github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 06:45:29 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1

Merge pull request #428 from avoidr/profile_cleanup

Browse source 
Profile cleanup
This commit is contained in:
netblue30 2016-04-13 08:49:08 -04:00
commit d222023bd1
32 changed files with 82 additions and 84 deletions
Download patch file Download diff file Expand all files Collapse all files

3
etc/Mathematica.profile
View file

@ -1,4 +1,7 @@
# Mathematica profile
noblacklist ${HOME}/.Mathematica
noblacklist ${HOME}/.Wolfram Research
mkdir ~/.Mathematica
whitelist ~/.Mathematica
mkdir ~/.Wolfram Research

3
etc/atril.profile
View file

@ -4,12 +4,9 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
noroot
tracelog

3
etc/audacious.profile
View file

@ -4,10 +4,7 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
noroot

2
etc/cherrytree.profile
View file

@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
whitelist ${HOME}/cherrytree
mkdir ~/.config
mkdir ~/.config/cherrytree

2
etc/clementine.profile
View file

@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6

5
etc/deadbeef.profile
View file

@ -1,13 +1,12 @@
# DeaDBeeF media player profile
noblacklist ${HOME}/.config/deadbeef
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
noroot

4
etc/deluge.profile
View file

@ -4,13 +4,9 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
noroot
nosound

59
etc/disable-programs.inc
View file

@ -1,10 +1,19 @@
# various programs
blacklist ${HOME}/.config/vlc
blacklist ${HOME}/.remmina
blacklist ${HOME}/.tconn
blacklist ${HOME}/.FBReader
blacklist ${HOME}/.wine
blacklist ${HOME}/.Mathematica
blacklist ${HOME}/.Wolfram Research
blacklist ${HOME}/.config/mupen64plus
blacklist ${HOME}/.config/transmission
blacklist ${HOME}/.config/uGet
# Media players
blacklist ${HOME}/.config/cmus
blacklist ${HOME}/.config/deadbeef
blacklist ${HOME}/.config/spotify
blacklist ${HOME}/.config/vlc
# HTTP / FTP / Mail
blacklist ${HOME}/.icedove
@ -19,20 +28,14 @@ blacklist ${HOME}/.config/google-chrome-unstable
blacklist ${HOME}/.config/opera
blacklist ${HOME}/.config/opera-beta
blacklist ${HOME}/.opera
blacklist ~/.config/vivaldi
blacklist ${HOME}/.config/vivaldi
blacklist ${HOME}/.filezilla
blacklist ${HOME}/.config/filezilla
blacklist ~/.dillo
# cache
blacklist ~/.cache/mozilla
blacklist ~/.cache/chromium
blacklist ~/.cache/google-chrome
blacklist ~/.cache/google-chrome-beta
blacklist ~/.cache/google-chrome-unstable
blacklist ~/.cache/opera
blacklist ~/.cache/opera-beta
blacklist ~/.cache/vivaldi
blacklist ${HOME}/.dillo
blacklist ${HOME}/.conkeror.mozdev.org
blacklist ${HOME}/.config/epiphany
blacklist ${HOME}/.config/slimjet
blacklist ${HOME}/.config/qutebrowser
# Instant Messaging
blacklist ${HOME}/.config/hexchat
@ -44,6 +47,12 @@ blacklist ${HOME}/.weechat
blacklist ${HOME}/.config/xchat
blacklist ${HOME}/.Skype
blacklist ${HOME}/.config/tox
blacklist ${HOME}/.TelegramDesktop
# Games
blacklist ${HOME}/.hedgewars
blacklist ${HOME}/.steam
blacklist ${HOME}/.config/wesnoth
# Cryptocoins
blacklist ${HOME}/.*coin
@ -55,3 +64,27 @@ blacklist ${HOME}/.subversion
blacklist ${HOME}/.gitconfig
blacklist ${HOME}/.git-credential-cache
# cache
blacklist ${HOME}/.cache/mozilla
blacklist ${HOME}/.cache/chromium
blacklist ${HOME}/.cache/google-chrome
blacklist ${HOME}/.cache/google-chrome-beta
blacklist ${HOME}/.cache/google-chrome-unstable
blacklist ${HOME}/.cache/opera
blacklist ${HOME}/.cache/opera-beta
blacklist ${HOME}/.cache/vivaldi
blacklist ${HOME}/.cache/epiphany
blacklist ${HOME}/.cache/slimjet
blacklist ${HOME}/.cache/qutebrowser
blacklist ${HOME}/.cache/spotify
blacklist ${HOME}/.cache/thunderbird
blacklist ${HOME}/.cache/icedove
blacklist ${HOME}/.cache/transmission
blacklist ${HOME}/.cache/wesnoth
# share
blacklist ${HOME}/.local/share/epiphany
blacklist ${HOME}/.local/share/mupen64plus
blacklist ${HOME}/.local/share/spotify
blacklist ${HOME}/.local/share/steam
blacklist ${HOME}/.local/share/wesnoth

3
etc/dropbox.profile
View file

@ -3,10 +3,7 @@ include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps
seccomp
protocol unix,inet,inet6
noroot

3
etc/empathy.profile
View file

@ -3,10 +3,7 @@ include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter

4
etc/epiphany.profile
View file

@ -1,4 +1,8 @@
# Epiphany browser profile
noblacklist ${HOME}/.config/epiphany
noblacklist ${HOME}/.cache/epiphany
noblacklist ${HOME}/.local/share/epiphany
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc

3
etc/evince.profile
View file

@ -4,11 +4,8 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
noroot
nosound

4
etc/fbreader.profile
View file

@ -1,16 +1,14 @@
# fbreader ebook reader profile
noblacklist ${HOME}/.FBReader
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
noroot
nosound

6
etc/filezilla.profile
View file

@ -1,18 +1,14 @@
# FileZilla ftp profile
noblacklist ${HOME}/.filezilla
noblacklist ${HOME}/.config/filezilla
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
noroot
netfilter
nosound

2
etc/gnome-mplayer.profile
View file

@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6

1
etc/hedgewars.profile
View file

@ -1,4 +1,5 @@
# whitelist profile for Hedgewars (game)
noblacklist ${HOME}/.hedgewars
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc

5
etc/kmail.profile
View file

@ -1,17 +1,14 @@
# kmail profile
noblacklist ${HOME}/.gnupg
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6,netlink
netfilter
noroot
tracelog

3
etc/mupen64plus.profile
View file

@ -1,5 +1,8 @@
# mupen64plus profile
# manually whitelist ROM files
noblacklist ${HOME}/.config/mupen64plus
noblacklist ${HOME}/.local/share/mupen64plus
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc

3
etc/pidgin.profile
View file

@ -1,11 +1,10 @@
# Pidgin profile
noblacklist ${HOME}/.purple
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6

4
etc/qbittorrent.profile
View file

@ -4,13 +4,9 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
noroot
nosound

3
etc/quassel.profile
View file

@ -3,11 +3,8 @@ include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
noroot
netfilter

3
etc/rhythmbox.profile
View file

@ -4,11 +4,8 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
noroot
netfilter

3
etc/spotify.profile
View file

@ -1,4 +1,7 @@
# Spotify media player profile
noblacklist ${HOME}/.config/spotify
noblacklist ${HOME}/.cache/spotify
noblacklist ${HOME}/.local/share/spotify
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc

4
etc/ssh.profile
View file

@ -1,14 +1,12 @@
# ssh client
noblacklist ~/.ssh
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
netfilter
noroot

2
etc/totem.profile
View file

@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6

9
etc/transmission-gtk.profile
View file

@ -1,11 +1,12 @@
# transmission-gtk profile
noblacklist ${HOME}/.config/transmission
noblacklist ${HOME}/.cache/transmission
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
@ -13,7 +14,3 @@ netfilter
noroot
tracelog
nosound

7
etc/transmission-qt.profile
View file

@ -1,11 +1,12 @@
# transmission-qt profile
noblacklist ${HOME}/.config/transmission
noblacklist ${HOME}/.cache/transmission
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6
@ -13,5 +14,3 @@ netfilter
noroot
tracelog
nosound

2
etc/uget-gtk.profile
View file

@ -1,4 +1,6 @@
# uGet profile
noblacklist ${HOME}/.config/uGet
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc

3
etc/vlc.profile
View file

@ -1,12 +1,11 @@
# VLC media player profile
noblacklist ${HOME}/.config/vlc
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
include /etc/firejail/disable-passwdmgr.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6

4
etc/wesnoth.profile
View file

@ -1,4 +1,8 @@
# Whitelist-based profile for "Battle for Wesnoth" (game).
noblacklist ${HOME}/.config/wesnoth
noblacklist ${HOME}/.cache/wesnoth
noblacklist ${HOME}/.local/share/wesnoth
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc

1
etc/wine.profile
View file

@ -2,6 +2,7 @@
noblacklist ${HOME}/.steam
noblacklist ${HOME}/.local/share/steam
noblacklist ${HOME}/.wine
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc

3
etc/xchat.profile
View file

@ -1,11 +1,10 @@
# XChat IRC profile
noblacklist ${HOME}/.config/xchat
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-programs.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6