diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-08-22 15:16:43 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-08-22 15:16:43 +0000 |
commit | 7582aaffce1e2266e3ff163495c39d001ab0ef21 (patch) | |
tree | a0ae36f8aee4e482af9e356efdf245bf59ac59f3 | |
parent | update syscalls.txt (diff) | |
parent | add allow-common-devel to more profiles (diff) | |
download | firejail-7582aaffce1e2266e3ff163495c39d001ab0ef21.tar.gz firejail-7582aaffce1e2266e3ff163495c39d001ab0ef21.tar.zst firejail-7582aaffce1e2266e3ff163495c39d001ab0ef21.zip |
Merge pull request #2921 from rusty-snake/allow-common-devel.inc
Introduce allow-common-devel.inc
-rw-r--r-- | etc/allow-common-devel.inc | 17 | ||||
-rw-r--r-- | etc/android-studio.profile | 8 | ||||
-rw-r--r-- | etc/aosp.profile | 8 | ||||
-rw-r--r-- | etc/atom.profile | 14 | ||||
-rw-r--r-- | etc/brackets.profile | 10 | ||||
-rw-r--r-- | etc/code.profile | 11 | ||||
-rw-r--r-- | etc/emacs.profile | 6 | ||||
-rw-r--r-- | etc/geany.profile | 9 | ||||
-rw-r--r-- | etc/gedit.profile | 9 | ||||
-rw-r--r-- | etc/gnome-builder.profile | 10 | ||||
-rw-r--r-- | etc/idea.sh.profile | 8 | ||||
-rw-r--r-- | etc/pluma.profile | 6 | ||||
-rw-r--r-- | etc/pycharm-community.profile | 6 | ||||
-rw-r--r-- | etc/templates/profile.template | 3 | ||||
-rw-r--r-- | etc/vim.profile | 6 | ||||
-rw-r--r-- | etc/webstorm.profile | 7 |
16 files changed, 61 insertions, 77 deletions
diff --git a/etc/allow-common-devel.inc b/etc/allow-common-devel.inc new file mode 100644 index 000000000..1d794462c --- /dev/null +++ b/etc/allow-common-devel.inc | |||
@@ -0,0 +1,17 @@ | |||
1 | # Rust | ||
2 | noblacklist ${HOME}/.cargo/config | ||
3 | noblacklist ${HOME}/.cargo/registry | ||
4 | |||
5 | # Git | ||
6 | noblacklist ${HOME}/.config/git | ||
7 | noblacklist ${HOME}/.gitconfig | ||
8 | noblacklist ${HOME}/.git-credentials | ||
9 | |||
10 | # Python | ||
11 | noblacklist ${HOME}/.python-history | ||
12 | noblacklist ${HOME}/.python_history | ||
13 | noblacklist ${HOME}/.pythonhist | ||
14 | |||
15 | # Java | ||
16 | noblacklist ${HOME}/.gradle | ||
17 | noblacklist ${HOME}/.java | ||
diff --git a/etc/android-studio.profile b/etc/android-studio.profile index ff7fb6711..2e4e564dd 100644 --- a/etc/android-studio.profile +++ b/etc/android-studio.profile | |||
@@ -7,17 +7,15 @@ include globals.local | |||
7 | 7 | ||
8 | noblacklist ${HOME}/.AndroidStudio* | 8 | noblacklist ${HOME}/.AndroidStudio* |
9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
10 | noblacklist ${HOME}/.config/git | ||
11 | noblacklist ${HOME}/.gitconfig | ||
12 | noblacklist ${HOME}/.git-credentials | ||
13 | noblacklist ${HOME}/.gradle | ||
14 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
15 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
16 | noblacklist ${HOME}/.java | ||
17 | noblacklist ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
18 | noblacklist ${HOME}/.ssh | 13 | noblacklist ${HOME}/.ssh |
19 | noblacklist ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
20 | 15 | ||
16 | # Allows files commonly used by IDEs | ||
17 | include allow-common-devel.inc | ||
18 | |||
21 | include disable-common.inc | 19 | include disable-common.inc |
22 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 21 | include disable-programs.inc |
diff --git a/etc/aosp.profile b/etc/aosp.profile index 701bf4733..a5b1ba9f1 100644 --- a/etc/aosp.profile +++ b/etc/aosp.profile | |||
@@ -7,18 +7,16 @@ include globals.local | |||
7 | 7 | ||
8 | noblacklist ${HOME}/.android | 8 | noblacklist ${HOME}/.android |
9 | noblacklist ${HOME}/.bash_history | 9 | noblacklist ${HOME}/.bash_history |
10 | noblacklist ${HOME}/.config/git | ||
11 | noblacklist ${HOME}/.gitconfig | ||
12 | noblacklist ${HOME}/.git-credentials | ||
13 | noblacklist ${HOME}/.gradle | ||
14 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
15 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
16 | noblacklist ${HOME}/.java | ||
17 | noblacklist ${HOME}/.repo_.gitconfig.json | 12 | noblacklist ${HOME}/.repo_.gitconfig.json |
18 | noblacklist ${HOME}/.repoconfig | 13 | noblacklist ${HOME}/.repoconfig |
19 | noblacklist ${HOME}/.ssh | 14 | noblacklist ${HOME}/.ssh |
20 | noblacklist ${HOME}/.tooling | 15 | noblacklist ${HOME}/.tooling |
21 | 16 | ||
17 | # Allows files commonly used by IDEs | ||
18 | include allow-common-devel.inc | ||
19 | |||
22 | include disable-common.inc | 20 | include disable-common.inc |
23 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
24 | include disable-programs.inc | 22 | include disable-programs.inc |
diff --git a/etc/atom.profile b/etc/atom.profile index 4bb37552b..b9cb49d08 100644 --- a/etc/atom.profile +++ b/etc/atom.profile | |||
@@ -8,17 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.atom | 9 | noblacklist ${HOME}/.atom |
10 | noblacklist ${HOME}/.config/Atom | 10 | noblacklist ${HOME}/.config/Atom |
11 | # allow rust | 11 | |
12 | noblacklist ${HOME}/.cargo/config | 12 | # Allows files commonly used by IDEs |
13 | noblacklist ${HOME}/.cargo/registry | 13 | include allow-common-devel.inc |
14 | # allow git config files | ||
15 | noblacklist ${HOME}/.config/git | ||
16 | noblacklist ${HOME}/.gitconfig | ||
17 | noblacklist ${HOME}/.git-credentials | ||
18 | # allow python dev files | ||
19 | noblacklist ${HOME}/.python-history | ||
20 | noblacklist ${HOME}/.python_history | ||
21 | noblacklist ${HOME}/.pythonhist | ||
22 | 14 | ||
23 | include disable-common.inc | 15 | include disable-common.inc |
24 | include disable-exec.inc | 16 | include disable-exec.inc |
diff --git a/etc/brackets.profile b/etc/brackets.profile index 3e157d841..b7d560bbc 100644 --- a/etc/brackets.profile +++ b/etc/brackets.profile | |||
@@ -8,13 +8,9 @@ include globals.local | |||
8 | noblacklist ${HOME}/.config/Brackets | 8 | noblacklist ${HOME}/.config/Brackets |
9 | #noblacklist /opt/brackets/ | 9 | #noblacklist /opt/brackets/ |
10 | #noblacklist /opt/google/ | 10 | #noblacklist /opt/google/ |
11 | # Uncomment the next two lines if you are developing rust. | 11 | |
12 | # or put it in your brackets.local | 12 | # Allows files commonly used by IDEs |
13 | #noblacklist ${HOME}/.cargo/config | 13 | include allow-common-devel.inc |
14 | #noblacklist ${HOME}/.cargo/registry | ||
15 | noblacklist ${HOME}/.config/git | ||
16 | noblacklist ${HOME}/.gitconfig | ||
17 | noblacklist ${HOME}/.git-credentials | ||
18 | 14 | ||
19 | include disable-common.inc | 15 | include disable-common.inc |
20 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
diff --git a/etc/code.profile b/etc/code.profile index 76320d56b..7ac4e1619 100644 --- a/etc/code.profile +++ b/etc/code.profile | |||
@@ -5,19 +5,14 @@ include code.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cargo/config | ||
9 | noblacklist ${HOME}/.cargo/registry | ||
10 | noblacklist ${HOME}/.config/Code | 8 | noblacklist ${HOME}/.config/Code |
11 | noblacklist ${HOME}/.config/Code - OSS | 9 | noblacklist ${HOME}/.config/Code - OSS |
12 | noblacklist ${HOME}/.config/git | ||
13 | noblacklist ${HOME}/.gitconfig | ||
14 | noblacklist ${HOME}/.git-credentials | ||
15 | noblacklist ${HOME}/.python-history | ||
16 | noblacklist ${HOME}/.python_history | ||
17 | noblacklist ${HOME}/.pythonhist | ||
18 | noblacklist ${HOME}/.vscode | 10 | noblacklist ${HOME}/.vscode |
19 | noblacklist ${HOME}/.vscode-oss | 11 | noblacklist ${HOME}/.vscode-oss |
20 | 12 | ||
13 | # Allows files commonly used by IDEs | ||
14 | include allow-common-devel.inc | ||
15 | |||
21 | include disable-common.inc | 16 | include disable-common.inc |
22 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 18 | include disable-programs.inc |
diff --git a/etc/emacs.profile b/etc/emacs.profile index 95a4dd6b2..071a9f5d2 100644 --- a/etc/emacs.profile +++ b/etc/emacs.profile | |||
@@ -11,9 +11,9 @@ noblacklist ${HOME}/.emacs.d | |||
11 | # if you need gpg uncomment the following line | 11 | # if you need gpg uncomment the following line |
12 | # or put it into your emacs.local | 12 | # or put it into your emacs.local |
13 | #noblacklist ${HOME}/.gnupg | 13 | #noblacklist ${HOME}/.gnupg |
14 | noblacklist ${HOME}/.python-history | 14 | |
15 | noblacklist ${HOME}/.python_history | 15 | # Allows files commonly used by IDEs |
16 | noblacklist ${HOME}/.pythonhist | 16 | include allow-common-devel.inc |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
diff --git a/etc/geany.profile b/etc/geany.profile index 53a718d63..31599e32a 100644 --- a/etc/geany.profile +++ b/etc/geany.profile | |||
@@ -7,12 +7,9 @@ include geany.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/geany | 9 | noblacklist ${HOME}/.config/geany |
10 | noblacklist ${HOME}/.config/git | 10 | |
11 | noblacklist ${HOME}/.gitconfig | 11 | # Allows files commonly used by IDEs |
12 | noblacklist ${HOME}/.git-credentials | 12 | include allow-common-devel.inc |
13 | noblacklist ${HOME}/.python-history | ||
14 | noblacklist ${HOME}/.python_history | ||
15 | noblacklist ${HOME}/.pythonhist | ||
16 | 13 | ||
17 | include disable-common.inc | 14 | include disable-common.inc |
18 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
diff --git a/etc/gedit.profile b/etc/gedit.profile index 763d33eb1..837396654 100644 --- a/etc/gedit.profile +++ b/etc/gedit.profile | |||
@@ -8,12 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/enchant | 9 | noblacklist ${HOME}/.config/enchant |
10 | noblacklist ${HOME}/.config/gedit | 10 | noblacklist ${HOME}/.config/gedit |
11 | noblacklist ${HOME}/.config/git | 11 | |
12 | noblacklist ${HOME}/.gitconfig | 12 | # Allows files commonly used by IDEs |
13 | noblacklist ${HOME}/.git-credentials | 13 | include allow-common-devel.inc |
14 | noblacklist ${HOME}/.python-history | ||
15 | noblacklist ${HOME}/.python_history | ||
16 | noblacklist ${HOME}/.pythonhist | ||
17 | 14 | ||
18 | include disable-common.inc | 15 | include disable-common.inc |
19 | # include disable-devel.inc | 16 | # include disable-devel.inc |
diff --git a/etc/gnome-builder.profile b/etc/gnome-builder.profile index 46281af6e..ab2ca183b 100644 --- a/etc/gnome-builder.profile +++ b/etc/gnome-builder.profile | |||
@@ -6,14 +6,8 @@ include gnome-builder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cargo/config | 9 | # Allows files commonly used by IDEs |
10 | noblacklist ${HOME}/.cargo/registry | 10 | include allow-common-devel.inc |
11 | noblacklist ${HOME}/.config/git | ||
12 | noblacklist ${HOME}/.gitconfig | ||
13 | noblacklist ${HOME}/.git-credentials | ||
14 | noblacklist ${HOME}/.python-history | ||
15 | noblacklist ${HOME}/.python_history | ||
16 | noblacklist ${HOME}/.pythonhist | ||
17 | 11 | ||
18 | include disable-common.inc | 12 | include disable-common.inc |
19 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
diff --git a/etc/idea.sh.profile b/etc/idea.sh.profile index 4f3047e08..a7d0d531f 100644 --- a/etc/idea.sh.profile +++ b/etc/idea.sh.profile | |||
@@ -7,17 +7,15 @@ include globals.local | |||
7 | 7 | ||
8 | noblacklist ${HOME}/.IdeaIC* | 8 | noblacklist ${HOME}/.IdeaIC* |
9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
10 | noblacklist ${HOME}/.config/git | ||
11 | noblacklist ${HOME}/.gitconfig | ||
12 | noblacklist ${HOME}/.git-credentials | ||
13 | noblacklist ${HOME}/.gradle | ||
14 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
15 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
16 | noblacklist ${HOME}/.java | ||
17 | noblacklist ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
18 | noblacklist ${HOME}/.ssh | 13 | noblacklist ${HOME}/.ssh |
19 | noblacklist ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
20 | 15 | ||
16 | # Allows files commonly used by IDEs | ||
17 | include allow-common-devel.inc | ||
18 | |||
21 | include disable-common.inc | 19 | include disable-common.inc |
22 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
23 | include disable-programs.inc | 21 | include disable-programs.inc |
diff --git a/etc/pluma.profile b/etc/pluma.profile index 4c32c2979..dadfcc44e 100644 --- a/etc/pluma.profile +++ b/etc/pluma.profile | |||
@@ -8,9 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/enchant | 9 | noblacklist ${HOME}/.config/enchant |
10 | noblacklist ${HOME}/.config/pluma | 10 | noblacklist ${HOME}/.config/pluma |
11 | noblacklist ${HOME}/.python-history | 11 | |
12 | noblacklist ${HOME}/.python_history | 12 | # Allows files commonly used by IDEs |
13 | noblacklist ${HOME}/.pythonhist | 13 | include allow-common-devel.inc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/pycharm-community.profile b/etc/pycharm-community.profile index e1d55c89e..9ee426a95 100644 --- a/etc/pycharm-community.profile +++ b/etc/pycharm-community.profile | |||
@@ -6,13 +6,13 @@ include pycharm-community.local | |||
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.PyCharmCE* | 8 | noblacklist ${HOME}/.PyCharmCE* |
9 | noblacklist ${HOME}/.python-history | ||
10 | noblacklist ${HOME}/.python_history | ||
11 | noblacklist ${HOME}/.pythonhist | ||
12 | 9 | ||
13 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
14 | include allow-java.inc | 11 | include allow-java.inc |
15 | 12 | ||
13 | # Allows files commonly used by IDEs | ||
14 | include allow-common-devel.inc | ||
15 | |||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 2fc5c3ef1..0d67e222f 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
@@ -87,6 +87,9 @@ include globals.local | |||
87 | # Allow lua (blacklisted by disable-interpreters.inc) | 87 | # Allow lua (blacklisted by disable-interpreters.inc) |
88 | #include allow-lua.inc | 88 | #include allow-lua.inc |
89 | 89 | ||
90 | # Allows files commonly used by IDEs | ||
91 | #include allow-common-devel.inc | ||
92 | |||
90 | #include disable-common.inc | 93 | #include disable-common.inc |
91 | #include disable-devel.inc | 94 | #include disable-devel.inc |
92 | #include disable-exec.inc | 95 | #include disable-exec.inc |
diff --git a/etc/vim.profile b/etc/vim.profile index 957dc91aa..d27a9a633 100644 --- a/etc/vim.profile +++ b/etc/vim.profile | |||
@@ -6,13 +6,13 @@ include vim.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.python-history | ||
10 | noblacklist ${HOME}/.python_history | ||
11 | noblacklist ${HOME}/.pythonhist | ||
12 | noblacklist ${HOME}/.vim | 9 | noblacklist ${HOME}/.vim |
13 | noblacklist ${HOME}/.viminfo | 10 | noblacklist ${HOME}/.viminfo |
14 | noblacklist ${HOME}/.vimrc | 11 | noblacklist ${HOME}/.vimrc |
15 | 12 | ||
13 | # Allows files commonly used by IDEs | ||
14 | include allow-common-devel.inc | ||
15 | |||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
diff --git a/etc/webstorm.profile b/etc/webstorm.profile index e820bae00..fc4e8e571 100644 --- a/etc/webstorm.profile +++ b/etc/webstorm.profile | |||
@@ -7,14 +7,13 @@ include globals.local | |||
7 | 7 | ||
8 | noblacklist ${HOME}/.WebStorm* | 8 | noblacklist ${HOME}/.WebStorm* |
9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
10 | noblacklist ${HOME}/.config/git | ||
11 | noblacklist ${HOME}/.gitconfig | ||
12 | noblacklist ${HOME}/.git-credentials | ||
13 | noblacklist ${HOME}/.gradle | ||
14 | noblacklist ${HOME}/.local/share/JetBrains | 10 | noblacklist ${HOME}/.local/share/JetBrains |
15 | noblacklist ${HOME}/.ssh | 11 | noblacklist ${HOME}/.ssh |
16 | noblacklist ${HOME}/.tooling | 12 | noblacklist ${HOME}/.tooling |
17 | 13 | ||
14 | # Allows files commonly used by IDEs | ||
15 | include allow-common-devel.inc | ||
16 | |||
18 | noblacklist ${PATH}/node | 17 | noblacklist ${PATH}/node |
19 | noblacklist ${HOME}/.nvm | 18 | noblacklist ${HOME}/.nvm |
20 | 19 | ||