aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@protonmail.com>2022-01-24 13:07:56 -0500
committerLibravatar GitHub <noreply@github.com>2022-01-24 13:07:56 -0500
commit12ba3f2aaffa14b09272063de07bc2e8f55df81d (patch)
tree1f8e6d404bfafdaedd656f5b386d6ca729337fa8
parentmerges (diff)
parentfix: neovim profile (diff)
downloadfirejail-12ba3f2aaffa14b09272063de07bc2e8f55df81d.tar.gz
firejail-12ba3f2aaffa14b09272063de07bc2e8f55df81d.tar.zst
firejail-12ba3f2aaffa14b09272063de07bc2e8f55df81d.zip
Merge pull request #4841 from Tus1688/master
Add neovim profile
Diffstat
-rw-r--r--etc/inc/disable-common.inc3
-rw-r--r--etc/inc/disable-programs.inc3
-rw-r--r--etc/profile-m-z/nvim.profile52
3 files changed, 58 insertions, 0 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 543fc235d..43332b4d0 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -18,6 +18,7 @@ blacklist-nolog ${HOME}/.kde4/share/apps/klipper
18blacklist-nolog ${HOME}/.local/share/fish/fish_history 18blacklist-nolog ${HOME}/.local/share/fish/fish_history
19blacklist-nolog ${HOME}/.local/share/ibus-typing-booster 19blacklist-nolog ${HOME}/.local/share/ibus-typing-booster
20blacklist-nolog ${HOME}/.local/share/klipper 20blacklist-nolog ${HOME}/.local/share/klipper
21blacklist-nolog ${HOME}/.local/share/nvim
21blacklist-nolog ${HOME}/.macromedia 22blacklist-nolog ${HOME}/.macromedia
22blacklist-nolog ${HOME}/.mupdf.history 23blacklist-nolog ${HOME}/.mupdf.history
23blacklist-nolog ${HOME}/.python-history 24blacklist-nolog ${HOME}/.python-history
@@ -323,6 +324,7 @@ read-only ${HOME}/.ssh/config.d
323# Initialization files that allow arbitrary command execution 324# Initialization files that allow arbitrary command execution
324read-only ${HOME}/.caffrc 325read-only ${HOME}/.caffrc
325read-only ${HOME}/.cargo/env 326read-only ${HOME}/.cargo/env
327read-only ${HOME}/.config/nvim
326read-only ${HOME}/.dotfiles 328read-only ${HOME}/.dotfiles
327read-only ${HOME}/.emacs 329read-only ${HOME}/.emacs
328read-only ${HOME}/.emacs.d 330read-only ${HOME}/.emacs.d
@@ -332,6 +334,7 @@ read-only ${HOME}/.homesick
332read-only ${HOME}/.iscreenrc 334read-only ${HOME}/.iscreenrc
333read-only ${HOME}/.local/lib 335read-only ${HOME}/.local/lib
334read-only ${HOME}/.local/share/cool-retro-term 336read-only ${HOME}/.local/share/cool-retro-term
337read-only ${HOME}/.local/share/nvim
335read-only ${HOME}/.mailcap 338read-only ${HOME}/.mailcap
336read-only ${HOME}/.msmtprc 339read-only ${HOME}/.msmtprc
337read-only ${HOME}/.mutt/muttrc 340read-only ${HOME}/.mutt/muttrc
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 104f67e1f..5a189559a 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -173,6 +173,7 @@ blacklist ${HOME}/.cache/mutt
173blacklist ${HOME}/.cache/mypaint 173blacklist ${HOME}/.cache/mypaint
174blacklist ${HOME}/.cache/netsurf 174blacklist ${HOME}/.cache/netsurf
175blacklist ${HOME}/.cache/nheko 175blacklist ${HOME}/.cache/nheko
176blacklist ${HOME}/.cache/nvim
176blacklist ${HOME}/.cache/okular 177blacklist ${HOME}/.cache/okular
177blacklist ${HOME}/.cache/opera 178blacklist ${HOME}/.cache/opera
178blacklist ${HOME}/.cache/opera-beta 179blacklist ${HOME}/.cache/opera-beta
@@ -541,6 +542,7 @@ blacklist ${HOME}/.config/newsflash
541blacklist ${HOME}/.config/nheko 542blacklist ${HOME}/.config/nheko
542blacklist ${HOME}/.config/nomacs 543blacklist ${HOME}/.config/nomacs
543blacklist ${HOME}/.config/nuclear 544blacklist ${HOME}/.config/nuclear
545blacklist ${HOME}/.config/nvim
544blacklist ${HOME}/.config/obs-studio 546blacklist ${HOME}/.config/obs-studio
545blacklist ${HOME}/.config/okularpartrc 547blacklist ${HOME}/.config/okularpartrc
546blacklist ${HOME}/.config/okularrc 548blacklist ${HOME}/.config/okularrc
@@ -947,6 +949,7 @@ blacklist ${HOME}/.local/share/newsboat
947blacklist ${HOME}/.local/share/nheko 949blacklist ${HOME}/.local/share/nheko
948blacklist ${HOME}/.local/share/nomacs 950blacklist ${HOME}/.local/share/nomacs
949blacklist ${HOME}/.local/share/notes 951blacklist ${HOME}/.local/share/notes
952blacklist ${HOME}/.local/share/nvim
950blacklist ${HOME}/.local/share/ocenaudio 953blacklist ${HOME}/.local/share/ocenaudio
951blacklist ${HOME}/.local/share/okular 954blacklist ${HOME}/.local/share/okular
952blacklist ${HOME}/.local/share/onlyoffice 955blacklist ${HOME}/.local/share/onlyoffice
diff --git a/etc/profile-m-z/nvim.profile b/etc/profile-m-z/nvim.profile
new file mode 100644
index 000000000..27a0aec28
--- /dev/null
+++ b/etc/profile-m-z/nvim.profile
@@ -0,0 +1,52 @@
1# Firejail profile for neovim
2# Description: Nvim is open source and freely distributable
3# This file is overwritten after every install/update
4# Persistent local customizations
5include nvim.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.vim
10noblacklist ${HOME}/.vimrc
11noblacklist ${HOME}/.cache/nvim
12noblacklist ${HOME}/.config/nvim
13noblacklist ${HOME}/.local/share/nvim
14
15include disable-common.inc
16include disable-devel.inc
17include disable-programs.inc
18include disable-xdg.inc
19
20blacklist ${RUNUSER}
21
22include whitelist-runuser-common.inc
23
24ipc-namespace
25machine-id
26net none
27no3d
28nodvd
29nogroups
30noinput
31nonewprivs
32noroot
33notv
34nou2f
35novideo
36protocol unix,inet,inet6
37seccomp
38seccomp.block-secondary
39shell none
40tracelog
41x11 none
42
43private-dev
44
45dbus-user none
46dbus-system none
47
48read-only ${HOME}/.config
49read-write ${HOME}/.config/nvim
50read-write ${HOME}/.local/share/nvim
51read-write ${HOME}/.vim
52read-write ${HOME}/.vimrc
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-01 20:03:45 +0000