diff options
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 3 | ||||
-rw-r--r-- | etc/beaker.profile | 1 | ||||
-rw-r--r-- | etc/electrum.profile | 52 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 2 |
5 files changed, 57 insertions, 3 deletions
@@ -167,4 +167,4 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
167 | ## New profiles | 167 | ## New profiles |
168 | Microsoft Office Online, riot-desktop, gnome-mpv, snox, gradio, standardnotes-desktop, | 168 | Microsoft Office Online, riot-desktop, gnome-mpv, snox, gradio, standardnotes-desktop, |
169 | shellcheck, patch, flameshot, rview, rvim, vimcat, vimdiff, vimpager, vimtutor, | 169 | shellcheck, patch, flameshot, rview, rvim, vimcat, vimdiff, vimpager, vimtutor, |
170 | xxd, Beaker | 170 | xxd, Beaker, electrum |
@@ -15,7 +15,8 @@ firejail (0.9.56~rc1) baseline; urgency=low | |||
15 | * new profiles: ms-excel, ms-office, ms-onenote, ms-outlook, ms-powerpoint, | 15 | * new profiles: ms-excel, ms-office, ms-onenote, ms-outlook, ms-powerpoint, |
16 | * new profiles: ms-skype, ms-word, riot-desktop, gnome-mpv, snox, gradio, | 16 | * new profiles: ms-skype, ms-word, riot-desktop, gnome-mpv, snox, gradio, |
17 | * new profiles: standardnotes-desktop, shellcheck, patch, flameshot, | 17 | * new profiles: standardnotes-desktop, shellcheck, patch, flameshot, |
18 | * new profiles: rview, rvim, vimcat, vimdiff, vimpager, vimtutor, xxd | 18 | * new profiles: rview, rvim, vimcat, vimdiff, vimpager, vimtutor, xxd, |
19 | * new profiles: Beaker, electrum | ||
19 | -- netblue30 <netblue30@yahoo.com> Sat, 11 Aug 2018 08:00:00 -0500 | 20 | -- netblue30 <netblue30@yahoo.com> Sat, 11 Aug 2018 08:00:00 -0500 |
20 | 21 | ||
21 | firejail (0.9.54) baseline; urgency=low | 22 | firejail (0.9.54) baseline; urgency=low |
diff --git a/etc/beaker.profile b/etc/beaker.profile index 4c884e77e..9215576c7 100644 --- a/etc/beaker.profile +++ b/etc/beaker.profile | |||
@@ -13,7 +13,6 @@ include /etc/firejail/disable-interpreters.inc | |||
13 | mkdir ${HOME}/.config/Beaker Browser | 13 | mkdir ${HOME}/.config/Beaker Browser |
14 | whitelist ${HOME}/.config/Beaker Browser | 14 | whitelist ${HOME}/.config/Beaker Browser |
15 | whitelist ${DOWNLOADS} | 15 | whitelist ${DOWNLOADS} |
16 | |||
17 | include /etc/firejail/whitelist-common.inc | 16 | include /etc/firejail/whitelist-common.inc |
18 | 17 | ||
19 | # Redirect | 18 | # Redirect |
diff --git a/etc/electrum.profile b/etc/electrum.profile new file mode 100644 index 000000000..d611f3e61 --- /dev/null +++ b/etc/electrum.profile | |||
@@ -0,0 +1,52 @@ | |||
1 | # Firejail profile for electrum | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/electrum.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | noblacklist ${HOME}/.electrum | ||
9 | |||
10 | # Allow python (blacklisted by disable-interpreters.inc) | ||
11 | noblacklist ${PATH}/python2* | ||
12 | noblacklist ${PATH}/python3* | ||
13 | noblacklist /usr/lib/python2* | ||
14 | noblacklist /usr/lib/python3* | ||
15 | |||
16 | include /etc/firejail/disable-common.inc | ||
17 | include /etc/firejail/disable-devel.inc | ||
18 | include /etc/firejail/disable-interpreters.inc | ||
19 | include /etc/firejail/disable-passwdmgr.inc | ||
20 | include /etc/firejail/disable-programs.inc | ||
21 | include /etc/firejail/disable-xdg.inc | ||
22 | |||
23 | mkdir ${HOME}/.electrum | ||
24 | whitelist ${HOME}/.electrum | ||
25 | include /etc/firejail/whitelist-common.inc | ||
26 | include /etc/firejail/whitelist-var-common.inc | ||
27 | |||
28 | caps.drop all | ||
29 | ipc-namespace | ||
30 | netfilter | ||
31 | no3d | ||
32 | #nodbus | ||
33 | nodvd | ||
34 | nogroups | ||
35 | nonewprivs | ||
36 | noroot | ||
37 | nosound | ||
38 | notv | ||
39 | novideo | ||
40 | protocol unix,inet,inet6 | ||
41 | seccomp | ||
42 | shell none | ||
43 | |||
44 | disable-mnt | ||
45 | private-bin electrum,python* | ||
46 | private-cache | ||
47 | private-dev | ||
48 | private-etc fonts,dconf,ca-certificates,ssl,pki,crypto-policies,machine-id | ||
49 | private-tmp | ||
50 | |||
51 | noexec ${HOME} | ||
52 | noexec /tmp | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 2585d204a..a33aaeb49 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -46,6 +46,7 @@ baloo_file | |||
46 | baloo_filemetadata_temp_extractor | 46 | baloo_filemetadata_temp_extractor |
47 | baobab | 47 | baobab |
48 | basilisk | 48 | basilisk |
49 | beaker | ||
49 | bibletime | 50 | bibletime |
50 | bitlbee | 51 | bitlbee |
51 | bleachbit | 52 | bleachbit |
@@ -108,6 +109,7 @@ dosbox | |||
108 | dragon | 109 | dragon |
109 | dropbox | 110 | dropbox |
110 | ebook-viewer | 111 | ebook-viewer |
112 | electrum | ||
111 | elinks | 113 | elinks |
112 | empathy | 114 | empathy |
113 | enchant | 115 | enchant |