diff options
-rw-r--r-- | Makefile.in | 1 | ||||
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | README.md | 11 | ||||
-rw-r--r-- | etc/chromium.profile | 7 | ||||
-rw-r--r-- | etc/firefox.profile | 11 | ||||
-rw-r--r-- | etc/spotify.profile | 7 | ||||
-rw-r--r-- | etc/whitelist-common.inc | 13 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 |
8 files changed, 29 insertions, 26 deletions
diff --git a/Makefile.in b/Makefile.in index d9343d149..bcf9d613f 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -115,6 +115,7 @@ realinstall: | |||
115 | install -c -m 0644 etc/conkeror.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 115 | install -c -m 0644 etc/conkeror.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
116 | install -c -m 0644 etc/unbound.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 116 | install -c -m 0644 etc/unbound.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
117 | install -c -m 0644 etc/dnscrypt-proxy.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 117 | install -c -m 0644 etc/dnscrypt-proxy.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
118 | install -c -m 0644 etc/whitelist-common.inc $(DESTDIR)/$(sysconfdir)/firejail/. | ||
118 | bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 119 | bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
119 | # man pages | 120 | # man pages |
120 | rm -f firejail.1.gz | 121 | rm -f firejail.1.gz |
@@ -18,6 +18,10 @@ License: GPL v2 | |||
18 | Firejail Authors: | 18 | Firejail Authors: |
19 | 19 | ||
20 | netblue30 (netblue30@yahoo.com) | 20 | netblue30 (netblue30@yahoo.com) |
21 | Andrey Alekseenko (https://github.com/al42and) | ||
22 | - fixed Skype profile | ||
23 | Ondra Nekola (https://github.com/satai) | ||
24 | - allow firefox theming with non-global themes | ||
21 | emacsomancer (https://github.com/emacsomancer) | 25 | emacsomancer (https://github.com/emacsomancer) |
22 | - added profile for Conkeror browser | 26 | - added profile for Conkeror browser |
23 | Daan Bakker (https://github.com/dbakker) | 27 | Daan Bakker (https://github.com/dbakker) |
@@ -44,19 +44,22 @@ whitelist ~/Загрузки (new in 0.9.35) | |||
44 | whitelist ~/dwhelper (0.9.34) | 44 | whitelist ~/dwhelper (0.9.34) |
45 | whitelist ~/.zotero (0.9.34) | 45 | whitelist ~/.zotero (0.9.34) |
46 | whitelist ~/.lastpass (0.9.34) | 46 | whitelist ~/.lastpass (0.9.34) |
47 | whitelist ~/.gtkrc-2.0 (0.9.34) | ||
48 | whitelist ~/.config/gtk-3.0 (new in 0.9.35) | ||
49 | whitelist ~/.vimperatorrc (0.9.34) | 47 | whitelist ~/.vimperatorrc (0.9.34) |
50 | whitelist ~/.vimperator (0.9.34) | 48 | whitelist ~/.vimperator (0.9.34) |
51 | whitelist ~/.pentadactylrc (0.9.34) | 49 | whitelist ~/.pentadactylrc (0.9.34) |
52 | whitelist ~/.pentadactyl (0.9.34) | 50 | whitelist ~/.pentadactyl (0.9.34) |
53 | 51 | include /etc/firejail/whitelist-common.inc | |
54 | # common | 52 | ````` |
53 | /etc/firejail/whitelist-common.inc | ||
54 | ````` | ||
55 | whitelist ~/.fonts (0.9.34) | 55 | whitelist ~/.fonts (0.9.34) |
56 | whitelist ~/.fonts.d (0.9.34) | 56 | whitelist ~/.fonts.d (0.9.34) |
57 | whitelist ~/.fontconfig (0.9.34) | 57 | whitelist ~/.fontconfig (0.9.34) |
58 | whitelist ~/.fonts.conf (0.9.34) | 58 | whitelist ~/.fonts.conf (0.9.34) |
59 | whitelist ~/.fonts.conf.d (0.9.34) | 59 | whitelist ~/.fonts.conf.d (0.9.34) |
60 | whitelist ~/.gtkrc-2.0 (0.9.34) | ||
61 | whitelist ~/.config/gtk-3.0 (new in 0.9.35) | ||
62 | whitelist ~/.themes/ (new in 0.9.35) | ||
60 | ````` | 63 | ````` |
61 | If you are using a plugin or extension that requires other directories, please open a new issue: https://github.com/netblue30/firejail/issues | 64 | If you are using a plugin or extension that requires other directories, please open a new issue: https://github.com/netblue30/firejail/issues |
62 | 65 | ||
diff --git a/etc/chromium.profile b/etc/chromium.profile index 077ec62d0..980e539d5 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile | |||
@@ -12,10 +12,5 @@ netfilter | |||
12 | whitelist ~/Downloads | 12 | whitelist ~/Downloads |
13 | whitelist ~/Загрузки | 13 | whitelist ~/Загрузки |
14 | whitelist ~/.config/chromium | 14 | whitelist ~/.config/chromium |
15 | include /etc/firejail/whitelist-common.inc | ||
15 | 16 | ||
16 | # common | ||
17 | whitelist ~/.fonts | ||
18 | whitelist ~/.fonts.d | ||
19 | whitelist ~/.fontconfig | ||
20 | whitelist ~/.fonts.conf | ||
21 | whitelist ~/.fonts.conf.d | ||
diff --git a/etc/firefox.profile b/etc/firefox.profile index 954068d47..809363fd6 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -15,17 +15,8 @@ whitelist ~/Загрузки | |||
15 | whitelist ~/dwhelper | 15 | whitelist ~/dwhelper |
16 | whitelist ~/.zotero | 16 | whitelist ~/.zotero |
17 | whitelist ~/.lastpass | 17 | whitelist ~/.lastpass |
18 | whitelist ~/.gtkrc-2.0 | ||
19 | whitelist ~/.config/gtk-3.0 | ||
20 | whitelist ~/.themes/ | ||
21 | whitelist ~/.vimperatorrc | 18 | whitelist ~/.vimperatorrc |
22 | whitelist ~/.vimperator | 19 | whitelist ~/.vimperator |
23 | whitelist ~/.pentadactylrc | 20 | whitelist ~/.pentadactylrc |
24 | whitelist ~/.pentadactyl | 21 | whitelist ~/.pentadactyl |
25 | 22 | include /etc/firejail/whitelist-common.inc \ No newline at end of file | |
26 | # common | ||
27 | whitelist ~/.fonts | ||
28 | whitelist ~/.fonts.d | ||
29 | whitelist ~/.fontconfig | ||
30 | whitelist ~/.fonts.conf | ||
31 | whitelist ~/.fonts.conf.d | ||
diff --git a/etc/spotify.profile b/etc/spotify.profile index f77f900cf..414660857 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile | |||
@@ -10,6 +10,7 @@ include /etc/firejail/disable-devel.inc | |||
10 | whitelist ${HOME}/.config/spotify | 10 | whitelist ${HOME}/.config/spotify |
11 | whitelist ${HOME}/.local/share/spotify | 11 | whitelist ${HOME}/.local/share/spotify |
12 | whitelist ${HOME}/.cache/spotify | 12 | whitelist ${HOME}/.cache/spotify |
13 | include /etc/firejail/whitelist-common.inc | ||
13 | 14 | ||
14 | caps.drop all | 15 | caps.drop all |
15 | seccomp | 16 | seccomp |
@@ -17,9 +18,3 @@ protocol unix,inet,inet6 | |||
17 | netfilter | 18 | netfilter |
18 | noroot | 19 | noroot |
19 | 20 | ||
20 | # common | ||
21 | whitelist ~/.fonts | ||
22 | whitelist ~/.fonts.d | ||
23 | whitelist ~/.fontconfig | ||
24 | whitelist ~/.fonts.conf | ||
25 | whitelist ~/.fonts.conf.d | ||
diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc new file mode 100644 index 000000000..e0c2975df --- /dev/null +++ b/etc/whitelist-common.inc | |||
@@ -0,0 +1,13 @@ | |||
1 | # common whitelist for all profiles | ||
2 | |||
3 | # fonts | ||
4 | whitelist ~/.fonts | ||
5 | whitelist ~/.fonts.d | ||
6 | whitelist ~/.fontconfig | ||
7 | whitelist ~/.fonts.conf | ||
8 | whitelist ~/.fonts.conf.d | ||
9 | |||
10 | # gtk | ||
11 | whitelist ~/.gtkrc-2.0 | ||
12 | whitelist ~/.config/gtk-3.0 | ||
13 | whitelist ~/.themes/ | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 60f375cb6..c78dab441 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -41,3 +41,4 @@ | |||
41 | /etc/firejail/conkeror.profile | 41 | /etc/firejail/conkeror.profile |
42 | /etc/firejail/unbound.profile | 42 | /etc/firejail/unbound.profile |
43 | /etc/firejail/dnscrypt-proxy.profile | 43 | /etc/firejail/dnscrypt-proxy.profile |
44 | etc/whitelist-common.inc | ||