Merge pull request #4829 from CaseOf/seafile

Seafile
author: netblue30 <netblue30@protonmail.com> 2022-01-24 12:52:16 -0500
committer: GitHub <noreply@github.com> 2022-01-24 12:52:16 -0500
commit: cb90b43467eec3675e9fbeaed52055544d6e7829 (patch)
tree: 5584e48579bf4e743f1e6d447610d7cda04b9609
parent: merges (diff)
parent: add seafile-applet (diff)
download: firejail-cb90b43467eec3675e9fbeaed52055544d6e7829.tar.gz
firejail-cb90b43467eec3675e9fbeaed52055544d6e7829.tar.zst
firejail-cb90b43467eec3675e9fbeaed52055544d6e7829.zip
3 files changed, 65 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 890c831d6..458565ab3 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -16,6 +16,7 @@ blacklist ${HOME}/.Natron
 blacklist ${HOME}/.PlayOnLinux
 blacklist ${HOME}/.PyCharm*
 blacklist ${HOME}/.Sayonara
+blacklist ${HOME}/Seafile/.seafile-data
 blacklist ${HOME}/.Steam
 blacklist ${HOME}/.Steampath
 blacklist ${HOME}/.Steampid
@@ -317,6 +318,7 @@ blacklist ${HOME}/.config/Riot
 blacklist ${HOME}/.config/Rocket.Chat
 blacklist ${HOME}/.config/RogueLegacy
 blacklist ${HOME}/.config/RogueLegacyStorageContainer
+blacklist ${HOME}/.config/Seafile
 blacklist ${HOME}/.config/Signal
 blacklist ${HOME}/.config/Sinew Software Systems
 blacklist ${HOME}/.config/Slack
diff --git a/etc/profile-m-z/seafile-applet.profile b/etc/profile-m-z/seafile-applet.profile
new file mode 100644
index 000000000..79e072475
--- /dev/null
+++ b/etc/profile-m-z/seafile-applet.profile
@@ -0,0 +1,62 @@
+# Firejail profile for Seafile
+# Description: Seafile desktop client.
+# This file is overwritten after every install/update
+# Persistent local customizations
+include seafile-applet.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.config/Seafile
+noblacklist ${HOME}/Seafile/.seafile-data
+blacklist /usr/libexec
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-programs.inc
+include disable-xdg.inc
+mkdir ${HOME}/.ccnet
+mkdir ${HOME}/.config/Seafile
+mkdir ${HOME}/Seafile
+whitelist ${HOME}/.ccnet
+whitelist ${HOME}/.config/Seafile
+whitelist ${HOME}/Seafile
+include whitelist-common.inc
+include whitelist-run-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+netfilter
+nodvd
+nogroups
+noinput
+nonewprivs
+noprinters
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+seccomp.block-secondary
+shell none
+tracelog
+disable-mnt
+private-bin seaf-cli,seaf-daemon,seafile-applet
+private-cache
+private-dev
+private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl
+#private-opt none
+private-tmp
+dbus-user none
+dbus-system none
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index edf46ef4a..77f233bce 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -714,6 +714,7 @@ scorched3d
 scorchwentbonkers
 scribus
 sdat2img
+seafile-applet
 seahorse
 seahorse-adventures
 seahorse-daemon
author	netblue30 <netblue30@protonmail.com>	2022-01-24 12:52:16 -0500
committer	GitHub <noreply@github.com>	2022-01-24 12:52:16 -0500
commit	cb90b43467eec3675e9fbeaed52055544d6e7829 (patch)
tree	5584e48579bf4e743f1e6d447610d7cda04b9609
parent	merges (diff)
parent	add seafile-applet (diff)
download	firejail-cb90b43467eec3675e9fbeaed52055544d6e7829.tar.gz firejail-cb90b43467eec3675e9fbeaed52055544d6e7829.tar.zst firejail-cb90b43467eec3675e9fbeaed52055544d6e7829.zip

diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 890c831d6..458565ab3 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc
@@ -16,6 +16,7 @@ blacklist ${HOME}/.Natron
16	blacklist ${HOME}/.PlayOnLinux	16	blacklist ${HOME}/.PlayOnLinux
17	blacklist ${HOME}/.PyCharm*	17	blacklist ${HOME}/.PyCharm*
18	blacklist ${HOME}/.Sayonara	18	blacklist ${HOME}/.Sayonara
		19	blacklist ${HOME}/Seafile/.seafile-data
19	blacklist ${HOME}/.Steam	20	blacklist ${HOME}/.Steam
20	blacklist ${HOME}/.Steampath	21	blacklist ${HOME}/.Steampath
21	blacklist ${HOME}/.Steampid	22	blacklist ${HOME}/.Steampid
@@ -317,6 +318,7 @@ blacklist ${HOME}/.config/Riot
317	blacklist ${HOME}/.config/Rocket.Chat	318	blacklist ${HOME}/.config/Rocket.Chat
318	blacklist ${HOME}/.config/RogueLegacy	319	blacklist ${HOME}/.config/RogueLegacy
319	blacklist ${HOME}/.config/RogueLegacyStorageContainer	320	blacklist ${HOME}/.config/RogueLegacyStorageContainer
		321	blacklist ${HOME}/.config/Seafile
320	blacklist ${HOME}/.config/Signal	322	blacklist ${HOME}/.config/Signal
321	blacklist ${HOME}/.config/Sinew Software Systems	323	blacklist ${HOME}/.config/Sinew Software Systems
322	blacklist ${HOME}/.config/Slack	324	blacklist ${HOME}/.config/Slack


diff --git a/etc/profile-m-z/seafile-applet.profile b/etc/profile-m-z/seafile-applet.profile new file mode 100644 index 000000000..79e072475 --- /dev/null +++ b/etc/profile-m-z/seafile-applet.profile
@@ -0,0 +1,62 @@
		1	# Firejail profile for Seafile
		2	# Description: Seafile desktop client.
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include seafile-applet.local
		6	# Persistent global definitions
		7	include globals.local
		8
		9	noblacklist ${HOME}/.config/Seafile
		10	noblacklist ${HOME}/Seafile/.seafile-data
		11
		12	blacklist /usr/libexec
		13
		14	include disable-common.inc
		15	include disable-devel.inc
		16	include disable-exec.inc
		17	include disable-interpreters.inc
		18	include disable-programs.inc
		19	include disable-xdg.inc
		20
		21	mkdir ${HOME}/.ccnet
		22	mkdir ${HOME}/.config/Seafile
		23	mkdir ${HOME}/Seafile
		24	whitelist ${HOME}/.ccnet
		25	whitelist ${HOME}/.config/Seafile
		26	whitelist ${HOME}/Seafile
		27
		28	include whitelist-common.inc
		29	include whitelist-run-common.inc
		30	include whitelist-runuser-common.inc
		31	include whitelist-usr-share-common.inc
		32	include whitelist-var-common.inc
		33
		34	apparmor
		35	caps.drop all
		36	netfilter
		37	nodvd
		38	nogroups
		39	noinput
		40	nonewprivs
		41	noprinters
		42	noroot
		43	nosound
		44	notv
		45	nou2f
		46	novideo
		47	protocol unix,inet,inet6
		48	seccomp
		49	seccomp.block-secondary
		50	shell none
		51	tracelog
		52
		53	disable-mnt
		54	private-bin seaf-cli,seaf-daemon,seafile-applet
		55	private-cache
		56	private-dev
		57	private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl
		58	#private-opt none
		59	private-tmp
		60
		61	dbus-user none
		62	dbus-system none


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index edf46ef4a..77f233bce 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -714,6 +714,7 @@ scorched3d
714	scorchwentbonkers	714	scorchwentbonkers
715	scribus	715	scribus
716	sdat2img	716	sdat2img
		717	seafile-applet
717	seahorse	718	seahorse
718	seahorse-adventures	719	seahorse-adventures
719	seahorse-daemon	720	seahorse-daemon