From 4b007b774177ce4858f6846e89dc611dae77caad Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Thu, 30 Jul 2020 22:53:45 +0200 Subject: new profile: gnome-calendar --- README.md | 2 +- RELNOTES | 3 +- etc/profile-a-l/gnome-calendar.profile | 62 ++++++++++++++++++++++++++++++++++ src/firecfg/firecfg.config | 1 + 4 files changed, 66 insertions(+), 2 deletions(-) create mode 100644 etc/profile-a-l/gnome-calendar.profile diff --git a/README.md b/README.md index 1cbe84a62..b88e86ff9 100644 --- a/README.md +++ b/README.md @@ -196,4 +196,4 @@ gnome-screenshot, ripperX, sound-juicer, iagno, com.github.dahenson.agenda, gnom penguin-command, x2goclient, frogatto, gnome-mines, gnome-nibbles, lightsoff, ts3client_runscript.sh, warmux, ferdi, abiword, four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars, hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers, -seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded, cawbird, freetube, homebank, mattermost-desktop, newsflash, com.gitlab.newsflash, element-desktop, sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer +seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher, gapplication, xonotic-sdl-wrapper, openarena_ded, cawbird, freetube, homebank, mattermost-desktop, newsflash, com.gitlab.newsflash, element-desktop, sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer, lyx, minitube, nuclear, mtpaint, minecraft-launcher, gnome-calendar diff --git a/RELNOTES b/RELNOTES index e77db8cf8..4af945c1b 100644 --- a/RELNOTES +++ b/RELNOTES @@ -39,7 +39,8 @@ firejail (0.9.63) baseline; urgency=low * new profiles: hitori, bijiben, gnote, gnubik, ZeGrapher, xonotic-sdl-wrapper * new profiles: gapplication, openarena_ded, element-desktop, cawbird, freetube * new profiles: homebank, mattermost-desktop, newsflash, com.gitlab.newsflash - * new profiles: sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer + * new profiles: sushi, xfce4-screenshooter, org.gnome.NautilusPreviewer, lyx + * new profiles: minitube, nuclear, mtpaint, minecraft-launcher, gnome-calendar -- netblue30 Tue, 21 Apr 2020 08:00:00 -0500 firejail (0.9.62) baseline; urgency=low diff --git a/etc/profile-a-l/gnome-calendar.profile b/etc/profile-a-l/gnome-calendar.profile new file mode 100644 index 000000000..3e815234c --- /dev/null +++ b/etc/profile-a-l/gnome-calendar.profile @@ -0,0 +1,62 @@ +# Firejail profile for gnome-calendar +# Description: Calendar for GNOME +# This file is overwritten after every install/update +# Persistent local customizations +include gnome-calendar.local +# Persistent global definitions +include globals.local + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +include disable-programs.inc +include disable-shell.inc +include disable-xdg.inc + +whitelist /usr/share/libgweather +include whitelist-common.inc +include whitelist-runuser-common.inc +include whitelist-usr-share-common.inc +include whitelist-var-common.inc + +apparmor +caps.drop all +machine-id +netfilter +no3d +nodvd +nogroups +nonewprivs +noroot +nosound +notv +nou2f +novideo +protocol unix,inet,inet6 +seccomp +shell none +tracelog + +disable-mnt +private +private-bin gnome-calendar +private-cache +private-dev +private-etc ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,nsswitch.conf,pki,resolv.conf,ssl +private-tmp + +dbus-user filter +dbus-user.own org.gnome.Calendar +dbus-user.talk ca.desrt.dconf +dbus-user.talk org.gnome.evolution.dataserver.* +#dbus-user.talk org.gnome.OnlineAccounts +#dbus-user.talk org.gnome.ControlCenter +# NOTE: dbus-system none fails, filter without rules works. +dbus-system filter +#dbus-system.talk org.freedesktop.timedate1 +#dbus-system.talk org.freedesktop.login1 +#dbus-system.talk org.freedesktop.GeoClue2 + +read-only ${HOME} diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 77b0596e9..93a80e703 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -274,6 +274,7 @@ gnome-2048 gnome-books gnome-builder gnome-calculator +gnome-calendar gnome-character-map gnome-characters gnome-chess -- cgit v1.2.3-70-g09d2