aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md2
-rw-r--r--RELNOTES3
-rw-r--r--etc/inc/disable-programs.inc3
-rw-r--r--etc/profile-a-l/com.gitlab.newsflash.profile5
-rw-r--r--etc/profile-m-z/newsflash.profile60
-rw-r--r--src/firecfg/firecfg.config2
6 files changed, 73 insertions, 2 deletions
diff --git a/README.md b/README.md
index 5c07954e9..c370368d7 100644
--- a/README.md
+++ b/README.md
@@ -196,4 +196,4 @@ gnome-screenshot, ripperX, sound-juicer, iagno, com.github.dahenson.agenda, gnom
196penguin-command, x2goclient, frogatto, gnome-mines, gnome-nibbles, lightsoff, ts3client_runscript.sh, warmux, ferdi, abiword, 196penguin-command, x2goclient, frogatto, gnome-mines, gnome-nibbles, lightsoff, ts3client_runscript.sh, warmux, ferdi, abiword,
197four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars, 197four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars,
198hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers, 198hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers,
199seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded 199seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded, cawbird, freetube, homebank, mattermost-desktop, newsflash, com.gitlab.newsflash, element-desktop
diff --git a/RELNOTES b/RELNOTES
index eff6de2ad..d0cf88d4d 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -37,7 +37,8 @@ firejail (0.9.63) baseline; urgency=low
37 * new profiles: swell-foop, fdns, five-or-more, steam-runtime, jitsi-meet-desktop 37 * new profiles: swell-foop, fdns, five-or-more, steam-runtime, jitsi-meet-desktop
38 * new profiles: nicotine, plv, mocp, apostrophe, quadrapassel, dino-im, strawberry 38 * new profiles: nicotine, plv, mocp, apostrophe, quadrapassel, dino-im, strawberry
39 * new profiles: hitori, bijiben, gnote, gnubik, ZeGrapher, xonotic-sdl-wrapper 39 * new profiles: hitori, bijiben, gnote, gnubik, ZeGrapher, xonotic-sdl-wrapper
40 * new profiles: gapplication, openarena_ded, element-desktop 40 * new profiles: gapplication, openarena_ded, element-desktop, cawbird, freetube
41 * new profiles: homebank, mattermost-desktop, newsflash, com.gitlab.newsflash
41 -- netblue30 <netblue30@yahoo.com> Tue, 21 Apr 2020 08:00:00 -0500 42 -- netblue30 <netblue30@yahoo.com> Tue, 21 Apr 2020 08:00:00 -0500
42 43
43firejail (0.9.62) baseline; urgency=low 44firejail (0.9.62) baseline; urgency=low
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index d59ce8c73..996f02577 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -301,6 +301,7 @@ blacklist ${HOME}/.config/nautilus
301blacklist ${HOME}/.config/nemo 301blacklist ${HOME}/.config/nemo
302blacklist ${HOME}/.config/netsurf 302blacklist ${HOME}/.config/netsurf
303blacklist ${HOME}/.config/newsbeuter 303blacklist ${HOME}/.config/newsbeuter
304blacklist ${HOME}/.config/newsflash
304blacklist ${HOME}/.config/nheko 305blacklist ${HOME}/.config/nheko
305blacklist ${HOME}/.config/NitroShare 306blacklist ${HOME}/.config/NitroShare
306blacklist ${HOME}/.config/nomacs 307blacklist ${HOME}/.config/nomacs
@@ -637,6 +638,7 @@ blacklist ${HOME}/.local/share/nautilus
637blacklist ${HOME}/.local/share/nautilus-python 638blacklist ${HOME}/.local/share/nautilus-python
638blacklist ${HOME}/.local/share/nemo 639blacklist ${HOME}/.local/share/nemo
639blacklist ${HOME}/.local/share/nemo-python 640blacklist ${HOME}/.local/share/nemo-python
641blacklist ${HOME}/.local/share/news-flash
640blacklist ${HOME}/.local/share/nomacs 642blacklist ${HOME}/.local/share/nomacs
641blacklist ${HOME}/.local/share/notes 643blacklist ${HOME}/.local/share/notes
642blacklist ${HOME}/.local/share/ocenaudio 644blacklist ${HOME}/.local/share/ocenaudio
@@ -809,6 +811,7 @@ blacklist ${HOME}/.cache/Ferdi
809blacklist ${HOME}/.cache/Franz 811blacklist ${HOME}/.cache/Franz
810blacklist ${HOME}/.cache/INRIA 812blacklist ${HOME}/.cache/INRIA
811blacklist ${HOME}/.cache/MusicBrainz 813blacklist ${HOME}/.cache/MusicBrainz
814blacklist ${HOME}/.cache/NewsFlashGTK
812blacklist ${HOME}/.cache/QuiteRss 815blacklist ${HOME}/.cache/QuiteRss
813blacklist ${HOME}/.cache/Shortwave 816blacklist ${HOME}/.cache/Shortwave
814blacklist ${HOME}/.cache/Tox 817blacklist ${HOME}/.cache/Tox
diff --git a/etc/profile-a-l/com.gitlab.newsflash.profile b/etc/profile-a-l/com.gitlab.newsflash.profile
new file mode 100644
index 000000000..0628d3d01
--- /dev/null
+++ b/etc/profile-a-l/com.gitlab.newsflash.profile
@@ -0,0 +1,5 @@
1# Firejail profile alias for newsflash
2# This file is overwritten after every install/update
3
4# Redirect
5include newsflash.profile
diff --git a/etc/profile-m-z/newsflash.profile b/etc/profile-m-z/newsflash.profile
new file mode 100644
index 000000000..d0ac83baf
--- /dev/null
+++ b/etc/profile-m-z/newsflash.profile
@@ -0,0 +1,60 @@
1# Firejail profile for newsflash
2# Description: Modern feed reader
3# This file is overwritten after every install/update
4# Persistent local customizations
5include newsflash.local
6# Persistent global definitions
7include globals.local
8
9noblacklist ${HOME}/.cache/NewsFlashGTK
10noblacklist ${HOME}/.config/news-flash
11noblacklist ${HOME}/.local/share/news-flash
12
13include disable-common.inc
14include disable-devel.inc
15include disable-exec.inc
16include disable-interpreters.inc
17include disable-passwdmgr.inc
18include disable-programs.inc
19include disable-shell.inc
20include disable-xdg.inc
21
22mkdir ${HOME}/.cache/NewsFlashGTK
23mkdir ${HOME}/.config/news-flash
24mkdir ${HOME}/.local/share/news-flash
25whitelist ${HOME}/.cache/NewsFlashGTK
26whitelist ${HOME}/.config/news-flash
27whitelist ${HOME}/.local/share/news-flash
28include whitelist-common.inc
29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc
31include whitelist-var-common.inc
32
33apparmor
34caps.drop all
35machine-id
36netfilter
37nodvd
38nogroups
39nonewprivs
40noroot
41nosound
42notv
43nou2f
44novideo
45protocol unix,inet,inet6
46seccomp
47shell none
48tracelog
49
50disable-mnt
51private-bin com.gitlab.newsflash,newsflash
52private-cache
53private-dev
54private-etc ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,nsswitch.conf,pango,pki,resolv.conf,ssl,X11
55private-tmp
56
57dbus-user none
58#dbus-user.own com.gitlab.newsflash
59#dbus-user.talk org.freedesktop.Notifications
60dbus-system none
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 5d5858496..fd8d21268 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -137,6 +137,7 @@ code
137code-oss 137code-oss
138com.github.dahenson.agenda 138com.github.dahenson.agenda
139com.github.johnfactotum.Foliate 139com.github.johnfactotum.Foliate
140com.gitlab.newsflash
140conkeror 141conkeror
141conky 142conky
142conplay 143conplay
@@ -506,6 +507,7 @@ neverball
506neverputt 507neverputt
507newsbeuter 508newsbeuter
508newsboat 509newsboat
510newsflash
509nheko 511nheko
510nicotine 512nicotine
511nitroshare 513nitroshare
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-05-28 00:46:00 +0000