3 files changed, 54 insertions, 0 deletions
diff --git a/etc/seahorse-tool.profile b/etc/seahorse-tool.profile
new file mode 100644
index 000000000..bbab69162
--- /dev/null
+++ b/etc/seahorse-tool.profile
@@ -0,0 +1,28 @@
+# Firejail profile for seahorse-tool
+# Description: PGP encryption and signing
+# This file is overwritten after every install/update
+# Persistent local customizations
+include seahorse-tool.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+# dconf
+mkdir ${HOME}/.config/dconf
+whitelist ${HOME}/.config/dconf
+include disable-xdg.inc
+include whitelist-var-common.inc
+apparmor
+ipc-namespace
+disable-mnt
+private-tmp
+memory-deny-write-execute
+noexec ${HOME}
+noexec /tmp
+# Redirect
+include gpg.profile
diff --git a/etc/seahorse.profile b/etc/seahorse.profile
new file mode 100644
index 000000000..0bf3b89fd
--- /dev/null
+++ b/etc/seahorse.profile
@@ -0,0 +1,25 @@
+# Firejail profile for seahorse
+# Description: GNOME application for managing PGP keys
+# This file is overwritten after every install/update
+# Persistent local customizations
+include seahorse.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+# dconf
+mkdir ${HOME}/.config/dconf
+whitelist ${HOME}/.config/dconf
+# ssh
+noblacklist /etc/ssh
+noblacklist /tmp/ssh-*
+noblacklist ${HOME}/.ssh
+include whitelist-var-common.inc
+apparmor
+ipc-namespace
+# Redirect
+include gpg.profile
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index c0166ff6f..ca3c00376 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -397,6 +397,7 @@ sayonara
 scallion
 scribus
 sdat2img
+seahorse
 seamonkey
 seamonkey-bin
 shellcheck

diff --git a/etc/seahorse-tool.profile b/etc/seahorse-tool.profile new file mode 100644 index 000000000..bbab69162 --- /dev/null +++ b/etc/seahorse-tool.profile
@@ -0,0 +1,28 @@
		1	# Firejail profile for seahorse-tool
		2	# Description: PGP encryption and signing
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include seahorse-tool.local
		6	# Persistent global definitions
		7	# added by included profile
		8	#include globals.local
		9
		10	# dconf
		11	mkdir ${HOME}/.config/dconf
		12	whitelist ${HOME}/.config/dconf
		13
		14	include disable-xdg.inc
		15	include whitelist-var-common.inc
		16
		17	apparmor
		18	ipc-namespace
		19
		20	disable-mnt
		21	private-tmp
		22
		23	memory-deny-write-execute
		24	noexec ${HOME}
		25	noexec /tmp
		26
		27	# Redirect
		28	include gpg.profile


diff --git a/etc/seahorse.profile b/etc/seahorse.profile new file mode 100644 index 000000000..0bf3b89fd --- /dev/null +++ b/etc/seahorse.profile
@@ -0,0 +1,25 @@
		1	# Firejail profile for seahorse
		2	# Description: GNOME application for managing PGP keys
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include seahorse.local
		6	# Persistent global definitions
		7	# added by included profile
		8	#include globals.local
		9
		10	# dconf
		11	mkdir ${HOME}/.config/dconf
		12	whitelist ${HOME}/.config/dconf
		13
		14	# ssh
		15	noblacklist /etc/ssh
		16	noblacklist /tmp/ssh-*
		17	noblacklist ${HOME}/.ssh
		18
		19	include whitelist-var-common.inc
		20
		21	apparmor
		22	ipc-namespace
		23
		24	# Redirect
		25	include gpg.profile


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index c0166ff6f..ca3c00376 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -397,6 +397,7 @@ sayonara
397	scallion	397	scallion
398	scribus	398	scribus
399	sdat2img	399	sdat2img
		400	seahorse
400	seamonkey	401	seamonkey
401	seamonkey-bin	402	seamonkey-bin
402	shellcheck	403	shellcheck