diff options
-rw-r--r-- | README | 1 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/catfish.profile | 31 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 3 |
7 files changed, 38 insertions, 3 deletions
@@ -187,6 +187,7 @@ Fred-Barclay (https://github.com/Fred-Barclay) | |||
187 | - added mousepad, qpicview, and cvlc profiles | 187 | - added mousepad, qpicview, and cvlc profiles |
188 | - added BibleTime profile | 188 | - added BibleTime profile |
189 | - added caja and galculator profiles | 189 | - added caja and galculator profiles |
190 | - added Catfish profile | ||
190 | G4JC (http://sourceforge.net/u/gaming4jc/profile/) | 191 | G4JC (http://sourceforge.net/u/gaming4jc/profile/) |
191 | - ARM support | 192 | - ARM support |
192 | - profile fixes | 193 | - profile fixes |
@@ -76,4 +76,4 @@ The plan is to have all bittorrent clients whitelisted in the next release.** | |||
76 | 76 | ||
77 | ## New profiles | 77 | ## New profiles |
78 | 78 | ||
79 | vym, darktable, Waterfox, digiKam | 79 | vym, darktable, Waterfox, digiKam, Catfish |
@@ -5,7 +5,7 @@ firejail (0.9.47) baseline; urgency=low | |||
5 | * modifs: AppArmor made optional; a warning is printed on the screen | 5 | * modifs: AppArmor made optional; a warning is printed on the screen |
6 | if the sandbox fails to load the AppArmor profile | 6 | if the sandbox fails to load the AppArmor profile |
7 | * added /etc/firejail/globals.local for global customizations | 7 | * added /etc/firejail/globals.local for global customizations |
8 | * new profiles: vym, darktable, Waterfox, digiKam | 8 | * new profiles: vym, darktable, Waterfox, digiKam, Catfish |
9 | * bugfixes | 9 | * bugfixes |
10 | -- netblue30 <netblue30@yahoo.com> Tue, 23 May 2017 08:00:00 -0500 | 10 | -- netblue30 <netblue30@yahoo.com> Tue, 23 May 2017 08:00:00 -0500 |
11 | 11 | ||
diff --git a/etc/catfish.profile b/etc/catfish.profile new file mode 100644 index 000000000..e0039a042 --- /dev/null +++ b/etc/catfish.profile | |||
@@ -0,0 +1,31 @@ | |||
1 | # Persistent global definitions go here | ||
2 | include /etc/firejail/globals.local | ||
3 | |||
4 | # This file is overwritten during software install. | ||
5 | # Persistent customizations should go in a .local file. | ||
6 | include /etc/firejail/catfish.local | ||
7 | |||
8 | # Firejail profile for catfish | ||
9 | noblacklist ~/.config/catfish | ||
10 | |||
11 | # We can't blacklist much since catfish | ||
12 | # is for finding files/content | ||
13 | include /etc/firejail/disable-devel.inc | ||
14 | |||
15 | caps.drop all | ||
16 | net none | ||
17 | no3d | ||
18 | nogroups | ||
19 | nonewprivs | ||
20 | noroot | ||
21 | nosound | ||
22 | protocol unix | ||
23 | seccomp | ||
24 | shell none | ||
25 | tracelog | ||
26 | |||
27 | # These options work but are disabled in case | ||
28 | # a users wants to search in these directories. | ||
29 | #private-bin bash,catfish,env,locate,ls,mlocate,python,python2,python2.7,python3,python3.5,python3.5m,python3m | ||
30 | #private-dev | ||
31 | #private-tmp | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index f2cf99188..4d975a8ae 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -62,6 +62,7 @@ blacklist ${HOME}/.config/borg | |||
62 | blacklist ${HOME}/.config/brasero | 62 | blacklist ${HOME}/.config/brasero |
63 | blacklist ${HOME}/.config/brave | 63 | blacklist ${HOME}/.config/brave |
64 | blacklist ${HOME}/.config/caja | 64 | blacklist ${HOME}/.config/caja |
65 | blacklist ${HOME}/.config/catfish | ||
65 | blacklist ${HOME}/.config/cherrytree | 66 | blacklist ${HOME}/.config/cherrytree |
66 | blacklist ${HOME}/.config/chromium | 67 | blacklist ${HOME}/.config/chromium |
67 | blacklist ${HOME}/.config/chromium-dev | 68 | blacklist ${HOME}/.config/chromium-dev |
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index cc7453ae7..094134494 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -32,6 +32,7 @@ | |||
32 | /etc/firejail/brasero.profile | 32 | /etc/firejail/brasero.profile |
33 | /etc/firejail/brave.profile | 33 | /etc/firejail/brave.profile |
34 | /etc/firejail/caja.profile | 34 | /etc/firejail/caja.profile |
35 | /etc/firejail/catfish.profile | ||
35 | /etc/firejail/cherrytree.profile | 36 | /etc/firejail/cherrytree.profile |
36 | /etc/firejail/chromium-browser.profile | 37 | /etc/firejail/chromium-browser.profile |
37 | /etc/firejail/chromium.profile | 38 | /etc/firejail/chromium.profile |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 044f07c95..73d47a142 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -1,5 +1,5 @@ | |||
1 | # /usr/lib/firejail/firecfg.config - firecfg utility configuration file | 1 | # /usr/lib/firejail/firecfg.config - firecfg utility configuration file |
2 | # This is the list of programs in alfabetical order handled by firecfg utility | 2 | # This is the list of programs in alphabetical order handled by firecfg utility |
3 | # | 3 | # |
4 | 0ad | 4 | 0ad |
5 | 2048-qt | 5 | 2048-qt |
@@ -23,6 +23,7 @@ bless | |||
23 | blender | 23 | blender |
24 | brasero | 24 | brasero |
25 | brave | 25 | brave |
26 | catfish | ||
26 | cherrytree | 27 | cherrytree |
27 | chromium | 28 | chromium |
28 | chromium-browser | 29 | chromium-browser |