aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/Cryptocat.profile2
-rw-r--r--etc/FossaMail.profile2
-rw-r--r--etc/disable-common.inc6
-rw-r--r--etc/disable-devel.inc3
-rw-r--r--etc/disable-passwdmgr.inc3
-rw-r--r--etc/disable-programs.inc3
-rw-r--r--etc/evolution.profile3
-rw-r--r--etc/fossamail.profile15
-rw-r--r--etc/gpa.profile2
-rw-r--r--etc/gpg-agent.profile4
-rw-r--r--etc/gpg.profile5
-rw-r--r--etc/uzbl-browser.profile27
-rw-r--r--etc/whitelist-common.inc3
13 files changed, 68 insertions, 10 deletions
diff --git a/etc/Cryptocat.profile b/etc/Cryptocat.profile
index 3db34c03c..b61b88f68 100644
--- a/etc/Cryptocat.profile
+++ b/etc/Cryptocat.profile
@@ -1,4 +1,4 @@
1# Firejail profile for 1# Firejail profile for Cryptocat
2noblacklist ${HOME}/.config/Cryptocat 2noblacklist ${HOME}/.config/Cryptocat
3 3
4include /etc/firejail/disable-common.inc 4include /etc/firejail/disable-common.inc
diff --git a/etc/FossaMail.profile b/etc/FossaMail.profile
new file mode 100644
index 000000000..0da235467
--- /dev/null
+++ b/etc/FossaMail.profile
@@ -0,0 +1,2 @@
1# Firejail profile for FossaMail
2include /etc/firejail/fossamail.profile
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 22f54604a..6f21b9681 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -1,3 +1,6 @@
1# Local customizations come here
2include /etc/firejail/disable-common.local
3
1# History files in $HOME 4# History files in $HOME
2blacklist-nolog ${HOME}/.history 5blacklist-nolog ${HOME}/.history
3blacklist-nolog ${HOME}/.*_history 6blacklist-nolog ${HOME}/.*_history
@@ -102,6 +105,9 @@ read-only ${HOME}/.caffrc
102read-only ${HOME}/.dotfiles 105read-only ${HOME}/.dotfiles
103read-only ${HOME}/dotfiles 106read-only ${HOME}/dotfiles
104read-only ${HOME}/.mailcap 107read-only ${HOME}/.mailcap
108read-only ${HOME}/.muttrc
109read-only ${HOME}/.mutt/muttrc
110read-only ${HOME}/.msmtprc
105read-only ${HOME}/.exrc 111read-only ${HOME}/.exrc
106read-only ${HOME}/_exrc 112read-only ${HOME}/_exrc
107read-only ${HOME}/.vimrc 113read-only ${HOME}/.vimrc
diff --git a/etc/disable-devel.inc b/etc/disable-devel.inc
index 2ac367f37..07fc3928c 100644
--- a/etc/disable-devel.inc
+++ b/etc/disable-devel.inc
@@ -1,3 +1,6 @@
1# Local customizations come here
2include /etc/firejail/disable-devel.local
3
1# development tools 4# development tools
2 5
3# GCC 6# GCC
diff --git a/etc/disable-passwdmgr.inc b/etc/disable-passwdmgr.inc
index 045b4d92b..7d129b2e4 100644
--- a/etc/disable-passwdmgr.inc
+++ b/etc/disable-passwdmgr.inc
@@ -1,3 +1,6 @@
1# Local customizations come here
2include /etc/firejail/disable-passwdmgr.local
3
1blacklist ${HOME}/.pki/nssdb 4blacklist ${HOME}/.pki/nssdb
2blacklist ${HOME}/.lastpass 5blacklist ${HOME}/.lastpass
3blacklist ${HOME}/.keepassx 6blacklist ${HOME}/.keepassx
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index 69f0a2e1b..b307978da 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -1,3 +1,6 @@
1# Local customizations come here
2include /etc/firejail/disable-programs.local
3
1blacklist ${HOME}/.*coin 4blacklist ${HOME}/.*coin
2blacklist ${HOME}/.8pecxstudios 5blacklist ${HOME}/.8pecxstudios
3blacklist ${HOME}/.Atom 6blacklist ${HOME}/.Atom
diff --git a/etc/evolution.profile b/etc/evolution.profile
index ab6dd7a4a..1707e562b 100644
--- a/etc/evolution.profile
+++ b/etc/evolution.profile
@@ -6,6 +6,9 @@ noblacklist ~/.pki
6noblacklist ~/.pki/nssdb 6noblacklist ~/.pki/nssdb
7noblacklist ~/.gnupg 7noblacklist ~/.gnupg
8 8
9noblacklist /var/spool/mail
10noblacklist /var/mail
11
9include /etc/firejail/disable-common.inc 12include /etc/firejail/disable-common.inc
10include /etc/firejail/disable-programs.inc 13include /etc/firejail/disable-programs.inc
11include /etc/firejail/disable-devel.inc 14include /etc/firejail/disable-devel.inc
diff --git a/etc/fossamail.profile b/etc/fossamail.profile
new file mode 100644
index 000000000..a0dc8ae59
--- /dev/null
+++ b/etc/fossamail.profile
@@ -0,0 +1,15 @@
1# Firejail profile for FossaMail
2
3noblacklist ~/.gnupg
4mkdir ~/.gnupg
5whitelist ~/.gnupg
6
7noblacklist ~/.fossamail
8mkdir ~/.fossamail
9whitelist ~/.fossamail
10
11noblacklist ~/.cache/fossamail
12mkdir ~/.cache/fossamail
13whitelist ~/.cache/fossamail
14
15include /etc/firejail/firefox.profile
diff --git a/etc/gpa.profile b/etc/gpa.profile
index 7d7277190..9da750f9e 100644
--- a/etc/gpa.profile
+++ b/etc/gpa.profile
@@ -18,6 +18,4 @@ shell none
18tracelog 18tracelog
19 19
20# private-bin gpa,gpg 20# private-bin gpa,gpg
21private-tmp
22private-dev 21private-dev
23# private-etc none
diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile
index 59c7383d7..f587f0d53 100644
--- a/etc/gpg-agent.profile
+++ b/etc/gpg-agent.profile
@@ -11,7 +11,7 @@ nogroups
11nonewprivs 11nonewprivs
12noroot 12noroot
13nosound 13nosound
14protocol unix 14protocol unix,inet,inet6
15seccomp 15seccomp
16netfilter 16netfilter
17no3d 17no3d
@@ -21,6 +21,4 @@ tracelog
21blacklist /tmp/.X11-unix 21blacklist /tmp/.X11-unix
22 22
23# private-bin gpg-agent,gpg 23# private-bin gpg-agent,gpg
24private-tmp
25private-dev 24private-dev
26# private-etc none
diff --git a/etc/gpg.profile b/etc/gpg.profile
index d711c6f3e..963ff5ed7 100644
--- a/etc/gpg.profile
+++ b/etc/gpg.profile
@@ -11,10 +11,9 @@ nogroups
11nonewprivs 11nonewprivs
12noroot 12noroot
13nosound 13nosound
14protocol unix 14protocol unix,inet,inet6
15seccomp 15seccomp
16netfilter 16netfilter
17net none
18no3d 17no3d
19shell none 18shell none
20tracelog 19tracelog
@@ -22,6 +21,4 @@ tracelog
22blacklist /tmp/.X11-unix 21blacklist /tmp/.X11-unix
23 22
24# private-bin gpg,gpg-agent 23# private-bin gpg,gpg-agent
25private-tmp
26private-dev 24private-dev
27# private-etc none
diff --git a/etc/uzbl-browser.profile b/etc/uzbl-browser.profile
new file mode 100644
index 000000000..1346b7fc2
--- /dev/null
+++ b/etc/uzbl-browser.profile
@@ -0,0 +1,27 @@
1# Firejail profile for uzbl-browser
2
3noblacklist ~/.config/uzbl
4noblacklist ~/.cache/uzbl
5include /etc/firejail/disable-common.inc
6include /etc/firejail/disable-programs.inc
7include /etc/firejail/disable-devel.inc
8include /etc/firejail/disable-passwdmgr.inc
9
10caps.drop all
11netfilter
12nonewprivs
13noroot
14protocol unix,inet,inet6
15seccomp
16tracelog
17
18mkdir ~/.config/uzbl
19whitelist ~/.config/uzbl
20mkdir ~/.cache/uzbl
21whitelist ~/.cache/uzbl
22mkdir ~/.local/share/uzbl
23whitelist ~/.local/share/uzbl
24
25whitelist ${DOWNLOADS}
26
27include /etc/firejail/whitelist-common.inc
diff --git a/etc/whitelist-common.inc b/etc/whitelist-common.inc
index d4e69948e..cf7797100 100644
--- a/etc/whitelist-common.inc
+++ b/etc/whitelist-common.inc
@@ -1,3 +1,6 @@
1# Local customizations come here
2include /etc/firejail/whitelist-common.local
3
1# common whitelist for all profiles 4# common whitelist for all profiles
2 5
3whitelist ~/.XCompose 6whitelist ~/.XCompose
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-08-03 17:09:08 +0000