fixes, closes, enhances, improvements, and so on

- .github/ISSUE_TEMPLATE/bug_report.md: get ride off spanish, french, ... error messages - etc/inc/firefox-common-addons.inc: support ff2mpv - etc/profile-a-l/gimp.profile: note about xsane - etc/profile-m-z/min.profile: prettify - etc/profile-m-z/mpsyt.profile: fix, add lua - etc/profile-m-z/qbittorrent.profile: add note for tray-icons; this will get a better note once I investigated and audited all the D-Bus tray stuff. - etc/profile-m-z/transmission-daemon.profile: fix, add protocol packet close #3686 - mps-youtube needs lua close #3701 - Firefox native messaging regression in 0.9.62.4 -> 0.9.64rc1 close #3636 - transmission-daemon fills log with error close #3640 - Gimp - add note how to enable scanning (xsane) close #3707 - qBittorrent tray icon missing from notification panel when running it with firejail
2026-05-15 14:16:14 -06:00 · 2020-11-09 20:57:33 +01:00 · 2020-11-09 20:57:33 +01:00 · f3585e5393
commit f3585e5393
parent 796b4cf335
9 changed files with 34 additions and 4 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -36,6 +36,7 @@ Other context about the problem like related errors to understand the problem.
 - [ ] Programs needed for interaction are listed in the profile.
 - [ ] A short search for duplicates was performed.
 - [ ] If it is a AppImage, `--profile=PROFILENAME` is used to set the right profile.
+ - [ ] Used `LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 PROGRAM` to get english error-messages.


 <details><summary> debug output </summary>
--- a/README.md
+++ b/README.md
@ -194,4 +194,4 @@ Stats:

 ### New profiles:

-spectacle
+spectacle, chromium-browser-privacy
--- a/2
+++ b/2
@ -1,7 +1,7 @@
 firejail (0.9.65) baseline; urgency=low
  * allow --tmpfs inside $HOME for unprivileged users
  *  --disable-usertmpfs  compile time option
-  * new profiles: spectacle
+  * new profiles: spectacle, chromium-browser-privacy
 -- netblue30 <netblue30@yahoo.com>  Wed, 21 Oct 2020 09:00:00 -0500

 firejail (0.9.64) baseline; urgency=low
--- a/etc/inc/firefox-common-addons.inc
+++ b/etc/inc/firefox-common-addons.inc
@ -69,3 +69,20 @@ include allow-python3.inc
 # Flash plugin
 # private-etc must first be enabled in firefox-common.profile and in profiles including it.
 #private-etc adobe
+
+# ff2mpv
+#ignore noexec ${HOME}
+#noblacklist ${HOME}/.config/mpv
+#noblacklist ${HOME}/.config/youtube-dl
+#noblacklist ${HOME}/.netrc
+#include allow-lua.inc
+#include allow-python3.inc
+#mkdir ${HOME}/.config/mpv
+#mkdir ${HOME}/.config/youtube-dl
+#whitelist ${HOME}/.config/mpv
+#whitelist ${HOME}/.config/youtube-dl
+#whitelist ${HOME}/.netrc
+#whitelist /usr/share/lua
+#whitelist /usr/share/lua*
+#whitelist /usr/share/vulkan
+#private-bin env,mpv,python3*,waf,youtube-dl
--- a/etc/profile-a-l/gimp.profile
+++ b/etc/profile-a-l/gimp.profile
@ -6,6 +6,14 @@ include gimp.local
 # Persistent global definitions
 include globals.local

+# Uncomment or add to gimp.local in order to support scanning via xsane (see #3640).
+# TODO: Replace 'ignore seccomp' with a less permissive option.
+#ignore seccomp
+#ignore dbus-system
+#ignore net
+#protocol unix,inet,inet6
+
+
 # gimp plugins are installed by the user in ${HOME}/.gimp-2.8/plug-ins/ directory
 # if you are not using external plugins, you can comment 'ignore noexec' statement below
 # or put 'noexec ${HOME}' in your gimp.local
--- a/etc/profile-m-z/min.profile
+++ b/etc/profile-m-z/min.profile
@ -6,8 +6,7 @@ include min.local
 # Persistent global definitions
 include globals.local

-# Disable for now, see https://github.com/netblue30/firejail/pull/3688#issuecomment-718711565
-ignore whitelist /usr/share/chromium
+nowhitelist /usr/share/chromium

 noblacklist ${HOME}/.config/Min

--- a/etc/profile-m-z/mpsyt.profile
+++ b/etc/profile-m-z/mpsyt.profile
@ -13,6 +13,9 @@ noblacklist ${HOME}/.mplayer
 noblacklist ${HOME}/.netrc
 noblacklist ${HOME}/mps

+# Allow lua (blacklisted by disable-interpreters.inc)
+include allow-lua.inc
+
 # Allow python (blacklisted by disable-interpreters.inc)
 include allow-python2.inc
 include allow-python3.inc
--- a/etc/profile-m-z/qbittorrent.profile
+++ b/etc/profile-m-z/qbittorrent.profile
@ -56,6 +56,7 @@ private-dev
 # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,resolv.conf,ssl,X11,xdg
 private-tmp

+# See https://github.com/netblue30/firejail/issues/3707 for tray-icon
 dbus-user none
 dbus-system none

--- a/etc/profile-m-z/transmission-daemon.profile
+++ b/etc/profile-m-z/transmission-daemon.profile
@ -14,6 +14,7 @@ whitelist ${HOME}/.config/transmission-daemon
 whitelist /var/lib/transmission

 caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot
+protocol unix,inet,inet6,packet

 private-bin transmission-daemon
 private-etc alternatives,ca-certificates,crypto-policies,nsswitch.conf,pki,resolv.conf,ssl