diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-11-02 13:03:34 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2017-11-02 13:03:34 -0400 |
| commit | ac5a936b331ab738ff5dadfb5153b6480f9b0bce (patch) | |
| tree | 417ef1eb2481f9aab8627099ec48d11aa5493483 /etc | |
| parent | fixing filesystem reporting for firetools (diff) | |
| download | firejail-ac5a936b331ab738ff5dadfb5153b6480f9b0bce.tar.gz firejail-ac5a936b331ab738ff5dadfb5153b6480f9b0bce.tar.zst firejail-ac5a936b331ab738ff5dadfb5153b6480f9b0bce.zip | |
matching noblacklist in profile files with blacklist in disable-programs.inc
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/atril.profile | 4 | ||||
| -rw-r--r-- | etc/bitlbee.profile | 2 | ||||
| -rw-r--r-- | etc/brackets.profile | 4 | ||||
| -rw-r--r-- | etc/caja.profile | 6 | ||||
| -rw-r--r-- | etc/cherrytree.profile | 4 | ||||
| -rw-r--r-- | etc/cliqz.profile | 2 | ||||
| -rw-r--r-- | etc/digikam.profile | 1 | ||||
| -rw-r--r-- | etc/disable-common.inc | 12 | ||||
| -rw-r--r-- | etc/disable-programs.inc | 46 | ||||
| -rw-r--r-- | etc/dolphin.profile | 4 | ||||
| -rw-r--r-- | etc/evolution.profile | 3 | ||||
| -rw-r--r-- | etc/firefox.profile | 2 | ||||
| -rw-r--r-- | etc/gnome-mplayer.profile | 1 | ||||
| -rw-r--r-- | etc/inkscape.profile | 2 | ||||
| -rw-r--r-- | etc/krita.profile | 1 | ||||
| -rw-r--r-- | etc/kwrite.profile | 1 | ||||
| -rw-r--r-- | etc/lximage-qt.profile | 2 | ||||
| -rw-r--r-- | etc/midori.profile | 4 | ||||
| -rw-r--r-- | etc/openbox.profile | 2 | ||||
| -rw-r--r-- | etc/pcmanfm.profile | 4 | ||||
| -rw-r--r-- | etc/vlc.profile | 1 | ||||
| -rw-r--r-- | etc/vym.profile | 2 | ||||
| -rw-r--r-- | etc/waterfox.profile | 2 | ||||
| -rw-r--r-- | etc/wireshark.profile | 2 | ||||
| -rw-r--r-- | etc/xreader.profile | 2 |
25 files changed, 89 insertions, 27 deletions
diff --git a/etc/atril.profile b/etc/atril.profile index 98142012c..50592ec3a 100644 --- a/etc/atril.profile +++ b/etc/atril.profile | |||
| @@ -6,7 +6,9 @@ include /etc/firejail/atril.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ~/.config/atril | 8 | noblacklist ~/.config/atril |
| 9 | noblacklist ~/.local/share | 9 | |
| 10 | #noblacklist ~/.local/share | ||
| 11 | # it seems to use only ~/.local/share/webkitgtk | ||
| 10 | 12 | ||
| 11 | include /etc/firejail/disable-common.inc | 13 | include /etc/firejail/disable-common.inc |
| 12 | include /etc/firejail/disable-devel.inc | 14 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/bitlbee.profile b/etc/bitlbee.profile index 1b7b2c258..0f57c9e69 100644 --- a/etc/bitlbee.profile +++ b/etc/bitlbee.profile | |||
| @@ -7,7 +7,7 @@ include /etc/firejail/globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist /sbin | 8 | noblacklist /sbin |
| 9 | noblacklist /usr/sbin | 9 | noblacklist /usr/sbin |
| 10 | noblacklist /var/log | 10 | # noblacklist /var/log |
| 11 | 11 | ||
| 12 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 13 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/brackets.profile b/etc/brackets.profile index 0a8c592a7..a5a06f9f3 100644 --- a/etc/brackets.profile +++ b/etc/brackets.profile | |||
| @@ -6,8 +6,8 @@ include /etc/firejail/brackets.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.config/Brackets | 8 | noblacklist ${HOME}/.config/Brackets |
| 9 | noblacklist /opt/brackets/ | 9 | #noblacklist /opt/brackets/ |
| 10 | noblacklist /opt/google/ | 10 | #noblacklist /opt/google/ |
| 11 | 11 | ||
| 12 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 13 | include /etc/firejail/disable-passwdmgr.inc | 13 | include /etc/firejail/disable-passwdmgr.inc |
diff --git a/etc/caja.profile b/etc/caja.profile index 97663fddb..83b6befa3 100644 --- a/etc/caja.profile +++ b/etc/caja.profile | |||
| @@ -8,9 +8,9 @@ include /etc/firejail/globals.local | |||
| 8 | # Caja is started by systemd on most systems. Therefore it is not firejailed by default. Since there | 8 | # Caja is started by systemd on most systems. Therefore it is not firejailed by default. Since there |
| 9 | # is already a caja process running on MATE desktops firejail will have no effect. | 9 | # is already a caja process running on MATE desktops firejail will have no effect. |
| 10 | 10 | ||
| 11 | noblacklist ~/.config/caja | 11 | # noblacklist ~/.config/caja - disable-programs.inc is disabled, see below |
| 12 | noblacklist ~/.local/share/Trash | 12 | # noblacklist ~/.local/share/Trash |
| 13 | noblacklist ~/.local/share/caja-python | 13 | # noblacklist ~/.local/share/caja-python |
| 14 | 14 | ||
| 15 | include /etc/firejail/disable-common.inc | 15 | include /etc/firejail/disable-common.inc |
| 16 | include /etc/firejail/disable-devel.inc | 16 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index 88be562c8..3db2aeb09 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile | |||
| @@ -6,8 +6,8 @@ include /etc/firejail/cherrytree.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.config/cherrytree | 8 | noblacklist ${HOME}/.config/cherrytree |
| 9 | noblacklist /usr/bin/python2* | 9 | #noblacklist /usr/bin/python2* |
| 10 | noblacklist /usr/lib/python3* | 10 | #noblacklist /usr/lib/python3* |
| 11 | 11 | ||
| 12 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 13 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/cliqz.profile b/etc/cliqz.profile index a7c791a02..d61d46dca 100644 --- a/etc/cliqz.profile +++ b/etc/cliqz.profile | |||
| @@ -16,7 +16,7 @@ noblacklist ~/.kde/share/config/okularrc | |||
| 16 | noblacklist ~/.kde4/share/apps/okular | 16 | noblacklist ~/.kde4/share/apps/okular |
| 17 | noblacklist ~/.kde4/share/config/okularpartrc | 17 | noblacklist ~/.kde4/share/config/okularpartrc |
| 18 | noblacklist ~/.kde4/share/config/okularrc | 18 | noblacklist ~/.kde4/share/config/okularrc |
| 19 | noblacklist ~/.local/share/gnome-shell/extensions | 19 | # noblacklist ~/.local/share/gnome-shell/extensions |
| 20 | noblacklist ~/.local/share/okular | 20 | noblacklist ~/.local/share/okular |
| 21 | noblacklist ~/.local/share/qpdfview | 21 | noblacklist ~/.local/share/qpdfview |
| 22 | 22 | ||
diff --git a/etc/digikam.profile b/etc/digikam.profile index ef518470e..5557e5457 100644 --- a/etc/digikam.profile +++ b/etc/digikam.profile | |||
| @@ -5,6 +5,7 @@ include /etc/firejail/digikam.local | |||
| 5 | # Persistent global definitions | 5 | # Persistent global definitions |
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.config/digikam | ||
| 8 | noblacklist ${HOME}/.config/digikamrc | 9 | noblacklist ${HOME}/.config/digikamrc |
| 9 | noblacklist ${HOME}/.kde/share/apps/digikam | 10 | noblacklist ${HOME}/.kde/share/apps/digikam |
| 10 | noblacklist ${HOME}/.kde4/share/apps/digikam | 11 | noblacklist ${HOME}/.kde4/share/apps/digikam |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 6c8a68d9e..8d8d839a9 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
| @@ -155,6 +155,17 @@ blacklist /etc/anacrontab | |||
| 155 | blacklist /etc/cron* | 155 | blacklist /etc/cron* |
| 156 | blacklist /etc/profile.d | 156 | blacklist /etc/profile.d |
| 157 | blacklist /etc/rc.local | 157 | blacklist /etc/rc.local |
| 158 | # rc1.d, rc2.d, ... | ||
| 159 | blacklist /etc/rc?.d | ||
| 160 | blacklist /etc/kernel* | ||
| 161 | blacklist /etc/grub* | ||
| 162 | blacklist /etc/dkms | ||
| 163 | blacklist /etc/apparmor* | ||
| 164 | blacklist /etc/selinux | ||
| 165 | blacklist /etc/modules* | ||
| 166 | blacklist /etc/logrotate* | ||
| 167 | blacklist /etc/adduser.conf | ||
| 168 | blacklist ${HOME}/.config/openbox | ||
| 158 | 169 | ||
| 159 | # Startup files | 170 | # Startup files |
| 160 | read-only ${HOME}/.antigen | 171 | read-only ${HOME}/.antigen |
| @@ -201,6 +212,7 @@ read-only ${HOME}/.nano | |||
| 201 | read-only ${HOME}/.reportbugrc | 212 | read-only ${HOME}/.reportbugrc |
| 202 | read-only ${HOME}/.tmux.conf | 213 | read-only ${HOME}/.tmux.conf |
| 203 | read-only ${HOME}/.vim | 214 | read-only ${HOME}/.vim |
| 215 | read-only ${HOME}/.viminfo | ||
| 204 | read-only ${HOME}/.vimrc | 216 | read-only ${HOME}/.vimrc |
| 205 | read-only ${HOME}/.xmonad | 217 | read-only ${HOME}/.xmonad |
| 206 | read-only ${HOME}/.xscreensaver | 218 | read-only ${HOME}/.xscreensaver |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 73a2e6515..144fa7741 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
| @@ -24,6 +24,7 @@ blacklist ${HOME}/.ZAP | |||
| 24 | blacklist ${HOME}/.aMule | 24 | blacklist ${HOME}/.aMule |
| 25 | blacklist ${HOME}/.android | 25 | blacklist ${HOME}/.android |
| 26 | blacklist ${HOME}/.arduino15 | 26 | blacklist ${HOME}/.arduino15 |
| 27 | blacklist ${HOME}/.arm | ||
| 27 | blacklist ${HOME}/.atom | 28 | blacklist ${HOME}/.atom |
| 28 | blacklist ${HOME}/.attic | 29 | blacklist ${HOME}/.attic |
| 29 | blacklist ${HOME}/.audacity-data | 30 | blacklist ${HOME}/.audacity-data |
| @@ -41,6 +42,7 @@ blacklist ${HOME}/.config/Franz | |||
| 41 | blacklist ${HOME}/.config/FreeCAD | 42 | blacklist ${HOME}/.config/FreeCAD |
| 42 | blacklist ${HOME}/.config/Gitter | 43 | blacklist ${HOME}/.config/Gitter |
| 43 | blacklist ${HOME}/.config/Google | 44 | blacklist ${HOME}/.config/Google |
| 45 | blacklist ${HOME}/.config/Google Play Music Desktop Player | ||
| 44 | blacklist ${HOME}/.config/Gpredict | 46 | blacklist ${HOME}/.config/Gpredict |
| 45 | blacklist ${HOME}/.config/INRIA | 47 | blacklist ${HOME}/.config/INRIA |
| 46 | blacklist ${HOME}/.config/InSilmaril | 48 | blacklist ${HOME}/.config/InSilmaril |
| @@ -50,12 +52,15 @@ blacklist ${HOME}/.config/Mousepad | |||
| 50 | blacklist ${HOME}/.config/Mumble | 52 | blacklist ${HOME}/.config/Mumble |
| 51 | blacklist ${HOME}/.config/MusE | 53 | blacklist ${HOME}/.config/MusE |
| 52 | blacklist ${HOME}/.config/MuseScore | 54 | blacklist ${HOME}/.config/MuseScore |
| 55 | blacklist ${HOME}/.config/MusicBrainz | ||
| 53 | blacklist ${HOME}/.config/Nylas Mail | 56 | blacklist ${HOME}/.config/Nylas Mail |
| 54 | blacklist ${HOME}/.config/Qlipper | 57 | blacklist ${HOME}/.config/Qlipper |
| 55 | blacklist ${HOME}/.config/QuiteRss | 58 | blacklist ${HOME}/.config/QuiteRss |
| 56 | blacklist ${HOME}/.config/QuiteRssrc | 59 | blacklist ${HOME}/.config/QuiteRssrc |
| 60 | blacklist ${HOME}/.config/Rambox | ||
| 57 | blacklist ${HOME}/.config/Riot | 61 | blacklist ${HOME}/.config/Riot |
| 58 | blacklist ${HOME}/.config/Rocket.Chat | 62 | blacklist ${HOME}/.config/Rocket.Chat |
| 63 | blacklist ${HOME}/.config/Signal | ||
| 59 | blacklist ${HOME}/.config/Slack | 64 | blacklist ${HOME}/.config/Slack |
| 60 | blacklist ${HOME}/.config/Thunar | 65 | blacklist ${HOME}/.config/Thunar |
| 61 | blacklist ${HOME}/.config/VirtualBox | 66 | blacklist ${HOME}/.config/VirtualBox |
| @@ -89,6 +94,7 @@ blacklist ${HOME}/.config/darktable | |||
| 89 | blacklist ${HOME}/.config/deadbeef | 94 | blacklist ${HOME}/.config/deadbeef |
| 90 | blacklist ${HOME}/.config/deluge | 95 | blacklist ${HOME}/.config/deluge |
| 91 | blacklist ${HOME}/.config/digikam | 96 | blacklist ${HOME}/.config/digikam |
| 97 | blacklist ${HOME}/.config/digikamrc | ||
| 92 | blacklist ${HOME}/.config/dolphinrc | 98 | blacklist ${HOME}/.config/dolphinrc |
| 93 | blacklist ${HOME}/.config/dragonplayerrc | 99 | blacklist ${HOME}/.config/dragonplayerrc |
| 94 | blacklist ${HOME}/.config/enchant | 100 | blacklist ${HOME}/.config/enchant |
| @@ -105,6 +111,7 @@ blacklist ${HOME}/.config/gedit | |||
| 105 | blacklist ${HOME}/.config/geeqie | 111 | blacklist ${HOME}/.config/geeqie |
| 106 | blacklist ${HOME}/.config/ghb | 112 | blacklist ${HOME}/.config/ghb |
| 107 | blacklist ${HOME}/.config/globaltime | 113 | blacklist ${HOME}/.config/globaltime |
| 114 | blacklist ${HOME}/.config/gnome-mplayer | ||
| 108 | blacklist ${HOME}/.config/google-chrome | 115 | blacklist ${HOME}/.config/google-chrome |
| 109 | blacklist ${HOME}/.config/google-chrome-beta | 116 | blacklist ${HOME}/.config/google-chrome-beta |
| 110 | blacklist ${HOME}/.config/google-chrome-unstable | 117 | blacklist ${HOME}/.config/google-chrome-unstable |
| @@ -112,7 +119,9 @@ blacklist ${HOME}/.config/gpicview | |||
| 112 | blacklist ${HOME}/.config/gthumb | 119 | blacklist ${HOME}/.config/gthumb |
| 113 | blacklist ${HOME}/.config/gwenviewrc | 120 | blacklist ${HOME}/.config/gwenviewrc |
| 114 | blacklist ${HOME}/.config/hexchat | 121 | blacklist ${HOME}/.config/hexchat |
| 122 | blacklist ${HOME}/.config/inkscape | ||
| 115 | blacklist ${HOME}/.config/inox | 123 | blacklist ${HOME}/.config/inox |
| 124 | blacklist ${HOME}/.config/iridium | ||
| 116 | blacklist ${HOME}/.config/itch | 125 | blacklist ${HOME}/.config/itch |
| 117 | blacklist ${HOME}/.config/jd-gui.cfg | 126 | blacklist ${HOME}/.config/jd-gui.cfg |
| 118 | blacklist ${HOME}/.config/k3brc | 127 | blacklist ${HOME}/.config/k3brc |
| @@ -121,17 +130,21 @@ blacklist ${HOME}/.config/katerc | |||
| 121 | blacklist ${HOME}/.config/kateschemarc | 130 | blacklist ${HOME}/.config/kateschemarc |
| 122 | blacklist ${HOME}/.config/katesyntaxhighlightingrc | 131 | blacklist ${HOME}/.config/katesyntaxhighlightingrc |
| 123 | blacklist ${HOME}/.config/katevirc | 132 | blacklist ${HOME}/.config/katevirc |
| 133 | blacklist ${HOME}/.config/kritarc | ||
| 134 | blacklist ${HOME}/.config/kwriterc | ||
| 124 | blacklist ${HOME}/.config/kdeconnect | 135 | blacklist ${HOME}/.config/kdeconnect |
| 125 | blacklist ${HOME}/.config/knotesrc | 136 | blacklist ${HOME}/.config/knotesrc |
| 126 | blacklist ${HOME}/.config/ktorrentrc | 137 | blacklist ${HOME}/.config/ktorrentrc |
| 127 | blacklist ${HOME}/.config/leafpad | 138 | blacklist ${HOME}/.config/leafpad |
| 128 | blacklist ${HOME}/.config/libreoffice | 139 | blacklist ${HOME}/.config/libreoffice |
| 140 | blacklist ${HOME}/.config/liferea | ||
| 129 | blacklist ${HOME}/.config/lximage-qt | 141 | blacklist ${HOME}/.config/lximage-qt |
| 130 | blacklist ${HOME}/.config/mate-calc | 142 | blacklist ${HOME}/.config/mate-calc |
| 131 | blacklist ${HOME}/.config/mate/eom | 143 | blacklist ${HOME}/.config/mate/eom |
| 132 | blacklist ${HOME}/.config/mate/mate-dictionary | 144 | blacklist ${HOME}/.config/mate/mate-dictionary |
| 133 | blacklist ${HOME}/.config/mfusion | 145 | blacklist ${HOME}/.config/mfusion |
| 134 | blacklist ${HOME}/.config/midori | 146 | blacklist ${HOME}/.config/midori |
| 147 | blacklist ${HOME}/.config/mono | ||
| 135 | blacklist ${HOME}/.config/mpv | 148 | blacklist ${HOME}/.config/mpv |
| 136 | blacklist ${HOME}/.config/mupen64plus | 149 | blacklist ${HOME}/.config/mupen64plus |
| 137 | blacklist ${HOME}/.config/nautilus | 150 | blacklist ${HOME}/.config/nautilus |
| @@ -157,11 +170,13 @@ blacklist ${HOME}/.config/qupzilla | |||
| 157 | blacklist ${HOME}/.config/qutebrowser | 170 | blacklist ${HOME}/.config/qutebrowser |
| 158 | blacklist ${HOME}/.config/ranger | 171 | blacklist ${HOME}/.config/ranger |
| 159 | blacklist ${HOME}/.config/redshift.conf | 172 | blacklist ${HOME}/.config/redshift.conf |
| 173 | blacklist ${HOME}/.config/remmina | ||
| 160 | blacklist ${HOME}/.config/ristretto | 174 | blacklist ${HOME}/.config/ristretto |
| 161 | blacklist ${HOME}/.config/scribus | 175 | blacklist ${HOME}/.config/scribus |
| 162 | blacklist ${HOME}/.config/skypeforlinux | 176 | blacklist ${HOME}/.config/skypeforlinux |
| 163 | blacklist ${HOME}/.config/slimjet | 177 | blacklist ${HOME}/.config/slimjet |
| 164 | blacklist ${HOME}/.config/smplayer | 178 | blacklist ${HOME}/.config/smplayer |
| 179 | blacklist ${HOME}/.config/smtube | ||
| 165 | blacklist ${HOME}/.config/spotify | 180 | blacklist ${HOME}/.config/spotify |
| 166 | blacklist ${HOME}/.config/stellarium | 181 | blacklist ${HOME}/.config/stellarium |
| 167 | blacklist ${HOME}/.config/synfig | 182 | blacklist ${HOME}/.config/synfig |
| @@ -169,8 +184,10 @@ blacklist ${HOME}/.config/telepathy-account-widgets | |||
| 169 | blacklist ${HOME}/.config/torbrowser | 184 | blacklist ${HOME}/.config/torbrowser |
| 170 | blacklist ${HOME}/.config/totem | 185 | blacklist ${HOME}/.config/totem |
| 171 | blacklist ${HOME}/.config/tox | 186 | blacklist ${HOME}/.config/tox |
| 187 | blacklist ${HOME}/.config/truecraft | ||
| 172 | blacklist ${HOME}/.config/transmission | 188 | blacklist ${HOME}/.config/transmission |
| 173 | blacklist ${HOME}/.config/uGet | 189 | blacklist ${HOME}/.config/uGet |
| 190 | blacklist ${HOME}/.config/uzbl | ||
| 174 | blacklist ${HOME}/.config/viewnior | 191 | blacklist ${HOME}/.config/viewnior |
| 175 | blacklist ${HOME}/.config/vivaldi | 192 | blacklist ${HOME}/.config/vivaldi |
| 176 | blacklist ${HOME}/.config/vlc | 193 | blacklist ${HOME}/.config/vlc |
| @@ -199,7 +216,7 @@ blacklist ${HOME}/.dia | |||
| 199 | blacklist ${HOME}/.dillo | 216 | blacklist ${HOME}/.dillo |
| 200 | blacklist ${HOME}/.dooble | 217 | blacklist ${HOME}/.dooble |
| 201 | blacklist ${HOME}/.dosbox | 218 | blacklist ${HOME}/.dosbox |
| 202 | blacklist ${HOME}/.dropbox-dist | 219 | blacklist ${HOME}/.dropbox* |
| 203 | blacklist ${HOME}/.electrum* | 220 | blacklist ${HOME}/.electrum* |
| 204 | blacklist ${HOME}/.elinks | 221 | blacklist ${HOME}/.elinks |
| 205 | blacklist ${HOME}/.emacs | 222 | blacklist ${HOME}/.emacs |
| @@ -209,6 +226,7 @@ blacklist ${HOME}/.etr | |||
| 209 | blacklist ${HOME}/.filezilla | 226 | blacklist ${HOME}/.filezilla |
| 210 | blacklist ${HOME}/.flowblade | 227 | blacklist ${HOME}/.flowblade |
| 211 | blacklist ${HOME}/.fltk | 228 | blacklist ${HOME}/.fltk |
| 229 | blacklist ${HOME}/.fossamail | ||
| 212 | blacklist ${HOME}/.frozen-bubble | 230 | blacklist ${HOME}/.frozen-bubble |
| 213 | blacklist ${HOME}/.gimp* | 231 | blacklist ${HOME}/.gimp* |
| 214 | blacklist ${HOME}/.git-credential-cache | 232 | blacklist ${HOME}/.git-credential-cache |
| @@ -228,6 +246,7 @@ blacklist ${HOME}/.jack-server | |||
| 228 | blacklist ${HOME}/.jack-settings | 246 | blacklist ${HOME}/.jack-settings |
| 229 | blacklist ${HOME}/.java | 247 | blacklist ${HOME}/.java |
| 230 | blacklist ${HOME}/.jitsi | 248 | blacklist ${HOME}/.jitsi |
| 249 | blacklist ${HOME}/.kde/share/apps/digikam | ||
| 231 | blacklist ${HOME}/.kde/share/apps/gwenview | 250 | blacklist ${HOME}/.kde/share/apps/gwenview |
| 232 | blacklist ${HOME}/.kde/share/apps/kcookiejar | 251 | blacklist ${HOME}/.kde/share/apps/kcookiejar |
| 233 | blacklist ${HOME}/.kde/share/apps/kget | 252 | blacklist ${HOME}/.kde/share/apps/kget |
| @@ -235,7 +254,8 @@ blacklist ${HOME}/.kde/share/apps/khtml | |||
| 235 | blacklist ${HOME}/.kde/share/apps/konqsidebartng | 254 | blacklist ${HOME}/.kde/share/apps/konqsidebartng |
| 236 | blacklist ${HOME}/.kde/share/apps/konqueror | 255 | blacklist ${HOME}/.kde/share/apps/konqueror |
| 237 | blacklist ${HOME}/.kde/share/apps/kopete | 256 | blacklist ${HOME}/.kde/share/apps/kopete |
| 238 | blacklist ${HOME}/.kde/share/apps/okular | 257 | blacklist ${HOME}/.kde/share/apps/khtml |
| 258 | blacklist ${HOME}/.kde/share/apps/ktorrent | ||
| 239 | blacklist ${HOME}/.kde/share/config/baloofilerc | 259 | blacklist ${HOME}/.kde/share/config/baloofilerc |
| 240 | blacklist ${HOME}/.kde/share/config/baloorc | 260 | blacklist ${HOME}/.kde/share/config/baloorc |
| 241 | blacklist ${HOME}/.kde/share/config/digikam | 261 | blacklist ${HOME}/.kde/share/config/digikam |
| @@ -251,6 +271,7 @@ blacklist ${HOME}/.kde/share/config/kopeterc | |||
| 251 | blacklist ${HOME}/.kde/share/config/ktorrentrc | 271 | blacklist ${HOME}/.kde/share/config/ktorrentrc |
| 252 | blacklist ${HOME}/.kde/share/config/okularpartrc | 272 | blacklist ${HOME}/.kde/share/config/okularpartrc |
| 253 | blacklist ${HOME}/.kde/share/config/okularrc | 273 | blacklist ${HOME}/.kde/share/config/okularrc |
| 274 | blacklist ${HOME}/.kde4/share/apps/digikam | ||
| 254 | blacklist ${HOME}/.kde4/share/apps/gwenview | 275 | blacklist ${HOME}/.kde4/share/apps/gwenview |
| 255 | blacklist ${HOME}/.kde4/share/apps/kcookiejar | 276 | blacklist ${HOME}/.kde4/share/apps/kcookiejar |
| 256 | blacklist ${HOME}/.kde4/share/apps/kget | 277 | blacklist ${HOME}/.kde4/share/apps/kget |
| @@ -258,6 +279,7 @@ blacklist ${HOME}/.kde4/share/apps/khtml | |||
| 258 | blacklist ${HOME}/.kde4/share/apps/konqueror | 279 | blacklist ${HOME}/.kde4/share/apps/konqueror |
| 259 | blacklist ${HOME}/.kde4/share/apps/konqsidebartng | 280 | blacklist ${HOME}/.kde4/share/apps/konqsidebartng |
| 260 | blacklist ${HOME}/.kde4/share/apps/kopete | 281 | blacklist ${HOME}/.kde4/share/apps/kopete |
| 282 | blacklist ${HOME}/.kde4/share/apps/ktorrent | ||
| 261 | blacklist ${HOME}/.kde4/share/apps/okular | 283 | blacklist ${HOME}/.kde4/share/apps/okular |
| 262 | blacklist ${HOME}/.kde4/share/config/baloorc | 284 | blacklist ${HOME}/.kde4/share/config/baloorc |
| 263 | blacklist ${HOME}/.kde4/share/config/baloofilerc | 285 | blacklist ${HOME}/.kde4/share/config/baloofilerc |
| @@ -311,16 +333,22 @@ blacklist ${HOME}/.local/share/feral-interactive | |||
| 311 | blacklist ${HOME}/.local/share/gajim | 333 | blacklist ${HOME}/.local/share/gajim |
| 312 | blacklist ${HOME}/.local/share/geary | 334 | blacklist ${HOME}/.local/share/geary |
| 313 | blacklist ${HOME}/.local/share/geeqie | 335 | blacklist ${HOME}/.local/share/geeqie |
| 336 | blacklist ${HOME}/.local/share/gitg | ||
| 314 | blacklist ${HOME}/.local/share/gnome-2048 | 337 | blacklist ${HOME}/.local/share/gnome-2048 |
| 315 | blacklist ${HOME}/.local/share/gnome-chess | 338 | blacklist ${HOME}/.local/share/gnome-chess |
| 316 | blacklist ${HOME}/.local/share/gnome-music | 339 | blacklist ${HOME}/.local/share/gnome-music |
| 317 | blacklist ${HOME}/.local/share/gnome-photos | 340 | blacklist ${HOME}/.local/share/gnome-photos |
| 341 | blacklist ${HOME}/.local/share/gnome-ring | ||
| 342 | blacklist ${HOME}/.local/share/gnome-twitch | ||
| 318 | blacklist ${HOME}/.local/share/gwenview | 343 | blacklist ${HOME}/.local/share/gwenview |
| 319 | blacklist ${HOME}/.local/share/kate | 344 | blacklist ${HOME}/.local/share/kate |
| 320 | blacklist ${HOME}/.local/share/ktorrentrc | 345 | blacklist ${HOME}/.local/share/ktorrentrc |
| 346 | blacklist ${HOME}/.local/share/ktorrent | ||
| 321 | blacklist ${HOME}/.local/share/kwrite | 347 | blacklist ${HOME}/.local/share/kwrite |
| 348 | blacklist ${HOME}/.local/share/liferea | ||
| 322 | blacklist ${HOME}/.local/share/lollypop | 349 | blacklist ${HOME}/.local/share/lollypop |
| 323 | blacklist ${HOME}/.local/share/meld | 350 | blacklist ${HOME}/.local/share/meld |
| 351 | blacklist ${HOME}/.local/share/midori | ||
| 324 | blacklist ${HOME}/.local/share/multimc | 352 | blacklist ${HOME}/.local/share/multimc |
| 325 | blacklist ${HOME}/.local/share/multimc5 | 353 | blacklist ${HOME}/.local/share/multimc5 |
| 326 | blacklist ${HOME}/.local/share/mupen64plus | 354 | blacklist ${HOME}/.local/share/mupen64plus |
| @@ -335,6 +363,7 @@ blacklist ${HOME}/.local/share/org.kde.gwenview | |||
| 335 | blacklist ${HOME}/.local/share/pix | 363 | blacklist ${HOME}/.local/share/pix |
| 336 | blacklist ${HOME}/.local/share/psi+ | 364 | blacklist ${HOME}/.local/share/psi+ |
| 337 | blacklist ${HOME}/.local/share/qpdfview | 365 | blacklist ${HOME}/.local/share/qpdfview |
| 366 | blacklist ${HOME}/.local/share/remmina | ||
| 338 | blacklist ${HOME}/.local/share/scribus | 367 | blacklist ${HOME}/.local/share/scribus |
| 339 | blacklist ${HOME}/.local/share/spotify | 368 | blacklist ${HOME}/.local/share/spotify |
| 340 | blacklist ${HOME}/.local/share/steam | 369 | blacklist ${HOME}/.local/share/steam |
| @@ -343,6 +372,7 @@ blacklist ${HOME}/.local/share/telepathy | |||
| 343 | blacklist ${HOME}/.local/share/terasology | 372 | blacklist ${HOME}/.local/share/terasology |
| 344 | blacklist ${HOME}/.local/share/torbrowser | 373 | blacklist ${HOME}/.local/share/torbrowser |
| 345 | blacklist ${HOME}/.local/share/totem | 374 | blacklist ${HOME}/.local/share/totem |
| 375 | blacklist ${HOME}/.local/share/vlc | ||
| 346 | blacklist ${HOME}/.local/share/vpltd | 376 | blacklist ${HOME}/.local/share/vpltd |
| 347 | blacklist ${HOME}/.local/share/vulkan | 377 | blacklist ${HOME}/.local/share/vulkan |
| 348 | blacklist ${HOME}/.local/share/wesnoth | 378 | blacklist ${HOME}/.local/share/wesnoth |
| @@ -395,21 +425,24 @@ blacklist ${HOME}/.tooling | |||
| 395 | blacklist ${HOME}/.tor-browser-en | 425 | blacklist ${HOME}/.tor-browser-en |
| 396 | blacklist ${HOME}/.ts3client | 426 | blacklist ${HOME}/.ts3client |
| 397 | blacklist ${HOME}/.tuxguitar* | 427 | blacklist ${HOME}/.tuxguitar* |
| 398 | blacklist ${HOME}/.unknow-horizons | 428 | blacklist ${HOME}/.unknown-horizons |
| 399 | blacklist ${HOME}/.viking | 429 | blacklist ${HOME}/.viking |
| 400 | blacklist ${HOME}/.viking-maps | 430 | blacklist ${HOME}/.viking-maps |
| 401 | blacklist ${HOME}/.vst | 431 | blacklist ${HOME}/.vst |
| 402 | blacklist ${HOME}/.w3m | 432 | blacklist ${HOME}/.w3m |
| 403 | blacklist ${HOME}/.warzone2100-3.* | 433 | blacklist ${HOME}/.warzone2100-3.* |
| 434 | blacklist ${HOME}/.waterfox | ||
| 404 | blacklist ${HOME}/.weechat | 435 | blacklist ${HOME}/.weechat |
| 405 | blacklist ${HOME}/.wgetrc | 436 | blacklist ${HOME}/.wgetrc |
| 406 | blacklist ${HOME}/.wine | 437 | blacklist ${HOME}/.wine |
| 438 | blacklist ${HOME}/.wireshark | ||
| 407 | blacklist ${HOME}/.wine64 | 439 | blacklist ${HOME}/.wine64 |
| 408 | blacklist ${HOME}/.xiphos | 440 | blacklist ${HOME}/.xiphos |
| 409 | blacklist ${HOME}/.xmms | 441 | blacklist ${HOME}/.xmms |
| 410 | blacklist ${HOME}/.xonotic | 442 | blacklist ${HOME}/.xonotic |
| 411 | blacklist ${HOME}/.xpdfrc | 443 | blacklist ${HOME}/.xpdfrc |
| 412 | blacklist ${HOME}/.zoom | 444 | blacklist ${HOME}/.zoom |
| 445 | blacklist ${HOME}/Arduino | ||
| 413 | blacklist ${HOME}/wallet.dat | 446 | blacklist ${HOME}/wallet.dat |
| 414 | blacklist /tmp/ssh-* | 447 | blacklist /tmp/ssh-* |
| 415 | 448 | ||
| @@ -418,6 +451,7 @@ blacklist ${HOME}/.cache/0ad | |||
| 418 | blacklist ${HOME}/.cache/8pecxstudios | 451 | blacklist ${HOME}/.cache/8pecxstudios |
| 419 | blacklist ${HOME}/.cache/Franz | 452 | blacklist ${HOME}/.cache/Franz |
| 420 | blacklist ${HOME}/.cache/INRIA | 453 | blacklist ${HOME}/.cache/INRIA |
| 454 | blacklist ${HOME}/.cache/MusicBrainz | ||
| 421 | blacklist ${HOME}/.cache/QuiteRss | 455 | blacklist ${HOME}/.cache/QuiteRss |
| 422 | blacklist ${HOME}/.cache/attic | 456 | blacklist ${HOME}/.cache/attic |
| 423 | blacklist ${HOME}/.cache/borg | 457 | blacklist ${HOME}/.cache/borg |
| @@ -429,16 +463,21 @@ blacklist ${HOME}/.cache/cliqz | |||
| 429 | blacklist ${HOME}/.cache/darktable | 463 | blacklist ${HOME}/.cache/darktable |
| 430 | blacklist ${HOME}/.cache/epiphany | 464 | blacklist ${HOME}/.cache/epiphany |
| 431 | blacklist ${HOME}/.cache/evolution | 465 | blacklist ${HOME}/.cache/evolution |
| 466 | blacklist ${HOME}/.cache/fossamail | ||
| 432 | blacklist ${HOME}/.cache/gajim | 467 | blacklist ${HOME}/.cache/gajim |
| 433 | blacklist ${HOME}/.cache/geeqie | 468 | blacklist ${HOME}/.cache/geeqie |
| 434 | blacklist ${HOME}/.cache/google-chrome | 469 | blacklist ${HOME}/.cache/google-chrome |
| 435 | blacklist ${HOME}/.cache/google-chrome-beta | 470 | blacklist ${HOME}/.cache/google-chrome-beta |
| 436 | blacklist ${HOME}/.cache/google-chrome-unstable | 471 | blacklist ${HOME}/.cache/google-chrome-unstable |
| 472 | blacklist ${HOME}/.cache/gnome-twitch | ||
| 437 | blacklist ${HOME}/.cache/icedove | 473 | blacklist ${HOME}/.cache/icedove |
| 438 | blacklist ${HOME}/.cache/INRIA/Natron | 474 | blacklist ${HOME}/.cache/INRIA/Natron |
| 439 | blacklist ${HOME}/.cache/inox | 475 | blacklist ${HOME}/.cache/inox |
| 476 | blacklist ${HOME}/.cache/iridium | ||
| 440 | blacklist ${HOME}/.cache/libgweather | 477 | blacklist ${HOME}/.cache/libgweather |
| 478 | blacklist ${HOME}/.cache/liferea | ||
| 441 | blacklist ${HOME}/.cache/midori | 479 | blacklist ${HOME}/.cache/midori |
| 480 | noblacklist ${HOME}/.cache/moonchild productions/pale moon | ||
| 442 | blacklist ${HOME}/.cache/mozilla | 481 | blacklist ${HOME}/.cache/mozilla |
| 443 | blacklist ${HOME}/.cache/mutt | 482 | blacklist ${HOME}/.cache/mutt |
| 444 | blacklist ${HOME}/.cache/netsurf | 483 | blacklist ${HOME}/.cache/netsurf |
| @@ -458,6 +497,7 @@ blacklist ${HOME}/.cache/thunderbird | |||
| 458 | blacklist ${HOME}/.cache/torbrowser | 497 | blacklist ${HOME}/.cache/torbrowser |
| 459 | blacklist ${HOME}/.cache/transmission | 498 | blacklist ${HOME}/.cache/transmission |
| 460 | blacklist ${HOME}/.cache/vivaldi | 499 | blacklist ${HOME}/.cache/vivaldi |
| 500 | blacklist ${HOME}/.cache/waterfox | ||
| 461 | blacklist ${HOME}/.cache/wesnoth | 501 | blacklist ${HOME}/.cache/wesnoth |
| 462 | blacklist ${HOME}/.cache/xmms2 | 502 | blacklist ${HOME}/.cache/xmms2 |
| 463 | blacklist ${HOME}/.cache/xreader | 503 | blacklist ${HOME}/.cache/xreader |
diff --git a/etc/dolphin.profile b/etc/dolphin.profile index 7566e927b..fe72ee654 100644 --- a/etc/dolphin.profile +++ b/etc/dolphin.profile | |||
| @@ -8,8 +8,8 @@ include /etc/firejail/globals.local | |||
| 8 | # warning: firejail is currently not effectively constraining dolphin since used services are started by kdeinit5 | 8 | # warning: firejail is currently not effectively constraining dolphin since used services are started by kdeinit5 |
| 9 | 9 | ||
| 10 | noblacklist ${HOME}/.local/share/Trash | 10 | noblacklist ${HOME}/.local/share/Trash |
| 11 | noblacklist ~/.config/dolphinrc | 11 | # noblacklist ~/.config/dolphinrc - diable-programs.inc is disabled, see below |
| 12 | noblacklist ~/.local/share/dolphin | 12 | # noblacklist ~/.local/share/dolphin |
| 13 | 13 | ||
| 14 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
| 15 | include /etc/firejail/disable-devel.inc | 15 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/evolution.profile b/etc/evolution.profile index 9f29b229b..e74c68f63 100644 --- a/etc/evolution.profile +++ b/etc/evolution.profile | |||
| @@ -7,13 +7,12 @@ include /etc/firejail/globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist /var/mail | 8 | noblacklist /var/mail |
| 9 | noblacklist /var/spool/mail | 9 | noblacklist /var/spool/mail |
| 10 | noblacklist ~/.bogofilter | 10 | # noblacklist ~/.bogofilter |
| 11 | noblacklist ~/.cache/evolution | 11 | noblacklist ~/.cache/evolution |
| 12 | noblacklist ~/.config/evolution | 12 | noblacklist ~/.config/evolution |
| 13 | noblacklist ~/.gnupg | 13 | noblacklist ~/.gnupg |
| 14 | noblacklist ~/.local/share/evolution | 14 | noblacklist ~/.local/share/evolution |
| 15 | noblacklist ~/.pki | 15 | noblacklist ~/.pki |
| 16 | noblacklist ~/.pki/nssdb | ||
| 17 | 16 | ||
| 18 | include /etc/firejail/disable-common.inc | 17 | include /etc/firejail/disable-common.inc |
| 19 | include /etc/firejail/disable-devel.inc | 18 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/firefox.profile b/etc/firefox.profile index 1f4106936..2423b149c 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
| @@ -19,7 +19,7 @@ noblacklist ~/.kde4/share/apps/okular | |||
| 19 | noblacklist ~/.kde4/share/config/kgetrc | 19 | noblacklist ~/.kde4/share/config/kgetrc |
| 20 | noblacklist ~/.kde4/share/config/okularpartrc | 20 | noblacklist ~/.kde4/share/config/okularpartrc |
| 21 | noblacklist ~/.kde4/share/config/okularrc | 21 | noblacklist ~/.kde4/share/config/okularrc |
| 22 | noblacklist ~/.local/share/gnome-shell/extensions | 22 | # noblacklist ~/.local/share/gnome-shell/extensions |
| 23 | noblacklist ~/.local/share/okular | 23 | noblacklist ~/.local/share/okular |
| 24 | noblacklist ~/.local/share/qpdfview | 24 | noblacklist ~/.local/share/qpdfview |
| 25 | noblacklist ~/.mozilla | 25 | noblacklist ~/.mozilla |
diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index d63cc4500..166994374 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile | |||
| @@ -5,6 +5,7 @@ include /etc/firejail/gnome-mplayer.local | |||
| 5 | # Persistent global definitions | 5 | # Persistent global definitions |
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ~/.config/gnome-mplayer | ||
| 8 | 9 | ||
| 9 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
| 10 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/inkscape.profile b/etc/inkscape.profile index b190e4326..d2929412b 100644 --- a/etc/inkscape.profile +++ b/etc/inkscape.profile | |||
| @@ -6,6 +6,8 @@ include /etc/firejail/inkscape.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.inkscape | 8 | noblacklist ${HOME}/.inkscape |
| 9 | noblacklist ${HOME}/.config/inkscape | ||
| 10 | |||
| 9 | 11 | ||
| 10 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 11 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/krita.profile b/etc/krita.profile index 52329eaab..0d2b62c5d 100644 --- a/etc/krita.profile +++ b/etc/krita.profile | |||
| @@ -6,6 +6,7 @@ include /etc/firejail/krita.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | # blacklist /run/user/*/bus | 8 | # blacklist /run/user/*/bus |
| 9 | noblacklist ${HOME}/.config/kritarc | ||
| 9 | 10 | ||
| 10 | include /etc/firejail/disable-common.inc | 11 | include /etc/firejail/disable-common.inc |
| 11 | include /etc/firejail/disable-devel.inc | 12 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/kwrite.profile b/etc/kwrite.profile index af1fa179b..5d6eba094 100644 --- a/etc/kwrite.profile +++ b/etc/kwrite.profile | |||
| @@ -12,6 +12,7 @@ noblacklist ~/.config/katerc | |||
| 12 | noblacklist ~/.config/kateschemarc | 12 | noblacklist ~/.config/kateschemarc |
| 13 | noblacklist ~/.config/katesyntaxhighlightingrc | 13 | noblacklist ~/.config/katesyntaxhighlightingrc |
| 14 | noblacklist ~/.config/katevirc | 14 | noblacklist ~/.config/katevirc |
| 15 | noblacklist ~/.config/kwriterc | ||
| 15 | noblacklist ~/.local/share/kwrite | 16 | noblacklist ~/.local/share/kwrite |
| 16 | 17 | ||
| 17 | include /etc/firejail/disable-common.inc | 18 | include /etc/firejail/disable-common.inc |
diff --git a/etc/lximage-qt.profile b/etc/lximage-qt.profile index 734f16e92..1a3b26c10 100644 --- a/etc/lximage-qt.profile +++ b/etc/lximage-qt.profile | |||
| @@ -5,7 +5,7 @@ include /etc/firejail/lximage-qt.local | |||
| 5 | # Persistent global definitions | 5 | # Persistent global definitions |
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist .config/lximage-qt | 8 | noblacklist ~/.config/lximage-qt |
| 9 | 9 | ||
| 10 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
| 11 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/midori.profile b/etc/midori.profile index 8ddb37776..e8373b042 100644 --- a/etc/midori.profile +++ b/etc/midori.profile | |||
| @@ -7,8 +7,8 @@ include /etc/firejail/globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist ~/.config/midori | 8 | noblacklist ~/.config/midori |
| 9 | noblacklist ~/.local/share/midori | 9 | noblacklist ~/.local/share/midori |
| 10 | noblacklist ~/.local/share/webkit | 10 | # noblacklist ~/.local/share/webkit |
| 11 | noblacklist ~/.local/share/webkitgtk | 11 | # noblacklist ~/.local/share/webkitgtk |
| 12 | noblacklist ~/.pki | 12 | noblacklist ~/.pki |
| 13 | 13 | ||
| 14 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
diff --git a/etc/openbox.profile b/etc/openbox.profile index 99c579c37..5bab7ce7d 100644 --- a/etc/openbox.profile +++ b/etc/openbox.profile | |||
| @@ -6,7 +6,7 @@ include /etc/firejail/openbox.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | # all applications started in OpenBox will run in this profile | 8 | # all applications started in OpenBox will run in this profile |
| 9 | 9 | noblacklist ${HOME}/.config/openbox | |
| 10 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
| 11 | 11 | ||
| 12 | caps.drop all | 12 | caps.drop all |
diff --git a/etc/pcmanfm.profile b/etc/pcmanfm.profile index 7d2121710..03e7e450f 100644 --- a/etc/pcmanfm.profile +++ b/etc/pcmanfm.profile | |||
| @@ -8,8 +8,8 @@ include /etc/firejail/globals.local | |||
| 8 | # blacklist /run/user/*/bus | 8 | # blacklist /run/user/*/bus |
| 9 | 9 | ||
| 10 | noblacklist ${HOME}/.local/share/Trash | 10 | noblacklist ${HOME}/.local/share/Trash |
| 11 | noblacklist ~/.config/libfm | 11 | # noblacklist ~/.config/libfm - disable-programs.inc is disabled, see below |
| 12 | noblacklist ~/.config/pcmanfm | 12 | # noblacklist ~/.config/pcmanfm |
| 13 | 13 | ||
| 14 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
| 15 | include /etc/firejail/disable-devel.inc | 15 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/vlc.profile b/etc/vlc.profile index c3a4d58d0..e906d738c 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile | |||
| @@ -6,6 +6,7 @@ include /etc/firejail/vlc.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.config/vlc | 8 | noblacklist ${HOME}/.config/vlc |
| 9 | noblacklist ${HOME}/.local/share/vlc | ||
| 9 | 10 | ||
| 10 | include /etc/firejail/disable-common.inc | 11 | include /etc/firejail/disable-common.inc |
| 11 | include /etc/firejail/disable-devel.inc | 12 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/vym.profile b/etc/vym.profile index 4f60b2ada..b38d87fde 100644 --- a/etc/vym.profile +++ b/etc/vym.profile | |||
| @@ -5,7 +5,7 @@ include /etc/firejail/vym.local | |||
| 5 | # Persistent global definitions | 5 | # Persistent global definitions |
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ./.config/InSilmaril | 8 | noblacklist ~/.config/InSilmaril |
| 9 | 9 | ||
| 10 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
| 11 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/waterfox.profile b/etc/waterfox.profile index 9626c17aa..53543e97e 100644 --- a/etc/waterfox.profile +++ b/etc/waterfox.profile | |||
| @@ -16,7 +16,7 @@ noblacklist ~/.kde/share/config/okularrc | |||
| 16 | noblacklist ~/.kde4/share/apps/okular | 16 | noblacklist ~/.kde4/share/apps/okular |
| 17 | noblacklist ~/.kde4/share/config/okularpartrc | 17 | noblacklist ~/.kde4/share/config/okularpartrc |
| 18 | noblacklist ~/.kde4/share/config/okularrc | 18 | noblacklist ~/.kde4/share/config/okularrc |
| 19 | noblacklist ~/.local/share/gnome-shell/extensions | 19 | # noblacklist ~/.local/share/gnome-shell/extensions |
| 20 | noblacklist ~/.local/share/okular | 20 | noblacklist ~/.local/share/okular |
| 21 | noblacklist ~/.local/share/qpdfview | 21 | noblacklist ~/.local/share/qpdfview |
| 22 | noblacklist ~/.mozilla | 22 | noblacklist ~/.mozilla |
diff --git a/etc/wireshark.profile b/etc/wireshark.profile index e283b6149..ba717cfe5 100644 --- a/etc/wireshark.profile +++ b/etc/wireshark.profile | |||
| @@ -6,6 +6,8 @@ include /etc/firejail/wireshark.local | |||
| 6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.config/wireshark | 8 | noblacklist ${HOME}/.config/wireshark |
| 9 | noblacklist ${HOME}/.wireshark | ||
| 10 | |||
| 9 | 11 | ||
| 10 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 11 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/xreader.profile b/etc/xreader.profile index 9583b6ee1..76fae9fed 100644 --- a/etc/xreader.profile +++ b/etc/xreader.profile | |||
| @@ -7,7 +7,7 @@ include /etc/firejail/globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist ~/.cache/xreader | 8 | noblacklist ~/.cache/xreader |
| 9 | noblacklist ~/.config/xreader | 9 | noblacklist ~/.config/xreader |
| 10 | noblacklist ~/.local/share | 10 | # noblacklist ~/.local/share |
| 11 | 11 | ||
| 12 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
| 13 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |