aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Tad <tad@spotco.us>2019-04-24 12:25:36 -0400
committerLibravatar Tad <tad@spotco.us>2019-04-24 12:25:36 -0400
commit590f661715c991af40fb2de8b5bfe3b2bf2a606c (patch)
tree2903a2dea16c9f3e8fe5b257ed6859189c405c4f
parentMerge branch 'master' of github.com:netblue30/firejail (diff)
downloadfirejail-590f661715c991af40fb2de8b5bfe3b2bf2a606c.tar.gz
firejail-590f661715c991af40fb2de8b5bfe3b2bf2a606c.tar.zst
firejail-590f661715c991af40fb2de8b5bfe3b2bf2a606c.zip
Revert "Merge branch 'master' of github.com:netblue30/firejail"
This reverts commit 0d42e12f11825f84d6bf6f9c667cd16272a3700c, reversing changes made to 63efb454a4af0ee5d4905f7cfae193138aef3e15.
Diffstat
-rw-r--r--etc/android-studio.profile44
-rw-r--r--etc/aosp.profile46
-rw-r--r--etc/atom.profile42
-rw-r--r--etc/brackets.profile39
-rw-r--r--etc/clion.profile39
-rw-r--r--etc/code.profile47
-rw-r--r--etc/disable-programs.inc738
-rw-r--r--etc/geany.profile38
-rw-r--r--etc/gedit.profile51
-rw-r--r--etc/git.profile52
-rw-r--r--etc/gitg.profile45
-rw-r--r--etc/github-desktop.profile50
-rw-r--r--etc/gnome-builder.profile37
-rw-r--r--etc/idea.sh.profile43
-rw-r--r--etc/meld.profile62
-rw-r--r--etc/webstorm.profile44
16 files changed, 1401 insertions, 16 deletions
diff --git a/etc/android-studio.profile b/etc/android-studio.profile
index ba54697e1..ff7fb6711 100644
--- a/etc/android-studio.profile
+++ b/etc/android-studio.profile
@@ -1 +1,43 @@
1]0;firejail /usr/bin/meld ./etc/android-studio_LOCAL_29017.profile ./etc/android-studio_BASE_29017.profile ./etc/android-studio_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for android-studio
2# This file is overwritten after every install/update
3# Persistent local customizations
4include android-studio.local
5# Persistent global definitions
6include globals.local
7
8noblacklist ${HOME}/.AndroidStudio*
9noblacklist ${HOME}/.android
10noblacklist ${HOME}/.config/git
11noblacklist ${HOME}/.gitconfig
12noblacklist ${HOME}/.git-credentials
13noblacklist ${HOME}/.gradle
14noblacklist ${HOME}/.jack-server
15noblacklist ${HOME}/.jack-settings
16noblacklist ${HOME}/.java
17noblacklist ${HOME}/.local/share/JetBrains
18noblacklist ${HOME}/.ssh
19noblacklist ${HOME}/.tooling
20
21include disable-common.inc
22include disable-passwdmgr.inc
23include disable-programs.inc
24
25include whitelist-var-common.inc
26
27caps.drop all
28netfilter
29nodvd
30nogroups
31nonewprivs
32noroot
33notv
34novideo
35protocol unix,inet,inet6
36seccomp
37shell none
38
39private-cache
40# private-tmp
41
42# noexec /tmp breaks 'Android Profiler'
43#noexec /tmp
diff --git a/etc/aosp.profile b/etc/aosp.profile
index 98c23139b..bdfefa923 100644
--- a/etc/aosp.profile
+++ b/etc/aosp.profile
@@ -1 +1,45 @@
1]0;firejail /usr/bin/meld ./etc/aosp_LOCAL_29017.profile ./etc/aosp_BASE_29017.profile ./etc/aosp_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for aosp
2# This file is overwritten after every install/update
3# Persistent local customizations
4include aosp.local
5# Persistent global definitions
6include globals.local
7
8
9noblacklist ${HOME}/.android
10noblacklist ${HOME}/.bash_history
11noblacklist ${HOME}/.config/git
12noblacklist ${HOME}/.gitconfig
13noblacklist ${HOME}/.git-credentials
14noblacklist ${HOME}/.gradle
15noblacklist ${HOME}/.jack-server
16noblacklist ${HOME}/.jack-settings
17noblacklist ${HOME}/.java
18noblacklist ${HOME}/.repo_.gitconfig.json
19noblacklist ${HOME}/.repoconfig
20noblacklist ${HOME}/.ssh
21noblacklist ${HOME}/.tooling
22
23include disable-common.inc
24include disable-passwdmgr.inc
25include disable-programs.inc
26include disable-xdg.inc
27
28include whitelist-var-common.inc
29
30caps.drop all
31ipc-namespace
32netfilter
33no3d
34nodvd
35nogroups
36nonewprivs
37noroot
38nosound
39notv
40novideo
41protocol unix,inet,inet6
42#seccomp
43shell none
44
45private-tmp
diff --git a/etc/atom.profile b/etc/atom.profile
index 7700cc0be..a3c62284c 100644
--- a/etc/atom.profile
+++ b/etc/atom.profile
@@ -1 +1,41 @@
1]0;firejail /usr/bin/meld ./etc/atom_LOCAL_29017.profile ./etc/atom_BASE_29017.profile ./etc/atom_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for atom
2# Description: A hackable text editor for the 21st Century
3# This file is overwritten after every install/update
4# Persistent local customizations
5include atom.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.atom
10noblacklist ${HOME}/.config/Atom
11noblacklist ${HOME}/.config/git
12noblacklist ${HOME}/.cargo/config
13noblacklist ${HOME}/.cargo/registry
14noblacklist ${HOME}/.gitconfig
15noblacklist ${HOME}/.git-credentials
16noblacklist ${HOME}/.pythonrc.py
17
18include disable-common.inc
19include disable-exec.inc
20include disable-passwdmgr.inc
21include disable-programs.inc
22
23caps.drop all
24# net none
25netfilter
26nodbus
27nodvd
28nogroups
29nonewprivs
30noroot
31nosound
32notv
33nou2f
34novideo
35protocol unix,inet,inet6,netlink
36seccomp
37shell none
38
39private-cache
40private-dev
41private-tmp
diff --git a/etc/brackets.profile b/etc/brackets.profile
index 6f05e496a..fa0d7e592 100644
--- a/etc/brackets.profile
+++ b/etc/brackets.profile
@@ -1 +1,38 @@
1]0;firejail /usr/bin/meld ./etc/brackets_LOCAL_29017.profile ./etc/brackets_BASE_29017.profile ./etc/brackets_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for brackets
2# This file is overwritten after every install/update
3# Persistent local customizations
4include brackets.local
5# Persistent global definitions
6include globals.local
7
8noblacklist ${HOME}/.config/Brackets
9#noblacklist /opt/brackets/
10#noblacklist /opt/google/
11# Uncomment the the next two lines if you are developing rust.
12# or put it in your brackets.local
13#noblacklist ${HOME}/.cargo/config
14#noblacklist ${HOME}/.cargo/registry
15noblacklist ${HOME}/.config/git
16noblacklist ${HOME}/.gitconfig
17noblacklist ${HOME}/.git-credentials
18
19include disable-common.inc
20include disable-passwdmgr.inc
21include disable-programs.inc
22
23caps.drop all
24netfilter
25nodvd
26nogroups
27nonewprivs
28noroot
29nosound
30notv
31nou2f
32novideo
33protocol unix,inet,inet6,netlink
34seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
35shell none
36
37private-cache
38private-dev
diff --git a/etc/clion.profile b/etc/clion.profile
index 29b6116b0..b27d93684 100644
--- a/etc/clion.profile
+++ b/etc/clion.profile
@@ -1 +1,38 @@
1]0;firejail /usr/bin/meld ./etc/clion_LOCAL_29017.profile ./etc/clion_BASE_29017.profile ./etc/clion_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for CLion
2# This file is overwritten after every install/update
3# Persistent local customizations
4include clion.local
5# Persistent global definitions
6include globals.local
7
8noblacklist ${HOME}/.CLion*
9noblacklist ${HOME}/.config/git
10noblacklist ${HOME}/.gitconfig
11noblacklist ${HOME}/.git-credentials
12noblacklist ${HOME}/.java
13noblacklist ${HOME}/.local/share/JetBrains
14noblacklist ${HOME}/.ssh
15noblacklist ${HOME}/.tooling
16
17include disable-common.inc
18include disable-passwdmgr.inc
19include disable-programs.inc
20
21caps.drop all
22netfilter
23nodvd
24nogroups
25nonewprivs
26noroot
27notv
28nou2f
29novideo
30protocol unix,inet,inet6
31seccomp
32shell none
33
34private-cache
35private-dev
36# private-tmp
37
38noexec /tmp
diff --git a/etc/code.profile b/etc/code.profile
index 04eb6aff4..16678459e 100644
--- a/etc/code.profile
+++ b/etc/code.profile
@@ -1 +1,46 @@
1]0;firejail /usr/bin/meld ./etc/code_LOCAL_29017.profile ./etc/code_BASE_29017.profile ./etc/code_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for Visual Studio Code
2# This file is overwritten after every install/update
3# Persistent local customizations
4include code.local
5# Persistent global definitions
6include globals.local
7
8noblacklist ${HOME}/.cargo/config
9noblacklist ${HOME}/.cargo/registry
10noblacklist ${HOME}/.config/Code
11noblacklist ${HOME}/.config/Code - OSS
12noblacklist ${HOME}/.config/git
13noblacklist ${HOME}/.gitconfig
14noblacklist ${HOME}/.git-credentials
15noblacklist ${HOME}/.pythonrc.py
16noblacklist ${HOME}/.vscode
17noblacklist ${HOME}/.vscode-oss
18
19include disable-common.inc
20include disable-passwdmgr.inc
21include disable-programs.inc
22
23caps.drop all
24net none
25netfilter
26nodvd
27nogroups
28nonewprivs
29noroot
30nosound
31notv
32nou2f
33novideo
34protocol unix,inet,inet6,netlink
35seccomp
36shell none
37
38private-cache
39private-dev
40private-tmp
41
42# Disabling noexec ${HOME} for now since it will
43# probably interfere with running some programmes
44# in VS Code
45# noexec ${HOME}
46noexec /tmp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 874411088..f0d6611ad 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -1 +1,737 @@
1]0;firejail /usr/bin/meld ./etc/disable-programs_LOCAL_29017.inc ./etc/disable-programs_BASE_29017.inc ./etc/disable-programs_REMOTE_29017.inc  \ No newline at end of file 1# This file is overwritten during software install.
2# Persistent customizations should go in a .local file.
3include disable-programs.local
4
5blacklist ${HOME}/Arduino
6blacklist ${HOME}/Monero/wallets
7blacklist ${HOME}/Nextcloud/Notes
8blacklist ${HOME}/SoftMaker
9blacklist ${HOME}/Standard Notes Backups
10blacklist ${HOME}/wallet.dat
11blacklist ${HOME}/.*coin
12blacklist ${HOME}/.8pecxstudios
13blacklist ${HOME}/.AndroidStudio*
14blacklist ${HOME}/.Atom
15blacklist ${HOME}/.CLion*
16blacklist ${HOME}/.FBReader
17blacklist ${HOME}/.FontForge
18blacklist ${HOME}/.IdeaIC*
19blacklist ${HOME}/.LuminanceHDR
20blacklist ${HOME}/.Mathematica
21blacklist ${HOME}/.Natron
22blacklist ${HOME}/.PlayOnLinux
23blacklist ${HOME}/.PyCharm*
24blacklist ${HOME}/.Sayonara
25blacklist ${HOME}/.Skype
26blacklist ${HOME}/.Steam
27blacklist ${HOME}/.Steampath
28blacklist ${HOME}/.Steampid
29blacklist ${HOME}/.TelegramDesktop
30blacklist ${HOME}/.ViberPC
31blacklist ${HOME}/.VirtualBox
32blacklist ${HOME}/.VSCodium
33blacklist ${HOME}/.WebStorm*
34blacklist ${HOME}/.Wolfram Research
35blacklist ${HOME}/.ZAP
36blacklist ${HOME}/.aMule
37blacklist ${HOME}/.android
38blacklist ${HOME}/.anydesk
39blacklist ${HOME}/.arduino15
40blacklist ${HOME}/.aria2
41blacklist ${HOME}/.arm
42blacklist ${HOME}/.asunder_album_artist
43blacklist ${HOME}/.asunder_album_genre
44blacklist ${HOME}/.asunder_album_title
45blacklist ${HOME}/.atom
46blacklist ${HOME}/.attic
47blacklist ${HOME}/.audacity-data
48blacklist ${HOME}/.bcast5
49blacklist ${HOME}/.bibletime
50blacklist ${HOME}/.bitcoin
51blacklist ${HOME}/.bogofilter
52blacklist ${HOME}/.bzf
53blacklist ${HOME}/.claws-mail
54blacklist ${HOME}/.cliqz
55blacklist ${HOME}/.clonk
56blacklist ${HOME}/.config/0ad
57blacklist ${HOME}/.config/2048-qt
58blacklist ${HOME}/.config/Atom
59blacklist ${HOME}/.config/Audaciousrc
60blacklist ${HOME}/.config/Authenticator
61blacklist ${HOME}/.config/Beaker Browser
62blacklist ${HOME}/.config/Bitcoin
63blacklist ${HOME}/.config/Brackets
64blacklist ${HOME}/.config/BraveSoftware
65blacklist ${HOME}/.config/Clementine
66blacklist ${HOME}/.config/Code
67blacklist ${HOME}/.config/Code - OSS
68blacklist ${HOME}/.config/Code Industry
69blacklist ${HOME}/.config/Cryptocat
70blacklist ${HOME}/.config/Enox
71blacklist ${HOME}/.config/Franz
72blacklist ${HOME}/.config/FreeCAD
73blacklist ${HOME}/.config/Fritzing
74blacklist ${HOME}/.config/GIMP
75blacklist ${HOME}/.config/GitHub Desktop
76blacklist ${HOME}/.config/Gitter
77blacklist ${HOME}/.config/Google
78blacklist ${HOME}/.config/Google Play Music Desktop Player
79blacklist ${HOME}/.config/Gpredict
80blacklist ${HOME}/.config/INRIA
81blacklist ${HOME}/.config/InSilmaril
82blacklist ${HOME}/.config/Kid3
83blacklist ${HOME}/.config/Luminance
84blacklist ${HOME}/.config/Meltytech
85blacklist ${HOME}/.config/Mendeley Ltd.
86blacklist ${HOME}/.config/Min
87blacklist ${HOME}/.config/Mousepad
88blacklist ${HOME}/.config/Mumble
89blacklist ${HOME}/.config/MusE
90blacklist ${HOME}/.config/MuseScore
91blacklist ${HOME}/.config/MusicBrainz
92blacklist ${HOME}/.config/Nathan Osman
93blacklist ${HOME}/.config/Nylas Mail
94blacklist ${HOME}/.config/PBE
95blacklist ${HOME}/.config/Qlipper
96blacklist ${HOME}/.config/QMediathekView
97blacklist ${HOME}/.config/QuiteRss
98blacklist ${HOME}/.config/QuiteRssrc
99blacklist ${HOME}/.config/Rambox
100blacklist ${HOME}/.config/Riot
101blacklist ${HOME}/.config/Rocket.Chat
102blacklist ${HOME}/.config/Signal
103blacklist ${HOME}/.config/Slack
104blacklist ${HOME}/.config/Standard Notes
105blacklist ${HOME}/.config/SubDownloader
106blacklist ${HOME}/.config/Thunar
107blacklist ${HOME}/.config/VirtualBox
108blacklist ${HOME}/.config/Wire
109blacklist ${HOME}/.config/akonadi*
110blacklist ${HOME}/.config/akregatorrc
111blacklist ${HOME}/.config/ardour4
112blacklist ${HOME}/.config/ardour5
113blacklist ${HOME}/.config/arkrc
114blacklist ${HOME}/.config/artha.conf
115blacklist ${HOME}/.config/asunder
116blacklist ${HOME}/.config/atril
117blacklist ${HOME}/.config/audacious
118blacklist ${HOME}/.config/aweather
119blacklist ${HOME}/.config/baloofilerc
120blacklist ${HOME}/.config/baloorc
121blacklist ${HOME}/.config/blender
122blacklist ${HOME}/.config/bless
123blacklist ${HOME}/.config/bnox
124blacklist ${HOME}/.config/borg
125blacklist ${HOME}/.config/brasero
126blacklist ${HOME}/.config/brave
127blacklist ${HOME}/.config/caja
128blacklist ${HOME}/.config/calibre
129blacklist ${HOME}/.config/catfish
130blacklist ${HOME}/.config/celluloid
131blacklist ${HOME}/.config/cherrytree
132blacklist ${HOME}/.config/chromium
133blacklist ${HOME}/.config/chromium-dev
134blacklist ${HOME}/.config/chromium-flags.conf
135blacklist ${HOME}/.config/clipit
136blacklist ${HOME}/.config/cliqz
137blacklist ${HOME}/.config/cmus
138blacklist ${HOME}/.config/corebird
139blacklist ${HOME}/.config/darktable
140blacklist ${HOME}/.config/deadbeef
141blacklist ${HOME}/.config/deluge
142blacklist ${HOME}/.config/devilspie2
143blacklist ${HOME}/.config/digikam
144blacklist ${HOME}/.config/digikamrc
145blacklist ${HOME}/.config/discord
146blacklist ${HOME}/.config/discordcanary
147blacklist ${HOME}/.config/dnox
148blacklist ${HOME}/.config/dolphinrc
149blacklist ${HOME}/.config/dragonplayerrc
150blacklist ${HOME}/.config/d-feet
151blacklist ${HOME}/.config/emaildefaults
152blacklist ${HOME}/.config/emailidentities
153blacklist ${HOME}/.config/enchant
154blacklist ${HOME}/.config/eog
155blacklist ${HOME}/.config/epiphany
156blacklist ${HOME}/.config/evince
157blacklist ${HOME}/.config/evolution
158blacklist ${HOME}/.config/falkon
159blacklist ${HOME}/.config/filezilla
160blacklist ${HOME}/.config/flowblade
161blacklist ${HOME}/.config/font-manager
162blacklist ${HOME}/.config/freecol
163blacklist ${HOME}/.config/gajim
164blacklist ${HOME}/.config/galculator
165blacklist ${HOME}/.config/gconf
166blacklist ${HOME}/.config/geany
167blacklist ${HOME}/.config/gedit
168blacklist ${HOME}/.config/geeqie
169blacklist ${HOME}/.config/ghb
170blacklist ${HOME}/.config/ghostwriter
171blacklist ${HOME}/.config/git
172blacklist ${HOME}/.config/globaltime
173blacklist ${HOME}/.config/gnome-mplayer
174blacklist ${HOME}/.config/gnome-mpv
175blacklist ${HOME}/.config/gnome-pie
176blacklist ${HOME}/.config/google-chrome
177blacklist ${HOME}/.config/google-chrome-beta
178blacklist ${HOME}/.config/google-chrome-unstable
179blacklist ${HOME}/.config/gpicview
180blacklist ${HOME}/.config/gthumb
181blacklist ${HOME}/.config/gwenviewrc
182blacklist ${HOME}/.config/hexchat
183blacklist ${HOME}/.config/inkscape
184blacklist ${HOME}/.config/inox
185blacklist ${HOME}/.config/iridium
186blacklist ${HOME}/.config/itch
187blacklist ${HOME}/.config/jd-gui.cfg
188blacklist ${HOME}/.config/k3brc
189blacklist ${HOME}/.config/kaffeinerc
190blacklist ${HOME}/.config/katemetainfos
191blacklist ${HOME}/.config/katepartrc
192blacklist ${HOME}/.config/katerc
193blacklist ${HOME}/.config/kateschemarc
194blacklist ${HOME}/.config/katesyntaxhighlightingrc
195blacklist ${HOME}/.config/katevirc
196blacklist ${HOME}/.config/kdenliverc
197blacklist ${HOME}/.config/kgetrc
198blacklist ${HOME}/.config/kid3rc
199blacklist ${HOME}/.config/klavaro
200blacklist ${HOME}/.config/klipperrc
201blacklist ${HOME}/.config/kmail2rc
202blacklist ${HOME}/.config/kmailsearchindexingrc
203blacklist ${HOME}/.config/kritarc
204blacklist ${HOME}/.config/kwriterc
205blacklist ${HOME}/.config/kdeconnect
206blacklist ${HOME}/.config/knotesrc
207blacklist ${HOME}/.config/konversationrc
208blacklist ${HOME}/.config/ktorrentrc
209blacklist ${HOME}/.config/leafpad
210blacklist ${HOME}/.config/libreoffice
211blacklist ${HOME}/.config/liferea
212blacklist ${HOME}/.config/lugaru
213blacklist ${HOME}/.config/lximage-qt
214blacklist ${HOME}/.config/mailtransports
215blacklist ${HOME}/.config/mana
216blacklist ${HOME}/.config/mate-calc
217blacklist ${HOME}/.config/mate/eom
218blacklist ${HOME}/.config/mate/mate-dictionary
219blacklist ${HOME}/.config/mfusion
220blacklist ${HOME}/.config/midori
221blacklist ${HOME}/.config/mono
222blacklist ${HOME}/.config/mpd
223blacklist ${HOME}/.config/mpDris2
224blacklist ${HOME}/.config/mps-youtube
225blacklist ${HOME}/.config/mpv
226blacklist ${HOME}/.config/mupen64plus
227blacklist ${HOME}/.config/mypaint
228blacklist ${HOME}/.config/nano
229blacklist ${HOME}/.config/nautilus
230blacklist ${HOME}/.config/nemo
231blacklist ${HOME}/.config/netsurf
232blacklist ${HOME}/.config/nheko
233blacklist ${HOME}/.config/NitroShare
234blacklist ${HOME}/.config/nomacs
235blacklist ${HOME}/.config/obs-studio
236blacklist ${HOME}/.config/okularpartrc
237blacklist ${HOME}/.config/okularrc
238blacklist ${HOME}/.config/onionshare
239blacklist ${HOME}/.config/opera
240blacklist ${HOME}/.config/opera-beta
241blacklist ${HOME}/.config/orage
242blacklist ${HOME}/.config/org.kde.gwenviewrc
243blacklist ${HOME}/.config/pavucontrol.ini
244blacklist ${HOME}/.config/pcmanfm
245blacklist ${HOME}/.config/pdfmod
246blacklist ${HOME}/.config/Pinta
247blacklist ${HOME}/.config/pitivi
248blacklist ${HOME}/.config/pix
249blacklist ${HOME}/.config/pluma
250blacklist ${HOME}/.config/ppsspp
251blacklist ${HOME}/.config/pragha
252blacklist ${HOME}/.config/psi+
253blacklist ${HOME}/.config/qBittorrent
254blacklist ${HOME}/.config/qBittorrentrc
255blacklist ${HOME}/.config/qpdfview
256blacklist ${HOME}/.config/qupzilla
257blacklist ${HOME}/.config/qutebrowser
258blacklist ${HOME}/.config/ranger
259blacklist ${HOME}/.config/redshift
260blacklist ${HOME}/.config/redshift.conf
261blacklist ${HOME}/.config/remmina
262blacklist ${HOME}/.config/ristretto
263blacklist ${HOME}/.config/scribus
264blacklist ${HOME}/.config/skypeforlinux
265blacklist ${HOME}/.config/slimjet
266blacklist ${HOME}/.config/smplayer
267blacklist ${HOME}/.config/smtube
268blacklist ${HOME}/.config/snox
269blacklist ${HOME}/.config/specialmailcollectionsrc
270blacklist ${HOME}/.config/spotify
271blacklist ${HOME}/.config/supertuxkart
272blacklist ${HOME}/.config/sqlitebrowser
273blacklist ${HOME}/.config/stellarium
274blacklist ${HOME}/.config/synfig
275blacklist ${HOME}/.config/telepathy-account-widgets
276blacklist ${HOME}/.config/torbrowser
277blacklist ${HOME}/.config/totem
278blacklist ${HOME}/.config/tox
279blacklist ${HOME}/.config/transgui
280blacklist ${HOME}/.config/truecraft
281blacklist ${HOME}/.config/transmission
282blacklist ${HOME}/.config/uGet
283blacklist ${HOME}/.config/uzbl
284blacklist ${HOME}/.config/viewnior
285blacklist ${HOME}/.config/vivaldi
286blacklist ${HOME}/.config/vivaldi-snapshot
287blacklist ${HOME}/.config/vlc
288blacklist ${HOME}/.config/wesnoth
289blacklist ${HOME}/.config/wireshark
290blacklist ${HOME}/.config/xchat
291blacklist ${HOME}/.config/xed
292blacklist ${HOME}/.config/xfburn
293blacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc
294blacklist ${HOME}/.config/xfce4/xfce4-notes.rc
295blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
296blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml
297blacklist ${HOME}/.config/xfce4-dict
298blacklist ${HOME}/.config/xiaoyong
299blacklist ${HOME}/.config/xmms2
300blacklist ${HOME}/.config/xplayer
301blacklist ${HOME}/.config/xreader
302blacklist ${HOME}/.config/xviewer
303blacklist ${HOME}/.config/yandex-browser
304blacklist ${HOME}/.config/yandex-browser-beta
305blacklist ${HOME}/.config/zathura
306blacklist ${HOME}/.config/zoomus.conf
307blacklist ${HOME}/.conkeror.mozdev.org
308blacklist ${HOME}/.crawl
309blacklist ${HOME}/.curlrc
310blacklist ${HOME}/.dashcore
311blacklist ${HOME}/.devilspie
312blacklist ${HOME}/.dia
313blacklist ${HOME}/.digrc
314blacklist ${HOME}/.dillo
315blacklist ${HOME}/.dooble
316blacklist ${HOME}/.dosbox
317blacklist ${HOME}/.dropbox*
318blacklist ${HOME}/.easystroke
319blacklist ${HOME}/.electron-cache
320blacklist ${HOME}/.electrum*
321blacklist ${HOME}/.elinks
322blacklist ${HOME}/.emacs
323blacklist ${HOME}/.emacs
324blacklist ${HOME}/.emacs.d
325blacklist ${HOME}/.ethereum
326blacklist ${HOME}/.etr
327blacklist ${HOME}/.filezilla
328blacklist ${HOME}/.flowblade
329blacklist ${HOME}/.fltk
330blacklist ${HOME}/.fossamail
331blacklist ${HOME}/.freeciv
332blacklist ${HOME}/.freecol
333blacklist ${HOME}/.freemind
334blacklist ${HOME}/.frozen-bubble
335blacklist ${HOME}/.gimp*
336blacklist ${HOME}/.git-credentials
337blacklist ${HOME}/.git-credential-cache
338blacklist ${HOME}/.gitconfig
339blacklist ${HOME}/.gnome/gnome-schedule
340blacklist ${HOME}/.googleearth/Cache/
341blacklist ${HOME}/.googleearth/Temp/
342blacklist ${HOME}/.googleearth/myplaces.backup.kml
343blacklist ${HOME}/.googleearth/myplaces.kml
344blacklist ${HOME}/.gradle
345blacklist ${HOME}/.gramps
346blacklist ${HOME}/.guayadeque
347blacklist ${HOME}/.hashcat
348blacklist ${HOME}/.hedgewars
349blacklist ${HOME}/.hugin
350blacklist ${HOME}/.icedove
351blacklist ${HOME}/.imagej
352blacklist ${HOME}/.inkscape
353blacklist ${HOME}/.jack-server
354blacklist ${HOME}/.jack-settings
355blacklist ${HOME}/.jak
356blacklist ${HOME}/.java
357blacklist ${HOME}/.jd
358blacklist ${HOME}/.jitsi
359blacklist ${HOME}/.kde/share/apps/digikam
360blacklist ${HOME}/.kde/share/apps/gwenview
361blacklist ${HOME}/.kde/share/apps/kaffeine
362blacklist ${HOME}/.kde/share/apps/kcookiejar
363blacklist ${HOME}/.kde/share/apps/kget
364blacklist ${HOME}/.kde/share/apps/khtml
365blacklist ${HOME}/.kde/share/apps/konqsidebartng
366blacklist ${HOME}/.kde/share/apps/konqueror
367blacklist ${HOME}/.kde/share/apps/kopete
368blacklist ${HOME}/.kde/share/apps/khtml
369blacklist ${HOME}/.kde/share/apps/ktorrent
370blacklist ${HOME}/.kde/share/apps/okular
371blacklist ${HOME}/.kde/share/config/baloofilerc
372blacklist ${HOME}/.kde/share/config/baloorc
373blacklist ${HOME}/.kde/share/config/digikam
374blacklist ${HOME}/.kde/share/config/gwenviewrc
375blacklist ${HOME}/.kde/share/config/k3brc
376blacklist ${HOME}/.kde/share/config/kaffeinerc
377blacklist ${HOME}/.kde/share/config/kcookiejarrc
378blacklist ${HOME}/.kde/share/config/kgetrc
379blacklist ${HOME}/.kde/share/config/khtmlrc
380blacklist ${HOME}/.kde/share/config/klipperrc
381blacklist ${HOME}/.kde/share/config/konq_history
382blacklist ${HOME}/.kde/share/config/konqsidebartngrc
383blacklist ${HOME}/.kde/share/config/konquerorrc
384blacklist ${HOME}/.kde/share/config/konversationrc
385blacklist ${HOME}/.kde/share/config/kopeterc
386blacklist ${HOME}/.kde/share/config/ktorrentrc
387blacklist ${HOME}/.kde/share/config/okularpartrc
388blacklist ${HOME}/.kde/share/config/okularrc
389blacklist ${HOME}/.kde4/share/apps/digikam
390blacklist ${HOME}/.kde4/share/apps/gwenview
391blacklist ${HOME}/.kde4/share/apps/kaffeine
392blacklist ${HOME}/.kde4/share/apps/kcookiejar
393blacklist ${HOME}/.kde4/share/apps/kget
394blacklist ${HOME}/.kde4/share/apps/khtml
395blacklist ${HOME}/.kde4/share/apps/konqueror
396blacklist ${HOME}/.kde4/share/apps/konqsidebartng
397blacklist ${HOME}/.kde4/share/apps/kopete
398blacklist ${HOME}/.kde4/share/apps/ktorrent
399blacklist ${HOME}/.kde4/share/apps/okular
400blacklist ${HOME}/.kde4/share/config/baloorc
401blacklist ${HOME}/.kde4/share/config/baloofilerc
402blacklist ${HOME}/.kde4/share/config/digikam
403blacklist ${HOME}/.kde4/share/config/gwenviewrc
404blacklist ${HOME}/.kde4/share/config/k3brc
405blacklist ${HOME}/.kde4/share/config/kaffeinerc
406blacklist ${HOME}/.kde4/share/config/kcookiejarrc
407blacklist ${HOME}/.kde4/share/config/kgetrc
408blacklist ${HOME}/.kde4/share/config/khtmlrc
409blacklist ${HOME}/.kde4/share/config/klipperrc
410blacklist ${HOME}/.kde4/share/config/konq_history
411blacklist ${HOME}/.kde4/share/config/konqsidebartngrc
412blacklist ${HOME}/.kde4/share/config/konquerorrc
413blacklist ${HOME}/.kde4/share/config/konversationrc
414blacklist ${HOME}/.kde4/share/config/kopeterc
415blacklist ${HOME}/.kde4/share/config/ktorrentrc
416blacklist ${HOME}/.kde4/share/config/okularpartrc
417blacklist ${HOME}/.kde4/share/config/okularrc
418blacklist ${HOME}/.killingfloor
419blacklist ${HOME}/.kino-history
420blacklist ${HOME}/.kinorc
421blacklist ${HOME}/.kodi
422blacklist ${HOME}/.lincity-ng
423blacklist ${HOME}/.linphone-history.db
424blacklist ${HOME}/.linphonerc
425blacklist ${HOME}/.lmmsrc.xml
426blacklist ${HOME}/.local/lib/vivaldi
427blacklist ${HOME}/.local/share/0ad
428blacklist ${HOME}/.local/share/3909/PapersPlease
429blacklist ${HOME}/.local/share/Anki2
430blacklist ${HOME}/.local/share/Empathy
431blacklist ${HOME}/.local/share/JetBrains
432blacklist ${HOME}/.local/share/Mendeley Ltd.
433blacklist ${HOME}/.local/share/Mumble
434blacklist ${HOME}/.local/share/PBE
435blacklist ${HOME}/.local/share/QMediathekView
436blacklist ${HOME}/.local/share/QuiteRss
437blacklist ${HOME}/.local/share/Ricochet
438blacklist ${HOME}/.local/share/Steam
439blacklist ${HOME}/.local/share/SuperHexagon
440blacklist ${HOME}/.local/share/TelegramDesktop
441blacklist ${HOME}/.local/share/Terraria
442blacklist ${HOME}/.local/share/TpLogger
443blacklist ${HOME}/.local/share/akonadi*
444blacklist ${HOME}/.local/share/akregator
445blacklist ${HOME}/.local/share/apps/korganizer
446blacklist ${HOME}/.local/share/aspyr-media
447blacklist ${HOME}/.local/share/baloo
448blacklist ${HOME}/.local/share/bibletime
449blacklist ${HOME}/.local/share/caja-python
450blacklist ${HOME}/.local/share/cdprojektred
451blacklist ${HOME}/.local/share/clipit
452blacklist ${HOME}/.local/share/contacts
453blacklist ${HOME}/.local/share/data/Mendeley Ltd.
454blacklist ${HOME}/.local/share/data/Mumble
455blacklist ${HOME}/.local/share/data/MusE
456blacklist ${HOME}/.local/share/data/MuseScore
457blacklist ${HOME}/.local/share/data/nomacs
458blacklist ${HOME}/.local/share/data/qBittorrent
459blacklist ${HOME}/.local/share/dino
460blacklist ${HOME}/.local/share/dolphin
461blacklist ${HOME}/.local/share/emailidentities
462blacklist ${HOME}/.local/share/epiphany
463blacklist ${HOME}/.local/share/evolution
464blacklist ${HOME}/.local/share/feedreader
465blacklist ${HOME}/.local/share/feral-interactive
466blacklist ${HOME}/.local/share/freecol
467blacklist ${HOME}/.local/share/gajim
468blacklist ${HOME}/.local/share/geary
469blacklist ${HOME}/.local/share/geeqie
470blacklist ${HOME}/.local/share/gitg
471blacklist ${HOME}/.local/share/gnome-2048
472blacklist ${HOME}/.local/share/gnome-chess
473blacklist ${HOME}/.local/share/gnome-music
474blacklist ${HOME}/.local/share/gnome-photos
475blacklist ${HOME}/.local/share/gnome-recipes
476blacklist ${HOME}/.local/share/gnome-ring
477blacklist ${HOME}/.local/share/gnome-twitch
478blacklist ${HOME}/.local/share/gradio
479blacklist ${HOME}/.local/share/gwenview
480blacklist ${HOME}/.local/share/kaffeine
481blacklist ${HOME}/.local/share/kate
482blacklist ${HOME}/.local/share/kdenlive
483blacklist ${HOME}/.local/share/kget
484blacklist ${HOME}/.local/share/klavaro
485blacklist ${HOME}/.local/share/kmail2
486blacklist ${HOME}/.local/share/knotes
487blacklist ${HOME}/.local/share/krita
488blacklist ${HOME}/.local/share/ktorrentrc
489blacklist ${HOME}/.local/share/ktorrent
490blacklist ${HOME}/.local/share/kwrite
491blacklist ${HOME}/.local/share/liferea
492blacklist ${HOME}/.local/share/local-mail
493blacklist ${HOME}/.local/share/lollypop
494blacklist ${HOME}/.local/share/lugaru
495blacklist ${HOME}/.local/share/mana
496blacklist ${HOME}/.local/share/maps-places.json
497blacklist ${HOME}/.local/share/meld
498blacklist ${HOME}/.local/share/midori
499blacklist ${HOME}/.local/share/multimc
500blacklist ${HOME}/.local/share/multimc5
501blacklist ${HOME}/.local/share/mupen64plus
502blacklist ${HOME}/.local/share/mypaint
503blacklist ${HOME}/.local/share/nautilus
504blacklist ${HOME}/.local/share/nautilus-python
505blacklist ${HOME}/.local/share/nemo
506blacklist ${HOME}/.local/share/nemo-python
507blacklist ${HOME}/.local/share/nomacs
508blacklist ${HOME}/.local/share/notes
509blacklist ${HOME}/.local/share/ocenaudio
510blacklist ${HOME}/.local/share/okular
511blacklist ${HOME}/.local/share/orage
512blacklist ${HOME}/.local/share/org.kde.gwenview
513blacklist ${HOME}/.local/share/rhythmbox
514blacklist ${HOME}/.local/share/pix
515blacklist ${HOME}/.local/share/plasma_notes
516blacklist ${HOME}/.local/share/psi+
517blacklist ${HOME}/.local/share/qpdfview
518blacklist ${HOME}/.local/share/qutebrowser
519blacklist ${HOME}/.local/share/remmina
520blacklist ${HOME}/.local/share/scribus
521blacklist ${HOME}/.local/share/spotify
522blacklist ${HOME}/.local/share/steam
523blacklist ${HOME}/.local/share/supertux2
524blacklist ${HOME}/.local/share/supertuxkart
525blacklist ${HOME}/.local/share/telepathy
526blacklist ${HOME}/.local/share/terasology
527blacklist ${HOME}/.local/share/torbrowser
528blacklist ${HOME}/.local/share/totem
529blacklist ${HOME}/.local/share/uzbl
530blacklist ${HOME}/.local/share/vlc
531blacklist ${HOME}/.local/share/vpltd
532blacklist ${HOME}/.local/share/vulkan
533blacklist ${HOME}/.local/share/warsow-2.1
534blacklist ${HOME}/.local/share/wesnoth
535blacklist ${HOME}/.local/share/xplayer
536blacklist ${HOME}/.local/share/xreader
537blacklist ${HOME}/.local/share/zathura
538blacklist ${HOME}/.lv2
539blacklist ${HOME}/.masterpdfeditor
540blacklist ${HOME}/.mcabber
541blacklist ${HOME}/.mcabberrc
542blacklist ${HOME}/.mediathek3
543blacklist ${HOME}/.megaglest
544blacklist ${HOME}/.minetest
545blacklist ${HOME}/.moonchild productions/basilisk
546blacklist ${HOME}/.moonchild productions/pale moon
547blacklist ${HOME}/.mozilla
548blacklist ${HOME}/.mpd
549blacklist ${HOME}/.mpdconf
550blacklist ${HOME}/.mplayer
551blacklist ${HOME}/.msmtprc
552blacklist ${HOME}/.multimc5
553blacklist ${HOME}/.nanorc
554blacklist ${HOME}/.netactview
555blacklist ${HOME}/.neverball
556blacklist ${HOME}/.newsboat
557blacklist ${HOME}/.nv
558blacklist ${HOME}/.nylas-mail
559blacklist ${HOME}/.opencity
560blacklist ${HOME}/.openinvaders
561blacklist ${HOME}/.openshot
562blacklist ${HOME}/.openshot_qt
563blacklist ${HOME}/.openttd
564blacklist ${HOME}/.opera
565blacklist ${HOME}/.opera-beta
566blacklist ${HOME}/.ostrichriders
567blacklist ${HOME}/.pingus
568blacklist ${HOME}/.pioneer
569blacklist ${HOME}/.purple
570blacklist ${HOME}/.qemu-launcher
571blacklist ${HOME}/.qmmp
572blacklist ${HOME}/.quodlibet
573blacklist ${HOME}/.redeclipse
574blacklist ${HOME}/.remmina
575blacklist ${HOME}/.repo_.gitconfig.json
576blacklist ${HOME}/.repoconfig
577blacklist ${HOME}/.retroshare
578blacklist ${HOME}/.scorched3d
579blacklist ${HOME}/.scribus
580blacklist ${HOME}/.scribusrc
581blacklist ${HOME}/.simutrans
582blacklist ${HOME}/.smartgit/*/passwords
583blacklist ${HOME}/.steam
584blacklist ${HOME}/.steampath
585blacklist ${HOME}/.steampid
586blacklist ${HOME}/.stellarium
587blacklist ${HOME}/.subversion
588blacklist ${HOME}/.surf
589blacklist ${HOME}/.sword
590blacklist ${HOME}/.sylpheed-2.0
591blacklist ${HOME}/.synfig
592blacklist ${HOME}/.tconn
593blacklist ${HOME}/.teeworlds
594blacklist ${HOME}/.thunderbird
595blacklist ${HOME}/.tilp
596blacklist ${HOME}/.tooling
597blacklist ${HOME}/.tor-browser-*
598blacklist ${HOME}/.tor-browser_*
599blacklist ${HOME}/.torcs
600blacklist ${HOME}/.tremulous
601blacklist ${HOME}/.ts3client
602blacklist ${HOME}/.tuxguitar*
603blacklist ${HOME}/.unknown-horizons
604blacklist ${HOME}/.viking
605blacklist ${HOME}/.viking-maps
606blacklist ${HOME}/.vscode
607blacklist ${HOME}/.vscode-oss
608blacklist ${HOME}/.vst
609blacklist ${HOME}/.vultures
610blacklist ${HOME}/.w3m
611blacklist ${HOME}/.warzone2100-3.*
612blacklist ${HOME}/.waterfox
613blacklist ${HOME}/.weechat
614blacklist ${HOME}/.wget-hsts
615blacklist ${HOME}/.wgetrc
616blacklist ${HOME}/.widelands
617blacklist ${HOME}/.wine
618blacklist ${HOME}/.wireshark
619blacklist ${HOME}/.wine64
620blacklist ${HOME}/.xiphos
621blacklist ${HOME}/.xmind
622blacklist ${HOME}/.xmms
623blacklist ${HOME}/.xmr-stak
624blacklist ${HOME}/.xonotic
625blacklist ${HOME}/.xpdfrc
626blacklist ${HOME}/.zoom
627blacklist /tmp/akonadi-*
628blacklist /tmp/ssh-*
629
630# ${HOME}/.cache directory
631blacklist ${HOME}/.cache/0ad
632blacklist ${HOME}/.cache/8pecxstudios
633blacklist ${HOME}/.cache/Authenticator
634blacklist ${HOME}/.cache/Clementine
635blacklist ${HOME}/.cache/Enox
636blacklist ${HOME}/.cache/Franz
637blacklist ${HOME}/.cache/INRIA
638blacklist ${HOME}/.cache/MusicBrainz
639blacklist ${HOME}/.cache/QuiteRss
640blacklist ${HOME}/.cache/akonadi*
641blacklist ${HOME}/.cache/atril
642blacklist ${HOME}/.cache/attic
643blacklist ${HOME}/.cache/bnox
644blacklist ${HOME}/.cache/borg
645blacklist ${HOME}/.cache/calibre
646blacklist ${HOME}/.cache/champlain
647blacklist ${HOME}/.cache/chromium
648blacklist ${HOME}/.cache/chromium-dev
649blacklist ${HOME}/.cache/cliqz
650blacklist ${HOME}/.cache/darktable
651blacklist ${HOME}/.cache/discover
652blacklist ${HOME}/.cache/dnox
653blacklist ${HOME}/.cache/dolphin
654blacklist ${HOME}/.cache/epiphany
655blacklist ${HOME}/.cache/evolution
656blacklist ${HOME}/.cache/falkon
657blacklist ${HOME}/.cache/feedreader
658blacklist ${HOME}/.cache/font-manager
659blacklist ${HOME}/.cache/fossamail
660blacklist ${HOME}/.cache/freecol
661blacklist ${HOME}/.cache/gajim
662blacklist ${HOME}/.cache/geeqie
663blacklist ${HOME}/.cache/google-chrome
664blacklist ${HOME}/.cache/google-chrome-beta
665blacklist ${HOME}/.cache/google-chrome-unstable
666blacklist ${HOME}/.cache/gnome-recipes
667blacklist ${HOME}/.cache/gnome-twitch
668blacklist ${HOME}/.cache/gradio
669blacklist ${HOME}/.cache/icedove
670blacklist ${HOME}/.cache/INRIA/Natron
671blacklist ${HOME}/.cache/inkscape
672blacklist ${HOME}/.cache/inox
673blacklist ${HOME}/.cache/iridium
674blacklist ${HOME}/.cache/kdenlive
675blacklist ${HOME}/.cache/kinfocenter
676blacklist ${HOME}/.cache/kmail2
677blacklist ${HOME}/.cache/krunner
678blacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite*
679blacklist ${HOME}/.cache/kscreenlocker_greet
680blacklist ${HOME}/.cache/ksmserver-logout-greeter
681blacklist ${HOME}/.cache/ksplashqml
682blacklist ${HOME}/.cache/kwin
683blacklist ${HOME}/.cache/libgweather
684blacklist ${HOME}/.cache/liferea
685blacklist ${HOME}/.cache/Mendeley Ltd.
686blacklist ${HOME}/.cache/midori
687blacklist ${HOME}/.cache/moonchild productions/basilisk
688blacklist ${HOME}/.cache/moonchild productions/pale moon
689blacklist ${HOME}/.cache/mozilla
690blacklist ${HOME}/.cache/ms-excel-online
691blacklist ${HOME}/.cache/ms-office-online
692blacklist ${HOME}/.cache/ms-onenote-online
693blacklist ${HOME}/.cache/ms-outlook-online
694blacklist ${HOME}/.cache/ms-powerpoint-online
695blacklist ${HOME}/.cache/ms-skype-online
696blacklist ${HOME}/.cache/ms-word-online
697blacklist ${HOME}/.cache/mutt
698blacklist ${HOME}/.cache/mypaint
699blacklist ${HOME}/.cache/nheko/nheko
700blacklist ${HOME}/.cache/netsurf
701blacklist ${HOME}/.cache/okular
702blacklist ${HOME}/.cache/opera
703blacklist ${HOME}/.cache/opera-beta
704blacklist ${HOME}/.cache/org.gnome.Books
705blacklist ${HOME}/.cache/pdfmod
706blacklist ${HOME}/.cache/peek
707blacklist ${HOME}/.cache/plasmashell
708blacklist ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite*
709blacklist ${HOME}/.cache/qBittorrent
710blacklist ${HOME}/.cache/qupzilla
711blacklist ${HOME}/.cache/qutebrowser
712blacklist ${HOME}/.cache/simple-scan
713blacklist ${HOME}/.cache/slimjet
714blacklist ${HOME}/.cache/snox
715blacklist ${HOME}/.cache/spotify
716blacklist ${HOME}/.cache/supertuxkart
717blacklist ${HOME}/.cache/systemsettings
718blacklist ${HOME}/.cache/telepathy
719blacklist ${HOME}/.cache/thunderbird
720blacklist ${HOME}/.cache/torbrowser
721blacklist ${HOME}/.cache/transmission
722blacklist ${HOME}/.cache/vivaldi
723blacklist ${HOME}/.cache/vivaldi-snapshot
724blacklist ${HOME}/.cache/vlc
725blacklist ${HOME}/.cache/warsow-2.1
726blacklist ${HOME}/.cache/waterfox
727blacklist ${HOME}/.cache/wesnoth
728blacklist ${HOME}/.cache/xmms2
729blacklist ${HOME}/.cache/xreader
730blacklist ${HOME}/.cache/yandex-browser
731blacklist ${HOME}/.cache/yandex-browser-beta
732
733blacklist /var/games/nethack
734blacklist /var/games/slashem
735blacklist /var/games/vulturesclaw
736blacklist /var/games/vultureseye
737blacklist /var/lib/games/Maelstrom-Scores
diff --git a/etc/geany.profile b/etc/geany.profile
index 5547477fc..b9c0da12e 100644
--- a/etc/geany.profile
+++ b/etc/geany.profile
@@ -1 +1,37 @@
1]0;firejail /usr/bin/meld ./etc/geany_LOCAL_29017.profile ./etc/geany_BASE_29017.profile ./etc/geany_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for geany
2# Description: Fast and lightweight IDE
3# This file is overwritten after every install/update
4# Persistent local customizations
5include geany.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/geany
10noblacklist ${HOME}/.config/git
11noblacklist ${HOME}/.gitconfig
12noblacklist ${HOME}/.git-credentials
13noblacklist ${HOME}/.python-history
14noblacklist ${HOME}/.pythonrc.py
15
16include disable-common.inc
17include disable-passwdmgr.inc
18include disable-programs.inc
19
20caps.drop all
21netfilter
22no3d
23nodvd
24nogroups
25nonewprivs
26noroot
27nosound
28notv
29nou2f
30novideo
31protocol unix,inet,inet6
32seccomp
33shell none
34
35private-cache
36private-dev
37private-tmp
diff --git a/etc/gedit.profile b/etc/gedit.profile
index f1e78ca95..ca2cf6e92 100644
--- a/etc/gedit.profile
+++ b/etc/gedit.profile
@@ -1 +1,50 @@
1]0;firejail /usr/bin/meld ./etc/gedit_LOCAL_29017.profile ./etc/gedit_BASE_29017.profile ./etc/gedit_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for gedit
2# Description: Official text editor of the GNOME desktop environment
3# This file is overwritten after every install/update
4# Persistent local customizations
5include gedit.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/enchant
10noblacklist ${HOME}/.config/gedit
11noblacklist ${HOME}/.config/git
12noblacklist ${HOME}/.gitconfig
13noblacklist ${HOME}/.git-credentials
14noblacklist ${HOME}/.python-history
15noblacklist ${HOME}/.pythonrc.py
16
17include disable-common.inc
18# include disable-devel.inc
19include disable-exec.inc
20# include disable-interpreters.inc
21include disable-passwdmgr.inc
22include disable-programs.inc
23
24include whitelist-var-common.inc
25
26# apparmor - makes settings immutable
27caps.drop all
28machine-id
29# net none - makes settings immutable
30no3d
31# nodbus - makes settings immutable
32nodvd
33nogroups
34nonewprivs
35noroot
36nosound
37notv
38nou2f
39novideo
40protocol unix
41seccomp
42shell none
43tracelog
44
45# private-bin gedit
46private-dev
47# private-etc alternatives,fonts
48private-lib /usr/bin/gedit,libtinfo.so.*,libreadline.so.*,gedit,libgspell-1.so.*,gconv,aspell
49private-tmp
50
diff --git a/etc/git.profile b/etc/git.profile
index bdfdb4c41..0eb69faed 100644
--- a/etc/git.profile
+++ b/etc/git.profile
@@ -1 +1,51 @@
1]0;firejail /usr/bin/meld ./etc/git_LOCAL_29017.profile ./etc/git_BASE_29017.profile ./etc/git_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for git
2# Description: Fast, scalable, distributed revision control system
3# This file is overwritten after every install/update
4quiet
5# Persistent local customizations
6include git.local
7# Persistent global definitions
8include globals.local
9
10blacklist /tmp/.X11-unix
11
12noblacklist ${HOME}/.config/git
13noblacklist ${HOME}/.config/nano
14noblacklist ${HOME}/.emacs
15noblacklist ${HOME}/.emacs.d
16noblacklist ${HOME}/.gitconfig
17noblacklist ${HOME}/.git-credentials
18noblacklist ${HOME}/.gnupg
19noblacklist ${HOME}/.nanorc
20noblacklist ${HOME}/.oh-my-zsh
21noblacklist ${HOME}/.ssh
22noblacklist ${HOME}/.vim
23noblacklist ${HOME}/.viminfo
24
25include disable-common.inc
26include disable-exec.inc
27include disable-passwdmgr.inc
28include disable-programs.inc
29
30apparmor
31caps.drop all
32ipc-namespace
33machine-id
34netfilter
35no3d
36nodvd
37nogroups
38nonewprivs
39noroot
40nosound
41notv
42nou2f
43novideo
44protocol unix,inet,inet6
45seccomp
46shell none
47
48private-cache
49private-dev
50
51memory-deny-write-execute
diff --git a/etc/gitg.profile b/etc/gitg.profile
index 7e48cedf7..656d5cfd8 100644
--- a/etc/gitg.profile
+++ b/etc/gitg.profile
@@ -1 +1,44 @@
1]0;firejail /usr/bin/meld ./etc/gitg_LOCAL_29017.profile ./etc/gitg_BASE_29017.profile ./etc/gitg_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for gitg
2# Description: Git repository viewer
3# This file is overwritten after every install/update
4# Persistent local customizations
5include gitg.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/git
10noblacklist ${HOME}/.gitconfig
11noblacklist ${HOME}/.git-credentials
12noblacklist ${HOME}/.local/share/gitg
13noblacklist ${HOME}/.ssh
14
15include disable-common.inc
16include disable-devel.inc
17include disable-exec.inc
18include disable-interpreters.inc
19include disable-passwdmgr.inc
20include disable-programs.inc
21
22include whitelist-var-common.inc
23
24caps.drop all
25no3d
26nodvd
27nogroups
28nonewprivs
29noroot
30nosound
31notv
32nou2f
33novideo
34protocol unix,inet,inet6
35seccomp
36shell none
37
38private-bin gitg,git,ssh
39private-cache
40private-dev
41private-tmp
42
43# mdwe breaks diff in older versions
44#memory-deny-write-execute
diff --git a/etc/github-desktop.profile b/etc/github-desktop.profile
index 061b44c42..4a969f9ad 100644
--- a/etc/github-desktop.profile
+++ b/etc/github-desktop.profile
@@ -1 +1,49 @@
1]0;firejail /usr/bin/meld ./etc/github-desktop_LOCAL_29017.profile ./etc/github-desktop_BASE_29017.profile ./etc/github-desktop_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for github-desktop
2# Description: Extend your GitHub workflow beyond your browser with GitHub Desktop
3# This file is overwritten after every install/update
4# Persistent local customizations
5include github-desktop.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/GitHub Desktop
10noblacklist ${HOME}/.config/git
11noblacklist ${HOME}/.gitconfig
12noblacklist ${HOME}/.git-credentials
13
14include disable-common.inc
15include disable-passwdmgr.inc
16include disable-programs.inc
17include disable-devel.inc
18include disable-exec.inc
19include disable-interpreters.inc
20
21caps.drop all
22netfilter
23# no3d
24nodvd
25nogroups
26nonewprivs
27noroot
28nosound
29notv
30nou2f
31novideo
32protocol unix,inet,inet6,netlink
33seccomp
34
35# Note: On debian-based distributions the binary might be located in
36# /opt/GitHub Desktop/github-desktop, and therefore not be in PATH.
37# If that's the case you can start GitHub Desktop with firejail via
38# `firejail "/opt/GitHub Desktop/github-desktop"`.
39
40disable-mnt
41# private-bin github-desktop
42private-cache
43?HAS_APPIMAGE: ignore private-dev
44private-dev
45# private-etc alternatives
46# private-lib
47private-tmp
48
49# memory-deny-write-execute
diff --git a/etc/gnome-builder.profile b/etc/gnome-builder.profile
index 09164ad4e..c2459e6ee 100644
--- a/etc/gnome-builder.profile
+++ b/etc/gnome-builder.profile
@@ -1 +1,36 @@
1]0;firejail /usr/bin/meld ./etc/gnome-builder_LOCAL_29017.profile ./etc/gnome-builder_BASE_29017.profile ./etc/gnome-builder_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for gnome-builder
2# Description: IDE for GNOME
3# This file is overwritten after every install/update
4# Persistent local customizations
5include gnome-builder.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.cargo/config
10noblacklist ${HOME}/.cargo/registry
11noblacklist ${HOME}/.config/git
12noblacklist ${HOME}/.gitconfig
13noblacklist ${HOME}/.git-credentials
14noblacklist ${HOME}/.python-history
15noblacklist ${HOME}/.pythonrc.py
16
17include disable-common.inc
18include disable-passwdmgr.inc
19include disable-programs.inc
20
21caps.drop all
22ipc-namespace
23netfilter
24nodvd
25nogroups
26nonewprivs
27noroot
28notv
29nou2f
30novideo
31protocol unix,inet,inet6
32seccomp
33shell none
34
35private-cache
36private-dev
diff --git a/etc/idea.sh.profile b/etc/idea.sh.profile
index 467265b79..4f3047e08 100644
--- a/etc/idea.sh.profile
+++ b/etc/idea.sh.profile
@@ -1 +1,42 @@
1]0;firejail /usr/bin/meld ./etc/idea.sh_LOCAL_29017.profile ./etc/idea.sh_BASE_29017.profile ./etc/idea.sh_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for idea.sh
2# This file is overwritten after every install/update
3# Persistent local customizations
4include idea.sh.local
5# Persistent global definitions
6include globals.local
7
8noblacklist ${HOME}/.IdeaIC*
9noblacklist ${HOME}/.android
10noblacklist ${HOME}/.config/git
11noblacklist ${HOME}/.gitconfig
12noblacklist ${HOME}/.git-credentials
13noblacklist ${HOME}/.gradle
14noblacklist ${HOME}/.jack-server
15noblacklist ${HOME}/.jack-settings
16noblacklist ${HOME}/.java
17noblacklist ${HOME}/.local/share/JetBrains
18noblacklist ${HOME}/.ssh
19noblacklist ${HOME}/.tooling
20
21include disable-common.inc
22include disable-passwdmgr.inc
23include disable-programs.inc
24
25caps.drop all
26netfilter
27nodvd
28nogroups
29nonewprivs
30noroot
31notv
32nou2f
33novideo
34protocol unix,inet,inet6
35seccomp
36shell none
37
38private-cache
39private-dev
40# private-tmp
41
42noexec /tmp
diff --git a/etc/meld.profile b/etc/meld.profile
index 3d169a471..5e5c86368 100644
--- a/etc/meld.profile
+++ b/etc/meld.profile
@@ -1 +1,61 @@
1]0;firejail /usr/bin/meld ./etc/meld_LOCAL_29017.profile ./etc/meld_BASE_29017.profile ./etc/meld_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for meld
2# Description: Graphical tool to diff and merge files
3# This file is overwritten after every install/update
4# Persistent local customizations
5include meld.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.local/share/meld
10
11# Allow python (blacklisted by disable-interpreters.inc)
12noblacklist ${PATH}/python2*
13noblacklist ${PATH}/python3*
14noblacklist /usr/lib/python2*
15noblacklist /usr/lib/python3*
16noblacklist /usr/local/lib/python2*
17noblacklist /usr/local/lib/python3*
18
19noblacklist ${HOME}/.config/git
20noblacklist ${HOME}/.gitconfig
21noblacklist ${HOME}/.git-credentials
22noblacklist ${HOME}/.ssh
23noblacklist ${HOME}/.subversion
24
25# Uncomment the next line if you don't need to compare files in disable-common.inc.
26#include disable-common.inc
27include disable-devel.inc
28include disable-exec.inc
29include disable-interpreters.inc
30include disable-passwdmgr.inc
31# Uncomment the next line if you don't need to compare files in disable-programs.inc.
32#include disable-programs.inc
33
34include whitelist-var-common.inc
35
36apparmor
37caps.drop all
38ipc-namespace
39machine-id
40netfilter
41no3d
42nodvd
43nogroups
44nonewprivs
45noroot
46nosound
47notv
48nou2f
49novideo
50protocol unix,inet,inet6
51seccomp
52shell none
53tracelog
54
55private-bin bzr,cvs,git,hg,meld,python*,svn
56private-cache
57private-dev
58# Uncomment the next line if you don't need to compare in /etc.
59#private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,pki,resolv.conf,ssl,subversion
60private-tmp
61
diff --git a/etc/webstorm.profile b/etc/webstorm.profile
index ad8173c6f..b97ea8d2f 100644
--- a/etc/webstorm.profile
+++ b/etc/webstorm.profile
@@ -1 +1,43 @@
1]0;firejail /usr/bin/meld ./etc/webstorm_LOCAL_29017.profile ./etc/webstorm_BASE_29017.profile ./etc/webstorm_REMOTE_29017.profile  \ No newline at end of file 1# Firejail profile for WebStorm
2# This file is overwritten after every install/update
3# Persistent local customizations
4include webstorm.local
5# Persistent global definitions
6include globals.local
7
8noblacklist ${HOME}/.WebStorm*
9noblacklist ${HOME}/.android
10noblacklist ${HOME}/.config/git
11noblacklist ${HOME}/.gitconfig
12noblacklist ${HOME}/.git-credentials
13noblacklist ${HOME}/.gradle
14noblacklist ${HOME}/.java
15noblacklist ${HOME}/.local/share/JetBrains
16noblacklist ${HOME}/.ssh
17noblacklist ${HOME}/.tooling
18
19noblacklist ${PATH}/node
20noblacklist ${HOME}/.nvm
21
22include disable-common.inc
23include disable-devel.inc
24include disable-interpreters.inc
25include disable-passwdmgr.inc
26include disable-programs.inc
27
28caps.drop all
29netfilter
30nodvd
31nogroups
32nonewprivs
33noroot
34notv
35nou2f
36novideo
37protocol unix,inet,inet6
38seccomp
39shell none
40
41private-cache
42private-dev
43private-tmp
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-27 09:47:19 +0000