diff options
author | glitsj16 <glitsj16@users.noreply.github.com> | 2024-05-20 05:06:41 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-05-20 05:06:41 +0000 |
commit | ea104190df032d58ef564313fb97d5298104ec15 (patch) | |
tree | 3e27178b9d85e7123a2eae2aaf01464bc3f50e7d /etc/profile-a-l | |
parent | profiles: yelp: add Firefox URL open support (#6349) (diff) | |
download | firejail-ea104190df032d58ef564313fb97d5298104ec15.tar.gz firejail-ea104190df032d58ef564313fb97d5298104ec15.tar.zst firejail-ea104190df032d58ef564313fb97d5298104ec15.zip |
profiles: streamline Firefox URL opening support (#6348)
Changes:
* Improve Firefox D-Bus comment
* Add missing/standardize related comments
* Include allow-bin-sh.inc in relevant profiles
* Use Firefox URL open section in relevant profiles
Diffstat (limited to 'etc/profile-a-l')
-rw-r--r-- | etc/profile-a-l/electron-mail.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/email-common.profile | 9 | ||||
-rw-r--r-- | etc/profile-a-l/fluffychat.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/geary.profile | 10 | ||||
-rw-r--r-- | etc/profile-a-l/gtk-youtube-viewers-common.profile | 2 | ||||
-rw-r--r-- | etc/profile-a-l/kube.profile | 5 | ||||
-rw-r--r-- | etc/profile-a-l/lettura.profile | 5 | ||||
-rw-r--r-- | etc/profile-a-l/linuxqq.profile | 10 |
8 files changed, 34 insertions, 11 deletions
diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile index 544756877..603ea4e2f 100644 --- a/etc/profile-a-l/electron-mail.profile +++ b/etc/profile-a-l/electron-mail.profile | |||
@@ -35,7 +35,7 @@ dbus-user filter | |||
35 | dbus-user.talk org.freedesktop.Notifications | 35 | dbus-user.talk org.freedesktop.Notifications |
36 | dbus-user.talk org.freedesktop.secrets | 36 | dbus-user.talk org.freedesktop.secrets |
37 | dbus-user.talk org.gnome.keyring.SystemPrompter | 37 | dbus-user.talk org.gnome.keyring.SystemPrompter |
38 | # allow D-Bus communication with firefox for opening links | 38 | # Allow D-Bus communication with Firefox for opening links |
39 | dbus-user.talk org.mozilla.* | 39 | dbus-user.talk org.mozilla.* |
40 | 40 | ||
41 | # Redirect | 41 | # Redirect |
diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile index cffa85fd5..2929d6a75 100644 --- a/etc/profile-a-l/email-common.profile +++ b/etc/profile-a-l/email-common.profile | |||
@@ -10,7 +10,6 @@ include email-common.local | |||
10 | noblacklist ${HOME}/.bogofilter | 10 | noblacklist ${HOME}/.bogofilter |
11 | noblacklist ${HOME}/.bsfilter | 11 | noblacklist ${HOME}/.bsfilter |
12 | noblacklist ${HOME}/.gnupg | 12 | noblacklist ${HOME}/.gnupg |
13 | noblacklist ${HOME}/.mozilla | ||
14 | noblacklist ${HOME}/.signature | 13 | noblacklist ${HOME}/.signature |
15 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your email-common.local | 14 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your email-common.local |
16 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications | 15 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications |
@@ -31,6 +30,12 @@ include disable-interpreters.inc | |||
31 | include disable-programs.inc | 30 | include disable-programs.inc |
32 | include disable-xdg.inc | 31 | include disable-xdg.inc |
33 | 32 | ||
33 | # The lines below are needed to find the default Firefox profile name, to allow | ||
34 | # opening links in an existing instance of Firefox (note that it still fails if | ||
35 | # there isn't a Firefox instance running with the default profile; see #5352) | ||
36 | noblacklist ${HOME}/.mozilla | ||
37 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
38 | |||
34 | mkdir ${HOME}/.gnupg | 39 | mkdir ${HOME}/.gnupg |
35 | mkfile ${HOME}/.config/mimeapps.list | 40 | mkfile ${HOME}/.config/mimeapps.list |
36 | mkfile ${HOME}/.signature | 41 | mkfile ${HOME}/.signature |
@@ -38,7 +43,6 @@ whitelist ${HOME}/.bogofilter | |||
38 | whitelist ${HOME}/.bsfilter | 43 | whitelist ${HOME}/.bsfilter |
39 | whitelist ${HOME}/.config/mimeapps.list | 44 | whitelist ${HOME}/.config/mimeapps.list |
40 | whitelist ${HOME}/.gnupg | 45 | whitelist ${HOME}/.gnupg |
41 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
42 | whitelist ${HOME}/.signature | 46 | whitelist ${HOME}/.signature |
43 | whitelist ${DOCUMENTS} | 47 | whitelist ${DOCUMENTS} |
44 | whitelist ${DOWNLOADS} | 48 | whitelist ${DOWNLOADS} |
@@ -90,6 +94,7 @@ dbus-user.talk org.freedesktop.Notifications | |||
90 | dbus-user.talk org.freedesktop.secrets | 94 | dbus-user.talk org.freedesktop.secrets |
91 | dbus-user.talk org.gnome.keyring.* | 95 | dbus-user.talk org.gnome.keyring.* |
92 | dbus-user.talk org.gnome.seahorse.* | 96 | dbus-user.talk org.gnome.seahorse.* |
97 | # Allow D-Bus communication with Firefox for opening links | ||
93 | dbus-user.talk org.mozilla.* | 98 | dbus-user.talk org.mozilla.* |
94 | dbus-system none | 99 | dbus-system none |
95 | 100 | ||
diff --git a/etc/profile-a-l/fluffychat.profile b/etc/profile-a-l/fluffychat.profile index 63fe28f2f..e1b13edad 100644 --- a/etc/profile-a-l/fluffychat.profile +++ b/etc/profile-a-l/fluffychat.profile | |||
@@ -64,7 +64,7 @@ private-tmp | |||
64 | 64 | ||
65 | dbus-user filter | 65 | dbus-user filter |
66 | dbus-user.talk org.freedesktop.secrets | 66 | dbus-user.talk org.freedesktop.secrets |
67 | # allow D-Bus communication with firefox for opening links | 67 | # Allow D-Bus communication with Firefox for opening links |
68 | dbus-user.talk org.mozilla.* | 68 | dbus-user.talk org.mozilla.* |
69 | dbus-system filter | 69 | dbus-system filter |
70 | dbus-system.talk org.freedesktop.NetworkManager | 70 | dbus-system.talk org.freedesktop.NetworkManager |
diff --git a/etc/profile-a-l/geary.profile b/etc/profile-a-l/geary.profile index da240c36a..1303922c8 100644 --- a/etc/profile-a-l/geary.profile +++ b/etc/profile-a-l/geary.profile | |||
@@ -14,9 +14,9 @@ noblacklist ${HOME}/.config/geary | |||
14 | noblacklist ${HOME}/.local/share/evolution | 14 | noblacklist ${HOME}/.local/share/evolution |
15 | noblacklist ${HOME}/.local/share/geary | 15 | noblacklist ${HOME}/.local/share/geary |
16 | noblacklist ${HOME}/.local/share/pki | 16 | noblacklist ${HOME}/.local/share/pki |
17 | noblacklist ${HOME}/.mozilla | ||
18 | noblacklist ${HOME}/.pki | 17 | noblacklist ${HOME}/.pki |
19 | 18 | ||
19 | # sh is needed to allow Firefox to open links | ||
20 | include allow-bin-sh.inc | 20 | include allow-bin-sh.inc |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
@@ -27,6 +27,12 @@ include disable-programs.inc | |||
27 | include disable-shell.inc | 27 | include disable-shell.inc |
28 | include disable-xdg.inc | 28 | include disable-xdg.inc |
29 | 29 | ||
30 | # The lines below are needed to find the default Firefox profile name, to allow | ||
31 | # opening links in an existing instance of Firefox (note that it still fails if | ||
32 | # there isn't a Firefox instance running with the default profile; see #5352) | ||
33 | noblacklist ${HOME}/.mozilla | ||
34 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
35 | |||
30 | mkdir ${HOME}/.cache/evolution | 36 | mkdir ${HOME}/.cache/evolution |
31 | mkdir ${HOME}/.cache/folks | 37 | mkdir ${HOME}/.cache/folks |
32 | mkdir ${HOME}/.cache/geary | 38 | mkdir ${HOME}/.cache/geary |
@@ -43,7 +49,6 @@ whitelist ${HOME}/.config/geary | |||
43 | whitelist ${HOME}/.local/share/evolution | 49 | whitelist ${HOME}/.local/share/evolution |
44 | whitelist ${HOME}/.local/share/geary | 50 | whitelist ${HOME}/.local/share/geary |
45 | whitelist ${HOME}/.local/share/pki | 51 | whitelist ${HOME}/.local/share/pki |
46 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
47 | whitelist ${HOME}/.pki | 52 | whitelist ${HOME}/.pki |
48 | whitelist /usr/share/geary | 53 | whitelist /usr/share/geary |
49 | include whitelist-common.inc | 54 | include whitelist-common.inc |
@@ -88,6 +93,7 @@ dbus-user.talk org.gnome.OnlineAccounts | |||
88 | dbus-user.talk org.gnome.evolution.dataserver.AddressBook10 | 93 | dbus-user.talk org.gnome.evolution.dataserver.AddressBook10 |
89 | dbus-user.talk org.gnome.evolution.dataserver.Sources5 | 94 | dbus-user.talk org.gnome.evolution.dataserver.Sources5 |
90 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher | 95 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher |
96 | # Allow D-Bus communication with Firefox for opening links | ||
91 | dbus-user.talk org.mozilla.* | 97 | dbus-user.talk org.mozilla.* |
92 | dbus-system none | 98 | dbus-system none |
93 | 99 | ||
diff --git a/etc/profile-a-l/gtk-youtube-viewers-common.profile b/etc/profile-a-l/gtk-youtube-viewers-common.profile index 049448a23..b27a4fa35 100644 --- a/etc/profile-a-l/gtk-youtube-viewers-common.profile +++ b/etc/profile-a-l/gtk-youtube-viewers-common.profile | |||
@@ -18,5 +18,5 @@ whitelist ${HOME}/.mozilla/firefox/profiles.ini | |||
18 | private-bin firefox,xterm | 18 | private-bin firefox,xterm |
19 | 19 | ||
20 | dbus-user filter | 20 | dbus-user filter |
21 | # allow D-Bus communication with firefox for opening links | 21 | # Allow D-Bus communication with Firefox for opening links |
22 | dbus-user.talk org.mozilla.* | 22 | dbus-user.talk org.mozilla.* |
diff --git a/etc/profile-a-l/kube.profile b/etc/profile-a-l/kube.profile index 1f8757edb..79b286e58 100644 --- a/etc/profile-a-l/kube.profile +++ b/etc/profile-a-l/kube.profile | |||
@@ -13,6 +13,9 @@ noblacklist ${HOME}/.gnupg | |||
13 | noblacklist ${HOME}/.local/share/kube | 13 | noblacklist ${HOME}/.local/share/kube |
14 | noblacklist ${HOME}/.local/share/sink | 14 | noblacklist ${HOME}/.local/share/sink |
15 | 15 | ||
16 | # sh is needed to allow Firefox to open links | ||
17 | include allow-bin-sh.inc | ||
18 | |||
16 | include disable-common.inc | 19 | include disable-common.inc |
17 | include disable-devel.inc | 20 | include disable-devel.inc |
18 | include disable-exec.inc | 21 | include disable-exec.inc |
@@ -78,7 +81,7 @@ dbus-user filter | |||
78 | dbus-user.talk ca.desrt.dconf | 81 | dbus-user.talk ca.desrt.dconf |
79 | dbus-user.talk org.freedesktop.secrets | 82 | dbus-user.talk org.freedesktop.secrets |
80 | dbus-user.talk org.freedesktop.Notifications | 83 | dbus-user.talk org.freedesktop.Notifications |
81 | # allow D-Bus communication with firefox for opening links | 84 | # Allow D-Bus communication with Firefox for opening links |
82 | dbus-user.talk org.mozilla.* | 85 | dbus-user.talk org.mozilla.* |
83 | dbus-system none | 86 | dbus-system none |
84 | 87 | ||
diff --git a/etc/profile-a-l/lettura.profile b/etc/profile-a-l/lettura.profile index 94a455355..32f0909fb 100644 --- a/etc/profile-a-l/lettura.profile +++ b/etc/profile-a-l/lettura.profile | |||
@@ -11,6 +11,9 @@ noblacklist ${HOME}/.config/com.lettura.dev | |||
11 | noblacklist ${HOME}/.lettura | 11 | noblacklist ${HOME}/.lettura |
12 | noblacklist ${HOME}/.local/share/com.lettura.dev | 12 | noblacklist ${HOME}/.local/share/com.lettura.dev |
13 | 13 | ||
14 | # sh is needed to allow Firefox to open links | ||
15 | include allow-bin-sh.inc | ||
16 | |||
14 | include disable-common.inc | 17 | include disable-common.inc |
15 | include disable-devel.inc | 18 | include disable-devel.inc |
16 | include disable-exec.inc | 19 | include disable-exec.inc |
@@ -69,7 +72,7 @@ private-tmp | |||
69 | dbus-user filter | 72 | dbus-user filter |
70 | dbus-user.talk org.freedesktop.Notifications | 73 | dbus-user.talk org.freedesktop.Notifications |
71 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher | 74 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher |
72 | # allow D-Bus communication with firefox for opening links | 75 | # Allow D-Bus communication with Firefox for opening links |
73 | dbus-user.talk org.mozilla.* | 76 | dbus-user.talk org.mozilla.* |
74 | dbus-system none | 77 | dbus-system none |
75 | 78 | ||
diff --git a/etc/profile-a-l/linuxqq.profile b/etc/profile-a-l/linuxqq.profile index e900c0914..278797fb3 100644 --- a/etc/profile-a-l/linuxqq.profile +++ b/etc/profile-a-l/linuxqq.profile | |||
@@ -7,15 +7,20 @@ include linuxqq.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/QQ | 9 | noblacklist ${HOME}/.config/QQ |
10 | noblacklist ${HOME}/.mozilla | ||
11 | 10 | ||
11 | # sh is needed to allow Firefox to open links | ||
12 | include allow-bin-sh.inc | 12 | include allow-bin-sh.inc |
13 | 13 | ||
14 | include disable-shell.inc | 14 | include disable-shell.inc |
15 | 15 | ||
16 | # The lines below are needed to find the default Firefox profile name, to allow | ||
17 | # opening links in an existing instance of Firefox (note that it still fails if | ||
18 | # there isn't a Firefox instance running with the default profile; see #5352) | ||
19 | noblacklist ${HOME}/.mozilla | ||
20 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
21 | |||
16 | mkdir ${HOME}/.config/QQ | 22 | mkdir ${HOME}/.config/QQ |
17 | whitelist ${HOME}/.config/QQ | 23 | whitelist ${HOME}/.config/QQ |
18 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
19 | whitelist ${DESKTOP} | 24 | whitelist ${DESKTOP} |
20 | whitelist /opt/QQ | 25 | whitelist /opt/QQ |
21 | 26 | ||
@@ -34,6 +39,7 @@ dbus-user.talk org.freedesktop.portal.IBus | |||
34 | dbus-user.talk org.freedesktop.ScreenSaver | 39 | dbus-user.talk org.freedesktop.ScreenSaver |
35 | dbus-user.talk org.gnome.Mutter.IdleMonitor | 40 | dbus-user.talk org.gnome.Mutter.IdleMonitor |
36 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher | 41 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher |
42 | # Allow D-Bus communication with Firefox for opening links | ||
37 | dbus-user.talk org.mozilla.* | 43 | dbus-user.talk org.mozilla.* |
38 | ignore dbus-user none | 44 | ignore dbus-user none |
39 | 45 | ||