diff options
-rw-r--r-- | Makefile.in | 1 | ||||
-rw-r--r-- | README | 3 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/mcabber.profile | 19 | ||||
-rw-r--r-- | platform/debian/conffiles | 1 |
7 files changed, 26 insertions, 3 deletions
diff --git a/Makefile.in b/Makefile.in index 2d49f88e1..34daed387 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -183,6 +183,7 @@ realinstall: | |||
183 | install -c -m 0644 .etc/xplayer.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 183 | install -c -m 0644 .etc/xplayer.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
184 | install -c -m 0644 .etc/xreader.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 184 | install -c -m 0644 .etc/xreader.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
185 | install -c -m 0644 .etc/xviewer.profile $(DESTDIR)/$(sysconfdir)/firejail/. | 185 | install -c -m 0644 .etc/xviewer.profile $(DESTDIR)/$(sysconfdir)/firejail/. |
186 | install -c -m 0644 .etc/mcabber.profile $(DESTDIR)/$(sysconfdir)/firejail/. | ||
186 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 187 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
187 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 188 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
188 | rm -fr .etc | 189 | rm -fr .etc |
@@ -29,7 +29,7 @@ avoidr (https://github.com/avoidr) | |||
29 | - whitelist fix | 29 | - whitelist fix |
30 | - recently-used.xbel fix | 30 | - recently-used.xbel fix |
31 | - added parole profile | 31 | - added parole profile |
32 | - blacklist ncat, manpage fixes, | 32 | - blacklist ncat |
33 | - hostname support in profile file | 33 | - hostname support in profile file |
34 | - Google Chrome profile rework | 34 | - Google Chrome profile rework |
35 | - added cmus profile | 35 | - added cmus profile |
@@ -37,6 +37,7 @@ avoidr (https://github.com/avoidr) | |||
37 | - add net iface support in profile files | 37 | - add net iface support in profile files |
38 | - paths fix | 38 | - paths fix |
39 | - lots of profile fixes | 39 | - lots of profile fixes |
40 | - added mcabber profile | ||
40 | Ruan (https://github.com/ruany) | 41 | Ruan (https://github.com/ruany) |
41 | - fixed hexchat profile | 42 | - fixed hexchat profile |
42 | Vasya Novikov (https://github.com/vn971) | 43 | Vasya Novikov (https://github.com/vn971) |
@@ -283,6 +283,6 @@ $ man firejail-profile | |||
283 | lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril, qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars, qTox, | 283 | lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril, qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars, qTox, |
284 | OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon, Icedove, abrowser, 0ad, netsurf, | 284 | OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon, Icedove, abrowser, 0ad, netsurf, |
285 | Warzone2100, okular, gwenview, Gpredict, Aweather, Stellarium, Google-Play-Music-Desktop-Player, quiterss, | 285 | Warzone2100, okular, gwenview, Gpredict, Aweather, Stellarium, Google-Play-Music-Desktop-Player, quiterss, |
286 | cyberfox, generic Ubuntu snap application profile, xplayer, xreader, xviewer | 286 | cyberfox, generic Ubuntu snap application profile, xplayer, xreader, xviewer, mcabber |
287 | 287 | ||
288 | 288 | ||
@@ -24,7 +24,7 @@ firejail (0.9.40-rc1) baseline; urgency=low | |||
24 | * new profiles: okular, gwenview, Google-Play-Music-Desktop-Player | 24 | * new profiles: okular, gwenview, Google-Play-Music-Desktop-Player |
25 | * new profiles: Aweather, Stellarium, gpredict, quiterss, cyberfox | 25 | * new profiles: Aweather, Stellarium, gpredict, quiterss, cyberfox |
26 | * new profiles: generic Ubuntu snap application profile, xplayer | 26 | * new profiles: generic Ubuntu snap application profile, xplayer |
27 | * new profiles: xreader, xviewer | 27 | * new profiles: xreader, xviewer, mcabber |
28 | * generic.profile renamed default.profile | 28 | * generic.profile renamed default.profile |
29 | * build rpm packages using "make rpms" | 29 | * build rpm packages using "make rpms" |
30 | * bugfixes | 30 | * bugfixes |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index a3fd0fe73..307ccaf6c 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -55,6 +55,7 @@ blacklist ${HOME}/.8pecxstudios | |||
55 | # Instant Messaging | 55 | # Instant Messaging |
56 | blacklist ${HOME}/.config/hexchat | 56 | blacklist ${HOME}/.config/hexchat |
57 | blacklist ${HOME}/.mcabber | 57 | blacklist ${HOME}/.mcabber |
58 | blacklist ${HOME}/.mcabberrc | ||
58 | blacklist ${HOME}/.purple | 59 | blacklist ${HOME}/.purple |
59 | blacklist ${HOME}/.config/psi+ | 60 | blacklist ${HOME}/.config/psi+ |
60 | blacklist ${HOME}/.retroshare | 61 | blacklist ${HOME}/.retroshare |
diff --git a/etc/mcabber.profile b/etc/mcabber.profile new file mode 100644 index 000000000..553672406 --- /dev/null +++ b/etc/mcabber.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # mcabber profile | ||
2 | noblacklist ${HOME}/.mcabber | ||
3 | noblacklist ${HOME}/.mcabberrc | ||
4 | |||
5 | include /etc/firejail/disable-common.inc | ||
6 | include /etc/firejail/disable-programs.inc | ||
7 | include /etc/firejail/disable-devel.inc | ||
8 | include /etc/firejail/disable-passwdmgr.inc | ||
9 | |||
10 | caps.drop all | ||
11 | seccomp | ||
12 | protocol inet,inet6 | ||
13 | netfilter | ||
14 | noroot | ||
15 | |||
16 | private-bin mcabber | ||
17 | private-etc group | ||
18 | private-dev | ||
19 | shell none | ||
diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 4f118d571..8cf8f165c 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles | |||
@@ -97,3 +97,4 @@ | |||
97 | /etc/firejail/xplayer.profile | 97 | /etc/firejail/xplayer.profile |
98 | /etc/firejail/xreader.profile | 98 | /etc/firejail/xreader.profile |
99 | /etc/firejail/xviewer.profile | 99 | /etc/firejail/xviewer.profile |
100 | /etc/firejail/mcabber.profile | ||