From ceb47b11d61a339dbfae6bb230044a45e0b2384d Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Sun, 23 Dec 2018 10:38:19 +0000
Subject: Fix gajim.profile

---
 etc/gajim.profile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/gajim.profile b/etc/gajim.profile
index b60437c6e..9c33f1c62 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -43,7 +43,7 @@ protocol unix,inet,inet6
 seccomp
 
 disable-mnt
-private-bin python,python3,sh,gpg,gpg2,gajim
+private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh
 private-dev
 private-etc alsa,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl
 private-tmp
-- 
cgit v1.2.3-70-g09d2


From 1bce575ff3177c8c4d39627361a4960ad9055078 Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Wed, 26 Dec 2018 13:01:51 +0000
Subject: Fix Gajim.profile

---
 etc/gajim.profile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/gajim.profile b/etc/gajim.profile
index 9c33f1c62..25342ea46 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -43,7 +43,7 @@ protocol unix,inet,inet6
 seccomp
 
 disable-mnt
-private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh
+private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh,paplay
 private-dev
 private-etc alsa,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl
 private-tmp
-- 
cgit v1.2.3-70-g09d2


From c7bfadc6f22847f46c73283d9973ba0fab693688 Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Thu, 27 Dec 2018 11:58:45 +0100
Subject: Add profile alias for gajim-history-manager

---
 etc/gajim-history-manager.profile | 5 +++++
 etc/gajim.profile                 | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 etc/gajim-history-manager.profile

(limited to 'etc')

diff --git a/etc/gajim-history-manager.profile b/etc/gajim-history-manager.profile
new file mode 100644
index 000000000..2ae6dd9d8
--- /dev/null
+++ b/etc/gajim-history-manager.profile
@@ -0,0 +1,5 @@
+# Firejail profile alias for gajim-history-manager
+# This file is overwritten after every install/update
+
+# Redirect
+include gajim.profile
diff --git a/etc/gajim.profile b/etc/gajim.profile
index 25342ea46..32a759fab 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -43,7 +43,7 @@ protocol unix,inet,inet6
 seccomp
 
 disable-mnt
-private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh,paplay
+private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh,paplay,gajim-history-manager
 private-dev
 private-etc alsa,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl
 private-tmp
-- 
cgit v1.2.3-70-g09d2


From 94f9f30c4b4ff66e20a83f454735ec00e8d7748f Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Thu, 27 Dec 2018 15:02:04 +0100
Subject: Some additional hardening for gajim

---
 etc/gajim.profile | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'etc')

diff --git a/etc/gajim.profile b/etc/gajim.profile
index 32a759fab..7ab9d073d 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -41,9 +41,15 @@ notv
 nou2f
 protocol unix,inet,inet6
 seccomp
+tracelog
+shell none
 
 disable-mnt
 private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh,paplay,gajim-history-manager
+private-cache
 private-dev
 private-etc alsa,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl
 private-tmp
+
+noexec ${HOME}
+noexec /tmp
-- 
cgit v1.2.3-70-g09d2


From b778ea5f41f3f9ca6ae863defab22331b9c82767 Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+GitHub@protonmail.com>
Date: Thu, 27 Dec 2018 17:20:07 +0000
Subject: Update gajim.profile

---
 etc/gajim.profile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/gajim.profile b/etc/gajim.profile
index 7ab9d073d..8b969d8a2 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -41,8 +41,8 @@ notv
 nou2f
 protocol unix,inet,inet6
 seccomp
-tracelog
 shell none
+tracelog
 
 disable-mnt
 private-bin python,python3,sh,gpg,gpg2,gajim,bash,zsh,paplay,gajim-history-manager
-- 
cgit v1.2.3-70-g09d2