From 6e23a6dd6367ad8240601a5fc32fb75ce5f64e07 Mon Sep 17 00:00:00 2001 From: SYN-cook Date: Mon, 3 Apr 2017 23:28:50 +0200 Subject: mediathekview profile (#1190) * create mediathekview.profile * update mediathekview * update mediathekview * blacklist mediathekview * add mediathekview * add mediathekview --- README.md | 2 +- RELNOTES | 2 +- etc/disable-programs.inc | 1 + etc/mediathekview.profile | 25 +++++++++++++++++++++++++ platform/debian/conffiles | 1 + src/firecfg/firecfg.config | 1 + 6 files changed, 30 insertions(+), 2 deletions(-) create mode 100644 etc/mediathekview.profile diff --git a/README.md b/README.md index fecfc430a..aa34ec422 100644 --- a/README.md +++ b/README.md @@ -195,4 +195,4 @@ goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nau simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget, xed, pluma, Cryptocat, Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla, FossaMail, Uzbl browser, xmms, iridium browser, -Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc +Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView diff --git a/RELNOTES b/RELNOTES index 10206d8a5..333d6b160 100644 --- a/RELNOTES +++ b/RELNOTES @@ -42,7 +42,7 @@ firejail (0.9.45) baseline; urgency=low * new profiles: Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, * new profies: Xonotic, wireshark, keepassx2, QupZilla, FossaMail, * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie, Engrampa - * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc + * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView * bugfixes -- netblue30 Sun, 23 Oct 2016 08:00:00 -0500 diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index da80376d1..032d50b36 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -236,6 +236,7 @@ blacklist ${HOME}/.local/share/zathura blacklist ${HOME}/.lv2 blacklist ${HOME}/.mcabber blacklist ${HOME}/.mcabberrc +blacklist ${HOME}/.mediathek3 blacklist ${HOME}/.mozilla blacklist ${HOME}/.mozilla/seamonkey blacklist ${HOME}/.mpdconf diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile new file mode 100644 index 000000000..ec5b507ae --- /dev/null +++ b/etc/mediathekview.profile @@ -0,0 +1,25 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include /etc/firejail/mediathekview.local + +# MediathekView profile +noblacklist ~/.mediathek3 +noblacklist ~/.config/vlc +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-passwdmgr.inc + +caps.drop all +netfilter +nonewprivs +noroot +protocol unix,inet,inet6 +seccomp +tracelog + +noexec ${HOME} +noexec /tmp + +private-dev +private-tmp diff --git a/platform/debian/conffiles b/platform/debian/conffiles index ea6519750..b1d0eef27 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles @@ -256,3 +256,4 @@ /etc/firejail/geeqie.profile /etc/firejail/engrampa.profile /etc/firejail/scribus.profile +/etc/firejail/mediathekview.profile diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index c5c3d474e..88b5c59c3 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -128,6 +128,7 @@ gpicview img2txt k3b mediainfo +mediathekview mpv nautilus parole -- cgit v1.2.3-70-g09d2