1 files changed, 66 insertions, 0 deletions
diff --git a/etc/profile-m-z/rednotebook.profile b/etc/profile-m-z/rednotebook.profile
new file mode 100644
index 000000000..d1dd365ab
--- /dev/null
+++ b/etc/profile-m-z/rednotebook.profile
@@ -0,0 +1,66 @@
+# Firejail profile for rednotebook
+# Description: Daily journal with calendar, templates and keyword searching
+# This file is overwritten after every install/update
+# Persistent local customizations
+include rednotebook.local
+# Persistent global definitions
+include globals.local
+noblacklist ${HOME}/.cache/rednotebook
+noblacklist ${HOME}/.rednotebook
+# Allow python (blacklisted by disable-interpreters.inc)
+include allow-python3.inc
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-programs.inc
+include disable-shell.inc
+mkdir ${HOME}/.cache/rednotebook
+mkdir ${HOME}/.rednotebook
+whitelist ${HOME}/.cache/rednotebook
+whitelist ${HOME}/.rednotebook
+whitelist ${DESKTOP}
+whitelist ${DOCUMENTS}
+whitelist ${DOWNLOADS}
+whitelist ${MUSIC}
+whitelist ${PICTURES}
+whitelist ${VIDEOS}
+whitelist /usr/libexec/webkit2gtk-4.0
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+apparmor
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+noinput
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+seccomp.block-secondary
+shell none
+tracelog
+disable-mnt
+private-bin python3*,rednotebook
+private-cache
+private-dev
+private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11
+private-tmp
+dbus-user none
+dbus-system none

diff --git a/etc/profile-m-z/rednotebook.profile b/etc/profile-m-z/rednotebook.profile new file mode 100644 index 000000000..d1dd365ab --- /dev/null +++ b/etc/profile-m-z/rednotebook.profile
@@ -0,0 +1,66 @@
	1	# Firejail profile for rednotebook
	2	# Description: Daily journal with calendar, templates and keyword searching
	3	# This file is overwritten after every install/update
	4	# Persistent local customizations
	5	include rednotebook.local
	6	# Persistent global definitions
	7	include globals.local
	8
	9	noblacklist ${HOME}/.cache/rednotebook
	10	noblacklist ${HOME}/.rednotebook
	11
	12	# Allow python (blacklisted by disable-interpreters.inc)
	13	include allow-python3.inc
	14
	15	include disable-common.inc
	16	include disable-devel.inc
	17	include disable-exec.inc
	18	include disable-interpreters.inc
	19	include disable-programs.inc
	20	include disable-shell.inc
	21
	22	mkdir ${HOME}/.cache/rednotebook
	23	mkdir ${HOME}/.rednotebook
	24	whitelist ${HOME}/.cache/rednotebook
	25	whitelist ${HOME}/.rednotebook
	26	whitelist ${DESKTOP}
	27	whitelist ${DOCUMENTS}
	28	whitelist ${DOWNLOADS}
	29	whitelist ${MUSIC}
	30	whitelist ${PICTURES}
	31	whitelist ${VIDEOS}
	32	whitelist /usr/libexec/webkit2gtk-4.0
	33	include whitelist-common.inc
	34	include whitelist-runuser-common.inc
	35	include whitelist-usr-share-common.inc
	36	include whitelist-var-common.inc
	37
	38	apparmor
	39	caps.drop all
	40	machine-id
	41	net none
	42	no3d
	43	nodvd
	44	nogroups
	45	noinput
	46	nonewprivs
	47	noroot
	48	nosound
	49	notv
	50	nou2f
	51	novideo
	52	protocol unix
	53	seccomp
	54	seccomp.block-secondary
	55	shell none
	56	tracelog
	57
	58	disable-mnt
	59	private-bin python3*,rednotebook
	60	private-cache
	61	private-dev
	62	private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11
	63	private-tmp
	64
	65	dbus-user none
	66	dbus-system none