aboutsummaryrefslogtreecommitdiffstats
path: root/etc/kmail.profile
diff options
context:
space:
mode:
Diffstat (limited to 'etc/kmail.profile')
-rw-r--r--etc/kmail.profile14
1 files changed, 8 insertions, 6 deletions
diff --git a/etc/kmail.profile b/etc/kmail.profile
index 952af55c8..e33eae84f 100644
--- a/etc/kmail.profile
+++ b/etc/kmail.profile
@@ -5,20 +5,22 @@ include /etc/firejail/kmail.local
5# Persistent global definitions 5# Persistent global definitions
6include /etc/firejail/globals.local 6include /etc/firejail/globals.local
7 7
8# if akonadi has a mysql backend, starting it inside this sandbox will fail. 8# kmail has problems launching akonadi in debian and ubuntu.
9# one solution is to have akonadi already running when kmail is launched 9# one solution is to have akonadi already running when kmail is started
10 10
11noblacklist ${HOME}/.cache/akonadi* 11noblacklist ${HOME}/.cache/akonadi*
12noblacklist ${HOME}/.config/akonadi* 12noblacklist ${HOME}/.config/akonadi*
13noblacklist ${HOME}/.config/baloorc 13noblacklist ${HOME}/.config/baloorc
14noblacklist ${HOME}/.config/emailidentities 14noblacklist ${HOME}/.config/emailidentities
15noblacklist ${HOME}/.config/kmail2rc 15noblacklist ${HOME}/.config/kmail2rc
16noblacklist ${HOME}/.local/share/akonadi/* 16noblacklist ${HOME}/.gnupg
17noblacklist ${HOME}/.local/share/akonadi*
17noblacklist ${HOME}/.local/share/contacts 18noblacklist ${HOME}/.local/share/contacts
18noblacklist ${HOME}/.local/share/emailidentities 19noblacklist ${HOME}/.local/share/emailidentities
19noblacklist ${HOME}/.local/share/kmail2 20noblacklist ${HOME}/.local/share/kmail2
20noblacklist ${HOME}/.local/share/local-mail 21noblacklist ${HOME}/.local/share/local-mail
21noblacklist ${HOME}/.gnupg 22noblacklist ${HOME}/.local/share/notes
23noblacklist /tmp/akonadi-*
22 24
23include /etc/firejail/disable-common.inc 25include /etc/firejail/disable-common.inc
24include /etc/firejail/disable-devel.inc 26include /etc/firejail/disable-devel.inc
@@ -36,8 +38,8 @@ nosound
36notv 38notv
37novideo 39novideo
38protocol unix,inet,inet6,netlink 40protocol unix,inet,inet6,netlink
39# we need to allow chroot and ioprio_set system calls 41# we need to allow chroot, io_getevents, ioprio_set, io_setup, io_submit system calls
40seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice 42seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@raw-io,@reboot,@resources,@swap,acct,add_key,bpf,fanotify_init,io_cancel,io_destroy,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice
41# tracelog 43# tracelog
42# writable-run-user is needed for signing and encrypting emails 44# writable-run-user is needed for signing and encrypting emails
43writable-run-user 45writable-run-user
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-07 01:40:21 +0000