diff options
author | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-08-07 13:41:08 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-08-07 13:41:08 -0500 |
commit | e24b15f8647997dbb26a7152c921af94e36294ce (patch) | |
tree | 4c98b42844c8c67853643d4b4b7253dbd8764f1e /etc/geary.profile | |
parent | merges (diff) | |
parent | Unify last 8 profiles (diff) | |
download | firejail-e24b15f8647997dbb26a7152c921af94e36294ce.tar.gz firejail-e24b15f8647997dbb26a7152c921af94e36294ce.tar.zst firejail-e24b15f8647997dbb26a7152c921af94e36294ce.zip |
Merge pull request #1427 from SpotComms/pr
Unify all profiles
Diffstat (limited to 'etc/geary.profile')
-rw-r--r-- | etc/geary.profile | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/etc/geary.profile b/etc/geary.profile index f655f0efe..3f9faf058 100644 --- a/etc/geary.profile +++ b/etc/geary.profile | |||
@@ -1,28 +1,28 @@ | |||
1 | # Persistent global definitions go here | 1 | # Firejail profile for geary |
2 | include /etc/firejail/globals.local | 2 | # This file is overwritten after every install/update |
3 | 3 | # Persistent local customizations | |
4 | # This file is overwritten during software install. | ||
5 | # Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/geary.local | 4 | include /etc/firejail/geary.local |
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | 7 | ||
8 | # Firejail profile for Gnome Geary | ||
9 | # Users have Geary set to open a browser by clicking a link in an email | 8 | # Users have Geary set to open a browser by clicking a link in an email |
10 | # We are not allowed to blacklist browser-specific directories | 9 | # We are not allowed to blacklist browser-specific directories |
11 | 10 | ||
12 | noblacklist ~/.gnupg | 11 | noblacklist ~/.gnupg |
13 | mkdir ~/.gnupg | ||
14 | whitelist ~/.gnupg | ||
15 | |||
16 | noblacklist ~/.local/share/geary | 12 | noblacklist ~/.local/share/geary |
13 | |||
14 | mkdir ~/.gnupg | ||
17 | mkdir ~/.local/share/geary | 15 | mkdir ~/.local/share/geary |
16 | whitelist ~/.config/mimeapps.list | ||
17 | whitelist ~/.gnupg | ||
18 | whitelist ~/.local/share/applications | ||
18 | whitelist ~/.local/share/geary | 19 | whitelist ~/.local/share/geary |
20 | include /etc/firejail/whitelist-common.inc | ||
21 | |||
22 | ignore private-tmp | ||
19 | 23 | ||
20 | whitelist ~/.config/mimeapps.list | ||
21 | read-only ~/.config/mimeapps.list | 24 | read-only ~/.config/mimeapps.list |
22 | whitelist ~/.local/share/applications | ||
23 | read-only ~/.local/share/applications | 25 | read-only ~/.local/share/applications |
24 | 26 | ||
25 | # allow browsers | 27 | # allow browsers |
26 | ignore private-tmp | ||
27 | include /etc/firejail/firefox.profile | 28 | include /etc/firejail/firefox.profile |
28 | #include /etc/firejail/chromium.profile - chromium runs as suid! | ||