diff options
author | netblue30 <netblue30@yahoo.com> | 2017-10-29 16:11:13 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-10-29 16:11:13 -0400 |
commit | 8da434d073a90ff1a768976f6dfdbb9350aad9aa (patch) | |
tree | 8ece1cb49a93eb18fbee3e9cc3efc10478fc3fbb /etc | |
parent | --timeout testing and fixes (#1614) (diff) | |
parent | add kopete profile (diff) | |
download | firejail-8da434d073a90ff1a768976f6dfdbb9350aad9aa.tar.gz firejail-8da434d073a90ff1a768976f6dfdbb9350aad9aa.tar.zst firejail-8da434d073a90ff1a768976f6dfdbb9350aad9aa.zip |
Merge branch 'master' of http://github.com/netblue30/firejail
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-programs.inc | 20 | ||||
-rw-r--r-- | etc/kopete.profile | 34 |
2 files changed, 46 insertions, 8 deletions
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 0e5400dd6..9bfef1f5e 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -233,6 +233,7 @@ blacklist ${HOME}/.kde/share/apps/kcookiejar | |||
233 | blacklist ${HOME}/.kde/share/apps/khtml | 233 | blacklist ${HOME}/.kde/share/apps/khtml |
234 | blacklist ${HOME}/.kde/share/apps/konqsidebartng | 234 | blacklist ${HOME}/.kde/share/apps/konqsidebartng |
235 | blacklist ${HOME}/.kde/share/apps/konqueror | 235 | blacklist ${HOME}/.kde/share/apps/konqueror |
236 | blacklist ${HOME}/.kde/share/apps/kopete | ||
236 | blacklist ${HOME}/.kde/share/apps/okular | 237 | blacklist ${HOME}/.kde/share/apps/okular |
237 | blacklist ${HOME}/.kde/share/config/baloofilerc | 238 | blacklist ${HOME}/.kde/share/config/baloofilerc |
238 | blacklist ${HOME}/.kde/share/config/baloorc | 239 | blacklist ${HOME}/.kde/share/config/baloorc |
@@ -244,28 +245,31 @@ blacklist ${HOME}/.kde/share/config/khtmlrc | |||
244 | blacklist ${HOME}/.kde/share/config/konq_history | 245 | blacklist ${HOME}/.kde/share/config/konq_history |
245 | blacklist ${HOME}/.kde/share/config/konqsidebartngrc | 246 | blacklist ${HOME}/.kde/share/config/konqsidebartngrc |
246 | blacklist ${HOME}/.kde/share/config/konquerorrc | 247 | blacklist ${HOME}/.kde/share/config/konquerorrc |
248 | blacklist ${HOME}/.kde/share/config/kopeterc | ||
247 | blacklist ${HOME}/.kde/share/config/ktorrentrc | 249 | blacklist ${HOME}/.kde/share/config/ktorrentrc |
248 | blacklist ${HOME}/.kde/share/config/okularpartrc | 250 | blacklist ${HOME}/.kde/share/config/okularpartrc |
249 | blacklist ${HOME}/.kde/share/config/okularrc | 251 | blacklist ${HOME}/.kde/share/config/okularrc |
250 | blacklist ${HOME}/.kde4/share/config/baloorc | 252 | blacklist ${HOME}/.kde4/share/apps/gwenview |
251 | blacklist ${HOME}/.kde4/share/config/baloofilerc | 253 | blacklist ${HOME}/.kde4/share/apps/kcookiejar |
252 | blacklist ${HOME}/.kde4/share/apps/okular | 254 | blacklist ${HOME}/.kde4/share/apps/khtml |
253 | blacklist ${HOME}/.kde4/share/apps/konqueror | 255 | blacklist ${HOME}/.kde4/share/apps/konqueror |
254 | blacklist ${HOME}/.kde4/share/apps/konqsidebartng | 256 | blacklist ${HOME}/.kde4/share/apps/konqsidebartng |
255 | blacklist ${HOME}/.kde4/share/apps/khtml | 257 | blacklist ${HOME}/.kde4/share/apps/kopete |
256 | blacklist ${HOME}/.kde4/share/apps/kcookiejar | 258 | blacklist ${HOME}/.kde4/share/apps/okular |
259 | blacklist ${HOME}/.kde4/share/config/baloorc | ||
260 | blacklist ${HOME}/.kde4/share/config/baloofilerc | ||
257 | blacklist ${HOME}/.kde4/share/config/digikam | 261 | blacklist ${HOME}/.kde4/share/config/digikam |
258 | blacklist ${HOME}/.kde4/share/apps/gwenview | 262 | blacklist ${HOME}/.kde4/share/config/gwenviewrc |
263 | blacklist ${HOME}/.kde4/share/config/k3brc | ||
259 | blacklist ${HOME}/.kde4/share/config/kcookiejarrc | 264 | blacklist ${HOME}/.kde4/share/config/kcookiejarrc |
260 | blacklist ${HOME}/.kde4/share/config/khtmlrc | 265 | blacklist ${HOME}/.kde4/share/config/khtmlrc |
261 | blacklist ${HOME}/.kde4/share/config/konq_history | 266 | blacklist ${HOME}/.kde4/share/config/konq_history |
262 | blacklist ${HOME}/.kde4/share/config/konqsidebartngrc | 267 | blacklist ${HOME}/.kde4/share/config/konqsidebartngrc |
263 | blacklist ${HOME}/.kde4/share/config/konquerorrc | 268 | blacklist ${HOME}/.kde4/share/config/konquerorrc |
269 | blacklist ${HOME}/.kde4/share/config/kopeterc | ||
264 | blacklist ${HOME}/.kde4/share/config/okularpartrc | 270 | blacklist ${HOME}/.kde4/share/config/okularpartrc |
265 | blacklist ${HOME}/.kde4/share/config/okularrc | 271 | blacklist ${HOME}/.kde4/share/config/okularrc |
266 | blacklist ${HOME}/.kde4/share/config/ktorrentrc | 272 | blacklist ${HOME}/.kde4/share/config/ktorrentrc |
267 | blacklist ${HOME}/.kde4/share/config/gwenviewrc | ||
268 | blacklist ${HOME}/.kde4/share/config/k3brc | ||
269 | blacklist ${HOME}/.killingfloor | 273 | blacklist ${HOME}/.killingfloor |
270 | blacklist ${HOME}/.kino-history | 274 | blacklist ${HOME}/.kino-history |
271 | blacklist ${HOME}/.kinorc | 275 | blacklist ${HOME}/.kinorc |
diff --git a/etc/kopete.profile b/etc/kopete.profile new file mode 100644 index 000000000..3e943c162 --- /dev/null +++ b/etc/kopete.profile | |||
@@ -0,0 +1,34 @@ | |||
1 | # Firejail profile for kopete | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/kopete.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | noblacklist ~/.kde/share/apps/kopete | ||
9 | noblacklist ~/.kde/share/config/kopeterc | ||
10 | noblacklist ~/.kde4/share/apps/kopete | ||
11 | noblacklist ~/.kde4/share/config/kopeterc | ||
12 | |||
13 | include /etc/firejail/disable-common.inc | ||
14 | include /etc/firejail/disable-devel.inc | ||
15 | include /etc/firejail/disable-passwdmgr.inc | ||
16 | include /etc/firejail/disable-programs.inc | ||
17 | |||
18 | include /etc/firejail/whitelist-var-common.inc | ||
19 | |||
20 | caps.drop all | ||
21 | netfilter | ||
22 | nodvd | ||
23 | nogroups | ||
24 | nonewprivs | ||
25 | noroot | ||
26 | notv | ||
27 | protocol unix,inet,inet6,netlink | ||
28 | seccomp | ||
29 | |||
30 | private-dev | ||
31 | private-tmp | ||
32 | |||
33 | noexec ${HOME} | ||
34 | noexec /tmp | ||