diff options
| author |  rusty-snake <print_hello_world+Public@protonmail.com> | 2019-08-22 15:16:43 +0000 |
|---|---|---|
| committer |  GitHub <noreply@github.com> | 2019-08-22 15:16:43 +0000 |
| commit | 7582aaffce1e2266e3ff163495c39d001ab0ef21 (patch) | |
| tree | a0ae36f8aee4e482af9e356efdf245bf59ac59f3 /etc | |
| parent | update syscalls.txt (diff) | |
| parent | add allow-common-devel to more profiles (diff) | |
| download | firejail-7582aaffce1e2266e3ff163495c39d001ab0ef21.tar.gz firejail-7582aaffce1e2266e3ff163495c39d001ab0ef21.tar.zst firejail-7582aaffce1e2266e3ff163495c39d001ab0ef21.zip | |
Merge pull request #2921 from rusty-snake/allow-common-devel.inc
Introduce allow-common-devel.inc
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/allow-common-devel.inc | 17 | ||||
| -rw-r--r-- | etc/android-studio.profile | 8 | ||||
| -rw-r--r-- | etc/aosp.profile | 8 | ||||
| -rw-r--r-- | etc/atom.profile | 14 | ||||
| -rw-r--r-- | etc/brackets.profile | 10 | ||||
| -rw-r--r-- | etc/code.profile | 11 | ||||
| -rw-r--r-- | etc/emacs.profile | 6 | ||||
| -rw-r--r-- | etc/geany.profile | 9 | ||||
| -rw-r--r-- | etc/gedit.profile | 9 | ||||
| -rw-r--r-- | etc/gnome-builder.profile | 10 | ||||
| -rw-r--r-- | etc/idea.sh.profile | 8 | ||||
| -rw-r--r-- | etc/pluma.profile | 6 | ||||
| -rw-r--r-- | etc/pycharm-community.profile | 6 | ||||
| -rw-r--r-- | etc/templates/profile.template | 3 | ||||
| -rw-r--r-- | etc/vim.profile | 6 | ||||
| -rw-r--r-- | etc/webstorm.profile | 7 |
16 files changed, 61 insertions, 77 deletions
diff --git a/etc/allow-common-devel.inc b/etc/allow-common-devel.inc new file mode 100644 index 000000000..1d794462c --- /dev/null +++ b/etc/allow-common-devel.inc | |||
| @@ -0,0 +1,17 @@ | |||
| 1 | # Rust | ||
| 2 | noblacklist ${HOME}/.cargo/config | ||
| 3 | noblacklist ${HOME}/.cargo/registry | ||
| 4 | |||
| 5 | # Git | ||
| 6 | noblacklist ${HOME}/.config/git | ||
| 7 | noblacklist ${HOME}/.gitconfig | ||
| 8 | noblacklist ${HOME}/.git-credentials | ||
| 9 | |||
| 10 | # Python | ||
| 11 | noblacklist ${HOME}/.python-history | ||
| 12 | noblacklist ${HOME}/.python_history | ||
| 13 | noblacklist ${HOME}/.pythonhist | ||
| 14 | |||
| 15 | # Java | ||
| 16 | noblacklist ${HOME}/.gradle | ||
| 17 | noblacklist ${HOME}/.java | ||
diff --git a/etc/android-studio.profile b/etc/android-studio.profile index ff7fb6711..2e4e564dd 100644 --- a/etc/android-studio.profile +++ b/etc/android-studio.profile | |||
| @@ -7,17 +7,15 @@ include globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.AndroidStudio* | 8 | noblacklist ${HOME}/.AndroidStudio* |
| 9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
| 10 | noblacklist ${HOME}/.config/git | ||
| 11 | noblacklist ${HOME}/.gitconfig | ||
| 12 | noblacklist ${HOME}/.git-credentials | ||
| 13 | noblacklist ${HOME}/.gradle | ||
| 14 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
| 15 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
| 16 | noblacklist ${HOME}/.java | ||
| 17 | noblacklist ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
| 18 | noblacklist ${HOME}/.ssh | 13 | noblacklist ${HOME}/.ssh |
| 19 | noblacklist ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
| 20 | 15 | ||
| 16 | # Allows files commonly used by IDEs | ||
| 17 | include allow-common-devel.inc | ||
| 18 | |||
| 21 | include disable-common.inc | 19 | include disable-common.inc |
| 22 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
| 23 | include disable-programs.inc | 21 | include disable-programs.inc |
diff --git a/etc/aosp.profile b/etc/aosp.profile index 701bf4733..a5b1ba9f1 100644 --- a/etc/aosp.profile +++ b/etc/aosp.profile | |||
| @@ -7,18 +7,16 @@ include globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.android | 8 | noblacklist ${HOME}/.android |
| 9 | noblacklist ${HOME}/.bash_history | 9 | noblacklist ${HOME}/.bash_history |
| 10 | noblacklist ${HOME}/.config/git | ||
| 11 | noblacklist ${HOME}/.gitconfig | ||
| 12 | noblacklist ${HOME}/.git-credentials | ||
| 13 | noblacklist ${HOME}/.gradle | ||
| 14 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
| 15 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
| 16 | noblacklist ${HOME}/.java | ||
| 17 | noblacklist ${HOME}/.repo_.gitconfig.json | 12 | noblacklist ${HOME}/.repo_.gitconfig.json |
| 18 | noblacklist ${HOME}/.repoconfig | 13 | noblacklist ${HOME}/.repoconfig |
| 19 | noblacklist ${HOME}/.ssh | 14 | noblacklist ${HOME}/.ssh |
| 20 | noblacklist ${HOME}/.tooling | 15 | noblacklist ${HOME}/.tooling |
| 21 | 16 | ||
| 17 | # Allows files commonly used by IDEs | ||
| 18 | include allow-common-devel.inc | ||
| 19 | |||
| 22 | include disable-common.inc | 20 | include disable-common.inc |
| 23 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
| 24 | include disable-programs.inc | 22 | include disable-programs.inc |
diff --git a/etc/atom.profile b/etc/atom.profile index 4bb37552b..b9cb49d08 100644 --- a/etc/atom.profile +++ b/etc/atom.profile | |||
| @@ -8,17 +8,9 @@ include globals.local | |||
| 8 | 8 | ||
| 9 | noblacklist ${HOME}/.atom | 9 | noblacklist ${HOME}/.atom |
| 10 | noblacklist ${HOME}/.config/Atom | 10 | noblacklist ${HOME}/.config/Atom |
| 11 | # allow rust | 11 | |
| 12 | noblacklist ${HOME}/.cargo/config | 12 | # Allows files commonly used by IDEs |
| 13 | noblacklist ${HOME}/.cargo/registry | 13 | include allow-common-devel.inc |
| 14 | # allow git config files | ||
| 15 | noblacklist ${HOME}/.config/git | ||
| 16 | noblacklist ${HOME}/.gitconfig | ||
| 17 | noblacklist ${HOME}/.git-credentials | ||
| 18 | # allow python dev files | ||
| 19 | noblacklist ${HOME}/.python-history | ||
| 20 | noblacklist ${HOME}/.python_history | ||
| 21 | noblacklist ${HOME}/.pythonhist | ||
| 22 | 14 | ||
| 23 | include disable-common.inc | 15 | include disable-common.inc |
| 24 | include disable-exec.inc | 16 | include disable-exec.inc |
diff --git a/etc/brackets.profile b/etc/brackets.profile index 3e157d841..b7d560bbc 100644 --- a/etc/brackets.profile +++ b/etc/brackets.profile | |||
| @@ -8,13 +8,9 @@ include globals.local | |||
| 8 | noblacklist ${HOME}/.config/Brackets | 8 | noblacklist ${HOME}/.config/Brackets |
| 9 | #noblacklist /opt/brackets/ | 9 | #noblacklist /opt/brackets/ |
| 10 | #noblacklist /opt/google/ | 10 | #noblacklist /opt/google/ |
| 11 | # Uncomment the next two lines if you are developing rust. | 11 | |
| 12 | # or put it in your brackets.local | 12 | # Allows files commonly used by IDEs |
| 13 | #noblacklist ${HOME}/.cargo/config | 13 | include allow-common-devel.inc |
| 14 | #noblacklist ${HOME}/.cargo/registry | ||
| 15 | noblacklist ${HOME}/.config/git | ||
| 16 | noblacklist ${HOME}/.gitconfig | ||
| 17 | noblacklist ${HOME}/.git-credentials | ||
| 18 | 14 | ||
| 19 | include disable-common.inc | 15 | include disable-common.inc |
| 20 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
diff --git a/etc/code.profile b/etc/code.profile index 76320d56b..7ac4e1619 100644 --- a/etc/code.profile +++ b/etc/code.profile | |||
| @@ -5,19 +5,14 @@ include code.local | |||
| 5 | # Persistent global definitions | 5 | # Persistent global definitions |
| 6 | include globals.local | 6 | include globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.cargo/config | ||
| 9 | noblacklist ${HOME}/.cargo/registry | ||
| 10 | noblacklist ${HOME}/.config/Code | 8 | noblacklist ${HOME}/.config/Code |
| 11 | noblacklist ${HOME}/.config/Code - OSS | 9 | noblacklist ${HOME}/.config/Code - OSS |
| 12 | noblacklist ${HOME}/.config/git | ||
| 13 | noblacklist ${HOME}/.gitconfig | ||
| 14 | noblacklist ${HOME}/.git-credentials | ||
| 15 | noblacklist ${HOME}/.python-history | ||
| 16 | noblacklist ${HOME}/.python_history | ||
| 17 | noblacklist ${HOME}/.pythonhist | ||
| 18 | noblacklist ${HOME}/.vscode | 10 | noblacklist ${HOME}/.vscode |
| 19 | noblacklist ${HOME}/.vscode-oss | 11 | noblacklist ${HOME}/.vscode-oss |
| 20 | 12 | ||
| 13 | # Allows files commonly used by IDEs | ||
| 14 | include allow-common-devel.inc | ||
| 15 | |||
| 21 | include disable-common.inc | 16 | include disable-common.inc |
| 22 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
| 23 | include disable-programs.inc | 18 | include disable-programs.inc |
diff --git a/etc/emacs.profile b/etc/emacs.profile index 95a4dd6b2..071a9f5d2 100644 --- a/etc/emacs.profile +++ b/etc/emacs.profile | |||
| @@ -11,9 +11,9 @@ noblacklist ${HOME}/.emacs.d | |||
| 11 | # if you need gpg uncomment the following line | 11 | # if you need gpg uncomment the following line |
| 12 | # or put it into your emacs.local | 12 | # or put it into your emacs.local |
| 13 | #noblacklist ${HOME}/.gnupg | 13 | #noblacklist ${HOME}/.gnupg |
| 14 | noblacklist ${HOME}/.python-history | 14 | |
| 15 | noblacklist ${HOME}/.python_history | 15 | # Allows files commonly used by IDEs |
| 16 | noblacklist ${HOME}/.pythonhist | 16 | include allow-common-devel.inc |
| 17 | 17 | ||
| 18 | include disable-common.inc | 18 | include disable-common.inc |
| 19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
diff --git a/etc/geany.profile b/etc/geany.profile index 53a718d63..31599e32a 100644 --- a/etc/geany.profile +++ b/etc/geany.profile | |||
| @@ -7,12 +7,9 @@ include geany.local | |||
| 7 | include globals.local | 7 | include globals.local |
| 8 | 8 | ||
| 9 | noblacklist ${HOME}/.config/geany | 9 | noblacklist ${HOME}/.config/geany |
| 10 | noblacklist ${HOME}/.config/git | 10 | |
| 11 | noblacklist ${HOME}/.gitconfig | 11 | # Allows files commonly used by IDEs |
| 12 | noblacklist ${HOME}/.git-credentials | 12 | include allow-common-devel.inc |
| 13 | noblacklist ${HOME}/.python-history | ||
| 14 | noblacklist ${HOME}/.python_history | ||
| 15 | noblacklist ${HOME}/.pythonhist | ||
| 16 | 13 | ||
| 17 | include disable-common.inc | 14 | include disable-common.inc |
| 18 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
diff --git a/etc/gedit.profile b/etc/gedit.profile index 763d33eb1..837396654 100644 --- a/etc/gedit.profile +++ b/etc/gedit.profile | |||
| @@ -8,12 +8,9 @@ include globals.local | |||
| 8 | 8 | ||
| 9 | noblacklist ${HOME}/.config/enchant | 9 | noblacklist ${HOME}/.config/enchant |
| 10 | noblacklist ${HOME}/.config/gedit | 10 | noblacklist ${HOME}/.config/gedit |
| 11 | noblacklist ${HOME}/.config/git | 11 | |
| 12 | noblacklist ${HOME}/.gitconfig | 12 | # Allows files commonly used by IDEs |
| 13 | noblacklist ${HOME}/.git-credentials | 13 | include allow-common-devel.inc |
| 14 | noblacklist ${HOME}/.python-history | ||
| 15 | noblacklist ${HOME}/.python_history | ||
| 16 | noblacklist ${HOME}/.pythonhist | ||
| 17 | 14 | ||
| 18 | include disable-common.inc | 15 | include disable-common.inc |
| 19 | # include disable-devel.inc | 16 | # include disable-devel.inc |
diff --git a/etc/gnome-builder.profile b/etc/gnome-builder.profile index 46281af6e..ab2ca183b 100644 --- a/etc/gnome-builder.profile +++ b/etc/gnome-builder.profile | |||
| @@ -6,14 +6,8 @@ include gnome-builder.local | |||
| 6 | # Persistent global definitions | 6 | # Persistent global definitions |
| 7 | include globals.local | 7 | include globals.local |
| 8 | 8 | ||
| 9 | noblacklist ${HOME}/.cargo/config | 9 | # Allows files commonly used by IDEs |
| 10 | noblacklist ${HOME}/.cargo/registry | 10 | include allow-common-devel.inc |
| 11 | noblacklist ${HOME}/.config/git | ||
| 12 | noblacklist ${HOME}/.gitconfig | ||
| 13 | noblacklist ${HOME}/.git-credentials | ||
| 14 | noblacklist ${HOME}/.python-history | ||
| 15 | noblacklist ${HOME}/.python_history | ||
| 16 | noblacklist ${HOME}/.pythonhist | ||
| 17 | 11 | ||
| 18 | include disable-common.inc | 12 | include disable-common.inc |
| 19 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
diff --git a/etc/idea.sh.profile b/etc/idea.sh.profile index 4f3047e08..a7d0d531f 100644 --- a/etc/idea.sh.profile +++ b/etc/idea.sh.profile | |||
| @@ -7,17 +7,15 @@ include globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.IdeaIC* | 8 | noblacklist ${HOME}/.IdeaIC* |
| 9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
| 10 | noblacklist ${HOME}/.config/git | ||
| 11 | noblacklist ${HOME}/.gitconfig | ||
| 12 | noblacklist ${HOME}/.git-credentials | ||
| 13 | noblacklist ${HOME}/.gradle | ||
| 14 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
| 15 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
| 16 | noblacklist ${HOME}/.java | ||
| 17 | noblacklist ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
| 18 | noblacklist ${HOME}/.ssh | 13 | noblacklist ${HOME}/.ssh |
| 19 | noblacklist ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
| 20 | 15 | ||
| 16 | # Allows files commonly used by IDEs | ||
| 17 | include allow-common-devel.inc | ||
| 18 | |||
| 21 | include disable-common.inc | 19 | include disable-common.inc |
| 22 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
| 23 | include disable-programs.inc | 21 | include disable-programs.inc |
diff --git a/etc/pluma.profile b/etc/pluma.profile index 4c32c2979..dadfcc44e 100644 --- a/etc/pluma.profile +++ b/etc/pluma.profile | |||
| @@ -8,9 +8,9 @@ include globals.local | |||
| 8 | 8 | ||
| 9 | noblacklist ${HOME}/.config/enchant | 9 | noblacklist ${HOME}/.config/enchant |
| 10 | noblacklist ${HOME}/.config/pluma | 10 | noblacklist ${HOME}/.config/pluma |
| 11 | noblacklist ${HOME}/.python-history | 11 | |
| 12 | noblacklist ${HOME}/.python_history | 12 | # Allows files commonly used by IDEs |
| 13 | noblacklist ${HOME}/.pythonhist | 13 | include allow-common-devel.inc |
| 14 | 14 | ||
| 15 | include disable-common.inc | 15 | include disable-common.inc |
| 16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/pycharm-community.profile b/etc/pycharm-community.profile index e1d55c89e..9ee426a95 100644 --- a/etc/pycharm-community.profile +++ b/etc/pycharm-community.profile | |||
| @@ -6,13 +6,13 @@ include pycharm-community.local | |||
| 6 | include globals.local | 6 | include globals.local |
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.PyCharmCE* | 8 | noblacklist ${HOME}/.PyCharmCE* |
| 9 | noblacklist ${HOME}/.python-history | ||
| 10 | noblacklist ${HOME}/.python_history | ||
| 11 | noblacklist ${HOME}/.pythonhist | ||
| 12 | 9 | ||
| 13 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
| 14 | include allow-java.inc | 11 | include allow-java.inc |
| 15 | 12 | ||
| 13 | # Allows files commonly used by IDEs | ||
| 14 | include allow-common-devel.inc | ||
| 15 | |||
| 16 | include disable-common.inc | 16 | include disable-common.inc |
| 17 | include disable-devel.inc | 17 | include disable-devel.inc |
| 18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 2fc5c3ef1..0d67e222f 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
| @@ -87,6 +87,9 @@ include globals.local | |||
| 87 | # Allow lua (blacklisted by disable-interpreters.inc) | 87 | # Allow lua (blacklisted by disable-interpreters.inc) |
| 88 | #include allow-lua.inc | 88 | #include allow-lua.inc |
| 89 | 89 | ||
| 90 | # Allows files commonly used by IDEs | ||
| 91 | #include allow-common-devel.inc | ||
| 92 | |||
| 90 | #include disable-common.inc | 93 | #include disable-common.inc |
| 91 | #include disable-devel.inc | 94 | #include disable-devel.inc |
| 92 | #include disable-exec.inc | 95 | #include disable-exec.inc |
diff --git a/etc/vim.profile b/etc/vim.profile index 957dc91aa..d27a9a633 100644 --- a/etc/vim.profile +++ b/etc/vim.profile | |||
| @@ -6,13 +6,13 @@ include vim.local | |||
| 6 | # Persistent global definitions | 6 | # Persistent global definitions |
| 7 | include globals.local | 7 | include globals.local |
| 8 | 8 | ||
| 9 | noblacklist ${HOME}/.python-history | ||
| 10 | noblacklist ${HOME}/.python_history | ||
| 11 | noblacklist ${HOME}/.pythonhist | ||
| 12 | noblacklist ${HOME}/.vim | 9 | noblacklist ${HOME}/.vim |
| 13 | noblacklist ${HOME}/.viminfo | 10 | noblacklist ${HOME}/.viminfo |
| 14 | noblacklist ${HOME}/.vimrc | 11 | noblacklist ${HOME}/.vimrc |
| 15 | 12 | ||
| 13 | # Allows files commonly used by IDEs | ||
| 14 | include allow-common-devel.inc | ||
| 15 | |||
| 16 | include disable-common.inc | 16 | include disable-common.inc |
| 17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
| 18 | include disable-programs.inc | 18 | include disable-programs.inc |
diff --git a/etc/webstorm.profile b/etc/webstorm.profile index e820bae00..fc4e8e571 100644 --- a/etc/webstorm.profile +++ b/etc/webstorm.profile | |||
| @@ -7,14 +7,13 @@ include globals.local | |||
| 7 | 7 | ||
| 8 | noblacklist ${HOME}/.WebStorm* | 8 | noblacklist ${HOME}/.WebStorm* |
| 9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
| 10 | noblacklist ${HOME}/.config/git | ||
| 11 | noblacklist ${HOME}/.gitconfig | ||
| 12 | noblacklist ${HOME}/.git-credentials | ||
| 13 | noblacklist ${HOME}/.gradle | ||
| 14 | noblacklist ${HOME}/.local/share/JetBrains | 10 | noblacklist ${HOME}/.local/share/JetBrains |
| 15 | noblacklist ${HOME}/.ssh | 11 | noblacklist ${HOME}/.ssh |
| 16 | noblacklist ${HOME}/.tooling | 12 | noblacklist ${HOME}/.tooling |
| 17 | 13 | ||
| 14 | # Allows files commonly used by IDEs | ||
| 15 | include allow-common-devel.inc | ||
| 16 | |||
| 18 | noblacklist ${PATH}/node | 17 | noblacklist ${PATH}/node |
| 19 | noblacklist ${HOME}/.nvm | 18 | noblacklist ${HOME}/.nvm |
| 20 | 19 | ||