aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar glitsj16 <glitsj16@users.noreply.github.com>2019-11-23 10:54:42 +0000
committerLibravatar GitHub <noreply@github.com>2019-11-23 10:54:42 +0000
commit20fa0d580ae50f4104de82d30cefe40a9da5ab85 (patch)
treea76e44c7e987fabfa17b06bf6836f6e827c10ef5
parentAdd lensfun support for gimp (diff)
downloadfirejail-20fa0d580ae50f4104de82d30cefe40a9da5ab85.tar.gz
firejail-20fa0d580ae50f4104de82d30cefe40a9da5ab85.tar.zst
firejail-20fa0d580ae50f4104de82d30cefe40a9da5ab85.zip
Add new electron-mail profile (#3053)
* Create electron-mail.profile * Add electron-mail to disable-programs.inc * Add electron-mail to firecfg.config
Diffstat
-rw-r--r--etc/disable-programs.inc1
-rw-r--r--etc/electron-mail.profile52
-rw-r--r--src/firecfg/firecfg.config1
3 files changed, 54 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index d65bb6fc4..4db110af7 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -159,6 +159,7 @@ blacklist ${HOME}/.config/dnox
159blacklist ${HOME}/.config/dolphinrc 159blacklist ${HOME}/.config/dolphinrc
160blacklist ${HOME}/.config/dragonplayerrc 160blacklist ${HOME}/.config/dragonplayerrc
161blacklist ${HOME}/.config/d-feet 161blacklist ${HOME}/.config/d-feet
162blacklist ${HOME}/.config/electron-mail
162blacklist ${HOME}/.config/emaildefaults 163blacklist ${HOME}/.config/emaildefaults
163blacklist ${HOME}/.config/emailidentities 164blacklist ${HOME}/.config/emailidentities
164blacklist ${HOME}/.config/enchant 165blacklist ${HOME}/.config/enchant
diff --git a/etc/electron-mail.profile b/etc/electron-mail.profile
new file mode 100644
index 000000000..2945b9c37
--- /dev/null
+++ b/etc/electron-mail.profile
@@ -0,0 +1,52 @@
1# Firejail profile for electron-mail
2# Description: Unofficial desktop app for several E2E encrypted email providers
3# This file is overwritten after every install/update
4# Persistent local customizations
5include electron-mail.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/electron-mail
10
11whitelist ${DOWNLOADS}
12
13include disable-common.inc
14include disable-devel.inc
15include disable-exec.inc
16include disable-interpreters.inc
17include disable-passwdmgr.inc
18include disable-programs.inc
19include disable-xdg.inc
20
21mkdir ${HOME}/.config/electron-mail
22whitelist ${HOME}/.config/electron-mail
23
24include whitelist-common.inc
25include whitelist-usr-share-common.inc
26include whitelist-var-common.inc
27
28apparmor
29caps.drop all
30netfilter
31no3d
32# nodbus - breaks tray functionality
33nodvd
34nogroups
35nonewprivs
36noroot
37notv
38nou2f
39novideo
40protocol unix,inet,inet6,netlink
41seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
42shell none
43# tracelog - breaks on Arch
44
45private-bin electron-mail
46private-cache
47private-dev
48private-etc alternatives,fonts
49private-opt ElectronMail
50private-tmp
51
52# memory-deny-write-execute - breaks on Arch
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index e997598af..b4a425356 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -155,6 +155,7 @@ dropbox
155d-feet 155d-feet
156easystroke 156easystroke
157ebook-viewer 157ebook-viewer
158electron-mail
158electrum 159electrum
159elinks 160elinks
160empathy 161empathy
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 10:15:10 +0000