6 files changed, 52 insertions, 5 deletions
diff --git a/README.md b/README.md
index c65e7f1fe..b1e3cbbca 100644
--- a/README.md
+++ b/README.md
@@ -221,7 +221,7 @@ calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd, google-e
 imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron,
 ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart,
 conky, arch-audit, ffmpeg, bluefish, cliqz, cinelerra, openshot-qt, pinta, uefitool,
-aosp, pdfmod, gnome-ring, signal-desktop, xcalc, zaproxy, kopete, kget, nheko
+aosp, pdfmod, gnome-ring, signal-desktop, xcalc, zaproxy, kopete, kget, nheko, Enpass
 Upstreamed many profiles from the following sources: https://github.com/chiraag-nataraj/firejail-profiles,
 https://github.com/nyancat18/fe, and https://aur.archlinux.org/packages/firejail-profiles.
diff --git a/RELNOTES b/RELNOTES
index e5adc0fa5..2f9206518 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -30,15 +30,15 @@ firejail (0.9.51) baseline; urgency=low
     https://aur.archlinux.org/packages/firejail-profiles.
  * new profiles: terasology, surf, rocketchat, clamscan, clamdscan,
      clamdtop, freshclam, xmr-stak-cpu, amule, ardour4, ardour5,
-      brackets, calligra, calligraauthor, calligraconverter, calligraflow, 
+      brackets, calligra, calligraauthor, calligraconverter, calligraflow,
      calligraplan, calligraplanwork, calligrasheets, calligrastage,
      calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd,
      google-earth,imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion,
-      mpd, natron, Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en, 
+      mpd, natron, Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en,
      Viber, x-terminal-emulator, zart, conky, arch-audit, ffmpeg, bluefish,
      cinelerra, openshot-qt, pinta, uefitool, aosp, pdfmod, gnome-ring,
-      xcalc, zaproxy, kopete, cliqz, signal-desktop, kget, nheko
+      xcalc, zaproxy, kopete, cliqz, signal-desktop, kget, nheko, Enpass
-   
 -- netblue30 <netblue30@yahoo.com>  Thu, 14 Sep 2017 20:00:00 -0500
 firejail (0.9.50~rc1) baseline; urgency=low
diff --git a/etc/disable-passwdmgr.inc b/etc/disable-passwdmgr.inc
index 9507d3feb..8ed87eefb 100644
--- a/etc/disable-passwdmgr.inc
+++ b/etc/disable-passwdmgr.inc
@@ -6,6 +6,7 @@ blacklist ${HOME}/.config/KeePass
 blacklist ${HOME}/.config/keepass
 blacklist ${HOME}/.config/keepassx
 blacklist ${HOME}/.config/keepassxc
+blacklist ${HOME}/.config/Sinew Software Systems
 blacklist ${HOME}/.keepass
 blacklist ${HOME}/.keepassx
 blacklist ${HOME}/.keepassxc
diff --git a/etc/enpass.profile b/etc/enpass.profile
new file mode 100644
index 000000000..4c19d5825
--- /dev/null
+++ b/etc/enpass.profile
@@ -0,0 +1,39 @@
+# This file is overwritten after every install/update.
+# Persistent local customisations
+include /etc/firejail/enpass.local
+# Persistent global definitions
+include /etc/firejail/globals.local
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+include /etc/firejail/disable-programs.inc
+noblacklist ${HOME}/.config/Sinew Software Systems
+include /etc/firejail/whitelist-var-common.inc
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+private-bin sh,readlink,dirname
+private-dev
+private-opt Enpass
+private-tmp
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
diff --git a/etc/runenpass.sh.profile b/etc/runenpass.sh.profile
new file mode 100644
index 000000000..05ffbfe20
--- /dev/null
+++ b/etc/runenpass.sh.profile
@@ -0,0 +1,6 @@
+# Firejail alias profile for enpass
+# This file is overwritten after every install/update
+# Redirect
+include /etc/firejail/enpass.profile
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 56ff9a15b..28d3aab67 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -284,6 +284,7 @@ riot-web
 ristretto
 rocketchat
 rtorrent
+runenpass.sh
 scribus
 sdat2img
 seamonkey

diff --git a/README.md b/README.md index c65e7f1fe..b1e3cbbca 100644 --- a/README.md +++ b/README.md
@@ -221,7 +221,7 @@ calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd, google-e
221	imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron,	221	imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron,
222	ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart,	222	ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart,
223	conky, arch-audit, ffmpeg, bluefish, cliqz, cinelerra, openshot-qt, pinta, uefitool,	223	conky, arch-audit, ffmpeg, bluefish, cliqz, cinelerra, openshot-qt, pinta, uefitool,
224	aosp, pdfmod, gnome-ring, signal-desktop, xcalc, zaproxy, kopete, kget, nheko	224	aosp, pdfmod, gnome-ring, signal-desktop, xcalc, zaproxy, kopete, kget, nheko, Enpass
225		225
226	Upstreamed many profiles from the following sources: https://github.com/chiraag-nataraj/firejail-profiles,	226	Upstreamed many profiles from the following sources: https://github.com/chiraag-nataraj/firejail-profiles,
227	https://github.com/nyancat18/fe, and https://aur.archlinux.org/packages/firejail-profiles.	227	https://github.com/nyancat18/fe, and https://aur.archlinux.org/packages/firejail-profiles.


diff --git a/RELNOTES b/RELNOTES index e5adc0fa5..2f9206518 100644 --- a/RELNOTES +++ b/RELNOTES
@@ -30,15 +30,15 @@ firejail (0.9.51) baseline; urgency=low
30	https://aur.archlinux.org/packages/firejail-profiles.	30	https://aur.archlinux.org/packages/firejail-profiles.
31	* new profiles: terasology, surf, rocketchat, clamscan, clamdscan,	31	* new profiles: terasology, surf, rocketchat, clamscan, clamdscan,
32	clamdtop, freshclam, xmr-stak-cpu, amule, ardour4, ardour5,	32	clamdtop, freshclam, xmr-stak-cpu, amule, ardour4, ardour5,
33	brackets, calligra, calligraauthor, calligraconverter, calligraflow,	33	brackets, calligra, calligraauthor, calligraconverter, calligraflow,
34	calligraplan, calligraplanwork, calligrasheets, calligrastage,	34	calligraplan, calligraplanwork, calligrasheets, calligrastage,
35	calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd,	35	calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd,
36	google-earth,imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion,	36	google-earth,imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion,
37	mpd, natron, Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en,	37	mpd, natron, Natron, ricochet, shotcut, teamspeak3, tor, tor-browser-en,
38	Viber, x-terminal-emulator, zart, conky, arch-audit, ffmpeg, bluefish,	38	Viber, x-terminal-emulator, zart, conky, arch-audit, ffmpeg, bluefish,
39	cinelerra, openshot-qt, pinta, uefitool, aosp, pdfmod, gnome-ring,	39	cinelerra, openshot-qt, pinta, uefitool, aosp, pdfmod, gnome-ring,
40	xcalc, zaproxy, kopete, cliqz, signal-desktop, kget, nheko	40	xcalc, zaproxy, kopete, cliqz, signal-desktop, kget, nheko, Enpass
41		41
42	-- netblue30 <netblue30@yahoo.com> Thu, 14 Sep 2017 20:00:00 -0500	42	-- netblue30 <netblue30@yahoo.com> Thu, 14 Sep 2017 20:00:00 -0500
43		43
44	firejail (0.9.50~rc1) baseline; urgency=low	44	firejail (0.9.50~rc1) baseline; urgency=low


diff --git a/etc/disable-passwdmgr.inc b/etc/disable-passwdmgr.inc index 9507d3feb..8ed87eefb 100644 --- a/etc/disable-passwdmgr.inc +++ b/etc/disable-passwdmgr.inc
@@ -6,6 +6,7 @@ blacklist ${HOME}/.config/KeePass
6	blacklist ${HOME}/.config/keepass	6	blacklist ${HOME}/.config/keepass
7	blacklist ${HOME}/.config/keepassx	7	blacklist ${HOME}/.config/keepassx
8	blacklist ${HOME}/.config/keepassxc	8	blacklist ${HOME}/.config/keepassxc
		9	blacklist ${HOME}/.config/Sinew Software Systems
9	blacklist ${HOME}/.keepass	10	blacklist ${HOME}/.keepass
10	blacklist ${HOME}/.keepassx	11	blacklist ${HOME}/.keepassx
11	blacklist ${HOME}/.keepassxc	12	blacklist ${HOME}/.keepassxc


diff --git a/etc/enpass.profile b/etc/enpass.profile new file mode 100644 index 000000000..4c19d5825 --- /dev/null +++ b/etc/enpass.profile
@@ -0,0 +1,39 @@
		1	# This file is overwritten after every install/update.
		2	# Persistent local customisations
		3	include /etc/firejail/enpass.local
		4	# Persistent global definitions
		5	include /etc/firejail/globals.local
		6
		7	include /etc/firejail/disable-common.inc
		8	include /etc/firejail/disable-devel.inc
		9	include /etc/firejail/disable-passwdmgr.inc
		10	include /etc/firejail/disable-programs.inc
		11
		12	noblacklist ${HOME}/.config/Sinew Software Systems
		13
		14	include /etc/firejail/whitelist-var-common.inc
		15
		16	caps.drop all
		17	machine-id
		18	net none
		19	no3d
		20	nodvd
		21	nogroups
		22	nonewprivs
		23	noroot
		24	nosound
		25	notv
		26	novideo
		27	protocol unix
		28	seccomp
		29	shell none
		30	tracelog
		31
		32	private-bin sh,readlink,dirname
		33	private-dev
		34	private-opt Enpass
		35	private-tmp
		36
		37	memory-deny-write-execute
		38	noexec ${HOME}
		39	noexec /tmp


diff --git a/etc/runenpass.sh.profile b/etc/runenpass.sh.profile new file mode 100644 index 000000000..05ffbfe20 --- /dev/null +++ b/etc/runenpass.sh.profile
@@ -0,0 +1,6 @@
		1	# Firejail alias profile for enpass
		2	# This file is overwritten after every install/update
		3
		4
		5	# Redirect
		6	include /etc/firejail/enpass.profile


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 56ff9a15b..28d3aab67 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -284,6 +284,7 @@ riot-web
284	ristretto	284	ristretto
285	rocketchat	285	rocketchat
286	rtorrent	286	rtorrent
		287	runenpass.sh
287	scribus	288	scribus
288	sdat2img	289	sdat2img
289	seamonkey	290	seamonkey