diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/Thunar.profile | 1 | ||||
-rw-r--r-- | etc/caja.profile | 1 | ||||
-rw-r--r-- | etc/disable-common.inc | 12 | ||||
-rw-r--r-- | etc/nemo.profile | 2 | ||||
-rw-r--r-- | etc/pcmanfm.profile | 2 |
5 files changed, 15 insertions, 3 deletions
diff --git a/etc/Thunar.profile b/etc/Thunar.profile index 405e45504..0511fbdd7 100644 --- a/etc/Thunar.profile +++ b/etc/Thunar.profile | |||
@@ -5,6 +5,7 @@ include /etc/firejail/Thunar.local | |||
5 | # Firejail profile for thunar | 5 | # Firejail profile for thunar |
6 | noblacklist ~/.config/Thunar | 6 | noblacklist ~/.config/Thunar |
7 | noblacklist ~/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml | 7 | noblacklist ~/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml |
8 | noblacklist ${HOME}/.local/share/Trash | ||
8 | 9 | ||
9 | include /etc/firejail/disable-common.inc | 10 | include /etc/firejail/disable-common.inc |
10 | #include /etc/firejail/disable-programs.inc | 11 | #include /etc/firejail/disable-programs.inc |
diff --git a/etc/caja.profile b/etc/caja.profile index b54e4af57..8994f39fd 100644 --- a/etc/caja.profile +++ b/etc/caja.profile | |||
@@ -9,6 +9,7 @@ include /etc/firejail/caja.local | |||
9 | 9 | ||
10 | noblacklist ~/.config/caja | 10 | noblacklist ~/.config/caja |
11 | noblacklist ~/.local/share/caja | 11 | noblacklist ~/.local/share/caja |
12 | noblacklist ${HOME}/.local/share/Trash | ||
12 | 13 | ||
13 | include /etc/firejail/disable-common.inc | 14 | include /etc/firejail/disable-common.inc |
14 | # caja needs to be able to start arbitrary applications so we cannot blacklist their files | 15 | # caja needs to be able to start arbitrary applications so we cannot blacklist their files |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 521fed37d..1c1b298a9 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -181,13 +181,19 @@ read-only ${HOME}/.gem | |||
181 | read-only ${HOME}/.luarocks | 181 | read-only ${HOME}/.luarocks |
182 | read-only ${HOME}/.npm-packages | 182 | read-only ${HOME}/.npm-packages |
183 | 183 | ||
184 | ########################### | ||
185 | # The following block breaks trash functionality in file managers | ||
186 | ########################## | ||
184 | # Make the contents of ~/.local read-only, | 187 | # Make the contents of ~/.local read-only, |
185 | # except the commonly-used ~/.local/share, | 188 | # except the commonly-used ~/.local/share, |
186 | # but including ~/.local/share/applications | 189 | # but including ~/.local/share/applications |
187 | read-only ${HOME}/.local | 190 | #read-only ${HOME}/.local |
188 | read-write ${HOME}/.local/share | 191 | #read-write ${HOME}/.local/share |
189 | noexec ${HOME}/.local/share | 192 | #noexec ${HOME}/.local/share |
190 | read-only ${HOME}/.local/share/applications | 193 | read-only ${HOME}/.local/share/applications |
194 | blacklist ${HOME}/.local/share/Trash | ||
195 | |||
196 | |||
191 | 197 | ||
192 | # top secret | 198 | # top secret |
193 | blacklist ${HOME}/.ecryptfs | 199 | blacklist ${HOME}/.ecryptfs |
diff --git a/etc/nemo.profile b/etc/nemo.profile index 4ebcd952c..eb0e79aed 100644 --- a/etc/nemo.profile +++ b/etc/nemo.profile | |||
@@ -4,6 +4,8 @@ include /etc/firejail/nemo.local | |||
4 | 4 | ||
5 | noblacklist ${HOME}/.local/share/nemo | 5 | noblacklist ${HOME}/.local/share/nemo |
6 | noblacklist ${HOME}/.config/nemo | 6 | noblacklist ${HOME}/.config/nemo |
7 | noblacklist ${HOME}/.local/share/Trash | ||
8 | |||
7 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
8 | include /etc/firejail/disable-passwdmgr.inc | 10 | include /etc/firejail/disable-passwdmgr.inc |
9 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/pcmanfm.profile b/etc/pcmanfm.profile index 00ae787a4..8c4b22c5a 100644 --- a/etc/pcmanfm.profile +++ b/etc/pcmanfm.profile | |||
@@ -4,6 +4,8 @@ include /etc/firejail/pcmanfm.local | |||
4 | 4 | ||
5 | noblacklist ~/.config/pcmanfm | 5 | noblacklist ~/.config/pcmanfm |
6 | noblacklist ~/.config/libfm | 6 | noblacklist ~/.config/libfm |
7 | noblacklist ${HOME}/.local/share/Trash | ||
8 | |||
7 | include /etc/firejail/disable-common.inc | 9 | include /etc/firejail/disable-common.inc |
8 | #include /etc/firejail/disable-programs.inc | 10 | #include /etc/firejail/disable-programs.inc |
9 | include /etc/firejail/disable-devel.inc | 11 | include /etc/firejail/disable-devel.inc |