Various profiles # 2 (#3566)

* Matrix clients Initial * Add profile for fractal, # 1139 * Fixes
netblue30 · Sep 2, 2020 · fa28d0e · fa28d0e
1 parent a5e2b31
commit fa28d0e
Show file tree

Hide file tree

Showing 6 changed files with 232 additions and 0 deletions.
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc
@@ -83,6 +83,7 @@ blacklist ${HOME}/.config/Debauchee/Barrier.conf
 blacklist ${HOME}/.config/Dharkael
 blacklist ${HOME}/.config/Element
 blacklist ${HOME}/.config/Element (Riot)
+blacklist ${HOME}/.config/ENCOM
 blacklist ${HOME}/.config/Enox
 blacklist ${HOME}/.config/Ferdi
 blacklist ${HOME}/.config/Flavio Tordini
@@ -122,6 +123,7 @@ blacklist ${HOME}/.config/QMediathekView
 blacklist ${HOME}/.config/Qlipper
 blacklist ${HOME}/.config/QuiteRss
 blacklist ${HOME}/.config/QuiteRssrc
+blacklist ${HOME}/.config/Quotient
 blacklist ${HOME}/.config/Rambox
 blacklist ${HOME}/.config/Riot
 blacklist ${HOME}/.config/Rocket.Chat
@@ -292,6 +294,7 @@ blacklist ${HOME}/.config/menulibre.cfg
 blacklist ${HOME}/.config/mfusion
 blacklist ${HOME}/.config/Microsoft
 blacklist ${HOME}/.config/midori
+blacklist ${HOME}/.config/mirage
 blacklist ${HOME}/.config/mono
 blacklist ${HOME}/.config/mpDris2
 blacklist ${HOME}/.config/mpd
@@ -639,6 +642,7 @@ blacklist ${HOME}/.local/share/mana
 blacklist ${HOME}/.local/share/maps-places.json
 blacklist ${HOME}/.local/share/meld
 blacklist ${HOME}/.local/share/midori
+blacklist ${HOME}/.local/share/mirage
 blacklist ${HOME}/.local/share/multimc
 blacklist ${HOME}/.local/share/multimc5
 blacklist ${HOME}/.local/share/mupen64plus
@@ -817,6 +821,7 @@ blacklist ${HOME}/.cache/8pecxstudios
 blacklist ${HOME}/.cache/Authenticator
 blacklist ${HOME}/.cache/BraveSoftware
 blacklist ${HOME}/.cache/Clementine
+blacklist ${HOME}/.cache/ENCOM/Spectral
 blacklist ${HOME}/.cache/Enox
 blacklist ${HOME}/.cache/Enpass
 blacklist ${HOME}/.cache/Ferdi
@@ -827,6 +832,7 @@ blacklist ${HOME}/.cache/MusicBrainz
 blacklist ${HOME}/.cache/NewsFlashGTK
 blacklist ${HOME}/.cache/Otter
 blacklist ${HOME}/.cache/QuiteRss
+blacklist ${HOME}/.cache/Quotient/quaternion
 blacklist ${HOME}/.cache/Shortwave
 blacklist ${HOME}/.cache/Tox
 blacklist ${HOME}/.cache/Zeal
@@ -856,6 +862,7 @@ blacklist ${HOME}/.cache/falkon
 blacklist ${HOME}/.cache/feedreader
 blacklist ${HOME}/.cache/font-manager
 blacklist ${HOME}/.cache/fossamail
+blacklist ${HOME}/.cache/fractal
 blacklist ${HOME}/.cache/freecol
 blacklist ${HOME}/.cache/gajim
 blacklist ${HOME}/.cache/gegl-0.4
@@ -897,6 +904,7 @@ blacklist ${HOME}/.cache/liferea
 blacklist ${HOME}/.cache/Mendeley Ltd.
 blacklist ${HOME}/.cache/midori
 blacklist ${HOME}/.cache/minetest
+blacklist ${HOME}/.cache/mirage
 blacklist ${HOME}/.cache/moonchild productions/basilisk
 blacklist ${HOME}/.cache/moonchild productions/pale moon
 blacklist ${HOME}/.cache/mozilla

diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile
@@ -0,0 +1,54 @@
+# Firejail profile for fractal
+# Description: Desktop client for Matrix 
+# This file is overwritten after every install/update
+# Persistent local customizations
+include fractal.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.cache/fractal
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.cache/fractal
+whitelist ${HOME}/.cache/fractal
+whitelist ${DOWNLOADS}
+include whitelist-common.inc
+include whitelist-runuser-common.inc 
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+protocol unix,inet,inet6
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin fractal
+private-cache
+private-dev
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
+private-tmp
+
+dbus-user filter
+dbus-user.own org.gnome.Fractal
+dbus-user.talk ca.desrt.dconf
+dbus-user.talk org.freedesktop.secrets
+dbus-user.talk org.freedesktop.Notifications
+dbus-system none
diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile
@@ -0,0 +1,59 @@
+# Firejail profile for mirage
+# Description: Desktop client for Matrix 
+# This file is overwritten after every install/update
+# Persistent local customizations
+include mirage.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.cache/mirage
+noblacklist ${HOME}/.config/mirage
+noblacklist ${HOME}/.local/share/mirage
+
+include allow-python2.inc
+include allow-python3.inc
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.cache/mirage
+mkdir ${HOME}/.config/mirage
+mkdir ${HOME}/.local/share/mirage
+whitelist ${HOME}/.cache/mirage
+whitelist ${HOME}/.config/mirage
+whitelist ${HOME}/.local/share/mirage
+whitelist ${DOWNLOADS}
+include whitelist-common.inc
+include whitelist-runuser-common.inc 
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+protocol unix,inet,inet6
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin mirage
+private-cache
+private-dev
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
+private-tmp
+
+dbus-user none
+dbus-system none
diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile
@@ -0,0 +1,54 @@
+# Firejail profile for quaternion
+# Description: Desktop client for Matrix 
+# This file is overwritten after every install/update
+# Persistent local customizations
+include quaternion.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.cache/Quotient/quaternion
+noblacklist ${HOME}/.config/Quotient
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.cache/Quotient/quaternion
+mkdir ${HOME}/.config/Quotient
+whitelist ${HOME}/.cache/Quotient/quaternion
+whitelist ${HOME}/.config/Quotient
+whitelist ${DOWNLOADS}
+whitelist /usr/share/Quotient/quaternion
+include whitelist-common.inc
+include whitelist-runuser-common.inc 
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-bin quaternion
+private-cache
+private-dev
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
+private-tmp
+
+dbus-user none
+dbus-system none
diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile
@@ -0,0 +1,53 @@
+# Firejail profile for spectral
+# Description: Desktop client for Matrix 
+# This file is overwritten after every install/update
+# Persistent local customizations
+include spectral.local
+# Persistent global definitions
+include globals.local
+
+noblacklist ${HOME}/.cache/ENCOM/Spectral
+noblacklist ${HOME}/.config/ENCOM
+
+include disable-common.inc
+include disable-devel.inc
+include disable-exec.inc
+include disable-interpreters.inc
+include disable-passwdmgr.inc
+include disable-programs.inc
+include disable-shell.inc
+include disable-xdg.inc
+
+mkdir ${HOME}/.cache/ENCOM/Spectral
+mkdir ${HOME}/.config/ENCOM
+whitelist ${HOME}/.cache/ENCOM/Spectral
+whitelist ${HOME}/.config/ENCOM
+whitelist ${DOWNLOADS}
+include whitelist-common.inc
+include whitelist-runuser-common.inc 
+include whitelist-usr-share-common.inc
+include whitelist-var-common.inc
+
+apparmor
+caps.drop all
+netfilter
+nodvd
+nogroups
+nonewprivs
+noroot
+notv
+nou2f
+protocol unix,inet,inet6,netlink
+seccomp
+shell none
+tracelog
+
+disable-mnt
+private-cache
+private-bin spectral
+private-dev
+private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
+private-tmp
+
+dbus-user none
+dbus-system none
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
@@ -229,6 +229,7 @@ font-manager
 fontforge
 fossamail
 four-in-a-row
+fractal
 franz
 freecad
 freecadcmd
@@ -464,6 +465,7 @@ mindless
 minecraft-launcher
 minetest
 minitube
+mirage
 mirrormagic
 mocp
 mousepad
@@ -604,6 +606,7 @@ qt-faststart
 qtox
 quadrapassel
 quassel
+quaternion
 quiterss
 qupzilla
 qutebrowser
@@ -656,6 +659,7 @@ soffice
 sol
 sound-juicer
 soundconverter
+spectral
 spotify
 sqlitebrowser
 ssh