5 files changed, 68 insertions, 2 deletions
diff --git a/README.md b/README.md
index 1b6b59f90..ac91df682 100644
--- a/README.md
+++ b/README.md
@@ -199,4 +199,4 @@ penguin-command, x2goclient, frogatto, gnome-mines, gnome-nibbles, lightsoff, ts
 four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars,
 hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers,
 seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded, cawbird, freetube, homebank, mattermost-desktop, newsflash, com.gitlab.newsflash, element-desktop, sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer, lyx, minitube, nuclear, mtpaint, minecraft-launcher, gnome-calendar, vmware, git-cola, otter-browser, kazam, menulibre, musictube, onboard, fractal, mirage, quaternion, spectral, man, psi, smuxi-frontend-gnome, balsa, kube, trojita, cola, twitch, youtube, youtubemusic-nativefier, ytmdesktop, dbus-send, notify-send, qrencode,
-xournalpp, chromium-freeworld
+xournalpp, chromium-freeworld, equalx
diff --git a/RELNOTES b/RELNOTES
index f5189fd58..90748ca7c 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -49,7 +49,7 @@ firejail (0.9.63) baseline; urgency=low
  * new profiles: onboard, fractal, mirage, quaternion, spectral, man, psi, twitch
  * new profiles: smuxi-frontend-gnome, balsa, kube, trojita, youtube, ytmdesktop
  * new profiles: youtubemusic-nativefier, cola, dbus-send, notify-send, qrencode
-  * new profiles: xournalpp, chromium-freeworld
+  * new profiles: xournalpp, chromium-freeworld, equalx
 -- netblue30 <netblue30@yahoo.com>  Tue, 21 Apr 2020 08:00:00 -0500
 firejail (0.9.62) baseline; urgency=low
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
index 92a87352b..4f90e6413 100644
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@@ -209,6 +209,7 @@ blacklist ${HOME}/.config/emailidentities
 blacklist ${HOME}/.config/enchant
 blacklist ${HOME}/.config/eog
 blacklist ${HOME}/.config/epiphany
+blacklist ${HOME}/.config/equalx
 blacklist ${HOME}/.config/evince
 blacklist ${HOME}/.config/evolution
 blacklist ${HOME}/.config/falkon
@@ -436,6 +437,7 @@ blacklist ${HOME}/.electrum*
 blacklist ${HOME}/.elinks
 blacklist ${HOME}/.emacs
 blacklist ${HOME}/.emacs.d
+blacklist ${HOME}/.equalx
 blacklist ${HOME}/.ethereum
 blacklist ${HOME}/.etr
 blacklist ${HOME}/.filezilla
diff --git a/etc/profile-a-l/equalx.profile b/etc/profile-a-l/equalx.profile
new file mode 100644
index 000000000..58b053041
--- /dev/null
+++ b/etc/profile-a-l/equalx.profile
@@ -0,0 +1,63 @@
+# Firejail profile for equalx
+# Description: A graphical editor for writing LaTeX equations
+# This file is overwritten after every install/update
+# Persistent local customizations
+include equalx.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.config/equalx
+noblacklist ${HOME}/.equalx
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+mkdir ${HOME}/.config/equalx
+mkdir ${HOME}/.equalx
+whitelist ${HOME}/.config/equalx
+whitelist ${HOME}/.equalx
+whitelist /usr/share/poppler
+whitelist /usr/share/ghostscript
+whitelist /usr/share/texlive
+whitelist /usr/share/equalx
+whitelist /var/lib/texmf
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+disable-mnt
+private-bin equalx,gs,pdflatex,pdftocairo
+private-cache
+private-dev
+private-etc equalx,equalx.conf,fonts,gtk-2.0,latexmk.conf,machine-id,papersize,passwd,texlive,Trolltech.conf
+private-tmp
+dbus-user none
+dbus-system none
+memory-deny-write-execute
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 9f4f478c5..d16aa2ee9 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -197,6 +197,7 @@ eog
 eom
 ephemeral
 #epiphany
+equalx
 et
 etr
 evince

diff --git a/README.md b/README.md index 1b6b59f90..ac91df682 100644 --- a/README.md +++ b/README.md
@@ -199,4 +199,4 @@ penguin-command, x2goclient, frogatto, gnome-mines, gnome-nibbles, lightsoff, ts
199	four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars,	199	four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars,
200	hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers,	200	hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers,
201	seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded, cawbird, freetube, homebank, mattermost-desktop, newsflash, com.gitlab.newsflash, element-desktop, sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer, lyx, minitube, nuclear, mtpaint, minecraft-launcher, gnome-calendar, vmware, git-cola, otter-browser, kazam, menulibre, musictube, onboard, fractal, mirage, quaternion, spectral, man, psi, smuxi-frontend-gnome, balsa, kube, trojita, cola, twitch, youtube, youtubemusic-nativefier, ytmdesktop, dbus-send, notify-send, qrencode,	201	seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded, cawbird, freetube, homebank, mattermost-desktop, newsflash, com.gitlab.newsflash, element-desktop, sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer, lyx, minitube, nuclear, mtpaint, minecraft-launcher, gnome-calendar, vmware, git-cola, otter-browser, kazam, menulibre, musictube, onboard, fractal, mirage, quaternion, spectral, man, psi, smuxi-frontend-gnome, balsa, kube, trojita, cola, twitch, youtube, youtubemusic-nativefier, ytmdesktop, dbus-send, notify-send, qrencode,
202	xournalpp, chromium-freeworld	202	xournalpp, chromium-freeworld, equalx


diff --git a/RELNOTES b/RELNOTES index f5189fd58..90748ca7c 100644 --- a/RELNOTES +++ b/RELNOTES
@@ -49,7 +49,7 @@ firejail (0.9.63) baseline; urgency=low
49	* new profiles: onboard, fractal, mirage, quaternion, spectral, man, psi, twitch	49	* new profiles: onboard, fractal, mirage, quaternion, spectral, man, psi, twitch
50	* new profiles: smuxi-frontend-gnome, balsa, kube, trojita, youtube, ytmdesktop	50	* new profiles: smuxi-frontend-gnome, balsa, kube, trojita, youtube, ytmdesktop
51	* new profiles: youtubemusic-nativefier, cola, dbus-send, notify-send, qrencode	51	* new profiles: youtubemusic-nativefier, cola, dbus-send, notify-send, qrencode
52	* new profiles: xournalpp, chromium-freeworld	52	* new profiles: xournalpp, chromium-freeworld, equalx
53	-- netblue30 <netblue30@yahoo.com> Tue, 21 Apr 2020 08:00:00 -0500	53	-- netblue30 <netblue30@yahoo.com> Tue, 21 Apr 2020 08:00:00 -0500
54		54
55	firejail (0.9.62) baseline; urgency=low	55	firejail (0.9.62) baseline; urgency=low


diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 92a87352b..4f90e6413 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc
@@ -209,6 +209,7 @@ blacklist ${HOME}/.config/emailidentities
209	blacklist ${HOME}/.config/enchant	209	blacklist ${HOME}/.config/enchant
210	blacklist ${HOME}/.config/eog	210	blacklist ${HOME}/.config/eog
211	blacklist ${HOME}/.config/epiphany	211	blacklist ${HOME}/.config/epiphany
		212	blacklist ${HOME}/.config/equalx
212	blacklist ${HOME}/.config/evince	213	blacklist ${HOME}/.config/evince
213	blacklist ${HOME}/.config/evolution	214	blacklist ${HOME}/.config/evolution
214	blacklist ${HOME}/.config/falkon	215	blacklist ${HOME}/.config/falkon
@@ -436,6 +437,7 @@ blacklist ${HOME}/.electrum*
436	blacklist ${HOME}/.elinks	437	blacklist ${HOME}/.elinks
437	blacklist ${HOME}/.emacs	438	blacklist ${HOME}/.emacs
438	blacklist ${HOME}/.emacs.d	439	blacklist ${HOME}/.emacs.d
		440	blacklist ${HOME}/.equalx
439	blacklist ${HOME}/.ethereum	441	blacklist ${HOME}/.ethereum
440	blacklist ${HOME}/.etr	442	blacklist ${HOME}/.etr
441	blacklist ${HOME}/.filezilla	443	blacklist ${HOME}/.filezilla


diff --git a/etc/profile-a-l/equalx.profile b/etc/profile-a-l/equalx.profile new file mode 100644 index 000000000..58b053041 --- /dev/null +++ b/etc/profile-a-l/equalx.profile
@@ -0,0 +1,63 @@
		1	# Firejail profile for equalx
		2	# Description: A graphical editor for writing LaTeX equations
		3	# This file is overwritten after every install/update
		4	# Persistent local customizations
		5	include equalx.local
		6	# Persistent global definitions
		7	include globals.local
		8
		9	noblacklist ${HOME}/.config/equalx
		10	noblacklist ${HOME}/.equalx
		11
		12	include disable-common.inc
		13	include disable-devel.inc
		14	include disable-exec.inc
		15	include disable-interpreters.inc
		16	include disable-passwdmgr.inc
		17	include disable-programs.inc
		18	include disable-shell.inc
		19	include disable-xdg.inc
		20
		21	mkdir ${HOME}/.config/equalx
		22	mkdir ${HOME}/.equalx
		23	whitelist ${HOME}/.config/equalx
		24	whitelist ${HOME}/.equalx
		25	whitelist /usr/share/poppler
		26	whitelist /usr/share/ghostscript
		27	whitelist /usr/share/texlive
		28	whitelist /usr/share/equalx
		29	whitelist /var/lib/texmf
		30	include whitelist-common.inc
		31	include whitelist-runuser-common.inc
		32	include whitelist-usr-share-common.inc
		33	include whitelist-var-common.inc
		34
		35	apparmor
		36	caps.drop all
		37	machine-id
		38	net none
		39	no3d
		40	nodvd
		41	nogroups
		42	nonewprivs
		43	noroot
		44	nosound
		45	notv
		46	nou2f
		47	novideo
		48	protocol unix
		49	seccomp
		50	shell none
		51	tracelog
		52
		53	disable-mnt
		54	private-bin equalx,gs,pdflatex,pdftocairo
		55	private-cache
		56	private-dev
		57	private-etc equalx,equalx.conf,fonts,gtk-2.0,latexmk.conf,machine-id,papersize,passwd,texlive,Trolltech.conf
		58	private-tmp
		59
		60	dbus-user none
		61	dbus-system none
		62
		63	memory-deny-write-execute


diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 9f4f478c5..d16aa2ee9 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config
@@ -197,6 +197,7 @@ eog
197	eom	197	eom
198	ephemeral	198	ephemeral
199	#epiphany	199	#epiphany
		200	equalx
200	et	201	et
201	etr	202	etr
202	evince	203	evince