diff options
-rw-r--r-- | README | 10 | ||||
-rw-r--r-- | etc/profile-a-l/drill.profile | 56 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
3 files changed, 67 insertions, 0 deletions
@@ -252,12 +252,14 @@ Danil Semelenov (https://github.com/sgtpep) | |||
252 | Dara Adib (https://github.com/daradib) | 252 | Dara Adib (https://github.com/daradib) |
253 | - ssh profile fix | 253 | - ssh profile fix |
254 | - evince profile fix | 254 | - evince profile fix |
255 | - linphone profile fix | ||
255 | Dario Pellegrini (https://github.com/dpellegr) | 256 | Dario Pellegrini (https://github.com/dpellegr) |
256 | - allowing links in netns | 257 | - allowing links in netns |
257 | David Thole (https://github.com/TheDarkTrumpet) | 258 | David Thole (https://github.com/TheDarkTrumpet) |
258 | - added profile for teams-for-linux | 259 | - added profile for teams-for-linux |
259 | Davide Beatrici (https://github.com/davidebeatrici) | 260 | Davide Beatrici (https://github.com/davidebeatrici) |
260 | - steam.profile: correctly blacklist unneeded directories in user's home | 261 | - steam.profile: correctly blacklist unneeded directories in user's home |
262 | - minetest fixes | ||
261 | David Hyrule (https://github.com/Svaag) | 263 | David Hyrule (https://github.com/Svaag) |
262 | - remove nou2f in ssh profile | 264 | - remove nou2f in ssh profile |
263 | Deelvesh Bunjun (https://github.com/DeelveshBunjun) | 265 | Deelvesh Bunjun (https://github.com/DeelveshBunjun) |
@@ -515,6 +517,8 @@ KellerFuchs (https://github.com/KellerFuchs) | |||
515 | - added support for .local profile files in /etc/firejail | 517 | - added support for .local profile files in /etc/firejail |
516 | - fixed Cryptocat profile | 518 | - fixed Cryptocat profile |
517 | - make ~/.local read-only | 519 | - make ~/.local read-only |
520 | Kelvin (https://github.com/kmk3) | ||
521 | - disable ldns utilities | ||
518 | Kishore96in (https://github.com/Kishore96in) | 522 | Kishore96in (https://github.com/Kishore96in) |
519 | - added falkon profile | 523 | - added falkon profile |
520 | - kxmlgui fixes | 524 | - kxmlgui fixes |
@@ -546,6 +550,7 @@ Liorst4 (https://github.com/Liorst4) | |||
546 | - Preserve CFLAGS given to configure in common.mk.in | 550 | - Preserve CFLAGS given to configure in common.mk.in |
547 | - fix emacs config to load as read-write | 551 | - fix emacs config to load as read-write |
548 | - disable browser drm by default | 552 | - disable browser drm by default |
553 | - minetest fixes | ||
549 | Lockdis (https://github.com/Lockdis) | 554 | Lockdis (https://github.com/Lockdis) |
550 | - Added crow, nyx, and google-earth-pro profiles | 555 | - Added crow, nyx, and google-earth-pro profiles |
551 | Lukáš Krejčí (https://github.com/lskrejci) | 556 | Lukáš Krejčí (https://github.com/lskrejci) |
@@ -604,6 +609,7 @@ Neo00001 (https://github.com/Neo00001) | |||
604 | - add vmware profile | 609 | - add vmware profile |
605 | - update virtualbox profile | 610 | - update virtualbox profile |
606 | - update telegram profile | 611 | - update telegram profile |
612 | - add spectacle profile | ||
607 | Nick Fox (https://github.com/njfox) | 613 | Nick Fox (https://github.com/njfox) |
608 | - add a profile alias for code-oss | 614 | - add a profile alias for code-oss |
609 | - add code-oss config directory | 615 | - add code-oss config directory |
@@ -701,6 +707,8 @@ Rahiel Kasim (https://github.com/rahiel) | |||
701 | - added telegram-desktop profile | 707 | - added telegram-desktop profile |
702 | Rahul Golam (https://github.com/technoLord) | 708 | Rahul Golam (https://github.com/technoLord) |
703 | - strings profile | 709 | - strings profile |
710 | RandomVoid (https://github.com/RandomVoid) | ||
711 | - fix building C# projects in Godot | ||
704 | Raphaël Droz (https://github.com/drzraf) | 712 | Raphaël Droz (https://github.com/drzraf) |
705 | - zoom profile fixes | 713 | - zoom profile fixes |
706 | Reiner Herrmann (https://github.com/reinerh) | 714 | Reiner Herrmann (https://github.com/reinerh) |
@@ -953,6 +961,8 @@ Vladimir Schowalter (https://github.com/VladimirSchowalter20) | |||
953 | read-only kde5 services directory | 961 | read-only kde5 services directory |
954 | xee5ch (https://github.com/xee5ch) | 962 | xee5ch (https://github.com/xee5ch) |
955 | - skypeforlinux profile | 963 | - skypeforlinux profile |
964 | Ypnose (https://github.com/Ypnose) | ||
965 | - disable-shell.inc: add mksh shell | ||
956 | yumkam (https://github.com/yumkam) | 966 | yumkam (https://github.com/yumkam) |
957 | - add compile-time option to restrict --net= to root only | 967 | - add compile-time option to restrict --net= to root only |
958 | - man page fixes | 968 | - man page fixes |
diff --git a/etc/profile-a-l/drill.profile b/etc/profile-a-l/drill.profile new file mode 100644 index 000000000..8c59b0cb6 --- /dev/null +++ b/etc/profile-a-l/drill.profile | |||
@@ -0,0 +1,56 @@ | |||
1 | # Firejail profile for drill | ||
2 | # Description: DNS lookup utility | ||
3 | # This file is overwritten after every install/update | ||
4 | quiet | ||
5 | # Persistent local customizations | ||
6 | include drill.local | ||
7 | # Persistent global definitions | ||
8 | include globals.local | ||
9 | |||
10 | noblacklist ${PATH}/drill | ||
11 | |||
12 | blacklist /tmp/.X11-unix | ||
13 | blacklist ${RUNUSER}/wayland-* | ||
14 | blacklist ${RUNUSER} | ||
15 | |||
16 | include disable-common.inc | ||
17 | # include disable-devel.inc | ||
18 | include disable-exec.inc | ||
19 | # include disable-interpreters.inc | ||
20 | include disable-passwdmgr.inc | ||
21 | include disable-programs.inc | ||
22 | include disable-xdg.inc | ||
23 | |||
24 | include whitelist-common.inc | ||
25 | include whitelist-usr-share-common.inc | ||
26 | include whitelist-var-common.inc | ||
27 | |||
28 | apparmor | ||
29 | caps.drop all | ||
30 | ipc-namespace | ||
31 | machine-id | ||
32 | netfilter | ||
33 | no3d | ||
34 | nodvd | ||
35 | nogroups | ||
36 | nonewprivs | ||
37 | noroot | ||
38 | nosound | ||
39 | notv | ||
40 | nou2f | ||
41 | novideo | ||
42 | protocol unix,inet,inet6 | ||
43 | seccomp | ||
44 | shell none | ||
45 | tracelog | ||
46 | |||
47 | disable-mnt | ||
48 | private | ||
49 | private-bin bash,drill,sh | ||
50 | private-dev | ||
51 | private-tmp | ||
52 | |||
53 | dbus-user none | ||
54 | dbus-system none | ||
55 | |||
56 | memory-deny-write-execute | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 000ed5258..fe6990229 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -180,6 +180,7 @@ dooble-qt4 | |||
180 | dosbox | 180 | dosbox |
181 | dragon | 181 | dragon |
182 | drawio | 182 | drawio |
183 | drill | ||
183 | dropbox | 184 | dropbox |
184 | d-feet | 185 | d-feet |
185 | easystroke | 186 | easystroke |