diff options
author | netblue30 <netblue30@yahoo.com> | 2018-10-13 14:03:51 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-10-13 14:03:51 -0400 |
commit | 8155eefbc50f202312d1639bd71bb2c5ea285c86 (patch) | |
tree | d14d0dfd91d297594c398380d7c1a1165c00e528 | |
parent | private-lib fix (diff) | |
parent | Merges (diff) | |
download | firejail-8155eefbc50f202312d1639bd71bb2c5ea285c86.tar.gz firejail-8155eefbc50f202312d1639bd71bb2c5ea285c86.tar.zst firejail-8155eefbc50f202312d1639bd71bb2c5ea285c86.zip |
Merge branch 'master' of http://github.com/netblue30/firejail
-rw-r--r-- | README | 5 | ||||
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | RELNOTES | 3 | ||||
-rw-r--r-- | etc/disable-passwdmgr.inc | 1 | ||||
-rw-r--r-- | etc/gnome-pie.profile | 41 | ||||
-rw-r--r-- | etc/mencoder.profile | 28 |
6 files changed, 78 insertions, 3 deletions
@@ -123,6 +123,8 @@ bn0785ac (https://github.com/bn0785ac) | |||
123 | - fix inox, add snox profile | 123 | - fix inox, add snox profile |
124 | BogDan Vatra (https://github.com/bog-dan-ro) | 124 | BogDan Vatra (https://github.com/bog-dan-ro) |
125 | - zoom profile | 125 | - zoom profile |
126 | Brad Ackerman | ||
127 | - blacklist Bitwarden config in disable-passwdmgr.inc | ||
126 | Bruno Nova (https://github.com/brunonova) | 128 | Bruno Nova (https://github.com/brunonova) |
127 | - whitelist fix | 129 | - whitelist fix |
128 | - bash arguments fix | 130 | - bash arguments fix |
@@ -282,7 +284,8 @@ glitsj16 (https://github.com/glitsj16) | |||
282 | - new profiles: lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat | 284 | - new profiles: lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat |
283 | - new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore | 285 | - new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore |
284 | - new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh | 286 | - new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh |
285 | - new profiles: nirtoshare-send, nitroshare-ui | 287 | - new profiles: nirtoshare-send, nitroshare-ui, mencoder, gnome-pie |
288 | - new profiles: masterpdfeditor | ||
286 | graywolf (https://github.com/graywolf) | 289 | graywolf (https://github.com/graywolf) |
287 | - spelling fix | 290 | - spelling fix |
288 | greigdp (https://github.com/greigdp) | 291 | greigdp (https://github.com/greigdp) |
@@ -136,5 +136,6 @@ The new LTS branch is here: https://github.com/netblue30/firejail/tree/LTSbase | |||
136 | QMediathekView, aria2c, Authenticator, checkbashisms, devilspie, devilspie2, easystroke, github-desktop, min, | 136 | QMediathekView, aria2c, Authenticator, checkbashisms, devilspie, devilspie2, easystroke, github-desktop, min, |
137 | bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat, lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep, | 137 | bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat, lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep, |
138 | lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat, xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore, | 138 | lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat, xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore, |
139 | lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh, nirtoshare-send, nitroshare-ui | 139 | lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh, nirtoshare-send, nitroshare-ui, mencoder, gnome-pie, |
140 | masterpdfeditor | ||
140 | 141 | ||
@@ -8,7 +8,8 @@ firejail (0.9.56.1) baseline; urgency=low | |||
8 | * new profiles: lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat | 8 | * new profiles: lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat |
9 | * new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore | 9 | * new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore |
10 | * new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh | 10 | * new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh |
11 | * new profiles: nirtoshare-send, nitroshare-ui | 11 | * new profiles: nirtoshare-send, nitroshare-ui, mencoder, gnome-pie |
12 | * new profiles: masterpdfeditor | ||
12 | -- netblue30 <netblue30@yahoo.com> Thu, 11 Oct 2018 08:00:00 -0500 | 13 | -- netblue30 <netblue30@yahoo.com> Thu, 11 Oct 2018 08:00:00 -0500 |
13 | 14 | ||
14 | firejail (0.9.56) baseline; urgency=low | 15 | firejail (0.9.56) baseline; urgency=low |
diff --git a/etc/disable-passwdmgr.inc b/etc/disable-passwdmgr.inc index 6ef11780e..19fd871d3 100644 --- a/etc/disable-passwdmgr.inc +++ b/etc/disable-passwdmgr.inc | |||
@@ -2,6 +2,7 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include /etc/firejail/disable-passwdmgr.local | 3 | include /etc/firejail/disable-passwdmgr.local |
4 | 4 | ||
5 | blacklist ${HOME}/.config/Bitwarden | ||
5 | blacklist ${HOME}/.config/KeePass | 6 | blacklist ${HOME}/.config/KeePass |
6 | blacklist ${HOME}/.config/keepass | 7 | blacklist ${HOME}/.config/keepass |
7 | blacklist ${HOME}/.config/keepassx | 8 | blacklist ${HOME}/.config/keepassx |
diff --git a/etc/gnome-pie.profile b/etc/gnome-pie.profile new file mode 100644 index 000000000..be408ea93 --- /dev/null +++ b/etc/gnome-pie.profile | |||
@@ -0,0 +1,41 @@ | |||
1 | # Firejail profile for gnome-pie | ||
2 | # Description: Alternative AppMenu | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/gnome-pie.local | ||
6 | # Persistent global definitions | ||
7 | include /etc/firejail/globals.local | ||
8 | |||
9 | #include /etc/firejail/disable-common.inc | ||
10 | include /etc/firejail/disable-devel.inc | ||
11 | #include /etc/firejail/disable-interpreters.inc | ||
12 | include /etc/firejail/disable-passwdmgr.inc | ||
13 | #include /etc/firejail/disable-programs.inc | ||
14 | |||
15 | caps.drop all | ||
16 | ipc-namespace | ||
17 | machine-id | ||
18 | net none | ||
19 | no3d | ||
20 | nodvd | ||
21 | nogroups | ||
22 | nonewprivs | ||
23 | noroot | ||
24 | nosound | ||
25 | notv | ||
26 | nou2f | ||
27 | novideo | ||
28 | protocol unix | ||
29 | seccomp | ||
30 | shell none | ||
31 | |||
32 | disable-mnt | ||
33 | private-cache | ||
34 | private-dev | ||
35 | private-etc fonts | ||
36 | private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* | ||
37 | private-tmp | ||
38 | |||
39 | memory-deny-write-execute | ||
40 | noexec ${HOME} | ||
41 | noexec /tmp | ||
diff --git a/etc/mencoder.profile b/etc/mencoder.profile new file mode 100644 index 000000000..9306d268e --- /dev/null +++ b/etc/mencoder.profile | |||
@@ -0,0 +1,28 @@ | |||
1 | # Firejail profile for mencoder | ||
2 | # Description: Free command line video decoding, encoding and filtering tool | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include /etc/firejail/mencoder.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include /etc/firejail/globals.local | ||
9 | |||
10 | include /etc/firejail/disable-common.inc | ||
11 | include /etc/firejail/disable-devel.inc | ||
12 | include /etc/firejail/disable-interpreters.inc | ||
13 | include /etc/firejail/disable-passwdmgr.inc | ||
14 | include /etc/firejail/disable-programs.inc | ||
15 | |||
16 | net none | ||
17 | no3d | ||
18 | nodbus | ||
19 | nosound | ||
20 | notv | ||
21 | nou2f | ||
22 | protocol unix | ||
23 | seccomp | ||
24 | shell none | ||
25 | |||
26 | private-bin mencoder | ||
27 | |||
28 | include /etc/firejail/mplayer.profile | ||