Skip to content

New profile: fluffychat #6007

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 23, 2023
Merged

New profile: fluffychat #6007

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions etc/inc/disable-programs.inc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -920,6 +920,7 @@ blacklist ${HOME}/.local/share/evolution
blacklist ${HOME}/.local/share/feedreader
blacklist ${HOME}/.local/share/feral-interactive
blacklist ${HOME}/.local/share/five-or-more
blacklist ${HOME}/.local/share/fluffychat
blacklist ${HOME}/.local/share/freecol
blacklist ${HOME}/.local/share/gajim
blacklist ${HOME}/.local/share/gdfuse
Expand Down
73 changes: 73 additions & 0 deletions etc/profile-a-l/fluffychat.profile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
# Firejail profile for fluffychat
# Description: Easy to use matrix messenger
# This file is overwritten after every install/update
# Persistent local customizations
include fluffychat.local
# Persistent global definitions
include globals.local

noblacklist ${HOME}/.local/share/fluffychat

# Allow /bin/sh (blacklisted by disable-shell.inc)
include allow-bin-sh.inc

include disable-common.inc
include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-proc.inc
include disable-programs.inc
include disable-shell.inc
include disable-xdg.inc

# The lines below are needed to find the default Firefox profile name, to allow
# opening links in an existing instance of Firefox (note that it still fails if
# there isn't a Firefox instance running with the default profile; see #5352)
noblacklist ${HOME}/.mozilla
whitelist ${HOME}/.mozilla/firefox/profiles.ini
read-only ${HOME}/.mozilla/firefox/profiles.ini

mkdir ${HOME}/.local/share/fluffychat
whitelist ${DOWNLOADS}
whitelist ${HOME}/.local/share/fluffychat
whitelist /opt/fluffychat
whitelist /usr/share/fluffychat
include whitelist-common.inc
include whitelist-run-common.inc
include whitelist-runuser-common.inc
include whitelist-usr-share-common.inc
include whitelist-var-common.inc

apparmor
caps.drop all
netfilter
no3d
nodvd
nogroups
noinput
nonewprivs
noprinters
noroot
notv
nou2f
novideo
protocol unix,inet,inet6
seccomp
seccomp.block-secondary
tracelog

disable-mnt
private-bin firefox,fluffychat,sh,which,zenity
private-cache
private-dev
private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,gconf,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg
private-tmp

dbus-user filter
dbus-user.talk org.freedesktop.secrets
# allow D-Bus communication with firefox for opening links
dbus-user.talk org.mozilla.*
dbus-system filter
dbus-system.talk org.freedesktop.NetworkManager

restrict-namespaces
1 change: 1 addition & 0 deletions src/firecfg/firecfg.config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -274,6 +274,7 @@ flacsplt
flameshot
flashpeak-slimjet
flowblade
fluffychat
font-manager
fontforge
fossamail
Expand Down