21 files changed, 134 insertions, 19 deletions
diff --git a/etc/profile-a-l/1password.profile b/etc/profile-a-l/1password.profile
index b340ad228..690086099 100644
--- a/etc/profile-a-l/1password.profile
+++ b/etc/profile-a-l/1password.profile
@@ -17,4 +17,4 @@ private-etc @tls-ca
 ignore dbus-user none
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/DiscordPTB.profile b/etc/profile-a-l/DiscordPTB.profile
new file mode 100644
index 000000000..4570f0103
--- /dev/null
+++ b/etc/profile-a-l/DiscordPTB.profile
@@ -0,0 +1,10 @@
+# Firejail profile for DiscordPTB
+# This file is overwritten after every install/update
+# Persistent local customizations
+include DiscordPTB.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+# Redirect
+include discord-ptb.profile
diff --git a/etc/profile-a-l/ani-cli.profile b/etc/profile-a-l/ani-cli.profile
new file mode 100644
index 000000000..270dffaed
--- /dev/null
+++ b/etc/profile-a-l/ani-cli.profile
@@ -0,0 +1,41 @@
+# Firejail profile for ani-cli
+# Description: Shell script to watch Anime from the terminal
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include ani-cli.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+noblacklist ${HOME}/.cache/ani-cli
+noblacklist ${HOME}/.local/state/ani-cli
+# Allow /bin/sh (blacklisted by disable-shell.inc)
+include allow-bin-sh.inc
+include disable-proc.inc
+include disable-xdg.inc
+mkdir ${HOME}/.cache/ani-cli
+mkdir ${HOME}/.local/state/ani-cli
+whitelist ${HOME}/.cache/ani-cli
+whitelist ${HOME}/.local/state/ani-cli
+include whitelist-run-common.inc
+include whitelist-runuser-common.inc
+#machine-id
+nodvd
+noprinters
+notv
+disable-mnt
+private-bin ani-cli,aria2c,cat,cp,curl,cut,ffmpeg,fzf,grep,head,mkdir,mv,nl,sed,sh,sort,tput,tr,uname,wc
+#private-cache
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg
+private-tmp
+read-only ${HOME}/.config/mpv
+# Redirect
+include mpv.profile
diff --git a/etc/profile-a-l/atom.profile b/etc/profile-a-l/atom.profile
index ccab77db4..8e8f8515f 100644
--- a/etc/profile-a-l/atom.profile
+++ b/etc/profile-a-l/atom.profile
@@ -30,4 +30,4 @@ include allow-common-devel.inc
 nosound
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/beaker.profile b/etc/profile-a-l/beaker.profile
index f3a9568bd..ff21b7ee5 100644
--- a/etc/profile-a-l/beaker.profile
+++ b/etc/profile-a-l/beaker.profile
@@ -25,4 +25,4 @@ mkdir ${HOME}/.config/Beaker Browser
 whitelist ${HOME}/.config/Beaker Browser
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/bitwarden.profile b/etc/profile-a-l/bitwarden.profile
index ba30c3654..56bb871e7 100644
--- a/etc/profile-a-l/bitwarden.profile
+++ b/etc/profile-a-l/bitwarden.profile
@@ -27,4 +27,4 @@ private-etc @tls-ca
 private-opt Bitwarden
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile
index 4d003ecfc..f1f2f5f68 100644
--- a/etc/profile-a-l/chromium-common.profile
+++ b/etc/profile-a-l/chromium-common.profile
@@ -37,7 +37,9 @@ include whitelist-runuser-common.inc
 include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
-# Add the next line to your chromium-common.local if your kernel allows unprivileged userns clone.
+# If your kernel allows the creation of user namespaces by unprivileged users
+# (for example, if running `unshare -U echo enabled` prints "enabled"), you
+# can add the next line to your chromium-common.local.
 #include chromium-common-hardened.inc.profile
 apparmor
diff --git a/etc/profile-a-l/code.profile b/etc/profile-a-l/code.profile
index 1ff838df9..19862bc92 100644
--- a/etc/profile-a-l/code.profile
+++ b/etc/profile-a-l/code.profile
@@ -39,4 +39,4 @@ nosound
 noexec /tmp
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/discord-common.profile b/etc/profile-a-l/discord-common.profile
index c53170126..83fca8772 100644
--- a/etc/profile-a-l/discord-common.profile
+++ b/etc/profile-a-l/discord-common.profile
@@ -29,4 +29,4 @@ private-etc @tls-ca
 join-or-start discord
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/discord-ptb.profile b/etc/profile-a-l/discord-ptb.profile
new file mode 100644
index 000000000..c39c0d843
--- /dev/null
+++ b/etc/profile-a-l/discord-ptb.profile
@@ -0,0 +1,17 @@
+# Firejail profile for discord-ptb   
+# This file is overwritten after every install/update
+# Persistent local customizations
+include discord-ptb.local   
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.config/discordptb   
+mkdir ${HOME}/.config/discordptb   
+whitelist ${HOME}/.config/discordptb   
+private-bin discord-ptb,DiscordPTB   
+private-opt discord-ptb,DiscordPTB   
+# Redirect
+include discord-common.profile
diff --git a/etc/profile-a-l/electron-hardened.inc.profile b/etc/profile-a-l/electron-common-hardened.inc.profile
index a9e1756d9..11b77d4fb 100644
--- a/etc/profile-a-l/electron-hardened.inc.profile
+++ b/etc/profile-a-l/electron-common-hardened.inc.profile
@@ -1,7 +1,7 @@
-# Firejail profile alias for chrome-common-hardened.inc
+# Firejail profile alias for chromium-common-hardened.inc
 # This file is overwritten after every install/update
 # Persistent local customizations
-include electron-hardened.inc.local
+include electron-common-hardened.inc.local
 # Persistent global definitions
 # added by caller profile
 #include globals.local
diff --git a/etc/profile-a-l/electron.profile b/etc/profile-a-l/electron-common.profile
index c15e43399..73b6d1067 100644
--- a/etc/profile-a-l/electron.profile
+++ b/etc/profile-a-l/electron-common.profile
@@ -1,8 +1,8 @@
-# Firejail profile for electron
+# Firejail profile for electron-common
 # Description: Build cross platform desktop apps with web technologies
 # This file is overwritten after every install/update
 # Persistent local customizations
-include electron.local
+include electron-common.local
 noblacklist ${HOME}/.config/Electron
 noblacklist ${HOME}/.config/electron*-flag*.conf
@@ -22,8 +22,10 @@ include whitelist-runuser-common.inc
 include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
-# Add the next line to your electron.local if your kernel allows unprivileged userns clone.
+# If your kernel allows the creation of user namespaces by unprivileged users
-#include electron-hardened.inc.profile
+# (for example, if running `unshare -U echo enabled` prints "enabled"), you
+# can add the next line to your electron-common.local.
+#include electron-common-hardened.inc.profile
 apparmor
 caps.keep sys_admin,sys_chroot
diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile
index 4872223f1..9f4fabd68 100644
--- a/etc/profile-a-l/electron-mail.profile
+++ b/etc/profile-a-l/electron-mail.profile
@@ -40,4 +40,4 @@ dbus-user.talk org.gnome.keyring.SystemPrompter
 dbus-user.talk org.mozilla.*
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile
index 86442d441..0a44a62a3 100644
--- a/etc/profile-a-l/email-common.profile
+++ b/etc/profile-a-l/email-common.profile
@@ -8,6 +8,7 @@ include email-common.local
 #include globals.local
 noblacklist ${HOME}/.bogofilter
+noblacklist ${HOME}/.bsfilter
 noblacklist ${HOME}/.gnupg
 noblacklist ${HOME}/.mozilla
 noblacklist ${HOME}/.signature
diff --git a/etc/profile-a-l/freetube.profile b/etc/profile-a-l/freetube.profile
index bdc5fa557..70626d05a 100644
--- a/etc/profile-a-l/freetube.profile
+++ b/etc/profile-a-l/freetube.profile
@@ -25,4 +25,4 @@ dbus-user.own org.mpris.MediaPlayer2.chromium.*
 dbus-user.own org.mpris.MediaPlayer2.freetube
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/gajim.profile b/etc/profile-a-l/gajim.profile
index ed7b32f6e..c8414ad1b 100644
--- a/etc/profile-a-l/gajim.profile
+++ b/etc/profile-a-l/gajim.profile
@@ -33,6 +33,7 @@ whitelist ${HOME}/.config/gajim
 whitelist ${HOME}/.local/share/gajim
 whitelist ${DOWNLOADS}
 whitelist ${RUNUSER}/gnupg
+whitelist /usr/share/gajim
 whitelist /usr/share/gnupg
 whitelist /usr/share/gnupg2
 include whitelist-common.inc
diff --git a/etc/profile-a-l/gallery-dl.profile b/etc/profile-a-l/gallery-dl.profile
index 9c8200dc4..9643820e7 100644
--- a/etc/profile-a-l/gallery-dl.profile
+++ b/etc/profile-a-l/gallery-dl.profile
@@ -15,4 +15,4 @@ private-bin gallery-dl
 private-etc gallery-dl.conf
 # Redirect
-include youtube-dl.profile
+include yt-dlp.profile
diff --git a/etc/profile-a-l/github-desktop.profile b/etc/profile-a-l/github-desktop.profile
index efc58ccd7..ced1aa190 100644
--- a/etc/profile-a-l/github-desktop.profile
+++ b/etc/profile-a-l/github-desktop.profile
@@ -39,4 +39,4 @@ nosound
 # memory-deny-write-execute
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/jitsi-meet-desktop.profile b/etc/profile-a-l/jitsi-meet-desktop.profile
index 8c85d1043..bc2c33cfb 100644
--- a/etc/profile-a-l/jitsi-meet-desktop.profile
+++ b/etc/profile-a-l/jitsi-meet-desktop.profile
@@ -24,4 +24,4 @@ private-bin bash,electron,electron[0-9],electron[0-9][0-9],jitsi-meet-desktop,sh
 private-etc @tls-ca,@x11,bumblebee,glvnd,host.conf,mime.types,rpc,services
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/linuxqq.profile b/etc/profile-a-l/linuxqq.profile
index 83f3d11d3..9157d910b 100644
--- a/etc/profile-a-l/linuxqq.profile
+++ b/etc/profile-a-l/linuxqq.profile
@@ -40,4 +40,4 @@ ignore dbus-user none
 read-only ${HOME}/.mozilla/firefox/profiles.ini
 # Redirect
-include electron.profile
+include electron-common.profile
diff --git a/etc/profile-a-l/lobster.profile b/etc/profile-a-l/lobster.profile
new file mode 100644
index 000000000..01928c775
--- /dev/null
+++ b/etc/profile-a-l/lobster.profile
@@ -0,0 +1,41 @@
+# Firejail profile for lobster
+# Description: Shell script to watch Movies/Webseries/Shows from the terminal
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include lobster.local
+# Persistent global definitions
+# added by included profile
+#include globals.local
+noblacklist ${HOME}/.config/lobster
+noblacklist ${HOME}/.local/share/lobster
+# Allow /bin/sh (blacklisted by disable-shell.inc)
+include allow-bin-sh.inc
+include disable-proc.inc
+include disable-xdg.inc
+mkdir ${HOME}/.config/lobster
+mkdir ${HOME}/.local/share/lobster
+whitelist ${HOME}/.config/lobster
+whitelist ${HOME}/.local/share/lobster
+include whitelist-run-common.inc
+include whitelist-runuser-common.inc
+#machine-id
+nodvd
+noprinters
+notv
+disable-mnt
+private-bin curl,cut,fzf,grep,head,lobster,mv,patch,rm,sed,sh,tail,tput,tr,uname
+#private-cache
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg
+private-tmp
+read-only ${HOME}/.config/mpv
+# Redirect
+include mpv.profile

diff --git a/etc/profile-a-l/1password.profile b/etc/profile-a-l/1password.profile index b340ad228..690086099 100644 --- a/etc/profile-a-l/1password.profile +++ b/etc/profile-a-l/1password.profile
@@ -17,4 +17,4 @@ private-etc @tls-ca
17	ignore dbus-user none	17	ignore dbus-user none
18		18
19	# Redirect	19	# Redirect
20	include electron.profile	20	include electron-common.profile


diff --git a/etc/profile-a-l/DiscordPTB.profile b/etc/profile-a-l/DiscordPTB.profile new file mode 100644 index 000000000..4570f0103 --- /dev/null +++ b/etc/profile-a-l/DiscordPTB.profile
@@ -0,0 +1,10 @@
		1	# Firejail profile for DiscordPTB
		2	# This file is overwritten after every install/update
		3	# Persistent local customizations
		4	include DiscordPTB.local
		5	# Persistent global definitions
		6	# added by included profile
		7	#include globals.local
		8
		9	# Redirect
		10	include discord-ptb.profile


diff --git a/etc/profile-a-l/ani-cli.profile b/etc/profile-a-l/ani-cli.profile new file mode 100644 index 000000000..270dffaed --- /dev/null +++ b/etc/profile-a-l/ani-cli.profile
@@ -0,0 +1,41 @@
		1	# Firejail profile for ani-cli
		2	# Description: Shell script to watch Anime from the terminal
		3	# This file is overwritten after every install/update
		4	quiet
		5	# Persistent local customizations
		6	include ani-cli.local
		7	# Persistent global definitions
		8	# added by included profile
		9	#include globals.local
		10
		11	noblacklist ${HOME}/.cache/ani-cli
		12	noblacklist ${HOME}/.local/state/ani-cli
		13
		14	# Allow /bin/sh (blacklisted by disable-shell.inc)
		15	include allow-bin-sh.inc
		16
		17	include disable-proc.inc
		18	include disable-xdg.inc
		19
		20	mkdir ${HOME}/.cache/ani-cli
		21	mkdir ${HOME}/.local/state/ani-cli
		22	whitelist ${HOME}/.cache/ani-cli
		23	whitelist ${HOME}/.local/state/ani-cli
		24	include whitelist-run-common.inc
		25	include whitelist-runuser-common.inc
		26
		27	#machine-id
		28	nodvd
		29	noprinters
		30	notv
		31
		32	disable-mnt
		33	private-bin ani-cli,aria2c,cat,cp,curl,cut,ffmpeg,fzf,grep,head,mkdir,mv,nl,sed,sh,sort,tput,tr,uname,wc
		34	#private-cache
		35	private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg
		36	private-tmp
		37
		38	read-only ${HOME}/.config/mpv
		39
		40	# Redirect
		41	include mpv.profile


diff --git a/etc/profile-a-l/atom.profile b/etc/profile-a-l/atom.profile index ccab77db4..8e8f8515f 100644 --- a/etc/profile-a-l/atom.profile +++ b/etc/profile-a-l/atom.profile
@@ -30,4 +30,4 @@ include allow-common-devel.inc
30	nosound	30	nosound
31		31
32	# Redirect	32	# Redirect
33	include electron.profile	33	include electron-common.profile


diff --git a/etc/profile-a-l/beaker.profile b/etc/profile-a-l/beaker.profile index f3a9568bd..ff21b7ee5 100644 --- a/etc/profile-a-l/beaker.profile +++ b/etc/profile-a-l/beaker.profile
@@ -25,4 +25,4 @@ mkdir ${HOME}/.config/Beaker Browser
25	whitelist ${HOME}/.config/Beaker Browser	25	whitelist ${HOME}/.config/Beaker Browser
26		26
27	# Redirect	27	# Redirect
28	include electron.profile	28	include electron-common.profile


diff --git a/etc/profile-a-l/bitwarden.profile b/etc/profile-a-l/bitwarden.profile index ba30c3654..56bb871e7 100644 --- a/etc/profile-a-l/bitwarden.profile +++ b/etc/profile-a-l/bitwarden.profile
@@ -27,4 +27,4 @@ private-etc @tls-ca
27	private-opt Bitwarden	27	private-opt Bitwarden
28		28
29	# Redirect	29	# Redirect
30	include electron.profile	30	include electron-common.profile


diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile index 4d003ecfc..f1f2f5f68 100644 --- a/etc/profile-a-l/chromium-common.profile +++ b/etc/profile-a-l/chromium-common.profile
@@ -37,7 +37,9 @@ include whitelist-runuser-common.inc
37	include whitelist-usr-share-common.inc	37	include whitelist-usr-share-common.inc
38	include whitelist-var-common.inc	38	include whitelist-var-common.inc
39		39
40	# Add the next line to your chromium-common.local if your kernel allows unprivileged userns clone.	40	# If your kernel allows the creation of user namespaces by unprivileged users
		41	# (for example, if running `unshare -U echo enabled` prints "enabled"), you
		42	# can add the next line to your chromium-common.local.
41	#include chromium-common-hardened.inc.profile	43	#include chromium-common-hardened.inc.profile
42		44
43	apparmor	45	apparmor


diff --git a/etc/profile-a-l/code.profile b/etc/profile-a-l/code.profile index 1ff838df9..19862bc92 100644 --- a/etc/profile-a-l/code.profile +++ b/etc/profile-a-l/code.profile
@@ -39,4 +39,4 @@ nosound
39	noexec /tmp	39	noexec /tmp
40		40
41	# Redirect	41	# Redirect
42	include electron.profile	42	include electron-common.profile


diff --git a/etc/profile-a-l/discord-common.profile b/etc/profile-a-l/discord-common.profile index c53170126..83fca8772 100644 --- a/etc/profile-a-l/discord-common.profile +++ b/etc/profile-a-l/discord-common.profile
@@ -29,4 +29,4 @@ private-etc @tls-ca
29	join-or-start discord	29	join-or-start discord
30		30
31	# Redirect	31	# Redirect
32	include electron.profile	32	include electron-common.profile


diff --git a/etc/profile-a-l/discord-ptb.profile b/etc/profile-a-l/discord-ptb.profile new file mode 100644 index 000000000..c39c0d843 --- /dev/null +++ b/etc/profile-a-l/discord-ptb.profile
@@ -0,0 +1,17 @@
		1	# Firejail profile for discord-ptb
		2	# This file is overwritten after every install/update
		3	# Persistent local customizations
		4	include discord-ptb.local
		5	# Persistent global definitions
		6	include globals.local
		7
		8	noblacklist ${HOME}/.config/discordptb
		9
		10	mkdir ${HOME}/.config/discordptb
		11	whitelist ${HOME}/.config/discordptb
		12
		13	private-bin discord-ptb,DiscordPTB
		14	private-opt discord-ptb,DiscordPTB
		15
		16	# Redirect
		17	include discord-common.profile


diff --git a/etc/profile-a-l/electron-hardened.inc.profile b/etc/profile-a-l/electron-common-hardened.inc.profile index a9e1756d9..11b77d4fb 100644 --- a/etc/profile-a-l/electron-hardened.inc.profile +++ b/etc/profile-a-l/electron-common-hardened.inc.profile
@@ -1,7 +1,7 @@
1	# Firejail profile alias for chrome-common-hardened.inc	1	# Firejail profile alias for chromium-common-hardened.inc
2	# This file is overwritten after every install/update	2	# This file is overwritten after every install/update
3	# Persistent local customizations	3	# Persistent local customizations
4	include electron-hardened.inc.local	4	include electron-common-hardened.inc.local
5	# Persistent global definitions	5	# Persistent global definitions
6	# added by caller profile	6	# added by caller profile
7	#include globals.local	7	#include globals.local


diff --git a/etc/profile-a-l/electron.profile b/etc/profile-a-l/electron-common.profile index c15e43399..73b6d1067 100644 --- a/etc/profile-a-l/electron.profile +++ b/etc/profile-a-l/electron-common.profile
@@ -1,8 +1,8 @@
1	# Firejail profile for electron	1	# Firejail profile for electron-common
2	# Description: Build cross platform desktop apps with web technologies	2	# Description: Build cross platform desktop apps with web technologies
3	# This file is overwritten after every install/update	3	# This file is overwritten after every install/update
4	# Persistent local customizations	4	# Persistent local customizations
5	include electron.local	5	include electron-common.local
6		6
7	noblacklist ${HOME}/.config/Electron	7	noblacklist ${HOME}/.config/Electron
8	noblacklist ${HOME}/.config/electron-flag.conf	8	noblacklist ${HOME}/.config/electron-flag.conf
@@ -22,8 +22,10 @@ include whitelist-runuser-common.inc
22	include whitelist-usr-share-common.inc	22	include whitelist-usr-share-common.inc
23	include whitelist-var-common.inc	23	include whitelist-var-common.inc
24		24
25	# Add the next line to your electron.local if your kernel allows unprivileged userns clone.	25	# If your kernel allows the creation of user namespaces by unprivileged users
26	#include electron-hardened.inc.profile	26	# (for example, if running `unshare -U echo enabled` prints "enabled"), you
		27	# can add the next line to your electron-common.local.
		28	#include electron-common-hardened.inc.profile
27		29
28	apparmor	30	apparmor
29	caps.keep sys_admin,sys_chroot	31	caps.keep sys_admin,sys_chroot


diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile index 4872223f1..9f4fabd68 100644 --- a/etc/profile-a-l/electron-mail.profile +++ b/etc/profile-a-l/electron-mail.profile
@@ -40,4 +40,4 @@ dbus-user.talk org.gnome.keyring.SystemPrompter
40	dbus-user.talk org.mozilla.*	40	dbus-user.talk org.mozilla.*
41		41
42	# Redirect	42	# Redirect
43	include electron.profile	43	include electron-common.profile


diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile index 86442d441..0a44a62a3 100644 --- a/etc/profile-a-l/email-common.profile +++ b/etc/profile-a-l/email-common.profile
@@ -8,6 +8,7 @@ include email-common.local
8	#include globals.local	8	#include globals.local
9		9
10	noblacklist ${HOME}/.bogofilter	10	noblacklist ${HOME}/.bogofilter
		11	noblacklist ${HOME}/.bsfilter
11	noblacklist ${HOME}/.gnupg	12	noblacklist ${HOME}/.gnupg
12	noblacklist ${HOME}/.mozilla	13	noblacklist ${HOME}/.mozilla
13	noblacklist ${HOME}/.signature	14	noblacklist ${HOME}/.signature


diff --git a/etc/profile-a-l/freetube.profile b/etc/profile-a-l/freetube.profile index bdc5fa557..70626d05a 100644 --- a/etc/profile-a-l/freetube.profile +++ b/etc/profile-a-l/freetube.profile
@@ -25,4 +25,4 @@ dbus-user.own org.mpris.MediaPlayer2.chromium.*
25	dbus-user.own org.mpris.MediaPlayer2.freetube	25	dbus-user.own org.mpris.MediaPlayer2.freetube
26		26
27	# Redirect	27	# Redirect
28	include electron.profile	28	include electron-common.profile


diff --git a/etc/profile-a-l/gajim.profile b/etc/profile-a-l/gajim.profile index ed7b32f6e..c8414ad1b 100644 --- a/etc/profile-a-l/gajim.profile +++ b/etc/profile-a-l/gajim.profile
@@ -33,6 +33,7 @@ whitelist ${HOME}/.config/gajim
33	whitelist ${HOME}/.local/share/gajim	33	whitelist ${HOME}/.local/share/gajim
34	whitelist ${DOWNLOADS}	34	whitelist ${DOWNLOADS}
35	whitelist ${RUNUSER}/gnupg	35	whitelist ${RUNUSER}/gnupg
		36	whitelist /usr/share/gajim
36	whitelist /usr/share/gnupg	37	whitelist /usr/share/gnupg
37	whitelist /usr/share/gnupg2	38	whitelist /usr/share/gnupg2
38	include whitelist-common.inc	39	include whitelist-common.inc


diff --git a/etc/profile-a-l/gallery-dl.profile b/etc/profile-a-l/gallery-dl.profile index 9c8200dc4..9643820e7 100644 --- a/etc/profile-a-l/gallery-dl.profile +++ b/etc/profile-a-l/gallery-dl.profile
@@ -15,4 +15,4 @@ private-bin gallery-dl
15	private-etc gallery-dl.conf	15	private-etc gallery-dl.conf
16		16
17	# Redirect	17	# Redirect
18	include youtube-dl.profile	18	include yt-dlp.profile


diff --git a/etc/profile-a-l/github-desktop.profile b/etc/profile-a-l/github-desktop.profile index efc58ccd7..ced1aa190 100644 --- a/etc/profile-a-l/github-desktop.profile +++ b/etc/profile-a-l/github-desktop.profile
@@ -39,4 +39,4 @@ nosound
39	# memory-deny-write-execute	39	# memory-deny-write-execute
40		40
41	# Redirect	41	# Redirect
42	include electron.profile	42	include electron-common.profile


diff --git a/etc/profile-a-l/jitsi-meet-desktop.profile b/etc/profile-a-l/jitsi-meet-desktop.profile index 8c85d1043..bc2c33cfb 100644 --- a/etc/profile-a-l/jitsi-meet-desktop.profile +++ b/etc/profile-a-l/jitsi-meet-desktop.profile
@@ -24,4 +24,4 @@ private-bin bash,electron,electron[0-9],electron[0-9][0-9],jitsi-meet-desktop,sh
24	private-etc @tls-ca,@x11,bumblebee,glvnd,host.conf,mime.types,rpc,services	24	private-etc @tls-ca,@x11,bumblebee,glvnd,host.conf,mime.types,rpc,services
25		25
26	# Redirect	26	# Redirect
27	include electron.profile	27	include electron-common.profile


diff --git a/etc/profile-a-l/linuxqq.profile b/etc/profile-a-l/linuxqq.profile index 83f3d11d3..9157d910b 100644 --- a/etc/profile-a-l/linuxqq.profile +++ b/etc/profile-a-l/linuxqq.profile
@@ -40,4 +40,4 @@ ignore dbus-user none
40	read-only ${HOME}/.mozilla/firefox/profiles.ini	40	read-only ${HOME}/.mozilla/firefox/profiles.ini
41		41
42	# Redirect	42	# Redirect
43	include electron.profile	43	include electron-common.profile


diff --git a/etc/profile-a-l/lobster.profile b/etc/profile-a-l/lobster.profile new file mode 100644 index 000000000..01928c775 --- /dev/null +++ b/etc/profile-a-l/lobster.profile
@@ -0,0 +1,41 @@
		1	# Firejail profile for lobster
		2	# Description: Shell script to watch Movies/Webseries/Shows from the terminal
		3	# This file is overwritten after every install/update
		4	quiet
		5	# Persistent local customizations
		6	include lobster.local
		7	# Persistent global definitions
		8	# added by included profile
		9	#include globals.local
		10
		11	noblacklist ${HOME}/.config/lobster
		12	noblacklist ${HOME}/.local/share/lobster
		13
		14	# Allow /bin/sh (blacklisted by disable-shell.inc)
		15	include allow-bin-sh.inc
		16
		17	include disable-proc.inc
		18	include disable-xdg.inc
		19
		20	mkdir ${HOME}/.config/lobster
		21	mkdir ${HOME}/.local/share/lobster
		22	whitelist ${HOME}/.config/lobster
		23	whitelist ${HOME}/.local/share/lobster
		24	include whitelist-run-common.inc
		25	include whitelist-runuser-common.inc
		26
		27	#machine-id
		28	nodvd
		29	noprinters
		30	notv
		31
		32	disable-mnt
		33	private-bin curl,cut,fzf,grep,head,lobster,mv,patch,rm,sed,sh,tail,tput,tr,uname
		34	#private-cache
		35	private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg
		36	private-tmp
		37
		38	read-only ${HOME}/.config/mpv
		39
		40	# Redirect
		41	include mpv.profile