Unify all profiles

author: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
committer: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
commit: 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree: 0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/gajim.profile
parent: various profile fixes (#1433) (diff)
download: firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip
1 files changed, 25 insertions, 25 deletions
diff --git a/etc/gajim.profile b/etc/gajim.profile
index a3deb2c73..d8ca7424c 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -1,34 +1,30 @@
-# Persistent global definitions go here
+# Firejail profile for gajim
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
 include /etc/firejail/gajim.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-# Firejail profile for Gajim
-noblacklist ${HOME}/.local/share/gajim
-noblacklist ${HOME}/.config/gajim
 noblacklist ${HOME}/.cache/gajim
+noblacklist ${HOME}/.config/gajim
+noblacklist ${HOME}/.local/share/gajim
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
 mkdir ${HOME}/.cache/gajim
-mkdir ${HOME}/.local/share/gajim
 mkdir ${HOME}/.config/gajim
-mkdir ${HOME}/Downloads
-# Allow the local python 2.7 site packages, in case any plugins are using these
 mkdir ${HOME}/.local/lib/python2.7/site-packages/
-whitelist ${HOME}/.local/lib/python2.7/site-packages/
+mkdir ${HOME}/.local/share/gajim
-read-only ${HOME}/.local/lib/python2.7/site-packages/
+mkdir ${HOME}/Downloads
 whitelist ${HOME}/.cache/gajim
-whitelist ${HOME}/.local/share/gajim
 whitelist ${HOME}/.config/gajim
+whitelist ${HOME}/.local/lib/python2.7/site-packages/
+whitelist ${HOME}/.local/share/gajim
 whitelist ${HOME}/Downloads
+include /etc/firejail/whitelist-common.inc
-include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-passwdmgr.inc
-include /etc/firejail/disable-programs.inc
-include /etc/firejail/disable-devel.inc
 caps.drop all
 netfilter
@@ -39,8 +35,12 @@ protocol unix,inet,inet6
 seccomp
 shell none
-#private-bin python2.7 gajim
-#private-etc fonts
-private-dev
-#private-tmp
 disable-mnt
+# private-bin python2.7 gajim
+private-dev
+# private-etc fonts
+# private-tmp
+read-only ${HOME}/.local/lib/python2.7/site-packages/
+# CLOBBERED COMMENTS
+# Allow the local python 2.7 site packages, in case any plugins are using these
author	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
committer	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
commit	9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree	0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/gajim.profile
parent	various profile fixes (#1433) (diff)
download	firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip

diff --git a/etc/gajim.profile b/etc/gajim.profile index a3deb2c73..d8ca7424c 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile
@@ -1,34 +1,30 @@
1	# Persistent global definitions go here	1	# Firejail profile for gajim
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	# This file is overwritten during software install.
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/gajim.local	4	include /etc/firejail/gajim.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	# Firejail profile for Gajim
9	noblacklist ${HOME}/.local/share/gajim
10	noblacklist ${HOME}/.config/gajim
11	noblacklist ${HOME}/.cache/gajim	8	noblacklist ${HOME}/.cache/gajim
		9	noblacklist ${HOME}/.config/gajim
		10	noblacklist ${HOME}/.local/share/gajim
		11
		12	include /etc/firejail/disable-common.inc
		13	include /etc/firejail/disable-devel.inc
		14	include /etc/firejail/disable-passwdmgr.inc
		15	include /etc/firejail/disable-programs.inc
12		16
13	mkdir ${HOME}/.cache/gajim	17	mkdir ${HOME}/.cache/gajim
14	mkdir ${HOME}/.local/share/gajim
15	mkdir ${HOME}/.config/gajim	18	mkdir ${HOME}/.config/gajim
16	mkdir ${HOME}/Downloads
17
18	# Allow the local python 2.7 site packages, in case any plugins are using these
19	mkdir ${HOME}/.local/lib/python2.7/site-packages/	19	mkdir ${HOME}/.local/lib/python2.7/site-packages/
20	whitelist ${HOME}/.local/lib/python2.7/site-packages/	20	mkdir ${HOME}/.local/share/gajim
21	read-only ${HOME}/.local/lib/python2.7/site-packages/	21	mkdir ${HOME}/Downloads
22
23	whitelist ${HOME}/.cache/gajim	22	whitelist ${HOME}/.cache/gajim
24	whitelist ${HOME}/.local/share/gajim
25	whitelist ${HOME}/.config/gajim	23	whitelist ${HOME}/.config/gajim
		24	whitelist ${HOME}/.local/lib/python2.7/site-packages/
		25	whitelist ${HOME}/.local/share/gajim
26	whitelist ${HOME}/Downloads	26	whitelist ${HOME}/Downloads
27		27	include /etc/firejail/whitelist-common.inc
28	include /etc/firejail/disable-common.inc
29	include /etc/firejail/disable-passwdmgr.inc
30	include /etc/firejail/disable-programs.inc
31	include /etc/firejail/disable-devel.inc
32		28
33	caps.drop all	29	caps.drop all
34	netfilter	30	netfilter
@@ -39,8 +35,12 @@ protocol unix,inet,inet6
39	seccomp	35	seccomp
40	shell none	36	shell none
41		37
42	#private-bin python2.7 gajim
43	#private-etc fonts
44	private-dev
45	#private-tmp
46	disable-mnt	38	disable-mnt
		39	# private-bin python2.7 gajim
		40	private-dev
		41	# private-etc fonts
		42	# private-tmp
		43	read-only ${HOME}/.local/lib/python2.7/site-packages/
		44
		45	# CLOBBERED COMMENTS
		46	# Allow the local python 2.7 site packages, in case any plugins are using these