diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-02 12:02:28 -0500 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-02 12:02:28 -0500 |
commit | 88d919ce9b9d0be693366b25eb1c4f3647c023d3 (patch) | |
tree | abfa2be0b75e0b7fbf7ae50413afd9a0b901df86 | |
parent | merges (diff) | |
download | firejail-88d919ce9b9d0be693366b25eb1c4f3647c023d3.tar.gz firejail-88d919ce9b9d0be693366b25eb1c4f3647c023d3.tar.zst firejail-88d919ce9b9d0be693366b25eb1c4f3647c023d3.zip |
Add rambox profile from #1425
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/rambox.profile | 31 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
6 files changed, 37 insertions, 2 deletions
@@ -153,6 +153,8 @@ Felipe Barriga Richards (https://github.com/fbarriga) | |||
153 | - --private-etc fix | 153 | - --private-etc fix |
154 | Franco (nextime) Lanza (https://github.com/nextime) | 154 | Franco (nextime) Lanza (https://github.com/nextime) |
155 | - added --private-template/--private-home | 155 | - added --private-template/--private-home |
156 | fuelflo (https://github.com/fuelflo) | ||
157 | - added rambox profile | ||
156 | Fred-Barclay (https://github.com/Fred-Barclay) | 158 | Fred-Barclay (https://github.com/Fred-Barclay) |
157 | - lots of profile fixes | 159 | - lots of profile fixes |
158 | - added Vivaldi, Atril profiles | 160 | - added Vivaldi, Atril profiles |
@@ -150,5 +150,5 @@ playing youtube videos on Firefox Nightly. | |||
150 | curl, mplayer2, SMPlayer, Calibre, ebook-viewer, KWrite, Geary, Liferea, peek, silentarmy, | 150 | curl, mplayer2, SMPlayer, Calibre, ebook-viewer, KWrite, Geary, Liferea, peek, silentarmy, |
151 | IntelliJ IDEA, Android Studio, electron, riot-web, | 151 | IntelliJ IDEA, Android Studio, electron, riot-web, |
152 | Extreme Tux Racer, Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux, | 152 | Extreme Tux Racer, Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux, |
153 | telegram-desktop, arm | 153 | telegram-desktop, arm, rambox |
154 | 154 | ||
@@ -11,7 +11,7 @@ firejail (0.9.49) baseline; urgency=low | |||
11 | * new profiles: Geary, Liferea, peek, silentarmy, IntelliJ IDEA, | 11 | * new profiles: Geary, Liferea, peek, silentarmy, IntelliJ IDEA, |
12 | * new profiles: Android Studio, electron, riot-web, Extreme Tux Racer, | 12 | * new profiles: Android Studio, electron, riot-web, Extreme Tux Racer, |
13 | * new profiles: Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux | 13 | * new profiles: Frozen Bubble, Open Invaders, Pingus, Simutrans, SuperTux |
14 | * new profiles: telegram-desktop, arm | 14 | * new profiles: telegram-desktop, arm, rambox |
15 | * bugfixes | 15 | * bugfixes |
16 | -- netblue30 <netblue30@yahoo.com> Mon, 12 Jun 2017 20:00:00 -0500 | 16 | -- netblue30 <netblue30@yahoo.com> Mon, 12 Jun 2017 20:00:00 -0500 |
17 | 17 | ||
diff --git a/etc/rambox.profile b/etc/rambox.profile new file mode 100644 index 000000000..2c70fbd13 --- /dev/null +++ b/etc/rambox.profile | |||
@@ -0,0 +1,31 @@ | |||
1 | #Persistent global definitions go here | ||
2 | include /etc/firejail/globals.local | ||
3 | |||
4 | #This file is overwritten during software install. | ||
5 | #Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/rambox.local | ||
7 | |||
8 | # Rambox profile for firejail | ||
9 | noblacklist ~/.config/Rambox | ||
10 | noblacklist ~/.pki | ||
11 | include /etc/firejail/disable-common.inc | ||
12 | include /etc/firejail/disable-programs.inc | ||
13 | include /etc/firejail/disable-devel.inc | ||
14 | |||
15 | caps.drop all | ||
16 | netfilter | ||
17 | nogroups | ||
18 | nonewprivs | ||
19 | noroot | ||
20 | protocol unix,inet,inet6,netlink | ||
21 | seccomp | ||
22 | #tracelog | ||
23 | |||
24 | whitelist ${DOWNLOADS} | ||
25 | mkdir ~/.config/Rambox | ||
26 | whitelist ~/.config/Rambox | ||
27 | mkdir ~/.pki | ||
28 | whitelist ~/.pki | ||
29 | |||
30 | include /etc/firejail/whitelist-common.inc | ||
31 | |||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 54bd2f697..03dd65327 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -230,6 +230,7 @@ | |||
230 | /etc/firejail/quiterss.profile | 230 | /etc/firejail/quiterss.profile |
231 | /etc/firejail/qupzilla.profile | 231 | /etc/firejail/qupzilla.profile |
232 | /etc/firejail/qutebrowser.profile | 232 | /etc/firejail/qutebrowser.profile |
233 | /etc/firejail/rambox.profile | ||
233 | /etc/firejail/ranger.profile | 234 | /etc/firejail/ranger.profile |
234 | /etc/firejail/rhythmbox.profile | 235 | /etc/firejail/rhythmbox.profile |
235 | /etc/firejail/riot-web.profile | 236 | /etc/firejail/riot-web.profile |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index a6472a604..299b165f6 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -212,6 +212,7 @@ quassel | |||
212 | quiterss | 212 | quiterss |
213 | qupzilla | 213 | qupzilla |
214 | qutebrowser | 214 | qutebrowser |
215 | rambox | ||
215 | ranger | 216 | ranger |
216 | rhythmbox | 217 | rhythmbox |
217 | ristretto | 218 | ristretto |