diff options
author | Kobaxidze256 <t@gtk.ge> | 2023-03-15 12:26:12 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-03-15 12:26:12 +0000 |
commit | 58732a65458b368ec8cddde7deff3ec1dfbda4b7 (patch) | |
tree | 9ff3286906875ddf1ef27966e919cc4b7c44caf2 | |
parent | fix ani-cli.profile (#5733) (diff) | |
download | firejail-58732a65458b368ec8cddde7deff3ec1dfbda4b7.tar.gz firejail-58732a65458b368ec8cddde7deff3ec1dfbda4b7.tar.zst firejail-58732a65458b368ec8cddde7deff3ec1dfbda4b7.zip |
Add profiles for jami and postman (#5691)
-rw-r--r-- | etc/inc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/profile-a-l/jami.profile | 18 | ||||
-rw-r--r-- | etc/profile-m-z/Postman.profile | 10 | ||||
-rw-r--r-- | etc/profile-m-z/postman.profile | 28 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 3 |
5 files changed, 62 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 71b513935..c7e2f2ca9 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -320,6 +320,7 @@ blacklist ${HOME}/.config/PacmanLogViewer | |||
320 | blacklist ${HOME}/.config/PawelStolowski | 320 | blacklist ${HOME}/.config/PawelStolowski |
321 | blacklist ${HOME}/.config/Philipp Schmieder | 321 | blacklist ${HOME}/.config/Philipp Schmieder |
322 | blacklist ${HOME}/.config/Pinta | 322 | blacklist ${HOME}/.config/Pinta |
323 | blacklist ${HOME}/.config/Postman | ||
323 | blacklist ${HOME}/.config/QGIS | 324 | blacklist ${HOME}/.config/QGIS |
324 | blacklist ${HOME}/.config/QMediathekView | 325 | blacklist ${HOME}/.config/QMediathekView |
325 | blacklist ${HOME}/.config/QQ | 326 | blacklist ${HOME}/.config/QQ |
@@ -480,6 +481,7 @@ blacklist ${HOME}/.config/inox | |||
480 | blacklist ${HOME}/.config/iridium | 481 | blacklist ${HOME}/.config/iridium |
481 | blacklist ${HOME}/.config/itch | 482 | blacklist ${HOME}/.config/itch |
482 | blacklist ${HOME}/.config/jami | 483 | blacklist ${HOME}/.config/jami |
484 | blacklist ${HOME}/.config/jami.net | ||
483 | blacklist ${HOME}/.config/jd-gui.cfg | 485 | blacklist ${HOME}/.config/jd-gui.cfg |
484 | blacklist ${HOME}/.config/jgit | 486 | blacklist ${HOME}/.config/jgit |
485 | blacklist ${HOME}/.config/k3brc | 487 | blacklist ${HOME}/.config/k3brc |
@@ -1183,6 +1185,7 @@ blacklist ${HOME}/Arduino | |||
1183 | blacklist ${HOME}/Monero/wallets | 1185 | blacklist ${HOME}/Monero/wallets |
1184 | blacklist ${HOME}/Nextcloud | 1186 | blacklist ${HOME}/Nextcloud |
1185 | blacklist ${HOME}/Nextcloud/Notes | 1187 | blacklist ${HOME}/Nextcloud/Notes |
1188 | blacklist ${HOME}/Postman | ||
1186 | blacklist ${HOME}/Seafile/.seafile-data | 1189 | blacklist ${HOME}/Seafile/.seafile-data |
1187 | blacklist ${HOME}/SoftMaker | 1190 | blacklist ${HOME}/SoftMaker |
1188 | blacklist ${HOME}/Standard Notes Backups | 1191 | blacklist ${HOME}/Standard Notes Backups |
diff --git a/etc/profile-a-l/jami.profile b/etc/profile-a-l/jami.profile new file mode 100644 index 000000000..deff54bcd --- /dev/null +++ b/etc/profile-a-l/jami.profile | |||
@@ -0,0 +1,18 @@ | |||
1 | # Firejail profile for jami | ||
2 | # Description: An encrypted peer-to-peer messenger | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include jami.local | ||
6 | # Persistent global definitions | ||
7 | # added by caller profile | ||
8 | #include globals.local | ||
9 | |||
10 | noblacklist ${HOME}/.config/jami.net | ||
11 | |||
12 | mkdir ${HOME}/.config/jami.net | ||
13 | mkdir ${HOME}/Videos/Jami | ||
14 | whitelist ${HOME}/.config/jami.net | ||
15 | whitelist ${HOME}/Videos/Jami | ||
16 | |||
17 | # Redirect | ||
18 | include jami-gnome.profile | ||
diff --git a/etc/profile-m-z/Postman.profile b/etc/profile-m-z/Postman.profile new file mode 100644 index 000000000..d08acf60b --- /dev/null +++ b/etc/profile-m-z/Postman.profile | |||
@@ -0,0 +1,10 @@ | |||
1 | # Firejail profile for Postman | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include Postman.local | ||
5 | # Persistent global definitions | ||
6 | # added by included profile | ||
7 | #include globals.local | ||
8 | |||
9 | # Redirect | ||
10 | include postman.profile | ||
diff --git a/etc/profile-m-z/postman.profile b/etc/profile-m-z/postman.profile new file mode 100644 index 000000000..c8f00584d --- /dev/null +++ b/etc/profile-m-z/postman.profile | |||
@@ -0,0 +1,28 @@ | |||
1 | # Firejail profile for postman | ||
2 | # Description: API testing platform | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include postman.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/Postman | ||
10 | noblacklist ${HOME}/Postman | ||
11 | |||
12 | mkdir ${HOME}/.config/Postman | ||
13 | mkdir ${HOME}/Postman | ||
14 | whitelist ${HOME}/.config/Postman | ||
15 | whitelist ${HOME}/Postman | ||
16 | include whitelist-run-common.inc | ||
17 | |||
18 | protocol unix,inet,inet6,netlink | ||
19 | |||
20 | private-bin electron,electron[0-9],electron[0-9][0-9],locale,node,Postman,postman,sh | ||
21 | private-etc alternatives,ca-certificates,crypto-policies,fonts,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,nsswitch.conf,pki,resolv.conf,ssl | ||
22 | # private-opt breaks file-copy-limit, use a whitelist instead of draining RAM | ||
23 | # https://github.com/netblue30/firejail/discussions/5307 | ||
24 | #private-opt postman | ||
25 | whitelist /opt/postman | ||
26 | |||
27 | # Redirect | ||
28 | include electron-common.profile | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 2e176d2cd..2b4785fd4 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -25,6 +25,7 @@ Natron | |||
25 | PCSX2 | 25 | PCSX2 |
26 | PPSSPPQt | 26 | PPSSPPQt |
27 | PPSSPPSDL | 27 | PPSSPPSDL |
28 | Postman | ||
28 | QMediathekView | 29 | QMediathekView |
29 | QOwnNotes | 30 | QOwnNotes |
30 | Screenshot | 31 | Screenshot |
@@ -421,6 +422,7 @@ ipcalc | |||
421 | ipcalc-ng | 422 | ipcalc-ng |
422 | iridium | 423 | iridium |
423 | iridium-browser | 424 | iridium-browser |
425 | jami | ||
424 | jd-gui | 426 | jd-gui |
425 | jdownloader | 427 | jdownloader |
426 | jerry | 428 | jerry |
@@ -682,6 +684,7 @@ plv | |||
682 | pngquant | 684 | pngquant |
683 | polari | 685 | polari |
684 | porn-cli | 686 | porn-cli |
687 | postman | ||
685 | ppsspp | 688 | ppsspp |
686 | pragha | 689 | pragha |
687 | presentations18 | 690 | presentations18 |