diff options
author | netblue30 <netblue30@yahoo.com> | 2017-03-21 12:57:38 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-03-21 12:57:38 -0400 |
commit | e372c8ab0849b9d2ea4d6a3fa6027403a8acad98 (patch) | |
tree | 7938359f84e9b776589f938f496c30b4d06be335 /etc | |
parent | compile cleanup (diff) | |
download | firejail-e372c8ab0849b9d2ea4d6a3fa6027403a8acad98.tar.gz firejail-e372c8ab0849b9d2ea4d6a3fa6027403a8acad98.tar.zst firejail-e372c8ab0849b9d2ea4d6a3fa6027403a8acad98.zip |
Removed all .cache directory references from profile files. The directory is disabled by default - a tmpfs is mounted on top of it.
Diffstat (limited to 'etc')
45 files changed, 0 insertions, 154 deletions
diff --git a/etc/0ad.profile b/etc/0ad.profile index 84addc229..d4f06f732 100644 --- a/etc/0ad.profile +++ b/etc/0ad.profile | |||
@@ -3,7 +3,6 @@ | |||
3 | include /etc/firejail/0ad.local | 3 | include /etc/firejail/0ad.local |
4 | 4 | ||
5 | # Firejail profile for 0ad. | 5 | # Firejail profile for 0ad. |
6 | noblacklist ~/.cache/0ad | ||
7 | noblacklist ~/.config/0ad | 6 | noblacklist ~/.config/0ad |
8 | noblacklist ~/.local/share/0ad | 7 | noblacklist ~/.local/share/0ad |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
@@ -12,9 +11,6 @@ include /etc/firejail/disable-passwdmgr.inc | |||
12 | include /etc/firejail/disable-programs.inc | 11 | include /etc/firejail/disable-programs.inc |
13 | 12 | ||
14 | # Whitelists | 13 | # Whitelists |
15 | mkdir ~/.cache/0ad | ||
16 | whitelist ~/.cache/0ad | ||
17 | |||
18 | mkdir ~/.config/0ad | 14 | mkdir ~/.config/0ad |
19 | whitelist ~/.config/0ad | 15 | whitelist ~/.config/0ad |
20 | 16 | ||
diff --git a/etc/abrowser.profile b/etc/abrowser.profile index b9a30d6bf..3b60750d5 100644 --- a/etc/abrowser.profile +++ b/etc/abrowser.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/abrowser.local | |||
4 | 4 | ||
5 | # Firejail profile for Abrowser | 5 | # Firejail profile for Abrowser |
6 | noblacklist ~/.mozilla | 6 | noblacklist ~/.mozilla |
7 | noblacklist ~/.cache/mozilla | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | noblacklist ~/.lastpass | 8 | noblacklist ~/.lastpass |
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -22,8 +21,6 @@ tracelog | |||
22 | whitelist ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
23 | mkdir ~/.mozilla | 22 | mkdir ~/.mozilla |
24 | whitelist ~/.mozilla | 23 | whitelist ~/.mozilla |
25 | mkdir ~/.cache/mozilla/abrowser | ||
26 | whitelist ~/.cache/mozilla/abrowser | ||
27 | whitelist ~/dwhelper | 24 | whitelist ~/dwhelper |
28 | whitelist ~/.zotero | 25 | whitelist ~/.zotero |
29 | whitelist ~/.vimperatorrc | 26 | whitelist ~/.vimperatorrc |
@@ -32,7 +29,6 @@ whitelist ~/.pentadactylrc | |||
32 | whitelist ~/.pentadactyl | 29 | whitelist ~/.pentadactyl |
33 | whitelist ~/.keysnail.js | 30 | whitelist ~/.keysnail.js |
34 | whitelist ~/.config/gnome-mplayer | 31 | whitelist ~/.config/gnome-mplayer |
35 | whitelist ~/.cache/gnome-mplayer/plugin | ||
36 | whitelist ~/.pki | 32 | whitelist ~/.pki |
37 | whitelist ~/.lastpass | 33 | whitelist ~/.lastpass |
38 | 34 | ||
diff --git a/etc/chromium.profile b/etc/chromium.profile index 995c0001b..ce823e0db 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/chromium.local | |||
4 | 4 | ||
5 | # Chromium browser profile | 5 | # Chromium browser profile |
6 | noblacklist ~/.config/chromium | 6 | noblacklist ~/.config/chromium |
7 | noblacklist ~/.cache/chromium | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -18,8 +17,6 @@ netfilter | |||
18 | whitelist ${DOWNLOADS} | 17 | whitelist ${DOWNLOADS} |
19 | mkdir ~/.config/chromium | 18 | mkdir ~/.config/chromium |
20 | whitelist ~/.config/chromium | 19 | whitelist ~/.config/chromium |
21 | mkdir ~/.cache/chromium | ||
22 | whitelist ~/.cache/chromium | ||
23 | mkdir ~/.pki | 20 | mkdir ~/.pki |
24 | whitelist ~/.pki | 21 | whitelist ~/.pki |
25 | 22 | ||
diff --git a/etc/cyberfox.profile b/etc/cyberfox.profile index a79303f77..d9896e4a7 100644 --- a/etc/cyberfox.profile +++ b/etc/cyberfox.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/cyberfox.local | |||
4 | 4 | ||
5 | # Firejail profile for Cyberfox (based on Mozilla Firefox) | 5 | # Firejail profile for Cyberfox (based on Mozilla Firefox) |
6 | noblacklist ~/.8pecxstudios | 6 | noblacklist ~/.8pecxstudios |
7 | noblacklist ~/.cache/8pecxstudios | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | noblacklist ~/.lastpass | 8 | noblacklist ~/.lastpass |
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -22,8 +21,6 @@ tracelog | |||
22 | whitelist ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
23 | mkdir ~/.8pecxstudios | 22 | mkdir ~/.8pecxstudios |
24 | whitelist ~/.8pecxstudios | 23 | whitelist ~/.8pecxstudios |
25 | mkdir ~/.cache/8pecxstudios | ||
26 | whitelist ~/.cache/8pecxstudios | ||
27 | whitelist ~/dwhelper | 24 | whitelist ~/dwhelper |
28 | whitelist ~/.zotero | 25 | whitelist ~/.zotero |
29 | whitelist ~/.vimperatorrc | 26 | whitelist ~/.vimperatorrc |
@@ -32,7 +29,6 @@ whitelist ~/.pentadactylrc | |||
32 | whitelist ~/.pentadactyl | 29 | whitelist ~/.pentadactyl |
33 | whitelist ~/.keysnail.js | 30 | whitelist ~/.keysnail.js |
34 | whitelist ~/.config/gnome-mplayer | 31 | whitelist ~/.config/gnome-mplayer |
35 | whitelist ~/.cache/gnome-mplayer/plugin | ||
36 | whitelist ~/.pki | 32 | whitelist ~/.pki |
37 | whitelist ~/.lastpass | 33 | whitelist ~/.lastpass |
38 | 34 | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 06a519e9a..12f8a1755 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -17,44 +17,6 @@ blacklist ${HOME}/.arduino15 | |||
17 | blacklist ${HOME}/.atom | 17 | blacklist ${HOME}/.atom |
18 | blacklist ${HOME}/.audacity-data | 18 | blacklist ${HOME}/.audacity-data |
19 | blacklist ${HOME}/.bcast5 | 19 | blacklist ${HOME}/.bcast5 |
20 | blacklist ${HOME}/.cache/0ad | ||
21 | blacklist ${HOME}/.cache/8pecxstudios | ||
22 | blacklist ${HOME}/.cache/Franz | ||
23 | blacklist ${HOME}/.cache/INRIA | ||
24 | blacklist ${HOME}/.cache/QuiteRss | ||
25 | blacklist ${HOME}/.cache/champlain | ||
26 | blacklist ${HOME}/.cache/chromium | ||
27 | blacklist ${HOME}/.cache/qupzilla | ||
28 | blacklist ${HOME}/.cache/chromium-dev | ||
29 | blacklist ${HOME}/.cache/darktable | ||
30 | blacklist ${HOME}/.cache/epiphany | ||
31 | blacklist ${HOME}/.cache/evolution | ||
32 | blacklist ${HOME}/.cache/gajim | ||
33 | blacklist ${HOME}/.cache/geeqie | ||
34 | blacklist ${HOME}/.cache/google-chrome | ||
35 | blacklist ${HOME}/.cache/google-chrome-beta | ||
36 | blacklist ${HOME}/.cache/google-chrome-unstable | ||
37 | blacklist ${HOME}/.cache/icedove | ||
38 | blacklist ${HOME}/.cache/inox | ||
39 | blacklist ${HOME}/.cache/libgweather | ||
40 | blacklist ${HOME}/.cache/midori | ||
41 | blacklist ${HOME}/.cache/mozilla | ||
42 | blacklist ${HOME}/.cache/mutt | ||
43 | blacklist ${HOME}/.cache/netsurf | ||
44 | blacklist ${HOME}/.cache/opera | ||
45 | blacklist ${HOME}/.cache/opera-beta | ||
46 | blacklist ${HOME}/.cache/org.gnome.Books | ||
47 | blacklist ${HOME}/.cache/qutebrowser | ||
48 | blacklist ${HOME}/.cache/simple-scan | ||
49 | blacklist ${HOME}/.cache/slimjet | ||
50 | blacklist ${HOME}/.cache/spotify | ||
51 | blacklist ${HOME}/.cache/telepathy | ||
52 | blacklist ${HOME}/.cache/thunderbird | ||
53 | blacklist ${HOME}/.cache/torbrowser | ||
54 | blacklist ${HOME}/.cache/transmission | ||
55 | blacklist ${HOME}/.cache/vivaldi | ||
56 | blacklist ${HOME}/.cache/wesnoth | ||
57 | blacklist ${HOME}/.cache/xreader | ||
58 | blacklist ${HOME}/.claws-mail | 20 | blacklist ${HOME}/.claws-mail |
59 | blacklist ${HOME}/.config/0ad | 21 | blacklist ${HOME}/.config/0ad |
60 | blacklist ${HOME}/.config/Atom | 22 | blacklist ${HOME}/.config/Atom |
diff --git a/etc/epiphany.profile b/etc/epiphany.profile index 1bf259440..0b281c448 100644 --- a/etc/epiphany.profile +++ b/etc/epiphany.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/epiphany.local | |||
4 | 4 | ||
5 | # Epiphany browser profile | 5 | # Epiphany browser profile |
6 | noblacklist ${HOME}/.config/epiphany | 6 | noblacklist ${HOME}/.config/epiphany |
7 | noblacklist ${HOME}/.cache/epiphany | ||
8 | noblacklist ${HOME}/.local/share/epiphany | 7 | noblacklist ${HOME}/.local/share/epiphany |
9 | 8 | ||
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -16,8 +15,6 @@ mkdir ${HOME}/.local/share/epiphany | |||
16 | whitelist ${HOME}/.local/share/epiphany | 15 | whitelist ${HOME}/.local/share/epiphany |
17 | mkdir ${HOME}/.config/epiphany | 16 | mkdir ${HOME}/.config/epiphany |
18 | whitelist ${HOME}/.config/epiphany | 17 | whitelist ${HOME}/.config/epiphany |
19 | mkdir ${HOME}/.cache/epiphany | ||
20 | whitelist ${HOME}/.cache/epiphany | ||
21 | include /etc/firejail/whitelist-common.inc | 18 | include /etc/firejail/whitelist-common.inc |
22 | 19 | ||
23 | caps.drop all | 20 | caps.drop all |
diff --git a/etc/evolution.profile b/etc/evolution.profile index cb6615716..637ac334a 100644 --- a/etc/evolution.profile +++ b/etc/evolution.profile | |||
@@ -5,7 +5,6 @@ include /etc/firejail/evolution.local | |||
5 | # evolution profile | 5 | # evolution profile |
6 | noblacklist ~/.config/evolution | 6 | noblacklist ~/.config/evolution |
7 | noblacklist ~/.local/share/evolution | 7 | noblacklist ~/.local/share/evolution |
8 | noblacklist ~/.cache/evolution | ||
9 | noblacklist ~/.pki | 8 | noblacklist ~/.pki |
10 | noblacklist ~/.pki/nssdb | 9 | noblacklist ~/.pki/nssdb |
11 | noblacklist ~/.gnupg | 10 | noblacklist ~/.gnupg |
diff --git a/etc/firefox.profile b/etc/firefox.profile index e2cfb9138..dec44ca67 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/firefox.local | |||
4 | 4 | ||
5 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) | 5 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) |
6 | noblacklist ~/.mozilla | 6 | noblacklist ~/.mozilla |
7 | noblacklist ~/.cache/mozilla | ||
8 | noblacklist ~/.config/qpdfview | 7 | noblacklist ~/.config/qpdfview |
9 | noblacklist ~/.local/share/qpdfview | 8 | noblacklist ~/.local/share/qpdfview |
10 | noblacklist ~/.kde/share/apps/okular | 9 | noblacklist ~/.kde/share/apps/okular |
@@ -25,8 +24,6 @@ tracelog | |||
25 | whitelist ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
26 | mkdir ~/.mozilla | 25 | mkdir ~/.mozilla |
27 | whitelist ~/.mozilla | 26 | whitelist ~/.mozilla |
28 | mkdir ~/.cache/mozilla/firefox | ||
29 | whitelist ~/.cache/mozilla/firefox | ||
30 | whitelist ~/dwhelper | 27 | whitelist ~/dwhelper |
31 | whitelist ~/.zotero | 28 | whitelist ~/.zotero |
32 | whitelist ~/.vimperatorrc | 29 | whitelist ~/.vimperatorrc |
@@ -35,7 +32,6 @@ whitelist ~/.pentadactylrc | |||
35 | whitelist ~/.pentadactyl | 32 | whitelist ~/.pentadactyl |
36 | whitelist ~/.keysnail.js | 33 | whitelist ~/.keysnail.js |
37 | whitelist ~/.config/gnome-mplayer | 34 | whitelist ~/.config/gnome-mplayer |
38 | whitelist ~/.cache/gnome-mplayer/plugin | ||
39 | mkdir ~/.pki | 35 | mkdir ~/.pki |
40 | whitelist ~/.pki | 36 | whitelist ~/.pki |
41 | whitelist ~/.lastpass | 37 | whitelist ~/.lastpass |
diff --git a/etc/flashpeak-slimjet.profile b/etc/flashpeak-slimjet.profile index 4dc5b5cfc..a35aa7a33 100644 --- a/etc/flashpeak-slimjet.profile +++ b/etc/flashpeak-slimjet.profile | |||
@@ -10,7 +10,6 @@ include /etc/firejail/flashpeak-slimjet.local | |||
10 | # firejail flashpeak-slimjet --no-sandbox | 10 | # firejail flashpeak-slimjet --no-sandbox |
11 | # | 11 | # |
12 | noblacklist ~/.config/slimjet | 12 | noblacklist ~/.config/slimjet |
13 | noblacklist ~/.cache/slimjet | ||
14 | noblacklist ~/.pki | 13 | noblacklist ~/.pki |
15 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
16 | include /etc/firejail/disable-programs.inc | 15 | include /etc/firejail/disable-programs.inc |
@@ -29,8 +28,6 @@ seccomp | |||
29 | whitelist ${DOWNLOADS} | 28 | whitelist ${DOWNLOADS} |
30 | mkdir ~/.config/slimjet | 29 | mkdir ~/.config/slimjet |
31 | whitelist ~/.config/slimjet | 30 | whitelist ~/.config/slimjet |
32 | mkdir ~/.cache/slimjet | ||
33 | whitelist ~/.cache/slimjet | ||
34 | mkdir ~/.pki | 31 | mkdir ~/.pki |
35 | whitelist ~/.pki | 32 | whitelist ~/.pki |
36 | 33 | ||
diff --git a/etc/fossamail.profile b/etc/fossamail.profile index 3caaad71c..a33514c88 100644 --- a/etc/fossamail.profile +++ b/etc/fossamail.profile | |||
@@ -12,8 +12,5 @@ noblacklist ~/.fossamail | |||
12 | mkdir ~/.fossamail | 12 | mkdir ~/.fossamail |
13 | whitelist ~/.fossamail | 13 | whitelist ~/.fossamail |
14 | 14 | ||
15 | noblacklist ~/.cache/fossamail | ||
16 | mkdir ~/.cache/fossamail | ||
17 | whitelist ~/.cache/fossamail | ||
18 | 15 | ||
19 | include /etc/firejail/firefox.profile | 16 | include /etc/firejail/firefox.profile |
diff --git a/etc/franz.profile b/etc/franz.profile index 05ff72a47..1692f4516 100644 --- a/etc/franz.profile +++ b/etc/franz.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/franz.local | |||
4 | 4 | ||
5 | # Franz profile | 5 | # Franz profile |
6 | noblacklist ~/.config/Franz | 6 | noblacklist ~/.config/Franz |
7 | noblacklist ~/.cache/Franz | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -21,8 +20,6 @@ seccomp | |||
21 | whitelist ${DOWNLOADS} | 20 | whitelist ${DOWNLOADS} |
22 | mkdir ~/.config/Franz | 21 | mkdir ~/.config/Franz |
23 | whitelist ~/.config/Franz | 22 | whitelist ~/.config/Franz |
24 | mkdir ~/.cache/Franz | ||
25 | whitelist ~/.cache/Franz | ||
26 | mkdir ~/.pki | 23 | mkdir ~/.pki |
27 | whitelist ~/.pki | 24 | whitelist ~/.pki |
28 | 25 | ||
diff --git a/etc/gajim.profile b/etc/gajim.profile index bac6cc466..f64d9241a 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile | |||
@@ -3,11 +3,9 @@ | |||
3 | include /etc/firejail/gajim.local | 3 | include /etc/firejail/gajim.local |
4 | 4 | ||
5 | # Firejail profile for Gajim | 5 | # Firejail profile for Gajim |
6 | noblacklist ${HOME}/.cache/gajim | ||
7 | noblacklist ${HOME}/.local/share/gajim | 6 | noblacklist ${HOME}/.local/share/gajim |
8 | noblacklist ${HOME}/.config/gajim | 7 | noblacklist ${HOME}/.config/gajim |
9 | 8 | ||
10 | mkdir ${HOME}/.cache/gajim | ||
11 | mkdir ${HOME}/.local/share/gajim | 9 | mkdir ${HOME}/.local/share/gajim |
12 | mkdir ${HOME}/.config/gajim | 10 | mkdir ${HOME}/.config/gajim |
13 | mkdir ${HOME}/Downloads | 11 | mkdir ${HOME}/Downloads |
@@ -17,7 +15,6 @@ mkdir ${HOME}/.local/lib/python2.7/site-packages/ | |||
17 | whitelist ${HOME}/.local/lib/python2.7/site-packages/ | 15 | whitelist ${HOME}/.local/lib/python2.7/site-packages/ |
18 | read-only ${HOME}/.local/lib/python2.7/site-packages/ | 16 | read-only ${HOME}/.local/lib/python2.7/site-packages/ |
19 | 17 | ||
20 | whitelist ${HOME}/.cache/gajim | ||
21 | whitelist ${HOME}/.local/share/gajim | 18 | whitelist ${HOME}/.local/share/gajim |
22 | whitelist ${HOME}/.config/gajim | 19 | whitelist ${HOME}/.config/gajim |
23 | whitelist ${HOME}/Downloads | 20 | whitelist ${HOME}/Downloads |
diff --git a/etc/geeqie.profile b/etc/geeqie.profile index 57f942a50..9f79e15b8 100644 --- a/etc/geeqie.profile +++ b/etc/geeqie.profile | |||
@@ -3,7 +3,6 @@ | |||
3 | include /etc/firejail/geeqie.local | 3 | include /etc/firejail/geeqie.local |
4 | 4 | ||
5 | # Firejail profile for Geeqie | 5 | # Firejail profile for Geeqie |
6 | noblacklist ~/.cache/geeqie | ||
7 | noblacklist ~/.config/geeqie | 6 | noblacklist ~/.config/geeqie |
8 | noblacklist ~/.local/share/geeqie | 7 | noblacklist ~/.local/share/geeqie |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
diff --git a/etc/gjs.profile b/etc/gjs.profile index 24ec70e86..03dd7893c 100644 --- a/etc/gjs.profile +++ b/etc/gjs.profile | |||
@@ -6,10 +6,8 @@ include /etc/firejail/gjs.local | |||
6 | 6 | ||
7 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 7 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
8 | 8 | ||
9 | noblacklist ~/.cache/org.gnome.Books | ||
10 | noblacklist ~/.config/libreoffice | 9 | noblacklist ~/.config/libreoffice |
11 | noblacklist ~/.local/share/gnome-photos | 10 | noblacklist ~/.local/share/gnome-photos |
12 | noblacklist ~/.cache/libgweather | ||
13 | 11 | ||
14 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
15 | include /etc/firejail/disable-programs.inc | 13 | include /etc/firejail/disable-programs.inc |
diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile index 692e32896..bf2a9f36f 100644 --- a/etc/gnome-books.profile +++ b/etc/gnome-books.profile | |||
@@ -6,8 +6,6 @@ include /etc/firejail/gnome-books.local | |||
6 | 6 | ||
7 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 7 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
8 | 8 | ||
9 | noblacklist ~/.cache/org.gnome.Books | ||
10 | |||
11 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
12 | include /etc/firejail/disable-programs.inc | 10 | include /etc/firejail/disable-programs.inc |
13 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index 925420a5a..3b6bdd130 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile | |||
@@ -6,8 +6,6 @@ include /etc/firejail/gnome-weather.local | |||
6 | 6 | ||
7 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 7 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
8 | 8 | ||
9 | noblacklist ~/.cache/libgweather | ||
10 | |||
11 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
12 | include /etc/firejail/disable-programs.inc | 10 | include /etc/firejail/disable-programs.inc |
13 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/google-chrome-beta.profile b/etc/google-chrome-beta.profile index 3bd16de4a..65bc42648 100644 --- a/etc/google-chrome-beta.profile +++ b/etc/google-chrome-beta.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/google-chrome-beta.local | |||
4 | 4 | ||
5 | # Google Chrome beta browser profile | 5 | # Google Chrome beta browser profile |
6 | noblacklist ~/.config/google-chrome-beta | 6 | noblacklist ~/.config/google-chrome-beta |
7 | noblacklist ~/.cache/google-chrome-beta | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -18,8 +17,6 @@ netfilter | |||
18 | whitelist ${DOWNLOADS} | 17 | whitelist ${DOWNLOADS} |
19 | mkdir ~/.config/google-chrome-beta | 18 | mkdir ~/.config/google-chrome-beta |
20 | whitelist ~/.config/google-chrome-beta | 19 | whitelist ~/.config/google-chrome-beta |
21 | mkdir ~/.cache/google-chrome-beta | ||
22 | whitelist ~/.cache/google-chrome-beta | ||
23 | mkdir ~/.pki | 20 | mkdir ~/.pki |
24 | whitelist ~/.pki | 21 | whitelist ~/.pki |
25 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/google-chrome-unstable.profile b/etc/google-chrome-unstable.profile index d2def4f96..6f6fa1bf2 100644 --- a/etc/google-chrome-unstable.profile +++ b/etc/google-chrome-unstable.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/google-chrome-unstable.local | |||
4 | 4 | ||
5 | # Google Chrome unstable browser profile | 5 | # Google Chrome unstable browser profile |
6 | noblacklist ~/.config/google-chrome-unstable | 6 | noblacklist ~/.config/google-chrome-unstable |
7 | noblacklist ~/.cache/google-chrome-unstable | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -18,8 +17,6 @@ netfilter | |||
18 | whitelist ${DOWNLOADS} | 17 | whitelist ${DOWNLOADS} |
19 | mkdir ~/.config/google-chrome-unstable | 18 | mkdir ~/.config/google-chrome-unstable |
20 | whitelist ~/.config/google-chrome-unstable | 19 | whitelist ~/.config/google-chrome-unstable |
21 | mkdir ~/.cache/google-chrome-unstable | ||
22 | whitelist ~/.cache/google-chrome-unstable | ||
23 | mkdir ~/.pki | 20 | mkdir ~/.pki |
24 | whitelist ~/.pki | 21 | whitelist ~/.pki |
25 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile index 38feb12a5..131538dd9 100644 --- a/etc/google-chrome.profile +++ b/etc/google-chrome.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/google-chrome.local | |||
4 | 4 | ||
5 | # Google Chrome browser profile | 5 | # Google Chrome browser profile |
6 | noblacklist ~/.config/google-chrome | 6 | noblacklist ~/.config/google-chrome |
7 | noblacklist ~/.cache/google-chrome | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -18,8 +17,6 @@ netfilter | |||
18 | whitelist ${DOWNLOADS} | 17 | whitelist ${DOWNLOADS} |
19 | mkdir ~/.config/google-chrome | 18 | mkdir ~/.config/google-chrome |
20 | whitelist ~/.config/google-chrome | 19 | whitelist ~/.config/google-chrome |
21 | mkdir ~/.cache/google-chrome | ||
22 | whitelist ~/.cache/google-chrome | ||
23 | mkdir ~/.pki | 20 | mkdir ~/.pki |
24 | whitelist ~/.pki | 21 | whitelist ~/.pki |
25 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/icecat.profile b/etc/icecat.profile index 64401efe8..4bd3f3047 100644 --- a/etc/icecat.profile +++ b/etc/icecat.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/icecat.local | |||
4 | 4 | ||
5 | # Firejail profile for GNU Icecat | 5 | # Firejail profile for GNU Icecat |
6 | noblacklist ~/.mozilla | 6 | noblacklist ~/.mozilla |
7 | noblacklist ~/.cache/mozilla | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | noblacklist ~/.lastpass | 8 | noblacklist ~/.lastpass |
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -22,8 +21,6 @@ tracelog | |||
22 | whitelist ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
23 | mkdir ~/.mozilla | 22 | mkdir ~/.mozilla |
24 | whitelist ~/.mozilla | 23 | whitelist ~/.mozilla |
25 | mkdir ~/.cache/mozilla/icecat | ||
26 | whitelist ~/.cache/mozilla/icecat | ||
27 | whitelist ~/dwhelper | 24 | whitelist ~/dwhelper |
28 | whitelist ~/.zotero | 25 | whitelist ~/.zotero |
29 | whitelist ~/.vimperatorrc | 26 | whitelist ~/.vimperatorrc |
@@ -32,7 +29,6 @@ whitelist ~/.pentadactylrc | |||
32 | whitelist ~/.pentadactyl | 29 | whitelist ~/.pentadactyl |
33 | whitelist ~/.keysnail.js | 30 | whitelist ~/.keysnail.js |
34 | whitelist ~/.config/gnome-mplayer | 31 | whitelist ~/.config/gnome-mplayer |
35 | whitelist ~/.cache/gnome-mplayer/plugin | ||
36 | whitelist ~/.pki | 32 | whitelist ~/.pki |
37 | whitelist ~/.lastpass | 33 | whitelist ~/.lastpass |
38 | 34 | ||
diff --git a/etc/icedove.profile b/etc/icedove.profile index b5265e992..aae0e3bf5 100644 --- a/etc/icedove.profile +++ b/etc/icedove.profile | |||
@@ -14,10 +14,6 @@ noblacklist ~/.icedove | |||
14 | mkdir ~/.icedove | 14 | mkdir ~/.icedove |
15 | whitelist ~/.icedove | 15 | whitelist ~/.icedove |
16 | 16 | ||
17 | noblacklist ~/.cache/icedove | ||
18 | mkdir ~/.cache/icedove | ||
19 | whitelist ~/.cache/icedove | ||
20 | |||
21 | # allow browsers | 17 | # allow browsers |
22 | ignore private-tmp | 18 | ignore private-tmp |
23 | include /etc/firejail/firefox.profile | 19 | include /etc/firejail/firefox.profile |
diff --git a/etc/inox.profile b/etc/inox.profile index 0b2e4ee5e..6043ded8a 100644 --- a/etc/inox.profile +++ b/etc/inox.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/inox.local | |||
4 | 4 | ||
5 | # Inox browser profile | 5 | # Inox browser profile |
6 | noblacklist ~/.config/inox | 6 | noblacklist ~/.config/inox |
7 | noblacklist ~/.cache/inox | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -14,8 +13,6 @@ netfilter | |||
14 | whitelist ${DOWNLOADS} | 13 | whitelist ${DOWNLOADS} |
15 | mkdir ~/.config/inox | 14 | mkdir ~/.config/inox |
16 | whitelist ~/.config/inox | 15 | whitelist ~/.config/inox |
17 | mkdir ~/.cache/inox | ||
18 | whitelist ~/.cache/inox | ||
19 | mkdir ~/.pki | 16 | mkdir ~/.pki |
20 | whitelist ~/.pki | 17 | whitelist ~/.pki |
21 | 18 | ||
diff --git a/etc/iridium.profile b/etc/iridium.profile index 2d79a3935..dcbd0b84b 100644 --- a/etc/iridium.profile +++ b/etc/iridium.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/iridium.local | |||
4 | 4 | ||
5 | # Iridium browser profile | 5 | # Iridium browser profile |
6 | noblacklist ~/.config/iridium | 6 | noblacklist ~/.config/iridium |
7 | noblacklist ~/.cache/iridium | ||
8 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 8 | include /etc/firejail/disable-programs.inc |
10 | 9 | ||
@@ -17,8 +16,6 @@ netfilter | |||
17 | whitelist ${DOWNLOADS} | 16 | whitelist ${DOWNLOADS} |
18 | mkdir ~/.config/iridium | 17 | mkdir ~/.config/iridium |
19 | whitelist ~/.config/iridium | 18 | whitelist ~/.config/iridium |
20 | mkdir ~/.cache/iridium | ||
21 | whitelist ~/.cache/iridium | ||
22 | mkdir ~/.pki | 19 | mkdir ~/.pki |
23 | whitelist ~/.pki | 20 | whitelist ~/.pki |
24 | 21 | ||
diff --git a/etc/mutt.profile b/etc/mutt.profile index 2f0809f02..f9d537779 100644 --- a/etc/mutt.profile +++ b/etc/mutt.profile | |||
@@ -14,7 +14,6 @@ noblacklist ~/mail | |||
14 | noblacklist ~/Mail | 14 | noblacklist ~/Mail |
15 | noblacklist ~/sent | 15 | noblacklist ~/sent |
16 | noblacklist ~/postponed | 16 | noblacklist ~/postponed |
17 | noblacklist ~/.cache/mutt | ||
18 | noblacklist ~/.w3m | 17 | noblacklist ~/.w3m |
19 | noblacklist ~/.elinks | 18 | noblacklist ~/.elinks |
20 | noblacklist ~/.vim | 19 | noblacklist ~/.vim |
diff --git a/etc/netsurf.profile b/etc/netsurf.profile index c217346de..a3c360c1e 100644 --- a/etc/netsurf.profile +++ b/etc/netsurf.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/netsurf.local | |||
4 | 4 | ||
5 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) | 5 | # Firejail profile for Mozilla Firefox (Iceweasel in Debian) |
6 | noblacklist ~/.config/netsurf | 6 | noblacklist ~/.config/netsurf |
7 | noblacklist ~/.cache/netsurf | ||
8 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 8 | include /etc/firejail/disable-programs.inc |
10 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
@@ -20,7 +19,5 @@ tracelog | |||
20 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
21 | mkdir ~/.config/netsurf | 20 | mkdir ~/.config/netsurf |
22 | whitelist ~/.config/netsurf | 21 | whitelist ~/.config/netsurf |
23 | mkdir ~/.cache/netsurf | ||
24 | whitelist ~/.cache/netsurf | ||
25 | 22 | ||
26 | include /etc/firejail/whitelist-common.inc | 23 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/opera-beta.profile b/etc/opera-beta.profile index 92624f334..5a0d54744 100644 --- a/etc/opera-beta.profile +++ b/etc/opera-beta.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/opera-beta.local | |||
4 | 4 | ||
5 | # Opera-beta browser profile | 5 | # Opera-beta browser profile |
6 | noblacklist ~/.config/opera-beta | 6 | noblacklist ~/.config/opera-beta |
7 | noblacklist ~/.cache/opera-beta | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -15,8 +14,6 @@ netfilter | |||
15 | whitelist ${DOWNLOADS} | 14 | whitelist ${DOWNLOADS} |
16 | mkdir ~/.config/opera-beta | 15 | mkdir ~/.config/opera-beta |
17 | whitelist ~/.config/opera-beta | 16 | whitelist ~/.config/opera-beta |
18 | mkdir ~/.cache/opera-beta | ||
19 | whitelist ~/.cache/opera-beta | ||
20 | mkdir ~/.pki | 17 | mkdir ~/.pki |
21 | whitelist ~/.pki | 18 | whitelist ~/.pki |
22 | include /etc/firejail/whitelist-common.inc | 19 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/opera.profile b/etc/opera.profile index 57835f2f2..4af502060 100644 --- a/etc/opera.profile +++ b/etc/opera.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/opera.local | |||
4 | 4 | ||
5 | # Opera browser profile | 5 | # Opera browser profile |
6 | noblacklist ~/.config/opera | 6 | noblacklist ~/.config/opera |
7 | noblacklist ~/.cache/opera | ||
8 | noblacklist ~/.opera | 7 | noblacklist ~/.opera |
9 | noblacklist ~/.pki | 8 | noblacklist ~/.pki |
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -16,8 +15,6 @@ netfilter | |||
16 | whitelist ${DOWNLOADS} | 15 | whitelist ${DOWNLOADS} |
17 | mkdir ~/.config/opera | 16 | mkdir ~/.config/opera |
18 | whitelist ~/.config/opera | 17 | whitelist ~/.config/opera |
19 | mkdir ~/.cache/opera | ||
20 | whitelist ~/.cache/opera | ||
21 | mkdir ~/.opera | 18 | mkdir ~/.opera |
22 | whitelist ~/.opera | 19 | whitelist ~/.opera |
23 | mkdir ~/.pki | 20 | mkdir ~/.pki |
diff --git a/etc/palemoon.profile b/etc/palemoon.profile index 8cac00e03..472d58cee 100644 --- a/etc/palemoon.profile +++ b/etc/palemoon.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/palemoon.local | |||
4 | 4 | ||
5 | # Firejail profile for Pale Moon | 5 | # Firejail profile for Pale Moon |
6 | noblacklist ~/.moonchild productions/pale moon | 6 | noblacklist ~/.moonchild productions/pale moon |
7 | noblacklist ~/.cache/moonchild productions/pale moon | ||
8 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 8 | include /etc/firejail/disable-programs.inc |
10 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
@@ -13,8 +12,6 @@ include /etc/firejail/whitelist-common.inc | |||
13 | whitelist ${DOWNLOADS} | 12 | whitelist ${DOWNLOADS} |
14 | mkdir ~/.moonchild productions | 13 | mkdir ~/.moonchild productions |
15 | whitelist ~/.moonchild productions | 14 | whitelist ~/.moonchild productions |
16 | mkdir ~/.cache/moonchild productions/pale moon | ||
17 | whitelist ~/.cache/moonchild productions/pale moon | ||
18 | 15 | ||
19 | caps.drop all | 16 | caps.drop all |
20 | netfilter | 17 | netfilter |
@@ -40,7 +37,6 @@ private-tmp | |||
40 | #whitelist ~/.pentadactyl | 37 | #whitelist ~/.pentadactyl |
41 | #whitelist ~/.keysnail.js | 38 | #whitelist ~/.keysnail.js |
42 | #whitelist ~/.config/gnome-mplayer | 39 | #whitelist ~/.config/gnome-mplayer |
43 | #whitelist ~/.cache/gnome-mplayer/plugin | ||
44 | #whitelist ~/.pki | 40 | #whitelist ~/.pki |
45 | #whitelist ~/.lastpass | 41 | #whitelist ~/.lastpass |
46 | 42 | ||
diff --git a/etc/polari.profile b/etc/polari.profile index 834a8b3d6..52a58322e 100644 --- a/etc/polari.profile +++ b/etc/polari.profile | |||
@@ -15,8 +15,6 @@ mkdir ${HOME}/.local/share/TpLogger | |||
15 | whitelist ${HOME}/.local/share/TpLogger | 15 | whitelist ${HOME}/.local/share/TpLogger |
16 | mkdir ${HOME}/.config/telepathy-account-widgets | 16 | mkdir ${HOME}/.config/telepathy-account-widgets |
17 | whitelist ${HOME}/.config/telepathy-account-widgets | 17 | whitelist ${HOME}/.config/telepathy-account-widgets |
18 | mkdir ${HOME}/.cache/telepathy | ||
19 | whitelist ${HOME}/.cache/telepathy | ||
20 | mkdir ${HOME}/.purple | 18 | mkdir ${HOME}/.purple |
21 | whitelist ${HOME}/.purple | 19 | whitelist ${HOME}/.purple |
22 | include /etc/firejail/whitelist-common.inc | 20 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile index 45cb22ee4..5106fccb2 100644 --- a/etc/psi-plus.profile +++ b/etc/psi-plus.profile | |||
@@ -14,8 +14,6 @@ mkdir ~/.config/psi+ | |||
14 | whitelist ~/.config/psi+ | 14 | whitelist ~/.config/psi+ |
15 | mkdir ~/.local/share/psi+ | 15 | mkdir ~/.local/share/psi+ |
16 | whitelist ~/.local/share/psi+ | 16 | whitelist ~/.local/share/psi+ |
17 | mkdir ~/.cache/psi+ | ||
18 | whitelist ~/.cache/psi+ | ||
19 | 17 | ||
20 | caps.drop all | 18 | caps.drop all |
21 | netfilter | 19 | netfilter |
diff --git a/etc/quiterss.profile b/etc/quiterss.profile index f4e4f96d3..158425e18 100644 --- a/etc/quiterss.profile +++ b/etc/quiterss.profile | |||
@@ -2,7 +2,6 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include /etc/firejail/quiterss.local | 3 | include /etc/firejail/quiterss.local |
4 | 4 | ||
5 | noblacklist ${HOME}/.cache/QuiteRss | ||
6 | noblacklist ${HOME}/.config/QuiteRss | 5 | noblacklist ${HOME}/.config/QuiteRss |
7 | noblacklist ${HOME}/.config/QuiteRssrc | 6 | noblacklist ${HOME}/.config/QuiteRssrc |
8 | noblacklist ${HOME}/.local/share/QuiteRss | 7 | noblacklist ${HOME}/.local/share/QuiteRss |
@@ -19,8 +18,6 @@ whitelist ${HOME}/.config/QuiteRssrc | |||
19 | mkdir ~/.local/share/data | 18 | mkdir ~/.local/share/data |
20 | mkdir ~/.local/share/data/QuiteRss | 19 | mkdir ~/.local/share/data/QuiteRss |
21 | whitelist ${HOME}/.local/share/data/QuiteRss | 20 | whitelist ${HOME}/.local/share/data/QuiteRss |
22 | mkdir ~/.cache/QuiteRss | ||
23 | whitelist ${HOME}/.cache/QuiteRss | ||
24 | 21 | ||
25 | caps.drop all | 22 | caps.drop all |
26 | netfilter | 23 | netfilter |
diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile index 3f5cb60c0..783bc516d 100644 --- a/etc/qupzilla.profile +++ b/etc/qupzilla.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/qupzilla.local | |||
4 | 4 | ||
5 | # Firejail profile for Qupzilla web browser | 5 | # Firejail profile for Qupzilla web browser |
6 | noblacklist ${HOME}/.config/qupzilla | 6 | noblacklist ${HOME}/.config/qupzilla |
7 | noblacklist ${HOME}/.cache/qupzilla | ||
8 | include /etc/firejail/disable-mgmt.inc | 7 | include /etc/firejail/disable-mgmt.inc |
9 | include /etc/firejail/disable-secret.inc | 8 | include /etc/firejail/disable-secret.inc |
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -17,7 +16,6 @@ tracelog | |||
17 | noroot | 16 | noroot |
18 | whitelist ${DOWNLOADS} | 17 | whitelist ${DOWNLOADS} |
19 | whitelist ~/.config/qupzilla | 18 | whitelist ~/.config/qupzilla |
20 | whitelist ~/.cache/qupzilla | ||
21 | include /etc/firejail/whitelist-common.inc | 19 | include /etc/firejail/whitelist-common.inc |
22 | 20 | ||
23 | # experimental features | 21 | # experimental features |
diff --git a/etc/qutebrowser.profile b/etc/qutebrowser.profile index f43307ef9..53be1178c 100644 --- a/etc/qutebrowser.profile +++ b/etc/qutebrowser.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/qutebrowser.local | |||
4 | 4 | ||
5 | # Firejail profile for Qutebrowser (Qt5-Webkit+Python) browser | 5 | # Firejail profile for Qutebrowser (Qt5-Webkit+Python) browser |
6 | noblacklist ~/.config/qutebrowser | 6 | noblacklist ~/.config/qutebrowser |
7 | noblacklist ~/.cache/qutebrowser | ||
8 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 8 | include /etc/firejail/disable-programs.inc |
10 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
@@ -20,8 +19,6 @@ tracelog | |||
20 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
21 | mkdir ~/.config/qutebrowser | 20 | mkdir ~/.config/qutebrowser |
22 | whitelist ~/.config/qutebrowser | 21 | whitelist ~/.config/qutebrowser |
23 | mkdir ~/.cache/qutebrowser | ||
24 | whitelist ~/.cache/qutebrowser | ||
25 | mkdir ~/.local/share/qutebrowser | 22 | mkdir ~/.local/share/qutebrowser |
26 | whitelist ~/.local/share/qutebrowser | 23 | whitelist ~/.local/share/qutebrowser |
27 | include /etc/firejail/whitelist-common.inc | 24 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile index df1910469..756700c2f 100644 --- a/etc/seamonkey.profile +++ b/etc/seamonkey.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/seamonkey.local | |||
4 | 4 | ||
5 | # Firejail profile for Seamoneky based off Mozilla Firefox | 5 | # Firejail profile for Seamoneky based off Mozilla Firefox |
6 | noblacklist ~/.mozilla | 6 | noblacklist ~/.mozilla |
7 | noblacklist ~/.cache/mozilla | ||
8 | noblacklist ~/.pki | 7 | noblacklist ~/.pki |
9 | noblacklist ~/.lastpass | 8 | noblacklist ~/.lastpass |
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -22,8 +21,6 @@ tracelog | |||
22 | whitelist ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
23 | mkdir ~/.mozilla/seamonkey | 22 | mkdir ~/.mozilla/seamonkey |
24 | whitelist ~/.mozilla/seamonkey | 23 | whitelist ~/.mozilla/seamonkey |
25 | mkdir ~/.cache/mozilla/seamonkey | ||
26 | whitelist ~/.cache/mozilla/seamonkey | ||
27 | whitelist ~/dwhelper | 24 | whitelist ~/dwhelper |
28 | whitelist ~/.zotero | 25 | whitelist ~/.zotero |
29 | whitelist ~/.vimperatorrc | 26 | whitelist ~/.vimperatorrc |
@@ -32,7 +29,6 @@ whitelist ~/.pentadactylrc | |||
32 | whitelist ~/.pentadactyl | 29 | whitelist ~/.pentadactyl |
33 | whitelist ~/.keysnail.js | 30 | whitelist ~/.keysnail.js |
34 | whitelist ~/.config/gnome-mplayer | 31 | whitelist ~/.config/gnome-mplayer |
35 | whitelist ~/.cache/gnome-mplayer/plugin | ||
36 | whitelist ~/.pki | 32 | whitelist ~/.pki |
37 | whitelist ~/.lastpass | 33 | whitelist ~/.lastpass |
38 | include /etc/firejail/whitelist-common.inc | 34 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/simple-scan.profile b/etc/simple-scan.profile index ee7e50ba7..0f6d626a5 100644 --- a/etc/simple-scan.profile +++ b/etc/simple-scan.profile | |||
@@ -3,8 +3,6 @@ | |||
3 | include /etc/firejail/simple-scan.local | 3 | include /etc/firejail/simple-scan.local |
4 | 4 | ||
5 | # simple-scan profile | 5 | # simple-scan profile |
6 | noblacklist ~/.cache/simple-scan | ||
7 | |||
8 | include /etc/firejail/disable-common.inc | 6 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 7 | include /etc/firejail/disable-programs.inc |
10 | include /etc/firejail/disable-devel.inc | 8 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/spotify.profile b/etc/spotify.profile index 843038a2b..23ef75b71 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/spotify.local | |||
4 | 4 | ||
5 | # Spotify media player profile | 5 | # Spotify media player profile |
6 | noblacklist ${HOME}/.config/spotify | 6 | noblacklist ${HOME}/.config/spotify |
7 | noblacklist ${HOME}/.cache/spotify | ||
8 | noblacklist ${HOME}/.local/share/spotify | 7 | noblacklist ${HOME}/.local/share/spotify |
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
@@ -16,8 +15,6 @@ mkdir ${HOME}/.config/spotify | |||
16 | whitelist ${HOME}/.config/spotify | 15 | whitelist ${HOME}/.config/spotify |
17 | mkdir ${HOME}/.local/share/spotify | 16 | mkdir ${HOME}/.local/share/spotify |
18 | whitelist ${HOME}/.local/share/spotify | 17 | whitelist ${HOME}/.local/share/spotify |
19 | mkdir ${HOME}/.cache/spotify | ||
20 | whitelist ${HOME}/.cache/spotify | ||
21 | 18 | ||
22 | caps.drop all | 19 | caps.drop all |
23 | netfilter | 20 | netfilter |
diff --git a/etc/thunderbird.profile b/etc/thunderbird.profile index 88ab7501e..1dc8b15c7 100644 --- a/etc/thunderbird.profile +++ b/etc/thunderbird.profile | |||
@@ -14,10 +14,6 @@ noblacklist ~/.thunderbird | |||
14 | mkdir ~/.thunderbird | 14 | mkdir ~/.thunderbird |
15 | whitelist ~/.thunderbird | 15 | whitelist ~/.thunderbird |
16 | 16 | ||
17 | noblacklist ~/.cache/thunderbird | ||
18 | mkdir ~/.cache/thunderbird | ||
19 | whitelist ~/.cache/thunderbird | ||
20 | |||
21 | # allow browsers | 17 | # allow browsers |
22 | ignore private-tmp | 18 | ignore private-tmp |
23 | include /etc/firejail/firefox.profile | 19 | include /etc/firejail/firefox.profile |
diff --git a/etc/transmission-cli.profile b/etc/transmission-cli.profile index dbcc8d041..5b6bec4c1 100644 --- a/etc/transmission-cli.profile +++ b/etc/transmission-cli.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/transmission-cli.local | |||
4 | 4 | ||
5 | # transmission-cli bittorrent profile | 5 | # transmission-cli bittorrent profile |
6 | noblacklist ${HOME}/.config/transmission | 6 | noblacklist ${HOME}/.config/transmission |
7 | noblacklist ${HOME}/.cache/transmission | ||
8 | 7 | ||
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index dcd3317ef..78ce5fba2 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/transmission-gtk.local | |||
4 | 4 | ||
5 | # transmission-gtk bittorrent profile | 5 | # transmission-gtk bittorrent profile |
6 | noblacklist ${HOME}/.config/transmission | 6 | noblacklist ${HOME}/.config/transmission |
7 | noblacklist ${HOME}/.cache/transmission | ||
8 | 7 | ||
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index ed63f7cff..2f7fe0714 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/transmission-qt.local | |||
4 | 4 | ||
5 | # transmission-qt bittorrent profile | 5 | # transmission-qt bittorrent profile |
6 | noblacklist ${HOME}/.config/transmission | 6 | noblacklist ${HOME}/.config/transmission |
7 | noblacklist ${HOME}/.cache/transmission | ||
8 | 7 | ||
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
diff --git a/etc/transmission-show.profile b/etc/transmission-show.profile index 0b88789b1..052843882 100644 --- a/etc/transmission-show.profile +++ b/etc/transmission-show.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/transmission-show.local | |||
4 | 4 | ||
5 | # transmission-show profile | 5 | # transmission-show profile |
6 | noblacklist ${HOME}/.config/transmission | 6 | noblacklist ${HOME}/.config/transmission |
7 | noblacklist ${HOME}/.cache/transmission | ||
8 | 7 | ||
9 | include /etc/firejail/disable-common.inc | 8 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-programs.inc | 9 | include /etc/firejail/disable-programs.inc |
diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile index 2c2fbd9f0..bf6af3926 100644 --- a/etc/vivaldi.profile +++ b/etc/vivaldi.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/vivaldi.local | |||
4 | 4 | ||
5 | # Vivaldi browser profile | 5 | # Vivaldi browser profile |
6 | noblacklist ~/.config/vivaldi | 6 | noblacklist ~/.config/vivaldi |
7 | noblacklist ~/.cache/vivaldi | ||
8 | include /etc/firejail/disable-common.inc | 7 | include /etc/firejail/disable-common.inc |
9 | include /etc/firejail/disable-programs.inc | 8 | include /etc/firejail/disable-programs.inc |
10 | include /etc/firejail/disable-devel.inc | 9 | include /etc/firejail/disable-devel.inc |
@@ -14,6 +13,4 @@ netfilter | |||
14 | whitelist ${DOWNLOADS} | 13 | whitelist ${DOWNLOADS} |
15 | mkdir ~/.config/vivaldi | 14 | mkdir ~/.config/vivaldi |
16 | whitelist ~/.config/vivaldi | 15 | whitelist ~/.config/vivaldi |
17 | mkdir ~/.cache/vivaldi | ||
18 | whitelist ~/.cache/vivaldi | ||
19 | include /etc/firejail/whitelist-common.inc | 16 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/wesnoth.profile b/etc/wesnoth.profile index 212466f5a..fbb381a86 100644 --- a/etc/wesnoth.profile +++ b/etc/wesnoth.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/wesnoth.local | |||
4 | 4 | ||
5 | # Whitelist-based profile for "Battle for Wesnoth" (game). | 5 | # Whitelist-based profile for "Battle for Wesnoth" (game). |
6 | noblacklist ${HOME}/.config/wesnoth | 6 | noblacklist ${HOME}/.config/wesnoth |
7 | noblacklist ${HOME}/.cache/wesnoth | ||
8 | noblacklist ${HOME}/.local/share/wesnoth | 7 | noblacklist ${HOME}/.local/share/wesnoth |
9 | 8 | ||
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
@@ -23,8 +22,6 @@ private-tmp | |||
23 | 22 | ||
24 | mkdir ${HOME}/.local/share/wesnoth | 23 | mkdir ${HOME}/.local/share/wesnoth |
25 | mkdir ${HOME}/.config/wesnoth | 24 | mkdir ${HOME}/.config/wesnoth |
26 | mkdir ${HOME}/.cache/wesnoth | ||
27 | whitelist ${HOME}/.local/share/wesnoth | 25 | whitelist ${HOME}/.local/share/wesnoth |
28 | whitelist ${HOME}/.config/wesnoth | 26 | whitelist ${HOME}/.config/wesnoth |
29 | whitelist ${HOME}/.cache/wesnoth | ||
30 | include /etc/firejail/whitelist-common.inc | 27 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc index cf7797100..516f47041 100644 --- a/etc/whitelist-common.inc +++ b/etc/whitelist-common.inc | |||
@@ -19,7 +19,6 @@ whitelist ~/.fonts.conf | |||
19 | whitelist ~/.fonts.conf.d | 19 | whitelist ~/.fonts.conf.d |
20 | whitelist ~/.local/share/fonts | 20 | whitelist ~/.local/share/fonts |
21 | whitelist ~/.config/fontconfig | 21 | whitelist ~/.config/fontconfig |
22 | whitelist ~/.cache/fontconfig | ||
23 | 22 | ||
24 | # gtk | 23 | # gtk |
25 | whitelist ~/.gtkrc | 24 | whitelist ~/.gtkrc |
diff --git a/etc/xreader.profile b/etc/xreader.profile index 2e6015aef..51dbcad51 100644 --- a/etc/xreader.profile +++ b/etc/xreader.profile | |||
@@ -4,7 +4,6 @@ include /etc/firejail/xreader.local | |||
4 | 4 | ||
5 | # Xreader profile | 5 | # Xreader profile |
6 | noblacklist ~/.config/xreader | 6 | noblacklist ~/.config/xreader |
7 | noblacklist ~/.cache/xreader | ||
8 | noblacklist ~/.local/share | 7 | noblacklist ~/.local/share |
9 | 8 | ||
10 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |