Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

profiles: fixes for brave/evince/whalebird #5442

Merged
merged 4 commits into from
Nov 23, 2022
Merged

profiles: fixes for brave/evince/whalebird #5442

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6829fe6
Fix #5392 -- Evince doesn't remember settings
rusty-snake Oct 30, 2022
adc10aa
Fix #4604 -- Brave browser takes a long time opening under Firejail
rusty-snake Oct 30, 2022
242bb5b
Fix #5311 -- Whalebird-4.6.2 does not work with the default whalebird…
rusty-snake Oct 30, 2022
4c08719
Update etc/profile-a-l/evince.profile
rusty-snake Oct 30, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions etc/profile-a-l/brave.profile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,8 @@ ignore noexec /tmp
# you will need to uncomment the 'brave + tor' rule in /etc/apparmor.d/local/firejail-default.
# Alternatively you can add 'ignore apparmor' to your brave.local.
ignore noexec ${HOME}
# Causes slow starts (#4604)
ignore private-cache

noblacklist ${HOME}/.cache/BraveSoftware
noblacklist ${HOME}/.config/BraveSoftware
Expand Down
13 changes: 6 additions & 7 deletions etc/profile-a-l/evince.profile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ include evince.local
# Persistent global definitions
include globals.local

# WARNING: using bookmarks possibly exposes information, including file history from other programs.
# Add the next line to your evince.local if you need bookmarks support. This also needs additional dbus-user filtering (see below).
#noblacklist ${HOME}/.local/share/gvfs-metadata
# WARNING: This exposes information like file history from other programs.
# You can add a blacklist for it in your evince.local for additional hardening if you can live with some restrictions.
noblacklist ${HOME}/.local/share/gvfs-metadata

noblacklist ${HOME}/.config/evince
noblacklist ${DOCUMENTS}
Expand Down Expand Up @@ -59,9 +59,8 @@ private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd
private-lib evince,gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,gconv,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libarchive.so.*,libdjvulibre.so.*,libgconf-2.so.*,libgraphite2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,libspectre.so.*
private-tmp

# dbus-user filtering might break two-page-view on some systems
dbus-user filter
# Add the next two lines to your evince.local if you need bookmarks support.
#dbus-user.talk org.gtk.vfs.Daemon
#dbus-user.talk org.gtk.vfs.Metadata
dbus-user.talk ca.desrt.dconf
dbus-user.talk org.gtk.vfs.Daemon
dbus-user.talk org.gtk.vfs.Metadata
dbus-system none
3 changes: 2 additions & 1 deletion etc/profile-m-z/whalebird.profile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ include globals.local
ignore include whitelist-runuser-common.inc
ignore include whitelist-usr-share-common.inc

ignore apparmor
ignore dbus-user none
ignore dbus-system none

Expand All @@ -21,7 +22,7 @@ whitelist ${HOME}/.config/Whalebird
no3d

private-bin electron,electron[0-9],electron[0-9][0-9],whalebird
private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id
private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl

# Redirect
include electron.profile