diff options
218 files changed, 921 insertions, 119 deletions
@@ -170,29 +170,31 @@ $ ./profstats *.profile | |||
170 | Warning: multiple caps in transmission-daemon.profile | 170 | Warning: multiple caps in transmission-daemon.profile |
171 | 171 | ||
172 | Stats: | 172 | Stats: |
173 | profiles 1031 | 173 | profiles 1064 |
174 | include local profile 1031 (include profile-name.local) | 174 | include local profile 1064 (include profile-name.local) |
175 | include globals 1031 (include globals.local) | 175 | include globals 1064 (include globals.local) |
176 | blacklist ~/.ssh 1007 (include disable-common.inc) | 176 | blacklist ~/.ssh 959 (include disable-common.inc) |
177 | seccomp 976 | 177 | seccomp 975 |
178 | capabilities 1030 | 178 | capabilities 1063 |
179 | noexec 901 (include disable-exec.inc) | 179 | noexec 944 (include disable-exec.inc) |
180 | memory-deny-write-execute 221 | 180 | memory-deny-write-execute 229 |
181 | apparmor 555 | 181 | apparmor 605 |
182 | private-bin 544 | 182 | private-bin 564 |
183 | private-dev 897 | 183 | private-dev 932 |
184 | private-etc 435 | 184 | private-etc 462 |
185 | private-tmp 785 | 185 | private-tmp 823 |
186 | whitelist home directory 474 | 186 | whitelist home directory 502 |
187 | whitelist var 699 (include whitelist-var-common.inc) | 187 | whitelist var 744 (include whitelist-var-common.inc) |
188 | whitelist run/user 336 (include whitelist-runuser-common.inc | 188 | whitelist run/user 461 (include whitelist-runuser-common.inc |
189 | or blacklist ${RUNUSER}) | 189 | or blacklist ${RUNUSER}) |
190 | whitelist usr/share 359 (include whitelist-usr-share-common.inc | 190 | whitelist usr/share 451 (include whitelist-usr-share-common.inc |
191 | net none 333 | 191 | net none 345 |
192 | dbus-user none 523 | 192 | dbus-user none 564 |
193 | dbus-system none 632 | 193 | dbus-user filter 85 |
194 | dbus-system none 696 | ||
195 | dbus-system filter 7 | ||
194 | ``` | 196 | ``` |
195 | 197 | ||
196 | ### New profiles: | 198 | ### New profiles: |
197 | 199 | ||
198 | spectacle, chromium-browser-privacy, gtk-straw-viewer, gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer, straw-viewer, lutris, dolphin-emu, authenticator-rs, servo, tutanota-desktop, npm, marker, yarn, lsar, unar, agetpkg, mdr, shotwell, qnapi | 200 | spectacle, chromium-browser-privacy, gtk-straw-viewer, gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer, straw-viewer, lutris, dolphin-emu, authenticator-rs, servo, tutanota-desktop, npm, marker, yarn, lsar, unar, agetpkg, mdr, shotwell, qnapi, guvcview, pkglog |
@@ -7,7 +7,8 @@ firejail (0.9.65) baseline; urgency=low | |||
7 | * new profiles: spectacle, chromium-browser-privacy, gtk-straw-viewer | 7 | * new profiles: spectacle, chromium-browser-privacy, gtk-straw-viewer |
8 | * new profiles: gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer | 8 | * new profiles: gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer |
9 | * new profiles: straw-viewer, lutris, dolphin-emu, authenticator-rs, servo | 9 | * new profiles: straw-viewer, lutris, dolphin-emu, authenticator-rs, servo |
10 | * new profiles: npm, marker | 10 | * new profiles: npm, marker, yarn, lsar, unar, agetpkg, mdr, shotwell, qnapi |
11 | * new profiles: guvcview, pkglog | ||
11 | 12 | ||
12 | -- netblue30 <netblue30@yahoo.com> Wed, 21 Oct 2020 09:00:00 -0500 | 13 | -- netblue30 <netblue30@yahoo.com> Wed, 21 Oct 2020 09:00:00 -0500 |
13 | 14 | ||
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 26bcb987f..d24713fe5 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -253,6 +253,7 @@ blacklist ${HOME}/.config/google-chrome-unstable | |||
253 | blacklist ${HOME}/.config/gpicview | 253 | blacklist ${HOME}/.config/gpicview |
254 | blacklist ${HOME}/.config/gthumb | 254 | blacklist ${HOME}/.config/gthumb |
255 | blacklist ${HOME}/.config/gummi | 255 | blacklist ${HOME}/.config/gummi |
256 | blacklist ${HOME}/.config/guvcview2 | ||
256 | blacklist ${HOME}/.config/gwenviewrc | 257 | blacklist ${HOME}/.config/gwenviewrc |
257 | blacklist ${HOME}/.config/hexchat | 258 | blacklist ${HOME}/.config/hexchat |
258 | blacklist ${HOME}/.config/homebank | 259 | blacklist ${HOME}/.config/homebank |
@@ -274,6 +275,8 @@ blacklist ${HOME}/.config/katevirc | |||
274 | blacklist ${HOME}/.config/kazam | 275 | blacklist ${HOME}/.config/kazam |
275 | blacklist ${HOME}/.config/kdeconnect | 276 | blacklist ${HOME}/.config/kdeconnect |
276 | blacklist ${HOME}/.config/kdenliverc | 277 | blacklist ${HOME}/.config/kdenliverc |
278 | blacklist ${HOME}/.config/kdiff3fileitemactionrc | ||
279 | blacklist ${HOME}/.config/kdiff3rc | ||
277 | blacklist ${HOME}/.config/kfindrc | 280 | blacklist ${HOME}/.config/kfindrc |
278 | blacklist ${HOME}/.config/kgetrc | 281 | blacklist ${HOME}/.config/kgetrc |
279 | blacklist ${HOME}/.config/kid3rc | 282 | blacklist ${HOME}/.config/kid3rc |
@@ -468,10 +471,7 @@ blacklist ${HOME}/.gimp* | |||
468 | blacklist ${HOME}/.gist | 471 | blacklist ${HOME}/.gist |
469 | blacklist ${HOME}/.gitconfig | 472 | blacklist ${HOME}/.gitconfig |
470 | blacklist ${HOME}/.gnome/gnome-schedule | 473 | blacklist ${HOME}/.gnome/gnome-schedule |
471 | blacklist ${HOME}/.googleearth/Cache | 474 | blacklist ${HOME}/.googleearth |
472 | blacklist ${HOME}/.googleearth/Temp | ||
473 | blacklist ${HOME}/.googleearth/myplaces.backup.kml | ||
474 | blacklist ${HOME}/.googleearth/myplaces.kml | ||
475 | blacklist ${HOME}/.gradle | 475 | blacklist ${HOME}/.gradle |
476 | blacklist ${HOME}/.gramps | 476 | blacklist ${HOME}/.gramps |
477 | blacklist ${HOME}/.guayadeque | 477 | blacklist ${HOME}/.guayadeque |
diff --git a/etc/profile-a-l/Builder.profile b/etc/profile-a-l/Builder.profile index 54b437441..a010e84dc 100644 --- a/etc/profile-a-l/Builder.profile +++ b/etc/profile-a-l/Builder.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for gnome-builder | 1 | # Firejail profile for gnome-builder |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Builder.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include gnome-builder.profile | 9 | include gnome-builder.profile |
diff --git a/etc/profile-a-l/Cheese.profile b/etc/profile-a-l/Cheese.profile index 5bb5064f0..e8020c3e1 100644 --- a/etc/profile-a-l/Cheese.profile +++ b/etc/profile-a-l/Cheese.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for cheese | 1 | # Firejail profile for cheese |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Cheese.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include cheese.profile | 9 | include cheese.profile |
diff --git a/etc/profile-a-l/Cyberfox.profile b/etc/profile-a-l/Cyberfox.profile index 26a4348c9..d26230b02 100644 --- a/etc/profile-a-l/Cyberfox.profile +++ b/etc/profile-a-l/Cyberfox.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for cyberfox | 1 | # Firejail profile alias for cyberfox |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Cyberfox.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include cyberfox.profile | 8 | include cyberfox.profile |
diff --git a/etc/profile-a-l/Documents.profile b/etc/profile-a-l/Documents.profile index 171ab4357..94109e239 100644 --- a/etc/profile-a-l/Documents.profile +++ b/etc/profile-a-l/Documents.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for gnome-documents | 1 | # Firejail profile for gnome-documents |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Documents.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include gnome-documents.profile | 9 | include gnome-documents.profile |
diff --git a/etc/profile-a-l/FossaMail.profile b/etc/profile-a-l/FossaMail.profile index 9e1f61421..9c7826643 100644 --- a/etc/profile-a-l/FossaMail.profile +++ b/etc/profile-a-l/FossaMail.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for fossamail | 1 | # Firejail profile alias for fossamail |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include FossaMail.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include fossamail.profile | 8 | include fossamail.profile |
diff --git a/etc/profile-a-l/Gitter.profile b/etc/profile-a-l/Gitter.profile index a8bcb6a54..f670d0d7f 100644 --- a/etc/profile-a-l/Gitter.profile +++ b/etc/profile-a-l/Gitter.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for Gitter | 1 | # Firejail profile alias for Gitter |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Gitter.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include gitter.profile | 8 | include gitter.profile |
diff --git a/etc/profile-a-l/Logs.profile b/etc/profile-a-l/Logs.profile index 431439f17..2d01ccb87 100644 --- a/etc/profile-a-l/Logs.profile +++ b/etc/profile-a-l/Logs.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for gnome-logs | 1 | # Firejail profile for gnome-logs |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Logs.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include gnome-logs.profile | 9 | include gnome-logs.profile |
diff --git a/etc/profile-a-l/ardour4.profile b/etc/profile-a-l/ardour4.profile index 4ad8dd456..b81f01389 100644 --- a/etc/profile-a-l/ardour4.profile +++ b/etc/profile-a-l/ardour4.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for ardour5 | 1 | # Firejail profile alias for ardour5 |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include ardur4.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include ardour5.profile | 8 | include ardour5.profile |
diff --git a/etc/profile-a-l/bibletime.profile b/etc/profile-a-l/bibletime.profile index 99e2802eb..235b84be3 100644 --- a/etc/profile-a-l/bibletime.profile +++ b/etc/profile-a-l/bibletime.profile | |||
@@ -26,6 +26,7 @@ whitelist ${HOME}/.bibletime | |||
26 | whitelist ${HOME}/.sword | 26 | whitelist ${HOME}/.sword |
27 | whitelist ${HOME}/.local/share/bibletime | 27 | whitelist ${HOME}/.local/share/bibletime |
28 | whitelist /usr/share/bibletime | 28 | whitelist /usr/share/bibletime |
29 | whitelist /usr/share/doc/bibletime | ||
29 | whitelist /usr/share/sword | 30 | whitelist /usr/share/sword |
30 | include whitelist-common.inc | 31 | include whitelist-common.inc |
31 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/blackbox.profile b/etc/profile-a-l/blackbox.profile index 13e83493d..233f9a96f 100644 --- a/etc/profile-a-l/blackbox.profile +++ b/etc/profile-a-l/blackbox.profile | |||
@@ -6,7 +6,7 @@ include blackbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in awesome will run in this profile | 9 | # all applications started in blackbox will run in this profile |
10 | noblacklist ${HOME}/.blackbox | 10 | noblacklist ${HOME}/.blackbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
diff --git a/etc/profile-a-l/blender-2.8.profile b/etc/profile-a-l/blender-2.8.profile index b7242c443..f8062d00e 100644 --- a/etc/profile-a-l/blender-2.8.profile +++ b/etc/profile-a-l/blender-2.8.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for blender | 1 | # Firejail profile alias for blender |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include blender-2.8.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include blender.profile | 8 | include blender.profile |
diff --git a/etc/profile-a-l/brave-browser-beta.profile b/etc/profile-a-l/brave-browser-beta.profile index 528a6402d..bfea2c622 100644 --- a/etc/profile-a-l/brave-browser-beta.profile +++ b/etc/profile-a-l/brave-browser-beta.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for brave (beta channel) | 1 | # Firejail profile alias for brave (beta channel) |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include brave-browser-beta.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include brave.profile | 8 | include brave.profile |
diff --git a/etc/profile-a-l/brave-browser-dev.profile b/etc/profile-a-l/brave-browser-dev.profile index 4601de119..6c66c9697 100644 --- a/etc/profile-a-l/brave-browser-dev.profile +++ b/etc/profile-a-l/brave-browser-dev.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for brave (development channel) | 1 | # Firejail profile alias for brave (development channel) |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include brave-browser-dev.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include brave.profile | 8 | include brave.profile |
diff --git a/etc/profile-a-l/brave-browser-nightly.profile b/etc/profile-a-l/brave-browser-nightly.profile index 43d3cc724..8812f06ba 100644 --- a/etc/profile-a-l/brave-browser-nightly.profile +++ b/etc/profile-a-l/brave-browser-nightly.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for brave (nightly channel) | 1 | # Firejail profile alias for brave (nightly channel) |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include brave-browser-nightly.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include brave.profile | 8 | include brave.profile |
diff --git a/etc/profile-a-l/brave-browser-stable.profile b/etc/profile-a-l/brave-browser-stable.profile index 06d33dea4..f59e5763b 100644 --- a/etc/profile-a-l/brave-browser-stable.profile +++ b/etc/profile-a-l/brave-browser-stable.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for brave (release channel) | 1 | # Firejail profile alias for brave (release channel) |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include brave-browser-stable.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include brave.profile | 8 | include brave.profile |
diff --git a/etc/profile-a-l/brave-browser.profile b/etc/profile-a-l/brave-browser.profile index e223ecf87..d9c9c45d7 100644 --- a/etc/profile-a-l/brave-browser.profile +++ b/etc/profile-a-l/brave-browser.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for brave | 1 | # Firejail profile alias for brave |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include brave-browser.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include brave.profile | 8 | include brave.profile |
diff --git a/etc/profile-a-l/bsdcat.profile b/etc/profile-a-l/bsdcat.profile index 5271ee5d6..562ba4b65 100644 --- a/etc/profile-a-l/bsdcat.profile +++ b/etc/profile-a-l/bsdcat.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for bsdtar | 1 | # Firejail profile alias for bsdtar |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include bsdcat.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include bsdtar.profile | 8 | include bsdtar.profile |
diff --git a/etc/profile-a-l/bsdcpio.profile b/etc/profile-a-l/bsdcpio.profile index 5271ee5d6..ed109957d 100644 --- a/etc/profile-a-l/bsdcpio.profile +++ b/etc/profile-a-l/bsdcpio.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for bsdtar | 1 | # Firejail profile alias for bsdtar |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include bsdcpio.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include bsdtar.profile | 8 | include bsdtar.profile |
diff --git a/etc/profile-a-l/calligraauthor.profile b/etc/profile-a-l/calligraauthor.profile index 7804a3b97..bb555a70b 100644 --- a/etc/profile-a-l/calligraauthor.profile +++ b/etc/profile-a-l/calligraauthor.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligraauthor.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include calligra.profile | 8 | include calligra.profile |
diff --git a/etc/profile-a-l/calligraconverter.profile b/etc/profile-a-l/calligraconverter.profile index 7804a3b97..205087758 100644 --- a/etc/profile-a-l/calligraconverter.profile +++ b/etc/profile-a-l/calligraconverter.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligraconverter.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include calligra.profile | 8 | include calligra.profile |
diff --git a/etc/profile-a-l/calligraflow.profile b/etc/profile-a-l/calligraflow.profile index 7804a3b97..99e094016 100644 --- a/etc/profile-a-l/calligraflow.profile +++ b/etc/profile-a-l/calligraflow.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligraflow.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include calligra.profile | 8 | include calligra.profile |
diff --git a/etc/profile-a-l/calligraplan.profile b/etc/profile-a-l/calligraplan.profile index 23dd61175..d8b18b238 100644 --- a/etc/profile-a-l/calligraplan.profile +++ b/etc/profile-a-l/calligraplan.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligraplan.local | ||
6 | |||
4 | noblacklist ${HOME}/.local/share/kxmlgui5/calligraplan | 7 | noblacklist ${HOME}/.local/share/kxmlgui5/calligraplan |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/calligraplanwork.profile b/etc/profile-a-l/calligraplanwork.profile index 1c283a3cb..0feb49a77 100644 --- a/etc/profile-a-l/calligraplanwork.profile +++ b/etc/profile-a-l/calligraplanwork.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligraplanwork.local | ||
6 | |||
4 | noblacklist ${HOME}/.local/share/kxmlgui5/calligraplanwork | 7 | noblacklist ${HOME}/.local/share/kxmlgui5/calligraplanwork |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/calligrasheets.profile b/etc/profile-a-l/calligrasheets.profile index 8ef75be71..0c45b6b54 100644 --- a/etc/profile-a-l/calligrasheets.profile +++ b/etc/profile-a-l/calligrasheets.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligrasheets.local | ||
6 | |||
4 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrasheets | 7 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrasheets |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/calligrastage.profile b/etc/profile-a-l/calligrastage.profile index d5c960248..a9db7e64b 100644 --- a/etc/profile-a-l/calligrastage.profile +++ b/etc/profile-a-l/calligrastage.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligrastage.local | ||
6 | |||
4 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrastage | 7 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrastage |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/calligrawords.profile b/etc/profile-a-l/calligrawords.profile index 5985b4250..1f62cb7ec 100644 --- a/etc/profile-a-l/calligrawords.profile +++ b/etc/profile-a-l/calligrawords.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for calligra | 1 | # Firejail profile alias for calligra |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include calligrawords.local | ||
6 | |||
4 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrawords | 7 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrawords |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/cheese.profile b/etc/profile-a-l/cheese.profile index 337117c4a..aca1f5876 100644 --- a/etc/profile-a-l/cheese.profile +++ b/etc/profile-a-l/cheese.profile | |||
@@ -19,7 +19,10 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | whitelist ${VIDEOS} | 20 | whitelist ${VIDEOS} |
21 | whitelist ${PICTURES} | 21 | whitelist ${PICTURES} |
22 | whitelist /usr/share/gnome-video-effects | ||
22 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | ||
25 | include whitelist-usr-share-common.inc | ||
23 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
24 | 27 | ||
25 | apparmor | 28 | apparmor |
@@ -43,5 +46,6 @@ private-cache | |||
43 | private-etc alternatives,clutter-1.0,dconf,drirc,fonts,gtk-3.0 | 46 | private-etc alternatives,clutter-1.0,dconf,drirc,fonts,gtk-3.0 |
44 | private-tmp | 47 | private-tmp |
45 | 48 | ||
46 | dbus-user none | 49 | dbus-user filter |
50 | dbus-user.talk ca.desrt.dconf | ||
47 | dbus-system none | 51 | dbus-system none |
diff --git a/etc/profile-a-l/chromium-browser.profile b/etc/profile-a-l/chromium-browser.profile index f83052d9a..c782a4d78 100644 --- a/etc/profile-a-l/chromium-browser.profile +++ b/etc/profile-a-l/chromium-browser.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for chromium | 1 | # Firejail profile alias for chromium |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include chromium-browser.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include chromium.profile | 8 | include chromium.profile |
diff --git a/etc/profile-a-l/chromium-freeworld.profile b/etc/profile-a-l/chromium-freeworld.profile index a1de85afa..5d1f3c11c 100644 --- a/etc/profile-a-l/chromium-freeworld.profile +++ b/etc/profile-a-l/chromium-freeworld.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile for chromium-freeworld | 1 | # Firejail profile for chromium-freeworld |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include chromium-freeworld.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include chromium.profile | 8 | include chromium.profile |
diff --git a/etc/profile-a-l/cinelerra.profile b/etc/profile-a-l/cinelerra.profile index 88a65037e..823375049 100644 --- a/etc/profile-a-l/cinelerra.profile +++ b/etc/profile-a-l/cinelerra.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for cin | 1 | # Firejail profile alias for cin |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include cinelerra.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include cin.profile | 8 | include cin.profile |
diff --git a/etc/profile-a-l/clamdscan.profile b/etc/profile-a-l/clamdscan.profile index 4c6c56c5f..1a89a927d 100644 --- a/etc/profile-a-l/clamdscan.profile +++ b/etc/profile-a-l/clamdscan.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for clamav | 1 | # Firejail profile alias for clamav |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include clamdscan.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include clamav.profile | 8 | include clamav.profile |
diff --git a/etc/profile-a-l/clamdtop.profile b/etc/profile-a-l/clamdtop.profile index 4c6c56c5f..96f68b8f6 100644 --- a/etc/profile-a-l/clamdtop.profile +++ b/etc/profile-a-l/clamdtop.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for clamav | 1 | # Firejail profile alias for clamav |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include clamdtop.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include clamav.profile | 8 | include clamav.profile |
diff --git a/etc/profile-a-l/clamscan.profile b/etc/profile-a-l/clamscan.profile index 4c6c56c5f..ec435a50a 100644 --- a/etc/profile-a-l/clamscan.profile +++ b/etc/profile-a-l/clamscan.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for clamav | 1 | # Firejail profile alias for clamav |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include clamscan.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include clamav.profile | 8 | include clamav.profile |
diff --git a/etc/profile-a-l/clocks.profile b/etc/profile-a-l/clocks.profile index da50e7d49..c180e6faa 100644 --- a/etc/profile-a-l/clocks.profile +++ b/etc/profile-a-l/clocks.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for gnome-clocks | 1 | # Firejail profile for gnome-clocks |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include clocks.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include gnome-clocks.profile | 9 | include gnome-clocks.profile |
diff --git a/etc/profile-a-l/com.gitlab.newsflash.profile b/etc/profile-a-l/com.gitlab.newsflash.profile index 0628d3d01..26f99428c 100644 --- a/etc/profile-a-l/com.gitlab.newsflash.profile +++ b/etc/profile-a-l/com.gitlab.newsflash.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for newsflash | 1 | # Firejail profile alias for newsflash |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include com.gitlab.newsflash.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include newsflash.profile | 8 | include newsflash.profile |
diff --git a/etc/profile-a-l/crawl-tiles.profile b/etc/profile-a-l/crawl-tiles.profile index 39151865e..b384e42ae 100644 --- a/etc/profile-a-l/crawl-tiles.profile +++ b/etc/profile-a-l/crawl-tiles.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for crawl | 1 | # Firejail profile alias for crawl |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include crawl-titles.local | ||
6 | |||
4 | ignore no3d | 7 | ignore no3d |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/cryptocat.profile b/etc/profile-a-l/cryptocat.profile index 69aa39de2..b208b21a0 100644 --- a/etc/profile-a-l/cryptocat.profile +++ b/etc/profile-a-l/cryptocat.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for Cryptocat | 1 | # Firejail profile alias for Cryptocat |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include cryptocat.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include Cryptocat.profile | 8 | include Cryptocat.profile |
diff --git a/etc/profile-a-l/dooble-qt4.profile b/etc/profile-a-l/dooble-qt4.profile index 70a21e11c..c21df94c5 100644 --- a/etc/profile-a-l/dooble-qt4.profile +++ b/etc/profile-a-l/dooble-qt4.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for dooble | 1 | # Firejail profile alias for dooble |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include dooble-qt4.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include dooble.profile | 8 | include dooble.profile |
diff --git a/etc/profile-a-l/fluxbox.profile b/etc/profile-a-l/fluxbox.profile index c296c0491..1210f365c 100644 --- a/etc/profile-a-l/fluxbox.profile +++ b/etc/profile-a-l/fluxbox.profile | |||
@@ -6,7 +6,7 @@ include fluxbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in awesome will run in this profile | 9 | # all applications started in fluxbox will run in this profile |
10 | noblacklist ${HOME}/.fluxbox | 10 | noblacklist ${HOME}/.fluxbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
diff --git a/etc/profile-a-l/freecadcmd.profile b/etc/profile-a-l/freecadcmd.profile index 44bf62cfe..573029add 100644 --- a/etc/profile-a-l/freecadcmd.profile +++ b/etc/profile-a-l/freecadcmd.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for freecad | 1 | # Firejail profile alias for freecad |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include freecadcms.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include freecad.profile | 8 | include freecad.profile |
diff --git a/etc/profile-a-l/freeciv-gtk3.profile b/etc/profile-a-l/freeciv-gtk3.profile index fa36459e7..d8d1592c5 100644 --- a/etc/profile-a-l/freeciv-gtk3.profile +++ b/etc/profile-a-l/freeciv-gtk3.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for freeciv | 1 | # Firejail profile alias for freeciv |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include freeciv-gtk3.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include freeciv.profile | 8 | include freeciv.profile |
diff --git a/etc/profile-a-l/freeciv-mp-gtk3.profile b/etc/profile-a-l/freeciv-mp-gtk3.profile index fa36459e7..16bc87848 100644 --- a/etc/profile-a-l/freeciv-mp-gtk3.profile +++ b/etc/profile-a-l/freeciv-mp-gtk3.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for freeciv | 1 | # Firejail profile alias for freeciv |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include freeciv-mp-gtk3.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include freeciv.profile | 8 | include freeciv.profile |
diff --git a/etc/profile-a-l/gajim-history-manager.profile b/etc/profile-a-l/gajim-history-manager.profile index 2ae6dd9d8..2f4f2c548 100644 --- a/etc/profile-a-l/gajim-history-manager.profile +++ b/etc/profile-a-l/gajim-history-manager.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for gajim-history-manager | 1 | # Firejail profile alias for gajim-history-manager |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include gajim-history-manager.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include gajim.profile | 8 | include gajim.profile |
diff --git a/etc/profile-a-l/ghb.profile b/etc/profile-a-l/ghb.profile index 1e7ce2350..809328448 100644 --- a/etc/profile-a-l/ghb.profile +++ b/etc/profile-a-l/ghb.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for handbrake | 1 | # Firejail profile alias for handbrake |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include ghb.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include handbrake.profile | 8 | include handbrake.profile |
diff --git a/etc/profile-a-l/gimp-2.10.profile b/etc/profile-a-l/gimp-2.10.profile index dbf49ac22..89616a537 100644 --- a/etc/profile-a-l/gimp-2.10.profile +++ b/etc/profile-a-l/gimp-2.10.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for gimp | 1 | # Firejail profile alias for gimp |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include gimp-2.10.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include gimp.profile | 8 | include gimp.profile |
diff --git a/etc/profile-a-l/gimp-2.8.profile b/etc/profile-a-l/gimp-2.8.profile index dbf49ac22..30449e6f4 100644 --- a/etc/profile-a-l/gimp-2.8.profile +++ b/etc/profile-a-l/gimp-2.8.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for gimp | 1 | # Firejail profile alias for gimp |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include gimp-2.8.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include gimp.profile | 8 | include gimp.profile |
diff --git a/etc/profile-a-l/gnome-mpv.profile b/etc/profile-a-l/gnome-mpv.profile index f5d652732..2620d1558 100644 --- a/etc/profile-a-l/gnome-mpv.profile +++ b/etc/profile-a-l/gnome-mpv.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for celluloid (formerly GNOME MPV) | 1 | # Firejail profile alias for celluloid (formerly GNOME MPV) |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include gnome-mpv.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include celluloid.profile | 8 | include celluloid.profile |
diff --git a/etc/profile-a-l/google-chrome-stable.profile b/etc/profile-a-l/google-chrome-stable.profile index a456e8d61..7c54a0888 100644 --- a/etc/profile-a-l/google-chrome-stable.profile +++ b/etc/profile-a-l/google-chrome-stable.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for google-chrome | 1 | # Firejail profile alias for google-chrome |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include google-chrome-stable.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include google-chrome.profile | 8 | include google-chrome.profile |
diff --git a/etc/profile-a-l/google-earth-pro.profile b/etc/profile-a-l/google-earth-pro.profile index c1f919769..a0e4f6d86 100644 --- a/etc/profile-a-l/google-earth-pro.profile +++ b/etc/profile-a-l/google-earth-pro.profile | |||
@@ -1,7 +1,14 @@ | |||
1 | # Firejail profile alias for google-earth | 1 | # Firejail profile for google-earth-pro |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | ||
4 | include google-earth-pro.local | ||
5 | # Persistent global definitions | ||
6 | # added by included profile | ||
7 | #include globals.local | ||
3 | 8 | ||
4 | private-bin google-earth-pro | 9 | # If you see errors about missing commands, uncomment the below or put 'ignore private-bin' into your google-earth-pro.local |
10 | #ignore private-bin | ||
11 | private-bin google-earth-pro,googleearth,googleearth-bin,gpsbabel,readlink,repair_tool,which,xdg-mime,xdg-settings | ||
5 | 12 | ||
6 | # Redirect | 13 | # Redirect |
7 | include google-earth.profile | 14 | include google-earth.profile |
diff --git a/etc/profile-a-l/google-earth.profile b/etc/profile-a-l/google-earth.profile index a331ef8d2..12b1cbafd 100644 --- a/etc/profile-a-l/google-earth.profile +++ b/etc/profile-a-l/google-earth.profile | |||
@@ -6,10 +6,7 @@ include google-earth.local | |||
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/Google | 8 | noblacklist ${HOME}/.config/Google |
9 | noblacklist ${HOME}/.googleearth/Cache | 9 | noblacklist ${HOME}/.googleearth |
10 | noblacklist ${HOME}/.googleearth/Temp | ||
11 | noblacklist ${HOME}/.googleearth/myplaces.backup.kml | ||
12 | noblacklist ${HOME}/.googleearth/myplaces.kml | ||
13 | 10 | ||
14 | include disable-common.inc | 11 | include disable-common.inc |
15 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -19,15 +16,9 @@ include disable-passwdmgr.inc | |||
19 | include disable-programs.inc | 16 | include disable-programs.inc |
20 | 17 | ||
21 | mkdir ${HOME}/.config/Google | 18 | mkdir ${HOME}/.config/Google |
22 | mkdir ${HOME}/.googleearth/Cache | 19 | mkdir ${HOME}/.googleearth |
23 | mkdir ${HOME}/.googleearth/Temp | ||
24 | mkfile ${HOME}/.googleearth/myplaces.backup.kml | ||
25 | mkfile ${HOME}/.googleearth/myplaces.kml | ||
26 | whitelist ${HOME}/.config/Google | 20 | whitelist ${HOME}/.config/Google |
27 | whitelist ${HOME}/.googleearth/Cache | 21 | whitelist ${HOME}/.googleearth |
28 | whitelist ${HOME}/.googleearth/Temp | ||
29 | whitelist ${HOME}/.googleearth/myplaces.backup.kml | ||
30 | whitelist ${HOME}/.googleearth/myplaces.kml | ||
31 | include whitelist-common.inc | 22 | include whitelist-common.inc |
32 | 23 | ||
33 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-a-l/gtar.profile b/etc/profile-a-l/gtar.profile index 2391c121b..ccb97265e 100644 --- a/etc/profile-a-l/gtar.profile +++ b/etc/profile-a-l/gtar.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for tar | 1 | # Firejail profile alias for tar |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include gtar.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include tar.profile | 8 | include tar.profile |
diff --git a/etc/profile-a-l/guvcview.profile b/etc/profile-a-l/guvcview.profile new file mode 100644 index 000000000..46fc06940 --- /dev/null +++ b/etc/profile-a-l/guvcview.profile | |||
@@ -0,0 +1,55 @@ | |||
1 | # Firejail profile for guvcview | ||
2 | # Description: GTK+ base UVC Viewer | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include guvcview.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/guvcview2 | ||
10 | |||
11 | noblacklist ${PICTURES} | ||
12 | noblacklist ${VIDEOS} | ||
13 | |||
14 | include disable-common.inc | ||
15 | include disable-devel.inc | ||
16 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | ||
18 | include disable-passwdmgr.inc | ||
19 | include disable-programs.inc | ||
20 | include disable-shell.inc | ||
21 | include disable-xdg.inc | ||
22 | |||
23 | mkdir ${HOME}/.config/guvcview2 | ||
24 | whitelist ${HOME}/.config/guvcview2 | ||
25 | whitelist ${PICTURES} | ||
26 | whitelist ${VIDEOS} | ||
27 | include whitelist-common.inc | ||
28 | include whitelist-runuser-common.inc | ||
29 | include whitelist-usr-share-common.inc | ||
30 | include whitelist-var-common.inc | ||
31 | |||
32 | apparmor | ||
33 | caps.drop all | ||
34 | net none | ||
35 | nodvd | ||
36 | nogroups | ||
37 | nonewprivs | ||
38 | noroot | ||
39 | notv | ||
40 | nou2f | ||
41 | protocol unix,netlink | ||
42 | seccomp | ||
43 | seccomp.block-secondary | ||
44 | shell none | ||
45 | tracelog | ||
46 | |||
47 | disable-mnt | ||
48 | private-bin guvcview | ||
49 | private-cache | ||
50 | private-dev | ||
51 | private-etc alsa,alternatives,asound.conf,bumblebee,dconf,drirc,fonts,glvnd,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nvidia,pango,pulse,X11 | ||
52 | private-tmp | ||
53 | |||
54 | dbus-user none | ||
55 | dbus-system none | ||
diff --git a/etc/profile-a-l/handbrake-gtk.profile b/etc/profile-a-l/handbrake-gtk.profile index 1e7ce2350..317ebc99d 100644 --- a/etc/profile-a-l/handbrake-gtk.profile +++ b/etc/profile-a-l/handbrake-gtk.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for handbrake | 1 | # Firejail profile alias for handbrake |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include handbrake-gtk.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include handbrake.profile | 8 | include handbrake.profile |
diff --git a/etc/profile-a-l/i3.profile b/etc/profile-a-l/i3.profile index c1ca0e413..e96b1843c 100644 --- a/etc/profile-a-l/i3.profile +++ b/etc/profile-a-l/i3.profile | |||
@@ -6,7 +6,7 @@ include i3.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in awesome will run in this profile | 9 | # all applications started in i3 will run in this profile |
10 | noblacklist ${HOME}/.config/i3 | 10 | noblacklist ${HOME}/.config/i3 |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
diff --git a/etc/profile-a-l/iridium-browser.profile b/etc/profile-a-l/iridium-browser.profile index c7ee64d56..e83a1132d 100644 --- a/etc/profile-a-l/iridium-browser.profile +++ b/etc/profile-a-l/iridium-browser.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for iridium | 1 | # Firejail profile alias for iridium |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include iridium-browser.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include iridium.profile | 8 | include iridium.profile |
diff --git a/etc/profile-a-l/kalgebramobile.profile b/etc/profile-a-l/kalgebramobile.profile index d2394fe20..c7bd9c105 100644 --- a/etc/profile-a-l/kalgebramobile.profile +++ b/etc/profile-a-l/kalgebramobile.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile for kalgebramobile | 1 | # Firejail profile for kalgebramobile |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include kalgebramobile.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include kalgebra.profile | 8 | include kalgebra.profile |
diff --git a/etc/profile-a-l/karbon.profile b/etc/profile-a-l/karbon.profile index d54d6d3d0..54d029c1a 100644 --- a/etc/profile-a-l/karbon.profile +++ b/etc/profile-a-l/karbon.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for krita | 1 | # Firejail profile alias for krita |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include karbon.local | ||
6 | |||
4 | noblacklist ${HOME}/.local/share/kxmlgui5/karbon | 7 | noblacklist ${HOME}/.local/share/kxmlgui5/karbon |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-a-l/kdiff3.profile b/etc/profile-a-l/kdiff3.profile new file mode 100644 index 000000000..8290e07f2 --- /dev/null +++ b/etc/profile-a-l/kdiff3.profile | |||
@@ -0,0 +1,52 @@ | |||
1 | # Firejail profile for kdiff3 | ||
2 | # Description: KDiff3 is a file and folder diff and merge tool. | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include kdiff3.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/kdiff3fileitemactionrc | ||
10 | noblacklist ${HOME}/.config/kdiff3rc | ||
11 | |||
12 | # Uncomment the next line (or put it into your kdiff3.local) if you don't need to compare files in disable-common.inc. | ||
13 | #include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | ||
17 | include disable-passwdmgr.inc | ||
18 | # Uncomment the next line (or put it into your kdiff3.local) if you don't need to compare files in disable-programs.inc. | ||
19 | #include disable-programs.inc | ||
20 | include disable-shell.inc | ||
21 | include disable-xdg.inc | ||
22 | |||
23 | include whitelist-runuser-common.inc | ||
24 | # Uncomment the next lines (or put it into your kdiff3.local) if you don't need to compare files in /usr/share. | ||
25 | #include whitelist-usr-share-common.inc | ||
26 | # Uncomment the next line (or put it into your kdiff3.local) if you don't need to compare files in /var. | ||
27 | #include whitelist-var-common.inc | ||
28 | |||
29 | apparmor | ||
30 | caps.drop all | ||
31 | machine-id | ||
32 | net none | ||
33 | nodvd | ||
34 | nogroups | ||
35 | nonewprivs | ||
36 | noroot | ||
37 | nosound | ||
38 | notv | ||
39 | nou2f | ||
40 | novideo | ||
41 | seccomp | ||
42 | seccomp.block-secondary | ||
43 | shell none | ||
44 | tracelog | ||
45 | |||
46 | disable-mnt | ||
47 | private-bin kdiff3 | ||
48 | private-cache | ||
49 | private-dev | ||
50 | |||
51 | dbus-user none | ||
52 | dbus-system none | ||
diff --git a/etc/profile-a-l/keepass2.profile b/etc/profile-a-l/keepass2.profile index aef236ccc..97fe987dd 100644 --- a/etc/profile-a-l/keepass2.profile +++ b/etc/profile-a-l/keepass2.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for keepass | 1 | # Firejail profile alias for keepass |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include keepass2.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include keepass.profile | 8 | include keepass.profile |
diff --git a/etc/profile-a-l/keepassx2.profile b/etc/profile-a-l/keepassx2.profile index fdd27e9f9..ed3d6701a 100644 --- a/etc/profile-a-l/keepassx2.profile +++ b/etc/profile-a-l/keepassx2.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Cross platform password manager | 2 | # Description: Cross platform password manager |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include keepassx2.local | ||
7 | |||
5 | # Redirects | 8 | # Redirects |
6 | include keepassx.profile | 9 | include keepassx.profile |
diff --git a/etc/profile-a-l/klatexformula_cmdl.profile b/etc/profile-a-l/klatexformula_cmdl.profile index 9137963c4..d599a80d0 100644 --- a/etc/profile-a-l/klatexformula_cmdl.profile +++ b/etc/profile-a-l/klatexformula_cmdl.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for klatexformula_cmdl | 1 | # Firejail profile alias for klatexformula_cmdl |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include klatexformula_cmdl.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include klatexformula.profile | 8 | include klatexformula.profile |
diff --git a/etc/profile-a-l/krunner.profile b/etc/profile-a-l/krunner.profile index c64113c15..9cb5eff87 100644 --- a/etc/profile-a-l/krunner.profile +++ b/etc/profile-a-l/krunner.profile | |||
@@ -6,9 +6,9 @@ include krunner.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # - programs started in krunner run with this generic profile. | 9 | # - programs started in krunner run with this generic profile |
10 | # - when a file is opened in krunner, the file viewer runs in its own sandbox | 10 | # - when a file is opened in krunner, the file viewer runs in its own sandbox |
11 | # with its own profile, if it is sandboxed automatically. | 11 | # with its own profile, if it is sandboxed automatically |
12 | 12 | ||
13 | # noblacklist ${HOME}/.cache/krunner | 13 | # noblacklist ${HOME}/.cache/krunner |
14 | # noblacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite* | 14 | # noblacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite* |
diff --git a/etc/profile-a-l/lbunzip2.profile b/etc/profile-a-l/lbunzip2.profile index 338d8c8bb..822383ff4 100644 --- a/etc/profile-a-l/lbunzip2.profile +++ b/etc/profile-a-l/lbunzip2.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: GNU compression utilities | 2 | # Description: GNU compression utilities |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include lbunzip2.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include gzip.profile | 9 | include gzip.profile |
diff --git a/etc/profile-a-l/lbzcat.profile b/etc/profile-a-l/lbzcat.profile index 338d8c8bb..fe8badb58 100644 --- a/etc/profile-a-l/lbzcat.profile +++ b/etc/profile-a-l/lbzcat.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: GNU compression utilities | 2 | # Description: GNU compression utilities |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include lbzcat.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include gzip.profile | 9 | include gzip.profile |
diff --git a/etc/profile-a-l/lbzip2.profile b/etc/profile-a-l/lbzip2.profile index 338d8c8bb..3f986fa44 100644 --- a/etc/profile-a-l/lbzip2.profile +++ b/etc/profile-a-l/lbzip2.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: GNU compression utilities | 2 | # Description: GNU compression utilities |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include lbzip2.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include gzip.profile | 9 | include gzip.profile |
diff --git a/etc/profile-a-l/lobase.profile b/etc/profile-a-l/lobase.profile index 8348a57fe..51d76cae7 100644 --- a/etc/profile-a-l/lobase.profile +++ b/etc/profile-a-l/lobase.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include lobase.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/localc.profile b/etc/profile-a-l/localc.profile index 8348a57fe..df48a320c 100644 --- a/etc/profile-a-l/localc.profile +++ b/etc/profile-a-l/localc.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include localc.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/lodraw.profile b/etc/profile-a-l/lodraw.profile index 8348a57fe..bf5c8c456 100644 --- a/etc/profile-a-l/lodraw.profile +++ b/etc/profile-a-l/lodraw.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include lodraw.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/loffice.profile b/etc/profile-a-l/loffice.profile index 8348a57fe..5fbfdf443 100644 --- a/etc/profile-a-l/loffice.profile +++ b/etc/profile-a-l/loffice.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include loffice.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/lofromtemplate.profile b/etc/profile-a-l/lofromtemplate.profile index 8348a57fe..3decca6a8 100644 --- a/etc/profile-a-l/lofromtemplate.profile +++ b/etc/profile-a-l/lofromtemplate.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include lofromtemplate.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/loimpress.profile b/etc/profile-a-l/loimpress.profile index 8348a57fe..cc812d9a4 100644 --- a/etc/profile-a-l/loimpress.profile +++ b/etc/profile-a-l/loimpress.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include loimpress.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/lomath.profile b/etc/profile-a-l/lomath.profile index 8348a57fe..20c316568 100644 --- a/etc/profile-a-l/lomath.profile +++ b/etc/profile-a-l/lomath.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include lomath.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/loweb.profile b/etc/profile-a-l/loweb.profile index 8348a57fe..b44c545e8 100644 --- a/etc/profile-a-l/loweb.profile +++ b/etc/profile-a-l/loweb.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include loweb.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/lowriter.profile b/etc/profile-a-l/lowriter.profile index 8348a57fe..29f7cd89b 100644 --- a/etc/profile-a-l/lowriter.profile +++ b/etc/profile-a-l/lowriter.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include lowriter.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-a-l/lzcat.profile b/etc/profile-a-l/lzcat.profile index d9c72407f..5370b0c0a 100644 --- a/etc/profile-a-l/lzcat.profile +++ b/etc/profile-a-l/lzcat.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzcat.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzcmp.profile b/etc/profile-a-l/lzcmp.profile index d9c72407f..2d963268e 100644 --- a/etc/profile-a-l/lzcmp.profile +++ b/etc/profile-a-l/lzcmp.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzcmp.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzdiff.profile b/etc/profile-a-l/lzdiff.profile index f7410b928..9baf94992 100644 --- a/etc/profile-a-l/lzdiff.profile +++ b/etc/profile-a-l/lzdiff.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include lzdiff.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include cpio.profile | 9 | include cpio.profile |
diff --git a/etc/profile-a-l/lzegrep.profile b/etc/profile-a-l/lzegrep.profile index d9c72407f..7ca4615c4 100644 --- a/etc/profile-a-l/lzegrep.profile +++ b/etc/profile-a-l/lzegrep.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzegrep.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzfgrep.profile b/etc/profile-a-l/lzfgrep.profile index d9c72407f..8d2e498fb 100644 --- a/etc/profile-a-l/lzfgrep.profile +++ b/etc/profile-a-l/lzfgrep.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzfgrep.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzgrep.profile b/etc/profile-a-l/lzgrep.profile index d9c72407f..b66b2fb17 100644 --- a/etc/profile-a-l/lzgrep.profile +++ b/etc/profile-a-l/lzgrep.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzgrep.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzip.profile b/etc/profile-a-l/lzip.profile index d9c72407f..a7341b012 100644 --- a/etc/profile-a-l/lzip.profile +++ b/etc/profile-a-l/lzip.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzip.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzless.profile b/etc/profile-a-l/lzless.profile index d9c72407f..5730a332f 100644 --- a/etc/profile-a-l/lzless.profile +++ b/etc/profile-a-l/lzless.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzless.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzma.profile b/etc/profile-a-l/lzma.profile index d9c72407f..051dbe546 100644 --- a/etc/profile-a-l/lzma.profile +++ b/etc/profile-a-l/lzma.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzma.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzmadec.profile b/etc/profile-a-l/lzmadec.profile index 0c5ec1b09..b82ce69ae 100644 --- a/etc/profile-a-l/lzmadec.profile +++ b/etc/profile-a-l/lzmadec.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include lzmadec.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include xzdec.profile | 9 | include xzdec.profile |
diff --git a/etc/profile-a-l/lzmainfo.profile b/etc/profile-a-l/lzmainfo.profile index d9c72407f..0ab98429e 100644 --- a/etc/profile-a-l/lzmainfo.profile +++ b/etc/profile-a-l/lzmainfo.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzmainfo.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-a-l/lzmore.profile b/etc/profile-a-l/lzmore.profile index d9c72407f..df1867da0 100644 --- a/etc/profile-a-l/lzmore.profile +++ b/etc/profile-a-l/lzmore.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include lzmore.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/Maps.profile b/etc/profile-m-z/Maps.profile index c52d2f2da..109ce6859 100644 --- a/etc/profile-m-z/Maps.profile +++ b/etc/profile-m-z/Maps.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for gnome-maps | 1 | # Firejail profile for gnome-maps |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Maps.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include gnome-maps.profile | 9 | include gnome-maps.profile |
diff --git a/etc/profile-m-z/Natron.profile b/etc/profile-m-z/Natron.profile index 42c22bf67..7923d01a7 100644 --- a/etc/profile-m-z/Natron.profile +++ b/etc/profile-m-z/Natron.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for natron | 1 | # Firejail profile alias for natron |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Natron.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include natron.profile | 8 | include natron.profile |
diff --git a/etc/profile-m-z/Screenshot.profile b/etc/profile-m-z/Screenshot.profile index d4b083736..787ce8494 100644 --- a/etc/profile-m-z/Screenshot.profile +++ b/etc/profile-m-z/Screenshot.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile for gnome-screenshot | 1 | # Firejail profile for gnome-screenshot |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Screenshot.local | ||
6 | |||
4 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 | 7 | # Temporary fix for https://github.com/netblue30/firejail/issues/2624 |
5 | # Redirect | 8 | # Redirect |
6 | include gnome-screenshot.profile | 9 | include gnome-screenshot.profile |
diff --git a/etc/profile-m-z/Telegram.profile b/etc/profile-m-z/Telegram.profile index 310e0237e..7600b1aa6 100644 --- a/etc/profile-m-z/Telegram.profile +++ b/etc/profile-m-z/Telegram.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for telegram | 1 | # Firejail profile alias for telegram |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include Telegram.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include telegram.profile | 8 | include telegram.profile |
diff --git a/etc/profile-m-z/VirtualBox.profile b/etc/profile-m-z/VirtualBox.profile index 4c99ae9a3..4384b7647 100644 --- a/etc/profile-m-z/VirtualBox.profile +++ b/etc/profile-m-z/VirtualBox.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: x86 virtualization solution | 2 | # Description: x86 virtualization solution |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include VirtualBox.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include virtualbox.profile | 9 | include virtualbox.profile |
diff --git a/etc/profile-m-z/mate-calculator.profile b/etc/profile-m-z/mate-calculator.profile index bb438f5f0..e8320df63 100644 --- a/etc/profile-m-z/mate-calculator.profile +++ b/etc/profile-m-z/mate-calculator.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for mate-calc | 1 | # Firejail profile alias for mate-calc |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include mate-calculator.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include mate-calc.profile | 8 | include mate-calc.profile |
diff --git a/etc/profile-m-z/mathematica.profile b/etc/profile-m-z/mathematica.profile index 964060350..cee16eedc 100644 --- a/etc/profile-m-z/mathematica.profile +++ b/etc/profile-m-z/mathematica.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for Mathematica | 1 | # Firejail profile alias for Mathematica |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include mathematica.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include Mathematica.profile | 8 | include Mathematica.profile |
diff --git a/etc/profile-m-z/megaglest_editor.profile b/etc/profile-m-z/megaglest_editor.profile index 02aad8084..304285915 100644 --- a/etc/profile-m-z/megaglest_editor.profile +++ b/etc/profile-m-z/megaglest_editor.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for megaglest | 1 | # Firejail profile alias for megaglest |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include megaglest_editor.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include megaglest.profile | 8 | include megaglest.profile |
diff --git a/etc/profile-m-z/multimc.profile b/etc/profile-m-z/multimc.profile index 338f494c9..bd9e3adce 100644 --- a/etc/profile-m-z/multimc.profile +++ b/etc/profile-m-z/multimc.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for multimc5 | 1 | # Firejail profile alias for multimc5 |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include multimc.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include multimc5.profile | 8 | include multimc5.profile |
diff --git a/etc/profile-m-z/mypaint-ora-thumbnailer.profile b/etc/profile-m-z/mypaint-ora-thumbnailer.profile index 59b3024ed..66500048e 100644 --- a/etc/profile-m-z/mypaint-ora-thumbnailer.profile +++ b/etc/profile-m-z/mypaint-ora-thumbnailer.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for mypaint-ora-thumbnailer | 1 | # Firejail profile alias for mypaint-ora-thumbnailer |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include mypaint-ora-thumbnailer.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include mypaint.profile | 8 | include mypaint.profile |
diff --git a/etc/profile-m-z/nitroshare-cli.profile b/etc/profile-m-z/nitroshare-cli.profile index d9cb2edc5..6e73afe9e 100644 --- a/etc/profile-m-z/nitroshare-cli.profile +++ b/etc/profile-m-z/nitroshare-cli.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Network File Transfer Application | 2 | # Description: Network File Transfer Application |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include nitroshare-cli.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include nitroshare.profile | 9 | include nitroshare.profile |
diff --git a/etc/profile-m-z/nitroshare-nmh.profile b/etc/profile-m-z/nitroshare-nmh.profile index d9cb2edc5..bda2c193d 100644 --- a/etc/profile-m-z/nitroshare-nmh.profile +++ b/etc/profile-m-z/nitroshare-nmh.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Network File Transfer Application | 2 | # Description: Network File Transfer Application |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include nitroshare-nmh.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include nitroshare.profile | 9 | include nitroshare.profile |
diff --git a/etc/profile-m-z/nitroshare-send.profile b/etc/profile-m-z/nitroshare-send.profile index d9cb2edc5..659742469 100644 --- a/etc/profile-m-z/nitroshare-send.profile +++ b/etc/profile-m-z/nitroshare-send.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Network File Transfer Application | 2 | # Description: Network File Transfer Application |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include nitroshare-send.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include nitroshare.profile | 9 | include nitroshare.profile |
diff --git a/etc/profile-m-z/nitroshare-ui.profile b/etc/profile-m-z/nitroshare-ui.profile index d9cb2edc5..ccda2b58b 100644 --- a/etc/profile-m-z/nitroshare-ui.profile +++ b/etc/profile-m-z/nitroshare-ui.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Network File Transfer Application | 2 | # Description: Network File Transfer Application |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include nitroshare-ui.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include nitroshare.profile | 9 | include nitroshare.profile |
diff --git a/etc/profile-m-z/ooffice.profile b/etc/profile-m-z/ooffice.profile index 8348a57fe..ba8bdae01 100644 --- a/etc/profile-m-z/ooffice.profile +++ b/etc/profile-m-z/ooffice.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include ooffice.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-m-z/ooviewdoc.profile b/etc/profile-m-z/ooviewdoc.profile index 8348a57fe..4a9f434f7 100644 --- a/etc/profile-m-z/ooviewdoc.profile +++ b/etc/profile-m-z/ooviewdoc.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include ooviewdoc.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-m-z/openarena_ded.profile b/etc/profile-m-z/openarena_ded.profile index c529e7e11..f8dbf792d 100644 --- a/etc/profile-m-z/openarena_ded.profile +++ b/etc/profile-m-z/openarena_ded.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for openarena | 1 | # Firejail profile alias for openarena |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include openarena_ded.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include openarena.profile | 8 | include openarena.profile |
diff --git a/etc/profile-m-z/openbox.profile b/etc/profile-m-z/openbox.profile index 1fb93c79c..b49fd9932 100644 --- a/etc/profile-m-z/openbox.profile +++ b/etc/profile-m-z/openbox.profile | |||
@@ -6,7 +6,7 @@ include openbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in OpenBox will run in this profile | 9 | # all applications started in openbox will run in this profile |
10 | noblacklist ${HOME}/.config/openbox | 10 | noblacklist ${HOME}/.config/openbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
diff --git a/etc/profile-m-z/openoffice.org.profile b/etc/profile-m-z/openoffice.org.profile index 8348a57fe..189867742 100644 --- a/etc/profile-m-z/openoffice.org.profile +++ b/etc/profile-m-z/openoffice.org.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include openoffice.org.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-m-z/openshot-qt.profile b/etc/profile-m-z/openshot-qt.profile index 2f886d2ac..833a375f6 100644 --- a/etc/profile-m-z/openshot-qt.profile +++ b/etc/profile-m-z/openshot-qt.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for openshot | 1 | # Firejail profile alias for openshot |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include openshot-qt.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include openshot.profile | 8 | include openshot.profile |
diff --git a/etc/profile-m-z/pkglog.profile b/etc/profile-m-z/pkglog.profile new file mode 100644 index 000000000..7d43dd08f --- /dev/null +++ b/etc/profile-m-z/pkglog.profile | |||
@@ -0,0 +1,59 @@ | |||
1 | # Firejail profile for pklog | ||
2 | # Description: Reports log of package updates | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include pkglog.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | # Allow python3 (blacklisted by disable-interpreters.inc) | ||
10 | include allow-python3.inc | ||
11 | |||
12 | include disable-common.inc | ||
13 | include disable-devel.inc | ||
14 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | ||
16 | include disable-passwdmgr.inc | ||
17 | include disable-programs.inc | ||
18 | include disable-xdg.inc | ||
19 | |||
20 | whitelist /var/log/apt/history.log | ||
21 | whitelist /var/log/dnf.rpm.log | ||
22 | whitelist /var/log/pacman.log | ||
23 | |||
24 | apparmor | ||
25 | caps.drop all | ||
26 | ipc-namespace | ||
27 | machine-id | ||
28 | net none | ||
29 | no3d | ||
30 | nodvd | ||
31 | nogroups | ||
32 | nonewprivs | ||
33 | noroot | ||
34 | nosound | ||
35 | notv | ||
36 | nou2f | ||
37 | novideo | ||
38 | seccomp | ||
39 | shell none | ||
40 | tracelog | ||
41 | |||
42 | disable-mnt | ||
43 | private | ||
44 | private-bin pkglog,python* | ||
45 | private-cache | ||
46 | private-dev | ||
47 | private-etc alternatives | ||
48 | private-opt none | ||
49 | private-tmp | ||
50 | writable-var-log | ||
51 | |||
52 | dbus-user none | ||
53 | dbus-system none | ||
54 | |||
55 | memory-deny-write-execute | ||
56 | read-only ${HOME} | ||
57 | read-only /var/log/apt/history.log | ||
58 | read-only /var/log/dnf.rpm.log | ||
59 | read-only /var/log/pacman.log | ||
diff --git a/etc/profile-m-z/plv.profile b/etc/profile-m-z/plv.profile index 7ff59ea77..7f7ae4204 100644 --- a/etc/profile-m-z/plv.profile +++ b/etc/profile-m-z/plv.profile | |||
@@ -18,7 +18,7 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.config/PacmanLogViewer | 19 | mkdir ${HOME}/.config/PacmanLogViewer |
20 | whitelist ${HOME}/.config/PacmanLogViewer | 20 | whitelist ${HOME}/.config/PacmanLogViewer |
21 | whitelist /var/log/pacman* | 21 | whitelist /var/log/pacman.log |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
@@ -57,3 +57,4 @@ dbus-system none | |||
57 | #memory-deny-write-execute - breaks opening file-chooser | 57 | #memory-deny-write-execute - breaks opening file-chooser |
58 | read-only ${HOME} | 58 | read-only ${HOME} |
59 | read-write ${HOME}/.config/PacmanLogViewer | 59 | read-write ${HOME}/.config/PacmanLogViewer |
60 | read-only /var/log/pacman.log | ||
diff --git a/etc/profile-m-z/pycharm-professional.profile b/etc/profile-m-z/pycharm-professional.profile index a14d0268b..72f9c2dc3 100644 --- a/etc/profile-m-z/pycharm-professional.profile +++ b/etc/profile-m-z/pycharm-professional.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profilen alias for pycharm-professional | 1 | # Firejail profilen alias for pycharm-professional |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include pyucharm-professional.local | ||
6 | |||
4 | noblacklist ${HOME}/.PyCharm* | 7 | noblacklist ${HOME}/.PyCharm* |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-m-z/pzstd.profile b/etc/profile-m-z/pzstd.profile index ce9af3286..0c83e561c 100644 --- a/etc/profile-m-z/pzstd.profile +++ b/etc/profile-m-z/pzstd.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for zstd | 1 | # Firejail profile alias for zstd |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include pzstd.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include zstd.profile | 8 | include zstd.profile |
diff --git a/etc/profile-m-z/runenpass.sh.profile b/etc/profile-m-z/runenpass.sh.profile index 64432c171..d4c4f9234 100644 --- a/etc/profile-m-z/runenpass.sh.profile +++ b/etc/profile-m-z/runenpass.sh.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail alias profile for enpass | 1 | # Firejail alias profile for enpass |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include runenpass.sh.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include enpass.profile | 8 | include enpass.profile |
diff --git a/etc/profile-m-z/seamonkey-bin.profile b/etc/profile-m-z/seamonkey-bin.profile index 532294950..accb0a750 100644 --- a/etc/profile-m-z/seamonkey-bin.profile +++ b/etc/profile-m-z/seamonkey-bin.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for seamonkey | 1 | # Firejail profile alias for seamonkey |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include seamonkey-bin.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include seamonkey.profile | 8 | include seamonkey.profile |
diff --git a/etc/profile-m-z/soffice.profile b/etc/profile-m-z/soffice.profile index 8348a57fe..382030a9e 100644 --- a/etc/profile-m-z/soffice.profile +++ b/etc/profile-m-z/soffice.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for libreoffice | 1 | # Firejail profile alias for libreoffice |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include soffice.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include libreoffice.profile | 8 | include libreoffice.profile |
diff --git a/etc/profile-m-z/steam-native.profile b/etc/profile-m-z/steam-native.profile index 47608ad28..c7cec55c7 100644 --- a/etc/profile-m-z/steam-native.profile +++ b/etc/profile-m-z/steam-native.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for steam | 1 | # Firejail profile alias for steam |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include steam-native.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include steam.profile | 8 | include steam.profile |
diff --git a/etc/profile-m-z/steam-runtime.profile b/etc/profile-m-z/steam-runtime.profile index 47608ad28..d1cf6d7f0 100644 --- a/etc/profile-m-z/steam-runtime.profile +++ b/etc/profile-m-z/steam-runtime.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for steam | 1 | # Firejail profile alias for steam |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include steam-runtime.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include steam.profile | 8 | include steam.profile |
diff --git a/etc/profile-m-z/studio.sh.profile b/etc/profile-m-z/studio.sh.profile index 79e879f36..d23de7c05 100644 --- a/etc/profile-m-z/studio.sh.profile +++ b/etc/profile-m-z/studio.sh.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for Android Studio | 1 | # Firejail profile alias for Android Studio |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include studio.sh.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include android-studio.profile | 8 | include android-studio.profile |
diff --git a/etc/profile-m-z/telegram-desktop.profile b/etc/profile-m-z/telegram-desktop.profile index 0cfa7114b..bf3a1ca81 100644 --- a/etc/profile-m-z/telegram-desktop.profile +++ b/etc/profile-m-z/telegram-desktop.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Official Telegram Desktop client | 2 | # Description: Official Telegram Desktop client |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include tekegram-desktop.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include telegram.profile | 9 | include telegram.profile |
diff --git a/etc/profile-m-z/thunar.profile b/etc/profile-m-z/thunar.profile index 19993016a..49492c88f 100644 --- a/etc/profile-m-z/thunar.profile +++ b/etc/profile-m-z/thunar.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Modern file manager for Xfce | 2 | # Description: Modern file manager for Xfce |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include thunar.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include Thunar.profile | 9 | include Thunar.profile |
diff --git a/etc/profile-m-z/thunderbird-beta.profile b/etc/profile-m-z/thunderbird-beta.profile index 6450e40d6..cec98ce12 100644 --- a/etc/profile-m-z/thunderbird-beta.profile +++ b/etc/profile-m-z/thunderbird-beta.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for thunderbird-beta | 1 | # Firejail profile alias for thunderbird-beta |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include thunderbird-beta.local | ||
6 | |||
4 | private-opt thunderbird-beta | 7 | private-opt thunderbird-beta |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-m-z/tor-browser-ar.profile b/etc/profile-m-z/tor-browser-ar.profile index 612b2d01b..7254d20fb 100644 --- a/etc/profile-m-z/tor-browser-ar.profile +++ b/etc/profile-m-z/tor-browser-ar.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ar.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ar | 7 | noblacklist ${HOME}/.tor-browser-ar |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ar | 9 | mkdir ${HOME}/.tor-browser-ar |
diff --git a/etc/profile-m-z/tor-browser-ca.profile b/etc/profile-m-z/tor-browser-ca.profile index db70a7109..bf6bfc9f6 100644 --- a/etc/profile-m-z/tor-browser-ca.profile +++ b/etc/profile-m-z/tor-browser-ca.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ca.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ca | 7 | noblacklist ${HOME}/.tor-browser-ca |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ca | 9 | mkdir ${HOME}/.tor-browser-ca |
diff --git a/etc/profile-m-z/tor-browser-cs.profile b/etc/profile-m-z/tor-browser-cs.profile index 77b271b68..caf8f32c7 100644 --- a/etc/profile-m-z/tor-browser-cs.profile +++ b/etc/profile-m-z/tor-browser-cs.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-cs.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-cs | 7 | noblacklist ${HOME}/.tor-browser-cs |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-cs | 9 | mkdir ${HOME}/.tor-browser-cs |
diff --git a/etc/profile-m-z/tor-browser-da.profile b/etc/profile-m-z/tor-browser-da.profile index 3b9fff9a4..965036212 100644 --- a/etc/profile-m-z/tor-browser-da.profile +++ b/etc/profile-m-z/tor-browser-da.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-da.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-da | 7 | noblacklist ${HOME}/.tor-browser-da |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-da | 9 | mkdir ${HOME}/.tor-browser-da |
diff --git a/etc/profile-m-z/tor-browser-de.profile b/etc/profile-m-z/tor-browser-de.profile index 3b4f7f94f..913dc4771 100644 --- a/etc/profile-m-z/tor-browser-de.profile +++ b/etc/profile-m-z/tor-browser-de.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-de.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-de | 7 | noblacklist ${HOME}/.tor-browser-de |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-de | 9 | mkdir ${HOME}/.tor-browser-de |
diff --git a/etc/profile-m-z/tor-browser-el.profile b/etc/profile-m-z/tor-browser-el.profile index b978b6042..c0a3b64ad 100644 --- a/etc/profile-m-z/tor-browser-el.profile +++ b/etc/profile-m-z/tor-browser-el.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-el.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-el | 7 | noblacklist ${HOME}/.tor-browser-el |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-el | 9 | mkdir ${HOME}/.tor-browser-el |
diff --git a/etc/profile-m-z/tor-browser-en-us.profile b/etc/profile-m-z/tor-browser-en-us.profile index db56dda1b..662bc6b18 100644 --- a/etc/profile-m-z/tor-browser-en-us.profile +++ b/etc/profile-m-z/tor-browser-en-us.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-en-us.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-en-us | 7 | noblacklist ${HOME}/.tor-browser-en-us |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-en-us | 9 | mkdir ${HOME}/.tor-browser-en-us |
diff --git a/etc/profile-m-z/tor-browser-en.profile b/etc/profile-m-z/tor-browser-en.profile index ad4110c0e..1bbd88f91 100644 --- a/etc/profile-m-z/tor-browser-en.profile +++ b/etc/profile-m-z/tor-browser-en.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-en.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-en | 7 | noblacklist ${HOME}/.tor-browser-en |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-en | 9 | mkdir ${HOME}/.tor-browser-en |
diff --git a/etc/profile-m-z/tor-browser-es-es.profile b/etc/profile-m-z/tor-browser-es-es.profile index 1aa586658..ac5aa1247 100644 --- a/etc/profile-m-z/tor-browser-es-es.profile +++ b/etc/profile-m-z/tor-browser-es-es.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-es-es.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-es-es | 7 | noblacklist ${HOME}/.tor-browser-es-es |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-es-es | 9 | mkdir ${HOME}/.tor-browser-es-es |
diff --git a/etc/profile-m-z/tor-browser-es.profile b/etc/profile-m-z/tor-browser-es.profile index a386e3387..8ff12eedf 100644 --- a/etc/profile-m-z/tor-browser-es.profile +++ b/etc/profile-m-z/tor-browser-es.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-es.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-es | 7 | noblacklist ${HOME}/.tor-browser-es |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-es | 9 | mkdir ${HOME}/.tor-browser-es |
diff --git a/etc/profile-m-z/tor-browser-fa.profile b/etc/profile-m-z/tor-browser-fa.profile index 7f847a7c2..f897c5708 100644 --- a/etc/profile-m-z/tor-browser-fa.profile +++ b/etc/profile-m-z/tor-browser-fa.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-fa.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-fa | 7 | noblacklist ${HOME}/.tor-browser-fa |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-fa | 9 | mkdir ${HOME}/.tor-browser-fa |
diff --git a/etc/profile-m-z/tor-browser-fr.profile b/etc/profile-m-z/tor-browser-fr.profile index bce470ec8..f4dcd579e 100644 --- a/etc/profile-m-z/tor-browser-fr.profile +++ b/etc/profile-m-z/tor-browser-fr.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-fr.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-fr | 7 | noblacklist ${HOME}/.tor-browser-fr |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-fr | 9 | mkdir ${HOME}/.tor-browser-fr |
diff --git a/etc/profile-m-z/tor-browser-ga-ie.profile b/etc/profile-m-z/tor-browser-ga-ie.profile index 994897a87..6dddef637 100644 --- a/etc/profile-m-z/tor-browser-ga-ie.profile +++ b/etc/profile-m-z/tor-browser-ga-ie.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ga-ie.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ga-ie | 7 | noblacklist ${HOME}/.tor-browser-ga-ie |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ga-ie | 9 | mkdir ${HOME}/.tor-browser-ga-ie |
diff --git a/etc/profile-m-z/tor-browser-he.profile b/etc/profile-m-z/tor-browser-he.profile index 6367b4c0a..c3e2dd11c 100644 --- a/etc/profile-m-z/tor-browser-he.profile +++ b/etc/profile-m-z/tor-browser-he.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-he.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-he | 7 | noblacklist ${HOME}/.tor-browser-he |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-he | 9 | mkdir ${HOME}/.tor-browser-he |
diff --git a/etc/profile-m-z/tor-browser-hu.profile b/etc/profile-m-z/tor-browser-hu.profile index 68e79833e..469db7374 100644 --- a/etc/profile-m-z/tor-browser-hu.profile +++ b/etc/profile-m-z/tor-browser-hu.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-hu.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-hu | 7 | noblacklist ${HOME}/.tor-browser-hu |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-hu | 9 | mkdir ${HOME}/.tor-browser-hu |
diff --git a/etc/profile-m-z/tor-browser-id.profile b/etc/profile-m-z/tor-browser-id.profile index 85b455ba2..db111c92c 100644 --- a/etc/profile-m-z/tor-browser-id.profile +++ b/etc/profile-m-z/tor-browser-id.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-id.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-id | 7 | noblacklist ${HOME}/.tor-browser-id |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-id | 9 | mkdir ${HOME}/.tor-browser-id |
diff --git a/etc/profile-m-z/tor-browser-is.profile b/etc/profile-m-z/tor-browser-is.profile index 48e88db71..32a8c9ca7 100644 --- a/etc/profile-m-z/tor-browser-is.profile +++ b/etc/profile-m-z/tor-browser-is.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-is.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-is | 7 | noblacklist ${HOME}/.tor-browser-is |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-is | 9 | mkdir ${HOME}/.tor-browser-is |
diff --git a/etc/profile-m-z/tor-browser-it.profile b/etc/profile-m-z/tor-browser-it.profile index 3c239ca29..d53dd9136 100644 --- a/etc/profile-m-z/tor-browser-it.profile +++ b/etc/profile-m-z/tor-browser-it.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-it.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-it | 7 | noblacklist ${HOME}/.tor-browser-it |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-it | 9 | mkdir ${HOME}/.tor-browser-it |
diff --git a/etc/profile-m-z/tor-browser-ja.profile b/etc/profile-m-z/tor-browser-ja.profile index c52e0f64e..8886d3ff0 100644 --- a/etc/profile-m-z/tor-browser-ja.profile +++ b/etc/profile-m-z/tor-browser-ja.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ja.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ja | 7 | noblacklist ${HOME}/.tor-browser-ja |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ja | 9 | mkdir ${HOME}/.tor-browser-ja |
diff --git a/etc/profile-m-z/tor-browser-ka.profile b/etc/profile-m-z/tor-browser-ka.profile index 173b85e5c..d3d36c426 100644 --- a/etc/profile-m-z/tor-browser-ka.profile +++ b/etc/profile-m-z/tor-browser-ka.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ka.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ka | 7 | noblacklist ${HOME}/.tor-browser-ka |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ka | 9 | mkdir ${HOME}/.tor-browser-ka |
diff --git a/etc/profile-m-z/tor-browser-ko.profile b/etc/profile-m-z/tor-browser-ko.profile index 8faa5afa1..59f9f966f 100644 --- a/etc/profile-m-z/tor-browser-ko.profile +++ b/etc/profile-m-z/tor-browser-ko.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ko.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ko | 7 | noblacklist ${HOME}/.tor-browser-ko |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ko | 9 | mkdir ${HOME}/.tor-browser-ko |
diff --git a/etc/profile-m-z/tor-browser-nb.profile b/etc/profile-m-z/tor-browser-nb.profile index d1352dd80..c133ca673 100644 --- a/etc/profile-m-z/tor-browser-nb.profile +++ b/etc/profile-m-z/tor-browser-nb.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-nb.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-nb | 7 | noblacklist ${HOME}/.tor-browser-nb |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-nb | 9 | mkdir ${HOME}/.tor-browser-nb |
diff --git a/etc/profile-m-z/tor-browser-nl.profile b/etc/profile-m-z/tor-browser-nl.profile index d4443cca2..1bebc1ffb 100644 --- a/etc/profile-m-z/tor-browser-nl.profile +++ b/etc/profile-m-z/tor-browser-nl.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-nl.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-nl | 7 | noblacklist ${HOME}/.tor-browser-nl |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-nl | 9 | mkdir ${HOME}/.tor-browser-nl |
diff --git a/etc/profile-m-z/tor-browser-pl.profile b/etc/profile-m-z/tor-browser-pl.profile index 08ddd4ae7..a83c0b6f3 100644 --- a/etc/profile-m-z/tor-browser-pl.profile +++ b/etc/profile-m-z/tor-browser-pl.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-pl.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-pl | 7 | noblacklist ${HOME}/.tor-browser-pl |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-pl | 9 | mkdir ${HOME}/.tor-browser-pl |
diff --git a/etc/profile-m-z/tor-browser-pt-br.profile b/etc/profile-m-z/tor-browser-pt-br.profile index 9942a3fe8..7c0ba0879 100644 --- a/etc/profile-m-z/tor-browser-pt-br.profile +++ b/etc/profile-m-z/tor-browser-pt-br.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-pt-br.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-pt-br | 7 | noblacklist ${HOME}/.tor-browser-pt-br |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-pt-br | 9 | mkdir ${HOME}/.tor-browser-pt-br |
diff --git a/etc/profile-m-z/tor-browser-ru.profile b/etc/profile-m-z/tor-browser-ru.profile index 6294f8ca0..374caa4fe 100644 --- a/etc/profile-m-z/tor-browser-ru.profile +++ b/etc/profile-m-z/tor-browser-ru.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-ru.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-ru | 7 | noblacklist ${HOME}/.tor-browser-ru |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-ru | 9 | mkdir ${HOME}/.tor-browser-ru |
diff --git a/etc/profile-m-z/tor-browser-sv-se.profile b/etc/profile-m-z/tor-browser-sv-se.profile index c8544262f..41dbaf792 100644 --- a/etc/profile-m-z/tor-browser-sv-se.profile +++ b/etc/profile-m-z/tor-browser-sv-se.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-sv-se.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-sv-se | 7 | noblacklist ${HOME}/.tor-browser-sv-se |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-sv-se | 9 | mkdir ${HOME}/.tor-browser-sv-se |
diff --git a/etc/profile-m-z/tor-browser-tr.profile b/etc/profile-m-z/tor-browser-tr.profile index 2343fa8de..0981caa73 100644 --- a/etc/profile-m-z/tor-browser-tr.profile +++ b/etc/profile-m-z/tor-browser-tr.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-tr.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-tr | 7 | noblacklist ${HOME}/.tor-browser-tr |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-tr | 9 | mkdir ${HOME}/.tor-browser-tr |
diff --git a/etc/profile-m-z/tor-browser-vi.profile b/etc/profile-m-z/tor-browser-vi.profile index 734c38698..3d321787a 100644 --- a/etc/profile-m-z/tor-browser-vi.profile +++ b/etc/profile-m-z/tor-browser-vi.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-vi.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-vi | 7 | noblacklist ${HOME}/.tor-browser-vi |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-vi | 9 | mkdir ${HOME}/.tor-browser-vi |
diff --git a/etc/profile-m-z/tor-browser-zh-cn.profile b/etc/profile-m-z/tor-browser-zh-cn.profile index 21e813e45..977993f26 100644 --- a/etc/profile-m-z/tor-browser-zh-cn.profile +++ b/etc/profile-m-z/tor-browser-zh-cn.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-zh-cn.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-zh-cn | 7 | noblacklist ${HOME}/.tor-browser-zh-cn |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-zh-cn | 9 | mkdir ${HOME}/.tor-browser-zh-cn |
diff --git a/etc/profile-m-z/tor-browser-zh-tw.profile b/etc/profile-m-z/tor-browser-zh-tw.profile index 6fe09c6c1..e589dc552 100644 --- a/etc/profile-m-z/tor-browser-zh-tw.profile +++ b/etc/profile-m-z/tor-browser-zh-tw.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser-zh-tw.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser-zh-tw | 7 | noblacklist ${HOME}/.tor-browser-zh-tw |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser-zh-tw | 9 | mkdir ${HOME}/.tor-browser-zh-tw |
diff --git a/etc/profile-m-z/tor-browser.profile b/etc/profile-m-z/tor-browser.profile index 0cd84abf5..f7c3a5d24 100644 --- a/etc/profile-m-z/tor-browser.profile +++ b/etc/profile-m-z/tor-browser.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser | 7 | noblacklist ${HOME}/.tor-browser |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser | 9 | mkdir ${HOME}/.tor-browser |
diff --git a/etc/profile-m-z/tor-browser_ar.profile b/etc/profile-m-z/tor-browser_ar.profile index 1e1f5ce35..86839a849 100644 --- a/etc/profile-m-z/tor-browser_ar.profile +++ b/etc/profile-m-z/tor-browser_ar.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ar.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ar | 7 | noblacklist ${HOME}/.tor-browser_ar |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ar | 9 | mkdir ${HOME}/.tor-browser_ar |
diff --git a/etc/profile-m-z/tor-browser_ca.profile b/etc/profile-m-z/tor-browser_ca.profile index e114b6051..9d9fc8d31 100644 --- a/etc/profile-m-z/tor-browser_ca.profile +++ b/etc/profile-m-z/tor-browser_ca.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ca.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ca | 7 | noblacklist ${HOME}/.tor-browser_ca |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ca | 9 | mkdir ${HOME}/.tor-browser_ca |
diff --git a/etc/profile-m-z/tor-browser_cs.profile b/etc/profile-m-z/tor-browser_cs.profile index 498068bc6..25d676537 100644 --- a/etc/profile-m-z/tor-browser_cs.profile +++ b/etc/profile-m-z/tor-browser_cs.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_cs.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_cs | 7 | noblacklist ${HOME}/.tor-browser_cs |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_cs | 9 | mkdir ${HOME}/.tor-browser_cs |
diff --git a/etc/profile-m-z/tor-browser_da.profile b/etc/profile-m-z/tor-browser_da.profile index 5c25c03c8..885a00979 100644 --- a/etc/profile-m-z/tor-browser_da.profile +++ b/etc/profile-m-z/tor-browser_da.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_da.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_da | 7 | noblacklist ${HOME}/.tor-browser_da |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_da | 9 | mkdir ${HOME}/.tor-browser_da |
diff --git a/etc/profile-m-z/tor-browser_de.profile b/etc/profile-m-z/tor-browser_de.profile index d530e7dbe..505161073 100644 --- a/etc/profile-m-z/tor-browser_de.profile +++ b/etc/profile-m-z/tor-browser_de.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_de.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_de | 7 | noblacklist ${HOME}/.tor-browser_de |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_de | 9 | mkdir ${HOME}/.tor-browser_de |
diff --git a/etc/profile-m-z/tor-browser_el.profile b/etc/profile-m-z/tor-browser_el.profile index 67d5ab440..4efbbef4d 100644 --- a/etc/profile-m-z/tor-browser_el.profile +++ b/etc/profile-m-z/tor-browser_el.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_el.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_el | 7 | noblacklist ${HOME}/.tor-browser_el |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_el | 9 | mkdir ${HOME}/.tor-browser_el |
diff --git a/etc/profile-m-z/tor-browser_en-US.profile b/etc/profile-m-z/tor-browser_en-US.profile index b298ab2b8..faa6979be 100644 --- a/etc/profile-m-z/tor-browser_en-US.profile +++ b/etc/profile-m-z/tor-browser_en-US.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_en-US.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_en-US | 7 | noblacklist ${HOME}/.tor-browser_en-US |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_en-US | 9 | mkdir ${HOME}/.tor-browser_en-US |
diff --git a/etc/profile-m-z/tor-browser_en.profile b/etc/profile-m-z/tor-browser_en.profile index 6bb0616b1..579af4be1 100644 --- a/etc/profile-m-z/tor-browser_en.profile +++ b/etc/profile-m-z/tor-browser_en.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_en.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_en | 7 | noblacklist ${HOME}/.tor-browser_en |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_en | 9 | mkdir ${HOME}/.tor-browser_en |
diff --git a/etc/profile-m-z/tor-browser_es-ES.profile b/etc/profile-m-z/tor-browser_es-ES.profile index 78f57ffe5..7d2f28844 100644 --- a/etc/profile-m-z/tor-browser_es-ES.profile +++ b/etc/profile-m-z/tor-browser_es-ES.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_es-ES.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_es-ES | 7 | noblacklist ${HOME}/.tor-browser_es-ES |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_es-ES | 9 | mkdir ${HOME}/.tor-browser_es-ES |
diff --git a/etc/profile-m-z/tor-browser_es.profile b/etc/profile-m-z/tor-browser_es.profile index ea34a07c9..c3d5695ce 100644 --- a/etc/profile-m-z/tor-browser_es.profile +++ b/etc/profile-m-z/tor-browser_es.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_es.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_es | 7 | noblacklist ${HOME}/.tor-browser_es |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_es | 9 | mkdir ${HOME}/.tor-browser_es |
diff --git a/etc/profile-m-z/tor-browser_fa.profile b/etc/profile-m-z/tor-browser_fa.profile index fbc416ce5..5d2a81976 100644 --- a/etc/profile-m-z/tor-browser_fa.profile +++ b/etc/profile-m-z/tor-browser_fa.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_fa.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_fa | 7 | noblacklist ${HOME}/.tor-browser_fa |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_fa | 9 | mkdir ${HOME}/.tor-browser_fa |
diff --git a/etc/profile-m-z/tor-browser_fr.profile b/etc/profile-m-z/tor-browser_fr.profile index caea6db5b..10a1cd054 100644 --- a/etc/profile-m-z/tor-browser_fr.profile +++ b/etc/profile-m-z/tor-browser_fr.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_fr.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_fr | 7 | noblacklist ${HOME}/.tor-browser_fr |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_fr | 9 | mkdir ${HOME}/.tor-browser_fr |
diff --git a/etc/profile-m-z/tor-browser_ga-IE.profile b/etc/profile-m-z/tor-browser_ga-IE.profile index 6342daebf..c2f3e6f91 100644 --- a/etc/profile-m-z/tor-browser_ga-IE.profile +++ b/etc/profile-m-z/tor-browser_ga-IE.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ga-IE.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ga-IE | 7 | noblacklist ${HOME}/.tor-browser_ga-IE |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ga-IE | 9 | mkdir ${HOME}/.tor-browser_ga-IE |
diff --git a/etc/profile-m-z/tor-browser_he.profile b/etc/profile-m-z/tor-browser_he.profile index cc4150620..2415a0ebd 100644 --- a/etc/profile-m-z/tor-browser_he.profile +++ b/etc/profile-m-z/tor-browser_he.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_he.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_he | 7 | noblacklist ${HOME}/.tor-browser_he |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_he | 9 | mkdir ${HOME}/.tor-browser_he |
diff --git a/etc/profile-m-z/tor-browser_hu.profile b/etc/profile-m-z/tor-browser_hu.profile index 952a0b68a..d356c2b74 100644 --- a/etc/profile-m-z/tor-browser_hu.profile +++ b/etc/profile-m-z/tor-browser_hu.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_hu.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_hu | 7 | noblacklist ${HOME}/.tor-browser_hu |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_hu | 9 | mkdir ${HOME}/.tor-browser_hu |
diff --git a/etc/profile-m-z/tor-browser_id.profile b/etc/profile-m-z/tor-browser_id.profile index a006b27c0..0551bef1c 100644 --- a/etc/profile-m-z/tor-browser_id.profile +++ b/etc/profile-m-z/tor-browser_id.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_id.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_id | 7 | noblacklist ${HOME}/.tor-browser_id |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_id | 9 | mkdir ${HOME}/.tor-browser_id |
diff --git a/etc/profile-m-z/tor-browser_is.profile b/etc/profile-m-z/tor-browser_is.profile index 038e0fabb..a9adf462d 100644 --- a/etc/profile-m-z/tor-browser_is.profile +++ b/etc/profile-m-z/tor-browser_is.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_is.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_is | 7 | noblacklist ${HOME}/.tor-browser_is |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_is | 9 | mkdir ${HOME}/.tor-browser_is |
diff --git a/etc/profile-m-z/tor-browser_it.profile b/etc/profile-m-z/tor-browser_it.profile index 3d2566994..2237e2267 100644 --- a/etc/profile-m-z/tor-browser_it.profile +++ b/etc/profile-m-z/tor-browser_it.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_it.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_it | 7 | noblacklist ${HOME}/.tor-browser_it |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_it | 9 | mkdir ${HOME}/.tor-browser_it |
diff --git a/etc/profile-m-z/tor-browser_ja.profile b/etc/profile-m-z/tor-browser_ja.profile index 08c942bcd..494af455a 100644 --- a/etc/profile-m-z/tor-browser_ja.profile +++ b/etc/profile-m-z/tor-browser_ja.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ja.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ja | 7 | noblacklist ${HOME}/.tor-browser_ja |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ja | 9 | mkdir ${HOME}/.tor-browser_ja |
diff --git a/etc/profile-m-z/tor-browser_ka.profile b/etc/profile-m-z/tor-browser_ka.profile index 97664be4d..7a32fc6f7 100644 --- a/etc/profile-m-z/tor-browser_ka.profile +++ b/etc/profile-m-z/tor-browser_ka.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ka.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ka | 7 | noblacklist ${HOME}/.tor-browser_ka |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ka | 9 | mkdir ${HOME}/.tor-browser_ka |
diff --git a/etc/profile-m-z/tor-browser_ko.profile b/etc/profile-m-z/tor-browser_ko.profile index 98cf1e3e1..b7725270f 100644 --- a/etc/profile-m-z/tor-browser_ko.profile +++ b/etc/profile-m-z/tor-browser_ko.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ko.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ko | 7 | noblacklist ${HOME}/.tor-browser_ko |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ko | 9 | mkdir ${HOME}/.tor-browser_ko |
diff --git a/etc/profile-m-z/tor-browser_nb.profile b/etc/profile-m-z/tor-browser_nb.profile index 6df840573..b781e05a8 100644 --- a/etc/profile-m-z/tor-browser_nb.profile +++ b/etc/profile-m-z/tor-browser_nb.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_nb.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_nb | 7 | noblacklist ${HOME}/.tor-browser_nb |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_nb | 9 | mkdir ${HOME}/.tor-browser_nb |
diff --git a/etc/profile-m-z/tor-browser_nl.profile b/etc/profile-m-z/tor-browser_nl.profile index 3f545f888..67df58d8c 100644 --- a/etc/profile-m-z/tor-browser_nl.profile +++ b/etc/profile-m-z/tor-browser_nl.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_nl.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_nl | 7 | noblacklist ${HOME}/.tor-browser_nl |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_nl | 9 | mkdir ${HOME}/.tor-browser_nl |
diff --git a/etc/profile-m-z/tor-browser_pl.profile b/etc/profile-m-z/tor-browser_pl.profile index 4e04dc027..3caa90133 100644 --- a/etc/profile-m-z/tor-browser_pl.profile +++ b/etc/profile-m-z/tor-browser_pl.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_pl.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_pl | 7 | noblacklist ${HOME}/.tor-browser_pl |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_pl | 9 | mkdir ${HOME}/.tor-browser_pl |
diff --git a/etc/profile-m-z/tor-browser_pt-BR.profile b/etc/profile-m-z/tor-browser_pt-BR.profile index 7f864886c..01e8651d5 100644 --- a/etc/profile-m-z/tor-browser_pt-BR.profile +++ b/etc/profile-m-z/tor-browser_pt-BR.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_pt-BR.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_pt-BR | 7 | noblacklist ${HOME}/.tor-browser_pt-BR |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_pt-BR | 9 | mkdir ${HOME}/.tor-browser_pt-BR |
diff --git a/etc/profile-m-z/tor-browser_ru.profile b/etc/profile-m-z/tor-browser_ru.profile index 2fae6fbe7..fd6f2047d 100644 --- a/etc/profile-m-z/tor-browser_ru.profile +++ b/etc/profile-m-z/tor-browser_ru.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_ru.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_ru | 7 | noblacklist ${HOME}/.tor-browser_ru |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_ru | 9 | mkdir ${HOME}/.tor-browser_ru |
diff --git a/etc/profile-m-z/tor-browser_sv-SE.profile b/etc/profile-m-z/tor-browser_sv-SE.profile index 2157f8d2b..029f1edea 100644 --- a/etc/profile-m-z/tor-browser_sv-SE.profile +++ b/etc/profile-m-z/tor-browser_sv-SE.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_sv-SE.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_sv-SE | 7 | noblacklist ${HOME}/.tor-browser_sv-SE |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_sv-SE | 9 | mkdir ${HOME}/.tor-browser_sv-SE |
diff --git a/etc/profile-m-z/tor-browser_tr.profile b/etc/profile-m-z/tor-browser_tr.profile index 20ac246ca..7707e3454 100644 --- a/etc/profile-m-z/tor-browser_tr.profile +++ b/etc/profile-m-z/tor-browser_tr.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_tr.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_tr | 7 | noblacklist ${HOME}/.tor-browser_tr |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_tr | 9 | mkdir ${HOME}/.tor-browser_tr |
diff --git a/etc/profile-m-z/tor-browser_vi.profile b/etc/profile-m-z/tor-browser_vi.profile index 4faa06ff6..b277343dc 100644 --- a/etc/profile-m-z/tor-browser_vi.profile +++ b/etc/profile-m-z/tor-browser_vi.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_vi.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_vi | 7 | noblacklist ${HOME}/.tor-browser_vi |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_vi | 9 | mkdir ${HOME}/.tor-browser_vi |
diff --git a/etc/profile-m-z/tor-browser_zh-CN.profile b/etc/profile-m-z/tor-browser_zh-CN.profile index e4d8215e6..e614d00ae 100644 --- a/etc/profile-m-z/tor-browser_zh-CN.profile +++ b/etc/profile-m-z/tor-browser_zh-CN.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_zh-CN.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_zh-CN | 7 | noblacklist ${HOME}/.tor-browser_zh-CN |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_zh-CN | 9 | mkdir ${HOME}/.tor-browser_zh-CN |
diff --git a/etc/profile-m-z/tor-browser_zh-TW.profile b/etc/profile-m-z/tor-browser_zh-TW.profile index 8a28015a6..21c3445c9 100644 --- a/etc/profile-m-z/tor-browser_zh-TW.profile +++ b/etc/profile-m-z/tor-browser_zh-TW.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for torbrowser-launcher | 1 | # Firejail profile alias for torbrowser-launcher |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent global definitions | ||
5 | include tor-browser_zh-TW.local | ||
6 | |||
4 | noblacklist ${HOME}/.tor-browser_zh-TW | 7 | noblacklist ${HOME}/.tor-browser_zh-TW |
5 | 8 | ||
6 | mkdir ${HOME}/.tor-browser_zh-TW | 9 | mkdir ${HOME}/.tor-browser_zh-TW |
diff --git a/etc/profile-m-z/tshark.profile b/etc/profile-m-z/tshark.profile index a5cefb47a..af5442672 100644 --- a/etc/profile-m-z/tshark.profile +++ b/etc/profile-m-z/tshark.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | quiet | 3 | quiet |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include tshark.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include wireshark.profile | 9 | include wireshark.profile |
diff --git a/etc/profile-m-z/unlzma.profile b/etc/profile-m-z/unlzma.profile index d9c72407f..d7f187e5c 100644 --- a/etc/profile-m-z/unlzma.profile +++ b/etc/profile-m-z/unlzma.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include unlzma.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/unxz.profile b/etc/profile-m-z/unxz.profile index d9c72407f..d93fc3cb3 100644 --- a/etc/profile-m-z/unxz.profile +++ b/etc/profile-m-z/unxz.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include unxz.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/unzstd.profile b/etc/profile-m-z/unzstd.profile index ce9af3286..698301131 100644 --- a/etc/profile-m-z/unzstd.profile +++ b/etc/profile-m-z/unzstd.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for zstd | 1 | # Firejail profile alias for zstd |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include unzstd.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include zstd.profile | 8 | include zstd.profile |
diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile index 493c53936..d841d50b7 100644 --- a/etc/profile-m-z/vmware.profile +++ b/etc/profile-m-z/vmware.profile | |||
@@ -26,7 +26,7 @@ include whitelist-runuser-common.inc | |||
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
29 | caps.keep chown,net_raw,sys_nice,sys_rawio | 29 | caps.keep chown,net_raw,sys_nice |
30 | netfilter | 30 | netfilter |
31 | nogroups | 31 | nogroups |
32 | notv | 32 | notv |
@@ -34,6 +34,7 @@ shell none | |||
34 | tracelog | 34 | tracelog |
35 | 35 | ||
36 | #disable-mnt | 36 | #disable-mnt |
37 | #private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,pki,pulse,resolv.conf,ssl,vmware,vmware-installer,vmware-vix | 37 | #private-bin env,bash,sh,ovftool,vmafossexec,vmaf_*,vmnet-*,vmplayer,vmrest,vmrun,vmss2core,vmstat,vmware,vmware-* |
38 | private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl,vmware,vmware-installer,vmware-vix | ||
38 | dbus-user none | 39 | dbus-user none |
39 | dbus-system none | 40 | dbus-system none |
diff --git a/etc/profile-m-z/vscodium.profile b/etc/profile-m-z/vscodium.profile index b4728fb72..e329e77ad 100644 --- a/etc/profile-m-z/vscodium.profile +++ b/etc/profile-m-z/vscodium.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for Visual Studio Code | 1 | # Firejail profile alias for Visual Studio Code |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include vscodium.local | ||
6 | |||
4 | noblacklist ${HOME}/.VSCodium | 7 | noblacklist ${HOME}/.VSCodium |
5 | 8 | ||
6 | # Redirect | 9 | # Redirect |
diff --git a/etc/profile-m-z/vulturesclaw.profile b/etc/profile-m-z/vulturesclaw.profile index 2e9078a7b..8c46c8aef 100644 --- a/etc/profile-m-z/vulturesclaw.profile +++ b/etc/profile-m-z/vulturesclaw.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for nethack-vultures | 1 | # Firejail profile alias for nethack-vultures |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include vulturesclaw.local | ||
6 | |||
4 | noblacklist /var/games/vulturesclaw | 7 | noblacklist /var/games/vulturesclaw |
5 | whitelist /var/games/vulturesclaw | 8 | whitelist /var/games/vulturesclaw |
6 | 9 | ||
diff --git a/etc/profile-m-z/vultureseye.profile b/etc/profile-m-z/vultureseye.profile index 44c263cfc..a9d49dae2 100644 --- a/etc/profile-m-z/vultureseye.profile +++ b/etc/profile-m-z/vultureseye.profile | |||
@@ -1,6 +1,9 @@ | |||
1 | # Firejail profile alias for nethack-vultures | 1 | # Firejail profile alias for nethack-vultures |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include vultureseye.local | ||
6 | |||
4 | noblacklist /var/games/vultureseye | 7 | noblacklist /var/games/vultureseye |
5 | whitelist /var/games/vultureseye | 8 | whitelist /var/games/vultureseye |
6 | 9 | ||
diff --git a/etc/profile-m-z/weechat-curses.profile b/etc/profile-m-z/weechat-curses.profile index 4719b9788..cd99c4730 100644 --- a/etc/profile-m-z/weechat-curses.profile +++ b/etc/profile-m-z/weechat-curses.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for weechat | 1 | # Firejail profile alias for weechat |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include weechat-curses.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include weechat.profile | 8 | include weechat.profile |
diff --git a/etc/profile-m-z/wireshark-gtk.profile b/etc/profile-m-z/wireshark-gtk.profile index 3e2e1807e..409f2a8b5 100644 --- a/etc/profile-m-z/wireshark-gtk.profile +++ b/etc/profile-m-z/wireshark-gtk.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Network protocol analyzer | 2 | # Description: Network protocol analyzer |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include wireshark-gtk.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include wireshark.profile | 9 | include wireshark.profile |
diff --git a/etc/profile-m-z/wireshark-qt.profile b/etc/profile-m-z/wireshark-qt.profile index 3e2e1807e..809108af7 100644 --- a/etc/profile-m-z/wireshark-qt.profile +++ b/etc/profile-m-z/wireshark-qt.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Network protocol analyzer | 2 | # Description: Network protocol analyzer |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include wireshark-qt.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include wireshark.profile | 9 | include wireshark.profile |
diff --git a/etc/profile-m-z/xonotic-glx.profile b/etc/profile-m-z/xonotic-glx.profile index abb91e1ec..57af3a8e4 100644 --- a/etc/profile-m-z/xonotic-glx.profile +++ b/etc/profile-m-z/xonotic-glx.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for xonotic | 1 | # Firejail profile alias for xonotic |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include xonotic-glx.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include xonotic.profile | 8 | include xonotic.profile |
diff --git a/etc/profile-m-z/xonotic-sdl.profile b/etc/profile-m-z/xonotic-sdl.profile index abb91e1ec..a2511a9da 100644 --- a/etc/profile-m-z/xonotic-sdl.profile +++ b/etc/profile-m-z/xonotic-sdl.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for xonotic | 1 | # Firejail profile alias for xonotic |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include xonotic-sdl.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include xonotic.profile | 8 | include xonotic.profile |
diff --git a/etc/profile-m-z/xz.profile b/etc/profile-m-z/xz.profile index d9c72407f..0310743c7 100644 --- a/etc/profile-m-z/xz.profile +++ b/etc/profile-m-z/xz.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xz.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/xzcat.profile b/etc/profile-m-z/xzcat.profile index d9c72407f..1c6851189 100644 --- a/etc/profile-m-z/xzcat.profile +++ b/etc/profile-m-z/xzcat.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xzcat.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/xzcmp.profile b/etc/profile-m-z/xzcmp.profile index d9c72407f..214f714ce 100644 --- a/etc/profile-m-z/xzcmp.profile +++ b/etc/profile-m-z/xzcmp.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xzcmp.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/xzdiff.profile b/etc/profile-m-z/xzdiff.profile index d9c72407f..19a4c853f 100644 --- a/etc/profile-m-z/xzdiff.profile +++ b/etc/profile-m-z/xzdiff.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xzdiff.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/xzegrep.profile b/etc/profile-m-z/xzegrep.profile index d9c72407f..998fab02c 100644 --- a/etc/profile-m-z/xzegrep.profile +++ b/etc/profile-m-z/xzegrep.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xzegrep.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/xzfgrep.profile b/etc/profile-m-z/xzfgrep.profile index d9c72407f..4301f5c96 100644 --- a/etc/profile-m-z/xzfgrep.profile +++ b/etc/profile-m-z/xzfgrep.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xzfgrep.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/xzgrep.profile b/etc/profile-m-z/xzgrep.profile index f7410b928..2def07549 100644 --- a/etc/profile-m-z/xzgrep.profile +++ b/etc/profile-m-z/xzgrep.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include xzgrep.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include cpio.profile | 9 | include cpio.profile |
diff --git a/etc/profile-m-z/xzless.profile b/etc/profile-m-z/xzless.profile index f7410b928..d55a4c6c9 100644 --- a/etc/profile-m-z/xzless.profile +++ b/etc/profile-m-z/xzless.profile | |||
@@ -2,5 +2,8 @@ | |||
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | 4 | ||
5 | # Persistent local customizations | ||
6 | include xzless.local | ||
7 | |||
5 | # Redirect | 8 | # Redirect |
6 | include cpio.profile | 9 | include cpio.profile |
diff --git a/etc/profile-m-z/xzmore.profile b/etc/profile-m-z/xzmore.profile index d9c72407f..f847c7006 100644 --- a/etc/profile-m-z/xzmore.profile +++ b/etc/profile-m-z/xzmore.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | 4 | quiet |
5 | 5 | ||
6 | # Persistent local customizations | ||
7 | include xzmore.local | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include cpio.profile | 10 | include cpio.profile |
diff --git a/etc/profile-m-z/zstdcat.profile b/etc/profile-m-z/zstdcat.profile index ce9af3286..e7c37f58c 100644 --- a/etc/profile-m-z/zstdcat.profile +++ b/etc/profile-m-z/zstdcat.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for zstd | 1 | # Firejail profile alias for zstd |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include zstdcat.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include zstd.profile | 8 | include zstd.profile |
diff --git a/etc/profile-m-z/zstdgrep.profile b/etc/profile-m-z/zstdgrep.profile index ce9af3286..604e3524e 100644 --- a/etc/profile-m-z/zstdgrep.profile +++ b/etc/profile-m-z/zstdgrep.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for zstd | 1 | # Firejail profile alias for zstd |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include zstdgrep.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include zstd.profile | 8 | include zstd.profile |
diff --git a/etc/profile-m-z/zstdless.profile b/etc/profile-m-z/zstdless.profile index ce9af3286..efe688856 100644 --- a/etc/profile-m-z/zstdless.profile +++ b/etc/profile-m-z/zstdless.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for zstd | 1 | # Firejail profile alias for zstd |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include zstdless.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include zstd.profile | 8 | include zstd.profile |
diff --git a/etc/profile-m-z/zstdmt.profile b/etc/profile-m-z/zstdmt.profile index ce9af3286..cdd93f688 100644 --- a/etc/profile-m-z/zstdmt.profile +++ b/etc/profile-m-z/zstdmt.profile | |||
@@ -1,5 +1,8 @@ | |||
1 | # Firejail profile alias for zstd | 1 | # Firejail profile alias for zstd |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | 3 | ||
4 | # Persistent local customizations | ||
5 | include zstdmt.local | ||
6 | |||
4 | # Redirect | 7 | # Redirect |
5 | include zstd.profile | 8 | include zstd.profile |
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 3d37fc827..8b44b0bc0 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
@@ -158,6 +158,7 @@ include globals.local | |||
158 | ##seccomp !chroot | 158 | ##seccomp !chroot |
159 | ##seccomp.drop SYSCALLS (see syscalls.txt) | 159 | ##seccomp.drop SYSCALLS (see syscalls.txt) |
160 | #seccomp.block-secondary | 160 | #seccomp.block-secondary |
161 | ##seccomp-error-action log (Only for debugging seccomp issues) | ||
161 | #shell none | 162 | #shell none |
162 | #tracelog | 163 | #tracelog |
163 | # Prefer 'x11 none' instead of 'blacklist /tmp/.X11-unix' if 'net none' is set | 164 | # Prefer 'x11 none' instead of 'blacklist /tmp/.X11-unix' if 'net none' is set |
diff --git a/src/fcopy/main.c b/src/fcopy/main.c index 0a4a61e2a..e65501d6d 100644 --- a/src/fcopy/main.c +++ b/src/fcopy/main.c | |||
@@ -111,7 +111,7 @@ static void copy_file(const char *srcname, const char *destname, mode_t mode, ui | |||
111 | } | 111 | } |
112 | 112 | ||
113 | // open destination | 113 | // open destination |
114 | int dst = open(destname, O_CREAT|O_WRONLY|O_TRUNC, 0755); | 114 | int dst = open(destname, O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR); |
115 | if (dst < 0) { | 115 | if (dst < 0) { |
116 | if (!arg_quiet) | 116 | if (!arg_quiet) |
117 | fprintf(stderr, "Warning fcopy: cannot open %s, file not copied\n", destname); | 117 | fprintf(stderr, "Warning fcopy: cannot open %s, file not copied\n", destname); |
@@ -132,7 +132,8 @@ static void copy_file(const char *srcname, const char *destname, mode_t mode, ui | |||
132 | done += rv; | 132 | done += rv; |
133 | } | 133 | } |
134 | } | 134 | } |
135 | fflush(0); | 135 | if (len < 0) |
136 | goto errexit; | ||
136 | 137 | ||
137 | if (fchown(dst, uid, gid) == -1) | 138 | if (fchown(dst, uid, gid) == -1) |
138 | goto errexit; | 139 | goto errexit; |
@@ -179,7 +180,7 @@ void copy_link(const char *target, const char *linkpath, mode_t mode, uid_t uid, | |||
179 | 180 | ||
180 | // if the link is already there, don't create it | 181 | // if the link is already there, don't create it |
181 | struct stat s; | 182 | struct stat s; |
182 | if (stat(linkpath, &s) == 0) | 183 | if (lstat(linkpath, &s) == 0) |
183 | return; | 184 | return; |
184 | 185 | ||
185 | char *rp = realpath(target, NULL); | 186 | char *rp = realpath(target, NULL); |
@@ -413,25 +414,19 @@ int main(int argc, char **argv) { | |||
413 | 414 | ||
414 | warn_dumpable(); | 415 | warn_dumpable(); |
415 | 416 | ||
416 | // trim trailing chars | ||
417 | if (src[strlen(src) - 1] == '/') | ||
418 | src[strlen(src) - 1] = '\0'; | ||
419 | if (dest[strlen(dest) - 1] == '/') | ||
420 | dest[strlen(dest) - 1] = '\0'; | ||
421 | |||
422 | // check the two files; remove ending / | 417 | // check the two files; remove ending / |
423 | int len = strlen(src); | 418 | size_t len = strlen(src); |
424 | if (src[len - 1] == '/') | 419 | while (len > 1 && src[len - 1] == '/') |
425 | src[len - 1] = '\0'; | 420 | src[--len] = '\0'; |
426 | if (strcspn(src, "\\*&!?\"'<>%^(){}[];,") != (size_t)len) { | 421 | if (strcspn(src, "\\*&!?\"'<>%^(){}[];,") != len) { |
427 | fprintf(stderr, "Error fcopy: invalid source file name %s\n", src); | 422 | fprintf(stderr, "Error fcopy: invalid source file name %s\n", src); |
428 | exit(1); | 423 | exit(1); |
429 | } | 424 | } |
430 | 425 | ||
431 | len = strlen(dest); | 426 | len = strlen(dest); |
432 | if (dest[len - 1] == '/') | 427 | while (len > 1 && dest[len - 1] == '/') |
433 | dest[len - 1] = '\0'; | 428 | dest[--len] = '\0'; |
434 | if (strcspn(dest, "\\*&!?\"'<>%^(){}[];,~") != (size_t)len) { | 429 | if (strcspn(dest, "\\*&!?\"'<>%^(){}[];,~") != len) { |
435 | fprintf(stderr, "Error fcopy: invalid dest file name %s\n", dest); | 430 | fprintf(stderr, "Error fcopy: invalid dest file name %s\n", dest); |
436 | exit(1); | 431 | exit(1); |
437 | } | 432 | } |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 109f89f39..d6fcdb38f 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -390,6 +390,7 @@ kazam | |||
390 | kcalc | 390 | kcalc |
391 | # kdeinit4 | 391 | # kdeinit4 |
392 | kdenlive | 392 | kdenlive |
393 | kdiff3 | ||
393 | keepass | 394 | keepass |
394 | keepass2 | 395 | keepass2 |
395 | keepassx | 396 | keepassx |
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index a5c005931..b8c1b21b1 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
@@ -33,6 +33,52 @@ extern void fslib_install_system(void); | |||
33 | static int lib_cnt = 0; | 33 | static int lib_cnt = 0; |
34 | static int dir_cnt = 0; | 34 | static int dir_cnt = 0; |
35 | 35 | ||
36 | char *find_in_path(const char *program) { | ||
37 | EUID_ASSERT(); | ||
38 | if (arg_debug) | ||
39 | printf("Searching $PATH for %s\n", program); | ||
40 | |||
41 | char self[MAXBUF]; | ||
42 | ssize_t len = readlink("/proc/self/exe", self, MAXBUF - 1); | ||
43 | if (len < 0) | ||
44 | errExit("readlink"); | ||
45 | self[len] = '\0'; | ||
46 | |||
47 | char *path = getenv("PATH"); | ||
48 | if (!path) | ||
49 | return NULL; | ||
50 | char *dup = strdup(path); | ||
51 | if (!dup) | ||
52 | errExit("strdup"); | ||
53 | char *tok = strtok(dup, ":"); | ||
54 | while (tok) { | ||
55 | char *fname; | ||
56 | if (asprintf(&fname, "%s/%s", tok, program) == -1) | ||
57 | errExit("asprintf"); | ||
58 | |||
59 | if (arg_debug) | ||
60 | printf("trying #%s#\n", fname); | ||
61 | struct stat s; | ||
62 | if (stat(fname, &s) == 0) { | ||
63 | // but skip links created by firecfg | ||
64 | char *rp = realpath(fname, NULL); | ||
65 | if (!rp) | ||
66 | errExit("realpath"); | ||
67 | if (strcmp(self, rp) != 0) { | ||
68 | free(rp); | ||
69 | free(dup); | ||
70 | return fname; | ||
71 | } | ||
72 | free(rp); | ||
73 | } | ||
74 | free(fname); | ||
75 | tok = strtok(NULL, ":"); | ||
76 | } | ||
77 | |||
78 | free(dup); | ||
79 | return NULL; | ||
80 | } | ||
81 | |||
36 | static void report_duplication(const char *full_path) { | 82 | static void report_duplication(const char *full_path) { |
37 | char *fname = strrchr(full_path, '/'); | 83 | char *fname = strrchr(full_path, '/'); |
38 | if (fname && *(++fname) != '\0') { | 84 | if (fname && *(++fname) != '\0') { |
@@ -337,20 +383,39 @@ void fs_private_lib(void) { | |||
337 | timetrace_start(); | 383 | timetrace_start(); |
338 | 384 | ||
339 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail | 385 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail |
386 | if (arg_debug || arg_debug_private_lib) | ||
387 | printf("Installing Firejail libraries\n"); | ||
340 | fslib_install_list(PATH_FIREJAIL); | 388 | fslib_install_list(PATH_FIREJAIL); |
341 | 389 | ||
342 | // bring in firejail directory | 390 | // bring in firejail directory |
343 | fslib_install_list("firejail"); | 391 | fslib_install_list(LIBDIR "/firejail"); |
344 | 392 | ||
345 | // for dhclient | 393 | // bring in dhclient libraries |
346 | if (any_dhcp()) | 394 | if (any_dhcp()) { |
395 | if (arg_debug || arg_debug_private_lib) | ||
396 | printf("Installing dhclient libraries\n"); | ||
347 | fslib_install_list(RUN_MNT_DIR "/dhclient"); | 397 | fslib_install_list(RUN_MNT_DIR "/dhclient"); |
398 | } | ||
399 | fmessage("Firejail libraries installed in %0.2f ms\n", timetrace_end()); | ||
400 | |||
401 | timetrace_start(); | ||
348 | 402 | ||
349 | // copy the libs in the new lib directory for the main exe | 403 | // copy the libs in the new lib directory for the main exe |
350 | if (cfg.original_program_index > 0) { | 404 | if (cfg.original_program_index > 0) { |
351 | if (arg_debug || arg_debug_private_lib) | 405 | if (arg_debug || arg_debug_private_lib) |
352 | printf("Installing sandboxed program libraries\n"); | 406 | printf("Installing sandboxed program libraries\n"); |
353 | fslib_install_list(cfg.original_argv[cfg.original_program_index]); | 407 | |
408 | if (strchr(cfg.original_argv[cfg.original_program_index], '/')) | ||
409 | fslib_install_list(cfg.original_argv[cfg.original_program_index]); | ||
410 | else { // search executable in $PATH | ||
411 | EUID_USER(); | ||
412 | char *fname = find_in_path(cfg.original_argv[cfg.original_program_index]); | ||
413 | EUID_ROOT(); | ||
414 | if (fname) { | ||
415 | fslib_install_list(fname); | ||
416 | free(fname); | ||
417 | } | ||
418 | } | ||
354 | } | 419 | } |
355 | 420 | ||
356 | // for the shell | 421 | // for the shell |
@@ -379,7 +444,7 @@ void fs_private_lib(void) { | |||
379 | } | 444 | } |
380 | fmessage("Program libraries installed in %0.2f ms\n", timetrace_end()); | 445 | fmessage("Program libraries installed in %0.2f ms\n", timetrace_end()); |
381 | 446 | ||
382 | // install the reset of the system libraries | 447 | // install the rest of the system libraries |
383 | if (arg_debug || arg_debug_private_lib) | 448 | if (arg_debug || arg_debug_private_lib) |
384 | printf("Installing system libraries\n"); | 449 | printf("Installing system libraries\n"); |
385 | fslib_install_system(); | 450 | fslib_install_system(); |
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index 758e079a4..95e10ee05 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c | |||
@@ -108,18 +108,13 @@ void fslib_install_stdc(void) { | |||
108 | // install standard C libraries | 108 | // install standard C libraries |
109 | timetrace_start(); | 109 | timetrace_start(); |
110 | struct stat s; | 110 | struct stat s; |
111 | char *stdclib = "/lib64"; // CentOS, Fedora, Arch | ||
112 | |||
113 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends | 111 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends |
114 | // PT_INTERP | ||
115 | fslib_duplicate("/lib64/ld-linux-x86-64.so.2"); | ||
116 | |||
117 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); | 112 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); |
118 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); | 113 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); |
119 | stdclib = "/lib/x86_64-linux-gnu"; | 114 | stdc("/lib/x86_64-linux-gnu"); |
120 | } | 115 | } |
121 | 116 | ||
122 | stdc(stdclib); | 117 | stdc("/lib64"); // CentOS, Fedora, Arch, ld-linux.so in Debian & friends |
123 | 118 | ||
124 | // install locale | 119 | // install locale |
125 | if (stat("/usr/lib/locale", &s) == 0) | 120 | if (stat("/usr/lib/locale", &s) == 0) |
diff --git a/src/firejail/run_symlink.c b/src/firejail/run_symlink.c index ea3889024..b38cc0ca6 100644 --- a/src/firejail/run_symlink.c +++ b/src/firejail/run_symlink.c | |||
@@ -22,6 +22,8 @@ | |||
22 | #include <sys/stat.h> | 22 | #include <sys/stat.h> |
23 | #include <unistd.h> | 23 | #include <unistd.h> |
24 | 24 | ||
25 | extern char *find_in_path(const char *program); | ||
26 | |||
25 | void run_symlink(int argc, char **argv, int run_as_is) { | 27 | void run_symlink(int argc, char **argv, int run_as_is) { |
26 | EUID_ASSERT(); | 28 | EUID_ASSERT(); |
27 | 29 | ||
@@ -40,54 +42,17 @@ void run_symlink(int argc, char **argv, int run_as_is) { | |||
40 | errExit("setresuid"); | 42 | errExit("setresuid"); |
41 | 43 | ||
42 | // find the real program by looking in PATH | 44 | // find the real program by looking in PATH |
43 | char *p = getenv("PATH"); | 45 | if (!getenv("PATH")) { |
44 | if (!p) { | ||
45 | fprintf(stderr, "Error: PATH environment variable not set\n"); | 46 | fprintf(stderr, "Error: PATH environment variable not set\n"); |
46 | exit(1); | 47 | exit(1); |
47 | } | 48 | } |
48 | 49 | ||
49 | char *path = strdup(p); | 50 | char *p = find_in_path(program); |
50 | if (!path) | 51 | if (!p) { |
51 | errExit("strdup"); | ||
52 | |||
53 | char *selfpath = realpath("/proc/self/exe", NULL); | ||
54 | if (!selfpath) | ||
55 | errExit("realpath"); | ||
56 | |||
57 | // look in path for our program | ||
58 | char *tok = strtok(path, ":"); | ||
59 | int found = 0; | ||
60 | while (tok) { | ||
61 | char *name; | ||
62 | if (asprintf(&name, "%s/%s", tok, program) == -1) | ||
63 | errExit("asprintf"); | ||
64 | |||
65 | struct stat s; | ||
66 | if (stat(name, &s) == 0) { | ||
67 | /* coverity[toctou] */ | ||
68 | char* rp = realpath(name, NULL); | ||
69 | if (!rp) | ||
70 | errExit("realpath"); | ||
71 | |||
72 | if (strcmp(selfpath, rp) != 0) { | ||
73 | program = strdup(name); | ||
74 | found = 1; | ||
75 | free(rp); | ||
76 | break; | ||
77 | } | ||
78 | |||
79 | free(rp); | ||
80 | } | ||
81 | |||
82 | free(name); | ||
83 | tok = strtok(NULL, ":"); | ||
84 | } | ||
85 | if (!found) { | ||
86 | fprintf(stderr, "Error: cannot find the program in the path\n"); | 52 | fprintf(stderr, "Error: cannot find the program in the path\n"); |
87 | exit(1); | 53 | exit(1); |
88 | } | 54 | } |
89 | 55 | program = p; | |
90 | free(selfpath); | ||
91 | 56 | ||
92 | // restore original umask | 57 | // restore original umask |
93 | umask(orig_umask); | 58 | umask(orig_umask); |
diff --git a/src/profstats/main.c b/src/profstats/main.c index 4c1221464..68f62831b 100644 --- a/src/profstats/main.c +++ b/src/profstats/main.c | |||
@@ -30,6 +30,8 @@ static int cnt_seccomp = 0; | |||
30 | static int cnt_caps = 0; | 30 | static int cnt_caps = 0; |
31 | static int cnt_dbus_system_none = 0; | 31 | static int cnt_dbus_system_none = 0; |
32 | static int cnt_dbus_user_none = 0; | 32 | static int cnt_dbus_user_none = 0; |
33 | static int cnt_dbus_system_filter = 0; | ||
34 | static int cnt_dbus_user_filter = 0; | ||
33 | static int cnt_dotlocal = 0; | 35 | static int cnt_dotlocal = 0; |
34 | static int cnt_globalsdotlocal = 0; | 36 | static int cnt_globalsdotlocal = 0; |
35 | static int cnt_netnone = 0; | 37 | static int cnt_netnone = 0; |
@@ -107,6 +109,7 @@ void process_file(const char *fname) { | |||
107 | return; | 109 | return; |
108 | } | 110 | } |
109 | 111 | ||
112 | int have_include_local = 0; | ||
110 | char buf[MAXBUF]; | 113 | char buf[MAXBUF]; |
111 | while (fgets(buf, MAXBUF, fp)) { | 114 | while (fgets(buf, MAXBUF, fp)) { |
112 | char *ptr = strchr(buf, '\n'); | 115 | char *ptr = strchr(buf, '\n'); |
@@ -152,11 +155,16 @@ void process_file(const char *fname) { | |||
152 | cnt_privateetc++; | 155 | cnt_privateetc++; |
153 | else if (strncmp(ptr, "dbus-system none", 16) == 0) | 156 | else if (strncmp(ptr, "dbus-system none", 16) == 0) |
154 | cnt_dbus_system_none++; | 157 | cnt_dbus_system_none++; |
158 | else if (strncmp(ptr, "dbus-system", 11) == 0) | ||
159 | cnt_dbus_system_filter++; | ||
155 | else if (strncmp(ptr, "dbus-user none", 14) == 0) | 160 | else if (strncmp(ptr, "dbus-user none", 14) == 0) |
156 | cnt_dbus_user_none++; | 161 | cnt_dbus_user_none++; |
162 | else if (strncmp(ptr, "dbus-user", 9) == 0) | ||
163 | cnt_dbus_user_filter++; | ||
157 | else if (strncmp(ptr, "include ", 8) == 0) { | 164 | else if (strncmp(ptr, "include ", 8) == 0) { |
158 | // not processing .local files | 165 | // not processing .local files |
159 | if (strstr(ptr, ".local")) { | 166 | if (strstr(ptr, ".local")) { |
167 | have_include_local = 1; | ||
160 | //printf("dotlocal %d, level %d - #%s#, redirect #%s#\n", cnt_dotlocal, level, fname, buf + 8); | 168 | //printf("dotlocal %d, level %d - #%s#, redirect #%s#\n", cnt_dotlocal, level, fname, buf + 8); |
161 | if (strstr(ptr, "globals.local")) | 169 | if (strstr(ptr, "globals.local")) |
162 | cnt_globalsdotlocal++; | 170 | cnt_globalsdotlocal++; |
@@ -174,6 +182,8 @@ void process_file(const char *fname) { | |||
174 | } | 182 | } |
175 | 183 | ||
176 | fclose(fp); | 184 | fclose(fp); |
185 | if (!have_include_local) | ||
186 | printf("No include .local found in %s\n", fname); | ||
177 | level--; | 187 | level--; |
178 | } | 188 | } |
179 | 189 | ||
@@ -257,7 +267,9 @@ int main(int argc, char **argv) { | |||
257 | int whitelistrunuser = cnt_whitelistrunuser; | 267 | int whitelistrunuser = cnt_whitelistrunuser; |
258 | int whitelistusrshare = cnt_whitelistusrshare; | 268 | int whitelistusrshare = cnt_whitelistusrshare; |
259 | int dbussystemnone = cnt_dbus_system_none; | 269 | int dbussystemnone = cnt_dbus_system_none; |
270 | int dbussystemfilter = cnt_dbus_system_filter; | ||
260 | int dbususernone = cnt_dbus_user_none; | 271 | int dbususernone = cnt_dbus_user_none; |
272 | int dbususerfilter = cnt_dbus_user_filter; | ||
261 | int ssh = cnt_ssh; | 273 | int ssh = cnt_ssh; |
262 | int mdwx = cnt_mdwx; | 274 | int mdwx = cnt_mdwx; |
263 | 275 | ||
@@ -278,6 +290,16 @@ int main(int argc, char **argv) { | |||
278 | cnt_globalsdotlocal = globalsdotlocal + 1; | 290 | cnt_globalsdotlocal = globalsdotlocal + 1; |
279 | if (cnt_whitelistrunuser > (whitelistrunuser + 1)) | 291 | if (cnt_whitelistrunuser > (whitelistrunuser + 1)) |
280 | cnt_whitelistrunuser = whitelistrunuser + 1; | 292 | cnt_whitelistrunuser = whitelistrunuser + 1; |
293 | if (cnt_seccomp > (seccomp + 1)) | ||
294 | cnt_seccomp = seccomp + 1; | ||
295 | if (cnt_dbus_user_none > (dbususernone + 1)) | ||
296 | cnt_dbus_user_none = dbususernone + 1; | ||
297 | if (cnt_dbus_user_filter > (dbususerfilter + 1)) | ||
298 | cnt_dbus_user_filter = dbususerfilter + 1; | ||
299 | if (cnt_dbus_system_none > (dbussystemnone + 1)) | ||
300 | cnt_dbus_system_none = dbussystemnone + 1; | ||
301 | if (cnt_dbus_system_filter > (dbussystemfilter + 1)) | ||
302 | cnt_dbus_system_filter = dbussystemfilter + 1; | ||
281 | 303 | ||
282 | if (arg_dbus_system_none && dbussystemnone == cnt_dbus_system_none) | 304 | if (arg_dbus_system_none && dbussystemnone == cnt_dbus_system_none) |
283 | printf("No dbus-system none found in %s\n", argv[i]); | 305 | printf("No dbus-system none found in %s\n", argv[i]); |
@@ -337,7 +359,9 @@ int main(int argc, char **argv) { | |||
337 | printf(" whitelist usr/share\t\t%d (include whitelist-usr-share-common.inc\n", cnt_whitelistusrshare); | 359 | printf(" whitelist usr/share\t\t%d (include whitelist-usr-share-common.inc\n", cnt_whitelistusrshare); |
338 | printf(" net none\t\t\t%d\n", cnt_netnone); | 360 | printf(" net none\t\t\t%d\n", cnt_netnone); |
339 | printf(" dbus-user none \t\t%d\n", cnt_dbus_user_none); | 361 | printf(" dbus-user none \t\t%d\n", cnt_dbus_user_none); |
362 | printf(" dbus-user filter \t\t%d\n", cnt_dbus_user_filter); | ||
340 | printf(" dbus-system none \t\t%d\n", cnt_dbus_system_none); | 363 | printf(" dbus-system none \t\t%d\n", cnt_dbus_system_none); |
364 | printf(" dbus-system filter \t\t%d\n", cnt_dbus_system_filter); | ||
341 | printf("\n"); | 365 | printf("\n"); |
342 | return 0; | 366 | return 0; |
343 | } | 367 | } |