diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/Mathematica.profile | 2 | ||||
-rw-r--r-- | etc/cherrytree.profile | 4 | ||||
-rw-r--r-- | etc/chromium.profile | 5 | ||||
-rw-r--r-- | etc/epiphany.profile | 7 | ||||
-rw-r--r-- | etc/google-chrome-beta.profile | 5 | ||||
-rw-r--r-- | etc/google-chrome-unstable.profile | 5 | ||||
-rw-r--r-- | etc/google-chrome.profile | 5 | ||||
-rw-r--r-- | etc/mupen64plus.profile | 5 | ||||
-rw-r--r-- | etc/opera-beta.profile | 5 | ||||
-rw-r--r-- | etc/opera.profile | 5 | ||||
-rw-r--r-- | etc/polari.profile | 12 | ||||
-rw-r--r-- | etc/seamonkey-bin.profile | 6 | ||||
-rw-r--r-- | etc/spotify.profile | 7 | ||||
-rw-r--r-- | etc/telegram.profile | 1 | ||||
-rw-r--r-- | etc/uget-gtk.profile | 2 |
15 files changed, 76 insertions, 0 deletions
diff --git a/etc/Mathematica.profile b/etc/Mathematica.profile index d1f4b1de1..73fb0c9e0 100644 --- a/etc/Mathematica.profile +++ b/etc/Mathematica.profile | |||
@@ -1,5 +1,7 @@ | |||
1 | # Mathematica profile | 1 | # Mathematica profile |
2 | mkdir ~/.Mathematica | ||
2 | whitelist ~/.Mathematica | 3 | whitelist ~/.Mathematica |
4 | mkdir ~/.Wolfram Research | ||
3 | whitelist ~/.Wolfram Research | 5 | whitelist ~/.Wolfram Research |
4 | whitelist ~/Documents/Wolfram Mathematica | 6 | whitelist ~/Documents/Wolfram Mathematica |
5 | include /etc/firejail/whitelist-common.inc | 7 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index fb8437a2d..7502e9d15 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile | |||
@@ -1,5 +1,9 @@ | |||
1 | whitelist ${HOME}/cherrytree | 1 | whitelist ${HOME}/cherrytree |
2 | mkdir ~/.config | ||
3 | mkdir ~/.config/cherrytree | ||
2 | whitelist ${HOME}/.config/cherrytree/ | 4 | whitelist ${HOME}/.config/cherrytree/ |
5 | mkdir ~/.local | ||
6 | mkdir ~/.local/share | ||
3 | whitelist ${HOME}/.local/share/ | 7 | whitelist ${HOME}/.local/share/ |
4 | include /etc/firejail/disable-mgmt.inc | 8 | include /etc/firejail/disable-mgmt.inc |
5 | include /etc/firejail/disable-secret.inc | 9 | include /etc/firejail/disable-secret.inc |
diff --git a/etc/chromium.profile b/etc/chromium.profile index af2c740a8..78cee3920 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile | |||
@@ -11,7 +11,12 @@ include /etc/firejail/disable-terminals.inc | |||
11 | 11 | ||
12 | netfilter | 12 | netfilter |
13 | whitelist ${DOWNLOADS} | 13 | whitelist ${DOWNLOADS} |
14 | mkdir ~/.config | ||
15 | mkdir ~/.config/chromium | ||
14 | whitelist ~/.config/chromium | 16 | whitelist ~/.config/chromium |
17 | mkdir ~/.cache | ||
18 | mkdir ~/.cache/chromium | ||
15 | whitelist ~/.cache/chromium | 19 | whitelist ~/.cache/chromium |
20 | mkdir ~/.pki | ||
16 | whitelist ~/.pki | 21 | whitelist ~/.pki |
17 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/epiphany.profile b/etc/epiphany.profile index e86a35258..c7031da71 100644 --- a/etc/epiphany.profile +++ b/etc/epiphany.profile | |||
@@ -5,8 +5,15 @@ include /etc/firejail/disable-common.inc | |||
5 | include /etc/firejail/disable-devel.inc | 5 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 6 | include /etc/firejail/disable-terminals.inc |
7 | whitelist ${DOWNLOADS} | 7 | whitelist ${DOWNLOADS} |
8 | mkdir ${HOME}/.local | ||
9 | mkdir ${HOME}/.local/share | ||
10 | mkdir ${HOME}/.local/share/epiphany | ||
8 | whitelist ${HOME}/.local/share/epiphany | 11 | whitelist ${HOME}/.local/share/epiphany |
12 | mkdir ${HOME}/.config | ||
13 | mkdir ${HOME}/.config/epiphany | ||
9 | whitelist ${HOME}/.config/epiphany | 14 | whitelist ${HOME}/.config/epiphany |
15 | mkdir ${HOME}/.cache | ||
16 | mkdir ${HOME}/.cache/epiphany | ||
10 | whitelist ${HOME}/.cache/epiphany | 17 | whitelist ${HOME}/.cache/epiphany |
11 | include /etc/firejail/whitelist-common.inc | 18 | include /etc/firejail/whitelist-common.inc |
12 | caps.drop all | 19 | caps.drop all |
diff --git a/etc/google-chrome-beta.profile b/etc/google-chrome-beta.profile index f6b96575e..d57728139 100644 --- a/etc/google-chrome-beta.profile +++ b/etc/google-chrome-beta.profile | |||
@@ -11,8 +11,13 @@ include /etc/firejail/disable-terminals.inc | |||
11 | 11 | ||
12 | netfilter | 12 | netfilter |
13 | whitelist ${DOWNLOADS} | 13 | whitelist ${DOWNLOADS} |
14 | mkdir ~/.config | ||
15 | mkdir ~/.config/google-chrome-beta | ||
14 | whitelist ~/.config/google-chrome-beta | 16 | whitelist ~/.config/google-chrome-beta |
17 | mkdir ~/.cache | ||
18 | mkdir ~/.cache/google-chrome-beta | ||
15 | whitelist ~/.cache/google-chrome-beta | 19 | whitelist ~/.cache/google-chrome-beta |
20 | mkdir ~/.pki | ||
16 | whitelist ~/.pki | 21 | whitelist ~/.pki |
17 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
18 | 23 | ||
diff --git a/etc/google-chrome-unstable.profile b/etc/google-chrome-unstable.profile index 3054a63db..36a1fb456 100644 --- a/etc/google-chrome-unstable.profile +++ b/etc/google-chrome-unstable.profile | |||
@@ -11,8 +11,13 @@ include /etc/firejail/disable-terminals.inc | |||
11 | 11 | ||
12 | netfilter | 12 | netfilter |
13 | whitelist ${DOWNLOADS} | 13 | whitelist ${DOWNLOADS} |
14 | mkdir ~/.config | ||
15 | mkdir ~/.config/google-chrome-unstable | ||
14 | whitelist ~/.config/google-chrome-unstable | 16 | whitelist ~/.config/google-chrome-unstable |
17 | mkdir ~/.cache | ||
18 | mkdir ~/.cache/google-chrome-unstable | ||
15 | whitelist ~/.cache/google-chrome-unstable | 19 | whitelist ~/.cache/google-chrome-unstable |
20 | mkdir ~/.pki | ||
16 | whitelist ~/.pki | 21 | whitelist ~/.pki |
17 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
18 | 23 | ||
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile index 3d5a6ebbd..3b73738a6 100644 --- a/etc/google-chrome.profile +++ b/etc/google-chrome.profile | |||
@@ -11,7 +11,12 @@ include /etc/firejail/disable-terminals.inc | |||
11 | 11 | ||
12 | netfilter | 12 | netfilter |
13 | whitelist ${DOWNLOADS} | 13 | whitelist ${DOWNLOADS} |
14 | mkdir ~/.config | ||
15 | mkdir ~/.config/google-chrome | ||
14 | whitelist ~/.config/google-chrome | 16 | whitelist ~/.config/google-chrome |
17 | mkdir ~/.cache | ||
18 | mkdir ~/.cache/google-chrome | ||
15 | whitelist ~/.cache/google-chrome | 19 | whitelist ~/.cache/google-chrome |
20 | mkdir ~/.pki | ||
16 | whitelist ~/.pki | 21 | whitelist ~/.pki |
17 | include /etc/firejail/whitelist-common.inc | 22 | include /etc/firejail/whitelist-common.inc |
diff --git a/etc/mupen64plus.profile b/etc/mupen64plus.profile index 830531c04..239ab3a80 100644 --- a/etc/mupen64plus.profile +++ b/etc/mupen64plus.profile | |||
@@ -5,7 +5,12 @@ include /etc/firejail/disable-secret.inc | |||
5 | include /etc/firejail/disable-common.inc | 5 | include /etc/firejail/disable-common.inc |
6 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
8 | mkdir ${HOME}/.local | ||
9 | mkdir ${HOME}/.local/share | ||
10 | mkdir ${HOME}/.local/share/mupen64plus | ||
8 | whitelist ${HOME}/.local/share/mupen64plus/ | 11 | whitelist ${HOME}/.local/share/mupen64plus/ |
12 | mkdir ${HOME}/.config | ||
13 | mkdir ${HOME}/.config/mupen64plus | ||
9 | whitelist ${HOME}/.config/mupen64plus/ | 14 | whitelist ${HOME}/.config/mupen64plus/ |
10 | noroot | 15 | noroot |
11 | caps.drop all | 16 | caps.drop all |
diff --git a/etc/opera-beta.profile b/etc/opera-beta.profile index 783e8b0ef..a65c7cef1 100644 --- a/etc/opera-beta.profile +++ b/etc/opera-beta.profile | |||
@@ -6,9 +6,14 @@ include /etc/firejail/disable-common.inc | |||
6 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
8 | netfilter | 8 | netfilter |
9 | mkdir ~/.config | ||
10 | mkdir ~/.config/opera-beta | ||
9 | whitelist ~/.config/opera-beta | 11 | whitelist ~/.config/opera-beta |
10 | whitelist ${DOWNLOADS} | 12 | whitelist ${DOWNLOADS} |
13 | mkdir ~/.cache | ||
14 | mkdir ~/.cache/opera-beta | ||
11 | whitelist ~/.cache/opera-beta | 15 | whitelist ~/.cache/opera-beta |
16 | mkdir ~/.pki | ||
12 | whitelist ~/.pki | 17 | whitelist ~/.pki |
13 | include /etc/firejail/whitelist-common.inc | 18 | include /etc/firejail/whitelist-common.inc |
14 | 19 | ||
diff --git a/etc/opera.profile b/etc/opera.profile index dd710a8fe..032b3ece7 100644 --- a/etc/opera.profile +++ b/etc/opera.profile | |||
@@ -6,9 +6,14 @@ include /etc/firejail/disable-common.inc | |||
6 | include /etc/firejail/disable-devel.inc | 6 | include /etc/firejail/disable-devel.inc |
7 | include /etc/firejail/disable-terminals.inc | 7 | include /etc/firejail/disable-terminals.inc |
8 | netfilter | 8 | netfilter |
9 | mkdir ~/.config | ||
10 | mkdir ~/.config/opera | ||
9 | whitelist ~/.config/opera | 11 | whitelist ~/.config/opera |
10 | whitelist ${DOWNLOADS} | 12 | whitelist ${DOWNLOADS} |
13 | mkdir ~/.cache | ||
14 | mkdir ~/.cache/opera | ||
11 | whitelist ~/.cache/opera | 15 | whitelist ~/.cache/opera |
16 | mkdir ~/.pki | ||
12 | whitelist ~/.pki | 17 | whitelist ~/.pki |
13 | include /etc/firejail/whitelist-common.inc | 18 | include /etc/firejail/whitelist-common.inc |
14 | 19 | ||
diff --git a/etc/polari.profile b/etc/polari.profile index be28ad628..c0266fed8 100644 --- a/etc/polari.profile +++ b/etc/polari.profile | |||
@@ -4,12 +4,24 @@ include /etc/firejail/disable-secret.inc | |||
4 | include /etc/firejail/disable-common.inc | 4 | include /etc/firejail/disable-common.inc |
5 | include /etc/firejail/disable-devel.inc | 5 | include /etc/firejail/disable-devel.inc |
6 | include /etc/firejail/disable-terminals.inc | 6 | include /etc/firejail/disable-terminals.inc |
7 | mkdir ${HOME}/.local | ||
8 | mkdir ${HOME}/.local/share/ | ||
9 | mkdir ${HOME}/.local/share/Empathy | ||
7 | whitelist ${HOME}/.local/share/Empathy | 10 | whitelist ${HOME}/.local/share/Empathy |
11 | mkdir ${HOME}/.local/share/telepathy | ||
8 | whitelist ${HOME}/.local/share/telepathy | 12 | whitelist ${HOME}/.local/share/telepathy |
13 | mkdir ${HOME}/.local/share/TpLogger | ||
9 | whitelist ${HOME}/.local/share/TpLogger | 14 | whitelist ${HOME}/.local/share/TpLogger |
15 | mkdir ${HOME}/.config | ||
16 | mkdir ${HOME}/.config/dconf | ||
10 | whitelist ${HOME}/.config/dconf | 17 | whitelist ${HOME}/.config/dconf |
18 | mkdir ${HOME}/.config | ||
19 | mkdir ${HOME}/.config/telepathy-account-widgets | ||
11 | whitelist ${HOME}/.config/telepathy-account-widgets | 20 | whitelist ${HOME}/.config/telepathy-account-widgets |
21 | mkdir ${HOME}/.cache | ||
22 | mkdir ${HOME}/.cache/telepathy | ||
12 | whitelist ${HOME}/.cache/telepathy | 23 | whitelist ${HOME}/.cache/telepathy |
24 | mkdir ${HOME}/.purple | ||
13 | whitelist ${HOME}/.purple | 25 | whitelist ${HOME}/.purple |
14 | include /etc/firejail/whitelist-common.inc | 26 | include /etc/firejail/whitelist-common.inc |
15 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/seamonkey-bin.profile b/etc/seamonkey-bin.profile index d585c719b..74b9b591b 100644 --- a/etc/seamonkey-bin.profile +++ b/etc/seamonkey-bin.profile | |||
@@ -12,7 +12,12 @@ netfilter | |||
12 | tracelog | 12 | tracelog |
13 | noroot | 13 | noroot |
14 | whitelist ${DOWNLOADS} | 14 | whitelist ${DOWNLOADS} |
15 | mkdir ~/.mozilla | ||
16 | mkdir ~/.mozilla/seamonkey | ||
15 | whitelist ~/.mozilla/seamonkey | 17 | whitelist ~/.mozilla/seamonkey |
18 | mkdir ~/.cache | ||
19 | mkdir ~/.cache/mozilla | ||
20 | mkdir ~/.cache/mozilla/seamonkey | ||
16 | whitelist ~/.cache/mozilla/seamonkey | 21 | whitelist ~/.cache/mozilla/seamonkey |
17 | whitelist ~/dwhelper | 22 | whitelist ~/dwhelper |
18 | whitelist ~/.zotero | 23 | whitelist ~/.zotero |
@@ -24,6 +29,7 @@ whitelist ~/.pentadactyl | |||
24 | whitelist ~/.keysnail.js | 29 | whitelist ~/.keysnail.js |
25 | whitelist ~/.config/gnome-mplayer | 30 | whitelist ~/.config/gnome-mplayer |
26 | whitelist ~/.cache/gnome-mplayer/plugin | 31 | whitelist ~/.cache/gnome-mplayer/plugin |
32 | mkdir ~/.pki | ||
27 | whitelist ~/.pki | 33 | whitelist ~/.pki |
28 | include /etc/firejail/whitelist-common.inc | 34 | include /etc/firejail/whitelist-common.inc |
29 | 35 | ||
diff --git a/etc/spotify.profile b/etc/spotify.profile index ea180e0ba..f5ec36431 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile | |||
@@ -7,8 +7,15 @@ include /etc/firejail/disable-devel.inc | |||
7 | # Whitelist the folders needed by Spotify - This is more restrictive | 7 | # Whitelist the folders needed by Spotify - This is more restrictive |
8 | # than a blacklist though, but this is all spotify requires for | 8 | # than a blacklist though, but this is all spotify requires for |
9 | # streaming audio | 9 | # streaming audio |
10 | mkdir ${HOME}/.config | ||
11 | mkdir ${HOME}/.config/spotify | ||
10 | whitelist ${HOME}/.config/spotify | 12 | whitelist ${HOME}/.config/spotify |
13 | mkdir ${HOME}/.local | ||
14 | mkdir ${HOME}/.local/share | ||
15 | mkdir ${HOME}/.local/share/spotify | ||
11 | whitelist ${HOME}/.local/share/spotify | 16 | whitelist ${HOME}/.local/share/spotify |
17 | mkdir ${HOME}/.cache | ||
18 | mkdir ${HOME}/.cache/spotify | ||
12 | whitelist ${HOME}/.cache/spotify | 19 | whitelist ${HOME}/.cache/spotify |
13 | include /etc/firejail/whitelist-common.inc | 20 | include /etc/firejail/whitelist-common.inc |
14 | 21 | ||
diff --git a/etc/telegram.profile b/etc/telegram.profile index 261da6397..4920b94d8 100644 --- a/etc/telegram.profile +++ b/etc/telegram.profile | |||
@@ -12,4 +12,5 @@ protocol unix,inet,inet6 | |||
12 | noroot | 12 | noroot |
13 | 13 | ||
14 | whitelist ~/Downloads/Telegram Desktop | 14 | whitelist ~/Downloads/Telegram Desktop |
15 | mkdir ${HOME}/.TelegramDesktop | ||
15 | whitelist ~/.TelegramDesktop | 16 | whitelist ~/.TelegramDesktop |
diff --git a/etc/uget-gtk.profile b/etc/uget-gtk.profile index 0430f12b4..3b27c00ba 100644 --- a/etc/uget-gtk.profile +++ b/etc/uget-gtk.profile | |||
@@ -10,5 +10,7 @@ protocol unix,inet,inet6 | |||
10 | netfilter | 10 | netfilter |
11 | noroot | 11 | noroot |
12 | whitelist ${DOWNLOADS} | 12 | whitelist ${DOWNLOADS} |
13 | mkdir ~/.config | ||
14 | mkdir ~/.config/uGet | ||
13 | whitelist ~/.config/uGet | 15 | whitelist ~/.config/uGet |
14 | include /etc/firejail/whitelist-common.inc | 16 | include /etc/firejail/whitelist-common.inc |