diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/profile-m-z/QOwnNotes.profile | 7 | ||||
-rw-r--r-- | etc/profile-m-z/nextcloud.profile | 11 | ||||
-rw-r--r-- | etc/profile-m-z/ssh.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/wesnoth.profile | 3 |
4 files changed, 15 insertions, 10 deletions
diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile index e7dba9cd5..023071f68 100644 --- a/etc/profile-m-z/QOwnNotes.profile +++ b/etc/profile-m-z/QOwnNotes.profile | |||
@@ -7,9 +7,10 @@ include QOwnNotes.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | noblacklist ${HOME}/Nextcloud/Notes | ||
11 | noblacklist ${HOME}/.config/PBE | 10 | noblacklist ${HOME}/.config/PBE |
12 | noblacklist ${HOME}/.local/share/PBE | 11 | noblacklist ${HOME}/.local/share/PBE |
12 | noblacklist ${HOME}/Nextcloud | ||
13 | noblacklist ${HOME}/Nextcloud/Notes | ||
13 | 14 | ||
14 | include disable-common.inc | 15 | include disable-common.inc |
15 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -19,13 +20,13 @@ include disable-programs.inc | |||
19 | include disable-shell.inc | 20 | include disable-shell.inc |
20 | include disable-xdg.inc | 21 | include disable-xdg.inc |
21 | 22 | ||
22 | mkdir ${HOME}/Nextcloud/Notes | ||
23 | mkdir ${HOME}/.config/PBE | 23 | mkdir ${HOME}/.config/PBE |
24 | mkdir ${HOME}/.local/share/PBE | 24 | mkdir ${HOME}/.local/share/PBE |
25 | mkdir ${HOME}/Nextcloud/Notes | ||
25 | whitelist ${DOCUMENTS} | 26 | whitelist ${DOCUMENTS} |
26 | whitelist ${HOME}/Nextcloud/Notes | ||
27 | whitelist ${HOME}/.config/PBE | 27 | whitelist ${HOME}/.config/PBE |
28 | whitelist ${HOME}/.local/share/PBE | 28 | whitelist ${HOME}/.local/share/PBE |
29 | whitelist ${HOME}/Nextcloud/Notes | ||
29 | include whitelist-common.inc | 30 | include whitelist-common.inc |
30 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
31 | 32 | ||
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile index 960c494db..b6453f6a9 100644 --- a/etc/profile-m-z/nextcloud.profile +++ b/etc/profile-m-z/nextcloud.profile | |||
@@ -6,9 +6,10 @@ include nextcloud.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/Nextcloud | ||
10 | noblacklist ${HOME}/.config/Nextcloud | 9 | noblacklist ${HOME}/.config/Nextcloud |
11 | noblacklist ${HOME}/.local/share/Nextcloud | 10 | noblacklist ${HOME}/.local/share/Nextcloud |
11 | noblacklist ${HOME}/Nextcloud | ||
12 | noblacklist ${HOME}/Nextcloud/Notes | ||
12 | # Add the next lines to your nextcloud.local to allow sync in more directories. | 13 | # Add the next lines to your nextcloud.local to allow sync in more directories. |
13 | #noblacklist ${DOCUMENTS} | 14 | #noblacklist ${DOCUMENTS} |
14 | #noblacklist ${MUSIC} | 15 | #noblacklist ${MUSIC} |
@@ -23,12 +24,12 @@ include disable-programs.inc | |||
23 | include disable-shell.inc | 24 | include disable-shell.inc |
24 | include disable-xdg.inc | 25 | include disable-xdg.inc |
25 | 26 | ||
26 | mkdir ${HOME}/Nextcloud | ||
27 | mkdir ${HOME}/.config/Nextcloud | 27 | mkdir ${HOME}/.config/Nextcloud |
28 | mkdir ${HOME}/.local/share/Nextcloud | 28 | mkdir ${HOME}/.local/share/Nextcloud |
29 | whitelist ${HOME}/Nextcloud | 29 | mkdir ${HOME}/Nextcloud |
30 | whitelist ${HOME}/.config/Nextcloud | 30 | whitelist ${HOME}/.config/Nextcloud |
31 | whitelist ${HOME}/.local/share/Nextcloud | 31 | whitelist ${HOME}/.local/share/Nextcloud |
32 | whitelist ${HOME}/Nextcloud | ||
32 | whitelist /usr/share/nextcloud | 33 | whitelist /usr/share/nextcloud |
33 | # Add the next lines to your nextcloud.local to allow sync in more directories. | 34 | # Add the next lines to your nextcloud.local to allow sync in more directories. |
34 | #whitelist ${DOCUMENTS} | 35 | #whitelist ${DOCUMENTS} |
@@ -61,15 +62,15 @@ tracelog | |||
61 | disable-mnt | 62 | disable-mnt |
62 | private-bin nextcloud,nextcloud-desktop | 63 | private-bin nextcloud,nextcloud-desktop |
63 | private-cache | 64 | private-cache |
64 | private-etc @tls-ca,@x11,Nextcloud,host.conf,os-release | ||
65 | private-dev | 65 | private-dev |
66 | private-etc @tls-ca,@x11,Nextcloud,host.conf,os-release | ||
66 | private-tmp | 67 | private-tmp |
67 | 68 | ||
68 | # IMPORTANT: create ~/.local/share/dbus-1/services/com.nextcloudgmbh.Nextcloud.service | 69 | # IMPORTANT: create ~/.local/share/dbus-1/services/com.nextcloudgmbh.Nextcloud.service |
69 | # referencing the firejailed /usr/local/bin/nextcloud to keep nextcloud running sandboxed | 70 | # referencing the firejailed /usr/local/bin/nextcloud to keep nextcloud running sandboxed |
70 | # even when its dbus name gets activated | 71 | # even when its dbus name gets activated |
71 | # see https://github.com/netblue30/firejail/wiki/Frequently-Asked-Questions#how-do-i-sandbox-applications-started-via-systemd-or-d-bus-services | 72 | # see https://github.com/netblue30/firejail/wiki/Frequently-Asked-Questions#how-do-i-sandbox-applications-started-via-systemd-or-d-bus-services |
72 | dbus-user filter | 73 | dbus-user filter |
73 | dbus-user.own com.nextcloudgmbh.Nextcloud | 74 | dbus-user.own com.nextcloudgmbh.Nextcloud |
74 | dbus-user.talk org.freedesktop.secrets | 75 | dbus-user.talk org.freedesktop.secrets |
75 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher | 76 | ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher |
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index 1c4d85ea0..018e05230 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -19,11 +19,11 @@ include disable-exec.inc | |||
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | 20 | ||
21 | whitelist ${RUNUSER}/gcr/ssh | 21 | whitelist ${RUNUSER}/gcr/ssh |
22 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh # default gpg homedir setup | ||
23 | whitelist ${RUNUSER}/gnupg/*/S.gpg-agent.ssh # custom gpg homedir setup | 22 | whitelist ${RUNUSER}/gnupg/*/S.gpg-agent.ssh # custom gpg homedir setup |
23 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh # default gpg homedir setup | ||
24 | whitelist ${RUNUSER}/keyring/ssh | 24 | whitelist ${RUNUSER}/keyring/ssh |
25 | include whitelist-usr-share-common.inc | ||
26 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | ||
27 | 27 | ||
28 | apparmor | 28 | apparmor |
29 | caps.drop all | 29 | caps.drop all |
diff --git a/etc/profile-m-z/wesnoth.profile b/etc/profile-m-z/wesnoth.profile index b6f29cfbf..90de16bdb 100644 --- a/etc/profile-m-z/wesnoth.profile +++ b/etc/profile-m-z/wesnoth.profile | |||
@@ -10,6 +10,9 @@ noblacklist ${HOME}/.cache/wesnoth | |||
10 | noblacklist ${HOME}/.config/wesnoth | 10 | noblacklist ${HOME}/.config/wesnoth |
11 | noblacklist ${HOME}/.local/share/wesnoth | 11 | noblacklist ${HOME}/.local/share/wesnoth |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | ||
14 | include allow-lua.inc | ||
15 | |||
13 | include disable-common.inc | 16 | include disable-common.inc |
14 | include disable-devel.inc | 17 | include disable-devel.inc |
15 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |