summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2017-10-22 11:34:51 +0200
committerLibravatar smitsohu <smitsohu@gmail.com>2017-10-22 11:34:51 +0200
commit55938d07a58d29ceb893e4554a4ddf3c41810fc9 (patch)
tree1bfdbb2880816c44afcc524d55ab38e27c995e38 /etc
parentfix baloo_file (diff)
downloadfirejail-55938d07a58d29ceb893e4554a4ddf3c41810fc9.tar.gz
firejail-55938d07a58d29ceb893e4554a4ddf3c41810fc9.tar.zst
firejail-55938d07a58d29ceb893e4554a4ddf3c41810fc9.zip
disable non-abstract session bus address
systematically blacklist /run/user/*/bus in all profiles with 'net none'. targets distros like Fedora
Diffstat (limited to 'etc')
-rw-r--r--etc/7z.profile1
-rw-r--r--etc/apktool.profile1
-rw-r--r--etc/ardour5.profile1
-rw-r--r--etc/atom.profile4
-rw-r--r--etc/audacity.profile2
-rw-r--r--etc/baobab.profile1
-rw-r--r--etc/bleachbit.profile1
-rw-r--r--etc/bless.profile2
-rw-r--r--etc/bluefish.profile1
-rw-r--r--etc/calligra.profile2
-rw-r--r--etc/catfish.profile4
-rw-r--r--etc/cin.profile2
-rw-r--r--etc/clamav.profile1
-rw-r--r--etc/cpio.profile1
-rw-r--r--etc/dex2jar.profile1
-rw-r--r--etc/dia.profile2
-rw-r--r--etc/display.profile1
-rw-r--r--etc/ebook-viewer.profile1
-rw-r--r--etc/engrampa.profile1
-rw-r--r--etc/eog.profile2
-rw-r--r--etc/eom.profile2
-rw-r--r--etc/etr.profile2
-rw-r--r--etc/evince.profile2
-rw-r--r--etc/exiftool.profile1
-rw-r--r--etc/feh.profile1
-rw-r--r--etc/ffmpeg.profile2
-rw-r--r--etc/file-roller.profile1
-rw-r--r--etc/file.profile1
-rw-r--r--etc/freecad.profile1
-rw-r--r--etc/frozen-bubble.profile2
-rw-r--r--etc/galculator.profile2
-rw-r--r--etc/gedit.profile1
-rw-r--r--etc/gimp.profile2
-rw-r--r--etc/gpicview.profile2
-rw-r--r--etc/gzip.profile1
-rw-r--r--etc/hashcat.profile2
-rw-r--r--etc/highlight.profile1
-rw-r--r--etc/hugin.profile2
-rw-r--r--etc/imagej.profile1
-rw-r--r--etc/img2txt.profile1
-rw-r--r--etc/jd-gui.profile2
-rw-r--r--etc/kdenlive.profile1
-rw-r--r--etc/keepassx.profile2
-rw-r--r--etc/keepassxc.profile2
-rw-r--r--etc/krita.profile1
-rw-r--r--etc/less.profile1
-rw-r--r--etc/lmms.profile1
-rw-r--r--etc/macrofusion.profile1
-rw-r--r--etc/mate-calc.profile2
-rw-r--r--etc/mediainfo.profile1
-rw-r--r--etc/meld.profile2
-rw-r--r--etc/mupdf.profile1
-rw-r--r--etc/mupen64plus.profile2
-rw-r--r--etc/natron.profile4
-rw-r--r--etc/odt2txt.profile1
-rw-r--r--etc/open-invaders.profile2
-rw-r--r--etc/pcmanfm.profile2
-rw-r--r--etc/pdfmod.profile1
-rw-r--r--etc/pdfsam.profile2
-rw-r--r--etc/pdftotext.profile1
-rw-r--r--etc/peek.profile2
-rw-r--r--etc/pingus.profile2
-rw-r--r--etc/pinta.profile1
-rw-r--r--etc/pluma.profile2
-rw-r--r--etc/ranger.profile2
-rw-r--r--etc/scribus.profile2
-rw-r--r--etc/sdat2img.profile1
-rw-r--r--etc/shotcut.profile1
-rw-r--r--etc/simutrans.profile2
-rw-r--r--etc/skanlite.profile1
-rw-r--r--etc/soundconverter.profile1
-rw-r--r--etc/sqlitebrowser.profile2
-rw-r--r--etc/strings.profile1
-rw-r--r--etc/supertux2.profile2
-rw-r--r--etc/synfigstudio.profile2
-rw-r--r--etc/tar.profile1
-rw-r--r--etc/terasology.profile1
-rw-r--r--etc/transmission-show.profile2
-rw-r--r--etc/uefitool.profile1
-rw-r--r--etc/unrar.profile1
-rw-r--r--etc/unzip.profile1
-rw-r--r--etc/uudeview.profile1
-rw-r--r--etc/viewnior.profile1
-rw-r--r--etc/x-terminal-emulator.profile1
-rw-r--r--etc/xcalc.profile1
-rw-r--r--etc/xed.profile2
-rw-r--r--etc/xpdf.profile2
-rw-r--r--etc/xviewer.profile2
-rw-r--r--etc/xzdec.profile1
-rw-r--r--etc/zart.profile1
-rw-r--r--etc/zathura.profile2
91 files changed, 136 insertions, 3 deletions
diff --git a/etc/7z.profile b/etc/7z.profile
index ea67bbe19..ededacbbe 100644
--- a/etc/7z.profile
+++ b/etc/7z.profile
@@ -6,6 +6,7 @@ include /etc/firejail/7z.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11ignore noroot 12ignore noroot
diff --git a/etc/apktool.profile b/etc/apktool.profile
index 13c8f3311..bbf91c264 100644
--- a/etc/apktool.profile
+++ b/etc/apktool.profile
@@ -6,6 +6,7 @@ include /etc/firejail/apktool.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
11include /etc/firejail/disable-passwdmgr.inc 12include /etc/firejail/disable-passwdmgr.inc
diff --git a/etc/ardour5.profile b/etc/ardour5.profile
index 69b3dde46..1f2228544 100644
--- a/etc/ardour5.profile
+++ b/etc/ardour5.profile
@@ -5,6 +5,7 @@ include /etc/firejail/ardour5.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.config/ardour4 10noblacklist ${HOME}/.config/ardour4
10noblacklist ${HOME}/.config/ardour5 11noblacklist ${HOME}/.config/ardour5
diff --git a/etc/atom.profile b/etc/atom.profile
index db3cbc687..dc8db46dc 100644
--- a/etc/atom.profile
+++ b/etc/atom.profile
@@ -5,6 +5,8 @@ include /etc/firejail/atom.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus
9
8noblacklist ~/.atom 10noblacklist ~/.atom
9noblacklist ~/.config/Atom 11noblacklist ~/.config/Atom
10 12
@@ -13,6 +15,7 @@ include /etc/firejail/disable-passwdmgr.inc
13include /etc/firejail/disable-programs.inc 15include /etc/firejail/disable-programs.inc
14 16
15caps.drop all 17caps.drop all
18# net none
16netfilter 19netfilter
17nodvd 20nodvd
18nogroups 21nogroups
@@ -23,7 +26,6 @@ notv
23novideo 26novideo
24protocol unix,inet,inet6,netlink 27protocol unix,inet,inet6,netlink
25seccomp 28seccomp
26# net none
27shell none 29shell none
28 30
29private-dev 31private-dev
diff --git a/etc/audacity.profile b/etc/audacity.profile
index 88aea243e..52e32badb 100644
--- a/etc/audacity.profile
+++ b/etc/audacity.profile
@@ -5,6 +5,8 @@ include /etc/firejail/audacity.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.audacity-data 10noblacklist ~/.audacity-data
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/baobab.profile b/etc/baobab.profile
index ef733632d..52f8af82e 100644
--- a/etc/baobab.profile
+++ b/etc/baobab.profile
@@ -5,6 +5,7 @@ include /etc/firejail/baobab.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/bleachbit.profile b/etc/bleachbit.profile
index f3498e9b9..e066a606d 100644
--- a/etc/bleachbit.profile
+++ b/etc/bleachbit.profile
@@ -5,6 +5,7 @@ include /etc/firejail/bleachbit.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/bless.profile b/etc/bless.profile
index e4d2f0730..37d1e856f 100644
--- a/etc/bless.profile
+++ b/etc/bless.profile
@@ -5,6 +5,8 @@ include /etc/firejail/bless.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.config/bless 10noblacklist ${HOME}/.config/bless
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/bluefish.profile b/etc/bluefish.profile
index 052d03425..66ba0168b 100644
--- a/etc/bluefish.profile
+++ b/etc/bluefish.profile
@@ -5,6 +5,7 @@ include /etc/firejail/bluefish.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/calligra.profile b/etc/calligra.profile
index d2b76d22c..a57694752 100644
--- a/etc/calligra.profile
+++ b/etc/calligra.profile
@@ -5,6 +5,8 @@ include /etc/firejail/calligra.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
9include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
10include /etc/firejail/disable-passwdmgr.inc 12include /etc/firejail/disable-passwdmgr.inc
diff --git a/etc/catfish.profile b/etc/catfish.profile
index 45aa6c35c..139951680 100644
--- a/etc/catfish.profile
+++ b/etc/catfish.profile
@@ -7,7 +7,11 @@ include /etc/firejail/globals.local
7 7
8# We can't blacklist much since catfish 8# We can't blacklist much since catfish
9# is for finding files/content 9# is for finding files/content
10
11blacklist /run/user/*/bus
12
10noblacklist ~/.config/catfish 13noblacklist ~/.config/catfish
14
11include /etc/firejail/disable-common.inc 15include /etc/firejail/disable-common.inc
12# include /etc/firejail/disable-devel.inc 16# include /etc/firejail/disable-devel.inc
13include /etc/firejail/disable-passwdmgr.inc 17include /etc/firejail/disable-passwdmgr.inc
diff --git a/etc/cin.profile b/etc/cin.profile
index 6b3e3888b..d114e50b1 100644
--- a/etc/cin.profile
+++ b/etc/cin.profile
@@ -5,6 +5,8 @@ include /etc/firejail/cin.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.bcast5 10noblacklist ${HOME}/.bcast5
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/clamav.profile b/etc/clamav.profile
index a5aacc1d5..c3a0132d0 100644
--- a/etc/clamav.profile
+++ b/etc/clamav.profile
@@ -6,6 +6,7 @@ include /etc/firejail/clamav.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9 10
10caps.drop all 11caps.drop all
11ipc-namespace 12ipc-namespace
diff --git a/etc/cpio.profile b/etc/cpio.profile
index 7f4bc4a84..caee6570e 100644
--- a/etc/cpio.profile
+++ b/etc/cpio.profile
@@ -6,6 +6,7 @@ include /etc/firejail/cpio.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11noblacklist /sbin 12noblacklist /sbin
diff --git a/etc/dex2jar.profile b/etc/dex2jar.profile
index 5261bb865..f89e17239 100644
--- a/etc/dex2jar.profile
+++ b/etc/dex2jar.profile
@@ -6,6 +6,7 @@ include /etc/firejail/dex2jar.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
11include /etc/firejail/disable-devel.inc 12include /etc/firejail/disable-devel.inc
diff --git a/etc/dia.profile b/etc/dia.profile
index 800c3bbf1..bf3c384ab 100644
--- a/etc/dia.profile
+++ b/etc/dia.profile
@@ -5,6 +5,8 @@ include /etc/firejail/dia.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.dia 10noblacklist ~/.dia
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/display.profile b/etc/display.profile
index d44733e30..41512a0cb 100644
--- a/etc/display.profile
+++ b/etc/display.profile
@@ -5,6 +5,7 @@ include /etc/firejail/display.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/ebook-viewer.profile b/etc/ebook-viewer.profile
index 11499aba0..9f7e1382b 100644
--- a/etc/ebook-viewer.profile
+++ b/etc/ebook-viewer.profile
@@ -1,6 +1,7 @@
1# Firejail profile alias for calibre 1# Firejail profile alias for calibre
2# This file is overwritten after every install/update 2# This file is overwritten after every install/update
3 3
4blacklist /run/user/*/bus
4 5
5net none 6net none
6 7
diff --git a/etc/engrampa.profile b/etc/engrampa.profile
index c198adba9..ae61f1d93 100644
--- a/etc/engrampa.profile
+++ b/etc/engrampa.profile
@@ -5,6 +5,7 @@ include /etc/firejail/engrampa.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/eog.profile b/etc/eog.profile
index 112ec7c98..c07268e14 100644
--- a/etc/eog.profile
+++ b/etc/eog.profile
@@ -5,6 +5,8 @@ include /etc/firejail/eog.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
9
8noblacklist ~/.Steam 10noblacklist ~/.Steam
9noblacklist ~/.config/eog 11noblacklist ~/.config/eog
10noblacklist ~/.local/share/Trash 12noblacklist ~/.local/share/Trash
diff --git a/etc/eom.profile b/etc/eom.profile
index af7ded91a..5e0008ab3 100644
--- a/etc/eom.profile
+++ b/etc/eom.profile
@@ -5,6 +5,8 @@ include /etc/firejail/eom.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
9
8noblacklist ~/.Steam 10noblacklist ~/.Steam
9noblacklist ~/.config/mate/eom 11noblacklist ~/.config/mate/eom
10noblacklist ~/.local/share/Trash 12noblacklist ~/.local/share/Trash
diff --git a/etc/etr.profile b/etc/etr.profile
index 2438793a8..579aa570a 100644
--- a/etc/etr.profile
+++ b/etc/etr.profile
@@ -5,6 +5,8 @@ include /etc/firejail/etr.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.etr 10noblacklist ~/.etr
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/evince.profile b/etc/evince.profile
index 516661126..acca8878f 100644
--- a/etc/evince.profile
+++ b/etc/evince.profile
@@ -5,6 +5,8 @@ include /etc/firejail/evince.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus
9
8noblacklist ~/.config/evince 10noblacklist ~/.config/evince
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/exiftool.profile b/etc/exiftool.profile
index 75e5be1b9..18d1e3c81 100644
--- a/etc/exiftool.profile
+++ b/etc/exiftool.profile
@@ -6,6 +6,7 @@ include /etc/firejail/exiftool.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11noblacklist /usr/bin/perl 12noblacklist /usr/bin/perl
diff --git a/etc/feh.profile b/etc/feh.profile
index 7935b1354..1320434f1 100644
--- a/etc/feh.profile
+++ b/etc/feh.profile
@@ -5,6 +5,7 @@ include /etc/firejail/feh.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/ffmpeg.profile b/etc/ffmpeg.profile
index 5db39cf61..acea1e834 100644
--- a/etc/ffmpeg.profile
+++ b/etc/ffmpeg.profile
@@ -6,6 +6,8 @@ include /etc/firejail/ffmpeg.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
10
9include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 12include /etc/firejail/disable-devel.inc
11include /etc/firejail/disable-passwdmgr.inc 13include /etc/firejail/disable-passwdmgr.inc
diff --git a/etc/file-roller.profile b/etc/file-roller.profile
index 01e689b9d..98b7aad42 100644
--- a/etc/file-roller.profile
+++ b/etc/file-roller.profile
@@ -5,6 +5,7 @@ include /etc/firejail/file-roller.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/file.profile b/etc/file.profile
index 2316b8e9b..041bf5ae5 100644
--- a/etc/file.profile
+++ b/etc/file.profile
@@ -6,6 +6,7 @@ include /etc/firejail/file.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/freecad.profile b/etc/freecad.profile
index 4fde66839..bac502a5f 100644
--- a/etc/freecad.profile
+++ b/etc/freecad.profile
@@ -5,6 +5,7 @@ include /etc/firejail/freecad.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.config/FreeCAD 10noblacklist ${HOME}/.config/FreeCAD
10 11
diff --git a/etc/frozen-bubble.profile b/etc/frozen-bubble.profile
index 858917c75..0480faf6f 100644
--- a/etc/frozen-bubble.profile
+++ b/etc/frozen-bubble.profile
@@ -5,6 +5,8 @@ include /etc/firejail/frozen-bubble.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.frozen-bubble 10noblacklist ~/.frozen-bubble
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/galculator.profile b/etc/galculator.profile
index 777bbdf6b..fdb9e3f1d 100644
--- a/etc/galculator.profile
+++ b/etc/galculator.profile
@@ -5,6 +5,8 @@ include /etc/firejail/galculator.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.config/galculator 10noblacklist ~/.config/galculator
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/gedit.profile b/etc/gedit.profile
index 4ff3a94db..c383a5675 100644
--- a/etc/gedit.profile
+++ b/etc/gedit.profile
@@ -5,6 +5,7 @@ include /etc/firejail/gedit.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
8 9
9noblacklist ${HOME}/.config/enchant 10noblacklist ${HOME}/.config/enchant
10noblacklist ${HOME}/.config/gedit 11noblacklist ${HOME}/.config/gedit
diff --git a/etc/gimp.profile b/etc/gimp.profile
index 292c2aac9..b398813f6 100644
--- a/etc/gimp.profile
+++ b/etc/gimp.profile
@@ -5,6 +5,8 @@ include /etc/firejail/gimp.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.gimp* 10noblacklist ${HOME}/.gimp*
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/gpicview.profile b/etc/gpicview.profile
index b37af2843..5ed447ac4 100644
--- a/etc/gpicview.profile
+++ b/etc/gpicview.profile
@@ -5,6 +5,8 @@ include /etc/firejail/gpicview.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.config/gpicview 10noblacklist ~/.config/gpicview
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/gzip.profile b/etc/gzip.profile
index 0f04953d8..5187bb9f0 100644
--- a/etc/gzip.profile
+++ b/etc/gzip.profile
@@ -6,6 +6,7 @@ include /etc/firejail/gzip.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11ignore noroot 12ignore noroot
diff --git a/etc/hashcat.profile b/etc/hashcat.profile
index 5f08d7cb8..ad1aae523 100644
--- a/etc/hashcat.profile
+++ b/etc/hashcat.profile
@@ -6,6 +6,8 @@ include /etc/firejail/hashcat.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
10
9noblacklist ${HOME}/.hashcat 11noblacklist ${HOME}/.hashcat
10noblacklist /usr/include 12noblacklist /usr/include
11 13
diff --git a/etc/highlight.profile b/etc/highlight.profile
index d3cacc581..a7c667ce1 100644
--- a/etc/highlight.profile
+++ b/etc/highlight.profile
@@ -5,6 +5,7 @@ include /etc/firejail/highlight.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8blacklist /tmp/.X11-unix 9blacklist /tmp/.X11-unix
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
diff --git a/etc/hugin.profile b/etc/hugin.profile
index 64b6e0c69..bff074b74 100644
--- a/etc/hugin.profile
+++ b/etc/hugin.profile
@@ -5,6 +5,8 @@ include /etc/firejail/hugin.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.hugin 10noblacklist ${HOME}/.hugin
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/imagej.profile b/etc/imagej.profile
index 88a56c706..058da2805 100644
--- a/etc/imagej.profile
+++ b/etc/imagej.profile
@@ -5,6 +5,7 @@ include /etc/firejail/imagej.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.imagej 10noblacklist ${HOME}/.imagej
10 11
diff --git a/etc/img2txt.profile b/etc/img2txt.profile
index 943350484..5a19a75f1 100644
--- a/etc/img2txt.profile
+++ b/etc/img2txt.profile
@@ -5,6 +5,7 @@ include /etc/firejail/img2txt.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile
index 5cb1e1828..bf461b93d 100644
--- a/etc/jd-gui.profile
+++ b/etc/jd-gui.profile
@@ -5,6 +5,8 @@ include /etc/firejail/jd-gui.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.config/jd-gui.cfg 10noblacklist ${HOME}/.config/jd-gui.cfg
9noblacklist ${HOME}/.java 11noblacklist ${HOME}/.java
10 12
diff --git a/etc/kdenlive.profile b/etc/kdenlive.profile
index 10c2909a0..e42e5920a 100644
--- a/etc/kdenlive.profile
+++ b/etc/kdenlive.profile
@@ -5,6 +5,7 @@ include /etc/firejail/kdenlive.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/keepassx.profile b/etc/keepassx.profile
index 27ca408f5..f7b0bd5d1 100644
--- a/etc/keepassx.profile
+++ b/etc/keepassx.profile
@@ -5,6 +5,8 @@ include /etc/firejail/keepassx.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/*.kdb 10noblacklist ${HOME}/*.kdb
9noblacklist ${HOME}/*.kdbx 11noblacklist ${HOME}/*.kdbx
10noblacklist ${HOME}/.config/keepassx 12noblacklist ${HOME}/.config/keepassx
diff --git a/etc/keepassxc.profile b/etc/keepassxc.profile
index a8c6d65f5..f0c173d9c 100644
--- a/etc/keepassxc.profile
+++ b/etc/keepassxc.profile
@@ -5,6 +5,8 @@ include /etc/firejail/keepassxc.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/*.kdb 10noblacklist ${HOME}/*.kdb
9noblacklist ${HOME}/*.kdbx 11noblacklist ${HOME}/*.kdbx
10noblacklist ${HOME}/.config/keepassxc 12noblacklist ${HOME}/.config/keepassxc
diff --git a/etc/krita.profile b/etc/krita.profile
index e91f5b242..ac723f303 100644
--- a/etc/krita.profile
+++ b/etc/krita.profile
@@ -5,6 +5,7 @@ include /etc/firejail/krita.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/less.profile b/etc/less.profile
index 0935f8945..3546649af 100644
--- a/etc/less.profile
+++ b/etc/less.profile
@@ -6,6 +6,7 @@ include /etc/firejail/less.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11ignore noroot 12ignore noroot
diff --git a/etc/lmms.profile b/etc/lmms.profile
index 29ed235c6..b2bacb246 100644
--- a/etc/lmms.profile
+++ b/etc/lmms.profile
@@ -5,6 +5,7 @@ include /etc/firejail/lmms.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.lmmsrc.xml 10noblacklist ${HOME}/.lmmsrc.xml
10 11
diff --git a/etc/macrofusion.profile b/etc/macrofusion.profile
index 506fdd549..f8c5c34ca 100644
--- a/etc/macrofusion.profile
+++ b/etc/macrofusion.profile
@@ -5,6 +5,7 @@ include /etc/firejail/macrofusion.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.config/mfusion 10noblacklist ${HOME}/.config/mfusion
10 11
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile
index 39117b718..be5dac206 100644
--- a/etc/mate-calc.profile
+++ b/etc/mate-calc.profile
@@ -5,6 +5,8 @@ include /etc/firejail/mate-calc.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.config/mate-calc 10noblacklist ${HOME}/.config/mate-calc
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile
index e502269f7..de9297174 100644
--- a/etc/mediainfo.profile
+++ b/etc/mediainfo.profile
@@ -5,6 +5,7 @@ include /etc/firejail/mediainfo.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8blacklist /tmp/.X11-unix 9blacklist /tmp/.X11-unix
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
diff --git a/etc/meld.profile b/etc/meld.profile
index 5043f2496..1a451ff57 100644
--- a/etc/meld.profile
+++ b/etc/meld.profile
@@ -5,6 +5,8 @@ include /etc/firejail/meld.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.local/share/meld 10noblacklist ${HOME}/.local/share/meld
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/mupdf.profile b/etc/mupdf.profile
index a25cc352f..a3955b298 100644
--- a/etc/mupdf.profile
+++ b/etc/mupdf.profile
@@ -5,6 +5,7 @@ include /etc/firejail/mupdf.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/mupen64plus.profile b/etc/mupen64plus.profile
index 4937df51f..e05babc91 100644
--- a/etc/mupen64plus.profile
+++ b/etc/mupen64plus.profile
@@ -5,6 +5,8 @@ include /etc/firejail/mupen64plus.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.config/mupen64plus 10noblacklist ${HOME}/.config/mupen64plus
9noblacklist ${HOME}/.local/share/mupen64plus 11noblacklist ${HOME}/.local/share/mupen64plus
10 12
diff --git a/etc/natron.profile b/etc/natron.profile
index b76649605..413ea53f9 100644
--- a/etc/natron.profile
+++ b/etc/natron.profile
@@ -5,6 +5,7 @@ include /etc/firejail/natron.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.Natron 10noblacklist ${HOME}/.Natron
10noblacklist ${HOME}/.cache/INRIA/Natron 11noblacklist ${HOME}/.cache/INRIA/Natron
@@ -17,7 +18,7 @@ include /etc/firejail/disable-passwdmgr.inc
17include /etc/firejail/disable-programs.inc 18include /etc/firejail/disable-programs.inc
18 19
19caps.drop all 20caps.drop all
20netfilter 21net none
21nodvd 22nodvd
22nogroups 23nogroups
23nonewprivs 24nonewprivs
@@ -26,7 +27,6 @@ notv
26protocol unix,inet,inet6 27protocol unix,inet,inet6
27seccomp 28seccomp
28shell none 29shell none
29net none
30 30
31private-bin natron,Natron,NatronRenderer 31private-bin natron,Natron,NatronRenderer
32 32
diff --git a/etc/odt2txt.profile b/etc/odt2txt.profile
index e8c2d54c7..b6d4a63b5 100644
--- a/etc/odt2txt.profile
+++ b/etc/odt2txt.profile
@@ -5,6 +5,7 @@ include /etc/firejail/odt2txt.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8blacklist /tmp/.X11-unix 9blacklist /tmp/.X11-unix
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
diff --git a/etc/open-invaders.profile b/etc/open-invaders.profile
index 998d57f62..20a9b2227 100644
--- a/etc/open-invaders.profile
+++ b/etc/open-invaders.profile
@@ -5,6 +5,8 @@ include /etc/firejail/open-invaders.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.openinvaders 10noblacklist ~/.openinvaders
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/pcmanfm.profile b/etc/pcmanfm.profile
index 6c8dd4319..7d2121710 100644
--- a/etc/pcmanfm.profile
+++ b/etc/pcmanfm.profile
@@ -5,6 +5,8 @@ include /etc/firejail/pcmanfm.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.local/share/Trash 10noblacklist ${HOME}/.local/share/Trash
9noblacklist ~/.config/libfm 11noblacklist ~/.config/libfm
10noblacklist ~/.config/pcmanfm 12noblacklist ~/.config/pcmanfm
diff --git a/etc/pdfmod.profile b/etc/pdfmod.profile
index 8489e79a6..059d6660b 100644
--- a/etc/pdfmod.profile
+++ b/etc/pdfmod.profile
@@ -5,6 +5,7 @@ include /etc/firejail/pdfmod.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.cache/pdfmod 10noblacklist ${HOME}/.cache/pdfmod
10noblacklist ${HOME}/.config/pdfmod 11noblacklist ${HOME}/.config/pdfmod
diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile
index fd52fb9ee..3611de8a0 100644
--- a/etc/pdfsam.profile
+++ b/etc/pdfsam.profile
@@ -5,6 +5,8 @@ include /etc/firejail/pdfsam.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.java 10noblacklist ${HOME}/.java
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile
index 0c6bf9cde..9e4f7d4f2 100644
--- a/etc/pdftotext.profile
+++ b/etc/pdftotext.profile
@@ -5,6 +5,7 @@ include /etc/firejail/pdftotext.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8blacklist /tmp/.X11-unix 9blacklist /tmp/.X11-unix
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
diff --git a/etc/peek.profile b/etc/peek.profile
index 13c0c72e0..01db4fa08 100644
--- a/etc/peek.profile
+++ b/etc/peek.profile
@@ -5,6 +5,8 @@ include /etc/firejail/peek.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.cache/peek 10noblacklist ${HOME}/.cache/peek
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/pingus.profile b/etc/pingus.profile
index 68d5a98ad..c491a2669 100644
--- a/etc/pingus.profile
+++ b/etc/pingus.profile
@@ -5,6 +5,8 @@ include /etc/firejail/pingus.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.pingus 10noblacklist ~/.pingus
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/pinta.profile b/etc/pinta.profile
index cb6e05d35..4a8815a73 100644
--- a/etc/pinta.profile
+++ b/etc/pinta.profile
@@ -5,6 +5,7 @@ include /etc/firejail/pinta.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.config/Pinta 10noblacklist ${HOME}/.config/Pinta
10 11
diff --git a/etc/pluma.profile b/etc/pluma.profile
index 3fa6d3494..b50e3cbaf 100644
--- a/etc/pluma.profile
+++ b/etc/pluma.profile
@@ -5,6 +5,8 @@ include /etc/firejail/pluma.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
9
8noblacklist ${HOME}/.config/pluma 10noblacklist ${HOME}/.config/pluma
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/ranger.profile b/etc/ranger.profile
index 9be19c4b1..0dac16424 100644
--- a/etc/ranger.profile
+++ b/etc/ranger.profile
@@ -5,6 +5,8 @@ include /etc/firejail/ranger.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8# noblacklist /usr/bin/cpan* 10# noblacklist /usr/bin/cpan*
9noblacklist /usr/bin/perl 11noblacklist /usr/bin/perl
10noblacklist /usr/lib/perl* 12noblacklist /usr/lib/perl*
diff --git a/etc/scribus.profile b/etc/scribus.profile
index e07caffe5..e49d484ed 100644
--- a/etc/scribus.profile
+++ b/etc/scribus.profile
@@ -5,6 +5,8 @@ include /etc/firejail/scribus.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8# Support for PDF readers comes with Scribus 1.5 and higher 10# Support for PDF readers comes with Scribus 1.5 and higher
9noblacklist ~/.config/okularpartrc 11noblacklist ~/.config/okularpartrc
10noblacklist ~/.config/okularrc 12noblacklist ~/.config/okularrc
diff --git a/etc/sdat2img.profile b/etc/sdat2img.profile
index 62a056a30..bc94ae2a0 100644
--- a/etc/sdat2img.profile
+++ b/etc/sdat2img.profile
@@ -6,6 +6,7 @@ include /etc/firejail/sdat2img.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9 10
10include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
11include /etc/firejail/disable-devel.inc 12include /etc/firejail/disable-devel.inc
diff --git a/etc/shotcut.profile b/etc/shotcut.profile
index 4e8b1da05..3f2cc3d33 100644
--- a/etc/shotcut.profile
+++ b/etc/shotcut.profile
@@ -5,6 +5,7 @@ include /etc/firejail/shotcut.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.config/Meltytech 10noblacklist ${HOME}/.config/Meltytech
10 11
diff --git a/etc/simutrans.profile b/etc/simutrans.profile
index fda5204e2..1cbd9756c 100644
--- a/etc/simutrans.profile
+++ b/etc/simutrans.profile
@@ -5,6 +5,8 @@ include /etc/firejail/simutrans.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.simutrans 10noblacklist ~/.simutrans
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/skanlite.profile b/etc/skanlite.profile
index 1a53cc71c..61627f5d8 100644
--- a/etc/skanlite.profile
+++ b/etc/skanlite.profile
@@ -5,6 +5,7 @@ include /etc/firejail/skanlite.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/soundconverter.profile b/etc/soundconverter.profile
index 5d7129b5a..c27fb3819 100644
--- a/etc/soundconverter.profile
+++ b/etc/soundconverter.profile
@@ -5,6 +5,7 @@ include /etc/firejail/soundconverter.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/sqlitebrowser.profile b/etc/sqlitebrowser.profile
index 65e8073c9..933d55b79 100644
--- a/etc/sqlitebrowser.profile
+++ b/etc/sqlitebrowser.profile
@@ -5,6 +5,8 @@ include /etc/firejail/sqlitebrowser.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.config/sqlitebrowser 10noblacklist ${HOME}/.config/sqlitebrowser
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/strings.profile b/etc/strings.profile
index 83561cae5..09273f35d 100644
--- a/etc/strings.profile
+++ b/etc/strings.profile
@@ -6,6 +6,7 @@ include /etc/firejail/strings.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11ignore noroot 12ignore noroot
diff --git a/etc/supertux2.profile b/etc/supertux2.profile
index ff55e1c40..120f0a043 100644
--- a/etc/supertux2.profile
+++ b/etc/supertux2.profile
@@ -5,6 +5,8 @@ include /etc/firejail/supertux2.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.local/share/supertux2 10noblacklist ~/.local/share/supertux2
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/synfigstudio.profile b/etc/synfigstudio.profile
index 2617c0e51..415a42cf5 100644
--- a/etc/synfigstudio.profile
+++ b/etc/synfigstudio.profile
@@ -5,6 +5,8 @@ include /etc/firejail/synfigstudio.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.config/synfig 10noblacklist ${HOME}/.config/synfig
9noblacklist ${HOME}/.synfig 11noblacklist ${HOME}/.synfig
10 12
diff --git a/etc/tar.profile b/etc/tar.profile
index 92ddaa2f3..bd7973abf 100644
--- a/etc/tar.profile
+++ b/etc/tar.profile
@@ -6,6 +6,7 @@ include /etc/firejail/tar.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11hostname tar 12hostname tar
diff --git a/etc/terasology.profile b/etc/terasology.profile
index ca580c0d0..02a7baeb7 100644
--- a/etc/terasology.profile
+++ b/etc/terasology.profile
@@ -5,6 +5,7 @@ include /etc/firejail/default.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9noblacklist ${HOME}/.java 10noblacklist ${HOME}/.java
10noblacklist ${HOME}/.local/share/terasology 11noblacklist ${HOME}/.local/share/terasology
diff --git a/etc/transmission-show.profile b/etc/transmission-show.profile
index 0b09bffcb..86cbebc82 100644
--- a/etc/transmission-show.profile
+++ b/etc/transmission-show.profile
@@ -5,6 +5,8 @@ include /etc/firejail/transmission-show.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.cache/transmission 10noblacklist ${HOME}/.cache/transmission
9noblacklist ${HOME}/.config/transmission 11noblacklist ${HOME}/.config/transmission
10 12
diff --git a/etc/uefitool.profile b/etc/uefitool.profile
index 138f69aa8..6cff5249c 100644
--- a/etc/uefitool.profile
+++ b/etc/uefitool.profile
@@ -5,6 +5,7 @@ include /etc/firejail/uefitool.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/unrar.profile b/etc/unrar.profile
index 12559a721..f7e25d5d7 100644
--- a/etc/unrar.profile
+++ b/etc/unrar.profile
@@ -6,6 +6,7 @@ include /etc/firejail/unrar.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11hostname unrar 12hostname unrar
diff --git a/etc/unzip.profile b/etc/unzip.profile
index 9828fa9b4..fe16c670d 100644
--- a/etc/unzip.profile
+++ b/etc/unzip.profile
@@ -6,6 +6,7 @@ include /etc/firejail/unzip.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11hostname unzip 12hostname unzip
diff --git a/etc/uudeview.profile b/etc/uudeview.profile
index b30cbaa2a..f7699552d 100644
--- a/etc/uudeview.profile
+++ b/etc/uudeview.profile
@@ -6,6 +6,7 @@ include /etc/firejail/uudeview.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9 10
10hostname uudeview 11hostname uudeview
11ignore noroot 12ignore noroot
diff --git a/etc/viewnior.profile b/etc/viewnior.profile
index af4a2d655..92d59e732 100644
--- a/etc/viewnior.profile
+++ b/etc/viewnior.profile
@@ -5,6 +5,7 @@ include /etc/firejail/viewnior.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8blacklist ~/.Xauthority 9blacklist ~/.Xauthority
9blacklist ~/.bashrc 10blacklist ~/.bashrc
10 11
diff --git a/etc/x-terminal-emulator.profile b/etc/x-terminal-emulator.profile
index 1395b81c9..67707ffb8 100644
--- a/etc/x-terminal-emulator.profile
+++ b/etc/x-terminal-emulator.profile
@@ -5,6 +5,7 @@ include /etc/firejail/x-terminal-emulator.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9caps.drop all 10caps.drop all
10ipc-namespace 11ipc-namespace
diff --git a/etc/xcalc.profile b/etc/xcalc.profile
index cfe6937e3..467f96003 100644
--- a/etc/xcalc.profile
+++ b/etc/xcalc.profile
@@ -5,6 +5,7 @@ include /etc/firejail/xcalc.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/xed.profile b/etc/xed.profile
index b80d02948..e4ab673e8 100644
--- a/etc/xed.profile
+++ b/etc/xed.profile
@@ -5,6 +5,8 @@ include /etc/firejail/xed.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
9
8noblacklist ${HOME}/.config/xed 10noblacklist ${HOME}/.config/xed
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/xpdf.profile b/etc/xpdf.profile
index 8caba5cc5..8b7774225 100644
--- a/etc/xpdf.profile
+++ b/etc/xpdf.profile
@@ -5,6 +5,8 @@ include /etc/firejail/xpdf.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ${HOME}/.xpdfrc 10noblacklist ${HOME}/.xpdfrc
9 11
10include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
diff --git a/etc/xviewer.profile b/etc/xviewer.profile
index 985b82c79..5c624c384 100644
--- a/etc/xviewer.profile
+++ b/etc/xviewer.profile
@@ -5,6 +5,8 @@ include /etc/firejail/xviewer.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# blacklist /run/user/*/bus - makes settings immutable
9
8noblacklist ~/.Steam 10noblacklist ~/.Steam
9noblacklist ~/.config/xviewer 11noblacklist ~/.config/xviewer
10noblacklist ~/.local/share/Trash 12noblacklist ~/.local/share/Trash
diff --git a/etc/xzdec.profile b/etc/xzdec.profile
index d5c4ac6f0..1136a6535 100644
--- a/etc/xzdec.profile
+++ b/etc/xzdec.profile
@@ -6,6 +6,7 @@ include /etc/firejail/xzdec.local
6# Persistent global definitions 6# Persistent global definitions
7include /etc/firejail/globals.local 7include /etc/firejail/globals.local
8 8
9blacklist /run/user/*/bus
9blacklist /tmp/.X11-unix 10blacklist /tmp/.X11-unix
10 11
11ignore noroot 12ignore noroot
diff --git a/etc/zart.profile b/etc/zart.profile
index 6e136d0c9..e9fd9b3bd 100644
--- a/etc/zart.profile
+++ b/etc/zart.profile
@@ -5,6 +5,7 @@ include /etc/firejail/zart.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
8 9
9include /etc/firejail/disable-common.inc 10include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc 11include /etc/firejail/disable-devel.inc
diff --git a/etc/zathura.profile b/etc/zathura.profile
index 0036a3521..ad64371e8 100644
--- a/etc/zathura.profile
+++ b/etc/zathura.profile
@@ -5,6 +5,8 @@ include /etc/firejail/zathura.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8blacklist /run/user/*/bus
9
8noblacklist ~/.config/zathura 10noblacklist ~/.config/zathura
9noblacklist ~/.local/share/zathura 11noblacklist ~/.local/share/zathura
10 12
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-29 04:33:46 +0000