From a4be3afda1116cdd03a0475b0fa4f2e49e458625 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 16 Dec 2016 13:06:33 -0500 Subject: profile updates --- README | 4 ++++ README.md | 3 ++- RELNOTES | 2 +- etc/disable-programs.inc | 1 + etc/qupzilla.txt | 22 ++++++++++++++++++++++ platform/debian/conffiles | 2 ++ 6 files changed, 32 insertions(+), 2 deletions(-) create mode 100644 etc/qupzilla.txt diff --git a/README b/README index d20503974..42a1f580a 100644 --- a/README +++ b/README @@ -97,6 +97,8 @@ valoq (https://github.com/valoq) - added skanlite, ssh-agent, transmission-cli, tracker, transmission-show, w3m, xfburn, xpra profiles - added wget profile - disable gnupg and systemd directories under /run/user +Jesse Smith (https://github.com/slicer69) + - added QupZilla profile Lari Rauno (https://github.com/tuutti) - qutebrowser profile fixes SpotComms (https://github.com/SpotComms) @@ -117,6 +119,8 @@ curiosity-seeker (https://github.com/curiosity-seeker) - cherrytree profile fixes - added quiterss profile - added guayadeque profile + - added VirtualBox.profile + - various other profile fixes Simon Peter (https://github.com/probonopd) - set $APPIMAGE and $APPDIR environment variables - AppImage version detection diff --git a/README.md b/README.md index df594a465..a8722f810 100644 --- a/README.md +++ b/README.md @@ -89,4 +89,5 @@ gjs, gnome-books, gnome-clocks, gnome-documents, gnome-maps, gnome-music, gnome- goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nautilus, odt2txt, pdftotext, simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget, xed, pluma, Cryptocat, Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5, -PDFSam, Pithos, Xonotic, wireshark, keepassx2 +PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla + diff --git a/RELNOTES b/RELNOTES index fbfd99093..7144b2bf3 100644 --- a/RELNOTES +++ b/RELNOTES @@ -18,7 +18,7 @@ firejail (0.9.45) baseline; urgency=low * new profiles: mumble, zoom, Guayadeque, qemu, keypass2, xed, pluma, * new profiles: Cryptocat, Bless, Gnome 2048, Gnome Calculator, * new profiles: Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, - * new profies: Xonotic, wireshark, keepassx2 + * new profies: Xonotic, wireshark, keepassx2, QupZilla * bugfixes -- netblue30 Sun, 23 Oct 2016 08:00:00 -0500 diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 279a65d6e..d2e391229 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -20,6 +20,7 @@ blacklist ${HOME}/.cache/INRIA blacklist ${HOME}/.cache/QuiteRss blacklist ${HOME}/.cache/champlain blacklist ${HOME}/.cache/chromium +blacklist ${HOME}/.cache/qupzilla blacklist ${HOME}/.cache/chromium-dev blacklist ${HOME}/.cache/darktable blacklist ${HOME}/.cache/epiphany diff --git a/etc/qupzilla.txt b/etc/qupzilla.txt new file mode 100644 index 000000000..387ddeffa --- /dev/null +++ b/etc/qupzilla.txt @@ -0,0 +1,22 @@ +# Firejail profile for Qupzilla web browser +noblacklist ${HOME}/.config/qupzilla +noblacklist ${HOME}/.cache/qupzilla +include /etc/firejail/disable-mgmt.inc +include /etc/firejail/disable-secret.inc +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-devel.inc +caps.drop all +seccomp +protocol unix,inet,inet6,netlink +netfilter +tracelog +noroot +whitelist ${DOWNLOADS} +whitelist ~/.config/qupzilla +whitelist ~/.cache/qupzilla +include /etc/firejail/whitelist-common.inc + +# experimental features +#private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse + + diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 57657f208..9afe42be8 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles @@ -238,3 +238,5 @@ /etc/firejail/xonotic-glx.profile /etc/firejail/xonotic-sdl.profile /etc/firejail/xonotic.profile +/etc/firejail/VirtualBox.profile +/etc/firejail/qupzilla.profile -- cgit v1.2.3-54-g00ecf