blob: f655f0efec284a3bd941decfb506a5122c26041c (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# Persistent global definitions go here
include /etc/firejail/globals.local
# This file is overwritten during software install.
# Persistent customizations should go in a .local file.
include /etc/firejail/geary.local
# Firejail profile for Gnome Geary
# Users have Geary set to open a browser by clicking a link in an email
# We are not allowed to blacklist browser-specific directories
noblacklist ~/.gnupg
mkdir ~/.gnupg
whitelist ~/.gnupg
noblacklist ~/.local/share/geary
mkdir ~/.local/share/geary
whitelist ~/.local/share/geary
whitelist ~/.config/mimeapps.list
read-only ~/.config/mimeapps.list
whitelist ~/.local/share/applications
read-only ~/.local/share/applications
# allow browsers
ignore private-tmp
include /etc/firejail/firefox.profile
#include /etc/firejail/chromium.profile - chromium runs as suid!
|
