new profiles

2026-05-21 06:45:29 -06:00 · 2020-06-25 15:06:02 +02:00 · 2020-06-25 15:06:02 +02:00 · 37e4d74dff
commit 37e4d74dff
parent 1a47e5b9a5
9 changed files with 241 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -196,4 +196,4 @@ gnome-screenshot, ripperX, sound-juicer, iagno, com.github.dahenson.agenda, gnom
 penguin-command, x2goclient, frogatto, gnome-mines, gnome-nibbles, lightsoff, ts3client_runscript.sh, warmux, ferdi, abiword,
 four-in-a-row, gnome-mahjongg, gnome-robots, gnome-sudoku, gnome-taquin, gnome-tetravex, blobwars, gravity-beams-and-evaporating-stars,
 hyperrogue, jumpnbump-menu, jumpnbump, magicor, mindless, mirrormagic, mrrescue, scorched3d-wrapper, scorchwentbonkers,
-seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry
+seahorse-adventures, wordwarvi, xbill, gnome-klotski, five-or-more, swell-foop, fdns, jitsi-meet-desktop, nicontine, steam-runtime, apostrophe, quadrapassel, dino-im, strawberry, hitori, bijiben, gnote, gnubik, ZeGrapher
--- a/1
+++ b/1
@ -36,6 +36,7 @@ firejail (0.9.63) baseline; urgency=low
  * new profiles: seahorse-adventures, wordwarvi, xbill, gnome-klotski
  * new profiles: swell-foop, fdns, five-or-more, steam-runtime, jitsi-meet-desktop
  * new profiles: nicotine, plv, mocp, apostrophe, quadrapassel, dino-im, strawberry
+  * new profiles: hitori, bijiben, gnote, gnubik, ZeGrapher
 -- netblue30 <netblue30@yahoo.com>  Tue, 21 Apr 2020 08:00:00 -0500

 firejail (0.9.62) baseline; urgency=low
--- a/etc/inc/disable-programs.inc
+++ b/etc/inc/disable-programs.inc
@ -129,6 +129,7 @@ blacklist ${HOME}/.config/Unknown Organization
 blacklist ${HOME}/.config/VirtualBox
 blacklist ${HOME}/.config/Wire
 blacklist ${HOME}/.config/Zeal
+blacklist ${HOME}/.config/ZeGrapher Project
 blacklist ${HOME}/.config/abiword
 blacklist ${HOME}/.config/agenda
 blacklist ${HOME}/.config/akonadi*
@ -223,6 +224,7 @@ blacklist ${HOME}/.config/gnome-mplayer
 blacklist ${HOME}/.config/gnome-mpv
 blacklist ${HOME}/.config/gnome-pie
 blacklist ${HOME}/.config/gnome-session
+blacklist ${HOME}/.config/gnote
 blacklist ${HOME}/.config/godot
 blacklist ${HOME}/.config/google-chrome
 blacklist ${HOME}/.config/google-chrome-beta
@ -345,6 +347,7 @@ blacklist ${HOME}/.config/strawberry
 blacklist ${HOME}/.config/supertuxkart
 blacklist ${HOME}/.config/synfig
 blacklist ${HOME}/.config/teams
+blacklist ${HOME}/.config/teams-for-linux
 blacklist ${HOME}/.config/telepathy-account-widgets
 blacklist ${HOME}/.config/torbrowser
 blacklist ${HOME}/.config/totem
@ -544,6 +547,7 @@ blacklist ${HOME}/.local/share/backintime
 blacklist ${HOME}/.local/share/baloo
 blacklist ${HOME}/.local/share/barrier
 blacklist ${HOME}/.local/share/bibletime
+blacklist ${HOME}/.local/share/bijiben
 blacklist ${HOME}/.local/share/caja-python
 blacklist ${HOME}/.local/share/cantata
 blacklist ${HOME}/.local/share/cdprojektred
@ -586,6 +590,7 @@ blacklist ${HOME}/.local/share/gnome-recipes
 blacklist ${HOME}/.local/share/gnome-ring
 blacklist ${HOME}/.local/share/gnome-sudoku
 blacklist ${HOME}/.local/share/gnome-twitch
+blacklist ${HOME}/.local/share/gnote
 blacklist ${HOME}/.local/share/godot
 blacklist ${HOME}/.local/share/gradio
 blacklist ${HOME}/.local/share/gwenview
@ -734,7 +739,6 @@ blacklist ${HOME}/.swb.ini
 blacklist ${HOME}/.sword
 blacklist ${HOME}/.sylpheed-2.0
 blacklist ${HOME}/.synfig
-blacklist ${HOME}/.config/teams-for-linux
 blacklist ${HOME}/.tb
 blacklist ${HOME}/.tconn
 blacklist ${HOME}/.teeworlds
--- a/etc/profile-a-l/bijiben.profile
+++ b/etc/profile-a-l/bijiben.profile
@ -0,0 +1,58 @@
+# Firejail profile for bijiben
+# Description: Simple Note Viewer
+# This file is overwritten after every install/update
+# Persistent local customizations
+include bijiben.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.local/share/bijiben
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.local/share/bijiben
+whitelist ${HOME}/.local/share/bijiben
+whitelist ${HOME}/.cache/tracker
+whitelist /usr/share/bijiben
+whitelist /usr/share/tracker
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+machine-id
+net none
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin bijiben
+# private-cache -- access to .cache/tracker is required
+private-dev
+private-etc dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload
+private-tmp
+
+dbus-user filter
+dbus-user.own org.gnome.Notes
+dbus-user.talk ca.desrt.dconf
+dbus-user.talk org.freedesktop.Tracker1
+dbus-system none
--- a/etc/profile-a-l/gnote.profile
+++ b/etc/profile-a-l/gnote.profile
@ -0,0 +1,59 @@
+# Firejail profile for gnote
+# Description: A simple note-taking application for Gnome
+# This file is overwritten after every install/update
+# Persistent local customizations
+include gnote.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.config/gnote
+noblacklist ${HOME}/.local/share/gnote
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.config/gnote
+mkdir ${HOME}/.local/share/gnote
+whitelist ${HOME}/.config/gnote
+whitelist ${HOME}/.local/share/gnote
+whitelist /usr/share/gnote
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+machine-id
+net none
+no3d
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin gnote
+private-cache
+private-dev
+private-etc dconf,fonts,gtk-3.0,pango,X11
+private-tmp
+
+dbus-user filter
+dbus-user.own org.gnome.Gnote
+dbus-user.talk ca.desrt.dconf
+dbus-system none
--- a/etc/profile-a-l/gnubik.profile
+++ b/etc/profile-a-l/gnubik.profile
@ -0,0 +1,50 @@
+# Firejail profile for gnubik
+# Description: DESCRIPTION
+# This file is overwritten after every install/update
+# Persistent local customizations
+include gnubik.local
+# Persistent global definitions
+include globals.local
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+whitelist /usr/share/gnubik
+include whitelist-common.inc
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+machine-id
+net none
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private
+private-bin gnubik
+private-cache
+private-dev
+private-etc drirc,fonts,gtk-2.0
+private-tmp
+
+dbus-user none
+dbus-system none
--- a/etc/profile-a-l/hitori.profile
+++ b/etc/profile-a-l/hitori.profile
@ -0,0 +1,14 @@
+# Firejail profile for hitori
+# Description: Play the Hitori puzzle game
+# This file is overwritten after every install/update
+# Persistent local customizations
+include hitori.local
+# Persistent global definitions
+include globals.local
+
+private-bin hitori
+
+dbus-user.own org.gnome.Hitori
+
+# Redirect
+include gnome_games-common.profile
--- a/etc/profile-m-z/ZeGrapher.profile
+++ b/etc/profile-m-z/ZeGrapher.profile
@ -0,0 +1,48 @@
+# Firejail profile for ZeGrapher
+# Description: Free and opensource math graphing software
+# This file is overwritten after every install/update
+# Persistent local customizations
+include ZeGrapher.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.config/ZeGrapher Project
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+
+whitelist /usr/share/ZeGrapher
+include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+machine-id
+net none
+nodvd
+nogroups
+nonewprivs
+noroot
+nosound
+notv
+nou2f
+novideo
+protocol unix,netlink
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin ZeGrapher
+private-cache
+private-dev
+private-tmp
+
+dbus-user none
+dbus-system none
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@ -29,6 +29,7 @@ Viber
 VirtualBox
 XMind
 Xephyr
+ZeGrapher
 abiword
 abrowser
 akonadi_control
@ -74,6 +75,7 @@ barrier
 basilisk
 beaker
 bibletime
+bijiben
 bitcoin-qt
 bitlbee
 bitwarden
@ -300,6 +302,8 @@ gnome-tetravex
 gnome-todo
 gnome-twitch
 gnome-weather
+gnote
+gnubik
 godot
 goobox
 google-chrome
@ -326,6 +330,7 @@ hashcat
 hedgewars
 hexchat
 highlight
+hitori
 host
 hugin
 hyperrogue