fix trash functionality for file managers

author: netblue30 <netblue30@yahoo.com> 2017-05-01 21:28:10 -0400
committer: netblue30 <netblue30@yahoo.com> 2017-05-01 21:28:10 -0400
commit: 7c38c3c0262dcc1ec4d69743376f36e7108e76bf (patch)
tree: 31a98fef6566c2c720db5171c9dd89871ff24648 /etc
parent: Fix conffiles typo (diff)
download: firejail-7c38c3c0262dcc1ec4d69743376f36e7108e76bf.tar.gz
firejail-7c38c3c0262dcc1ec4d69743376f36e7108e76bf.tar.zst
firejail-7c38c3c0262dcc1ec4d69743376f36e7108e76bf.zip
5 files changed, 15 insertions, 3 deletions
diff --git a/etc/Thunar.profile b/etc/Thunar.profile
index 405e45504..0511fbdd7 100644
--- a/etc/Thunar.profile
+++ b/etc/Thunar.profile
@@ -5,6 +5,7 @@ include /etc/firejail/Thunar.local
 # Firejail profile for thunar
 noblacklist ~/.config/Thunar
 noblacklist ~/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml
+noblacklist ${HOME}/.local/share/Trash
 include /etc/firejail/disable-common.inc
 #include /etc/firejail/disable-programs.inc
diff --git a/etc/caja.profile b/etc/caja.profile
index b54e4af57..8994f39fd 100644
--- a/etc/caja.profile
+++ b/etc/caja.profile
@@ -9,6 +9,7 @@ include /etc/firejail/caja.local
 noblacklist ~/.config/caja
 noblacklist ~/.local/share/caja
+noblacklist ${HOME}/.local/share/Trash
 include /etc/firejail/disable-common.inc
 # caja needs to be able to start arbitrary applications so we cannot blacklist their files
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 521fed37d..1c1b298a9 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -181,13 +181,19 @@ read-only ${HOME}/.gem
 read-only ${HOME}/.luarocks
 read-only ${HOME}/.npm-packages
+###########################
+# The following block breaks trash functionality in file managers
+##########################
 # Make the contents of ~/.local read-only,
 #  except the commonly-used ~/.local/share,
 #   but including ~/.local/share/applications
-read-only  ${HOME}/.local
+#read-only  ${HOME}/.local
-read-write ${HOME}/.local/share
+#read-write ${HOME}/.local/share
-noexec     ${HOME}/.local/share
+#noexec     ${HOME}/.local/share
 read-only  ${HOME}/.local/share/applications
+blacklist ${HOME}/.local/share/Trash
 # top secret
 blacklist ${HOME}/.ecryptfs
diff --git a/etc/nemo.profile b/etc/nemo.profile
index 4ebcd952c..eb0e79aed 100644
--- a/etc/nemo.profile
+++ b/etc/nemo.profile
@@ -4,6 +4,8 @@ include /etc/firejail/nemo.local
 noblacklist ${HOME}/.local/share/nemo
 noblacklist ${HOME}/.config/nemo
+noblacklist ${HOME}/.local/share/Trash
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-devel.inc
diff --git a/etc/pcmanfm.profile b/etc/pcmanfm.profile
index 00ae787a4..8c4b22c5a 100644
--- a/etc/pcmanfm.profile
+++ b/etc/pcmanfm.profile
@@ -4,6 +4,8 @@ include /etc/firejail/pcmanfm.local
 noblacklist ~/.config/pcmanfm
 noblacklist ~/.config/libfm
+noblacklist ${HOME}/.local/share/Trash
 include /etc/firejail/disable-common.inc
 #include /etc/firejail/disable-programs.inc
 include /etc/firejail/disable-devel.inc
author	netblue30 <netblue30@yahoo.com>	2017-05-01 21:28:10 -0400
committer	netblue30 <netblue30@yahoo.com>	2017-05-01 21:28:10 -0400
commit	7c38c3c0262dcc1ec4d69743376f36e7108e76bf (patch)
tree	31a98fef6566c2c720db5171c9dd89871ff24648 /etc
parent	Fix conffiles typo (diff)
download	firejail-7c38c3c0262dcc1ec4d69743376f36e7108e76bf.tar.gz firejail-7c38c3c0262dcc1ec4d69743376f36e7108e76bf.tar.zst firejail-7c38c3c0262dcc1ec4d69743376f36e7108e76bf.zip