github-starred/firejail

Fork 0

mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00

[GH-ISSUE #221] a kmail profile #155

New issue

Closed

opened 2026-05-05 05:11:40 -06:00 by gitea-mirror · 3 comments

gitea-mirror commented

2026-05-05 05:11:40 -06:00

Owner

Originally created by @ghost on GitHub (Jan 12, 2016).
Original GitHub issue: https://github.com/netblue30/firejail/issues/221

kmail is not trivial to set up, because it calls akonadi in order to function. So bellow, i propose a profile, the best i could make it. (the commented out parts, definitely brake it). Launching links and encrypting messages worked.

kmail profile

noblacklist ${HOME}/.gnupg

include /etc/firejail/disable-mgmt.inc

include /etc/firejail/disable-secret.inc
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.pki/nssdb
blacklist ${HOME}/.lastpass
blacklist ${HOME}/.keepassx
blacklist ${HOME}/.password-store
blacklist ${HOME}/.wine
caps.drop all

seccomp

protocol unix,inet,inet6

netfilter
noroot
tracelog

Originally created by @ghost on GitHub (Jan 12, 2016). Original GitHub issue: https://github.com/netblue30/firejail/issues/221 kmail is not trivial to set up, because it calls akonadi in order to function. So bellow, i propose a profile, the best i could make it. (the commented out parts, definitely brake it). Launching links and encrypting messages worked. # kmail profile noblacklist ${HOME}/.gnupg # include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc include /etc/firejail/disable-common.inc include /etc/firejail/disable-devel.inc blacklist ${HOME}/.pki/nssdb blacklist ${HOME}/.lastpass blacklist ${HOME}/.keepassx blacklist ${HOME}/.password-store blacklist ${HOME}/.wine caps.drop all # seccomp # protocol unix,inet,inet6 netfilter noroot tracelog

gitea-mirror

2026-05-05 05:11:40 -06:00

closed this issue
added the
enhancement
label

gitea-mirror commented

2026-05-05 05:11:47 -06:00

Author

Owner

@netblue30 commented on GitHub (Jan 12, 2016):

Thanks, I'll put it in.

@netblue30 commented on GitHub (Jan 12, 2016): Thanks, I'll put it in.

gitea-mirror commented

2026-05-05 05:11:50 -06:00

Author

Owner

@netblue30 commented on GitHub (Jan 14, 2016):

I added the profile, you'll find it in /etc/firejail/kmail.profile, thanks!

# kmail profile
noblacklist ${HOME}/.gnupg
include /etc/firejail/disable-mgmt.inc
include /etc/firejail/disable-secret.inc
include /etc/firejail/disable-common.inc
include /etc/firejail/disable-devel.inc
blacklist ${HOME}/.pki/nssdb
blacklist ${HOME}/.lastpass
blacklist ${HOME}/.keepassx
blacklist ${HOME}/.password-store
blacklist ${HOME}/.wine
caps.drop all
seccomp
protocol unix,inet,inet6,netlink
netfilter
noroot
tracelog

@netblue30 commented on GitHub (Jan 14, 2016): I added the profile, you'll find it in /etc/firejail/kmail.profile, thanks! ``` # kmail profile noblacklist ${HOME}/.gnupg include /etc/firejail/disable-mgmt.inc include /etc/firejail/disable-secret.inc include /etc/firejail/disable-common.inc include /etc/firejail/disable-devel.inc blacklist ${HOME}/.pki/nssdb blacklist ${HOME}/.lastpass blacklist ${HOME}/.keepassx blacklist ${HOME}/.password-store blacklist ${HOME}/.wine caps.drop all seccomp protocol unix,inet,inet6,netlink netfilter noroot tracelog ```

gitea-mirror commented

2026-05-05 05:11:51 -06:00

Author

Owner

@ghost commented on GitHub (Jan 14, 2016):

beh... i messed up. Actually i had akonadi not to launch on start up to save memory XD .You could have said so, that there's something strange here :P

Just mention in a comment, that it needs akonadi to launch before kmail, easily scripted with "akonadictl start ; sleep 2 ; firejail kmail". And also "akonadictl stop", when you want it to shut-down.

Normally it is launched at start up. They are also some other akonadi apps that might confuse some users.

@ghost commented on GitHub (Jan 14, 2016): beh... i messed up. Actually i had akonadi not to launch on start up to save memory XD .You could have said so, that there's something strange here :P Just mention in a comment, that it needs akonadi to launch before kmail, easily scripted with "akonadictl start ; sleep 2 ; firejail kmail". And also "akonadictl stop", when you want it to shut-down. Normally it is launched at start up. They are also some other akonadi apps that might confuse some users.

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#155

No description provided.

Rows
Columns