diff options
| author |  rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-11-20 19:56:57 +0100 |
|---|---|---|
| committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-11-20 19:56:57 +0100 |
| commit | 0fa7f9c30fae7627816aa19427f693784dc97a6b (patch) | |
| tree | 35d026031dd3ffbd75174fe9601d86d1bc046a60 | |
| parent | tmpfs testing (diff) | |
| download | firejail-0fa7f9c30fae7627816aa19427f693784dc97a6b.tar.gz firejail-0fa7f9c30fae7627816aa19427f693784dc97a6b.tar.zst firejail-0fa7f9c30fae7627816aa19427f693784dc97a6b.zip | |
various profiles
- disable-common: read-only ${HOME}/.zfunc
- fix #3761 -- w3m with w3m-img installed does not display images when on virtual console/framebuffer
- yelp can be used to display manpages
| -rw-r--r-- | README.md | 2 | ||||
| -rw-r--r-- | RELNOTES | 5 | ||||
| -rw-r--r-- | etc/inc/disable-common.inc | 1 | ||||
| -rw-r--r-- | etc/profile-m-z/w3m.profile | 5 | ||||
| -rw-r--r-- | etc/profile-m-z/yelp.profile | 7 |
5 files changed, 16 insertions, 4 deletions
| @@ -194,4 +194,4 @@ Stats: | |||
| 194 | 194 | ||
| 195 | ### New profiles: | 195 | ### New profiles: |
| 196 | 196 | ||
| 197 | spectacle, chromium-browser-privacy | 197 | spectacle, chromium-browser-privacy, gtk-straw-viewer, gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer, straw-viewer |
| @@ -2,7 +2,10 @@ firejail (0.9.65) baseline; urgency=low | |||
| 2 | * allow --tmpfs inside $HOME for unprivileged users | 2 | * allow --tmpfs inside $HOME for unprivileged users |
| 3 | * --disable-usertmpfs compile time option | 3 | * --disable-usertmpfs compile time option |
| 4 | * allow AF_BLUETOOTH via --protocol=bluetooth | 4 | * allow AF_BLUETOOTH via --protocol=bluetooth |
| 5 | * new profiles: spectacle, chromium-browser-privacy | 5 | * new profiles: spectacle, chromium-browser-privacy, gtk-straw-viewer |
| 6 | * new profiles: gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer | ||
| 7 | * new profiles: straw-viewer | ||
| 8 | |||
| 6 | -- netblue30 <netblue30@yahoo.com> Wed, 21 Oct 2020 09:00:00 -0500 | 9 | -- netblue30 <netblue30@yahoo.com> Wed, 21 Oct 2020 09:00:00 -0500 |
| 7 | 10 | ||
| 8 | firejail (0.9.64) baseline; urgency=low | 11 | firejail (0.9.64) baseline; urgency=low |
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 1268b4cd2..3bdad3138 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
| @@ -280,6 +280,7 @@ read-only ${HOME}/.plan | |||
| 280 | read-only ${HOME}/.profile | 280 | read-only ${HOME}/.profile |
| 281 | read-only ${HOME}/.project | 281 | read-only ${HOME}/.project |
| 282 | read-only ${HOME}/.tcshrc | 282 | read-only ${HOME}/.tcshrc |
| 283 | read-only ${HOME}/.zfunc | ||
| 283 | read-only ${HOME}/.zlogin | 284 | read-only ${HOME}/.zlogin |
| 284 | read-only ${HOME}/.zlogout | 285 | read-only ${HOME}/.zlogout |
| 285 | read-only ${HOME}/.zprofile | 286 | read-only ${HOME}/.zprofile |
diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index bd33edd6a..0e172333a 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile | |||
| @@ -7,6 +7,11 @@ include w3m.local | |||
| 7 | # Persistent global definitions | 7 | # Persistent global definitions |
| 8 | include globals.local | 8 | include globals.local |
| 9 | 9 | ||
| 10 | # Uncomment or add to your w3m.local if you want to use w3m-img on a vconsole | ||
| 11 | #ignore nogroups | ||
| 12 | #ignore private-dev | ||
| 13 | #ignore private-etc | ||
| 14 | |||
| 10 | noblacklist ${HOME}/.w3m | 15 | noblacklist ${HOME}/.w3m |
| 11 | 16 | ||
| 12 | blacklist /tmp/.X11-unix | 17 | blacklist /tmp/.X11-unix |
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index e198af8b2..3ba1dca1a 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile | |||
| @@ -20,7 +20,9 @@ include disable-xdg.inc | |||
| 20 | mkdir ${HOME}/.config/yelp | 20 | mkdir ${HOME}/.config/yelp |
| 21 | whitelist ${HOME}/.config/yelp | 21 | whitelist ${HOME}/.config/yelp |
| 22 | whitelist /usr/share/doc | 22 | whitelist /usr/share/doc |
| 23 | whitelist /usr/share/groff | ||
| 23 | whitelist /usr/share/help | 24 | whitelist /usr/share/help |
| 25 | whitelist /usr/share/man | ||
| 24 | whitelist /usr/share/yelp | 26 | whitelist /usr/share/yelp |
| 25 | whitelist /usr/share/yelp-tools | 27 | whitelist /usr/share/yelp-tools |
| 26 | whitelist /usr/share/yelp-xsl | 28 | whitelist /usr/share/yelp-xsl |
| @@ -46,10 +48,10 @@ shell none | |||
| 46 | tracelog | 48 | tracelog |
| 47 | 49 | ||
| 48 | disable-mnt | 50 | disable-mnt |
| 49 | private-bin yelp | 51 | private-bin groff,man,tbl,troff,yelp |
| 50 | private-cache | 52 | private-cache |
| 51 | private-dev | 53 | private-dev |
| 52 | private-etc alsa,alternatives,asound.conf,crypto-policies,cups,dconf,drirc,fonts,gcrypt,gtk-3.0,machine-id,openal,os-release,pulse,sgml,xml | 54 | private-etc alsa,alternatives,asound.conf,crypto-policies,cups,dconf,drirc,fonts,gcrypt,groff,gtk-3.0,machine-id,man_db.conf,openal,os-release,pulse,sgml,xml |
| 53 | private-tmp | 55 | private-tmp |
| 54 | 56 | ||
| 55 | dbus-system none | 57 | dbus-system none |
| @@ -60,3 +62,4 @@ dbus-system none | |||
| 60 | # 1. yelp --editor-mode | 62 | # 1. yelp --editor-mode |
| 61 | # 2. saving the window geometry | 63 | # 2. saving the window geometry |
| 62 | read-only ${HOME} | 64 | read-only ${HOME} |
| 65 | read-write ${HOME}/.cache | ||