diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-04-14 11:20:08 -0500 |
---|---|---|
committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-04-14 11:20:08 -0500 |
commit | e08c80d0a9fbf3def45c5957a7048d597de6e966 (patch) | |
tree | 8d059e621cb6edfd340ad88bb1a599ae0710cbd7 | |
parent | Spotify from the AUR requires bash,sh (diff) | |
download | firejail-e08c80d0a9fbf3def45c5957a7048d597de6e966.tar.gz firejail-e08c80d0a9fbf3def45c5957a7048d597de6e966.tar.zst firejail-e08c80d0a9fbf3def45c5957a7048d597de6e966.zip |
Added nylas profile (see #1215)
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/disable-programs.inc | 2 | ||||
-rw-r--r-- | etc/nylas.profile | 29 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
7 files changed, 38 insertions, 2 deletions
@@ -274,6 +274,8 @@ Mike Frysinger (vapier@gentoo.org) | |||
274 | - Gentoo compile patch | 274 | - Gentoo compile patch |
275 | mjudtmann (https://github.com/mjudtmann) | 275 | mjudtmann (https://github.com/mjudtmann) |
276 | - lock firejail configuration in disable-mgmt.inc | 276 | - lock firejail configuration in disable-mgmt.inc |
277 | mustaqimM (https://github.com/mustaqimM) | ||
278 | - added profile for Nylas Mail | ||
277 | n1trux (https://github.com/n1trux) | 279 | n1trux (https://github.com/n1trux) |
278 | - fix flashpeak-slimjet profile typos | 280 | - fix flashpeak-slimjet profile typos |
279 | netblue30 (netblue30@yahoo.com) | 281 | netblue30 (netblue30@yahoo.com) |
@@ -195,4 +195,5 @@ goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nau | |||
195 | simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget, | 195 | simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget, |
196 | xed, pluma, Cryptocat, Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5, | 196 | xed, pluma, Cryptocat, Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5, |
197 | PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla, FossaMail, Uzbl browser, xmms, iridium browser, | 197 | PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla, FossaMail, Uzbl browser, xmms, iridium browser, |
198 | Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file | 198 | Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file, |
199 | Nylas | ||
@@ -36,7 +36,7 @@ firejail (0.9.46-rc1) baseline; urgency=low | |||
36 | * new profiles: Xonotic, wireshark, keepassx2, QupZilla, FossaMail, | 36 | * new profiles: Xonotic, wireshark, keepassx2, QupZilla, FossaMail, |
37 | * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie, Engrampa, | 37 | * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie, Engrampa, |
38 | * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, | 38 | * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, |
39 | * new profiles: baloo_file | 39 | * new profiles: baloo_file, Nylas |
40 | * bugfixes | 40 | * bugfixes |
41 | -- netblue30 <netblue30@yahoo.com> Fri, 7 Apr 2017 08:00:00 -0500 | 41 | -- netblue30 <netblue30@yahoo.com> Fri, 7 Apr 2017 08:00:00 -0500 |
42 | 42 | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7939fd520..1d5380b42 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -33,6 +33,7 @@ blacklist ${HOME}/.config/Luminance | |||
33 | blacklist ${HOME}/.config/Meltytech | 33 | blacklist ${HOME}/.config/Meltytech |
34 | blacklist ${HOME}/.config/Mousepad | 34 | blacklist ${HOME}/.config/Mousepad |
35 | blacklist ${HOME}/.config/Mumble | 35 | blacklist ${HOME}/.config/Mumble |
36 | blacklist ${HOME}/.config/Nylas Mail | ||
36 | blacklist ${HOME}/.config/QuiteRss | 37 | blacklist ${HOME}/.config/QuiteRss |
37 | blacklist ${HOME}/.config/QuiteRssrc | 38 | blacklist ${HOME}/.config/QuiteRssrc |
38 | blacklist ${HOME}/.config/Slack | 39 | blacklist ${HOME}/.config/Slack |
@@ -260,6 +261,7 @@ blacklist ${HOME}/.mutt | |||
260 | blacklist ${HOME}/.mutt/muttrc | 261 | blacklist ${HOME}/.mutt/muttrc |
261 | blacklist ${HOME}/.muttrc | 262 | blacklist ${HOME}/.muttrc |
262 | blacklist ${HOME}/.nv | 263 | blacklist ${HOME}/.nv |
264 | blacklist $(HOME)/.nylas-mail | ||
263 | blacklist ${HOME}/.openshot | 265 | blacklist ${HOME}/.openshot |
264 | blacklist ${HOME}/.openshot_qt | 266 | blacklist ${HOME}/.openshot_qt |
265 | blacklist ${HOME}/.opera | 267 | blacklist ${HOME}/.opera |
diff --git a/etc/nylas.profile b/etc/nylas.profile new file mode 100644 index 000000000..21c48c95c --- /dev/null +++ b/etc/nylas.profile | |||
@@ -0,0 +1,29 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include /etc/firejail/nylas.local | ||
4 | |||
5 | # Firejail profile for Nylas Mail | ||
6 | noblacklist ~/.config/Nylas Mail | ||
7 | noblacklist ~/.nylas-mail | ||
8 | |||
9 | include /etc/firejail/disable-common.inc | ||
10 | include /etc/firejail/disable-programs.inc | ||
11 | include /etc/firejail/disable-devel.inc | ||
12 | include /etc/firejail/disable-passwdmgr.inc | ||
13 | |||
14 | whitelist ~/.config/Nylas Mail | ||
15 | whitelist ~/.nylas-mail | ||
16 | whitelist ${DOWNLOADS} | ||
17 | include /etc/firejail/whitelist-common.inc | ||
18 | |||
19 | caps.drop all | ||
20 | netfilter | ||
21 | nogroups | ||
22 | nonewprivs | ||
23 | noroot | ||
24 | nosound | ||
25 | protocol unix,inet,inet6,netlink | ||
26 | seccomp | ||
27 | shell none | ||
28 | |||
29 | private-dev | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 434cd9d0a..84557cd1f 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -145,6 +145,7 @@ | |||
145 | /etc/firejail/nautilus.profile | 145 | /etc/firejail/nautilus.profile |
146 | /etc/firejail/netsurf.profile | 146 | /etc/firejail/netsurf.profile |
147 | /etc/firejail/nolocal.net | 147 | /etc/firejail/nolocal.net |
148 | /etc/firejail/nylas.profile | ||
148 | /etc/firejail/odt2txt.profile | 149 | /etc/firejail/odt2txt.profile |
149 | /etc/firejail/okular.profile | 150 | /etc/firejail/okular.profile |
150 | /etc/firejail/openbox.profile | 151 | /etc/firejail/openbox.profile |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index af10039e4..826de6260 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -42,6 +42,7 @@ kmail | |||
42 | midori | 42 | midori |
43 | mutt | 43 | mutt |
44 | netsurf | 44 | netsurf |
45 | nylas | ||
45 | opera-beta | 46 | opera-beta |
46 | opera | 47 | opera |
47 | palemoon | 48 | palemoon |