aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Fred-Barclay <Fred-Barclay@users.noreply.github.com>2016-06-19 09:29:50 +1000
committerLibravatar Fred-Barclay <Fred-Barclay@users.noreply.github.com>2016-06-19 09:29:50 +1000
commit90f527234a62021466991c3f349e45cefbf79acd (patch)
treed912b30c4c56f8b4d0c40a135249d545c245a155
parentfree memory (diff)
downloadfirejail-90f527234a62021466991c3f349e45cefbf79acd.tar.gz
firejail-90f527234a62021466991c3f349e45cefbf79acd.tar.zst
firejail-90f527234a62021466991c3f349e45cefbf79acd.zip
added libreoffice profile
Diffstat
-rw-r--r--Makefile.in1
-rw-r--r--README1
-rw-r--r--README.md2
-rw-r--r--RELNOTES2
-rw-r--r--etc/disable-programs.inc1
-rw-r--r--etc/libreoffice.profile14
-rw-r--r--platform/debian/conffiles1
-rw-r--r--src/firecfg/firecfg.config1
8 files changed, 21 insertions, 2 deletions
diff --git a/Makefile.in b/Makefile.in
index 8726e4211..7f21811f5 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -196,6 +196,7 @@ realinstall:
196 install -c -m 0644 .etc/gthumb.profile $(DESTDIR)/$(sysconfdir)/firejail/. 196 install -c -m 0644 .etc/gthumb.profile $(DESTDIR)/$(sysconfdir)/firejail/.
197 install -c -m 0644 .etc/mpv.profile $(DESTDIR)/$(sysconfdir)/firejail/. 197 install -c -m 0644 .etc/mpv.profile $(DESTDIR)/$(sysconfdir)/firejail/.
198 install -c -m 0644 .etc/franz.profile $(DESTDIR)/$(sysconfdir)/firejail/. 198 install -c -m 0644 .etc/franz.profile $(DESTDIR)/$(sysconfdir)/firejail/.
199 install -c -m 0644 .etc/libreoffice.profile $(DESTDIR)/$(sysconfdir)/firejail/.
199 sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" 200 sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
200 install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/. 201 install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.
201 rm -fr .etc 202 rm -fr .etc
diff --git a/README b/README
index 0f825fd8e..8c15b17a2 100644
--- a/README
+++ b/README
@@ -87,6 +87,7 @@ Fred-Barclay (https://github.com/Fred-Barclay)
87 - added Brave profile 87 - added Brave profile
88 - added Gitter profile 88 - added Gitter profile
89 - various organising 89 - various organising
90 - added Libreoffice profile
90Petter Reinholdtsen (pere@hungry.com) 91Petter Reinholdtsen (pere@hungry.com)
91 - Opera profile patch 92 - Opera profile patch
92n1trux (https://github.com/n1trux) 93n1trux (https://github.com/n1trux)
diff --git a/README.md b/README.md
index 69890ffaf..c53823304 100644
--- a/README.md
+++ b/README.md
@@ -77,4 +77,4 @@ Office: evince, gthumb, fbreader
77 77
78## New security profiles 78## New security profiles
79 79
80Gitter, gThumb, mpv, Franz messenger 80Gitter, gThumb, mpv, Franz messenger, LibreOffice
diff --git a/RELNOTES b/RELNOTES
index 04a9d7cbb..4a698620b 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -3,7 +3,7 @@ firejail (0.9.41) baseline; urgency=low
3 * compile time and run time support to disable whitelists 3 * compile time and run time support to disable whitelists
4 * compile time support to disable global configuration file 4 * compile time support to disable global configuration file
5 * some profiles have been converted to private-bin 5 * some profiles have been converted to private-bin
6 * new profiles: Gitter, gThumb, mpv, Franz messenger 6 * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice
7 -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 7 -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500
8 8
9firejail (0.9.40) baseline; urgency=low 9firejail (0.9.40) baseline; urgency=low
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 6e79b3be0..6c166c186 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -16,6 +16,7 @@ blacklist ${HOME}/.config/stellarium
16blacklist ${HOME}/.config/atril 16blacklist ${HOME}/.config/atril
17blacklist ${HOME}/.config/xreader 17blacklist ${HOME}/.config/xreader
18blacklist ${HOME}/.config/xviewer 18blacklist ${HOME}/.config/xviewer
19blacklist $(HOME)/.config/libreoffice
19blacklist ${HOME}/.kde/share/apps/okular 20blacklist ${HOME}/.kde/share/apps/okular
20blacklist ${HOME}/.kde/share/config/okularrc 21blacklist ${HOME}/.kde/share/config/okularrc
21blacklist ${HOME}/.kde/share/config/okularpartrc 22blacklist ${HOME}/.kde/share/config/okularpartrc
diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile
new file mode 100644
index 000000000..9056b1df2
--- /dev/null
+++ b/etc/libreoffice.profile
@@ -0,0 +1,14 @@
1# Firejail profile for LibreOffice
2noblacklist ~/.config/libreoffice
3include /etc/firejail/disable-common.inc
4include /etc/firejail/disable-programs.inc
5include /etc/firejail/disable-devel.inc
6include /etc/firejail/disable-passwdmgr.inc
7
8caps.drop all
9netfilter
10nonewprivs
11noroot
12protocol unix,inet,inet6,netlink
13seccomp
14tracelog
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index 3ada0256a..6635a594b 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -106,3 +106,4 @@
106/etc/firejail/gthumb.profile 106/etc/firejail/gthumb.profile
107/etc/firejail/mpv.profile 107/etc/firejail/mpv.profile
108/etc/firejail/franz.profile 108/etc/firejail/franz.profile
109/etc/firejail/libreoffice.profile
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index e31a7c12a..eeac7a088 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -106,6 +106,7 @@ evince
106fbreader 106fbreader
107gwenview 107gwenview
108gthumb 108gthumb
109LibreOffice
109Mathematica 110Mathematica
110mathematica 111mathematica
111okular 112okular
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 14:40:56 +0000