diff options
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/QOwnNotes.profile | 56 | ||||
-rw-r--r-- | etc/disable-programs.inc | 3 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 |
5 files changed, 62 insertions, 3 deletions
@@ -137,5 +137,4 @@ QMediathekView, aria2c, Authenticator, checkbashisms, devilspie, devilspie2, eas | |||
137 | bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat, lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep, | 137 | bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat, lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep, |
138 | lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat, xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore, | 138 | lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat, xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore, |
139 | lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh, nirtoshare-send, nitroshare-ui, mencoder, gnome-pie, | 139 | lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh, nirtoshare-send, nitroshare-ui, mencoder, gnome-pie, |
140 | masterpdfeditor | 140 | masterpdfeditor, QOwnNotes |
141 | |||
@@ -9,7 +9,7 @@ firejail (0.9.56.1) baseline; urgency=low | |||
9 | * new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore | 9 | * new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore |
10 | * new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh | 10 | * new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh |
11 | * new profiles: nirtoshare-send, nitroshare-ui, mencoder, gnome-pie | 11 | * new profiles: nirtoshare-send, nitroshare-ui, mencoder, gnome-pie |
12 | * new profiles: masterpdfeditor | 12 | * new profiles: masterpdfeditor, QOwnNotes |
13 | -- netblue30 <netblue30@yahoo.com> Thu, 11 Oct 2018 08:00:00 -0500 | 13 | -- netblue30 <netblue30@yahoo.com> Thu, 11 Oct 2018 08:00:00 -0500 |
14 | 14 | ||
15 | firejail (0.9.56) baseline; urgency=low | 15 | firejail (0.9.56) baseline; urgency=low |
diff --git a/etc/QOwnNotes.profile b/etc/QOwnNotes.profile new file mode 100644 index 000000000..1135b850b --- /dev/null +++ b/etc/QOwnNotes.profile | |||
@@ -0,0 +1,56 @@ | |||
1 | # Firejail profile for QOwnNotes | ||
2 | # Description: Plain-text file notepad with markdown support and ownCloud integration | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include QOwnNotes.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${DOCUMENTS} | ||
10 | noblacklist ${HOME}/Nextcloud/Notes | ||
11 | noblacklist ${HOME}/.config/PBE | ||
12 | noblacklist ${HOME}/.local/share/PBE | ||
13 | |||
14 | mkdir ${DOCUMENTS} | ||
15 | mkdir ${HOME}/Nextcloud/Notes | ||
16 | mkdir ${HOME}.config/PBE | ||
17 | mkdir ${HOME}/.local/share/PBE | ||
18 | whitelist ${DOCUMENTS} | ||
19 | whitelist ${HOME}/Nextcloud/Notes | ||
20 | whitelist ${HOME}/.config/PBE | ||
21 | whitelist ${HOME}/.local/share/PBE | ||
22 | include whitelist-common.inc | ||
23 | include whitelist-var-common.inc | ||
24 | |||
25 | include disable-common.inc | ||
26 | include disable-devel.inc | ||
27 | include disable-interpreters.inc | ||
28 | include disable-passwdmgr.inc | ||
29 | include disable-programs.inc | ||
30 | include disable-xdg.inc | ||
31 | |||
32 | caps.drop all | ||
33 | machine-id | ||
34 | netfilter | ||
35 | no3d | ||
36 | nodvd | ||
37 | nogroups | ||
38 | nonewprivs | ||
39 | noroot | ||
40 | nosound | ||
41 | notv | ||
42 | nou2f | ||
43 | novideo | ||
44 | protocol unix,inet,inet6,netlink | ||
45 | seccomp | ||
46 | shell none | ||
47 | tracelog | ||
48 | |||
49 | disable-mnt | ||
50 | private-bin QOwnNotes,gio | ||
51 | private-dev | ||
52 | private-etc fonts,ld.so.cache,pulse,resolv.conf,hosts,nsswitch.conf,host.conf,ca-certificates,ssl,pki,crypto-policies | ||
53 | private-tmp | ||
54 | |||
55 | noexec ${HOME} | ||
56 | noexec /tmp | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 46e60b9f4..edf3c7be5 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -3,6 +3,7 @@ | |||
3 | include disable-programs.local | 3 | include disable-programs.local |
4 | 4 | ||
5 | blacklist ${HOME}/Monero/wallets | 5 | blacklist ${HOME}/Monero/wallets |
6 | blacklist ${HOME}/Nextcloud/Notes | ||
6 | blacklist ${HOME}/Standard Notes Backups | 7 | blacklist ${HOME}/Standard Notes Backups |
7 | blacklist ${HOME}/snap | 8 | blacklist ${HOME}/snap |
8 | blacklist ${HOME}/.*coin | 9 | blacklist ${HOME}/.*coin |
@@ -75,6 +76,7 @@ blacklist ${HOME}/.config/MuseScore | |||
75 | blacklist ${HOME}/.config/MusicBrainz | 76 | blacklist ${HOME}/.config/MusicBrainz |
76 | blacklist ${HOME}/.config/Nathan Osman | 77 | blacklist ${HOME}/.config/Nathan Osman |
77 | blacklist ${HOME}/.config/Nylas Mail | 78 | blacklist ${HOME}/.config/Nylas Mail |
79 | blacklist ${HOME}/.config/PBE | ||
78 | blacklist ${HOME}/.config/Qlipper | 80 | blacklist ${HOME}/.config/Qlipper |
79 | blacklist ${HOME}/.config/QMediathekView | 81 | blacklist ${HOME}/.config/QMediathekView |
80 | blacklist ${HOME}/.config/QuiteRss | 82 | blacklist ${HOME}/.config/QuiteRss |
@@ -373,6 +375,7 @@ blacklist ${HOME}/.local/share/3909/PapersPlease | |||
373 | blacklist ${HOME}/.local/share/Empathy | 375 | blacklist ${HOME}/.local/share/Empathy |
374 | blacklist ${HOME}/.local/share/JetBrains | 376 | blacklist ${HOME}/.local/share/JetBrains |
375 | blacklist ${HOME}/.local/share/Mumble | 377 | blacklist ${HOME}/.local/share/Mumble |
378 | blacklist ${HOME}/.local/share/PBE | ||
376 | blacklist ${HOME}/.local/share/QMediathekView | 379 | blacklist ${HOME}/.local/share/QMediathekView |
377 | blacklist ${HOME}/.local/share/QuiteRss | 380 | blacklist ${HOME}/.local/share/QuiteRss |
378 | blacklist ${HOME}/.local/share/Ricochet | 381 | blacklist ${HOME}/.local/share/Ricochet |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index dba078ca2..62dc8ae10 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -15,6 +15,7 @@ JDownloader | |||
15 | Mathematica | 15 | Mathematica |
16 | Natron | 16 | Natron |
17 | QMediathekView | 17 | QMediathekView |
18 | QOwnNotes | ||
18 | Telegram | 19 | Telegram |
19 | Viber | 20 | Viber |
20 | VirtualBox | 21 | VirtualBox |