aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2017-10-29 16:11:13 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2017-10-29 16:11:13 -0400
commit8da434d073a90ff1a768976f6dfdbb9350aad9aa (patch)
tree8ece1cb49a93eb18fbee3e9cc3efc10478fc3fbb
parent--timeout testing and fixes (#1614) (diff)
parentadd kopete profile (diff)
downloadfirejail-8da434d073a90ff1a768976f6dfdbb9350aad9aa.tar.gz
firejail-8da434d073a90ff1a768976f6dfdbb9350aad9aa.tar.zst
firejail-8da434d073a90ff1a768976f6dfdbb9350aad9aa.zip
Merge branch 'master' of http://github.com/netblue30/firejail
Diffstat
-rw-r--r--README.md2
-rw-r--r--RELNOTES2
-rw-r--r--etc/disable-programs.inc20
-rw-r--r--etc/kopete.profile34
-rw-r--r--src/firecfg/firecfg.config1
5 files changed, 49 insertions, 10 deletions
diff --git a/README.md b/README.md
index ce20d2b36..1d5054377 100644
--- a/README.md
+++ b/README.md
@@ -212,7 +212,7 @@ calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd, google-e
212imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron, 212imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron,
213ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart, 213ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart,
214conky, arch-audit, ffmpeg, bluefish, cliqz, cinelerra, openshot-qt, pinta, uefitool, 214conky, arch-audit, ffmpeg, bluefish, cliqz, cinelerra, openshot-qt, pinta, uefitool,
215aosp, pdfmod, gnome-ring, signal-desktop, xcalc, zaproxy 215aosp, pdfmod, gnome-ring, signal-desktop, xcalc, zaproxy, kopete
216 216
217Upstreamed many profiles from the following sources: https://github.com/chiraag-nataraj/firejail-profiles, 217Upstreamed many profiles from the following sources: https://github.com/chiraag-nataraj/firejail-profiles,
218https://github.com/nyancat18/fe, and https://aur.archlinux.org/packages/firejail-profiles. 218https://github.com/nyancat18/fe, and https://aur.archlinux.org/packages/firejail-profiles.
diff --git a/RELNOTES b/RELNOTES
index eb27a5d1d..be8ff21c8 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -36,7 +36,7 @@ firejail (0.9.51) baseline; urgency=low
36 mpd, natron, Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en, 36 mpd, natron, Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en,
37 Viber, x-terminal-emulator, zart, conky, arch-audit, ffmpeg, bluefish, cliqz, 37 Viber, x-terminal-emulator, zart, conky, arch-audit, ffmpeg, bluefish, cliqz,
38 cinelerra, openshot-qt, pinta, uefitool, aosp, pdfmod, gnome-ring, signal-desktop, 38 cinelerra, openshot-qt, pinta, uefitool, aosp, pdfmod, gnome-ring, signal-desktop,
39 xcalc, zaproxy 39 xcalc, zaproxy, kopete
40 40
41 -- netblue30 <netblue30@yahoo.com> Thu, 14 Sep 2017 20:00:00 -0500 41 -- netblue30 <netblue30@yahoo.com> Thu, 14 Sep 2017 20:00:00 -0500
42 42
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 0e5400dd6..9bfef1f5e 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -233,6 +233,7 @@ blacklist ${HOME}/.kde/share/apps/kcookiejar
233blacklist ${HOME}/.kde/share/apps/khtml 233blacklist ${HOME}/.kde/share/apps/khtml
234blacklist ${HOME}/.kde/share/apps/konqsidebartng 234blacklist ${HOME}/.kde/share/apps/konqsidebartng
235blacklist ${HOME}/.kde/share/apps/konqueror 235blacklist ${HOME}/.kde/share/apps/konqueror
236blacklist ${HOME}/.kde/share/apps/kopete
236blacklist ${HOME}/.kde/share/apps/okular 237blacklist ${HOME}/.kde/share/apps/okular
237blacklist ${HOME}/.kde/share/config/baloofilerc 238blacklist ${HOME}/.kde/share/config/baloofilerc
238blacklist ${HOME}/.kde/share/config/baloorc 239blacklist ${HOME}/.kde/share/config/baloorc
@@ -244,28 +245,31 @@ blacklist ${HOME}/.kde/share/config/khtmlrc
244blacklist ${HOME}/.kde/share/config/konq_history 245blacklist ${HOME}/.kde/share/config/konq_history
245blacklist ${HOME}/.kde/share/config/konqsidebartngrc 246blacklist ${HOME}/.kde/share/config/konqsidebartngrc
246blacklist ${HOME}/.kde/share/config/konquerorrc 247blacklist ${HOME}/.kde/share/config/konquerorrc
248blacklist ${HOME}/.kde/share/config/kopeterc
247blacklist ${HOME}/.kde/share/config/ktorrentrc 249blacklist ${HOME}/.kde/share/config/ktorrentrc
248blacklist ${HOME}/.kde/share/config/okularpartrc 250blacklist ${HOME}/.kde/share/config/okularpartrc
249blacklist ${HOME}/.kde/share/config/okularrc 251blacklist ${HOME}/.kde/share/config/okularrc
250blacklist ${HOME}/.kde4/share/config/baloorc 252blacklist ${HOME}/.kde4/share/apps/gwenview
251blacklist ${HOME}/.kde4/share/config/baloofilerc 253blacklist ${HOME}/.kde4/share/apps/kcookiejar
252blacklist ${HOME}/.kde4/share/apps/okular 254blacklist ${HOME}/.kde4/share/apps/khtml
253blacklist ${HOME}/.kde4/share/apps/konqueror 255blacklist ${HOME}/.kde4/share/apps/konqueror
254blacklist ${HOME}/.kde4/share/apps/konqsidebartng 256blacklist ${HOME}/.kde4/share/apps/konqsidebartng
255blacklist ${HOME}/.kde4/share/apps/khtml 257blacklist ${HOME}/.kde4/share/apps/kopete
256blacklist ${HOME}/.kde4/share/apps/kcookiejar 258blacklist ${HOME}/.kde4/share/apps/okular
259blacklist ${HOME}/.kde4/share/config/baloorc
260blacklist ${HOME}/.kde4/share/config/baloofilerc
257blacklist ${HOME}/.kde4/share/config/digikam 261blacklist ${HOME}/.kde4/share/config/digikam
258blacklist ${HOME}/.kde4/share/apps/gwenview 262blacklist ${HOME}/.kde4/share/config/gwenviewrc
263blacklist ${HOME}/.kde4/share/config/k3brc
259blacklist ${HOME}/.kde4/share/config/kcookiejarrc 264blacklist ${HOME}/.kde4/share/config/kcookiejarrc
260blacklist ${HOME}/.kde4/share/config/khtmlrc 265blacklist ${HOME}/.kde4/share/config/khtmlrc
261blacklist ${HOME}/.kde4/share/config/konq_history 266blacklist ${HOME}/.kde4/share/config/konq_history
262blacklist ${HOME}/.kde4/share/config/konqsidebartngrc 267blacklist ${HOME}/.kde4/share/config/konqsidebartngrc
263blacklist ${HOME}/.kde4/share/config/konquerorrc 268blacklist ${HOME}/.kde4/share/config/konquerorrc
269blacklist ${HOME}/.kde4/share/config/kopeterc
264blacklist ${HOME}/.kde4/share/config/okularpartrc 270blacklist ${HOME}/.kde4/share/config/okularpartrc
265blacklist ${HOME}/.kde4/share/config/okularrc 271blacklist ${HOME}/.kde4/share/config/okularrc
266blacklist ${HOME}/.kde4/share/config/ktorrentrc 272blacklist ${HOME}/.kde4/share/config/ktorrentrc
267blacklist ${HOME}/.kde4/share/config/gwenviewrc
268blacklist ${HOME}/.kde4/share/config/k3brc
269blacklist ${HOME}/.killingfloor 273blacklist ${HOME}/.killingfloor
270blacklist ${HOME}/.kino-history 274blacklist ${HOME}/.kino-history
271blacklist ${HOME}/.kinorc 275blacklist ${HOME}/.kinorc
diff --git a/etc/kopete.profile b/etc/kopete.profile
new file mode 100644
index 000000000..3e943c162
--- /dev/null
+++ b/etc/kopete.profile
@@ -0,0 +1,34 @@
1# Firejail profile for kopete
2# This file is overwritten after every install/update
3# Persistent local customizations
4include /etc/firejail/kopete.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7
8noblacklist ~/.kde/share/apps/kopete
9noblacklist ~/.kde/share/config/kopeterc
10noblacklist ~/.kde4/share/apps/kopete
11noblacklist ~/.kde4/share/config/kopeterc
12
13include /etc/firejail/disable-common.inc
14include /etc/firejail/disable-devel.inc
15include /etc/firejail/disable-passwdmgr.inc
16include /etc/firejail/disable-programs.inc
17
18include /etc/firejail/whitelist-var-common.inc
19
20caps.drop all
21netfilter
22nodvd
23nogroups
24nonewprivs
25noroot
26notv
27protocol unix,inet,inet6,netlink
28seccomp
29
30private-dev
31private-tmp
32
33noexec ${HOME}
34noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 3976525a2..6a3fcadd4 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -191,6 +191,7 @@ kmail
191knotes 191knotes
192kodi 192kodi
193konversation 193konversation
194kopete
194krita 195krita
195ktorrent 196ktorrent
196kwrite 197kwrite
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-02 18:10:04 +0000