diff options
author | netblue30 <netblue30@yahoo.com> | 2016-07-11 07:23:12 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-07-11 07:23:12 -0400 |
commit | 12f2368f8136d2e28900f49e89180746cedb2abc (patch) | |
tree | c3494a56fc7c1193e7c298981e0a4c688043d331 | |
parent | removed snap from firecfg list (diff) | |
parent | extra Jitsi files (diff) | |
download | firejail-12f2368f8136d2e28900f49e89180746cedb2abc.tar.gz firejail-12f2368f8136d2e28900f49e89180746cedb2abc.tar.zst firejail-12f2368f8136d2e28900f49e89180746cedb2abc.zip |
Merge pull request #628 from Fred-Barclay/jitsi
Jitsi
-rw-r--r-- | Makefile.in | 1 | ||||
-rw-r--r-- | README | 1 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/jitsi.profile | 16 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
8 files changed, 23 insertions, 2 deletions
diff --git a/Makefile.in b/Makefile.in index a5a3d7da9..181f30538 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -222,6 +222,7 @@ realinstall: | |||
222 | install -c -m 0644 .etc/Telegram.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 222 | install -c -m 0644 .etc/Telegram.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
223 | install -c -m 0644 .etc/atom-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 223 | install -c -m 0644 .etc/atom-beta.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
224 | install -c -m 0644 .etc/atom.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 224 | install -c -m 0644 .etc/atom.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
225 | install -c -m 0644 .etc/jitsi.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
225 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 226 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
226 | install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/. | 227 | install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/. |
227 | rm -fr .etc | 228 | rm -fr .etc |
@@ -57,6 +57,7 @@ Fred-Barclay (https://github.com/Fred-Barclay) | |||
57 | - added Atom Beta and Atom profiles | 57 | - added Atom Beta and Atom profiles |
58 | - tightened 0ad, atril, evince, gthumb, pix, qtox, and xreader profiles. | 58 | - tightened 0ad, atril, evince, gthumb, pix, qtox, and xreader profiles. |
59 | - several private-bin conversions | 59 | - several private-bin conversions |
60 | - added jitsi profile | ||
60 | Jaykishan Mutkawoa (https://github.com/jmutkawoa) | 61 | Jaykishan Mutkawoa (https://github.com/jmutkawoa) |
61 | - cpio profile | 62 | - cpio profile |
62 | Paupiah Yash (https://github.com/CaffeinatedStud) | 63 | Paupiah Yash (https://github.com/CaffeinatedStud) |
@@ -135,5 +135,5 @@ Browsers: Palemoon | |||
135 | 135 | ||
136 | ## New security profiles | 136 | ## New security profiles |
137 | 137 | ||
138 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less, Atom Beta, Atom | 138 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less, Atom Beta, Atom, jitsi |
139 | 139 | ||
@@ -13,7 +13,7 @@ firejail (0.9.41) baseline; urgency=low | |||
13 | * some profiles have been converted to private-bin | 13 | * some profiles have been converted to private-bin |
14 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice | 14 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice |
15 | * new profiles: pix, audacity, strings, xz, xzdec, gzip, cpio, less | 15 | * new profiles: pix, audacity, strings, xz, xzdec, gzip, cpio, less |
16 | * new profiles: Atom Beta, Atom | 16 | * new profiles: Atom Beta, Atom, jitsi |
17 | -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 | 17 | -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 |
18 | 18 | ||
19 | firejail (0.9.40) baseline; urgency=low | 19 | firejail (0.9.40) baseline; urgency=low |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 81c97ca2d..837ac1e4c 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -74,6 +74,7 @@ blacklist ${HOME}/.config/tox | |||
74 | blacklist ${HOME}/.TelegramDesktop | 74 | blacklist ${HOME}/.TelegramDesktop |
75 | blacklist ${HOME}/.config/Gitter | 75 | blacklist ${HOME}/.config/Gitter |
76 | blacklist ${HOME}/.config/Franz | 76 | blacklist ${HOME}/.config/Franz |
77 | blacklist ${HOME}/.jitsi | ||
77 | 78 | ||
78 | # Games | 79 | # Games |
79 | blacklist ${HOME}/.hedgewars | 80 | blacklist ${HOME}/.hedgewars |
diff --git a/etc/jitsi.profile b/etc/jitsi.profile new file mode 100644 index 000000000..8baf1ad94 --- /dev/null +++ b/etc/jitsi.profile | |||
@@ -0,0 +1,16 @@ | |||
1 | # Firejail profile for jitsi | ||
2 | noblacklist ~/.jitsi | ||
3 | include /etc/firejail/disable-common.inc | ||
4 | include /etc/firejail/disable-devel.inc | ||
5 | include /etc/firejail/disable-passwdmgr.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | |||
8 | caps.drop all | ||
9 | nonewprivs | ||
10 | nogroups | ||
11 | noroot | ||
12 | protocol unix,inet,inet6 | ||
13 | seccomp | ||
14 | shell none | ||
15 | tracelog | ||
16 | |||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index ae495ec6d..3bbd93d3c 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -128,3 +128,4 @@ | |||
128 | /etc/firejail/Telegram.profile | 128 | /etc/firejail/Telegram.profile |
129 | /etc/firejail/atom-beta.profile | 129 | /etc/firejail/atom-beta.profile |
130 | /etc/firejail/atom.profile | 130 | /etc/firejail/atom.profile |
131 | /etc/firejail/jitsi.profile | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index eb51f4052..ba975c4b4 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -53,6 +53,7 @@ corebird | |||
53 | empathy | 53 | empathy |
54 | gitter | 54 | gitter |
55 | hexchat | 55 | hexchat |
56 | jitsi | ||
56 | konversation | 57 | konversation |
57 | pidgin | 58 | pidgin |
58 | polari | 59 | polari |