diff options
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/meld.profile | 30 |
3 files changed, 23 insertions, 12 deletions
@@ -102,4 +102,5 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
102 | ## Current development version: 0.9.59 | 102 | ## Current development version: 0.9.59 |
103 | 103 | ||
104 | ## New profiles: | 104 | ## New profiles: |
105 | crow, nyx, klavaro, mypaint, celluoid, nano, transgui, sysprof, simplescreenrecorder, geekbench, xfce4-mixer, pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring, regextester, hardinfo, gnome-system-log, gnome-nettool, netactview, redshift, devhelp, assogiate, subdownloader, font-manager, exfalso, gconf-editor, dconf-editor, mpdris2, sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings, code-oss, pragha, Maelstrom, ostrichriders, bzflag, freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles, teeworlds, torcs, tremulous, warsow, lugaru, manaplus, pioneer, scorched3d, widelands, freemind, kid3, kid3-cli, kid3-qt | 105 | crow, nyx, klavaro, mypaint, celluoid, nano, transgui, sysprof, simplescreenrecorder, geekbench, xfce4-mixer, pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring, regextester, hardinfo, gnome-system-log, gnome-nettool, netactview, redshift, devhelp, assogiate, subdownloader, font-manager, exfalso, gconf-editor, dconf-editor, mpdris2, sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings, code-oss, pragha, Maelstrom, ostrichriders, bzflag, freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles, teeworlds, torcs, tremulous, warsow, lugaru, manaplus, pioneer, scorched3d, widelands, freemind, kid3, kid3-cli, kid3-qt, nomacs |
106 | |||
@@ -10,7 +10,7 @@ firejail (0.9.59) baseline; urgency=low | |||
10 | * new profiles: freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles | 10 | * new profiles: freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles |
11 | * new profiles: teeworlds, torcs, tremulous, warsow, lugaru, manaplus | 11 | * new profiles: teeworlds, torcs, tremulous, warsow, lugaru, manaplus |
12 | * new profiles: pioneer, scorched3d, widelands, freemind, kid3, kid3-qt | 12 | * new profiles: pioneer, scorched3d, widelands, freemind, kid3, kid3-qt |
13 | * new profiles: kid3-cli | 13 | * new profiles: kid3-cli, nomacs |
14 | * memory-deny-write-execute now also blocks memfd_create | 14 | * memory-deny-write-execute now also blocks memfd_create |
15 | * drop support for flatpak/snap packages | 15 | * drop support for flatpak/snap packages |
16 | 16 | ||
diff --git a/etc/meld.profile b/etc/meld.profile index 4e298e4e7..395771cf2 100644 --- a/etc/meld.profile +++ b/etc/meld.profile | |||
@@ -7,18 +7,27 @@ include meld.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/meld | 9 | noblacklist ${HOME}/.local/share/meld |
10 | noblacklist ${PATH}/python* | ||
11 | noblacklist /usr/include/python* | ||
12 | noblacklist /usr/lib/python* | ||
13 | noblacklist /usr/local/lib/python* | ||
14 | noblacklist /usr/share/python* | ||
15 | 10 | ||
16 | include disable-common.inc | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | noblacklist ${PATH}/python2* | ||
13 | noblacklist ${PATH}/python3* | ||
14 | noblacklist /usr/lib/python2* | ||
15 | noblacklist /usr/lib/python3* | ||
16 | noblacklist /usr/local/lib/python2* | ||
17 | noblacklist /usr/local/lib/python3* | ||
18 | |||
19 | noblacklist ${HOME}/.gitconfig | ||
20 | noblacklist ${HOME}/.ssh | ||
21 | noblacklist ${HOME}/.subversion | ||
22 | |||
23 | # Uncomment the next line if you don't need to compare files in disable-common.inc. | ||
24 | #include disable-common.inc | ||
17 | include disable-devel.inc | 25 | include disable-devel.inc |
18 | include disable-exec.inc | 26 | include disable-exec.inc |
19 | include disable-interpreters.inc | 27 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 28 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 29 | # Uncomment the next line if you don't need to compare files in disable-programs.inc. |
30 | #include disable-programs.inc | ||
22 | 31 | ||
23 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
24 | 33 | ||
@@ -26,6 +35,7 @@ apparmor | |||
26 | caps.drop all | 35 | caps.drop all |
27 | ipc-namespace | 36 | ipc-namespace |
28 | machine-id | 37 | machine-id |
38 | netfilter | ||
29 | no3d | 39 | no3d |
30 | nodvd | 40 | nodvd |
31 | nogroups | 41 | nogroups |
@@ -35,15 +45,15 @@ nosound | |||
35 | notv | 45 | notv |
36 | nou2f | 46 | nou2f |
37 | novideo | 47 | novideo |
38 | protocol unix | 48 | protocol unix,inet,inet6 |
39 | seccomp | 49 | seccomp |
40 | shell none | 50 | shell none |
41 | tracelog | 51 | tracelog |
42 | 52 | ||
43 | private-bin meld,python* | 53 | private-bin bzr,cvs,git,hg,meld,python*,svn |
44 | private-cache | 54 | private-cache |
45 | private-dev | 55 | private-dev |
46 | # Uncomment the next line if you don't need to compare in /etc. | 56 | # Uncomment the next line if you don't need to compare in /etc. |
47 | # private-etc fonts,alternatives | 57 | #private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,pki,resolv.conf,ssl,subversion |
48 | private-tmp | 58 | private-tmp |
49 | 59 | ||