aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2018-01-30 22:39:06 +0100
committerLibravatar smitsohu <smitsohu@gmail.com>2018-01-30 22:39:06 +0100
commit4b9174a110cb31bacfcd477c5fcda5b124114ba4 (patch)
tree7afea7d596d6d7f58c9c1bd69978e2f1209a08b0
parentharden KDE (diff)
downloadfirejail-4b9174a110cb31bacfcd477c5fcda5b124114ba4.tar.gz
firejail-4b9174a110cb31bacfcd477c5fcda5b124114ba4.tar.zst
firejail-4b9174a110cb31bacfcd477c5fcda5b124114ba4.zip
kaffeine profile
Diffstat
-rw-r--r--README.md2
-rw-r--r--RELNOTES2
-rw-r--r--etc/disable-programs.inc6
-rw-r--r--etc/kaffeine.profile37
-rw-r--r--src/firecfg/firecfg.config1
5 files changed, 46 insertions, 2 deletions
diff --git a/README.md b/README.md
index 7bd691ba8..5438db4ac 100644
--- a/README.md
+++ b/README.md
@@ -101,4 +101,4 @@ Use this issue to request new profiles: [#1139](https://github.com/netblue30/fir
101## New profiles 101## New profiles
102 102
103Basilisk browser, Tor Browser language packs, PlayOnLinux, sylpheed, discord-canary, 103Basilisk browser, Tor Browser language packs, PlayOnLinux, sylpheed, discord-canary,
104pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing 104pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing, Kaffeine
diff --git a/RELNOTES b/RELNOTES
index fe871134b..4e4b7e085 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -6,7 +6,7 @@ firejail (0.9.53) baseline; urgency=low
6 * private-dev support for overlay and chroot sandboxes 6 * private-dev support for overlay and chroot sandboxes
7 * private-tmp support for overlay and chroot sandboxes 7 * private-tmp support for overlay and chroot sandboxes
8 * new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed, discord-canary 8 * new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed, discord-canary
9 * new profiles: pycharm-community, pycharm-professional 9 * new profiles: pycharm-community, pycharm-professional, kaffeine
10 -- netblue30 <netblue30@yahoo.com> Tue, 12 Dec 2017 08:00:00 -0500 10 -- netblue30 <netblue30@yahoo.com> Tue, 12 Dec 2017 08:00:00 -0500
11 11
12firejail (0.9.52) baseline; urgency=low 12firejail (0.9.52) baseline; urgency=low
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 5a75974ac..6a8e580a3 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -129,6 +129,7 @@ blacklist ${HOME}/.config/iridium
129blacklist ${HOME}/.config/itch 129blacklist ${HOME}/.config/itch
130blacklist ${HOME}/.config/jd-gui.cfg 130blacklist ${HOME}/.config/jd-gui.cfg
131blacklist ${HOME}/.config/k3brc 131blacklist ${HOME}/.config/k3brc
132blacklist ${HOME}/.config/kaffeinerc
132blacklist ${HOME}/.config/katepartrc 133blacklist ${HOME}/.config/katepartrc
133blacklist ${HOME}/.config/katerc 134blacklist ${HOME}/.config/katerc
134blacklist ${HOME}/.config/kateschemarc 135blacklist ${HOME}/.config/kateschemarc
@@ -258,6 +259,7 @@ blacklist ${HOME}/.java
258blacklist ${HOME}/.jitsi 259blacklist ${HOME}/.jitsi
259blacklist ${HOME}/.kde/share/apps/digikam 260blacklist ${HOME}/.kde/share/apps/digikam
260blacklist ${HOME}/.kde/share/apps/gwenview 261blacklist ${HOME}/.kde/share/apps/gwenview
262blacklist ${HOME}/.kde/share/apps/kaffeine
261blacklist ${HOME}/.kde/share/apps/kcookiejar 263blacklist ${HOME}/.kde/share/apps/kcookiejar
262blacklist ${HOME}/.kde/share/apps/kget 264blacklist ${HOME}/.kde/share/apps/kget
263blacklist ${HOME}/.kde/share/apps/khtml 265blacklist ${HOME}/.kde/share/apps/khtml
@@ -272,6 +274,7 @@ blacklist ${HOME}/.kde/share/config/baloorc
272blacklist ${HOME}/.kde/share/config/digikam 274blacklist ${HOME}/.kde/share/config/digikam
273blacklist ${HOME}/.kde/share/config/gwenviewrc 275blacklist ${HOME}/.kde/share/config/gwenviewrc
274blacklist ${HOME}/.kde/share/config/k3brc 276blacklist ${HOME}/.kde/share/config/k3brc
277blacklist ${HOME}/.kde/share/config/kaffeinerc
275blacklist ${HOME}/.kde/share/config/kcookiejarrc 278blacklist ${HOME}/.kde/share/config/kcookiejarrc
276blacklist ${HOME}/.kde/share/config/kgetrc 279blacklist ${HOME}/.kde/share/config/kgetrc
277blacklist ${HOME}/.kde/share/config/khtmlrc 280blacklist ${HOME}/.kde/share/config/khtmlrc
@@ -285,6 +288,7 @@ blacklist ${HOME}/.kde/share/config/okularpartrc
285blacklist ${HOME}/.kde/share/config/okularrc 288blacklist ${HOME}/.kde/share/config/okularrc
286blacklist ${HOME}/.kde4/share/apps/digikam 289blacklist ${HOME}/.kde4/share/apps/digikam
287blacklist ${HOME}/.kde4/share/apps/gwenview 290blacklist ${HOME}/.kde4/share/apps/gwenview
291blacklist ${HOME}/.kde4/share/apps/kaffeine
288blacklist ${HOME}/.kde4/share/apps/kcookiejar 292blacklist ${HOME}/.kde4/share/apps/kcookiejar
289blacklist ${HOME}/.kde4/share/apps/kget 293blacklist ${HOME}/.kde4/share/apps/kget
290blacklist ${HOME}/.kde4/share/apps/khtml 294blacklist ${HOME}/.kde4/share/apps/khtml
@@ -298,6 +302,7 @@ blacklist ${HOME}/.kde4/share/config/baloofilerc
298blacklist ${HOME}/.kde4/share/config/digikam 302blacklist ${HOME}/.kde4/share/config/digikam
299blacklist ${HOME}/.kde4/share/config/gwenviewrc 303blacklist ${HOME}/.kde4/share/config/gwenviewrc
300blacklist ${HOME}/.kde4/share/config/k3brc 304blacklist ${HOME}/.kde4/share/config/k3brc
305blacklist ${HOME}/.kde4/share/config/kaffeinerc
301blacklist ${HOME}/.kde4/share/config/kcookiejarrc 306blacklist ${HOME}/.kde4/share/config/kcookiejarrc
302blacklist ${HOME}/.kde4/share/config/kgetrc 307blacklist ${HOME}/.kde4/share/config/kgetrc
303blacklist ${HOME}/.kde4/share/config/khtmlrc 308blacklist ${HOME}/.kde4/share/config/khtmlrc
@@ -354,6 +359,7 @@ blacklist ${HOME}/.local/share/gnome-photos
354blacklist ${HOME}/.local/share/gnome-ring 359blacklist ${HOME}/.local/share/gnome-ring
355blacklist ${HOME}/.local/share/gnome-twitch 360blacklist ${HOME}/.local/share/gnome-twitch
356blacklist ${HOME}/.local/share/gwenview 361blacklist ${HOME}/.local/share/gwenview
362blacklist ${HOME}/.local/share/kaffeine
357blacklist ${HOME}/.local/share/kate 363blacklist ${HOME}/.local/share/kate
358blacklist ${HOME}/.local/share/ktorrentrc 364blacklist ${HOME}/.local/share/ktorrentrc
359blacklist ${HOME}/.local/share/ktorrent 365blacklist ${HOME}/.local/share/ktorrent
diff --git a/etc/kaffeine.profile b/etc/kaffeine.profile
new file mode 100644
index 000000000..361010ce0
--- /dev/null
+++ b/etc/kaffeine.profile
@@ -0,0 +1,37 @@
1# Firejail profile for kaffeine
2# This file is overwritten after every install/update
3# Persistent local customizations
4include /etc/firejail/kaffeine.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7
8noblacklist ~/.config/kaffeinerc
9noblacklist ~/.kde/share/apps/kaffeine
10noblacklist ~/.kde/share/config/kaffeinerc
11noblacklist ~/.kde4/share/apps/kaffeine
12noblacklist ~/.kde4/share/config/kaffeinerc
13noblacklist ~/.local/share/kaffeine
14
15include /etc/firejail/disable-common.inc
16include /etc/firejail/disable-devel.inc
17include /etc/firejail/disable-passwdmgr.inc
18include /etc/firejail/disable-programs.inc
19
20include /etc/firejail/whitelist-var-common.inc
21
22caps.drop all
23netfilter
24nogroups
25nonewprivs
26noroot
27novideo
28protocol unix,inet,inet6
29seccomp
30shell none
31
32# private-bin kaffeine
33private-dev
34private-tmp
35
36noexec ${HOME}
37noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index e9e1db287..6c4c9faa9 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -185,6 +185,7 @@ iridium-browser
185jd-gui 185jd-gui
186jitsi 186jitsi
187k3b 187k3b
188kaffeine
188karbon 189karbon
189kate 190kate
190kcalc 191kcalc
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 22:47:48 +0000