added whois and dig profiles

2026-05-21 06:45:29 -06:00 · 2018-08-30 07:29:05 -04:00 · 2018-08-30 07:29:05 -04:00 · ef4409e7b7
commit ef4409e7b7
parent bbac3af66e
8 changed files with 131 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -167,4 +167,4 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe
 ## New profiles
 Microsoft Office Online, riot-desktop, gnome-mpv, snox, gradio, standardnotes-desktop,
 shellcheck, patch, flameshot, rview, rvim, vimcat, vimdiff, vimpager, vimtutor,
-xxd, Beaker, electrum, clamtk, pybitmessage
+xxd, Beaker, electrum, clamtk, pybitmessage, dig, whois
--- a/2
+++ b/2
@ -19,7 +19,7 @@ firejail (0.9.56~rc1) baseline; urgency=low
  * new profiles: ms-skype, ms-word, riot-desktop, gnome-mpv, snox, gradio,
  * new profiles: standardnotes-desktop, shellcheck, patch, flameshot,
  * new profiles: rview, rvim, vimcat, vimdiff, vimpager, vimtutor, xxd,
-  * new profiles: Beaker, electrum, clamtk, pybitmessage
+  * new profiles: Beaker, electrum, clamtk, pybitmessage, dig, whois
 -- netblue30 <netblue30@yahoo.com>  Sat, 11 Aug 2018 08:00:00 -0500
 firejail (0.9.54) baseline; urgency=low
--- a/etc/dig.profile
+++ b/etc/dig.profile
@ -0,0 +1,47 @@
 quiet
 # Firejail profile for dig
 # This file is overwritten after every install/update
 # Persistent local customizations
 include /etc/firejail/dig.local
 # Persistent global definitions
 include /etc/firejail/globals.local
 include /etc/firejail/disable-common.inc
 # include /etc/firejail/disable-devel.inc
 # include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 #include /etc/firejail/disable-xdg.inc
 whitelist ~/.digrc
 include /etc/firejail/whitelist-common.inc
 include /etc/firejail/whitelist-var-common.inc
 caps.drop all
 # ipc-namespace
 netfilter
 no3d
 nodbus
 nodvd
 nogroups
 nonewprivs
 noroot
 nosound
 notv
 novideo
 protocol unix,inet,inet6
 seccomp
 shell none
 disable-mnt
 private
 private-bin sh,bash,dig
 private-cache
 private-dev
 # private-etc resolv.conf
 private-lib
 private-tmp
 memory-deny-write-execute
 # noexec ${HOME}
 # noexec /tmp
--- a/etc/whois.profile
+++ b/etc/whois.profile
@ -0,0 +1,45 @@
 quiet
 # Firejail profile for whois
 # This file is overwritten after every install/update
 # Persistent local customizations
 include /etc/firejail/whois.local
 # Persistent global definitions
 include /etc/firejail/globals.local
 include /etc/firejail/disable-common.inc
 # include /etc/firejail/disable-devel.inc
 # include /etc/firejail/disable-interpreters.inc
 include /etc/firejail/disable-passwdmgr.inc
 include /etc/firejail/disable-programs.inc
 #include /etc/firejail/disable-xdg.inc
 include /etc/firejail/whitelist-var-common.inc
 caps.drop all
 # ipc-namespace
 netfilter
 no3d
 nodbus
 nodvd
 nogroups
 nonewprivs
 noroot
 nosound
 notv
 novideo
 protocol inet,inet6
 seccomp
 shell none
 disable-mnt
 private
 private-bin sh,bash,whois
 private-cache
 private-dev
 # private-etc hosts,services,whois.conf
 private-lib
 private-tmp
 memory-deny-write-execute
 # noexec ${HOME}
 # noexec /tmp
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@ -94,6 +94,7 @@ deadbeef
 deluge
 dex2jar
 dia
 dig
 digikam
 dillo
 dino
@ -442,6 +443,7 @@ weechat
 weechat-curses
 wesnoth
 wget
 whois
 wine
 wire-desktop
 wireshark
--- a/test/private-lib/dig.exp
+++ b/test/private-lib/dig.exp
@ -0,0 +1,17 @@
 #!/usr/bin/expect -f
 # This file is part of Firejail project
 # Copyright (C) 2014-2018 Firejail Authors
 # License GPL v2
 set timeout 10
 spawn $env(SHELL)
 match_max 100000
 send -- "firejail dig 1.1.1.1\r"
 expect {
 	timeout {puts "TESTING ERROR 0\n";exit}
 	"Query time"
 }
 after 100
 puts "\nall done\n"
--- a/test/private-lib/private-lib.sh
+++ b/test/private-lib/private-lib.sh
@ -5,7 +5,7 @@
 export MALLOC_CHECK_=3
 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1))
-LIST="evince galculator gnome-calculator gedit leafpad mousepad pluma transmission-gtk xcalc atril gpicview eom eog"
+LIST="dig whois evince galculator gnome-calculator gedit leafpad mousepad pluma transmission-gtk xcalc atril gpicview eom eog"
 for app in $LIST; do
--- a/test/private-lib/whois.exp
+++ b/test/private-lib/whois.exp
@ -0,0 +1,17 @@
 #!/usr/bin/expect -f
 # This file is part of Firejail project
 # Copyright (C) 2014-2018 Firejail Authors
 # License GPL v2
 set timeout 10
 spawn $env(SHELL)
 match_max 100000
 send -- "firejail whois debian.org\r"
 expect {
 	timeout {puts "TESTING ERROR 0\n";exit}
 	"Domain Name"
 }
 after 100
 puts "\nall done\n"