From 58732a65458b368ec8cddde7deff3ec1dfbda4b7 Mon Sep 17 00:00:00 2001 From: Kobaxidze256 Date: Wed, 15 Mar 2023 12:26:12 +0000 Subject: Add profiles for jami and postman (#5691) --- etc/inc/disable-programs.inc | 3 +++ etc/profile-a-l/jami.profile | 18 ++++++++++++++++++ etc/profile-m-z/Postman.profile | 10 ++++++++++ etc/profile-m-z/postman.profile | 28 ++++++++++++++++++++++++++++ src/firecfg/firecfg.config | 3 +++ 5 files changed, 62 insertions(+) create mode 100644 etc/profile-a-l/jami.profile create mode 100644 etc/profile-m-z/Postman.profile create mode 100644 etc/profile-m-z/postman.profile diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 71b513935..c7e2f2ca9 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc @@ -320,6 +320,7 @@ blacklist ${HOME}/.config/PacmanLogViewer blacklist ${HOME}/.config/PawelStolowski blacklist ${HOME}/.config/Philipp Schmieder blacklist ${HOME}/.config/Pinta +blacklist ${HOME}/.config/Postman blacklist ${HOME}/.config/QGIS blacklist ${HOME}/.config/QMediathekView blacklist ${HOME}/.config/QQ @@ -480,6 +481,7 @@ blacklist ${HOME}/.config/inox blacklist ${HOME}/.config/iridium blacklist ${HOME}/.config/itch blacklist ${HOME}/.config/jami +blacklist ${HOME}/.config/jami.net blacklist ${HOME}/.config/jd-gui.cfg blacklist ${HOME}/.config/jgit blacklist ${HOME}/.config/k3brc @@ -1183,6 +1185,7 @@ blacklist ${HOME}/Arduino blacklist ${HOME}/Monero/wallets blacklist ${HOME}/Nextcloud blacklist ${HOME}/Nextcloud/Notes +blacklist ${HOME}/Postman blacklist ${HOME}/Seafile/.seafile-data blacklist ${HOME}/SoftMaker blacklist ${HOME}/Standard Notes Backups diff --git a/etc/profile-a-l/jami.profile b/etc/profile-a-l/jami.profile new file mode 100644 index 000000000..deff54bcd --- /dev/null +++ b/etc/profile-a-l/jami.profile @@ -0,0 +1,18 @@ +# Firejail profile for jami +# Description: An encrypted peer-to-peer messenger +# This file is overwritten after every install/update +# Persistent local customizations +include jami.local +# Persistent global definitions +# added by caller profile +#include globals.local + +noblacklist ${HOME}/.config/jami.net + +mkdir ${HOME}/.config/jami.net +mkdir ${HOME}/Videos/Jami +whitelist ${HOME}/.config/jami.net +whitelist ${HOME}/Videos/Jami + +# Redirect +include jami-gnome.profile diff --git a/etc/profile-m-z/Postman.profile b/etc/profile-m-z/Postman.profile new file mode 100644 index 000000000..d08acf60b --- /dev/null +++ b/etc/profile-m-z/Postman.profile @@ -0,0 +1,10 @@ +# Firejail profile for Postman +# This file is overwritten after every install/update +# Persistent local customizations +include Postman.local +# Persistent global definitions +# added by included profile +#include globals.local + +# Redirect +include postman.profile diff --git a/etc/profile-m-z/postman.profile b/etc/profile-m-z/postman.profile new file mode 100644 index 000000000..c8f00584d --- /dev/null +++ b/etc/profile-m-z/postman.profile @@ -0,0 +1,28 @@ +# Firejail profile for postman +# Description: API testing platform +# This file is overwritten after every install/update +# Persistent local customizations +include postman.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.config/Postman +noblacklist ${HOME}/Postman + +mkdir ${HOME}/.config/Postman +mkdir ${HOME}/Postman +whitelist ${HOME}/.config/Postman +whitelist ${HOME}/Postman +include whitelist-run-common.inc + +protocol unix,inet,inet6,netlink + +private-bin electron,electron[0-9],electron[0-9][0-9],locale,node,Postman,postman,sh +private-etc alternatives,ca-certificates,crypto-policies,fonts,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,nsswitch.conf,pki,resolv.conf,ssl +# private-opt breaks file-copy-limit, use a whitelist instead of draining RAM +# https://github.com/netblue30/firejail/discussions/5307 +#private-opt postman +whitelist /opt/postman + +# Redirect +include electron-common.profile diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 2e176d2cd..2b4785fd4 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -25,6 +25,7 @@ Natron PCSX2 PPSSPPQt PPSSPPSDL +Postman QMediathekView QOwnNotes Screenshot @@ -421,6 +422,7 @@ ipcalc ipcalc-ng iridium iridium-browser +jami jd-gui jdownloader jerry @@ -682,6 +684,7 @@ plv pngquant polari porn-cli +postman ppsspp pragha presentations18 -- cgit v1.2.3-54-g00ecf