aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md2
-rw-r--r--etc/bluefish.profile4
-rw-r--r--etc/cliqz.profile4
-rw-r--r--etc/disable-programs.inc3
-rw-r--r--etc/pinta.profile12
-rw-r--r--etc/uefitool.profile33
-rw-r--r--src/firecfg/firecfg.config5
7 files changed, 53 insertions, 10 deletions
diff --git a/README.md b/README.md
index 26f3dc3c5..ef4a18310 100644
--- a/README.md
+++ b/README.md
@@ -180,4 +180,4 @@ calligraflow, calligraplan, calligraplanwork, calligrasheets, calligrastage,
180calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd, google-earth, 180calligrawords, cin, dooble, dooble-qt4, fetchmail, freecad, freecadcmd, google-earth,
181imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron, 181imagej, karbon, kdenlive, krita, linphone, lmms, macrofusion, mpd, natron, Natron,
182ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart, 182ricochet, shotcut, teamspeak3, tor, tor-browser-en, Viber, x-terminal-emulator, zart,
183conky, arch-audit, ffmpeg 183conky, arch-audit, ffmpeg, bluefish, cliqz, cinelerra, openshot-qt, pinta, uefitool
diff --git a/etc/bluefish.profile b/etc/bluefish.profile
index a0bceabbe..f18dea296 100644
--- a/etc/bluefish.profile
+++ b/etc/bluefish.profile
@@ -1,11 +1,10 @@
1# Firejail profile for pluma 1# Firejail profile for bluefish
2# This file is overwritten after every install/update 2# This file is overwritten after every install/update
3# Persistent local customizations 3# Persistent local customizations
4include /etc/firejail/pluma.local 4include /etc/firejail/pluma.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8noblacklist ${HOME}/.config/pluma
9 8
10include /etc/firejail/disable-common.inc 9include /etc/firejail/disable-common.inc
11include /etc/firejail/disable-devel.inc 10include /etc/firejail/disable-devel.inc
@@ -29,7 +28,6 @@ tracelog
29 28
30private-bin bluefish 29private-bin bluefish
31private-dev 30private-dev
32# private-etc fonts
33private-tmp 31private-tmp
34 32
35noexec ${HOME} 33noexec ${HOME}
diff --git a/etc/cliqz.profile b/etc/cliqz.profile
index 9c0f44e97..a7c791a02 100644
--- a/etc/cliqz.profile
+++ b/etc/cliqz.profile
@@ -1,7 +1,7 @@
1# Firejail profile for firefox 1# Firejail profile for cliqz
2# This file is overwritten after every install/update 2# This file is overwritten after every install/update
3# Persistent local customizations 3# Persistent local customizations
4include /etc/firejail/firefox.local 4include /etc/firejail/cliqz.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 615e28172..ad589890c 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -81,6 +81,7 @@ blacklist ${HOME}/.config/chromium
81blacklist ${HOME}/.config/chromium-dev 81blacklist ${HOME}/.config/chromium-dev
82blacklist ${HOME}/.config/chromium-flags.conf 82blacklist ${HOME}/.config/chromium-flags.conf
83blacklist ${HOME}/.config/clipit 83blacklist ${HOME}/.config/clipit
84blacklist ${HOME}/.config/cliqz
84blacklist ${HOME}/.config/cmus 85blacklist ${HOME}/.config/cmus
85blacklist ${HOME}/.config/corebird 86blacklist ${HOME}/.config/corebird
86blacklist ${HOME}/.config/darktable 87blacklist ${HOME}/.config/darktable
@@ -142,6 +143,7 @@ blacklist ${HOME}/.config/opera-beta
142blacklist ${HOME}/.config/orage 143blacklist ${HOME}/.config/orage
143blacklist ${HOME}/.config/org.kde.gwenviewrc 144blacklist ${HOME}/.config/org.kde.gwenviewrc
144blacklist ${HOME}/.config/pcmanfm 145blacklist ${HOME}/.config/pcmanfm
146blacklist ${HOME}/.config/Pinta
145blacklist ${HOME}/.config/pix 147blacklist ${HOME}/.config/pix
146blacklist ${HOME}/.config/pluma 148blacklist ${HOME}/.config/pluma
147blacklist ${HOME}/.config/psi+ 149blacklist ${HOME}/.config/psi+
@@ -408,6 +410,7 @@ blacklist ${HOME}/.cache/calibre
408blacklist ${HOME}/.cache/champlain 410blacklist ${HOME}/.cache/champlain
409blacklist ${HOME}/.cache/chromium 411blacklist ${HOME}/.cache/chromium
410blacklist ${HOME}/.cache/chromium-dev 412blacklist ${HOME}/.cache/chromium-dev
413blacklist ${HOME}/.cache/cliqz
411blacklist ${HOME}/.cache/darktable 414blacklist ${HOME}/.cache/darktable
412blacklist ${HOME}/.cache/epiphany 415blacklist ${HOME}/.cache/epiphany
413blacklist ${HOME}/.cache/evolution 416blacklist ${HOME}/.cache/evolution
diff --git a/etc/pinta.profile b/etc/pinta.profile
index 2562e1b80..4228e5880 100644
--- a/etc/pinta.profile
+++ b/etc/pinta.profile
@@ -1,15 +1,21 @@
1# Firejail profile for krita 1# Firejail profile for pinta
2# This file is overwritten after every install/update 2# This file is overwritten after every install/update
3# Persistent local customizations 3# Persistent local customizations
4include /etc/firejail/krita.local 4include /etc/firejail/pinta.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8
9noblacklist ${HOME}/.config/Pinta
10
8include /etc/firejail/disable-common.inc 11include /etc/firejail/disable-common.inc
9include /etc/firejail/disable-devel.inc 12include /etc/firejail/disable-devel.inc
10include /etc/firejail/disable-passwdmgr.inc 13include /etc/firejail/disable-passwdmgr.inc
11include /etc/firejail/disable-programs.inc 14include /etc/firejail/disable-programs.inc
12 15
16whitelist ${HOME}/.config/Pinta
17include /etc/firejail/whitelist-common.inc
18
13caps.drop all 19caps.drop all
14ipc-namespace 20ipc-namespace
15net none 21net none
@@ -27,7 +33,5 @@ shell none
27private-dev 33private-dev
28private-tmp 34private-tmp
29 35
30
31whitelist ~/.config/Pinta
32noexec ${HOME} 36noexec ${HOME}
33noexec /tmp 37noexec /tmp
diff --git a/etc/uefitool.profile b/etc/uefitool.profile
new file mode 100644
index 000000000..138f69aa8
--- /dev/null
+++ b/etc/uefitool.profile
@@ -0,0 +1,33 @@
1# Firejail profile for uefitool
2# This file is overwritten after every install/update
3# Persistent local customizations
4include /etc/firejail/uefitool.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7
8
9include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-devel.inc
11include /etc/firejail/disable-passwdmgr.inc
12include /etc/firejail/disable-programs.inc
13
14caps.drop all
15ipc-namespace
16net none
17no3d
18nodvd
19nogroups
20nonewprivs
21noroot
22nosound
23notv
24novideo
25protocol unix
26seccomp
27shell none
28
29private-dev
30private-tmp
31
32noexec ${HOME}
33noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 5a36f5e3e..e4a096d81 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -40,6 +40,7 @@ bitlbee
40bleachbit 40bleachbit
41blender 41blender
42bless 42bless
43bluefish
43brackets 44brackets
44brasero 45brasero
45brave 46brave
@@ -58,6 +59,7 @@ cherrytree
58chromium 59chromium
59chromium-browser 60chromium-browser
60cin 61cin
62cinelerra
61clamdscan 63clamdscan
62clamdtop 64clamdtop
63clamscan 65clamscan
@@ -241,6 +243,7 @@ odt2txt
241okular 243okular
242open-invaders 244open-invaders
243openshot 245openshot
246openshot-qt
244opera 247opera
245opera-beta 248opera-beta
246orage 249orage
@@ -252,6 +255,7 @@ peek
252picard 255picard
253pidgin 256pidgin
254pingus 257pingus
258pinta
255pithos 259pithos
256pix 260pix
257pluma 261pluma
@@ -314,6 +318,7 @@ transmission-qt
314transmission-show 318transmission-show
315truecraft 319truecraft
316tuxguitar 320tuxguitar
321uefitool
317uget-gtk 322uget-gtk
318unbound 323unbound
319unknown-horizons 324unknown-horizons
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-01 20:26:36 +0000