diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/profile-m-z/nextcloud-desktop.profile | 10 | ||||
-rw-r--r-- | etc/profile-m-z/nextcloud.profile | 71 |
3 files changed, 84 insertions, 0 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 05f82170d..729a25233 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -5,6 +5,7 @@ include disable-programs.local | |||
5 | blacklist ${HOME}/Arduino | 5 | blacklist ${HOME}/Arduino |
6 | blacklist ${HOME}/i2p | 6 | blacklist ${HOME}/i2p |
7 | blacklist ${HOME}/Monero/wallets | 7 | blacklist ${HOME}/Monero/wallets |
8 | blacklist ${HOME}/Nextcloud | ||
8 | blacklist ${HOME}/Nextcloud/Notes | 9 | blacklist ${HOME}/Nextcloud/Notes |
9 | blacklist ${HOME}/SoftMaker | 10 | blacklist ${HOME}/SoftMaker |
10 | blacklist ${HOME}/Standard Notes Backups | 11 | blacklist ${HOME}/Standard Notes Backups |
@@ -117,6 +118,7 @@ blacklist ${HOME}/.config/MusE | |||
117 | blacklist ${HOME}/.config/MuseScore | 118 | blacklist ${HOME}/.config/MuseScore |
118 | blacklist ${HOME}/.config/MusicBrainz | 119 | blacklist ${HOME}/.config/MusicBrainz |
119 | blacklist ${HOME}/.config/Nathan Osman | 120 | blacklist ${HOME}/.config/Nathan Osman |
121 | blacklist ${HOME}/.config/Nextcloud | ||
120 | blacklist ${HOME}/.config/Nylas Mail | 122 | blacklist ${HOME}/.config/Nylas Mail |
121 | blacklist ${HOME}/.config/PacmanLogViewer | 123 | blacklist ${HOME}/.config/PacmanLogViewer |
122 | blacklist ${HOME}/.config/PBE | 124 | blacklist ${HOME}/.config/PBE |
@@ -582,6 +584,7 @@ blacklist ${HOME}/.local/share/JetBrains | |||
582 | blacklist ${HOME}/.local/share/Kingsoft | 584 | blacklist ${HOME}/.local/share/Kingsoft |
583 | blacklist ${HOME}/.local/share/Mendeley Ltd. | 585 | blacklist ${HOME}/.local/share/Mendeley Ltd. |
584 | blacklist ${HOME}/.local/share/Mumble | 586 | blacklist ${HOME}/.local/share/Mumble |
587 | blacklist ${HOME}/.local/share/Nextcloud | ||
585 | blacklist ${HOME}/.local/share/PBE | 588 | blacklist ${HOME}/.local/share/PBE |
586 | blacklist ${HOME}/.local/share/Psi | 589 | blacklist ${HOME}/.local/share/Psi |
587 | blacklist ${HOME}/.local/share/QGIS | 590 | blacklist ${HOME}/.local/share/QGIS |
diff --git a/etc/profile-m-z/nextcloud-desktop.profile b/etc/profile-m-z/nextcloud-desktop.profile new file mode 100644 index 000000000..e74f9c03f --- /dev/null +++ b/etc/profile-m-z/nextcloud-desktop.profile | |||
@@ -0,0 +1,10 @@ | |||
1 | # Firejail profile alias for nextcloud | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include nextcloud-desktop.local | ||
5 | # Persistent global definitions | ||
6 | # added by included profile | ||
7 | #include globals.local | ||
8 | |||
9 | # Redirect | ||
10 | include nextcloud.profile | ||
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile new file mode 100644 index 000000000..24768aee8 --- /dev/null +++ b/etc/profile-m-z/nextcloud.profile | |||
@@ -0,0 +1,71 @@ | |||
1 | # Firejail profile for nextcloud | ||
2 | # Description: Nextcloud desktop synchronization client | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include nextcloud.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/Nextcloud | ||
10 | noblacklist ${HOME}/.config/Nextcloud | ||
11 | noblacklist ${HOME}/.local/share/Nextcloud | ||
12 | # Uncomment or put in your nextcloud.local to allow sync with more directories. | ||
13 | #noblacklist ${DOCUMENTS} | ||
14 | #noblacklist ${MUSIC} | ||
15 | #noblacklist ${PICTURES} | ||
16 | #noblacklist ${VIDEOS} | ||
17 | |||
18 | include disable-common.inc | ||
19 | include disable-devel.inc | ||
20 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | ||
22 | include disable-passwdmgr.inc | ||
23 | include disable-programs.inc | ||
24 | include disable-shell.inc | ||
25 | include disable-xdg.inc | ||
26 | |||
27 | mkdir ${HOME}/Nextcloud | ||
28 | mkdir ${HOME}/.config/Nextcloud | ||
29 | mkdir ${HOME}/.local/share/Nextcloud | ||
30 | whitelist ${HOME}/Nextcloud | ||
31 | whitelist ${HOME}/.config/Nextcloud | ||
32 | whitelist ${HOME}/.local/share/Nextcloud | ||
33 | # Uncomment or put in your nextcloud.local to allow sync with more directories. | ||
34 | #whitelist ${DOCUMENTS} | ||
35 | #whitelist ${MUSIC} | ||
36 | #whitelist ${PICTURES} | ||
37 | #whitelist ${VIDEOS} | ||
38 | include whitelist-common.inc | ||
39 | include whitelist-runuser-common.inc | ||
40 | include whitelist-usr-share-common.inc | ||
41 | include whitelist-var-common.inc | ||
42 | |||
43 | apparmor | ||
44 | caps.drop all | ||
45 | machine-id | ||
46 | netfilter | ||
47 | no3d | ||
48 | nodvd | ||
49 | nogroups | ||
50 | nonewprivs | ||
51 | noroot | ||
52 | nosound | ||
53 | notv | ||
54 | nou2f | ||
55 | novideo | ||
56 | protocol unix,inet,inet6 | ||
57 | seccomp | ||
58 | seccomp.block-secondary | ||
59 | shell none | ||
60 | tracelog | ||
61 | |||
62 | disable-mnt | ||
63 | private-bin nextcloud,nextcloud-desktop | ||
64 | private-cache | ||
65 | private-etc alternatives,ca-certificates,crypto-policies,drirc,fonts,gcrypt,host.conf,hosts,ld.so.cache,machine-id,Nextcloud,nsswitch.conf,os-release,passwd,pki,pulse,resolv.conf,selinux,ssl,xdg | ||
66 | private-dev | ||
67 | private-tmp | ||
68 | |||
69 | dbus-user filter | ||
70 | dbus-user.talk org.freedesktop.secrets | ||
71 | dbus-system none | ||