From f593164cdd79da7e21301b316e5dfe171c3bdbf8 Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Fri, 27 Apr 2018 14:41:43 -0400 Subject: Update Gajim profile - Version 1 ported to Python 3, so remove 2.7-related settings - Plugins get installed in ~/.local/share/gajim/plugins - Enable private-{etc,tmp} --- etc/disable-programs.inc | 1 - etc/gajim.profile | 14 +++++--------- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index c12d841d6..87f151a9a 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -348,7 +348,6 @@ blacklist ${HOME}/.kodi blacklist ${HOME}/.linphone-history.db blacklist ${HOME}/.linphonerc blacklist ${HOME}/.lmmsrc.xml -blacklist ${HOME}/.local/lib/python2.7/site-packages blacklist ${HOME}/.local/share/0ad blacklist ${HOME}/.local/share/3909/PapersPlease blacklist ${HOME}/.local/share/Empathy diff --git a/etc/gajim.profile b/etc/gajim.profile index 02c818443..437ffe3e7 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile @@ -10,8 +10,8 @@ noblacklist ${HOME}/.config/gajim noblacklist ${HOME}/.local/share/gajim # Allow python2.7 (blacklisted by disable-interpreters.inc) -noblacklist ${PATH}/python2* -noblacklist /usr/lib/python2* +noblacklist ${PATH}/python3* +noblacklist /usr/lib/python3* include /etc/firejail/disable-common.inc include /etc/firejail/disable-devel.inc @@ -21,12 +21,10 @@ include /etc/firejail/disable-programs.inc mkdir ${HOME}/.cache/gajim mkdir ${HOME}/.config/gajim -mkdir ${HOME}/.local/lib/python2.7/site-packages/ mkdir ${HOME}/.local/share/gajim mkdir ${HOME}/Downloads whitelist ${HOME}/.cache/gajim whitelist ${HOME}/.config/gajim -whitelist ${HOME}/.local/lib/python2.7/site-packages/ whitelist ${HOME}/.local/share/gajim whitelist ${HOME}/Downloads include /etc/firejail/whitelist-common.inc @@ -43,9 +41,7 @@ seccomp shell none disable-mnt -private-bin python2.7,gajim +private-bin python,gajim private-dev -# private-etc fonts -# private-tmp -# Allow the local python 2.7 site packages, in case any plugins are using these -read-only ${HOME}/.local/lib/python2.7/site-packages/ +private-etc fonts +private-tmp -- cgit v1.2.3-54-g00ecf From d01b5f33a4e3035a932801df13dac25c7aef3e0a Mon Sep 17 00:00:00 2001 From: Jean Lucas Date: Fri, 27 Apr 2018 15:02:14 -0400 Subject: Add more files and directories to private-etc --- etc/gajim.profile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/gajim.profile b/etc/gajim.profile index 437ffe3e7..8e76352f4 100644 --- a/etc/gajim.profile +++ b/etc/gajim.profile @@ -9,7 +9,7 @@ noblacklist ${HOME}/.cache/gajim noblacklist ${HOME}/.config/gajim noblacklist ${HOME}/.local/share/gajim -# Allow python2.7 (blacklisted by disable-interpreters.inc) +# Allow Python (blacklisted by disable-interpreters.inc) noblacklist ${PATH}/python3* noblacklist /usr/lib/python3* @@ -43,5 +43,5 @@ shell none disable-mnt private-bin python,gajim private-dev -private-etc fonts +private-etc alsa,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl private-tmp -- cgit v1.2.3-54-g00ecf