diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index a33b91c9e..fa1700ac1 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc @@ -30,6 +30,7 @@ blacklist-nolog ${HOME}/.mutthistory blacklist-nolog ${HOME}/.python-history blacklist-nolog ${HOME}/.pythonhist blacklist-nolog ${HOME}/.viminfo +blacklist-nolog ${HOME}/.ne blacklist-nolog /tmp/clipmenu* # X11 session autostart diff --git a/etc/profile-m-z/ne.profile b/etc/profile-m-z/ne.profile new file mode 100644 index 000000000..d63299bb8 --- /dev/null +++ b/etc/profile-m-z/ne.profile @@ -0,0 +1,34 @@ +# Firejail profile for vim +# Description: ne text editor +# This file is overwritten after every install/update +# Persistent local customizations +include vim.local +# Persistent global definitions +include globals.local + +noblacklist ${HOME}/.ne + +# Allows files commonly used by IDEs +include allow-common-devel.inc + +include disable-common.inc +include disable-programs.inc + +include whitelist-runuser-common.inc + +caps.drop all +netfilter +nodvd +nogroups +noinput +nonewprivs +noroot +notv +nou2f +novideo +protocol unix,inet,inet6 +seccomp + +private-dev + +restrict-namespaces diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 3264ffb35..0d437f41b 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -68,7 +68,7 @@ armcord artha assogiate asunder -#atom +#atom # text editor (see Note1) #atom-beta #atool # disable until we fix CLI archivers for makepkg on Arch (see discussion in #3095) atril @@ -244,6 +244,7 @@ electron-mail electrum element-desktop elinks +#emacs # text editor (see Note1) empathy enchant enchant-2 @@ -325,9 +326,9 @@ gcalccmd gcloud gconf-editor gdu -#geany # text editor (see #6002) +#geany # text editor (see Note1) #geary # webkit2gtk-4.x requires bwrap (see #3647) -#gedit # text editor (see #6002) +#gedit # text editor (see Note1) geekbench geeqie geki2 @@ -335,7 +336,7 @@ geki3 gfeeds gh ghb -#ghostwriter # text editor (see #6002) +#ghostwriter # text editor (see Note1) gimp gimp-2.10 gimp-2.8 @@ -469,7 +470,7 @@ kaffeine kalgebra kalgebramobile karbon -#kate # text editor (see #6002) +#kate # text editor (see Note1) kazam kcalc #kdeinit4 @@ -506,11 +507,11 @@ ktorrent ktouch kube #kwin_x11 -#kwrite # text editor (see #6002) +#kwrite # text editor (see Note1) lbreakouthd lbry-viewer lbry-viewer-gtk -#leafpad # text editor (see #6002) +#leafpad # text editor (see Note1)) #less # breaks man lettura librecad @@ -595,7 +596,7 @@ minitube mirage mirrormagic mocp -#mousepad # text editor (see #6002) +#mousepad # text editor (see Note1) mov-cli mp3splt mp3splt-gtk @@ -641,9 +642,11 @@ mutool mutt mypaint mypaint-ora-thumbnailer +#nano # text editor (see Note1) natron ncdu ncdu2 +#ne # text editor (see Note1) neochat neomutt netactview @@ -731,7 +734,7 @@ pix planmaker18 planmaker18free playonlinux -#pluma # text editor (see #6002) +#pluma # text editor (see Note1) plv pngquant polari @@ -1007,7 +1010,7 @@ x2goclient xbill xcalc xchat -#xed # text editor (see #6002) +#xed # text editor (see Note1) xfburn xfce4-dict xfce4-mixer @@ -1057,3 +1060,10 @@ zoom #zstdless # disable until we fix CLI archivers for makepkg on Arch (see discussion in #3095) #zstdmt # disable until we fix CLI archivers for makepkg on Arch (see discussion in #3095) zulip + + +# Note1: +# Integrating text editors with Firejail prevents users from modifying certain +# configuration files. This includes most files in ~/.config and /etc +# directories. By default, firecfg does not create symbolic links for text +# editors under /usr/local/bin.