diff options
author | netblue30 <netblue30@yahoo.com> | 2016-10-03 11:33:22 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-10-03 11:33:22 -0400 |
commit | dfa025636778ee99a1c663a92cce1e061370156a (patch) | |
tree | ae6cb8832657d03f3334cc47ecae9e4c7a45f7f6 | |
parent | --x11=xorg (diff) | |
download | firejail-dfa025636778ee99a1c663a92cce1e061370156a.tar.gz firejail-dfa025636778ee99a1c663a92cce1e061370156a.tar.zst firejail-dfa025636778ee99a1c663a92cce1e061370156a.zip |
keepass, keepassx, 7z profiles
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | README.md | 4 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/7z.profile | 10 | ||||
-rw-r--r-- | etc/keepass.profile | 22 | ||||
-rw-r--r-- | etc/keepassx.profile | 23 | ||||
-rw-r--r-- | platform/debian/conffiles | 3 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 2 |
8 files changed, 64 insertions, 4 deletions
@@ -78,7 +78,7 @@ Fred-Barclay (https://github.com/Fred-Barclay) | |||
78 | - added DOSBox profile | 78 | - added DOSBox profile |
79 | - evince profile enhancement | 79 | - evince profile enhancement |
80 | vismir2 (https://github.com/vismir2) | 80 | vismir2 (https://github.com/vismir2) |
81 | - feh, ranger and zathura profiles | 81 | - feh, ranger, 7z, keepass, keepassx and zathura profiles |
82 | - lots of profile fixes | 82 | - lots of profile fixes |
83 | graywolf (https://github.com/graywolf) | 83 | graywolf (https://github.com/graywolf) |
84 | - spelling fix | 84 | - spelling fix |
@@ -106,9 +106,9 @@ If you keep your Firejail profiles in a public repository, please give us a link | |||
106 | 106 | ||
107 | ## New profile commands | 107 | ## New profile commands |
108 | 108 | ||
109 | x11 xpra, x11 xephyr, x11 none, x11 xorg allusers, join-or-start | 109 | x11 xpra, x11 xephyr, x11 none, x11 xorg, allusers, join-or-start |
110 | 110 | ||
111 | ## New profiles | 111 | ## New profiles |
112 | 112 | ||
113 | qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape, feh, ranger, zathura | 113 | qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape, feh, ranger, zathura, 7z, keepass, keepassx |
114 | 114 | ||
@@ -16,7 +16,7 @@ firejail (0.9.43) baseline; urgency=low | |||
16 | * feature: disable 3D hardware acceleration (--no3d) | 16 | * feature: disable 3D hardware acceleration (--no3d) |
17 | * feature: x11 xpra, x11 xephyr, x11 block, allusers, no3d profile commands | 17 | * feature: x11 xpra, x11 xephyr, x11 block, allusers, no3d profile commands |
18 | * new profiles: qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape | 18 | * new profiles: qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape |
19 | * new profiles: feh, ranger, zathura | 19 | * new profiles: feh, ranger, zathura, 7z, keepass, keepassx |
20 | * bugfixes | 20 | * bugfixes |
21 | -- netblue30 <netblue30@yahoo.com> Fri, 9 Sept 2016 08:00:00 -0500 | 21 | -- netblue30 <netblue30@yahoo.com> Fri, 9 Sept 2016 08:00:00 -0500 |
22 | 22 | ||
diff --git a/etc/7z.profile b/etc/7z.profile new file mode 100644 index 000000000..c9455317a --- /dev/null +++ b/etc/7z.profile | |||
@@ -0,0 +1,10 @@ | |||
1 | # p7zip crompression tool profile | ||
2 | quiet | ||
3 | ignore noroot | ||
4 | include /etc/firejail/default.profile | ||
5 | tracelog | ||
6 | net none | ||
7 | shell none | ||
8 | private-dev | ||
9 | private-tmp | ||
10 | nosound | ||
diff --git a/etc/keepass.profile b/etc/keepass.profile new file mode 100644 index 000000000..b2085f53d --- /dev/null +++ b/etc/keepass.profile | |||
@@ -0,0 +1,22 @@ | |||
1 | # keepass password manager profile | ||
2 | |||
3 | noblacklist ${HOME}/.config/keepass | ||
4 | noblacklist ${HOME}/.keepass | ||
5 | |||
6 | include /etc/firejail/disable-common.inc | ||
7 | include /etc/firejail/disable-programs.inc | ||
8 | include /etc/firejail/disable-devel.inc | ||
9 | include /etc/firejail/disable-passwdmgr.inc | ||
10 | |||
11 | caps.drop all | ||
12 | nogroups | ||
13 | nonewprivs | ||
14 | noroot | ||
15 | nosound | ||
16 | protocol unix | ||
17 | seccomp | ||
18 | netfilter | ||
19 | shell none | ||
20 | |||
21 | private-tmp | ||
22 | private-dev | ||
diff --git a/etc/keepassx.profile b/etc/keepassx.profile new file mode 100644 index 000000000..415160df3 --- /dev/null +++ b/etc/keepassx.profile | |||
@@ -0,0 +1,23 @@ | |||
1 | # keepassx password manager profile | ||
2 | |||
3 | noblacklist ${HOME}/.config/keepassx | ||
4 | noblacklist ${HOME}/.keepassx | ||
5 | noblacklist ${HOME}/keepassx.kdbx | ||
6 | |||
7 | include /etc/firejail/disable-common.inc | ||
8 | include /etc/firejail/disable-programs.inc | ||
9 | include /etc/firejail/disable-devel.inc | ||
10 | include /etc/firejail/disable-passwdmgr.inc | ||
11 | |||
12 | caps.drop all | ||
13 | nogroups | ||
14 | nonewprivs | ||
15 | noroot | ||
16 | nosound | ||
17 | protocol unix | ||
18 | seccomp | ||
19 | netfilter | ||
20 | shell none | ||
21 | |||
22 | private-tmp | ||
23 | private-dev | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index af8e74ba8..03fb2fe75 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -152,3 +152,6 @@ | |||
152 | /etc/firejail/xz.profile | 152 | /etc/firejail/xz.profile |
153 | /etc/firejail/xzdec.profile | 153 | /etc/firejail/xzdec.profile |
154 | /etc/firejail/zathura.profile | 154 | /etc/firejail/zathura.profile |
155 | /etc/firejail/7z.profile | ||
156 | /etc/firejail/keepass.profile | ||
157 | /etc/firejail/keepassx.profile | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 9e5ff7f12..95d3d5caa 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -142,6 +142,8 @@ ssh | |||
142 | atom-beta | 142 | atom-beta |
143 | atom | 143 | atom |
144 | ranger | 144 | ranger |
145 | keepass | ||
146 | keepassx | ||
145 | 147 | ||
146 | # weather/climate | 148 | # weather/climate |
147 | aweather | 149 | aweather |