diff options
author | smitsohu <smitsohu@gmail.com> | 2018-03-28 16:54:14 +0200 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-03-28 16:54:14 +0200 |
commit | 904908e09b67e8891d357525975bb175661bb25d (patch) | |
tree | fa21aae5a3513510f57e8453065e12c07957c631 | |
parent | Enable nodbus for keepassx and keepassxc profiles. (diff) | |
download | firejail-904908e09b67e8891d357525975bb175661bb25d.tar.gz firejail-904908e09b67e8891d357525975bb175661bb25d.tar.zst firejail-904908e09b67e8891d357525975bb175661bb25d.zip |
various blacklist additions
-rw-r--r-- | etc/atril.profile | 1 | ||||
-rw-r--r-- | etc/disable-programs.inc | 6 | ||||
-rw-r--r-- | etc/inkscape.profile | 4 | ||||
-rw-r--r-- | etc/kate.profile | 1 | ||||
-rw-r--r-- | etc/kmail.profile | 1 | ||||
-rw-r--r-- | etc/krunner.profile | 2 | ||||
-rw-r--r-- | etc/vlc.profile | 1 |
7 files changed, 14 insertions, 2 deletions
diff --git a/etc/atril.profile b/etc/atril.profile index a05f11076..8b30e96ac 100644 --- a/etc/atril.profile +++ b/etc/atril.profile | |||
@@ -5,6 +5,7 @@ include /etc/firejail/atril.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/atril | ||
8 | noblacklist ${HOME}/.config/atril | 9 | noblacklist ${HOME}/.config/atril |
9 | 10 | ||
10 | #noblacklist ${HOME}/.local/share | 11 | #noblacklist ${HOME}/.local/share |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 96cc9b48c..3842a46f1 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -138,6 +138,7 @@ blacklist ${HOME}/.config/itch | |||
138 | blacklist ${HOME}/.config/jd-gui.cfg | 138 | blacklist ${HOME}/.config/jd-gui.cfg |
139 | blacklist ${HOME}/.config/k3brc | 139 | blacklist ${HOME}/.config/k3brc |
140 | blacklist ${HOME}/.config/kaffeinerc | 140 | blacklist ${HOME}/.config/kaffeinerc |
141 | blacklist ${HOME}/.config/katemetainfos | ||
141 | blacklist ${HOME}/.config/katepartrc | 142 | blacklist ${HOME}/.config/katepartrc |
142 | blacklist ${HOME}/.config/katerc | 143 | blacklist ${HOME}/.config/katerc |
143 | blacklist ${HOME}/.config/kateschemarc | 144 | blacklist ${HOME}/.config/kateschemarc |
@@ -507,6 +508,7 @@ blacklist ${HOME}/.cache/INRIA | |||
507 | blacklist ${HOME}/.cache/MusicBrainz | 508 | blacklist ${HOME}/.cache/MusicBrainz |
508 | blacklist ${HOME}/.cache/QuiteRss | 509 | blacklist ${HOME}/.cache/QuiteRss |
509 | blacklist ${HOME}/.cache/akonadi* | 510 | blacklist ${HOME}/.cache/akonadi* |
511 | blacklist ${HOME}/.cache/atril | ||
510 | blacklist ${HOME}/.cache/attic | 512 | blacklist ${HOME}/.cache/attic |
511 | blacklist ${HOME}/.cache/borg | 513 | blacklist ${HOME}/.cache/borg |
512 | blacklist ${HOME}/.cache/calibre | 514 | blacklist ${HOME}/.cache/calibre |
@@ -529,11 +531,14 @@ blacklist ${HOME}/.cache/google-chrome-unstable | |||
529 | blacklist ${HOME}/.cache/gnome-twitch | 531 | blacklist ${HOME}/.cache/gnome-twitch |
530 | blacklist ${HOME}/.cache/icedove | 532 | blacklist ${HOME}/.cache/icedove |
531 | blacklist ${HOME}/.cache/INRIA/Natron | 533 | blacklist ${HOME}/.cache/INRIA/Natron |
534 | blacklist ${HOME}/.cache/inkscape | ||
532 | blacklist ${HOME}/.cache/inox | 535 | blacklist ${HOME}/.cache/inox |
533 | blacklist ${HOME}/.cache/iridium | 536 | blacklist ${HOME}/.cache/iridium |
534 | blacklist ${HOME}/.cache/kdenlive | 537 | blacklist ${HOME}/.cache/kdenlive |
535 | blacklist ${HOME}/.cache/kinfocenter | 538 | blacklist ${HOME}/.cache/kinfocenter |
539 | blacklist ${HOME}/.cache/kmail2 | ||
536 | blacklist ${HOME}/.cache/krunner | 540 | blacklist ${HOME}/.cache/krunner |
541 | blacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite | ||
537 | blacklist ${HOME}/.cache/kscreenlocker_greet | 542 | blacklist ${HOME}/.cache/kscreenlocker_greet |
538 | blacklist ${HOME}/.cache/ksmserver-logout-greeter | 543 | blacklist ${HOME}/.cache/ksmserver-logout-greeter |
539 | blacklist ${HOME}/.cache/ksplashqml | 544 | blacklist ${HOME}/.cache/ksplashqml |
@@ -566,6 +571,7 @@ blacklist ${HOME}/.cache/torbrowser | |||
566 | blacklist ${HOME}/.cache/transmission | 571 | blacklist ${HOME}/.cache/transmission |
567 | blacklist ${HOME}/.cache/vivaldi | 572 | blacklist ${HOME}/.cache/vivaldi |
568 | blacklist ${HOME}/.cache/vivaldi-snapshot | 573 | blacklist ${HOME}/.cache/vivaldi-snapshot |
574 | blacklist ${HOME}/.cache/vlc | ||
569 | blacklist ${HOME}/.cache/waterfox | 575 | blacklist ${HOME}/.cache/waterfox |
570 | blacklist ${HOME}/.cache/wesnoth | 576 | blacklist ${HOME}/.cache/wesnoth |
571 | blacklist ${HOME}/.cache/xmms2 | 577 | blacklist ${HOME}/.cache/xmms2 |
diff --git a/etc/inkscape.profile b/etc/inkscape.profile index 6e669ea2c..b50d6d7c3 100644 --- a/etc/inkscape.profile +++ b/etc/inkscape.profile | |||
@@ -5,9 +5,9 @@ include /etc/firejail/inkscape.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.inkscape | 8 | noblacklist ${HOME}/.cache/inkscape |
9 | noblacklist ${HOME}/.config/inkscape | 9 | noblacklist ${HOME}/.config/inkscape |
10 | 10 | noblacklist ${HOME}/.inkscape | |
11 | 11 | ||
12 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
13 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/kate.profile b/etc/kate.profile index 5042077e5..6808aa875 100644 --- a/etc/kate.profile +++ b/etc/kate.profile | |||
@@ -7,6 +7,7 @@ include /etc/firejail/globals.local | |||
7 | 7 | ||
8 | # blacklist /run/user/*/bus | 8 | # blacklist /run/user/*/bus |
9 | 9 | ||
10 | noblacklist ${HOME}/.config/katemetainfos | ||
10 | noblacklist ${HOME}/.config/katepartrc | 11 | noblacklist ${HOME}/.config/katepartrc |
11 | noblacklist ${HOME}/.config/katerc | 12 | noblacklist ${HOME}/.config/katerc |
12 | noblacklist ${HOME}/.config/kateschemarc | 13 | noblacklist ${HOME}/.config/kateschemarc |
diff --git a/etc/kmail.profile b/etc/kmail.profile index e33eae84f..f095b5853 100644 --- a/etc/kmail.profile +++ b/etc/kmail.profile | |||
@@ -9,6 +9,7 @@ include /etc/firejail/globals.local | |||
9 | # one solution is to have akonadi already running when kmail is started | 9 | # one solution is to have akonadi already running when kmail is started |
10 | 10 | ||
11 | noblacklist ${HOME}/.cache/akonadi* | 11 | noblacklist ${HOME}/.cache/akonadi* |
12 | noblacklist ${HOME}/.cache/kmail2 | ||
12 | noblacklist ${HOME}/.config/akonadi* | 13 | noblacklist ${HOME}/.config/akonadi* |
13 | noblacklist ${HOME}/.config/baloorc | 14 | noblacklist ${HOME}/.config/baloorc |
14 | noblacklist ${HOME}/.config/emailidentities | 15 | noblacklist ${HOME}/.config/emailidentities |
diff --git a/etc/krunner.profile b/etc/krunner.profile index 1e97f4290..8382a5c66 100644 --- a/etc/krunner.profile +++ b/etc/krunner.profile | |||
@@ -10,10 +10,12 @@ include /etc/firejail/globals.local | |||
10 | # with its own profile, if it is sandboxed automatically. | 10 | # with its own profile, if it is sandboxed automatically. |
11 | 11 | ||
12 | # noblacklist ${HOME}/.cache/krunner | 12 | # noblacklist ${HOME}/.cache/krunner |
13 | # noblacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite | ||
13 | noblacklist ${HOME}/.config/krunnerrc | 14 | noblacklist ${HOME}/.config/krunnerrc |
14 | noblacklist ${HOME}/.kde/share/config/krunnerrc | 15 | noblacklist ${HOME}/.kde/share/config/krunnerrc |
15 | noblacklist ${HOME}/.kde4/share/config/krunnerrc | 16 | noblacklist ${HOME}/.kde4/share/config/krunnerrc |
16 | # noblacklist ${HOME}/.local/share/baloo | 17 | # noblacklist ${HOME}/.local/share/baloo |
18 | # noblacklist ${HOME}/.mozilla | ||
17 | 19 | ||
18 | include /etc/firejail/disable-common.inc | 20 | include /etc/firejail/disable-common.inc |
19 | # include /etc/firejail/disable-devel.inc | 21 | # include /etc/firejail/disable-devel.inc |
diff --git a/etc/vlc.profile b/etc/vlc.profile index dad9a9ae1..2817154bd 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
@@ -5,6 +5,7 @@ include /etc/firejail/vlc.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/vlc | ||
8 | noblacklist ${HOME}/.config/vlc | 9 | noblacklist ${HOME}/.config/vlc |
9 | noblacklist ${HOME}/.local/share/vlc | 10 | noblacklist ${HOME}/.local/share/vlc |
10 | 11 | ||