diff options
| author |  startx2017 <vradu.startx@yandex.com> | 2017-06-29 07:32:35 -0400 |
|---|---|---|
| committer | startx2017 <vradu.startx@yandex.com> | 2017-06-29 07:32:35 -0400 |
| commit | 7266fdd920ea3a53d703be8aa846d2aec5a06817 (patch) | |
| tree | 4ceb0194676a869c1d52f7ce5eabae2fe3846cc9 /etc/geary.profile | |
| parent | typo (diff) | |
| download | firejail-7266fdd920ea3a53d703be8aa846d2aec5a06817.tar.gz firejail-7266fdd920ea3a53d703be8aa846d2aec5a06817.tar.zst firejail-7266fdd920ea3a53d703be8aa846d2aec5a06817.zip | |
geary profile
Diffstat (limited to 'etc/geary.profile')
| -rw-r--r-- | etc/geary.profile | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/etc/geary.profile b/etc/geary.profile new file mode 100644 index 000000000..1b702c83c --- /dev/null +++ b/etc/geary.profile | |||
| @@ -0,0 +1,28 @@ | |||
| 1 | # Persistent global definitions go here | ||
| 2 | include /etc/firejail/globals.local | ||
| 3 | |||
| 4 | # This file is overwritten during software install. | ||
| 5 | # Persistent customizations should go in a .local file. | ||
| 6 | include /etc/firejail/geray.local | ||
| 7 | |||
| 8 | # Firejail profile for Gnome Geary | ||
| 9 | # Users have Geary set to open a browser by clicking a link in an email | ||
| 10 | # We are not allowed to blacklist browser-specific directories | ||
| 11 | |||
| 12 | noblacklist ~/.gnupg | ||
| 13 | mkdir ~/.gnupg | ||
| 14 | whitelist ~/.gnupg | ||
| 15 | |||
| 16 | noblacklist ~/.local/share/geary | ||
| 17 | mkdir ~/.local/share/geary | ||
| 18 | whitelist ~/.local/share/geary | ||
| 19 | |||
| 20 | whitelist ~/.config/mimeapps.list | ||
| 21 | read-only ~/.config/mimeapps.list | ||
| 22 | whitelist ~/.local/share/applications | ||
| 23 | read-only ~/.local/share/applications | ||
| 24 | |||
| 25 | # allow browsers | ||
| 26 | ignore private-tmp | ||
| 27 | include /etc/firejail/firefox.profile | ||
| 28 | #include /etc/firejail/chromium.profile - chromium runs as suid! | ||