summaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar SYN-cook <syncookongit@gmail.com>2017-04-08 02:43:07 +0200
committerLibravatar Fred Barclay <Fred-Barclay@users.noreply.github.com>2017-04-08 00:43:07 +0000
commitefb1b5e8065e5bc488006c6f897b6475cac89465 (patch)
tree44178ca2ea253385b56908fd10a23d36717559ef /etc
parent0.9.44~rc1 testing (diff)
downloadfirejail-efb1b5e8065e5bc488006c6f897b6475cac89465.tar.gz
firejail-efb1b5e8065e5bc488006c6f897b6475cac89465.tar.zst
firejail-efb1b5e8065e5bc488006c6f897b6475cac89465.zip
Okular and Gwenview profiles, Baloo blacklist (#1198)
* okular private-bin update confirmed that lpr is required for printing, as suggested in #421 * update gwenview private-bin only for KDE4 builds, patch is not necessary for recent gwenview versions * blacklist baloo * update blacklist (okular) * update noblacklist * update noblacklist (okular) * tidy up * update noblacklist/whitelist (okular) * update blacklist (k3b) * uncomment private-bin, shell none
Diffstat (limited to 'etc')
-rw-r--r--etc/disable-programs.inc9
-rw-r--r--etc/firefox.profile2
-rw-r--r--etc/gwenview.profile4
-rw-r--r--etc/okular.profile5
-rw-r--r--etc/scribus.profile3
5 files changed, 20 insertions, 3 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index bd2feed90..0ccae0787 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -45,6 +45,8 @@ blacklist ${HOME}/.config/arkrc
45blacklist ${HOME}/.config/atril 45blacklist ${HOME}/.config/atril
46blacklist ${HOME}/.config/audacious 46blacklist ${HOME}/.config/audacious
47blacklist ${HOME}/.config/aweather 47blacklist ${HOME}/.config/aweather
48blacklist ${HOME}/.config/baloofilerc
49blacklist ${HOME}/.config/baloorc
48blacklist ${HOME}/.config/blender 50blacklist ${HOME}/.config/blender
49blacklist ${HOME}/.config/bless 51blacklist ${HOME}/.config/bless
50blacklist ${HOME}/.config/borg 52blacklist ${HOME}/.config/borg
@@ -80,6 +82,7 @@ blacklist ${HOME}/.config/gwenviewrc
80blacklist ${HOME}/.config/hexchat 82blacklist ${HOME}/.config/hexchat
81blacklist ${HOME}/.config/inox 83blacklist ${HOME}/.config/inox
82blacklist ${HOME}/.config/jd-gui.cfg 84blacklist ${HOME}/.config/jd-gui.cfg
85blacklist ${HOME}/.config/k3brc
83blacklist ${HOME}/.config/katepartrc 86blacklist ${HOME}/.config/katepartrc
84blacklist ${HOME}/.config/katerc 87blacklist ${HOME}/.config/katerc
85blacklist ${HOME}/.config/kateschemarc 88blacklist ${HOME}/.config/kateschemarc
@@ -94,6 +97,8 @@ blacklist ${HOME}/.config/mupen64plus
94blacklist ${HOME}/.config/nautilus 97blacklist ${HOME}/.config/nautilus
95blacklist ${HOME}/.config/nemo 98blacklist ${HOME}/.config/nemo
96blacklist ${HOME}/.config/netsurf 99blacklist ${HOME}/.config/netsurf
100blacklist ${HOME}/.config/okularpartrc
101blacklist ${HOME}/.config/okularrc
97blacklist ${HOME}/.config/opera 102blacklist ${HOME}/.config/opera
98blacklist ${HOME}/.config/opera-beta 103blacklist ${HOME}/.config/opera-beta
99blacklist ${HOME}/.config/org.kde.gwenviewrc 104blacklist ${HOME}/.config/org.kde.gwenviewrc
@@ -159,6 +164,7 @@ blacklist ${HOME}/.kde4/share/apps/khtml
159blacklist ${HOME}/.kde4/share/apps/konqsidebartng 164blacklist ${HOME}/.kde4/share/apps/konqsidebartng
160blacklist ${HOME}/.kde4/share/apps/konqueror 165blacklist ${HOME}/.kde4/share/apps/konqueror
161blacklist ${HOME}/.kde4/share/apps/okular 166blacklist ${HOME}/.kde4/share/apps/okular
167blacklist ${HOME}/.kde4/share/config/baloofilerc
162blacklist ${HOME}/.kde4/share/config/gwenviewrc 168blacklist ${HOME}/.kde4/share/config/gwenviewrc
163blacklist ${HOME}/.kde4/share/config/k3brc 169blacklist ${HOME}/.kde4/share/config/k3brc
164blacklist ${HOME}/.kde4/share/config/kcookiejarrc 170blacklist ${HOME}/.kde4/share/config/kcookiejarrc
@@ -174,6 +180,7 @@ blacklist ${HOME}/.kde/share/apps/khtml
174blacklist ${HOME}/.kde/share/apps/konqsidebartng 180blacklist ${HOME}/.kde/share/apps/konqsidebartng
175blacklist ${HOME}/.kde/share/apps/konqueror 181blacklist ${HOME}/.kde/share/apps/konqueror
176blacklist ${HOME}/.kde/share/apps/okular 182blacklist ${HOME}/.kde/share/apps/okular
183blacklist ${HOME}/.kde/share/config/baloofilerc
177blacklist ${HOME}/.kde/share/config/gwenviewrc 184blacklist ${HOME}/.kde/share/config/gwenviewrc
178blacklist ${HOME}/.kde/share/config/k3brc 185blacklist ${HOME}/.kde/share/config/k3brc
179blacklist ${HOME}/.kde/share/config/kcookiejarrc 186blacklist ${HOME}/.kde/share/config/kcookiejarrc
@@ -202,6 +209,7 @@ blacklist ${HOME}/.local/share/SuperHexagon
202blacklist ${HOME}/.local/share/Terraria 209blacklist ${HOME}/.local/share/Terraria
203blacklist ${HOME}/.local/share/TpLogger 210blacklist ${HOME}/.local/share/TpLogger
204blacklist ${HOME}/.local/share/aspyr-media 211blacklist ${HOME}/.local/share/aspyr-media
212blacklist ${HOME}/.local/share/baloo
205blacklist ${HOME}/.local/share/cdprojektred 213blacklist ${HOME}/.local/share/cdprojektred
206blacklist ${HOME}/.local/share/data/Mumble 214blacklist ${HOME}/.local/share/data/Mumble
207blacklist ${HOME}/.local/share/dolphin 215blacklist ${HOME}/.local/share/dolphin
@@ -220,6 +228,7 @@ blacklist ${HOME}/.local/share/multimc5
220blacklist ${HOME}/.local/share/mupen64plus 228blacklist ${HOME}/.local/share/mupen64plus
221blacklist ${HOME}/.local/share/nautilus 229blacklist ${HOME}/.local/share/nautilus
222blacklist ${HOME}/.local/share/nemo 230blacklist ${HOME}/.local/share/nemo
231blacklist ${HOME}/.local/share/okular
223blacklist ${HOME}/.local/share/org.kde.gwenview 232blacklist ${HOME}/.local/share/org.kde.gwenview
224blacklist ${HOME}/.local/share/pix 233blacklist ${HOME}/.local/share/pix
225blacklist ${HOME}/.local/share/psi+ 234blacklist ${HOME}/.local/share/psi+
diff --git a/etc/firefox.profile b/etc/firefox.profile
index bd9d37560..1bc3eb769 100644
--- a/etc/firefox.profile
+++ b/etc/firefox.profile
@@ -9,6 +9,7 @@ noblacklist ~/.config/qpdfview
9noblacklist ~/.local/share/qpdfview 9noblacklist ~/.local/share/qpdfview
10noblacklist ~/.kde4/share/apps/okular 10noblacklist ~/.kde4/share/apps/okular
11noblacklist ~/.kde/share/apps/okular 11noblacklist ~/.kde/share/apps/okular
12noblacklist ~/.local/share/okular
12noblacklist ~/.pki 13noblacklist ~/.pki
13include /etc/firejail/disable-common.inc 14include /etc/firejail/disable-common.inc
14include /etc/firejail/disable-programs.inc 15include /etc/firejail/disable-programs.inc
@@ -43,6 +44,7 @@ whitelist ~/.config/qpdfview
43whitelist ~/.local/share/qpdfview 44whitelist ~/.local/share/qpdfview
44whitelist ~/.kde4/share/apps/okular 45whitelist ~/.kde4/share/apps/okular
45whitelist ~/.kde/share/apps/okular 46whitelist ~/.kde/share/apps/okular
47whitelist ~/.local/share/okular
46 48
47# silverlight 49# silverlight
48whitelist ~/.wine-pipelight 50whitelist ~/.wine-pipelight
diff --git a/etc/gwenview.profile b/etc/gwenview.profile
index fb844a166..62a737aca 100644
--- a/etc/gwenview.profile
+++ b/etc/gwenview.profile
@@ -21,11 +21,11 @@ nonewprivs
21noroot 21noroot
22protocol unix 22protocol unix
23seccomp 23seccomp
24shell none
24tracelog 25tracelog
25 26
27private-bin gwenview,kbuildsycoca4,gimp,gimp-2.8
26private-dev 28private-dev
27 29
28# Experimental: 30# Experimental:
29#shell none
30#private-bin gwenview
31#private-etc X11 31#private-etc X11
diff --git a/etc/okular.profile b/etc/okular.profile
index b4ee3ad32..8b02e17e3 100644
--- a/etc/okular.profile
+++ b/etc/okular.profile
@@ -9,6 +9,9 @@ noblacklist ~/.kde4/share/config/okularpartrc
9noblacklist ~/.kde/share/apps/okular 9noblacklist ~/.kde/share/apps/okular
10noblacklist ~/.kde/share/config/okularrc 10noblacklist ~/.kde/share/config/okularrc
11noblacklist ~/.kde/share/config/okularpartrc 11noblacklist ~/.kde/share/config/okularpartrc
12noblacklist ~/.local/share/okular
13noblacklist ~/.config/okularrc
14noblacklist ~/.config/okularpartrc
12include /etc/firejail/disable-common.inc 15include /etc/firejail/disable-common.inc
13include /etc/firejail/disable-programs.inc 16include /etc/firejail/disable-programs.inc
14include /etc/firejail/disable-devel.inc 17include /etc/firejail/disable-devel.inc
@@ -25,7 +28,7 @@ seccomp
25shell none 28shell none
26tracelog 29tracelog
27 30
28# private-bin okular,kbuildsycoca4,kbuildsycoca5 31# private-bin okular,kbuildsycoca4,lpr
29# private-etc fonts,X11 32# private-etc fonts,X11
30private-dev 33private-dev
31private-tmp 34private-tmp
diff --git a/etc/scribus.profile b/etc/scribus.profile
index d3a0dbf48..a8ecbcc20 100644
--- a/etc/scribus.profile
+++ b/etc/scribus.profile
@@ -16,6 +16,9 @@ noblacklist ~/.kde4/share/config/okularpartrc
16noblacklist ~/.kde/share/apps/okular 16noblacklist ~/.kde/share/apps/okular
17noblacklist ~/.kde/share/config/okularrc 17noblacklist ~/.kde/share/config/okularrc
18noblacklist ~/.kde/share/config/okularpartrc 18noblacklist ~/.kde/share/config/okularpartrc
19noblacklist ~/.local/share/okular
20noblacklist ~/.config/okularrc
21noblacklist ~/.config/okularpartrc
19 22
20include /etc/firejail/disable-common.inc 23include /etc/firejail/disable-common.inc
21include /etc/firejail/disable-programs.inc 24include /etc/firejail/disable-programs.inc
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 20:21:49 +0000