From 07b7fa8f08ee45fb5b1b02e24f1832870a48481d Mon Sep 17 00:00:00 2001
From: SYN-cook <syncookongit@gmail.com>
Date: Fri, 17 Mar 2017 15:26:12 +0100
Subject: profile for scribus

---
 etc/scribus.profile | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 etc/scribus.profile

(limited to 'etc')

diff --git a/etc/scribus.profile b/etc/scribus.profile
new file mode 100644
index 000000000..aba432409
--- /dev/null
+++ b/etc/scribus.profile
@@ -0,0 +1,24 @@
+# This file is overwritten during software install.
+# Persistent customizations should go in a .local file.
+include /etc/firejail/scribus.local
+
+# Firejail profile for Scribus
+noblacklist ~/.scribus
+noblacklist ~/.config/scribus
+noblacklist ~/.local/share/scribus
+noblacklist ~/.gimp*
+
+include /etc/firejail/disable-common.inc
+include /etc/firejail/disable-programs.inc
+include /etc/firejail/disable-devel.inc
+include /etc/firejail/disable-passwdmgr.inc
+
+caps.drop all
+nonewprivs
+noroot
+protocol unix
+seccomp
+tracelog
+
+private-dev
+#private-tmp
-- 
cgit v1.2.3-70-g09d2


From 32f8e1bdfabfa1bf50ebb96c5df6e1430a2c7b86 Mon Sep 17 00:00:00 2001
From: SYN-cook <syncookongit@gmail.com>
Date: Fri, 17 Mar 2017 15:32:44 +0100
Subject: update comment in disable-devel.inc (scribus)

---
 etc/disable-devel.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'etc')

diff --git a/etc/disable-devel.inc b/etc/disable-devel.inc
index 24c739b5b..492cf4906 100644
--- a/etc/disable-devel.inc
+++ b/etc/disable-devel.inc
@@ -51,7 +51,7 @@ blacklist /usr/lib/php*
 blacklist /usr/bin/ruby
 blacklist /usr/lib/ruby
 
-# Programs using python: deluge, firefox addons, filezilla, cherrytree, xchat, hexchat, libreoffice
+# Programs using python: deluge, firefox addons, filezilla, cherrytree, xchat, hexchat, libreoffice, scribus
 # Python 2
 #blacklist /usr/bin/python2*
 #blacklist /usr/lib/python2*
-- 
cgit v1.2.3-70-g09d2


From 81eb9762b1232a60715b2ed6caacdcbe221adefd Mon Sep 17 00:00:00 2001
From: SYN-cook <syncookongit@gmail.com>
Date: Fri, 17 Mar 2017 15:47:45 +0100
Subject: update scribus blacklist

default folder locations have changed from scribus 1.4 to 1.5
---
 etc/disable-programs.inc | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'etc')

diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index c59285e85..00473de95 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -132,6 +132,7 @@ blacklist ${HOME}/.config/qpdfview
 blacklist ${HOME}/.config/qutebrowser
 blacklist ${HOME}/.config/ranger
 blacklist ${HOME}/.config/redshift.conf
+blacklist ${HOME}/.config/scribus
 blacklist ${HOME}/.config/skypeforlinux
 blacklist ${HOME}/.config/slimjet
 blacklist ${HOME}/.config/spotify
@@ -195,6 +196,8 @@ blacklist ${HOME}/.kde/share/config/konquerorrc
 blacklist ${HOME}/.kde/share/config/okularpartrc
 blacklist ${HOME}/.kde/share/config/okularrc
 blacklist ${HOME}/.killingfloor
+blacklist ${HOME}/.kino-history
+blacklist ${HOME}/.kinorc
 blacklist ${HOME}/.linphone-history.db
 blacklist ${HOME}/.linphonerc
 blacklist ${HOME}/.lmmsrc.xml
@@ -229,6 +232,7 @@ blacklist ${HOME}/.local/share/mupen64plus
 blacklist ${HOME}/.local/share/pix
 blacklist ${HOME}/.local/share/psi+
 blacklist ${HOME}/.local/share/qpdfview
+blacklist ${HOME}/.local/share/scribus
 blacklist ${HOME}/.local/share/spotify
 blacklist ${HOME}/.local/share/steam
 blacklist ${HOME}/.local/share/telepathy
@@ -285,5 +289,3 @@ blacklist ${HOME}/.xpdfrc
 blacklist ${HOME}/.zoom
 blacklist ${HOME}/wallet.dat
 blacklist /tmp/ssh-*
-blacklist ${HOME}/.kinorc
-blacklist ${HOME}/.kino-history
-- 
cgit v1.2.3-70-g09d2


From d05b6247f6074777bc7e0be77caf21399679515d Mon Sep 17 00:00:00 2001
From: SYN-cook <syncookongit@gmail.com>
Date: Sat, 18 Mar 2017 19:37:07 +0100
Subject: harden scribus (nosound)

---
 etc/scribus.profile | 1 +
 1 file changed, 1 insertion(+)

(limited to 'etc')

diff --git a/etc/scribus.profile b/etc/scribus.profile
index aba432409..da2076286 100644
--- a/etc/scribus.profile
+++ b/etc/scribus.profile
@@ -16,6 +16,7 @@ include /etc/firejail/disable-passwdmgr.inc
 caps.drop all
 nonewprivs
 noroot
+nosound
 protocol unix
 seccomp
 tracelog
-- 
cgit v1.2.3-70-g09d2