diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/disable-common.inc | 4 | ||||
-rw-r--r-- | etc/disable-programs.inc | 3 | ||||
-rw-r--r-- | etc/gwenview.profile | 2 | ||||
-rw-r--r-- | etc/konversation.profile | 3 | ||||
-rw-r--r-- | etc/skanlite.profile | 2 |
5 files changed, 10 insertions, 4 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index e23cc8906..53f449115 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -18,8 +18,7 @@ blacklist ${HOME}/.config/autostart | |||
18 | blacklist ${HOME}/.config/autostart-scripts | 18 | blacklist ${HOME}/.config/autostart-scripts |
19 | blacklist ${HOME}/.config/lxsession/LXDE/autostart | 19 | blacklist ${HOME}/.config/lxsession/LXDE/autostart |
20 | blacklist ${HOME}/.config/openbox | 20 | blacklist ${HOME}/.config/openbox |
21 | blacklist ${HOME}/.config/plasma-workspace/env | 21 | blacklist ${HOME}/.config/plasma-workspace |
22 | blacklist ${HOME}/.config/plasma-workspace/shutdown | ||
23 | blacklist ${HOME}/.config/startupconfig | 22 | blacklist ${HOME}/.config/startupconfig |
24 | blacklist ${HOME}/.fluxbox/startup | 23 | blacklist ${HOME}/.fluxbox/startup |
25 | blacklist ${HOME}/.gnomerc | 24 | blacklist ${HOME}/.gnomerc |
@@ -256,6 +255,7 @@ blacklist ${HOME}/.netrc | |||
256 | blacklist ${HOME}/.pki | 255 | blacklist ${HOME}/.pki |
257 | blacklist ${HOME}/.smbcredentials | 256 | blacklist ${HOME}/.smbcredentials |
258 | blacklist ${HOME}/.ssh | 257 | blacklist ${HOME}/.ssh |
258 | blacklist ${HOME}/.vaults | ||
259 | blacklist /etc/group+ | 259 | blacklist /etc/group+ |
260 | blacklist /etc/group- | 260 | blacklist /etc/group- |
261 | blacklist /etc/gshadow | 261 | blacklist /etc/gshadow |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 6f982f539..d7a6d58ec 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -134,6 +134,7 @@ blacklist ${HOME}/.config/kritarc | |||
134 | blacklist ${HOME}/.config/kwriterc | 134 | blacklist ${HOME}/.config/kwriterc |
135 | blacklist ${HOME}/.config/kdeconnect | 135 | blacklist ${HOME}/.config/kdeconnect |
136 | blacklist ${HOME}/.config/knotesrc | 136 | blacklist ${HOME}/.config/knotesrc |
137 | blacklist ${HOME}/.config/konversationrc | ||
137 | blacklist ${HOME}/.config/ktorrentrc | 138 | blacklist ${HOME}/.config/ktorrentrc |
138 | blacklist ${HOME}/.config/leafpad | 139 | blacklist ${HOME}/.config/leafpad |
139 | blacklist ${HOME}/.config/libreoffice | 140 | blacklist ${HOME}/.config/libreoffice |
@@ -270,6 +271,7 @@ blacklist ${HOME}/.kde/share/config/khtmlrc | |||
270 | blacklist ${HOME}/.kde/share/config/konq_history | 271 | blacklist ${HOME}/.kde/share/config/konq_history |
271 | blacklist ${HOME}/.kde/share/config/konqsidebartngrc | 272 | blacklist ${HOME}/.kde/share/config/konqsidebartngrc |
272 | blacklist ${HOME}/.kde/share/config/konquerorrc | 273 | blacklist ${HOME}/.kde/share/config/konquerorrc |
274 | blacklist ${HOME}/.kde/share/config/konversationrc | ||
273 | blacklist ${HOME}/.kde/share/config/kopeterc | 275 | blacklist ${HOME}/.kde/share/config/kopeterc |
274 | blacklist ${HOME}/.kde/share/config/ktorrentrc | 276 | blacklist ${HOME}/.kde/share/config/ktorrentrc |
275 | blacklist ${HOME}/.kde/share/config/okularpartrc | 277 | blacklist ${HOME}/.kde/share/config/okularpartrc |
@@ -295,6 +297,7 @@ blacklist ${HOME}/.kde4/share/config/khtmlrc | |||
295 | blacklist ${HOME}/.kde4/share/config/konq_history | 297 | blacklist ${HOME}/.kde4/share/config/konq_history |
296 | blacklist ${HOME}/.kde4/share/config/konqsidebartngrc | 298 | blacklist ${HOME}/.kde4/share/config/konqsidebartngrc |
297 | blacklist ${HOME}/.kde4/share/config/konquerorrc | 299 | blacklist ${HOME}/.kde4/share/config/konquerorrc |
300 | blacklist ${HOME}/.kde4/share/config/konversationrc | ||
298 | blacklist ${HOME}/.kde4/share/config/kopeterc | 301 | blacklist ${HOME}/.kde4/share/config/kopeterc |
299 | blacklist ${HOME}/.kde4/share/config/ktorrentrc | 302 | blacklist ${HOME}/.kde4/share/config/ktorrentrc |
300 | blacklist ${HOME}/.kde4/share/config/okularpartrc | 303 | blacklist ${HOME}/.kde4/share/config/okularpartrc |
diff --git a/etc/gwenview.profile b/etc/gwenview.profile index efaf94f4c..8ad3ac5f3 100644 --- a/etc/gwenview.profile +++ b/etc/gwenview.profile | |||
@@ -37,7 +37,7 @@ seccomp | |||
37 | shell none | 37 | shell none |
38 | tracelog | 38 | tracelog |
39 | 39 | ||
40 | private-bin gwenview,gimp*,kbuildsycoca4 | 40 | private-bin gwenview,gimp*,kbuildsycoca4,kdeinit4 |
41 | private-dev | 41 | private-dev |
42 | # private-etc X11 | 42 | # private-etc X11 |
43 | 43 | ||
diff --git a/etc/konversation.profile b/etc/konversation.profile index 7d09857ba..db91940e2 100644 --- a/etc/konversation.profile +++ b/etc/konversation.profile | |||
@@ -5,6 +5,9 @@ include /etc/firejail/konversation.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include /etc/firejail/globals.local | 6 | include /etc/firejail/globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/konversationrc | ||
9 | noblacklist ${HOME}/.kde/share/config/konversationrc | ||
10 | noblacklist ${HOME}/.kde4/share/config/konversationrc | ||
8 | 11 | ||
9 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
10 | include /etc/firejail/disable-devel.inc | 13 | include /etc/firejail/disable-devel.inc |
diff --git a/etc/skanlite.profile b/etc/skanlite.profile index 61627f5d8..f1a64093a 100644 --- a/etc/skanlite.profile +++ b/etc/skanlite.profile | |||
@@ -27,7 +27,7 @@ protocol unix,netlink | |||
27 | seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,chroot,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice | 27 | seccomp.drop @clock,@cpu-emulation,@debug,@module,@obsolete,@reboot,@resources,@swap,acct,add_key,bpf,chroot,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,iopl,ioprio_set,kcmp,keyctl,mount,name_to_handle_at,nfsservctl,ni_syscall,open_by_handle_at,pciconfig_iobase,pciconfig_read,pciconfig_write,personality,pivot_root,process_vm_readv,ptrace,remap_file_pages,request_key,s390_mmio_read,s390_mmio_write,setdomainname,sethostname,syslog,umount,umount2,userfaultfd,vhangup,vmsplice |
28 | shell none | 28 | shell none |
29 | 29 | ||
30 | # private-bin skanlite,kbuildsycoca4 | 30 | # private-bin skanlite,kbuildsycoca4,kdeinit4 |
31 | # private-dev | 31 | # private-dev |
32 | # private-etc | 32 | # private-etc |
33 | # private-tmp | 33 | # private-tmp |