New profiles: newsbeuter, keepassxc-{cli,proxy}

9 files changed, 57 insertions, 5 deletions

diff --git a/README b/README
index 22ae557db..a4bc6363e 100644
--- a/README
+++ b/README
@@ -571,7 +571,8 @@ rusty-snake (https://github.com/rusty-snake)
         - added profiles: kid3-qt, kid3-cli, anki, utox, mp3splt, mp3wrap
         - added profiles: oggsplt, flacsplt, cheese, inkview, mp3splt-gtk
         - added profiles: ktouch, yelp, klatexformula, klatexformula_cmdl
-        - added profiles: pandoc, gnome-sound-recorder, godot
+        - added profiles: pandoc, gnome-sound-recorder, godot, newsbeuter
+        - added profiles: keepassxc-cli, keepassxc-proxy
         - many profile fixing and hardening
         - some typo fixes
         - added profile templates
diff --git a/README.md b/README.md
index 879a2eeed..fea4e9c97 100644
--- a/README.md
+++ b/README.md
@@ -111,4 +111,4 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe
 
 ## New profiles:
 
-klatexformula, klatexformula_cmdl, links, pandoc, qgis, teams-for-linux, xlinks, OpenArena, gnome-sound-recorder, godot, tcpdump, tshark
+klatexformula, klatexformula_cmdl, links, pandoc, qgis, teams-for-linux, xlinks, OpenArena, gnome-sound-recorder, godot, tcpdump, tshark, keepassxc-cli, keepassxc-proxy, newsbeuter
diff --git a/RELNOTES b/RELNOTES
index 0ecb40688..eec446dfe 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -3,7 +3,8 @@ firejail (0.9.61) baseline; urgency=low
   * profile templates
   * new profiles: qgis, klatexformula, klatexformula_cmdl, links, xlinks
   * new profiles: pandoc, teams-for-linux, OpenArena, gnome-sound-recorder
-  * new profiles: godot, tcpdump, tshark
+  * new profiles: godot, tcpdump, tshark, newsbeuter, keepassxc-cli
+  * new profiles: keepassxc-proxy
  -- netblue30 <netblue30@yahoo.com>  Sat, 1 Jun 2019 08:00:00 -0500
 
 firejail (0.9.60) baseline; urgency=low
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 356c8209c..fb7e02d0b 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -239,6 +239,7 @@ blacklist ${HOME}/.config/nano
 blacklist ${HOME}/.config/nautilus
 blacklist ${HOME}/.config/nemo
 blacklist ${HOME}/.config/netsurf
+blacklist ${HOME}/.config/newsbeuter
 blacklist ${HOME}/.config/nheko
 blacklist ${HOME}/.config/NitroShare
 blacklist ${HOME}/.config/nomacs
@@ -574,6 +575,7 @@ blacklist ${HOME}/.multimc5
 blacklist ${HOME}/.nanorc
 blacklist ${HOME}/.netactview
 blacklist ${HOME}/.neverball
+blacklist ${HOME}/.newsbeuter
 blacklist ${HOME}/.newsboat
 blacklist ${HOME}/.nv
 blacklist ${HOME}/.nylas-mail
diff --git a/etc/keepassxc-cli.profile b/etc/keepassxc-cli.profile
new file mode 100644
index 000000000..6f657e7de
--- /dev/null
+++ b/etc/keepassxc-cli.profile
@@ -0,0 +1,12 @@
+# Firejail profile for keepassxc-cli
+# Description: command line interface for KeePassXC
+# This file is overwritten after every install/update
+# Persistent local customizations
+include keepassxc-cli.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+
+
+# Redirect
+include keepassxc.profile
diff --git a/etc/keepassxc-proxy.profile b/etc/keepassxc-proxy.profile
new file mode 100644
index 000000000..79666aee2
--- /dev/null
+++ b/etc/keepassxc-proxy.profile
@@ -0,0 +1,11 @@
+# Firejail profile for keepassxc-cli
+# This file is overwritten after every install/update
+# Persistent local customizations
+include keepassxc-proxy.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+
+
+# Redirect
+include keepassxc.profile
diff --git a/etc/keepassxc.profile b/etc/keepassxc.profile
index c1adfd516..6ef02ad47 100644
--- a/etc/keepassxc.profile
+++ b/etc/keepassxc.profile
@@ -37,11 +37,11 @@ nosound
 notv
 nou2f
 novideo
-protocol netlink,unix
+protocol unix,netlink
 seccomp
 shell none
 
-private-bin keepassxc,keepassxc-proxy
+private-bin keepassxc,keepassxc-cli,keepassxc-proxy
 private-dev
 private-etc alternatives,fonts,ld.so.cache,machine-id
 private-tmp
diff --git a/etc/newsbeuter.profile b/etc/newsbeuter.profile
new file mode 100644
index 000000000..059c2156d
--- /dev/null
+++ b/etc/newsbeuter.profile
@@ -0,0 +1,21 @@
+# Firejail profile for Newsboat
+# Description: Text based Atom/RSS feed reader
+# This file is overwritten after every install/update
+# Persistent local customizations
+include newsbeuter.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+
+noblacklist ${HOME}/.config/newsbeuter
+noblacklist ${HOME}/.newsbeuter
+
+mkdir ${HOME}/.config/newsbeuter
+mkdir ${HOME}/.newsbeuter
+whitelist ${HOME}/.config/newsbeuter
+whitelist ${HOME}/.newsbeuter
+
+private-bin newsbeuter
+
+# Redirect
+include newsboat.profile
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index d1855d6f7..0f00ca275 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -301,6 +301,8 @@ keepass2
 keepassx
 keepassx2
 keepassxc
+keepassxc-cli
+keepassxc-proxy
 kget
 kid3
 kid3-cli
@@ -400,6 +402,7 @@ netactview
 nethack
 netsurf
 neverball
+newsbeuter
 newsboat
 nheko
 nitroshare
@@ -585,6 +588,7 @@ transmission-remote-gtk
 transmission-show
 tremulous
 truecraft
+tshark
 tuxguitar
 uefitool
 uget-gtk