From e08c80d0a9fbf3def45c5957a7048d597de6e966 Mon Sep 17 00:00:00 2001 From: Fred Barclay Date: Fri, 14 Apr 2017 11:20:08 -0500 Subject: Added nylas profile (see #1215) --- README | 2 ++ README.md | 3 ++- RELNOTES | 2 +- etc/disable-programs.inc | 2 ++ etc/nylas.profile | 29 +++++++++++++++++++++++++++++ platform/debian/conffiles | 1 + src/firecfg/firecfg.config | 1 + 7 files changed, 38 insertions(+), 2 deletions(-) create mode 100644 etc/nylas.profile diff --git a/README b/README index 81e4dae4b..84f600ba1 100644 --- a/README +++ b/README @@ -274,6 +274,8 @@ Mike Frysinger (vapier@gentoo.org) - Gentoo compile patch mjudtmann (https://github.com/mjudtmann) - lock firejail configuration in disable-mgmt.inc +mustaqimM (https://github.com/mustaqimM) + - added profile for Nylas Mail n1trux (https://github.com/n1trux) - fix flashpeak-slimjet profile typos netblue30 (netblue30@yahoo.com) diff --git a/README.md b/README.md index a5ae5b793..2dcdcc0cb 100644 --- a/README.md +++ b/README.md @@ -195,4 +195,5 @@ goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nau simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget, xed, pluma, Cryptocat, Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5, PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla, FossaMail, Uzbl browser, xmms, iridium browser, -Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file +Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file, +Nylas diff --git a/RELNOTES b/RELNOTES index a82cf7212..a3571b630 100644 --- a/RELNOTES +++ b/RELNOTES @@ -36,7 +36,7 @@ firejail (0.9.46-rc1) baseline; urgency=low * new profiles: Xonotic, wireshark, keepassx2, QupZilla, FossaMail, * new profiles: Uzbl browser, iridium browser, Thunar, Geeqie, Engrampa, * new profiles: Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, - * new profiles: baloo_file + * new profiles: baloo_file, Nylas * bugfixes -- netblue30 Fri, 7 Apr 2017 08:00:00 -0500 diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7939fd520..1d5380b42 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -33,6 +33,7 @@ blacklist ${HOME}/.config/Luminance blacklist ${HOME}/.config/Meltytech blacklist ${HOME}/.config/Mousepad blacklist ${HOME}/.config/Mumble +blacklist ${HOME}/.config/Nylas Mail blacklist ${HOME}/.config/QuiteRss blacklist ${HOME}/.config/QuiteRssrc blacklist ${HOME}/.config/Slack @@ -260,6 +261,7 @@ blacklist ${HOME}/.mutt blacklist ${HOME}/.mutt/muttrc blacklist ${HOME}/.muttrc blacklist ${HOME}/.nv +blacklist $(HOME)/.nylas-mail blacklist ${HOME}/.openshot blacklist ${HOME}/.openshot_qt blacklist ${HOME}/.opera diff --git a/etc/nylas.profile b/etc/nylas.profile new file mode 100644 index 000000000..21c48c95c --- /dev/null +++ b/etc/nylas.profile @@ -0,0 +1,29 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include /etc/firejail/nylas.local + +# Firejail profile for Nylas Mail +noblacklist ~/.config/Nylas Mail +noblacklist ~/.nylas-mail + +include /etc/firejail/disable-common.inc +include /etc/firejail/disable-programs.inc +include /etc/firejail/disable-devel.inc +include /etc/firejail/disable-passwdmgr.inc + +whitelist ~/.config/Nylas Mail +whitelist ~/.nylas-mail +whitelist ${DOWNLOADS} +include /etc/firejail/whitelist-common.inc + +caps.drop all +netfilter +nogroups +nonewprivs +noroot +nosound +protocol unix,inet,inet6,netlink +seccomp +shell none + +private-dev diff --git a/platform/debian/conffiles b/platform/debian/conffiles index 434cd9d0a..84557cd1f 100644 --- a/platform/debian/conffiles +++ b/platform/debian/conffiles @@ -145,6 +145,7 @@ /etc/firejail/nautilus.profile /etc/firejail/netsurf.profile /etc/firejail/nolocal.net +/etc/firejail/nylas.profile /etc/firejail/odt2txt.profile /etc/firejail/okular.profile /etc/firejail/openbox.profile diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index af10039e4..826de6260 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -42,6 +42,7 @@ kmail midori mutt netsurf +nylas opera-beta opera palemoon -- cgit v1.2.3-54-g00ecf