Skip to content

Commit

Permalink
Fix private-etc of electron-mail, fix geary,minitube (#3588)
Browse files Browse the repository at this point in the history 
* Fix private-etc of electron-mail

* Fix dbus of geary

* Fix geary again, remove GPG

* Fix seccomp on Arch
  • Loading branch information
kortewegdevries authored Sep 2, 2020
1 parent fb713f6 commit 3801eb3
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 12 deletions.
2 changes: 2 additions & 0 deletions etc/inc/disable-programs.inc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -216,6 +216,7 @@ blacklist ${HOME}/.config/gajim
blacklist ${HOME}/.config/galculator
blacklist ${HOME}/.config/gconf
blacklist ${HOME}/.config/geany
blacklist ${HOME}/.config/geary
blacklist ${HOME}/.config/gedit
blacklist ${HOME}/.config/geeqie
blacklist ${HOME}/.config/ghb
Expand Down Expand Up @@ -865,6 +866,7 @@ blacklist ${HOME}/.cache/fossamail
blacklist ${HOME}/.cache/fractal
blacklist ${HOME}/.cache/freecol
blacklist ${HOME}/.cache/gajim
blacklist ${HOME}/.cache/geary
blacklist ${HOME}/.cache/gegl-0.4
blacklist ${HOME}/.cache/geeqie
blacklist ${HOME}/.cache/gfeeds
Expand Down
10 changes: 5 additions & 5 deletions etc/profile-a-l/electron-mail.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,6 @@ include globals.local

noblacklist ${HOME}/.config/electron-mail

whitelist ${DOWNLOADS}

include disable-common.inc
include disable-devel.inc
include disable-exec.inc
Expand All @@ -21,8 +19,10 @@ include disable-xdg.inc

mkdir ${HOME}/.config/electron-mail
whitelist ${HOME}/.config/electron-mail
whitelist ${DOWNLOADS}

include whitelist-common.inc
include whitelist-runuser-common.inc
include whitelist-usr-share-common.inc
include whitelist-var-common.inc

Expand All @@ -45,12 +45,12 @@ shell none
private-bin electron-mail
private-cache
private-dev
private-etc alternatives,fonts
private-etc alternatives,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,nsswitch.conf,pki,resolv.conf,ssl,selinux,xdg
private-opt ElectronMail
private-tmp

# breaks tray functionality
# dbus-user none
# dbus-system none
dbus-system none

# memory-deny-write-execute - breaks on Arch
# memory-deny-write-execute - breaks on Arch
12 changes: 6 additions & 6 deletions etc/profile-a-l/geary.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,24 +10,24 @@ include geary.local
# Users have Geary set to open a browser by clicking a link in an email
# We are not allowed to blacklist browser-specific directories

ignore dbus-user none
ignore dbus-user filter
ignore dbus-system none
ignore private-tmp

noblacklist ${HOME}/.gnupg
noblacklist ${HOME}/.cache/geary
noblacklist ${HOME}/.config/geary
noblacklist ${HOME}/.local/share/geary

mkdir ${HOME}/.gnupg
mkdir ${HOME}/.cache/geary
mkdir ${HOME}/.config/geary
mkdir ${HOME}/.local/share/geary
whitelist ${HOME}/.gnupg
whitelist ${HOME}/.cache/geary
whitelist ${HOME}/.config/geary
whitelist ${HOME}/.local/share/geary
whitelist /usr/share/geary

read-only ${HOME}/.config/mimeapps.list

whitelist /usr/share/geary

# allow Mozilla browsers
# Redirect
include firefox.profile
2 changes: 1 addition & 1 deletion etc/profile-m-z/minitube.profile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ notv
nou2f
novideo
protocol unix,inet,inet6,netlink
seccomp
seccomp !kcmp
shell none
tracelog

Expand Down

0 comments on commit 3801eb3

Please sign in to comment.