aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2017-05-02 07:56:29 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2017-05-02 07:56:29 -0400
commitb01b0b39973154a7f7c05b6d7bf5b2e10ed6f577 (patch)
tree0471463930af5a8db8e7df860bcad7bd934d12bf
parentfix trash functionality for file managers (diff)
downloadfirejail-b01b0b39973154a7f7c05b6d7bf5b2e10ed6f577.tar.gz
firejail-b01b0b39973154a7f7c05b6d7bf5b2e10ed6f577.tar.zst
firejail-b01b0b39973154a7f7c05b6d7bf5b2e10ed6f577.zip
adding knotes profile
Diffstat
-rw-r--r--README.md11
-rw-r--r--RELNOTES2
-rw-r--r--etc/disable-programs.inc1
-rw-r--r--etc/dolphin.profile1
-rw-r--r--etc/knotes.profile27
-rw-r--r--platform/debian/conffiles1
-rw-r--r--src/firecfg/firecfg.config1
7 files changed, 38 insertions, 6 deletions
diff --git a/README.md b/README.md
index 49291181c..4633ff894 100644
--- a/README.md
+++ b/README.md
@@ -69,14 +69,14 @@ Use this issue to request new profiles: https://github.com/netblue30/firejail/is
69## Desktop integration 69## Desktop integration
70 70
71All --fix functionality is done by default in firecfg, --fix option was removed. Clicking on a program 71All --fix functionality is done by default in firecfg, --fix option was removed. Clicking on a program
72in desktop manager menu should start the program automatically in a sandbox, if a profile 72in desktop manager menu should start the program automatically in a sandbox if a profile
73is available in /etc/firejail. We cover about 270 different applications in this moment on all major desktop managers. 73is available in /etc/firejail. We cover about 300 different applications in this moment on all major desktop managers.
74 74
75Thunar (XFCE) and PCManFM (LXDE) file managers symlinks are installed in /usr/local/bin by firecfg. 75Symlinks for the common file managers are installed in /usr/local/bin by firecfg.
76File managers are usually started by default at login time, and will be sandboxed. 76File managers are usually started by default at login time, and will be sandboxed.
77Clicking on a file in the file manager will start the corresponding program in the same sandbox as the file manager. 77Clicking on a file in the file manager will start the corresponding program in the same sandbox as the file manager.
78For example, clicking on a video file will start a sandboxed VLC running the video. 78For example, clicking on a video file will start a sandboxed VLC running the video.
79We support in this moment XFCE, LXDE, MATE and Cinnamon. 79We support in this moment XFCE, LXDE, MATE, Cinnamon and KDE.
80 80
81## AppImage 81## AppImage
82 82
@@ -218,4 +218,5 @@ PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla, FossaMail, Uzbl browser
218Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file, 218Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file,
219Nylas, dino, BibleTime, viewnior, Kodi, viking, youtube-dl, meld, Arduino, Akregator, KCalc, KTorrent, 219Nylas, dino, BibleTime, viewnior, Kodi, viking, youtube-dl, meld, Arduino, Akregator, KCalc, KTorrent,
220Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict, Ristretto, PCManFM, Dia, FontForge, Geany, Hugin, 220Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict, Ristretto, PCManFM, Dia, FontForge, Geany, Hugin,
221mate-calc, mate-dictionary, mate-color-select, caja, galculator, Nemo, gnome-font-viewer, gucharmap 221mate-calc, mate-dictionary, mate-color-select, caja, galculator, Nemo, gnome-font-viewer, gucharmap,
222knotes
diff --git a/RELNOTES b/RELNOTES
index 0b2f0ce5b..d25230227 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -43,7 +43,7 @@ firejail (0.9.46-rc1) baseline; urgency=low
43 * new profiles: Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict, 43 * new profiles: Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict,
44 * new profiles: Ristretto, PCManFM, Dia, FontForge, Geany, Hugin, 44 * new profiles: Ristretto, PCManFM, Dia, FontForge, Geany, Hugin,
45 * new profiles: mate-calc, mate-dictionary, mate-color-select, caja, 45 * new profiles: mate-calc, mate-dictionary, mate-color-select, caja,
46 * new profiles: galculator, Nemo, gnome-font-viewer, gucharmap 46 * new profiles: galculator, Nemo, gnome-font-viewer, gucharmap, knotes
47 * bugfixes 47 * bugfixes
48 -- netblue30 <netblue30@yahoo.com> Fri, 7 Apr 2017 08:00:00 -0500 48 -- netblue30 <netblue30@yahoo.com> Fri, 7 Apr 2017 08:00:00 -0500
49 49
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 89abbafd8..ddbc3f1fb 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -95,6 +95,7 @@ blacklist ${HOME}/.config/kateschemarc
95blacklist ${HOME}/.config/katesyntaxhighlightingrc 95blacklist ${HOME}/.config/katesyntaxhighlightingrc
96blacklist ${HOME}/.config/katevirc 96blacklist ${HOME}/.config/katevirc
97blacklist ${HOME}/.config/kdeconnect 97blacklist ${HOME}/.config/kdeconnect
98blacklist ${HOME}/.config/knotesrc
98blacklist ${HOME}/.config/libreoffice 99blacklist ${HOME}/.config/libreoffice
99blacklist ${HOME}/.config/mate/eom 100blacklist ${HOME}/.config/mate/eom
100blacklist ${HOME}/.config/mate/mate-dictionary 101blacklist ${HOME}/.config/mate/mate-dictionary
diff --git a/etc/dolphin.profile b/etc/dolphin.profile
index 3c9056f62..1a718c87f 100644
--- a/etc/dolphin.profile
+++ b/etc/dolphin.profile
@@ -10,6 +10,7 @@ noblacklist ~/.config/dolphinrc
10noblacklist ~/.local/share/dolphin 10noblacklist ~/.local/share/dolphin
11noblacklist ~/.kde4/share/kde4/services 11noblacklist ~/.kde4/share/kde4/services
12noblacklist ~/.kde/share/kde4/services 12noblacklist ~/.kde/share/kde4/services
13noblacklist ${HOME}/.local/share/Trash
13 14
14include /etc/firejail/disable-common.inc 15include /etc/firejail/disable-common.inc
15# dolphin needs to be able to start arbitrary applications so we cannot blacklist their files 16# dolphin needs to be able to start arbitrary applications so we cannot blacklist their files
diff --git a/etc/knotes.profile b/etc/knotes.profile
new file mode 100644
index 000000000..8fa88a261
--- /dev/null
+++ b/etc/knotes.profile
@@ -0,0 +1,27 @@
1# This file is overwritten during software install.
2# Persistent customizations should go in a .local file.
3include /etc/firejail/knotes.local
4
5# kate profile
6noblacklist ~/.config/knotesrc
7
8include /etc/firejail/disable-common.inc
9include /etc/firejail/disable-programs.inc
10#include /etc/firejail/disable-devel.inc
11include /etc/firejail/disable-passwdmgr.inc
12
13caps.drop all
14nogroups
15nonewprivs
16noroot
17nosound
18protocol unix
19seccomp
20netfilter
21shell none
22tracelog
23
24# private-bin kate
25private-tmp
26private-dev
27# private-etc fonts
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index 8bbd6ea6e..7353aa436 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -290,4 +290,5 @@
290/etc/firejail/nemo.profile 290/etc/firejail/nemo.profile
291/etc/firejail/gnome-font-viewer.profile 291/etc/firejail/gnome-font-viewer.profile
292/etc/firejail/gucharmap.profile 292/etc/firejail/gucharmap.profile
293/etc/firejail/knotes.profile
293 294
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 199a61fe4..946b75f80 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -117,6 +117,7 @@ keepassx
117keepassx2 117keepassx2
118keepassxc 118keepassxc
119kmail 119kmail
120knotes
120kodi 121kodi
121konversation 122konversation
122ktorrent 123ktorrent
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 19:44:55 +0000