Add a profile for ghostwriter (#2319)

* Add a profile for ghostwriter
author: rusty-snake <print_hello_world+GitHub@protonmail.com> 2018-12-31 04:14:38 +0000
committer: Fred Barclay <Fred-Barclay@users.noreply.github.com> 2018-12-30 22:14:38 -0600
commit: 803d629fcc2517e3423c9a3e6865997f080517eb (patch)
tree: 51b41ead9a7fd3c79c639a9668703ff1c08789cd
parent: Merge pull request #2313 from rusty-snake/patch-1 (diff)
download: firejail-803d629fcc2517e3423c9a3e6865997f080517eb.tar.gz
firejail-803d629fcc2517e3423c9a3e6865997f080517eb.tar.zst
firejail-803d629fcc2517e3423c9a3e6865997f080517eb.zip
3 files changed, 63 insertions, 0 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 68c2da174..08438a165 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -148,6 +148,7 @@ blacklist ${HOME}/.config/geany
 blacklist ${HOME}/.config/gedit
 blacklist ${HOME}/.config/geeqie
 blacklist ${HOME}/.config/ghb
+blacklist ${HOME}/.config/ghostwriter
 blacklist ${HOME}/.config/globaltime
 blacklist ${HOME}/.config/gnome-mplayer
 blacklist ${HOME}/.config/gnome-mpv
diff --git a/etc/ghostwriter.profile b/etc/ghostwriter.profile
new file mode 100644
index 000000000..bdca281ed
--- /dev/null
+++ b/etc/ghostwriter.profile
@@ -0,0 +1,61 @@
+# Firejail profile for ghostwriter
+# Description: Cross-platform, aesthetic, distraction-free Markdown editor.
+# This file is overwritten after every install/update
+# Persistent local customizations
+include ghostwriter.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.config/ghostwriter
+noblacklist ${DOCUMENTS}
+noblacklist ${PICTURES}
+include disable-common.inc
+include disable-devel.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+#mkdir ${HOME}/.config/ghostwriter
+#mkdir ${DESKTOP}
+#mkdir ${DOCUMENTS}
+#mkdir ${DOWNLOADS}
+#mkdir ${PICTURES}
+#whitelist ${HOME}/.config/ghostwriter
+#whitelist ${DESKTOP}
+#whitelist ${DOCUMENTS}
+#whitelist ${DOWNLOADS}
+#whitelist ${PICTURES}
+#include whitelist-common.inc
+apparmor
+caps.drop all
+machine-id
+netfilter
+#no3d
+#nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,netlink
+seccomp
+shell none
+tracelog
+# Breaks Translation
+#private-bin ghostwriter,pandoc
+private-cache
+private-dev
+private-etc cups,crypto-policies,localtime,drirc,fonts,gtk-3.0,dconf,machine-id
+# Breaks Translation
+#private-lib
+private-tmp
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index f36455c89..0dd5f7ec5 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -167,6 +167,7 @@ geary
 gedit
 geeqie
 ghb
+ghostwriter
 gimp
 gimp-2.10
 gimp-2.8
author	rusty-snake <print_hello_world+GitHub@protonmail.com>	2018-12-31 04:14:38 +0000
committer	Fred Barclay <Fred-Barclay@users.noreply.github.com>	2018-12-30 22:14:38 -0600
commit	803d629fcc2517e3423c9a3e6865997f080517eb (patch)
tree	51b41ead9a7fd3c79c639a9668703ff1c08789cd
parent	Merge pull request #2313 from rusty-snake/patch-1 (diff)
download	firejail-803d629fcc2517e3423c9a3e6865997f080517eb.tar.gz firejail-803d629fcc2517e3423c9a3e6865997f080517eb.tar.zst firejail-803d629fcc2517e3423c9a3e6865997f080517eb.zip

diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 68c2da174..08438a165 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc
@@ -148,6 +148,7 @@ blacklist ${HOME}/.config/geany
148	blacklist ${HOME}/.config/gedit	148	blacklist ${HOME}/.config/gedit
149	blacklist ${HOME}/.config/geeqie	149	blacklist ${HOME}/.config/geeqie
150	blacklist ${HOME}/.config/ghb	150	blacklist ${HOME}/.config/ghb
		151	blacklist ${HOME}/.config/ghostwriter
151	blacklist ${HOME}/.config/globaltime	152	blacklist ${HOME}/.config/globaltime
152	blacklist ${HOME}/.config/gnome-mplayer	153	blacklist ${HOME}/.config/gnome-mplayer
153	blacklist ${HOME}/.config/gnome-mpv	154	blacklist ${HOME}/.config/gnome-mpv


diff --git a/etc/ghostwriter.profile b/etc/ghostwriter.profile new file mode 100644 index 000000000..bdca281ed --- /dev/null +++ b/etc/ghostwriter.profile
@@ -0,0 +1,61 @@
		1	# Firejail profile for ghostwriter
		2	# Description: Cross-platform, aesthetic, distraction-free Markdown editor.
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include ghostwriter.local
		6	# Persistent global definitions
		7	include globals.local
		8
		9	noblacklist ${HOME}/.config/ghostwriter
		10	noblacklist ${DOCUMENTS}
		11	noblacklist ${PICTURES}
		12
		13	include disable-common.inc
		14	include disable-devel.inc
		15	include disable-interpreters.inc
		16	include disable-passwdmgr.inc
		17	include disable-programs.inc
		18	include disable-xdg.inc
		19
		20	#mkdir ${HOME}/.config/ghostwriter
		21	#mkdir ${DESKTOP}
		22	#mkdir ${DOCUMENTS}
		23	#mkdir ${DOWNLOADS}
		24	#mkdir ${PICTURES}
		25	#whitelist ${HOME}/.config/ghostwriter
		26	#whitelist ${DESKTOP}
		27	#whitelist ${DOCUMENTS}
		28	#whitelist ${DOWNLOADS}
		29	#whitelist ${PICTURES}
		30	#include whitelist-common.inc
		31
		32	apparmor
		33	caps.drop all
		34	machine-id
		35	netfilter
		36	#no3d
		37	#nodbus
		38	nodvd
		39	nogroups
		40	nonewprivs
		41	noroot
		42	nosound
		43	notv
		44	nou2f
		45	novideo
		46	protocol unix,inet,netlink
		47	seccomp
		48	shell none
		49	tracelog
		50
		51	# Breaks Translation
		52	#private-bin ghostwriter,pandoc
		53	private-cache
		54	private-dev
		55	private-etc cups,crypto-policies,localtime,drirc,fonts,gtk-3.0,dconf,machine-id
		56	# Breaks Translation
		57	#private-lib
		58	private-tmp
		59
		60	noexec ${HOME}
		61	noexec /tmp


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index f36455c89..0dd5f7ec5 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -167,6 +167,7 @@ geary
167	gedit	167	gedit
168	geeqie	168	geeqie
169	ghb	169	ghb
		170	ghostwriter
170	gimp	171	gimp
171	gimp-2.10	172	gimp-2.10
172	gimp-2.8	173	gimp-2.8