Add QOwnNotes profile

author: Fred-Barclay <Fred-Barclay@users.noreply.github.com> 2018-10-20 22:13:13 -0500
committer: Fred-Barclay <Fred-Barclay@users.noreply.github.com> 2018-10-20 22:13:13 -0500
commit: 7c481eb43c3a737eeb5a0e4fc089efa281549e4c (patch)
tree: f712961df64918927fe925d9667271238b98080b /etc
parent: improve some error messages (diff)
download: firejail-7c481eb43c3a737eeb5a0e4fc089efa281549e4c.tar.gz
firejail-7c481eb43c3a737eeb5a0e4fc089efa281549e4c.tar.zst
firejail-7c481eb43c3a737eeb5a0e4fc089efa281549e4c.zip
2 files changed, 59 insertions, 0 deletions
diff --git a/etc/QOwnNotes.profile b/etc/QOwnNotes.profile
new file mode 100644
index 000000000..1135b850b
--- /dev/null
+++ b/etc/QOwnNotes.profile
@@ -0,0 +1,56 @@
+# Firejail profile for QOwnNotes
+# Description: Plain-text file notepad with markdown support and ownCloud integration
+# This file is overwritten after every install/update
+# Persistent local customizations
+include QOwnNotes.local
+# Persistent global definitions
+include globals.local
+noblacklist ${DOCUMENTS}
+noblacklist ${HOME}/Nextcloud/Notes
+noblacklist ${HOME}/.config/PBE
+noblacklist ${HOME}/.local/share/PBE
+mkdir ${DOCUMENTS}
+mkdir ${HOME}/Nextcloud/Notes
+mkdir ${HOME}.config/PBE
+mkdir ${HOME}/.local/share/PBE
+whitelist ${DOCUMENTS}
+whitelist ${HOME}/Nextcloud/Notes
+whitelist ${HOME}/.config/PBE
+whitelist ${HOME}/.local/share/PBE
+include whitelist-common.inc
+include whitelist-var-common.inc
+include disable-common.inc
+include disable-devel.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+caps.drop all
+machine-id
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+tracelog
+disable-mnt
+private-bin QOwnNotes,gio
+private-dev
+private-etc fonts,ld.so.cache,pulse,resolv.conf,hosts,nsswitch.conf,host.conf,ca-certificates,ssl,pki,crypto-policies
+private-tmp
+noexec ${HOME}
+noexec /tmp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 46e60b9f4..edf3c7be5 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -3,6 +3,7 @@
 include disable-programs.local
 blacklist ${HOME}/Monero/wallets
+blacklist ${HOME}/Nextcloud/Notes
 blacklist ${HOME}/Standard Notes Backups
 blacklist ${HOME}/snap
 blacklist ${HOME}/.*coin
@@ -75,6 +76,7 @@ blacklist ${HOME}/.config/MuseScore
 blacklist ${HOME}/.config/MusicBrainz
 blacklist ${HOME}/.config/Nathan Osman
 blacklist ${HOME}/.config/Nylas Mail
+blacklist ${HOME}/.config/PBE
 blacklist ${HOME}/.config/Qlipper
 blacklist ${HOME}/.config/QMediathekView
 blacklist ${HOME}/.config/QuiteRss
@@ -373,6 +375,7 @@ blacklist ${HOME}/.local/share/3909/PapersPlease
 blacklist ${HOME}/.local/share/Empathy
 blacklist ${HOME}/.local/share/JetBrains
 blacklist ${HOME}/.local/share/Mumble
+blacklist ${HOME}/.local/share/PBE
 blacklist ${HOME}/.local/share/QMediathekView
 blacklist ${HOME}/.local/share/QuiteRss
 blacklist ${HOME}/.local/share/Ricochet
author	Fred-Barclay <Fred-Barclay@users.noreply.github.com>	2018-10-20 22:13:13 -0500
committer	Fred-Barclay <Fred-Barclay@users.noreply.github.com>	2018-10-20 22:13:13 -0500
commit	7c481eb43c3a737eeb5a0e4fc089efa281549e4c (patch)
tree	f712961df64918927fe925d9667271238b98080b /etc
parent	improve some error messages (diff)
download	firejail-7c481eb43c3a737eeb5a0e4fc089efa281549e4c.tar.gz firejail-7c481eb43c3a737eeb5a0e4fc089efa281549e4c.tar.zst firejail-7c481eb43c3a737eeb5a0e4fc089efa281549e4c.zip

diff --git a/etc/QOwnNotes.profile b/etc/QOwnNotes.profile new file mode 100644 index 000000000..1135b850b --- /dev/null +++ b/etc/QOwnNotes.profile
@@ -0,0 +1,56 @@
		1	# Firejail profile for QOwnNotes
		2	# Description: Plain-text file notepad with markdown support and ownCloud integration
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include QOwnNotes.local
		6	# Persistent global definitions
		7	include globals.local
		8
		9	noblacklist ${DOCUMENTS}
		10	noblacklist ${HOME}/Nextcloud/Notes
		11	noblacklist ${HOME}/.config/PBE
		12	noblacklist ${HOME}/.local/share/PBE
		13
		14	mkdir ${DOCUMENTS}
		15	mkdir ${HOME}/Nextcloud/Notes
		16	mkdir ${HOME}.config/PBE
		17	mkdir ${HOME}/.local/share/PBE
		18	whitelist ${DOCUMENTS}
		19	whitelist ${HOME}/Nextcloud/Notes
		20	whitelist ${HOME}/.config/PBE
		21	whitelist ${HOME}/.local/share/PBE
		22	include whitelist-common.inc
		23	include whitelist-var-common.inc
		24
		25	include disable-common.inc
		26	include disable-devel.inc
		27	include disable-interpreters.inc
		28	include disable-passwdmgr.inc
		29	include disable-programs.inc
		30	include disable-xdg.inc
		31
		32	caps.drop all
		33	machine-id
		34	netfilter
		35	no3d
		36	nodvd
		37	nogroups
		38	nonewprivs
		39	noroot
		40	nosound
		41	notv
		42	nou2f
		43	novideo
		44	protocol unix,inet,inet6,netlink
		45	seccomp
		46	shell none
		47	tracelog
		48
		49	disable-mnt
		50	private-bin QOwnNotes,gio
		51	private-dev
		52	private-etc fonts,ld.so.cache,pulse,resolv.conf,hosts,nsswitch.conf,host.conf,ca-certificates,ssl,pki,crypto-policies
		53	private-tmp
		54
		55	noexec ${HOME}
		56	noexec /tmp


diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 46e60b9f4..edf3c7be5 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc
@@ -3,6 +3,7 @@
3	include disable-programs.local	3	include disable-programs.local
4		4
5	blacklist ${HOME}/Monero/wallets	5	blacklist ${HOME}/Monero/wallets
		6	blacklist ${HOME}/Nextcloud/Notes
6	blacklist ${HOME}/Standard Notes Backups	7	blacklist ${HOME}/Standard Notes Backups
7	blacklist ${HOME}/snap	8	blacklist ${HOME}/snap
8	blacklist ${HOME}/.*coin	9	blacklist ${HOME}/.*coin
@@ -75,6 +76,7 @@ blacklist ${HOME}/.config/MuseScore
75	blacklist ${HOME}/.config/MusicBrainz	76	blacklist ${HOME}/.config/MusicBrainz
76	blacklist ${HOME}/.config/Nathan Osman	77	blacklist ${HOME}/.config/Nathan Osman
77	blacklist ${HOME}/.config/Nylas Mail	78	blacklist ${HOME}/.config/Nylas Mail
		79	blacklist ${HOME}/.config/PBE
78	blacklist ${HOME}/.config/Qlipper	80	blacklist ${HOME}/.config/Qlipper
79	blacklist ${HOME}/.config/QMediathekView	81	blacklist ${HOME}/.config/QMediathekView
80	blacklist ${HOME}/.config/QuiteRss	82	blacklist ${HOME}/.config/QuiteRss
@@ -373,6 +375,7 @@ blacklist ${HOME}/.local/share/3909/PapersPlease
373	blacklist ${HOME}/.local/share/Empathy	375	blacklist ${HOME}/.local/share/Empathy
374	blacklist ${HOME}/.local/share/JetBrains	376	blacklist ${HOME}/.local/share/JetBrains
375	blacklist ${HOME}/.local/share/Mumble	377	blacklist ${HOME}/.local/share/Mumble
		378	blacklist ${HOME}/.local/share/PBE
376	blacklist ${HOME}/.local/share/QMediathekView	379	blacklist ${HOME}/.local/share/QMediathekView
377	blacklist ${HOME}/.local/share/QuiteRss	380	blacklist ${HOME}/.local/share/QuiteRss
378	blacklist ${HOME}/.local/share/Ricochet	381	blacklist ${HOME}/.local/share/Ricochet