+private-tmp
+writable-var-log
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 2f4884105..a5eca096b 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -154,6 +154,7 @@ gnome-clocks
 gnome-contacts
 gnome-documents
 gnome-font-viewer
+gnome-logs
 gnome-maps
 gnome-mplayer
 gnome-music
author	SkewedZeppelin <8296104+SkewedZeppelin@users.noreply.github.com>	2018-04-01 06:13:40 -0400
committer	GitHub <noreply@github.com>	2018-04-01 06:13:40 -0400
commit	11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46 (patch)
tree	cef1104fd030c8054f18f4c61c362ea93ab7a472
parent	Disable mdwe in bleachbit - fix #1850. (diff)
parent	Cleanup gnome-logs (diff)
download	firejail-11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46.tar.gz firejail-11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46.tar.zst firejail-11897ac3b1a77e68f1f6e3cb33d86c8bc9324d46.zip

diff --git a/README b/README index ff0500504..124f40219 100644 --- a/README +++ b/README
@@ -246,7 +246,7 @@ geg2048 (https://github.com/geg2048)
246	- kwallet profile fixes	246	- kwallet profile fixes
247	glitsj16 (https://github.com/glitsj16)	247	glitsj16 (https://github.com/glitsj16)
248	- evince-previewer, evince-thumbnailer profiles	248	- evince-previewer, evince-thumbnailer profiles
249	- gnome-recipes profile	249	- gnome-recipes, gnome-logs profiles
250	graywolf (https://github.com/graywolf)	250	graywolf (https://github.com/graywolf)
251	- spelling fix	251	- spelling fix
252	greigdp (https://github.com/greigdp)	252	greigdp (https://github.com/greigdp)


diff --git a/README.md b/README.md index 277517d34..27f4c2fc4 100644 --- a/README.md +++ b/README.md
@@ -308,4 +308,4 @@ Basilisk browser, Tor Browser language packs, PlayOnLinux, sylpheed, discord-can
308	pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing, Kaffeine, pdfchain,	308	pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing, Kaffeine, pdfchain,
309	tilp, vivaldi-snapshot, bitcoin-qt, VS Code, falkon, gnome-builder, lobase, asunder,	309	tilp, vivaldi-snapshot, bitcoin-qt, VS Code, falkon, gnome-builder, lobase, asunder,
310	gnome-recipes, akonadi_control, evince-previewer, evince-thumbnailer, blender-2.8,	310	gnome-recipes, akonadi_control, evince-previewer, evince-thumbnailer, blender-2.8,
311	thunderbird-beta, ncdu	311	thunderbird-beta, ncdu, gnome-logs


diff --git a/RELNOTES b/RELNOTES index 91fb87b15..f62f6d674 100644 --- a/RELNOTES +++ b/RELNOTES
@@ -30,7 +30,7 @@ firejail (0.9.53) baseline; urgency=low
30	* new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine,	30	* new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine,
31	* new profiles: falkon, gnome-builder, asunder, VS Code, gnome-recipes	31	* new profiles: falkon, gnome-builder, asunder, VS Code, gnome-recipes
32	* new profiles: akonadi_controle, evince-previewer, evince-thumbnailer,	32	* new profiles: akonadi_controle, evince-previewer, evince-thumbnailer,
33	* new profiles: blender-2.8, thunderbird-beta, ncdu	33	* new profiles: blender-2.8, thunderbird-beta, ncdu, gnome-logs
34	-- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500	34	-- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500
35		35
36	firejail (0.9.52) baseline; urgency=low	36	firejail (0.9.52) baseline; urgency=low


diff --git a/etc/gnome-logs.profile b/etc/gnome-logs.profile new file mode 100644 index 000000000..7e7902dff --- /dev/null +++ b/etc/gnome-logs.profile
@@ -0,0 +1,40 @@
		1	# Firejail profile for gnome-logs
		2	# This file is overwritten after every install/update
		3	# Persistent local customizations
		4	include /etc/firejail/gnome-logs.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
		7
		8	include /etc/firejail/disable-common.inc
		9	include /etc/firejail/disable-devel.inc
		10	include /etc/firejail/disable-passwdmgr.inc
		11	include /etc/firejail/disable-programs.inc
		12
		13	whitelist /var/log/journal
		14	include /etc/firejail/whitelist-var-common.inc
		15
		16	caps.drop all
		17	net none
		18	no3d
		19	nodbus
		20	nodvd
		21	nogroups
		22	nonewprivs
		23	noroot
		24	nosound
		25	notv
		26	novideo
		27	protocol unix
		28	seccomp
		29	shell none
		30
		31	disable-mnt
		32	private-bin gnome-logs
		33	private-dev
		34	#private-etc fonts
		35	#private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.4,librsvg-2.so.2
		36	private-tmp
		37	writable-var-log
		38
		39	noexec ${HOME}
		40	noexec /tmp


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 2f4884105..a5eca096b 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -154,6 +154,7 @@ gnome-clocks
154	gnome-contacts	154	gnome-contacts
155	gnome-documents	155	gnome-documents
156	gnome-font-viewer	156	gnome-font-viewer
		157	gnome-logs
157	gnome-maps	158	gnome-maps
158	gnome-mplayer	159	gnome-mplayer
159	gnome-music	160	gnome-music