Initial adding of disable-xdg.inc

author: Tad <tad@spotco.us> 2018-07-24 08:43:40 -0400
committer: Tad <tad@spotco.us> 2018-07-24 08:54:45 -0400
commit: 94a0123568785386f907cd0fef7d5fc80ffb7d75 (patch)
tree: e60c82fd5d4e7185c788ee3eca5ad8ae887a8d64 /etc
parent: Add disable-xdg.inc (diff)
download: firejail-94a0123568785386f907cd0fef7d5fc80ffb7d75.tar.gz
firejail-94a0123568785386f907cd0fef7d5fc80ffb7d75.tar.zst
firejail-94a0123568785386f907cd0fef7d5fc80ffb7d75.zip
18 files changed, 27 insertions, 2 deletions
diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile
index 2e74e74e3..1e7472bd9 100644
--- a/etc/2048-qt.profile
+++ b/etc/2048-qt.profile
@@ -14,6 +14,11 @@ include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+mkdir ${HOME}/.config/2048-qt
+mkdir ${HOME}/.config/xiaoyong
+whitelist ${HOME}/.config/2048-qt
+whitelist ${HOME}/.config/xiaoyong
+include /etc/firejail/whitelist-common.inc
 include /etc/firejail/whitelist-var-common.inc
 caps.drop all
diff --git a/etc/Fritzing.profile b/etc/Fritzing.profile
index 453b9979e..1eb103b47 100644
--- a/etc/Fritzing.profile
+++ b/etc/Fritzing.profile
@@ -6,12 +6,14 @@ include /etc/firejail/Fritzing.local
 include /etc/firejail/globals.local
 noblacklist ${HOME}/.config/Fritzing
+noblacklist ${DOCUMENTS}
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/android-studio.profile b/etc/android-studio.profile
index d845bd4b9..a69bf3966 100644
--- a/etc/android-studio.profile
+++ b/etc/android-studio.profile
@@ -15,10 +15,12 @@ noblacklist ${HOME}/.java
 noblacklist ${HOME}/.local/share/JetBrains
 noblacklist ${HOME}/.ssh
 noblacklist ${HOME}/.tooling
+noblacklist ${DOCUMENTS}
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 caps.drop all
 netfilter
diff --git a/etc/aosp.profile b/etc/aosp.profile
index 5ceef9348..8622d6acd 100644
--- a/etc/aosp.profile
+++ b/etc/aosp.profile
@@ -21,6 +21,7 @@ noblacklist ${HOME}/.tooling
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/apktool.profile b/etc/apktool.profile
index ded17ca58..2203d7b8c 100644
--- a/etc/apktool.profile
+++ b/etc/apktool.profile
@@ -9,6 +9,7 @@ include /etc/firejail/globals.local
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 caps.drop all
 net none
diff --git a/etc/arch-audit.profile b/etc/arch-audit.profile
index 0987ce149..956f0d63a 100644
--- a/etc/arch-audit.profile
+++ b/etc/arch-audit.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 caps.drop all
 ipc-namespace
diff --git a/etc/archaudit-report.profile b/etc/archaudit-report.profile
index f4340faf3..27b15412f 100644
--- a/etc/archaudit-report.profile
+++ b/etc/archaudit-report.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-common.inc
diff --git a/etc/disable-xdg.inc b/etc/disable-xdg.inc
index 5d29fa8d3..554e3a7d5 100644
--- a/etc/disable-xdg.inc
+++ b/etc/disable-xdg.inc
@@ -4,7 +4,7 @@ include /etc/firejail/disable-xdg.local
 #blacklist ${DESKTOP}
 blacklist ${DOCUMENTS}
-blacklist ${DOWNLOADS}
+#blacklist ${DOWNLOADS}
 blacklist ${MUSIC}
 blacklist ${PICTURES}
 blacklist ${VIDEOS}
diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile
index 4274981b5..6fc2671d8 100644
--- a/etc/gnome-books.profile
+++ b/etc/gnome-books.profile
@@ -8,12 +8,14 @@ include /etc/firejail/globals.local
 # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them
 noblacklist ${HOME}/.cache/org.gnome.Books
+noblacklist ${DOCUMENTS}
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile
index b915b0bce..6ace0b3ec 100644
--- a/etc/gnome-calculator.profile
+++ b/etc/gnome-calculator.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-common.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile
index 59a3d59af..8422e1836 100644
--- a/etc/gnome-chess.profile
+++ b/etc/gnome-chess.profile
@@ -12,6 +12,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-clocks.profile b/etc/gnome-clocks.profile
index 103a5ff73..4251f70ed 100644
--- a/etc/gnome-clocks.profile
+++ b/etc/gnome-clocks.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile
index d4d670998..0e6f70e04 100644
--- a/etc/gnome-contacts.profile
+++ b/etc/gnome-contacts.profile
@@ -5,15 +5,16 @@ include /etc/firejail/gnome-contacts.local
 # Persistent global definitions
 include /etc/firejail/globals.local
+noblacklist ${DOCUMENTS}
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-common.inc
 include /etc/firejail/whitelist-var-common.inc
 caps.drop all
diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile
index 8a67d6e5c..a7ebb48c8 100644
--- a/etc/gnome-documents.profile
+++ b/etc/gnome-documents.profile
@@ -8,12 +8,14 @@ include /etc/firejail/globals.local
 # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them
 noblacklist ${HOME}/.config/libreoffice
+noblacklist ${DOCUMENTS}
 include /etc/firejail/disable-common.inc
 include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 caps.drop all
 netfilter
diff --git a/etc/gnome-font-viewer.profile b/etc/gnome-font-viewer.profile
index ebd937f9b..71cd06643 100644
--- a/etc/gnome-font-viewer.profile
+++ b/etc/gnome-font-viewer.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-logs.profile b/etc/gnome-logs.profile
index ca4e5f204..f08142113 100644
--- a/etc/gnome-logs.profile
+++ b/etc/gnome-logs.profile
@@ -10,6 +10,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 whitelist /var/log/journal
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile
index b5364e48d..da73d9450 100644
--- a/etc/gnome-maps.profile
+++ b/etc/gnome-maps.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile
index 64482b246..28c9e6d86 100644
--- a/etc/gnome-weather.profile
+++ b/etc/gnome-weather.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
 include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
author	Tad <tad@spotco.us>	2018-07-24 08:43:40 -0400
committer	Tad <tad@spotco.us>	2018-07-24 08:54:45 -0400
commit	94a0123568785386f907cd0fef7d5fc80ffb7d75 (patch)
tree	e60c82fd5d4e7185c788ee3eca5ad8ae887a8d64 /etc
parent	Add disable-xdg.inc (diff)
download	firejail-94a0123568785386f907cd0fef7d5fc80ffb7d75.tar.gz firejail-94a0123568785386f907cd0fef7d5fc80ffb7d75.tar.zst firejail-94a0123568785386f907cd0fef7d5fc80ffb7d75.zip

diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile index 2e74e74e3..1e7472bd9 100644 --- a/etc/2048-qt.profile +++ b/etc/2048-qt.profile
@@ -14,6 +14,11 @@ include /etc/firejail/disable-interpreters.inc
14	include /etc/firejail/disable-passwdmgr.inc	14	include /etc/firejail/disable-passwdmgr.inc
15	include /etc/firejail/disable-programs.inc	15	include /etc/firejail/disable-programs.inc
16		16
		17	mkdir ${HOME}/.config/2048-qt
		18	mkdir ${HOME}/.config/xiaoyong
		19	whitelist ${HOME}/.config/2048-qt
		20	whitelist ${HOME}/.config/xiaoyong
		21	include /etc/firejail/whitelist-common.inc
17	include /etc/firejail/whitelist-var-common.inc	22	include /etc/firejail/whitelist-var-common.inc
18		23
19	caps.drop all	24	caps.drop all


diff --git a/etc/Fritzing.profile b/etc/Fritzing.profile index 453b9979e..1eb103b47 100644 --- a/etc/Fritzing.profile +++ b/etc/Fritzing.profile
@@ -6,12 +6,14 @@ include /etc/firejail/Fritzing.local
6	include /etc/firejail/globals.local	6	include /etc/firejail/globals.local
7		7
8	noblacklist ${HOME}/.config/Fritzing	8	noblacklist ${HOME}/.config/Fritzing
		9	noblacklist ${DOCUMENTS}
9		10
10	include /etc/firejail/disable-common.inc	11	include /etc/firejail/disable-common.inc
11	include /etc/firejail/disable-devel.inc	12	include /etc/firejail/disable-devel.inc
12	include /etc/firejail/disable-interpreters.inc	13	include /etc/firejail/disable-interpreters.inc
13	include /etc/firejail/disable-passwdmgr.inc	14	include /etc/firejail/disable-passwdmgr.inc
14	include /etc/firejail/disable-programs.inc	15	include /etc/firejail/disable-programs.inc
		16	include /etc/firejail/disable-xdg.inc
15		17
16	include /etc/firejail/whitelist-var-common.inc	18	include /etc/firejail/whitelist-var-common.inc
17		19


diff --git a/etc/android-studio.profile b/etc/android-studio.profile index d845bd4b9..a69bf3966 100644 --- a/etc/android-studio.profile +++ b/etc/android-studio.profile
@@ -15,10 +15,12 @@ noblacklist ${HOME}/.java
15	noblacklist ${HOME}/.local/share/JetBrains	15	noblacklist ${HOME}/.local/share/JetBrains
16	noblacklist ${HOME}/.ssh	16	noblacklist ${HOME}/.ssh
17	noblacklist ${HOME}/.tooling	17	noblacklist ${HOME}/.tooling
		18	noblacklist ${DOCUMENTS}
18		19
19	include /etc/firejail/disable-common.inc	20	include /etc/firejail/disable-common.inc
20	include /etc/firejail/disable-passwdmgr.inc	21	include /etc/firejail/disable-passwdmgr.inc
21	include /etc/firejail/disable-programs.inc	22	include /etc/firejail/disable-programs.inc
		23	include /etc/firejail/disable-xdg.inc
22		24
23	caps.drop all	25	caps.drop all
24	netfilter	26	netfilter


diff --git a/etc/aosp.profile b/etc/aosp.profile index 5ceef9348..8622d6acd 100644 --- a/etc/aosp.profile +++ b/etc/aosp.profile
@@ -21,6 +21,7 @@ noblacklist ${HOME}/.tooling
21	include /etc/firejail/disable-common.inc	21	include /etc/firejail/disable-common.inc
22	include /etc/firejail/disable-passwdmgr.inc	22	include /etc/firejail/disable-passwdmgr.inc
23	include /etc/firejail/disable-programs.inc	23	include /etc/firejail/disable-programs.inc
		24	include /etc/firejail/disable-xdg.inc
24		25
25	include /etc/firejail/whitelist-var-common.inc	26	include /etc/firejail/whitelist-var-common.inc
26		27


diff --git a/etc/apktool.profile b/etc/apktool.profile index ded17ca58..2203d7b8c 100644 --- a/etc/apktool.profile +++ b/etc/apktool.profile
@@ -9,6 +9,7 @@ include /etc/firejail/globals.local
9	include /etc/firejail/disable-common.inc	9	include /etc/firejail/disable-common.inc
10	include /etc/firejail/disable-passwdmgr.inc	10	include /etc/firejail/disable-passwdmgr.inc
11	include /etc/firejail/disable-programs.inc	11	include /etc/firejail/disable-programs.inc
		12	include /etc/firejail/disable-xdg.inc
12		13
13	caps.drop all	14	caps.drop all
14	net none	15	net none


diff --git a/etc/arch-audit.profile b/etc/arch-audit.profile index 0987ce149..956f0d63a 100644 --- a/etc/arch-audit.profile +++ b/etc/arch-audit.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-interpreters.inc	14	include /etc/firejail/disable-interpreters.inc
15	include /etc/firejail/disable-passwdmgr.inc	15	include /etc/firejail/disable-passwdmgr.inc
16	include /etc/firejail/disable-programs.inc	16	include /etc/firejail/disable-programs.inc
		17	include /etc/firejail/disable-xdg.inc
17		18
18	caps.drop all	19	caps.drop all
19	ipc-namespace	20	ipc-namespace


diff --git a/etc/archaudit-report.profile b/etc/archaudit-report.profile index f4340faf3..27b15412f 100644 --- a/etc/archaudit-report.profile +++ b/etc/archaudit-report.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-interpreters.inc	14	include /etc/firejail/disable-interpreters.inc
15	include /etc/firejail/disable-passwdmgr.inc	15	include /etc/firejail/disable-passwdmgr.inc
16	include /etc/firejail/disable-programs.inc	16	include /etc/firejail/disable-programs.inc
		17	include /etc/firejail/disable-xdg.inc
17		18
18	include /etc/firejail/whitelist-common.inc	19	include /etc/firejail/whitelist-common.inc
19		20


diff --git a/etc/disable-xdg.inc b/etc/disable-xdg.inc index 5d29fa8d3..554e3a7d5 100644 --- a/etc/disable-xdg.inc +++ b/etc/disable-xdg.inc
@@ -4,7 +4,7 @@ include /etc/firejail/disable-xdg.local
4		4
5	#blacklist ${DESKTOP}	5	#blacklist ${DESKTOP}
6	blacklist ${DOCUMENTS}	6	blacklist ${DOCUMENTS}
7	blacklist ${DOWNLOADS}	7	#blacklist ${DOWNLOADS}
8	blacklist ${MUSIC}	8	blacklist ${MUSIC}
9	blacklist ${PICTURES}	9	blacklist ${PICTURES}
10	blacklist ${VIDEOS}	10	blacklist ${VIDEOS}


diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile index 4274981b5..6fc2671d8 100644 --- a/etc/gnome-books.profile +++ b/etc/gnome-books.profile
@@ -8,12 +8,14 @@ include /etc/firejail/globals.local
8	# when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them	8	# when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them
9		9
10	noblacklist ${HOME}/.cache/org.gnome.Books	10	noblacklist ${HOME}/.cache/org.gnome.Books
		11	noblacklist ${DOCUMENTS}
11		12
12	include /etc/firejail/disable-common.inc	13	include /etc/firejail/disable-common.inc
13	include /etc/firejail/disable-devel.inc	14	include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-interpreters.inc	15	include /etc/firejail/disable-interpreters.inc
15	include /etc/firejail/disable-passwdmgr.inc	16	include /etc/firejail/disable-passwdmgr.inc
16	include /etc/firejail/disable-programs.inc	17	include /etc/firejail/disable-programs.inc
		18	include /etc/firejail/disable-xdg.inc
17		19
18	include /etc/firejail/whitelist-var-common.inc	20	include /etc/firejail/whitelist-var-common.inc
19		21


diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile index b915b0bce..6ace0b3ec 100644 --- a/etc/gnome-calculator.profile +++ b/etc/gnome-calculator.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
11	include /etc/firejail/disable-passwdmgr.inc	11	include /etc/firejail/disable-passwdmgr.inc
12	include /etc/firejail/disable-interpreters.inc	12	include /etc/firejail/disable-interpreters.inc
13	include /etc/firejail/disable-programs.inc	13	include /etc/firejail/disable-programs.inc
		14	include /etc/firejail/disable-xdg.inc
14		15
15	include /etc/firejail/whitelist-common.inc	16	include /etc/firejail/whitelist-common.inc
16	include /etc/firejail/whitelist-var-common.inc	17	include /etc/firejail/whitelist-var-common.inc


diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile index 59a3d59af..8422e1836 100644 --- a/etc/gnome-chess.profile +++ b/etc/gnome-chess.profile
@@ -12,6 +12,7 @@ include /etc/firejail/disable-devel.inc
12	include /etc/firejail/disable-interpreters.inc	12	include /etc/firejail/disable-interpreters.inc
13	include /etc/firejail/disable-passwdmgr.inc	13	include /etc/firejail/disable-passwdmgr.inc
14	include /etc/firejail/disable-programs.inc	14	include /etc/firejail/disable-programs.inc
		15	include /etc/firejail/disable-xdg.inc
15		16
16	include /etc/firejail/whitelist-var-common.inc	17	include /etc/firejail/whitelist-var-common.inc
17		18


diff --git a/etc/gnome-clocks.profile b/etc/gnome-clocks.profile index 103a5ff73..4251f70ed 100644 --- a/etc/gnome-clocks.profile +++ b/etc/gnome-clocks.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
11	include /etc/firejail/disable-interpreters.inc	11	include /etc/firejail/disable-interpreters.inc
12	include /etc/firejail/disable-passwdmgr.inc	12	include /etc/firejail/disable-passwdmgr.inc
13	include /etc/firejail/disable-programs.inc	13	include /etc/firejail/disable-programs.inc
		14	include /etc/firejail/disable-xdg.inc
14		15
15	include /etc/firejail/whitelist-var-common.inc	16	include /etc/firejail/whitelist-var-common.inc
16		17


diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile index d4d670998..0e6f70e04 100644 --- a/etc/gnome-contacts.profile +++ b/etc/gnome-contacts.profile
@@ -5,15 +5,16 @@ include /etc/firejail/gnome-contacts.local
5	# Persistent global definitions	5	# Persistent global definitions
6	include /etc/firejail/globals.local	6	include /etc/firejail/globals.local
7		7
		8	noblacklist ${DOCUMENTS}
8		9
9	include /etc/firejail/disable-common.inc	10	include /etc/firejail/disable-common.inc
10	include /etc/firejail/disable-devel.inc	11	include /etc/firejail/disable-devel.inc
11	include /etc/firejail/disable-interpreters.inc	12	include /etc/firejail/disable-interpreters.inc
12	include /etc/firejail/disable-passwdmgr.inc	13	include /etc/firejail/disable-passwdmgr.inc
13	include /etc/firejail/disable-programs.inc	14	include /etc/firejail/disable-programs.inc
		15	include /etc/firejail/disable-xdg.inc
14		16
15	include /etc/firejail/whitelist-common.inc	17	include /etc/firejail/whitelist-common.inc
16
17	include /etc/firejail/whitelist-var-common.inc	18	include /etc/firejail/whitelist-var-common.inc
18		19
19	caps.drop all	20	caps.drop all


diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile index 8a67d6e5c..a7ebb48c8 100644 --- a/etc/gnome-documents.profile +++ b/etc/gnome-documents.profile
@@ -8,12 +8,14 @@ include /etc/firejail/globals.local
8	# when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them	8	# when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them
9		9
10	noblacklist ${HOME}/.config/libreoffice	10	noblacklist ${HOME}/.config/libreoffice
		11	noblacklist ${DOCUMENTS}
11		12
12	include /etc/firejail/disable-common.inc	13	include /etc/firejail/disable-common.inc
13	include /etc/firejail/disable-devel.inc	14	include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-interpreters.inc	15	include /etc/firejail/disable-interpreters.inc
15	include /etc/firejail/disable-passwdmgr.inc	16	include /etc/firejail/disable-passwdmgr.inc
16	include /etc/firejail/disable-programs.inc	17	include /etc/firejail/disable-programs.inc
		18	include /etc/firejail/disable-xdg.inc
17		19
18	caps.drop all	20	caps.drop all
19	netfilter	21	netfilter


diff --git a/etc/gnome-font-viewer.profile b/etc/gnome-font-viewer.profile index ebd937f9b..71cd06643 100644 --- a/etc/gnome-font-viewer.profile +++ b/etc/gnome-font-viewer.profile
@@ -11,6 +11,7 @@ include /etc/firejail/disable-devel.inc
11	include /etc/firejail/disable-interpreters.inc	11	include /etc/firejail/disable-interpreters.inc
12	include /etc/firejail/disable-passwdmgr.inc	12	include /etc/firejail/disable-passwdmgr.inc
13	include /etc/firejail/disable-programs.inc	13	include /etc/firejail/disable-programs.inc
		14	include /etc/firejail/disable-xdg.inc
14		15
15	include /etc/firejail/whitelist-var-common.inc	16	include /etc/firejail/whitelist-var-common.inc
16		17


diff --git a/etc/gnome-logs.profile b/etc/gnome-logs.profile index ca4e5f204..f08142113 100644 --- a/etc/gnome-logs.profile +++ b/etc/gnome-logs.profile
@@ -10,6 +10,7 @@ include /etc/firejail/disable-devel.inc
10	include /etc/firejail/disable-interpreters.inc	10	include /etc/firejail/disable-interpreters.inc
11	include /etc/firejail/disable-passwdmgr.inc	11	include /etc/firejail/disable-passwdmgr.inc
12	include /etc/firejail/disable-programs.inc	12	include /etc/firejail/disable-programs.inc
		13	include /etc/firejail/disable-xdg.inc
13		14
14	whitelist /var/log/journal	15	whitelist /var/log/journal
15	include /etc/firejail/whitelist-var-common.inc	16	include /etc/firejail/whitelist-var-common.inc


diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile index b5364e48d..da73d9450 100644 --- a/etc/gnome-maps.profile +++ b/etc/gnome-maps.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-interpreters.inc	14	include /etc/firejail/disable-interpreters.inc
15	include /etc/firejail/disable-passwdmgr.inc	15	include /etc/firejail/disable-passwdmgr.inc
16	include /etc/firejail/disable-programs.inc	16	include /etc/firejail/disable-programs.inc
		17	include /etc/firejail/disable-xdg.inc
17		18
18	include /etc/firejail/whitelist-var-common.inc	19	include /etc/firejail/whitelist-var-common.inc
19		20


diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index 64482b246..28c9e6d86 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile
@@ -14,6 +14,7 @@ include /etc/firejail/disable-devel.inc
14	include /etc/firejail/disable-interpreters.inc	14	include /etc/firejail/disable-interpreters.inc
15	include /etc/firejail/disable-passwdmgr.inc	15	include /etc/firejail/disable-passwdmgr.inc
16	include /etc/firejail/disable-programs.inc	16	include /etc/firejail/disable-programs.inc
		17	include /etc/firejail/disable-xdg.inc
17		18
18	include /etc/firejail/whitelist-var-common.inc	19	include /etc/firejail/whitelist-var-common.inc
19		20