diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/profile-m-z/tutanota-desktop.profile | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/etc/profile-m-z/tutanota-desktop.profile b/etc/profile-m-z/tutanota-desktop.profile index 56eacf338..b6073878a 100644 --- a/etc/profile-m-z/tutanota-desktop.profile +++ b/etc/profile-m-z/tutanota-desktop.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for tutanota-desktop | 1 | # Firejail profile for tutanota-desktop |
2 | # Description: Encrypted email client | 2 | # Description: Official desktop client for the Tutanota E2E encrypted email provider |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include tutanota-desktop.local | 5 | include tutanota-desktop.local |
@@ -9,8 +9,13 @@ include globals.local | |||
9 | noblacklist ${HOME}/.config/tuta_integration | 9 | noblacklist ${HOME}/.config/tuta_integration |
10 | noblacklist ${HOME}/.config/tutanota-desktop | 10 | noblacklist ${HOME}/.config/tutanota-desktop |
11 | 11 | ||
12 | ignore dbus-user none | ||
13 | ignore disable-mnt | ||
12 | ignore noexec /tmp | 14 | ignore noexec /tmp |
13 | 15 | ||
16 | # sh is needed to allow Firefox to open links | ||
17 | include allow-bin-sh.inc | ||
18 | |||
14 | include disable-shell.inc | 19 | include disable-shell.inc |
15 | 20 | ||
16 | mkdir ${HOME}/.config/tuta_integration | 21 | mkdir ${HOME}/.config/tuta_integration |
@@ -18,14 +23,26 @@ mkdir ${HOME}/.config/tutanota-desktop | |||
18 | whitelist ${HOME}/.config/tuta_integration | 23 | whitelist ${HOME}/.config/tuta_integration |
19 | whitelist ${HOME}/.config/tutanota-desktop | 24 | whitelist ${HOME}/.config/tutanota-desktop |
20 | 25 | ||
21 | # These lines are needed to allow Firefox to open links | 26 | # The lines below are needed to find the default Firefox profile name, to allow |
27 | # opening links in an existing instance of Firefox (note that it still fails if | ||
28 | # there isn't a Firefox instance running with the default profile; see #5352) | ||
22 | noblacklist ${HOME}/.mozilla | 29 | noblacklist ${HOME}/.mozilla |
23 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | 30 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
24 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 31 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
25 | 32 | ||
33 | machine-id | ||
34 | nosound | ||
35 | |||
26 | ?HAS_APPIMAGE: ignore private-dev | 36 | ?HAS_APPIMAGE: ignore private-dev |
27 | private-etc @tls-ca | 37 | private-etc @tls-ca |
28 | private-opt tutanota-desktop | 38 | private-opt tutanota-desktop |
29 | 39 | ||
40 | dbus-user filter | ||
41 | dbus-user.talk org.freedesktop.Notifications | ||
42 | dbus-user.talk org.freedesktop.secrets | ||
43 | dbus-user.talk org.gnome.keyring.SystemPrompter | ||
44 | # allow D-Bus communication with firefox for opening links | ||
45 | dbus-user.talk org.mozilla.* | ||
46 | |||
30 | # Redirect | 47 | # Redirect |
31 | include electron.profile | 48 | include electron.profile |