diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2024-03-16 20:26:41 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-16 20:26:41 +0000 |
commit | c334f62e785738720617187cba1533731e762b53 (patch) | |
tree | 4f1a66c7345285a47c489d69788533fd64753ad0 | |
parent | New profile: dexios.profile (#6234) (diff) | |
download | firejail-c334f62e785738720617187cba1533731e762b53.tar.gz firejail-c334f62e785738720617187cba1533731e762b53.tar.zst firejail-c334f62e785738720617187cba1533731e762b53.zip |
New profile: koreader.profile (#6243)
Description: Ebook reader application.
https://koreader.rocks/
-rw-r--r-- | etc/inc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/profile-a-l/koreader.profile | 65 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
3 files changed, 67 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 4bbdf93d0..879812ad6 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -527,6 +527,7 @@ blacklist ${HOME}/.config/kmplayerrc | |||
527 | blacklist ${HOME}/.config/knotesrc | 527 | blacklist ${HOME}/.config/knotesrc |
528 | blacklist ${HOME}/.config/konversation.notifyrc | 528 | blacklist ${HOME}/.config/konversation.notifyrc |
529 | blacklist ${HOME}/.config/konversationrc | 529 | blacklist ${HOME}/.config/konversationrc |
530 | blacklist ${HOME}/.config/koreader | ||
530 | blacklist ${HOME}/.config/kritarc | 531 | blacklist ${HOME}/.config/kritarc |
531 | blacklist ${HOME}/.config/ktorrentrc | 532 | blacklist ${HOME}/.config/ktorrentrc |
532 | blacklist ${HOME}/.config/ktouch2rc | 533 | blacklist ${HOME}/.config/ktouch2rc |
diff --git a/etc/profile-a-l/koreader.profile b/etc/profile-a-l/koreader.profile new file mode 100644 index 000000000..f210ba72c --- /dev/null +++ b/etc/profile-a-l/koreader.profile | |||
@@ -0,0 +1,65 @@ | |||
1 | # Firejail profile for koreader | ||
2 | # Description: Ebook reader application | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include koreader.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | blacklist /usr/libexec | ||
10 | |||
11 | noblacklist ${HOME}/.config/koreader | ||
12 | noblacklist ${DOCUMENTS} | ||
13 | |||
14 | # Allow lua (blacklisted by disable-interpreters.inc) | ||
15 | include allow-lua.inc | ||
16 | |||
17 | include disable-common.inc | ||
18 | include disable-devel.inc | ||
19 | include disable-exec.inc | ||
20 | include disable-interpreters.inc | ||
21 | include disable-proc.inc | ||
22 | include disable-programs.inc | ||
23 | include disable-xdg.inc | ||
24 | |||
25 | mkdir ${HOME}/.config/koreader | ||
26 | whitelist ${HOME}/.config/koreader | ||
27 | include whitelist-common.inc | ||
28 | include whitelist-run-common.inc | ||
29 | include whitelist-runuser-common.inc | ||
30 | include whitelist-usr-share-common.inc | ||
31 | |||
32 | apparmor | ||
33 | caps.drop all | ||
34 | ipc-namespace | ||
35 | machine-id | ||
36 | net none | ||
37 | #no3d | ||
38 | nodvd | ||
39 | nogroups | ||
40 | noinput | ||
41 | nonewprivs | ||
42 | noprinters | ||
43 | noroot | ||
44 | nosound | ||
45 | notv | ||
46 | nou2f | ||
47 | novideo | ||
48 | protocol unix,netlink | ||
49 | seccomp | ||
50 | seccomp.block-secondary | ||
51 | tracelog | ||
52 | |||
53 | private-cache | ||
54 | private-dev | ||
55 | private-etc | ||
56 | private-lib | ||
57 | private-tmp | ||
58 | |||
59 | dbus-user none | ||
60 | dbus-system none | ||
61 | |||
62 | read-only ${HOME} | ||
63 | read-write ${HOME}/.config/koreader | ||
64 | read-write ${DOWNLOADS} | ||
65 | restrict-namespaces | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 275385690..20bfc74b6 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -482,6 +482,7 @@ knotes | |||
482 | kodi | 482 | kodi |
483 | konversation | 483 | konversation |
484 | kopete | 484 | kopete |
485 | koreader | ||
485 | krita | 486 | krita |
486 | #krunner | 487 | #krunner |
487 | ktorrent | 488 | ktorrent |