aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
authorLibravatar rusty-snake <41237666+rusty-snake@users.noreply.github.com>2020-06-25 15:06:02 +0200
committerLibravatar rusty-snake <41237666+rusty-snake@users.noreply.github.com>2020-06-25 15:06:02 +0200
commit37e4d74dff29c56ec5e9b078ea027b0d8352492b (patch)
treebff5dabc43c04c19ee5bf3bda437b32d800e5db7 /etc
parentfix apostrophe (diff)
downloadfirejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.tar.gz
firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.tar.zst
firejail-37e4d74dff29c56ec5e9b078ea027b0d8352492b.zip
new profiles
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/disable-programs.inc6
-rw-r--r--etc/profile-a-l/bijiben.profile58
-rw-r--r--etc/profile-a-l/gnote.profile59
-rw-r--r--etc/profile-a-l/gnubik.profile50
-rw-r--r--etc/profile-a-l/hitori.profile14
-rw-r--r--etc/profile-m-z/ZeGrapher.profile48
6 files changed, 234 insertions, 1 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 43c8292e0..1916b5f4f 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -129,6 +129,7 @@ blacklist ${HOME}/.config/Unknown Organization
129blacklist ${HOME}/.config/VirtualBox 129blacklist ${HOME}/.config/VirtualBox
130blacklist ${HOME}/.config/Wire 130blacklist ${HOME}/.config/Wire
131blacklist ${HOME}/.config/Zeal 131blacklist ${HOME}/.config/Zeal
132blacklist ${HOME}/.config/ZeGrapher Project
132blacklist ${HOME}/.config/abiword 133blacklist ${HOME}/.config/abiword
133blacklist ${HOME}/.config/agenda 134blacklist ${HOME}/.config/agenda
134blacklist ${HOME}/.config/akonadi* 135blacklist ${HOME}/.config/akonadi*
@@ -223,6 +224,7 @@ blacklist ${HOME}/.config/gnome-mplayer
223blacklist ${HOME}/.config/gnome-mpv 224blacklist ${HOME}/.config/gnome-mpv
224blacklist ${HOME}/.config/gnome-pie 225blacklist ${HOME}/.config/gnome-pie
225blacklist ${HOME}/.config/gnome-session 226blacklist ${HOME}/.config/gnome-session
227blacklist ${HOME}/.config/gnote
226blacklist ${HOME}/.config/godot 228blacklist ${HOME}/.config/godot
227blacklist ${HOME}/.config/google-chrome 229blacklist ${HOME}/.config/google-chrome
228blacklist ${HOME}/.config/google-chrome-beta 230blacklist ${HOME}/.config/google-chrome-beta
@@ -345,6 +347,7 @@ blacklist ${HOME}/.config/strawberry
345blacklist ${HOME}/.config/supertuxkart 347blacklist ${HOME}/.config/supertuxkart
346blacklist ${HOME}/.config/synfig 348blacklist ${HOME}/.config/synfig
347blacklist ${HOME}/.config/teams 349blacklist ${HOME}/.config/teams
350blacklist ${HOME}/.config/teams-for-linux
348blacklist ${HOME}/.config/telepathy-account-widgets 351blacklist ${HOME}/.config/telepathy-account-widgets
349blacklist ${HOME}/.config/torbrowser 352blacklist ${HOME}/.config/torbrowser
350blacklist ${HOME}/.config/totem 353blacklist ${HOME}/.config/totem
@@ -544,6 +547,7 @@ blacklist ${HOME}/.local/share/backintime
544blacklist ${HOME}/.local/share/baloo 547blacklist ${HOME}/.local/share/baloo
545blacklist ${HOME}/.local/share/barrier 548blacklist ${HOME}/.local/share/barrier
546blacklist ${HOME}/.local/share/bibletime 549blacklist ${HOME}/.local/share/bibletime
550blacklist ${HOME}/.local/share/bijiben
547blacklist ${HOME}/.local/share/caja-python 551blacklist ${HOME}/.local/share/caja-python
548blacklist ${HOME}/.local/share/cantata 552blacklist ${HOME}/.local/share/cantata
549blacklist ${HOME}/.local/share/cdprojektred 553blacklist ${HOME}/.local/share/cdprojektred
@@ -586,6 +590,7 @@ blacklist ${HOME}/.local/share/gnome-recipes
586blacklist ${HOME}/.local/share/gnome-ring 590blacklist ${HOME}/.local/share/gnome-ring
587blacklist ${HOME}/.local/share/gnome-sudoku 591blacklist ${HOME}/.local/share/gnome-sudoku
588blacklist ${HOME}/.local/share/gnome-twitch 592blacklist ${HOME}/.local/share/gnome-twitch
593blacklist ${HOME}/.local/share/gnote
589blacklist ${HOME}/.local/share/godot 594blacklist ${HOME}/.local/share/godot
590blacklist ${HOME}/.local/share/gradio 595blacklist ${HOME}/.local/share/gradio
591blacklist ${HOME}/.local/share/gwenview 596blacklist ${HOME}/.local/share/gwenview
@@ -734,7 +739,6 @@ blacklist ${HOME}/.swb.ini
734blacklist ${HOME}/.sword 739blacklist ${HOME}/.sword
735blacklist ${HOME}/.sylpheed-2.0 740blacklist ${HOME}/.sylpheed-2.0
736blacklist ${HOME}/.synfig 741blacklist ${HOME}/.synfig
737blacklist ${HOME}/.config/teams-for-linux
738blacklist ${HOME}/.tb 742blacklist ${HOME}/.tb
739blacklist ${HOME}/.tconn 743blacklist ${HOME}/.tconn
740blacklist ${HOME}/.teeworlds 744blacklist ${HOME}/.teeworlds
diff --git a/etc/profile-a-l/bijiben.profile b/etc/profile-a-l/bijiben.profile
new file mode 100644
index 000000000..c1c338536
--- /dev/null
+++ b/etc/profile-a-l/bijiben.profile
@@ -0,0 +1,58 @@
1# Firejail profile for bijiben
2# Description: Simple Note Viewer
3# This file is overwritten after every install/update
4# Persistent local customizations
5include bijiben.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.local/share/bijiben
10
11include disable-common.inc
12include disable-devel.inc
13include disable-exec.inc
14include disable-interpreters.inc
15include disable-passwdmgr.inc
16include disable-programs.inc
17include disable-shell.inc
18include disable-xdg.inc
19
20mkdir ${HOME}/.local/share/bijiben
21whitelist ${HOME}/.local/share/bijiben
22whitelist ${HOME}/.cache/tracker
23whitelist /usr/share/bijiben
24whitelist /usr/share/tracker
25include whitelist-common.inc
26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc
28include whitelist-var-common.inc
29
30apparmor
31caps.drop all
32machine-id
33net none
34nodvd
35nogroups
36nonewprivs
37noroot
38nosound
39notv
40nou2f
41novideo
42protocol unix
43seccomp
44shell none
45tracelog
46
47disable-mnt
48private-bin bijiben
49# private-cache -- access to .cache/tracker is required
50private-dev
51private-etc dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload
52private-tmp
53
54dbus-user filter
55dbus-user.own org.gnome.Notes
56dbus-user.talk ca.desrt.dconf
57dbus-user.talk org.freedesktop.Tracker1
58dbus-system none
diff --git a/etc/profile-a-l/gnote.profile b/etc/profile-a-l/gnote.profile
new file mode 100644
index 000000000..1b5129fc5
--- /dev/null
+++ b/etc/profile-a-l/gnote.profile
@@ -0,0 +1,59 @@
1# Firejail profile for gnote
2# Description: A simple note-taking application for Gnome
3# This file is overwritten after every install/update
4# Persistent local customizations
5include gnote.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/gnote
10noblacklist ${HOME}/.local/share/gnote
11
12include disable-common.inc
13include disable-devel.inc
14include disable-exec.inc
15include disable-interpreters.inc
16include disable-passwdmgr.inc
17include disable-programs.inc
18include disable-shell.inc
19include disable-xdg.inc
20
21mkdir ${HOME}/.config/gnote
22mkdir ${HOME}/.local/share/gnote
23whitelist ${HOME}/.config/gnote
24whitelist ${HOME}/.local/share/gnote
25whitelist /usr/share/gnote
26include whitelist-common.inc
27include whitelist-runuser-common.inc
28include whitelist-usr-share-common.inc
29include whitelist-var-common.inc
30
31apparmor
32caps.drop all
33machine-id
34net none
35no3d
36nodvd
37nogroups
38nonewprivs
39noroot
40nosound
41notv
42nou2f
43novideo
44protocol unix
45seccomp
46shell none
47tracelog
48
49disable-mnt
50private-bin gnote
51private-cache
52private-dev
53private-etc dconf,fonts,gtk-3.0,pango,X11
54private-tmp
55
56dbus-user filter
57dbus-user.own org.gnome.Gnote
58dbus-user.talk ca.desrt.dconf
59dbus-system none
diff --git a/etc/profile-a-l/gnubik.profile b/etc/profile-a-l/gnubik.profile
new file mode 100644
index 000000000..8eaba161c
--- /dev/null
+++ b/etc/profile-a-l/gnubik.profile
@@ -0,0 +1,50 @@
1# Firejail profile for gnubik
2# Description: DESCRIPTION
3# This file is overwritten after every install/update
4# Persistent local customizations
5include gnubik.local
6# Persistent global definitions
7include globals.local
8
9include disable-common.inc
10include disable-devel.inc
11include disable-exec.inc
12include disable-interpreters.inc
13include disable-passwdmgr.inc
14include disable-programs.inc
15include disable-shell.inc
16include disable-xdg.inc
17
18whitelist /usr/share/gnubik
19include whitelist-common.inc
20include whitelist-runuser-common.inc
21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc
23
24apparmor
25caps.drop all
26machine-id
27net none
28nodvd
29nogroups
30nonewprivs
31noroot
32nosound
33notv
34nou2f
35novideo
36protocol unix
37seccomp
38shell none
39tracelog
40
41disable-mnt
42private
43private-bin gnubik
44private-cache
45private-dev
46private-etc drirc,fonts,gtk-2.0
47private-tmp
48
49dbus-user none
50dbus-system none
diff --git a/etc/profile-a-l/hitori.profile b/etc/profile-a-l/hitori.profile
new file mode 100644
index 000000000..6d67f4587
--- /dev/null
+++ b/etc/profile-a-l/hitori.profile
@@ -0,0 +1,14 @@
1# Firejail profile for hitori
2# Description: Play the Hitori puzzle game
3# This file is overwritten after every install/update
4# Persistent local customizations
5include hitori.local
6# Persistent global definitions
7include globals.local
8
9private-bin hitori
10
11dbus-user.own org.gnome.Hitori
12
13# Redirect
14include gnome_games-common.profile
diff --git a/etc/profile-m-z/ZeGrapher.profile b/etc/profile-m-z/ZeGrapher.profile
new file mode 100644
index 000000000..02c5a043d
--- /dev/null
+++ b/etc/profile-m-z/ZeGrapher.profile
@@ -0,0 +1,48 @@
1# Firejail profile for ZeGrapher
2# Description: Free and opensource math graphing software
3# This file is overwritten after every install/update
4# Persistent local customizations
5include ZeGrapher.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.config/ZeGrapher Project
10
11include disable-common.inc
12include disable-devel.inc
13include disable-exec.inc
14include disable-interpreters.inc
15include disable-passwdmgr.inc
16include disable-programs.inc
17include disable-shell.inc
18
19whitelist /usr/share/ZeGrapher
20include whitelist-runuser-common.inc
21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc
23
24apparmor
25caps.drop all
26machine-id
27net none
28nodvd
29nogroups
30nonewprivs
31noroot
32nosound
33notv
34nou2f
35novideo
36protocol unix,netlink
37seccomp
38shell none
39tracelog
40
41disable-mnt
42private-bin ZeGrapher
43private-cache
44private-dev
45private-tmp
46
47dbus-user none
48dbus-system none
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-03 21:19:29 +0000