From dddd0e0e90723406c475b727203ea92792c6266c Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Thu, 21 Mar 2019 14:00:52 +0100
Subject: Add freemind.profile

---
 README.md                  |  2 +-
 RELNOTES                   |  2 +-
 etc/disable-programs.inc   |  1 +
 etc/freemind.profile       | 55 ++++++++++++++++++++++++++++++++++++++++++++++
 src/firecfg/firecfg.config |  1 +
 5 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 etc/freemind.profile

diff --git a/README.md b/README.md
index a0050d65f..b1fd80ca1 100644
--- a/README.md
+++ b/README.md
@@ -102,4 +102,4 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe
 ## Current development version: 0.9.59
 
 ## New profiles:
-crow, nyx, klavaro, mypaint, celluoid, nano, transgui, sysprof, simplescreenrecorder, geekbench, xfce4-mixer, pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring, regextester, hardinfo, gnome-system-log, gnome-nettool, netactview, redshift, devhelp, assogiate, subdownloader, font-manager, exfalso, gconf-editor, dconf-editor, mpdris2, sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings, code-oss, pragha, Maelstrom, ostrichriders, bzflag, freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles, teeworlds, torcs, tremulous, warsow, lugaru, manaplus, pioneer, scorched3d, widelands
+crow, nyx, klavaro, mypaint, celluoid, nano, transgui, sysprof, simplescreenrecorder, geekbench, xfce4-mixer, pavucontrol, d-feet, seahorse, secret-tool, gnome-keyring, regextester, hardinfo, gnome-system-log, gnome-nettool, netactview, redshift, devhelp, assogiate, subdownloader, font-manager, exfalso, gconf-editor, dconf-editor, mpdris2, sysprof-cli, seahorse-tool, secret-tool, dconf, gsettings, code-oss, pragha, Maelstrom, ostrichriders, bzflag, freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles, teeworlds, torcs, tremulous, warsow, lugaru, manaplus, pioneer, scorched3d, widelands, freemind
diff --git a/RELNOTES b/RELNOTES
index d9411d808..20e9ee3e0 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -9,7 +9,7 @@ firejail (0.9.59) baseline; urgency=low
   * new profiles: code-oss, pragha, Maelstrom, ostrichriders, bzflag
   * new profiles: freeciv, lincity-ng, megaglest, openttd, crawl, crawl-tiles
   * new profiles: teeworlds, torcs, tremulous, warsow, lugaru, manaplus
-  * new profiles: pioneer, scorched3d, widelands
+  * new profiles: pioneer, scorched3d, widelands, freemind
   * memory-deny-write-execute now also blocks memfd_create
   * drop support for flatpak/snap packages
 
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index faf8def79..7ff0ea08a 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -323,6 +323,7 @@ blacklist ${HOME}/.flowblade
 blacklist ${HOME}/.fltk
 blacklist ${HOME}/.fossamail
 blacklist ${HOME}/.freeciv
+blacklist ${HOME}/.freemind
 blacklist ${HOME}/.frozen-bubble
 blacklist ${HOME}/.gimp*
 blacklist ${HOME}/.git-credential-cache
diff --git a/etc/freemind.profile b/etc/freemind.profile
new file mode 100644
index 000000000..db1f623df
--- /dev/null
+++ b/etc/freemind.profile
@@ -0,0 +1,55 @@
+# Firejail profile for freemind
+# Description: Free mind mapping software
+# This file is overwritten after every install/update
+# Persistent local customizations
+include freemind.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${DOCUMENTS}
+noblacklist ${PATH}/java
+noblacklist /etc/java
+noblacklist /usr/lib/java
+noblacklist /usr/share/java
+noblacklist ${HOME}/.freemind
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-xdg.inc
+
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+machine-id
+netfilter
+no3d
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,inet,inet6
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin freemind,java,bash,sed,sh,grep,mkdir,echo,cp,uname,which,lsb_release,rpm,dpkg,dirname,readlink
+private-cache
+private-dev
+#private-etc alternatives,fonts,java
+private-tmp
+private-opt none
+private-srv none
+
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index 4a1bcb4e1..9cfb47337 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -186,6 +186,7 @@ freecadcmd
 freeciv
 freeciv-gtk3
 freeciv-mp-gtk3
+freemind
 freshclam
 frozen-bubble
 gajim
-- 
cgit v1.2.3-70-g09d2