1 files changed, 152 insertions, 0 deletions
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile
new file mode 100644
index 000000000..26865b90a
--- /dev/null
+++ b/etc/profile-m-z/neomutt.profile
@@ -0,0 +1,152 @@
+# Firejail profile for neomutt
+# Description: Mutt fork with advanced features and better documentation
+# This file is overwritten after every install/update
+quiet
+# Persistent local customizations
+include neomutt.local
+# Persistent global definitions
+include globals.local
+noblacklist ${DOCUMENTS}
+noblacklist ${HOME}/.Mail
+noblacklist ${HOME}/.bogofilter
+noblacklist ${HOME}/.config/mutt
+noblacklist ${HOME}/.config/nano
+noblacklist ${HOME}/.config/neomutt
+noblacklist ${HOME}/.elinks
+noblacklist ${HOME}/.emacs
+noblacklist ${HOME}/.emacs.d
+noblacklist ${HOME}/.gnupg
+noblacklist ${HOME}/.mail
+noblacklist ${HOME}/.mailcap
+noblacklist ${HOME}/.msmtprc
+noblacklist ${HOME}/.mutt
+noblacklist ${HOME}/.muttrc
+noblacklist ${HOME}/.nanorc
+noblacklist ${HOME}/.neomutt
+noblacklist ${HOME}/.neomuttrc
+noblacklist ${HOME}/.signature
+noblacklist ${HOME}/.vim
+noblacklist ${HOME}/.viminfo
+noblacklist ${HOME}/.vimrc
+noblacklist ${HOME}/.w3m
+noblacklist ${HOME}/Mail
+noblacklist ${HOME}/mail
+noblacklist ${HOME}/postponed
+noblacklist ${HOME}/sent
+noblacklist /var/mail
+noblacklist /var/spool/mail
+blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
+include allow-lua.inc
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+mkdir ${HOME}/.Mail
+mkdir ${HOME}/.bogofilter
+mkdir ${HOME}/.config/mutt
+mkdir ${HOME}/.config/nano
+mkdir ${HOME}/.config/neomutt
+mkdir ${HOME}/.elinks
+mkdir ${HOME}/.emacs.d
+mkdir ${HOME}/.gnupg
+mkdir ${HOME}/.mail
+mkdir ${HOME}/.mutt
+mkdir ${HOME}/.neomutt
+mkdir ${HOME}/.vim
+mkdir ${HOME}/.w3m
+mkdir ${HOME}/Mail
+mkdir ${HOME}/mail
+mkdir ${HOME}/postponed
+mkdir ${HOME}/sent
+mkfile ${HOME}/.emacs
+mkfile ${HOME}/.mailcap
+mkfile ${HOME}/.msmtprc
+mkfile ${HOME}/.muttrc
+mkfile ${HOME}/.nanorc
+mkfile ${HOME}/.neomuttrc
+mkfile ${HOME}/.signature
+mkfile ${HOME}/.viminfo
+mkfile ${HOME}/.vimrc
+whitelist ${DOCUMENTS}
+whitelist ${DOWNLOADS}
+whitelist ${HOME}/.Mail
+whitelist ${HOME}/.bogofilter
+whitelist ${HOME}/.config/mutt
+whitelist ${HOME}/.config/nano
+whitelist ${HOME}/.config/neomutt
+whitelist ${HOME}/.elinks
+whitelist ${HOME}/.emacs
+whitelist ${HOME}/.emacs.d
+whitelist ${HOME}/.gnupg
+whitelist ${HOME}/.mail
+whitelist ${HOME}/.mailcap
+whitelist ${HOME}/.msmtprc
+whitelist ${HOME}/.mutt
+whitelist ${HOME}/.muttrc
+whitelist ${HOME}/.nanorc
+whitelist ${HOME}/.neomutt
+whitelist ${HOME}/.neomuttrc
+whitelist ${HOME}/.signature
+whitelist ${HOME}/.vim
+whitelist ${HOME}/.viminfo
+whitelist ${HOME}/.vimrc
+whitelist ${HOME}/.w3m
+whitelist ${HOME}/Mail
+whitelist ${HOME}/mail
+whitelist ${HOME}/postponed
+whitelist ${HOME}/sent
+whitelist /usr/share/gnupg
+whitelist /usr/share/gnupg2
+whitelist /usr/share/neomutt
+whitelist /var/mail
+whitelist /var/spool/mail
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+ipc-namespace
+machine-id
+netfilter
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+seccomp.block-secondary
+shell none
+tracelog
+# disable-mnt
+private-cache
+private-dev
+private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gnupg,hostname,hosts,hosts.conf,mail,mailname,Mutt,Muttrc,Muttrc.d,neomuttrc,neomuttrc.d,nntpserver,nsswitch.conf,passwd,pki,resolv.conf,ssl,xdg
+private-tmp
+writable-run-user
+writable-var
+dbus-user none
+dbus-system none
+memory-deny-write-execute
+read-only ${HOME}/.elinks
+read-only ${HOME}/.nanorc
+read-only ${HOME}/.signature
+read-only ${HOME}/.w3m

diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile new file mode 100644 index 000000000..26865b90a --- /dev/null +++ b/etc/profile-m-z/neomutt.profile
@@ -0,0 +1,152 @@
	1	# Firejail profile for neomutt
	2	# Description: Mutt fork with advanced features and better documentation
	3	# This file is overwritten after every install/update
	4	quiet
	5	# Persistent local customizations
	6	include neomutt.local
	7	# Persistent global definitions
	8	include globals.local
	9
	10	noblacklist ${DOCUMENTS}
	11	noblacklist ${HOME}/.Mail
	12	noblacklist ${HOME}/.bogofilter
	13	noblacklist ${HOME}/.config/mutt
	14	noblacklist ${HOME}/.config/nano
	15	noblacklist ${HOME}/.config/neomutt
	16	noblacklist ${HOME}/.elinks
	17	noblacklist ${HOME}/.emacs
	18	noblacklist ${HOME}/.emacs.d
	19	noblacklist ${HOME}/.gnupg
	20	noblacklist ${HOME}/.mail
	21	noblacklist ${HOME}/.mailcap
	22	noblacklist ${HOME}/.msmtprc
	23	noblacklist ${HOME}/.mutt
	24	noblacklist ${HOME}/.muttrc
	25	noblacklist ${HOME}/.nanorc
	26	noblacklist ${HOME}/.neomutt
	27	noblacklist ${HOME}/.neomuttrc
	28	noblacklist ${HOME}/.signature
	29	noblacklist ${HOME}/.vim
	30	noblacklist ${HOME}/.viminfo
	31	noblacklist ${HOME}/.vimrc
	32	noblacklist ${HOME}/.w3m
	33	noblacklist ${HOME}/Mail
	34	noblacklist ${HOME}/mail
	35	noblacklist ${HOME}/postponed
	36	noblacklist ${HOME}/sent
	37	noblacklist /var/mail
	38	noblacklist /var/spool/mail
	39
	40	blacklist /tmp/.X11-unix
	41	blacklist ${RUNUSER}/wayland-*
	42
	43	include allow-lua.inc
	44
	45	include disable-common.inc
	46	include disable-devel.inc
	47	include disable-exec.inc
	48	include disable-interpreters.inc
	49	include disable-passwdmgr.inc
	50	include disable-programs.inc
	51	include disable-xdg.inc
	52
	53	mkdir ${HOME}/.Mail
	54	mkdir ${HOME}/.bogofilter
	55	mkdir ${HOME}/.config/mutt
	56	mkdir ${HOME}/.config/nano
	57	mkdir ${HOME}/.config/neomutt
	58	mkdir ${HOME}/.elinks
	59	mkdir ${HOME}/.emacs.d
	60	mkdir ${HOME}/.gnupg
	61	mkdir ${HOME}/.mail
	62	mkdir ${HOME}/.mutt
	63	mkdir ${HOME}/.neomutt
	64	mkdir ${HOME}/.vim
	65	mkdir ${HOME}/.w3m
	66	mkdir ${HOME}/Mail
	67	mkdir ${HOME}/mail
	68	mkdir ${HOME}/postponed
	69	mkdir ${HOME}/sent
	70	mkfile ${HOME}/.emacs
	71	mkfile ${HOME}/.mailcap
	72	mkfile ${HOME}/.msmtprc
	73	mkfile ${HOME}/.muttrc
	74	mkfile ${HOME}/.nanorc
	75	mkfile ${HOME}/.neomuttrc
	76	mkfile ${HOME}/.signature
	77	mkfile ${HOME}/.viminfo
	78	mkfile ${HOME}/.vimrc
	79	whitelist ${DOCUMENTS}
	80	whitelist ${DOWNLOADS}
	81	whitelist ${HOME}/.Mail
	82	whitelist ${HOME}/.bogofilter
	83	whitelist ${HOME}/.config/mutt
	84	whitelist ${HOME}/.config/nano
	85	whitelist ${HOME}/.config/neomutt
	86	whitelist ${HOME}/.elinks
	87	whitelist ${HOME}/.emacs
	88	whitelist ${HOME}/.emacs.d
	89	whitelist ${HOME}/.gnupg
	90	whitelist ${HOME}/.mail
	91	whitelist ${HOME}/.mailcap
	92	whitelist ${HOME}/.msmtprc
	93	whitelist ${HOME}/.mutt
	94	whitelist ${HOME}/.muttrc
	95	whitelist ${HOME}/.nanorc
	96	whitelist ${HOME}/.neomutt
	97	whitelist ${HOME}/.neomuttrc
	98	whitelist ${HOME}/.signature
	99	whitelist ${HOME}/.vim
	100	whitelist ${HOME}/.viminfo
	101	whitelist ${HOME}/.vimrc
	102	whitelist ${HOME}/.w3m
	103	whitelist ${HOME}/Mail
	104	whitelist ${HOME}/mail
	105	whitelist ${HOME}/postponed
	106	whitelist ${HOME}/sent
	107	whitelist /usr/share/gnupg
	108	whitelist /usr/share/gnupg2
	109	whitelist /usr/share/neomutt
	110	whitelist /var/mail
	111	whitelist /var/spool/mail
	112	include whitelist-common.inc
	113	include whitelist-runuser-common.inc
	114	include whitelist-usr-share-common.inc
	115	include whitelist-var-common.inc
	116
	117	apparmor
	118	caps.drop all
	119	ipc-namespace
	120	machine-id
	121	netfilter
	122	no3d
	123	nodvd
	124	nogroups
	125	nonewprivs
	126	noroot
	127	nosound
	128	notv
	129	nou2f
	130	novideo
	131	protocol unix,inet,inet6
	132	seccomp
	133	seccomp.block-secondary
	134	shell none
	135	tracelog
	136
	137	# disable-mnt
	138	private-cache
	139	private-dev
	140	private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gnupg,hostname,hosts,hosts.conf,mail,mailname,Mutt,Muttrc,Muttrc.d,neomuttrc,neomuttrc.d,nntpserver,nsswitch.conf,passwd,pki,resolv.conf,ssl,xdg
	141	private-tmp
	142	writable-run-user
	143	writable-var
	144
	145	dbus-user none
	146	dbus-system none
	147
	148	memory-deny-write-execute
	149	read-only ${HOME}/.elinks
	150	read-only ${HOME}/.nanorc
	151	read-only ${HOME}/.signature
	152	read-only ${HOME}/.w3m