Unify all profiles

author: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
committer: Tad <tad@spotco.us> 2017-08-07 01:22:08 -0400
commit: 9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree: 0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/palemoon.profile
parent: various profile fixes (#1433) (diff)
download: firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst
firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip
1 files changed, 33 insertions, 36 deletions
diff --git a/etc/palemoon.profile b/etc/palemoon.profile
index b3b57f931..ab72497c0 100644
--- a/etc/palemoon.profile
+++ b/etc/palemoon.profile
@@ -1,23 +1,23 @@
-# Persistent global definitions go here
+# Firejail profile for palemoon
-include /etc/firejail/globals.local
+# This file is overwritten after every install/update
+# Persistent local customizations
-# This file is overwritten during software install.
-# Persistent customizations should go in a .local file.
 include /etc/firejail/palemoon.local
+# Persistent global definitions
+include /etc/firejail/globals.local
-# Firejail profile for Pale Moon
-noblacklist ~/.moonchild productions/pale moon
 noblacklist ~/.cache/moonchild productions/pale moon
+noblacklist ~/.moonchild productions/pale moon
 include /etc/firejail/disable-common.inc
-include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
-include /etc/firejail/whitelist-common.inc
+include /etc/firejail/disable-programs.inc
-whitelist ${DOWNLOADS}
-mkdir ~/.moonchild productions
-whitelist ~/.moonchild productions
 mkdir ~/.cache/moonchild productions/pale moon
+mkdir ~/.moonchild productions
+whitelist ${DOWNLOADS}
 whitelist ~/.cache/moonchild productions/pale moon
+whitelist ~/.moonchild productions
+include /etc/firejail/whitelist-common.inc
 caps.drop all
 netfilter
@@ -29,30 +29,27 @@ seccomp
 shell none
 tracelog
-#private-bin palemoon
+# private-bin palemoon
-#private-opt palemoon
+# private-dev (disabled for now as it will interfere with webcam use in palemoon)
+# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
+# private-opt palemoon
 private-tmp
-# These are uncommented in the Firefox profile. If you run into trouble you may
+# CLOBBERED COMMENTS
-# want to uncomment (some of) them.
-#whitelist ~/dwhelper
-#whitelist ~/.zotero
-#whitelist ~/.vimperatorrc
-#whitelist ~/.vimperator
-#whitelist ~/.pentadactylrc
-#whitelist ~/.pentadactyl
-#whitelist ~/.keysnail.js
-#whitelist ~/.config/gnome-mplayer
-#whitelist ~/.cache/gnome-mplayer/plugin
-#whitelist ~/.pki
-#whitelist ~/.lastpass
 # For silverlight
-#whitelist ~/.wine-pipelight
+# want to uncomment (some of) them.
-#whitelist ~/.wine-pipelight64
+# whitelist ~/.cache/gnome-mplayer/plugin
-#whitelist ~/.config/pipelight-widevine
+# whitelist ~/.config/gnome-mplayer
-#whitelist ~/.config/pipelight-silverlight5.1
+# whitelist ~/.config/pipelight-silverlight5.1
+# whitelist ~/.config/pipelight-widevine
-# experimental features
+# whitelist ~/.keysnail.js
-#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
+# whitelist ~/.lastpass
-#private-dev (disabled for now as it will interfere with webcam use in palemoon)
+# whitelist ~/.pentadactyl
+# whitelist ~/.pentadactylrc
+# whitelist ~/.pki
+# whitelist ~/.vimperator
+# whitelist ~/.vimperatorrc
+# whitelist ~/.wine-pipelight
+# whitelist ~/.wine-pipelight64
+# whitelist ~/.zotero
+# whitelist ~/dwhelper
author	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
committer	Tad <tad@spotco.us>	2017-08-07 01:22:08 -0400
commit	9e3ba319be6b9546d7e8f450ca419ee2f3f4040b (patch)
tree	0aebe82de78a61877c267f4dcb2ebcc13a2e37c9 /etc/palemoon.profile
parent	various profile fixes (#1433) (diff)
download	firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.gz firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.tar.zst firejail-9e3ba319be6b9546d7e8f450ca419ee2f3f4040b.zip

diff --git a/etc/palemoon.profile b/etc/palemoon.profile index b3b57f931..ab72497c0 100644 --- a/etc/palemoon.profile +++ b/etc/palemoon.profile
@@ -1,23 +1,23 @@
1	# Persistent global definitions go here	1	# Firejail profile for palemoon
2	include /etc/firejail/globals.local	2	# This file is overwritten after every install/update
3		3	# Persistent local customizations
4	# This file is overwritten during software install.
5	# Persistent customizations should go in a .local file.
6	include /etc/firejail/palemoon.local	4	include /etc/firejail/palemoon.local
		5	# Persistent global definitions
		6	include /etc/firejail/globals.local
7		7
8	# Firejail profile for Pale Moon
9	noblacklist ~/.moonchild productions/pale moon
10	noblacklist ~/.cache/moonchild productions/pale moon	8	noblacklist ~/.cache/moonchild productions/pale moon
		9	noblacklist ~/.moonchild productions/pale moon
		10
11	include /etc/firejail/disable-common.inc	11	include /etc/firejail/disable-common.inc
12	include /etc/firejail/disable-programs.inc
13	include /etc/firejail/disable-devel.inc	12	include /etc/firejail/disable-devel.inc
14	include /etc/firejail/whitelist-common.inc	13	include /etc/firejail/disable-programs.inc
15		14
16	whitelist ${DOWNLOADS}
17	mkdir ~/.moonchild productions
18	whitelist ~/.moonchild productions
19	mkdir ~/.cache/moonchild productions/pale moon	15	mkdir ~/.cache/moonchild productions/pale moon
		16	mkdir ~/.moonchild productions
		17	whitelist ${DOWNLOADS}
20	whitelist ~/.cache/moonchild productions/pale moon	18	whitelist ~/.cache/moonchild productions/pale moon
		19	whitelist ~/.moonchild productions
		20	include /etc/firejail/whitelist-common.inc
21		21
22	caps.drop all	22	caps.drop all
23	netfilter	23	netfilter
@@ -29,30 +29,27 @@ seccomp
29	shell none	29	shell none
30	tracelog	30	tracelog
31		31
32	#private-bin palemoon	32	# private-bin palemoon
33	#private-opt palemoon	33	# private-dev (disabled for now as it will interfere with webcam use in palemoon)
		34	# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
		35	# private-opt palemoon
34	private-tmp	36	private-tmp
35		37
36	# These are uncommented in the Firefox profile. If you run into trouble you may	38	# CLOBBERED COMMENTS
37	# want to uncomment (some of) them.
38	#whitelist ~/dwhelper
39	#whitelist ~/.zotero
40	#whitelist ~/.vimperatorrc
41	#whitelist ~/.vimperator
42	#whitelist ~/.pentadactylrc
43	#whitelist ~/.pentadactyl
44	#whitelist ~/.keysnail.js
45	#whitelist ~/.config/gnome-mplayer
46	#whitelist ~/.cache/gnome-mplayer/plugin
47	#whitelist ~/.pki
48	#whitelist ~/.lastpass
49
50	# For silverlight	39	# For silverlight
51	#whitelist ~/.wine-pipelight	40	# want to uncomment (some of) them.
52	#whitelist ~/.wine-pipelight64	41	# whitelist ~/.cache/gnome-mplayer/plugin
53	#whitelist ~/.config/pipelight-widevine	42	# whitelist ~/.config/gnome-mplayer
54	#whitelist ~/.config/pipelight-silverlight5.1	43	# whitelist ~/.config/pipelight-silverlight5.1
55		44	# whitelist ~/.config/pipelight-widevine
56	# experimental features	45	# whitelist ~/.keysnail.js
57	#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse	46	# whitelist ~/.lastpass
58	#private-dev (disabled for now as it will interfere with webcam use in palemoon)	47	# whitelist ~/.pentadactyl
		48	# whitelist ~/.pentadactylrc
		49	# whitelist ~/.pki
		50	# whitelist ~/.vimperator
		51	# whitelist ~/.vimperatorrc
		52	# whitelist ~/.wine-pipelight
		53	# whitelist ~/.wine-pipelight64
		54	# whitelist ~/.zotero
		55	# whitelist ~/dwhelper