From 6829fe6a12e27ede48daa2f4c7755036e4340a94 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Sun, 30 Oct 2022 17:32:30 +0100 Subject: Fix #5392 -- Evince doesn't remember settings --- etc/profile-a-l/evince.profile | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'etc') diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index 21bf7eabf..ddddeae34 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile @@ -6,9 +6,9 @@ include evince.local # Persistent global definitions include globals.local -# WARNING: using bookmarks possibly exposes information, including file history from other programs. -# Add the next line to your evince.local if you need bookmarks support. This also needs additional dbus-user filtering (see below). -#noblacklist ${HOME}/.local/share/gvfs-metadata +# WARNING: This exposes information like file history from other programs. +# You can add a blacklist for it in your evince.local for additional hardening if you can life with some restrictions. +noblacklist ${HOME}/.local/share/gvfs-metadata noblacklist ${HOME}/.config/evince noblacklist ${DOCUMENTS} @@ -59,9 +59,8 @@ private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd private-lib evince,gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,gconv,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libarchive.so.*,libdjvulibre.so.*,libgconf-2.so.*,libgraphite2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,libspectre.so.* private-tmp -# dbus-user filtering might break two-page-view on some systems dbus-user filter -# Add the next two lines to your evince.local if you need bookmarks support. -#dbus-user.talk org.gtk.vfs.Daemon -#dbus-user.talk org.gtk.vfs.Metadata +dbus-user.talk ca.desrt.dconf +dbus-user.talk org.gtk.vfs.Daemon +dbus-user.talk org.gtk.vfs.Metadata dbus-system none -- cgit v1.2.3-54-g00ecf From adc10aacadc07c5b6ecacc182230a347fe71b8e3 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Sun, 30 Oct 2022 17:41:11 +0100 Subject: Fix #4604 -- Brave browser takes a long time opening under Firejail --- etc/profile-a-l/brave.profile | 2 ++ 1 file changed, 2 insertions(+) (limited to 'etc') diff --git a/etc/profile-a-l/brave.profile b/etc/profile-a-l/brave.profile index 09548c761..071a279b0 100644 --- a/etc/profile-a-l/brave.profile +++ b/etc/profile-a-l/brave.profile @@ -13,6 +13,8 @@ ignore noexec /tmp # you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default. # Alternatively you can add 'ignore apparmor' to your brave.local. ignore noexec ${HOME} +# Causes slow starts (#4604) +ignore private-cache noblacklist ${HOME}/.cache/BraveSoftware noblacklist ${HOME}/.config/BraveSoftware -- cgit v1.2.3-54-g00ecf From 242bb5b8fbe67123a552dd8387f67c19a35b52bf Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Sun, 30 Oct 2022 17:53:43 +0100 Subject: Fix #5311 -- Whalebird-4.6.2 does not work with the default whalebird.profile --- etc/profile-m-z/whalebird.profile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'etc') diff --git a/etc/profile-m-z/whalebird.profile b/etc/profile-m-z/whalebird.profile index 92ebebdae..8a9614fb0 100644 --- a/etc/profile-m-z/whalebird.profile +++ b/etc/profile-m-z/whalebird.profile @@ -10,6 +10,7 @@ include globals.local ignore include whitelist-runuser-common.inc ignore include whitelist-usr-share-common.inc +ignore apparmor ignore dbus-user none ignore dbus-system none @@ -21,7 +22,7 @@ whitelist ${HOME}/.config/Whalebird no3d private-bin electron,electron[0-9],electron[0-9][0-9],whalebird -private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id +private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl # Redirect include electron.profile -- cgit v1.2.3-54-g00ecf From 4c08719b9fc58e5413fe2648d46c11e6c33036e9 Mon Sep 17 00:00:00 2001 From: rusty-snake <41237666+rusty-snake@users.noreply.github.com> Date: Sun, 30 Oct 2022 17:37:43 +0000 Subject: Update etc/profile-a-l/evince.profile --- etc/profile-a-l/evince.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'etc') diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index ddddeae34..eec9f86db 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile @@ -7,7 +7,7 @@ include evince.local include globals.local # WARNING: This exposes information like file history from other programs. -# You can add a blacklist for it in your evince.local for additional hardening if you can life with some restrictions. +# You can add a blacklist for it in your evince.local for additional hardening if you can live with some restrictions. noblacklist ${HOME}/.local/share/gvfs-metadata noblacklist ${HOME}/.config/evince -- cgit v1.2.3-54-g00ecf