From e0bc50dc4138450dd7dca2e96289372d51592f41 Mon Sep 17 00:00:00 2001 From: Fred Barclay Date: Sat, 26 Nov 2016 11:04:40 -0600 Subject: added pluma and xed profiles --- etc/pluma.profile | 21 +++++++++++++++++++++ etc/xed.profile | 21 +++++++++++++++++++++ 2 files changed, 42 insertions(+) create mode 100644 etc/pluma.profile create mode 100644 etc/xed.profile diff --git a/etc/pluma.profile b/etc/pluma.profile new file mode 100644 index 000000000..895cc2369 --- /dev/null +++ b/etc/pluma.profile @@ -0,0 +1,21 @@ +# Firejail profile for Xed +noblacklist ${HOME}/.config/pluma + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-passwdmgr.inc + +caps.drop all +net none +nogroups +nonewprivs +noroot +nosound +seccomp +shell none +tracelog + +private-bin pluma +private-dev +private-tmp diff --git a/etc/xed.profile b/etc/xed.profile new file mode 100644 index 000000000..051710a70 --- /dev/null +++ b/etc/xed.profile @@ -0,0 +1,21 @@ +# Firejail profile for Xed +noblacklist ${HOME}/.config/xed + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-passwdmgr.inc + +caps.drop all +net none +nogroups +nonewprivs +noroot +nosound +seccomp +shell none +tracelog + +private-bin xed +private-dev +private-tmp -- cgit v1.2.3-70-g09d2 From f88e0fcf806d17b7ef6822b3f1a7d4b672877be1 Mon Sep 17 00:00:00 2001 From: Fred Barclay Date: Sat, 26 Nov 2016 11:12:07 -0600 Subject: additional files for pluma and xed --- README | 1 + README.md | 13 ++++++------- RELNOTES | 2 +- etc/disable-programs.inc | 2 ++ platform/debian/conffiles | 2 ++ src/firecfg/firecfg.config | 2 ++ 6 files changed, 14 insertions(+), 8 deletions(-) diff --git a/README b/README index 1fdd267a5..4d09a0a2c 100644 --- a/README +++ b/README @@ -80,6 +80,7 @@ Fred-Barclay (https://github.com/Fred-Barclay) - evince profile enhancement - tightened Spotify profile - added xiphos and Tor Browser Bundle profiles + - added xed and pluma profiles valoq (https://github.com/valoq) - lots of profile fixes - added support for /srv in --whitelist feature diff --git a/README.md b/README.md index 642bac678..7fc552f1e 100644 --- a/README.md +++ b/README.md @@ -56,10 +56,9 @@ Use this issue to request new profiles: https://github.com/netblue30/firejail/is ````` ## New Profiles -xiphos, Tor Browser Bundle, display (imagemagik), Wire, mumble, zoom,Guayadeque, qemu, keypass2 -amarok, ark, atool, bleachbit, brasero, dolphin, dragon, elinks, enchant, exiftool, file-roller, gedit -gjs, gnome-books, gnome-clocks, gnome-documents, gnome-maps, gnome-music, gnome-photos, gnome-weather -goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nautilus, odt2txt, pdftotext -simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget - - +xiphos, Tor Browser Bundle, display (imagemagik), Wire, mumble, zoom, Guayadeque, qemu, keypass2, +amarok, ark, atool, bleachbit, brasero, dolphin, dragon, elinks, enchant, exiftool, file-roller, gedit, +gjs, gnome-books, gnome-clocks, gnome-documents, gnome-maps, gnome-music, gnome-photos, gnome-weather, +goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nautilus, odt2txt, pdftotext, +simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget, +xed, pluma diff --git a/RELNOTES b/RELNOTES index 3a7c398c2..c5872f676 100644 --- a/RELNOTES +++ b/RELNOTES @@ -10,7 +10,7 @@ firejail (0.9.45) baseline; urgency=low * feature: AppImage type 2 support * feature: test coverage (gcov) support * new profiles: xiphos, Tor Browser Bundle, display (imagemagik), Wire, - * new profiles: mumble, zoom, Guayadeque, qemu, keypass2 + * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma * bugfixes -- netblue30 Sun, 23 Oct 2016 08:00:00 -0500 diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index f4e66dc66..e2b7a4929 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -23,6 +23,8 @@ blacklist ${HOME}/.config/xviewer blacklist ${HOME}/.config/libreoffice blacklist ${HOME}/.config/pix blacklist ${HOME}/.config/mate/eom +blacklist ${HOME}/.config/xed +blacklist %{HOME}/.config/pluma blacklist ${HOME}/.kde/share/apps/okular blacklist ${HOME}/.kde/share/config/okularrc blacklist ${HOME}/.kde/share/config/okularpartrc diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 2c1164a43..5776f3889 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles @@ -148,6 +148,7 @@ /etc/firejail/pdftotext.profile /etc/firejail/pidgin.profile /etc/firejail/pix.profile +/etc/firejail/pluma.profile /etc/firejail/polari.profile /etc/firejail/psi-plus.profile /etc/firejail/qbittorrent.profile @@ -208,6 +209,7 @@ /etc/firejail/wine.profile /etc/firejail/wire.profile /etc/firejail/xchat.profile +/etc/firejail/xed.profile /etc/firejail/xfburn.profile /etc/firejail/xiphos.profile /etc/firejail/xpdf.profile diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index c6a2bad83..764e9e501 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -195,9 +195,11 @@ ranger keepass keepass2 keepassx +pluma ssh tracker xiphos +xed xpra # weather/climate -- cgit v1.2.3-70-g09d2