From ba85fa81088a0b468f3fb98d96b535f8d07989c8 Mon Sep 17 00:00:00 2001 From: SYN-cook Date: Fri, 31 Mar 2017 16:24:38 +0200 Subject: tidy up (#1182) * minor reorganization * tidy up * tidy up * tidy up * tidy up * tidy up * tidy up --- etc/abrowser.profile | 1 - etc/cyberfox.profile | 1 - etc/disable-common.inc | 11 +++++++---- etc/firefox.profile | 1 - etc/icecat.profile | 1 - etc/midori.profile | 1 - etc/seamonkey.profile | 1 - 7 files changed, 7 insertions(+), 10 deletions(-) (limited to 'etc') diff --git a/etc/abrowser.profile b/etc/abrowser.profile index b9a30d6bf..e53796fa2 100644 --- a/etc/abrowser.profile +++ b/etc/abrowser.profile @@ -6,7 +6,6 @@ include /etc/firejail/abrowser.local noblacklist ~/.mozilla noblacklist ~/.cache/mozilla noblacklist ~/.pki -noblacklist ~/.lastpass include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/cyberfox.profile b/etc/cyberfox.profile index a79303f77..c51c2f4f9 100644 --- a/etc/cyberfox.profile +++ b/etc/cyberfox.profile @@ -6,7 +6,6 @@ include /etc/firejail/cyberfox.local noblacklist ~/.8pecxstudios noblacklist ~/.cache/8pecxstudios noblacklist ~/.pki -noblacklist ~/.lastpass include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 0ada3314f..451203865 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc @@ -6,11 +6,8 @@ include /etc/firejail/disable-common.local blacklist-nolog ${HOME}/.history blacklist-nolog ${HOME}/.*_history blacklist-nolog ${HOME}/.bash_history -blacklist ${HOME}/.local/share/systemd -blacklist ${HOME}/.config/systemd blacklist-nolog ${HOME}/.adobe blacklist-nolog ${HOME}/.macromedia -read-only ${HOME}/.local/share/applications # X11 session autostart blacklist ${HOME}/.xinitrc @@ -74,6 +71,10 @@ blacklist ${HOME}/.local/share/kservices5 blacklist ${HOME}/.local/share/plasma blacklist ${HOME}/.local/share/solid +# systemd +blacklist ${HOME}/.local/share/systemd +blacklist ${HOME}/.config/systemd + # VirtualBox blacklist ${HOME}/.VirtualBox blacklist ${HOME}/VirtualBox VMs @@ -177,9 +178,11 @@ read-only ${HOME}/.luarocks read-only ${HOME}/.npm-packages # Make the contents of ~/.local read-only, -# except the commonly-used ~/.local/share +# except the commonly-used ~/.local/share, +# but including ~/.local/share/applications read-only ${HOME}/.local read-write ${HOME}/.local/share +read-only ${HOME}/.local/share/applications # top secret blacklist ${HOME}/.ecryptfs diff --git a/etc/firefox.profile b/etc/firefox.profile index 5f852d4c0..bd9d37560 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile @@ -10,7 +10,6 @@ noblacklist ~/.local/share/qpdfview noblacklist ~/.kde4/share/apps/okular noblacklist ~/.kde/share/apps/okular noblacklist ~/.pki -noblacklist ~/.lastpass include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/icecat.profile b/etc/icecat.profile index 64401efe8..0611f5259 100644 --- a/etc/icecat.profile +++ b/etc/icecat.profile @@ -6,7 +6,6 @@ include /etc/firejail/icecat.local noblacklist ~/.mozilla noblacklist ~/.cache/mozilla noblacklist ~/.pki -noblacklist ~/.lastpass include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/midori.profile b/etc/midori.profile index a0bcb808c..aef61fa9f 100644 --- a/etc/midori.profile +++ b/etc/midori.profile @@ -8,7 +8,6 @@ noblacklist ~/.local/share/midori noblacklist ~/.local/share/webkit noblacklist ~/.local/share/webkitgtk noblacklist ~/.pki -noblacklist ~/.lastpass include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile index df1910469..afac0ff88 100644 --- a/etc/seamonkey.profile +++ b/etc/seamonkey.profile @@ -6,7 +6,6 @@ include /etc/firejail/seamonkey.local noblacklist ~/.mozilla noblacklist ~/.cache/mozilla noblacklist ~/.pki -noblacklist ~/.lastpass include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc -- cgit v1.2.3-54-g00ecf