added calibre profile

author: netblue30 <netblue30@yahoo.com> 2017-06-19 21:08:52 -0400
committer: netblue30 <netblue30@yahoo.com> 2017-06-19 21:08:52 -0400
commit: e4b03bc316965e6e27bb88d340a5fe0b34669ca1 (patch)
tree: 02f12d41e2444d43131ca01deed1df61c607eb2a /etc
parent: mplayer and smplayer profiles (diff)
download: firejail-e4b03bc316965e6e27bb88d340a5fe0b34669ca1.tar.gz
firejail-e4b03bc316965e6e27bb88d340a5fe0b34669ca1.tar.zst
firejail-e4b03bc316965e6e27bb88d340a5fe0b34669ca1.zip
3 files changed, 47 insertions, 0 deletions
diff --git a/etc/calibre.profile b/etc/calibre.profile
new file mode 100644
index 000000000..b75e0c276
--- /dev/null
+++ b/etc/calibre.profile
@@ -0,0 +1,35 @@
+# Persistent global definitions go here
+include /etc/firejail/globals.local
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/calibre.local
+noblacklist ~/.config/calibre
+noblacklist ~/.cache/calibre
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+#include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+caps.drop all
+#ipc-namespace
+netfilter
+no3d
+nogroups
+nonewprivs
+noroot
+nosound
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+tracelog
+#private-bin
+private-dev
+private-tmp
+noexec ${HOME}
+noexec /tmp
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 3b2c150fc..7a3ca37ed 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -62,6 +62,7 @@ blacklist ${HOME}/.config/borg
 blacklist ${HOME}/.config/brasero
 blacklist ${HOME}/.config/brave
 blacklist ${HOME}/.config/caja
+blacklist ${HOME}/.config/calibre
 blacklist ${HOME}/.config/catfish
 blacklist ${HOME}/.config/cherrytree
 blacklist ${HOME}/.config/chromium
@@ -361,6 +362,7 @@ blacklist ${HOME}/.cache/INRIA
 blacklist ${HOME}/.cache/QuiteRss
 blacklist ${HOME}/.cache/attic
 blacklist ${HOME}/.cache/borg
+blacklist ${HOME}/.cache/calibre
 blacklist ${HOME}/.cache/champlain
 blacklist ${HOME}/.cache/chromium
 blacklist ${HOME}/.cache/qupzilla
diff --git a/etc/ebook-viewer.profile b/etc/ebook-viewer.profile
new file mode 100644
index 000000000..ba28e3550
--- /dev/null
+++ b/etc/ebook-viewer.profile
@@ -0,0 +1,10 @@
+# Persistent global definitions go here
+include /etc/firejail/globals.local
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/ebook-viewer.local
+# Firejail profile for ebook-viewer (Calibre)
+include /etc/firejail/calibre.profile
+net none
author	netblue30 <netblue30@yahoo.com>	2017-06-19 21:08:52 -0400
committer	netblue30 <netblue30@yahoo.com>	2017-06-19 21:08:52 -0400
commit	e4b03bc316965e6e27bb88d340a5fe0b34669ca1 (patch)
tree	02f12d41e2444d43131ca01deed1df61c607eb2a /etc
parent	mplayer and smplayer profiles (diff)
download	firejail-e4b03bc316965e6e27bb88d340a5fe0b34669ca1.tar.gz firejail-e4b03bc316965e6e27bb88d340a5fe0b34669ca1.tar.zst firejail-e4b03bc316965e6e27bb88d340a5fe0b34669ca1.zip

diff --git a/etc/calibre.profile b/etc/calibre.profile new file mode 100644 index 000000000..b75e0c276 --- /dev/null +++ b/etc/calibre.profile
@@ -0,0 +1,35 @@
		1	# Persistent global definitions go here
		2	include /etc/firejail/globals.local
		3
		4	# This file is overwritten during software install.
		5	# Persistent customizations should go in a .local file.
		6	include /etc/firejail/calibre.local
		7
		8	noblacklist ~/.config/calibre
		9	noblacklist ~/.cache/calibre
		10
		11	include /etc/firejail/disable-common.inc
		12	include /etc/firejail/disable-programs.inc
		13	#include /etc/firejail/disable-devel.inc
		14	include /etc/firejail/disable-passwdmgr.inc
		15
		16	caps.drop all
		17	#ipc-namespace
		18	netfilter
		19	no3d
		20	nogroups
		21	nonewprivs
		22	noroot
		23	nosound
		24	novideo
		25	protocol unix,inet,inet6
		26	seccomp
		27	shell none
		28	tracelog
		29
		30	#private-bin
		31	private-dev
		32	private-tmp
		33
		34	noexec ${HOME}
		35	noexec /tmp


diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 3b2c150fc..7a3ca37ed 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc
@@ -62,6 +62,7 @@ blacklist ${HOME}/.config/borg
62	blacklist ${HOME}/.config/brasero	62	blacklist ${HOME}/.config/brasero
63	blacklist ${HOME}/.config/brave	63	blacklist ${HOME}/.config/brave
64	blacklist ${HOME}/.config/caja	64	blacklist ${HOME}/.config/caja
		65	blacklist ${HOME}/.config/calibre
65	blacklist ${HOME}/.config/catfish	66	blacklist ${HOME}/.config/catfish
66	blacklist ${HOME}/.config/cherrytree	67	blacklist ${HOME}/.config/cherrytree
67	blacklist ${HOME}/.config/chromium	68	blacklist ${HOME}/.config/chromium
@@ -361,6 +362,7 @@ blacklist ${HOME}/.cache/INRIA
361	blacklist ${HOME}/.cache/QuiteRss	362	blacklist ${HOME}/.cache/QuiteRss
362	blacklist ${HOME}/.cache/attic	363	blacklist ${HOME}/.cache/attic
363	blacklist ${HOME}/.cache/borg	364	blacklist ${HOME}/.cache/borg
		365	blacklist ${HOME}/.cache/calibre
364	blacklist ${HOME}/.cache/champlain	366	blacklist ${HOME}/.cache/champlain
365	blacklist ${HOME}/.cache/chromium	367	blacklist ${HOME}/.cache/chromium
366	blacklist ${HOME}/.cache/qupzilla	368	blacklist ${HOME}/.cache/qupzilla


diff --git a/etc/ebook-viewer.profile b/etc/ebook-viewer.profile new file mode 100644 index 000000000..ba28e3550 --- /dev/null +++ b/etc/ebook-viewer.profile
@@ -0,0 +1,10 @@
		1	# Persistent global definitions go here
		2	include /etc/firejail/globals.local
		3
		4	# This file is overwritten during software install.
		5	# Persistent customizations should go in a .local file.
		6	include /etc/firejail/ebook-viewer.local
		7
		8	# Firejail profile for ebook-viewer (Calibre)
		9	include /etc/firejail/calibre.profile
		10	net none