From ed74dadd85faae9f74c05ae1caf50b3c642ea3b1 Mon Sep 17 00:00:00 2001
From: Fred-Barclay <Fred-Barclay@users.noreply.github.com>
Date: Fri, 2 Nov 2018 18:00:55 -0500
Subject: Add Mendeley profile

---
 README.md                   |  2 +-
 RELNOTES                    |  2 +-
 etc/disable-programs.inc    |  4 ++++
 etc/mendeleydesktop.profile | 52 +++++++++++++++++++++++++++++++++++++++++++++
 src/firecfg/firecfg.config  |  1 +
 5 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 etc/mendeleydesktop.profile

diff --git a/README.md b/README.md
index b560b9b1b..aef9d265d 100644
--- a/README.md
+++ b/README.md
@@ -149,4 +149,4 @@ QMediathekView, aria2c, Authenticator, checkbashisms, devilspie, devilspie2, eas
 bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat, lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep,
 lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat, xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore,
 lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh, nirtoshare-send, nitroshare-ui, mencoder, gnome-pie,
-masterpdfeditor, QOwnNotes,aisleriot
+masterpdfeditor, QOwnNotes, aisleriot, Mendeley
diff --git a/RELNOTES b/RELNOTES
index ee5a24e86..8aa80ddf3 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -10,7 +10,7 @@ firejail (0.9.56.1) baseline; urgency=low
   * new profiles: xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore
   * new profiles: lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh
   * new profiles: nirtoshare-send, nitroshare-ui, mencoder, gnome-pie
-  * new profiles: masterpdfeditor, QOwnNotes, aisleriot
+  * new profiles: masterpdfeditor, QOwnNotes, aisleriot, Mendeley
  -- netblue30 <netblue30@yahoo.com>  Thu, 11 Oct 2018 08:00:00 -0500
 
 firejail (0.9.56) baseline; urgency=low
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index edf3c7be5..531edcc89 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -68,6 +68,7 @@ blacklist ${HOME}/.config/INRIA
 blacklist ${HOME}/.config/InSilmaril
 blacklist ${HOME}/.config/Luminance
 blacklist ${HOME}/.config/Meltytech
+blacklist ${HOME}/.config/Mendeley Ltd.
 blacklist ${HOME}/.config/Min
 blacklist ${HOME}/.config/Mousepad
 blacklist ${HOME}/.config/Mumble
@@ -374,6 +375,7 @@ blacklist ${HOME}/.local/share/0ad
 blacklist ${HOME}/.local/share/3909/PapersPlease
 blacklist ${HOME}/.local/share/Empathy
 blacklist ${HOME}/.local/share/JetBrains
+blacklist ${HOME}/.local/share/Mendeley Ltd.
 blacklist ${HOME}/.local/share/Mumble
 blacklist ${HOME}/.local/share/PBE
 blacklist ${HOME}/.local/share/QMediathekView
@@ -393,6 +395,7 @@ blacklist ${HOME}/.local/share/caja-python
 blacklist ${HOME}/.local/share/cdprojektred
 blacklist ${HOME}/.local/share/clipit
 blacklist ${HOME}/.local/share/contacts
+blacklist ${HOME}/.local/share/data/Mendeley Ltd.
 blacklist ${HOME}/.local/share/data/Mumble
 blacklist ${HOME}/.local/share/data/MusE
 blacklist ${HOME}/.local/share/data/MuseScore
@@ -588,6 +591,7 @@ blacklist ${HOME}/.cache/ksplashqml
 blacklist ${HOME}/.cache/kwin
 blacklist ${HOME}/.cache/libgweather
 blacklist ${HOME}/.cache/liferea
+blacklist ${HOME}/.cache/Mendeley Ltd.
 blacklist ${HOME}/.cache/midori
 blacklist ${HOME}/.cache/moonchild productions/basilisk
 blacklist ${HOME}/.cache/moonchild productions/pale moon
diff --git a/etc/mendeleydesktop.profile b/etc/mendeleydesktop.profile
new file mode 100644
index 000000000..280baebdc
--- /dev/null
+++ b/etc/mendeleydesktop.profile
@@ -0,0 +1,52 @@
+# Firejail profile for Mendeley
+# Description: Academic software for managing and sharing research papers.
+# This file is overwritten after every install/update
+# Persistent local customizations
+include mendeleydesktop.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${DOCUMENTS}
+noblacklist ${DOWNLOADS}
+noblacklist ${HOME}/.cache/Mendeley Ltd.
+noblacklist ${HOME}/.config/Mendeley Ltd.
+noblacklist ${HOME}/.local/share/Mendeley Ltd.
+noblacklist ${HOME}/.local/share/data/Mendeley Ltd.
+noblacklist ${HOME}/.pki/nssdb
+
+# Allow python (blacklisted by disable-interpreters.inc)
+noblacklist ${PATH}/python2*
+noblacklist ${PATH}/python3*
+noblacklist /usr/lib/python2*
+noblacklist /usr/lib/python3*
+
+include disable-common.inc
+include disable-devel.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+
+include whitelist-var-common.inc
+
+caps.drop all
+netfilter
+nodbus
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+novideo
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin mendeleydesktop,python*,env,gconftool-2,which,sh,ln,cat,update-desktop-database
+private-dev
+private-tmp
+
+noexec ${HOME}
+noexec /tmp
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index a16eb910b..e7a24b354 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -283,6 +283,7 @@ mcabber
 mediainfo
 mediathekview
 meld
+mendeleydesktop
 midori
 min
 minetest
-- 
cgit v1.2.3-70-g09d2