From 8e0d53cedd4634b43ab7035c6a85cea62b774da0 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:17:30 +0200 Subject: [PATCH 01/22] blacklist conkeror --- etc/disable-programs.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 0cd1ed123..1c78dc438 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -23,6 +23,7 @@ blacklist ~/.config/vivaldi blacklist ${HOME}/.filezilla blacklist ${HOME}/.config/filezilla blacklist ~/.dillo +blacklist ${HOME}/.conkeror.mozdev.org # cache blacklist ~/.cache/mozilla From 7a742afb1e3e3b2cbd5f6967e4b80f6d6c4f3d92 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:20:27 +0200 Subject: [PATCH 02/22] {no,}blacklist deadbeef --- etc/deadbeef.profile | 3 ++- etc/disable-programs.inc | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index dbf4531c4..ddce64d62 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile @@ -1,4 +1,6 @@ # DeaDBeeF media player profile +noblacklist ${HOME}/.config/deadbeef + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc @@ -10,4 +12,3 @@ caps.drop all seccomp protocol unix,inet,inet6 noroot - diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 1c78dc438..235746ffc 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -5,6 +5,7 @@ blacklist ${HOME}/.tconn blacklist ${HOME}/.FBReader blacklist ${HOME}/.wine blacklist ${HOME}/.config/cmus +blacklist ${HOME}/.config/deadbeef # HTTP / FTP / Mail blacklist ${HOME}/.icedove From 95c8fd7a0b6ae9f225a8497259727711268901f8 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:31:18 +0200 Subject: [PATCH 03/22] {no,}blacklist epiphany --- etc/disable-programs.inc | 5 +++++ etc/epiphany.profile | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 235746ffc..9c5ad58b4 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -25,6 +25,7 @@ blacklist ${HOME}/.filezilla blacklist ${HOME}/.config/filezilla blacklist ~/.dillo blacklist ${HOME}/.conkeror.mozdev.org +blacklist ${HOME}/.config/.epiphany # cache blacklist ~/.cache/mozilla @@ -35,6 +36,10 @@ blacklist ~/.cache/google-chrome-unstable blacklist ~/.cache/opera blacklist ~/.cache/opera-beta blacklist ~/.cache/vivaldi +blacklist ~/.cache/epiphany + +# share +blacklist ~/.local/share/epiphany # Instant Messaging blacklist ${HOME}/.config/hexchat diff --git a/etc/epiphany.profile b/etc/epiphany.profile index 319d2b177..8ef0d5beb 100644 --- a/etc/epiphany.profile +++ b/etc/epiphany.profile @@ -1,4 +1,8 @@ # Epiphany browser profile +noblacklist ${HOME}/.config/.epiphany +noblacklist ${HOME}/.cache/epiphany +noblacklist ${HOME}/.local/share/epiphany + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From a38190347f992a95bf5f8399ec3b08327b435f9f Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:35:41 +0200 Subject: [PATCH 04/22] blacklist slimjet --- etc/disable-programs.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 9c5ad58b4..a6f500b65 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -26,6 +26,7 @@ blacklist ${HOME}/.config/filezilla blacklist ~/.dillo blacklist ${HOME}/.conkeror.mozdev.org blacklist ${HOME}/.config/.epiphany +blacklist ${HOME}/.config/.slimjet # cache blacklist ~/.cache/mozilla @@ -37,6 +38,7 @@ blacklist ~/.cache/opera blacklist ~/.cache/opera-beta blacklist ~/.cache/vivaldi blacklist ~/.cache/epiphany +blacklist ~/.cache/slimjet # share blacklist ~/.local/share/epiphany From bc28c7d8f05cc01976aaa93aa4f49c7b5457f3a9 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:40:26 +0200 Subject: [PATCH 05/22] {no,}blacklist hedgewars --- etc/disable-programs.inc | 1 + etc/hedgewars.profile | 1 + 2 files changed, 2 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index a6f500b65..6026a28c2 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -6,6 +6,7 @@ blacklist ${HOME}/.FBReader blacklist ${HOME}/.wine blacklist ${HOME}/.config/cmus blacklist ${HOME}/.config/deadbeef +blacklist ${HOME}/.hedgewars # HTTP / FTP / Mail blacklist ${HOME}/.icedove diff --git a/etc/hedgewars.profile b/etc/hedgewars.profile index 53d0c2eaf..5ab7cfe72 100644 --- a/etc/hedgewars.profile +++ b/etc/hedgewars.profile @@ -1,4 +1,5 @@ # whitelist profile for Hedgewars (game) +noblacklist ${HOME}/.hedgewars include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc From d60c4461bb95f166bd2e98c0d7e7a3f6e4dd15f0 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:49:45 +0200 Subject: [PATCH 06/22] {no,}blacklist Mathematica --- etc/Mathematica.profile | 3 +++ etc/disable-programs.inc | 2 ++ 2 files changed, 5 insertions(+) diff --git a/etc/Mathematica.profile b/etc/Mathematica.profile index 52fd62ada..05131df43 100644 --- a/etc/Mathematica.profile +++ b/etc/Mathematica.profile @@ -1,4 +1,7 @@ # Mathematica profile +noblacklist ${HOME}/.Mathematica +noblacklist ${HOME}/.Wolfram Research + mkdir ~/.Mathematica whitelist ~/.Mathematica mkdir ~/.Wolfram Research diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 6026a28c2..1eb16cf46 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -7,6 +7,8 @@ blacklist ${HOME}/.wine blacklist ${HOME}/.config/cmus blacklist ${HOME}/.config/deadbeef blacklist ${HOME}/.hedgewars +blacklist ${HOME}/.Mathematica +blacklist ${HOME}/.Wolfram Research # HTTP / FTP / Mail blacklist ${HOME}/.icedove From 352880af7fe59c607806cb4ab5f9ec16d4e3d843 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 18:54:16 +0200 Subject: [PATCH 07/22] {no,}blacklist mupen64plus --- etc/disable-programs.inc | 2 ++ etc/mupen64plus.profile | 3 +++ 2 files changed, 5 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 1eb16cf46..acaace08b 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -9,6 +9,7 @@ blacklist ${HOME}/.config/deadbeef blacklist ${HOME}/.hedgewars blacklist ${HOME}/.Mathematica blacklist ${HOME}/.Wolfram Research +blacklist ${HOME}/.config/mupen64plus # HTTP / FTP / Mail blacklist ${HOME}/.icedove @@ -45,6 +46,7 @@ blacklist ~/.cache/slimjet # share blacklist ~/.local/share/epiphany +blacklist ~/.local/share/mupen64plus # Instant Messaging blacklist ${HOME}/.config/hexchat diff --git a/etc/mupen64plus.profile b/etc/mupen64plus.profile index 101074c24..7b38b411a 100644 --- a/etc/mupen64plus.profile +++ b/etc/mupen64plus.profile @@ -1,5 +1,8 @@ # mupen64plus profile # manually whitelist ROM files +noblacklist ${HOME}/.config/mupen64plus +noblacklist ${HOME}/.local/share/mupen64plus + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From d10d4142d1a1fed05d6c0d253f77288b822982ce Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:04:21 +0200 Subject: [PATCH 08/22] blacklist qutebrowser --- etc/disable-programs.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index acaace08b..0dabc40f1 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -31,6 +31,7 @@ blacklist ~/.dillo blacklist ${HOME}/.conkeror.mozdev.org blacklist ${HOME}/.config/.epiphany blacklist ${HOME}/.config/.slimjet +blacklist ${HOME}/.config/qutebrowser # cache blacklist ~/.cache/mozilla @@ -43,6 +44,7 @@ blacklist ~/.cache/opera-beta blacklist ~/.cache/vivaldi blacklist ~/.cache/epiphany blacklist ~/.cache/slimjet +blacklist ~/.cache/qutebrowser # share blacklist ~/.local/share/epiphany From 9355576995e891580da7dbabfd72e3b4496fe80d Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:07:01 +0200 Subject: [PATCH 09/22] fix slimjet --- etc/disable-programs.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 0dabc40f1..deac5e332 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -30,7 +30,7 @@ blacklist ${HOME}/.config/filezilla blacklist ~/.dillo blacklist ${HOME}/.conkeror.mozdev.org blacklist ${HOME}/.config/.epiphany -blacklist ${HOME}/.config/.slimjet +blacklist ${HOME}/.config/slimjet blacklist ${HOME}/.config/qutebrowser # cache From e5b5ba19e2faf38f957fa35c91fc8189f315700d Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:15:08 +0200 Subject: [PATCH 10/22] {no,}blacklist spotify --- etc/disable-programs.inc | 3 +++ etc/spotify.profile | 3 +++ 2 files changed, 6 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index deac5e332..7d1370941 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -10,6 +10,7 @@ blacklist ${HOME}/.hedgewars blacklist ${HOME}/.Mathematica blacklist ${HOME}/.Wolfram Research blacklist ${HOME}/.config/mupen64plus +blacklist ${HOME}/.config/spotify # HTTP / FTP / Mail blacklist ${HOME}/.icedove @@ -45,10 +46,12 @@ blacklist ~/.cache/vivaldi blacklist ~/.cache/epiphany blacklist ~/.cache/slimjet blacklist ~/.cache/qutebrowser +blacklist ~/.cache/spotify # share blacklist ~/.local/share/epiphany blacklist ~/.local/share/mupen64plus +blacklist ~/.local/share/spotify # Instant Messaging blacklist ${HOME}/.config/hexchat diff --git a/etc/spotify.profile b/etc/spotify.profile index dfe298e1d..fd4586dd5 100644 --- a/etc/spotify.profile +++ b/etc/spotify.profile @@ -1,4 +1,7 @@ # Spotify media player profile +noblacklist ${HOME}/.config/spotify +noblacklist ${HOME}/.cache/spotify +noblacklist ${HOME}/.local/share/spotify include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From 9ddf407962b548a96a20573e15537e5689d5188a Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:21:06 +0200 Subject: [PATCH 11/22] blacklist steam --- etc/disable-programs.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7d1370941..35250d324 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -11,6 +11,7 @@ blacklist ${HOME}/.Mathematica blacklist ${HOME}/.Wolfram Research blacklist ${HOME}/.config/mupen64plus blacklist ${HOME}/.config/spotify +blacklist ${HOME}/.steam # HTTP / FTP / Mail blacklist ${HOME}/.icedove @@ -52,6 +53,7 @@ blacklist ~/.cache/spotify blacklist ~/.local/share/epiphany blacklist ~/.local/share/mupen64plus blacklist ~/.local/share/spotify +blacklist ~/.local/share/steam # Instant Messaging blacklist ${HOME}/.config/hexchat From 37a922fab3f626810d9daf0c0cb3829737823ed2 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:33:15 +0200 Subject: [PATCH 12/22] blacklist telegram --- etc/disable-programs.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 35250d324..b49688849 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -65,6 +65,7 @@ blacklist ${HOME}/.weechat blacklist ${HOME}/.config/xchat blacklist ${HOME}/.Skype blacklist ${HOME}/.config/tox +blacklist ${HOME}/.TelegramDesktop # Cryptocoins blacklist ${HOME}/.*coin From db90a50229f7392d88710720cd2045989dc6afea Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:36:58 +0200 Subject: [PATCH 13/22] blacklist thunderbird --- etc/disable-programs.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index b49688849..9ddc3716a 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -48,6 +48,7 @@ blacklist ~/.cache/epiphany blacklist ~/.cache/slimjet blacklist ~/.cache/qutebrowser blacklist ~/.cache/spotify +blacklist ~/.cache/thunderbird # share blacklist ~/.local/share/epiphany From f4bdd4f07df73447159a116174fa3414bedf9129 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:38:05 +0200 Subject: [PATCH 14/22] blacklist icedove --- etc/disable-programs.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 9ddc3716a..a3b8f5181 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -49,6 +49,7 @@ blacklist ~/.cache/slimjet blacklist ~/.cache/qutebrowser blacklist ~/.cache/spotify blacklist ~/.cache/thunderbird +blacklist ~/.cache/icedove # share blacklist ~/.local/share/epiphany From fd659825f63a24b765c445ec0670c615b52815ec Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:44:49 +0200 Subject: [PATCH 15/22] {no,}blacklist transmission --- etc/disable-programs.inc | 2 ++ etc/transmission-gtk.profile | 3 +++ etc/transmission-qt.profile | 2 ++ 3 files changed, 7 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index a3b8f5181..7b2137944 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -12,6 +12,7 @@ blacklist ${HOME}/.Wolfram Research blacklist ${HOME}/.config/mupen64plus blacklist ${HOME}/.config/spotify blacklist ${HOME}/.steam +blacklist ${HOME}/.config/transmission # HTTP / FTP / Mail blacklist ${HOME}/.icedove @@ -50,6 +51,7 @@ blacklist ~/.cache/qutebrowser blacklist ~/.cache/spotify blacklist ~/.cache/thunderbird blacklist ~/.cache/icedove +blacklist ~/.cache/transmission # share blacklist ~/.local/share/epiphany diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index 9e64c6d59..2550ae3ed 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile @@ -1,4 +1,7 @@ # transmission-gtk profile +noblacklist ${HOME}/.config/transmission +noblacklist ${HOME}/.cache/transmission + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 1059ad3ee..5b3fcb284 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile @@ -1,4 +1,6 @@ # transmission-qt profile +noblacklist ${HOME}/.config/transmission +noblacklist ${HOME}/.cache/transmission include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From f7d12b4f2bac558a8b67ed11495c470a76580520 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:46:31 +0200 Subject: [PATCH 16/22] forgot (*very important*) newline --- etc/transmission-qt.profile | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 5b3fcb284..272d76ebb 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile @@ -1,6 +1,7 @@ # transmission-qt profile noblacklist ${HOME}/.config/transmission noblacklist ${HOME}/.cache/transmission + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From 40344ba08bf976ff706964396e2be3d1f0e2448b Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:48:36 +0200 Subject: [PATCH 17/22] {no,}blacklist uget-gtk --- etc/disable-programs.inc | 1 + etc/uget-gtk.profile | 2 ++ 2 files changed, 3 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 7b2137944..59465b94f 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -13,6 +13,7 @@ blacklist ${HOME}/.config/mupen64plus blacklist ${HOME}/.config/spotify blacklist ${HOME}/.steam blacklist ${HOME}/.config/transmission +blacklist ${HOME}/.config/uGet # HTTP / FTP / Mail blacklist ${HOME}/.icedove diff --git a/etc/uget-gtk.profile b/etc/uget-gtk.profile index 6593075c8..ef5aa7d4a 100644 --- a/etc/uget-gtk.profile +++ b/etc/uget-gtk.profile @@ -1,4 +1,6 @@ # uGet profile +noblacklist ${HOME}/.config/uGet + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From c1d0abd60ee33902103a7aa856d4eed10f207840 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 19:57:59 +0200 Subject: [PATCH 18/22] {no,}blacklist wesnoth --- etc/disable-programs.inc | 3 +++ etc/wesnoth.profile | 4 ++++ 2 files changed, 7 insertions(+) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 59465b94f..3064d1f4c 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -14,6 +14,7 @@ blacklist ${HOME}/.config/spotify blacklist ${HOME}/.steam blacklist ${HOME}/.config/transmission blacklist ${HOME}/.config/uGet +blacklist ${HOME}/.config/wesnoth # HTTP / FTP / Mail blacklist ${HOME}/.icedove @@ -53,12 +54,14 @@ blacklist ~/.cache/spotify blacklist ~/.cache/thunderbird blacklist ~/.cache/icedove blacklist ~/.cache/transmission +blacklist ~/.cache/wesnoth # share blacklist ~/.local/share/epiphany blacklist ~/.local/share/mupen64plus blacklist ~/.local/share/spotify blacklist ~/.local/share/steam +blacklist ~/.local/share/wesnoth # Instant Messaging blacklist ${HOME}/.config/hexchat diff --git a/etc/wesnoth.profile b/etc/wesnoth.profile index 24b245b6c..340ba0db5 100644 --- a/etc/wesnoth.profile +++ b/etc/wesnoth.profile @@ -1,4 +1,8 @@ # Whitelist-based profile for "Battle for Wesnoth" (game). +noblacklist ${HOME}/.config/wesnoth +noblacklist ${HOME}/.cache/wesnoth +noblacklist ${HOME}/.local/share/wesnoth + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc From 772ba667f743316e91dcba077c190f6f60b312e6 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 21:05:57 +0200 Subject: [PATCH 19/22] add new categories to disable-programs.inc --- etc/disable-programs.inc | 63 +++++++++++++++++++++------------------- 1 file changed, 33 insertions(+), 30 deletions(-) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 3064d1f4c..5bdf554b9 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -1,20 +1,19 @@ # various programs -blacklist ${HOME}/.config/vlc blacklist ${HOME}/.remmina blacklist ${HOME}/.tconn blacklist ${HOME}/.FBReader blacklist ${HOME}/.wine -blacklist ${HOME}/.config/cmus -blacklist ${HOME}/.config/deadbeef -blacklist ${HOME}/.hedgewars blacklist ${HOME}/.Mathematica blacklist ${HOME}/.Wolfram Research blacklist ${HOME}/.config/mupen64plus -blacklist ${HOME}/.config/spotify -blacklist ${HOME}/.steam blacklist ${HOME}/.config/transmission blacklist ${HOME}/.config/uGet -blacklist ${HOME}/.config/wesnoth + +# Media players +blacklist ${HOME}/.config/cmus +blacklist ${HOME}/.config/deadbeef +blacklist ${HOME}/.config/spotify +blacklist ${HOME}/.config/vlc # HTTP / FTP / Mail blacklist ${HOME}/.icedove @@ -38,6 +37,33 @@ blacklist ${HOME}/.config/.epiphany blacklist ${HOME}/.config/slimjet blacklist ${HOME}/.config/qutebrowser +# Instant Messaging +blacklist ${HOME}/.config/hexchat +blacklist ${HOME}/.mcabber +blacklist ${HOME}/.purple +blacklist ${HOME}/.config/psi+ +blacklist ${HOME}/.retroshare +blacklist ${HOME}/.weechat +blacklist ${HOME}/.config/xchat +blacklist ${HOME}/.Skype +blacklist ${HOME}/.config/tox +blacklist ${HOME}/.TelegramDesktop + +# Games +blacklist ${HOME}/.hedgewars +blacklist ${HOME}/.steam +blacklist ${HOME}/.config/wesnoth + +# Cryptocoins +blacklist ${HOME}/.*coin +blacklist ${HOME}/.electrum* +blacklist ${HOME}/wallet.dat + +# git, subversion +blacklist ${HOME}/.subversion +blacklist ${HOME}/.gitconfig +blacklist ${HOME}/.git-credential-cache + # cache blacklist ~/.cache/mozilla blacklist ~/.cache/chromium @@ -62,26 +88,3 @@ blacklist ~/.local/share/mupen64plus blacklist ~/.local/share/spotify blacklist ~/.local/share/steam blacklist ~/.local/share/wesnoth - -# Instant Messaging -blacklist ${HOME}/.config/hexchat -blacklist ${HOME}/.mcabber -blacklist ${HOME}/.purple -blacklist ${HOME}/.config/psi+ -blacklist ${HOME}/.retroshare -blacklist ${HOME}/.weechat -blacklist ${HOME}/.config/xchat -blacklist ${HOME}/.Skype -blacklist ${HOME}/.config/tox -blacklist ${HOME}/.TelegramDesktop - -# Cryptocoins -blacklist ${HOME}/.*coin -blacklist ${HOME}/.electrum* -blacklist ${HOME}/wallet.dat - -# git, subversion -blacklist ${HOME}/.subversion -blacklist ${HOME}/.gitconfig -blacklist ${HOME}/.git-credential-cache - From 0a43cc589c180e21c8d5e184d604cf3ed844f9dd Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 21:09:35 +0200 Subject: [PATCH 20/22] disable-programs.inc: s/~/${HOME}/ --- etc/disable-programs.inc | 46 ++++++++++++++++++++-------------------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 5bdf554b9..bc8361dd0 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -28,10 +28,10 @@ blacklist ${HOME}/.config/google-chrome-unstable blacklist ${HOME}/.config/opera blacklist ${HOME}/.config/opera-beta blacklist ${HOME}/.opera -blacklist ~/.config/vivaldi +blacklist ${HOME}/.config/vivaldi blacklist ${HOME}/.filezilla blacklist ${HOME}/.config/filezilla -blacklist ~/.dillo +blacklist ${HOME}/.dillo blacklist ${HOME}/.conkeror.mozdev.org blacklist ${HOME}/.config/.epiphany blacklist ${HOME}/.config/slimjet @@ -65,26 +65,26 @@ blacklist ${HOME}/.gitconfig blacklist ${HOME}/.git-credential-cache # cache -blacklist ~/.cache/mozilla -blacklist ~/.cache/chromium -blacklist ~/.cache/google-chrome -blacklist ~/.cache/google-chrome-beta -blacklist ~/.cache/google-chrome-unstable -blacklist ~/.cache/opera -blacklist ~/.cache/opera-beta -blacklist ~/.cache/vivaldi -blacklist ~/.cache/epiphany -blacklist ~/.cache/slimjet -blacklist ~/.cache/qutebrowser -blacklist ~/.cache/spotify -blacklist ~/.cache/thunderbird -blacklist ~/.cache/icedove -blacklist ~/.cache/transmission -blacklist ~/.cache/wesnoth +blacklist ${HOME}/.cache/mozilla +blacklist ${HOME}/.cache/chromium +blacklist ${HOME}/.cache/google-chrome +blacklist ${HOME}/.cache/google-chrome-beta +blacklist ${HOME}/.cache/google-chrome-unstable +blacklist ${HOME}/.cache/opera +blacklist ${HOME}/.cache/opera-beta +blacklist ${HOME}/.cache/vivaldi +blacklist ${HOME}/.cache/epiphany +blacklist ${HOME}/.cache/slimjet +blacklist ${HOME}/.cache/qutebrowser +blacklist ${HOME}/.cache/spotify +blacklist ${HOME}/.cache/thunderbird +blacklist ${HOME}/.cache/icedove +blacklist ${HOME}/.cache/transmission +blacklist ${HOME}/.cache/wesnoth # share -blacklist ~/.local/share/epiphany -blacklist ~/.local/share/mupen64plus -blacklist ~/.local/share/spotify -blacklist ~/.local/share/steam -blacklist ~/.local/share/wesnoth +blacklist ${HOME}/.local/share/epiphany +blacklist ${HOME}/.local/share/mupen64plus +blacklist ${HOME}/.local/share/spotify +blacklist ${HOME}/.local/share/steam +blacklist ${HOME}/.local/share/wesnoth From 6959d49367e7b7e4015040eb63988ad3b540f008 Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 21:24:50 +0200 Subject: [PATCH 21/22] fix epiphany --- etc/disable-programs.inc | 2 +- etc/epiphany.profile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index bc8361dd0..7faf75638 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc @@ -33,7 +33,7 @@ blacklist ${HOME}/.filezilla blacklist ${HOME}/.config/filezilla blacklist ${HOME}/.dillo blacklist ${HOME}/.conkeror.mozdev.org -blacklist ${HOME}/.config/.epiphany +blacklist ${HOME}/.config/epiphany blacklist ${HOME}/.config/slimjet blacklist ${HOME}/.config/qutebrowser diff --git a/etc/epiphany.profile b/etc/epiphany.profile index 8ef0d5beb..95a673bf9 100644 --- a/etc/epiphany.profile +++ b/etc/epiphany.profile @@ -1,5 +1,5 @@ # Epiphany browser profile -noblacklist ${HOME}/.config/.epiphany +noblacklist ${HOME}/.config/epiphany noblacklist ${HOME}/.cache/epiphany noblacklist ${HOME}/.local/share/epiphany From 1a42221c62a35fd5e143767f01521ff51e44f04a Mon Sep 17 00:00:00 2001 From: avoidr Date: Tue, 12 Apr 2016 22:29:33 +0200 Subject: [PATCH 22/22] delete blacklist wine from profiles --- etc/atril.profile | 3 --- etc/audacious.profile | 3 --- etc/cherrytree.profile | 2 -- etc/clementine.profile | 2 -- etc/deadbeef.profile | 2 -- etc/deluge.profile | 4 ---- etc/dropbox.profile | 3 --- etc/empathy.profile | 3 --- etc/evince.profile | 3 --- etc/fbreader.profile | 4 +--- etc/filezilla.profile | 6 +----- etc/gnome-mplayer.profile | 2 -- etc/kmail.profile | 5 +---- etc/pidgin.profile | 3 +-- etc/qbittorrent.profile | 4 ---- etc/quassel.profile | 3 --- etc/rhythmbox.profile | 3 --- etc/ssh.profile | 4 +--- etc/totem.profile | 2 -- etc/transmission-gtk.profile | 6 ------ etc/transmission-qt.profile | 4 ---- etc/vlc.profile | 3 +-- etc/wine.profile | 1 + etc/xchat.profile | 3 +-- 24 files changed, 8 insertions(+), 70 deletions(-) diff --git a/etc/atril.profile b/etc/atril.profile index f142f50bc..e078c1d20 100644 --- a/etc/atril.profile +++ b/etc/atril.profile @@ -4,12 +4,9 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 netfilter noroot tracelog - diff --git a/etc/audacious.profile b/etc/audacious.profile index 0c79d02ac..290faa260 100644 --- a/etc/audacious.profile +++ b/etc/audacious.profile @@ -4,10 +4,7 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 noroot - diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile index 3cc384b37..7bcc61e98 100644 --- a/etc/cherrytree.profile +++ b/etc/cherrytree.profile @@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - whitelist ${HOME}/cherrytree mkdir ~/.config mkdir ~/.config/cherrytree diff --git a/etc/clementine.profile b/etc/clementine.profile index a02e05f9c..c6271e6e3 100644 --- a/etc/clementine.profile +++ b/etc/clementine.profile @@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile index ddce64d62..2810e5323 100644 --- a/etc/deadbeef.profile +++ b/etc/deadbeef.profile @@ -6,8 +6,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 diff --git a/etc/deluge.profile b/etc/deluge.profile index 9b2c65656..d8ffc8ec5 100644 --- a/etc/deluge.profile +++ b/etc/deluge.profile @@ -4,13 +4,9 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 netfilter noroot nosound - - diff --git a/etc/dropbox.profile b/etc/dropbox.profile index ea0dc1fcb..a0a944dce 100644 --- a/etc/dropbox.profile +++ b/etc/dropbox.profile @@ -3,10 +3,7 @@ include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps seccomp protocol unix,inet,inet6 noroot - diff --git a/etc/empathy.profile b/etc/empathy.profile index 37277e3d1..789bdda08 100644 --- a/etc/empathy.profile +++ b/etc/empathy.profile @@ -3,10 +3,7 @@ include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 netfilter - diff --git a/etc/evince.profile b/etc/evince.profile index 693593713..c390dcaf3 100644 --- a/etc/evince.profile +++ b/etc/evince.profile @@ -4,11 +4,8 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 noroot nosound - diff --git a/etc/fbreader.profile b/etc/fbreader.profile index c45acc901..cfbae1c74 100644 --- a/etc/fbreader.profile +++ b/etc/fbreader.profile @@ -1,16 +1,14 @@ # fbreader ebook reader profile noblacklist ${HOME}/.FBReader + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 netfilter noroot nosound - diff --git a/etc/filezilla.profile b/etc/filezilla.profile index dc677542f..8542de284 100644 --- a/etc/filezilla.profile +++ b/etc/filezilla.profile @@ -1,18 +1,14 @@ # FileZilla ftp profile noblacklist ${HOME}/.filezilla noblacklist ${HOME}/.config/filezilla + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 noroot netfilter nosound - - - diff --git a/etc/gnome-mplayer.profile b/etc/gnome-mplayer.profile index a96b19ec3..ec3698ac8 100644 --- a/etc/gnome-mplayer.profile +++ b/etc/gnome-mplayer.profile @@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 diff --git a/etc/kmail.profile b/etc/kmail.profile index 67a7b4eb1..a7079661b 100644 --- a/etc/kmail.profile +++ b/etc/kmail.profile @@ -1,17 +1,14 @@ # kmail profile noblacklist ${HOME}/.gnupg + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6,netlink netfilter noroot tracelog - - diff --git a/etc/pidgin.profile b/etc/pidgin.profile index ea5d82103..fd497f082 100644 --- a/etc/pidgin.profile +++ b/etc/pidgin.profile @@ -1,11 +1,10 @@ # Pidgin profile noblacklist ${HOME}/.purple + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 diff --git a/etc/qbittorrent.profile b/etc/qbittorrent.profile index 121d08a13..8bdc745fb 100644 --- a/etc/qbittorrent.profile +++ b/etc/qbittorrent.profile @@ -4,13 +4,9 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 netfilter noroot nosound - - diff --git a/etc/quassel.profile b/etc/quassel.profile index 1fba23784..72004da7f 100644 --- a/etc/quassel.profile +++ b/etc/quassel.profile @@ -3,11 +3,8 @@ include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 noroot netfilter - diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile index a3204c5f9..782cd3832 100644 --- a/etc/rhythmbox.profile +++ b/etc/rhythmbox.profile @@ -4,11 +4,8 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 noroot netfilter - diff --git a/etc/ssh.profile b/etc/ssh.profile index 7e105724e..7b282bde6 100644 --- a/etc/ssh.profile +++ b/etc/ssh.profile @@ -1,14 +1,12 @@ # ssh client noblacklist ~/.ssh + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 netfilter noroot - diff --git a/etc/totem.profile b/etc/totem.profile index 5eeeb4402..4d87cbb85 100644 --- a/etc/totem.profile +++ b/etc/totem.profile @@ -4,8 +4,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index 2550ae3ed..d61d36a8c 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile @@ -7,8 +7,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 @@ -16,7 +14,3 @@ netfilter noroot tracelog nosound - - - - diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 272d76ebb..3db7a5452 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile @@ -7,8 +7,6 @@ include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 @@ -16,5 +14,3 @@ netfilter noroot tracelog nosound - - diff --git a/etc/vlc.profile b/etc/vlc.profile index 0a7469339..061ae6f78 100644 --- a/etc/vlc.profile +++ b/etc/vlc.profile @@ -1,12 +1,11 @@ # VLC media player profile noblacklist ${HOME}/.config/vlc + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc include /etc/firejail/disable-passwdmgr.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6 diff --git a/etc/wine.profile b/etc/wine.profile index f93fa6dc2..ea6db8511 100644 --- a/etc/wine.profile +++ b/etc/wine.profile @@ -2,6 +2,7 @@ noblacklist ${HOME}/.steam noblacklist ${HOME}/.local/share/steam noblacklist ${HOME}/.wine + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc diff --git a/etc/xchat.profile b/etc/xchat.profile index 7c11ba76c..fcea4245e 100644 --- a/etc/xchat.profile +++ b/etc/xchat.profile @@ -1,11 +1,10 @@ # XChat IRC profile noblacklist ${HOME}/.config/xchat + include /etc/firejail/disable-common.inc include /etc/firejail/disable-programs.inc include /etc/firejail/disable-devel.inc -blacklist ${HOME}/.wine - caps.drop all seccomp protocol unix,inet,inet6