From 0fa7f9c30fae7627816aa19427f693784dc97a6b Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Fri, 20 Nov 2020 19:56:57 +0100 Subject: various profiles - disable-common: read-only ${HOME}/.zfunc - fix #3761 -- w3m with w3m-img installed does not display images when on virtual console/framebuffer - yelp can be used to display manpages --- README.md | 2 +- RELNOTES | 5 ++++- etc/inc/disable-common.inc | 1 + etc/profile-m-z/w3m.profile | 5 +++++ etc/profile-m-z/yelp.profile | 7 +++++-- 5 files changed, 16 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index cc50df2f7..a9a89a63c 100644 --- a/README.md +++ b/README.md @@ -194,4 +194,4 @@ Stats: ### New profiles: -spectacle, chromium-browser-privacy +spectacle, chromium-browser-privacy, gtk-straw-viewer, gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer, straw-viewer diff --git a/RELNOTES b/RELNOTES index f623517b3..8662125f5 100644 --- a/RELNOTES +++ b/RELNOTES @@ -2,7 +2,10 @@ firejail (0.9.65) baseline; urgency=low * allow --tmpfs inside $HOME for unprivileged users * --disable-usertmpfs compile time option * allow AF_BLUETOOTH via --protocol=bluetooth - * new profiles: spectacle, chromium-browser-privacy + * new profiles: spectacle, chromium-browser-privacy, gtk-straw-viewer + * new profiles: gtk-youtube-viewer, gtk2-youtube-viewer, gtk3-youtube-viewer + * new profiles: straw-viewer + -- netblue30 Wed, 21 Oct 2020 09:00:00 -0500 firejail (0.9.64) baseline; urgency=low diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 1268b4cd2..3bdad3138 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc @@ -280,6 +280,7 @@ read-only ${HOME}/.plan read-only ${HOME}/.profile read-only ${HOME}/.project read-only ${HOME}/.tcshrc +read-only ${HOME}/.zfunc read-only ${HOME}/.zlogin read-only ${HOME}/.zlogout read-only ${HOME}/.zprofile diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index bd33edd6a..0e172333a 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile @@ -7,6 +7,11 @@ include w3m.local # Persistent global definitions include globals.local +# Uncomment or add to your w3m.local if you want to use w3m-img on a vconsole +#ignore nogroups +#ignore private-dev +#ignore private-etc + noblacklist ${HOME}/.w3m blacklist /tmp/.X11-unix diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index e198af8b2..3ba1dca1a 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile @@ -20,7 +20,9 @@ include disable-xdg.inc mkdir ${HOME}/.config/yelp whitelist ${HOME}/.config/yelp whitelist /usr/share/doc +whitelist /usr/share/groff whitelist /usr/share/help +whitelist /usr/share/man whitelist /usr/share/yelp whitelist /usr/share/yelp-tools whitelist /usr/share/yelp-xsl @@ -46,10 +48,10 @@ shell none tracelog disable-mnt -private-bin yelp +private-bin groff,man,tbl,troff,yelp private-cache private-dev -private-etc alsa,alternatives,asound.conf,crypto-policies,cups,dconf,drirc,fonts,gcrypt,gtk-3.0,machine-id,openal,os-release,pulse,sgml,xml +private-etc alsa,alternatives,asound.conf,crypto-policies,cups,dconf,drirc,fonts,gcrypt,groff,gtk-3.0,machine-id,man_db.conf,openal,os-release,pulse,sgml,xml private-tmp dbus-system none @@ -60,3 +62,4 @@ dbus-system none # 1. yelp --editor-mode # 2. saving the window geometry read-only ${HOME} +read-write ${HOME}/.cache -- cgit v1.2.3-54-g00ecf