diff options
author | Juan | 2016-09-29 12:59:02 -0400 |
---|---|---|
committer | Juan | 2016-09-29 12:59:02 -0400 |
commit | c44fd26f81a29a62bdd0e8a8b87d6ce1edbaf0ef (patch) | |
tree | 551efaa09a990079ad2904adcc9cb051f855972e | |
parent | d1c4d25b44c544bfd2e58e9b5b86162b2755abe2 (diff) | |
download | aur-c44fd26f81a29a62bdd0e8a8b87d6ce1edbaf0ef.tar.gz |
test
-rw-r--r-- | .SRCINFO | 75 | ||||
-rw-r--r-- | PKGBUILD | 83 | ||||
-rw-r--r-- | blender.profile | 18 | ||||
-rw-r--r-- | brackets.profile | 21 | ||||
-rw-r--r-- | fetchmail.profile | 13 | ||||
-rw-r--r-- | linphone.profile | 8 | ||||
-rw-r--r-- | luminance-hdr.profile | 21 | ||||
-rw-r--r-- | mpd.profile | 11 | ||||
-rw-r--r-- | mutt.profile | 36 | ||||
-rw-r--r-- | natron.profile | 25 | ||||
-rw-r--r-- | qpdfview.profile | 26 | ||||
-rw-r--r-- | shotcut.profile | 17 | ||||
-rw-r--r-- | synfigstudio.profile | 17 | ||||
-rw-r--r-- | virtualbox.profile | 13 |
14 files changed, 353 insertions, 31 deletions
@@ -1,38 +1,85 @@ pkgbase = firejail-extras pkgdesc = Extra profiles for firejail - pkgver = 0.9.40 + pkgver = 0.9.42 pkgrel = 2 url = https://aur.archlinux.org/packages/firejail-profiles/ arch = any license = GPL2 - source = firejail-extras.7z + source = brackets.profile source = openshot.profile source = openshot-qt.profile source = scribus.profile - md5sums = 3724fdcd1ba5a5f7b16220810fac1c3d - md5sums = 50e641863a677c1090fee316992c2732 - md5sums = c3ef2b516dae3c5085eba5a1fa2599fe - md5sums = e26f29550ec222669b01dbf43fcc1245 - sha1sums = 953b4e7455badf1fab43c0e9ea938281ec5bbc18 - sha1sums = b0090c44d5e86c42aa40d25b81ddac4457577ea8 - sha1sums = 974bab382c77b3ff38ac9b6c7f70cf7733bbb763 - sha1sums = 88227e258f045bca598c53997d070578e201aff9 - sha224sums = a99e8e38c2daad1c2957deb8c85e2c29049c7a7f0449a5123e70bafb + source = fetchmail.profile + source = linphone.profile + source = luminance-hdr.profile + source = mpd.profile + source = mutt.profile + source = qpdfview.profile + source = synfigstudio.profile + source = virtualbox.profile + source = shotcut.profile + source = blender.profile + source = natron.profile + sha224sums = 842e7d4cfb275db809f0c14383d0998db69bd94adb0558ba87ce0980 sha224sums = 7f00990b1159ae11a12cbea9c32410a07fba61965a8a938b6fa11ffd sha224sums = 6fff0cd0079e90a8b6ffbdc26862b314ae77d9bf4a28f600be974c96 sha224sums = 1979e07c907f2f41737e9358d74c2995ae37056b86e4a9e308cdadb8 - sha256sums = 9dd7a8ad02e800dd27228f02ec80d94f39e0bf1065796b7b8d3795cd0b18c227 + sha224sums = 3427fb0e53fb785d719e991498c0880b5f428fb171f81297f7331b5a + sha224sums = 7da3749d6c16bd2836a8061450b6e01ba91928e947cd6c4dc371abc9 + sha224sums = 4b82e9c843c2dca854758ed5b3a1177d889dc5db57dd6ee44d35851e + sha224sums = 7d220b834e55d0e6c3616215718efb78639ce7e9e65a10774e7f0512 + sha224sums = 5b14553d672028b4e33fad25cb598c3cfd46bcebf079e5c72499e87a + sha224sums = 6aff7132c679f4c2fcf1a40dd5db101994cab57c4151ca76e572c17e + sha224sums = 0ffeb52ce0d227890a623c12c46a5e915a0cbcbf605dec349fb20401 + sha224sums = f9f5a7b29bd589533a150622781288669828729528cb74da2d70f27d + sha224sums = c0841469887f8a3d42a6c193c75a974b589a8ca59017aa57dc57efb4 + sha224sums = 90b4e20ffe1c9165a9cd7efbaec55b59276d8a717f993df6c841ff07 + sha224sums = 3a65a2fa392fa5834358b41c21feb36f7b2793c0d153835a8d4e2fe5 + sha256sums = 9d24da9a63b02f010a5e0453deb50567d73026a9f9f6806248458740df87688d sha256sums = 4f5591e2513f19d29c30329f29f3fbf79fa489bb6fa4878b1a8d549636f6d0a3 sha256sums = 9ead11e11627318a856e7c7b93047ce95b23dd6119af98fc64441ad0d73cc21a sha256sums = 9a739e226e58223a372ea534d5f89d5d4763a8ddee86c93fa284122846d88014 - sha384sums = d1417ac48db95ed387629f8002b3ffac855dd0cb52cea160293474b2ccb171a956207e2c24f8dc32ba8ccdf38f6fe305 + sha256sums = 2b6714f7c7ba9d2e86823da28f99b65f88d1de677574ba76d017ab8db15fa0d6 + sha256sums = 56ea3276464a1ff70a7b7a7c7a2244623073a0fe966d550f1aaa3f3accd5d4e2 + sha256sums = 3b590956582e7e918c05734d13ea40b7226c796e2c97009d179989055e188b7a + sha256sums = e1f453c44c80e48c4f27a38f99fa77d714b2c25b5ebdeeca2ebcf1d2d8d04bf2 + sha256sums = 71c754a6c19e8f01b884e6b07d973a1907283d3ec5d6e193037ec2d34437973c + sha256sums = b11bb4101f390cfd250823c1a08ec57f0df9374fbf21ef0b0f6080e598c8bb8c + sha256sums = 3ea8226effb58b209a6942c807ae9b22db4b2a5258cc4ebedc50a16004c62f57 + sha256sums = 094ecdb1351050abf11d0d8f556f8fb65126f5c0cffa91a3a264bfb74d638aea + sha256sums = 02a9a93e18392a7e409bb89aff8fe67b3f23b210873276d45a37ec1c6546838c + sha256sums = 0233d5440e9cc0833d7d92c0bd093e69ca52d573c8abd91136f5d8ead43f6f36 + sha256sums = 63220e730d8f5b1ac8e9d7bbd93b2b97d772eb1b1331fb5cb8e5741776a41a31 + sha384sums = 9170e420cc5d3f7201d932cfcb78c6ac7490864777c6c2bbc61d42265a70702f706eb58c1a5d84ab7718effbf2686991 sha384sums = e8c1c0d1466cab074b0fbf5f8b98cfff5c828ebf7d37baa63eff29af9733d282f788142ba629f76f0321349de4d81779 sha384sums = 987b6544bdfc56218e41c22bb309b15a91db66170f46d94c2125bdbeda8aff065c66cf9fcb5495fb12a12878c092ce06 sha384sums = fa9a069d46d20572ea174f3507996e88ec558f3fb5224ab4abbd22535476b4cac7ed9541075596b77865a2099d9a66c1 - sha512sums = 8d0c4ecce1e466b61cc0c6eaf8250ff78b37828e27bf53e818590c74a3daf368b65fd238570dd7db889d3facd37da78bf1be67dd9cc24bb78ab546891d67b9df + sha384sums = 2d9e06ff76261c2e57f7782aac3b9d1f09995db032dca8bde5449a5b4f394ad4991806063f26f5c25e4c46a86e45c6b4 + sha384sums = b71f3d606d5a36f14049e7ecb56d445c8378692b178638c08f6a8defe42a3b1f474108d23a0e734093770103d9bd9327 + sha384sums = deef0ff4892f86b7861864a316d43d9f6936eb90826b47762efda4f2ed9fa7f2c1928c9bb171557bfc7e54975fcd6156 + sha384sums = 2aa44d733636cd172a1c467a64b6a4d0498a0e04c90630068e902535817a5de94055eacc260bd8f5dfda4a619a96dfa3 + sha384sums = 6a8d3f7841cfc9792fc7983ec727434c9115e711d28217bf5c4785ac2219fd72d787f4c8bca6abd6b20d6a1af57206d4 + sha384sums = 6f51fa710a927a00217a41337ace6fb9897a0ebd3eea9aee948b3cb939295bd990425127d31b91ae85762f948f96231e + sha384sums = 34a73e3e94da4e6455e535d91cc28b874478c0e5512d0bddd729731f49566e9fde2ab439b868cc2d45e032761260d691 + sha384sums = 5518543d65de2384786882c669fbf5915dc598f8973b22f6d399180a71291d6b50b786bedd8f38bd676ef7ef9fe82b90 + sha384sums = 414e5d4ede38b0f0d0c43f8e9616f946e36ea888e90b0e0bb223c214b30d9a3e1e5b60fb3f67c4e766d9676e120a38b2 + sha384sums = e5b710f9241dc3d45171125e31a81a67605c2307a99aa30bbdf27b9b8ee9978e5413defc2b7f2f96bf60152bfc8e5507 + sha384sums = 1a30c620308c6b59e6edfe86428ce27fb5e7956a5859c34d3bb3a34cd113b2572bcc028aee3b57fc2ff4d2239c44343f + sha512sums = 7e94af384588b350596efb9761000ad8f253eb4542cf53925d43130c4af3312d2c7d37ee59654f2dcaf7e71f0daed2b6235aaf15d26b22633410eb765d0be386 sha512sums = d586028e757c5d3f5b94cc2808263a18df9cd572a65729cf50c03d8544e15fb354d50d645e6db95e1fe72fa31d4ac003e8856c5dc313cf330a715ac6ced67636 sha512sums = 7372f47acf2a6531c3a13d7a7acc35f3b43bd0ee6e2eb21d34b48e59bfaf1baf86e1b4c90a36d81a822c4260948b37669e767856ca84199f31d6dd37fb314690 sha512sums = 88a8918f1e792ce255faad18ca9bef89cdbd863aec3eaa2e321e890304107315d68afb6828bd383024b398156b88e312e698ce2a74e348ffba7cd368df613399 + sha512sums = 5e777c21ba8c66c0bb3de82ba5607edcf4b8b20e0092ab95d54f4b2e99e781421335484055a32cefa8faa107ee9269e390ddf9dd19f378d9b4e3e826988410c1 + sha512sums = a8277567e8a42a43b992b65374210d149f632e1656fb45e7df5204a4a5cd2df2bcf0c1987be8737505ee42adc7ae21046c25bcb3cb6e1bd8b9dac743e40d466f + sha512sums = 3c52e1d3c6b41bb88e9cd3328dfa5e521d96cfbfca037bf9e6af446532553df7e7688315d752e78b5fdab676b0d2226bfb2dccf6d6e18077386dbca2bb0ab9e0 + sha512sums = 2e7d2fab98a24cf87fffd9dde8d4af670272bda9118b7757cd12677b7595226d526798f8a4c1bdee2dd5fde943ff566feb5c837e564a66f54511e1409a5bd0a3 + sha512sums = 5f7f252f6b0ed144faf840490f1e840bc01745f79d0f9225c5f0022fde828318ab15bf90439a85d24bdda593ecbab98231d6f76d5d70f86b9b41c0e910f09a70 + sha512sums = 4d6af7462f83f11dd3d9b5c1449a37721999a6c6ea378e5307059dd025fa21eb270081843e921249e01d381c07bf3c886cbce4ecbd8ed42c256a0d51c4840439 + sha512sums = 9d37a24d8890cfe47478dc6587626993c96858aa7560ef16a7a69c338ec568c26bbdeda88360cb5a9fd92faf1b59e5123177a8b23fab3892bc7197e23c7e089b + sha512sums = b027ceadcae2fac124ed7fc079aced1ccf374b1912ab37af6948fa9d2c2bc451969ba5c2f1838ab7e280e271d04190cd5ccd7b91785540eee62fa16866ae371a + sha512sums = 60a96daa53dcd4928bd9ca6b92608b7040b9f55965aab3e203420f75986f048ef4dd4afd03e201a83e9ecaf5aebf80955ce4a4388c27abb2916ff2c1c86cbfe4 + sha512sums = a89dbf25938d27f56b53dac41c79cb4761f3bab8c91d203afd63644be3c1e342a46c236a226516e4213ffb6fe0819c43cc9aac2223374a01fd65fd935a1e1b11 + sha512sums = fe2663eeda4dfc6d3bd4a46a303138f05918e900c36c4d434caf1034fef21df145a67a20a926b09d7d7f2cf4be72ecef7d23e0ad1322d1f8ae8f1966a749375c pkgname = firejail-extras @@ -4,49 +4,98 @@ # ALERTA: Estos perfiles son inestbles y pueden fallar. pkgname=firejail-extras -pkgver=0.9.40 +pkgver=0.9.42 pkgrel=2 pkgdesc="Extra profiles for firejail" arch=('any') url="https://aur.archlinux.org/packages/firejail-profiles/" license=('GPL2') -source=("firejail-extras.7z" +source=("brackets.profile" "openshot.profile" "openshot-qt.profile" - "scribus.profile" + "scribus.profile" + "fetchmail.profile" + "linphone.profile" + "luminance-hdr.profile" + "mpd.profile" + "mutt.profile" + "qpdfview.profile" + "synfigstudio.profile" + "virtualbox.profile" + "shotcut.profile" + "blender.profile" + "natron.profile" ) -sha256sums=('9dd7a8ad02e800dd27228f02ec80d94f39e0bf1065796b7b8d3795cd0b18c227' + +sha256sums=('9d24da9a63b02f010a5e0453deb50567d73026a9f9f6806248458740df87688d' '4f5591e2513f19d29c30329f29f3fbf79fa489bb6fa4878b1a8d549636f6d0a3' '9ead11e11627318a856e7c7b93047ce95b23dd6119af98fc64441ad0d73cc21a' '9a739e226e58223a372ea534d5f89d5d4763a8ddee86c93fa284122846d88014' + '2b6714f7c7ba9d2e86823da28f99b65f88d1de677574ba76d017ab8db15fa0d6' + '56ea3276464a1ff70a7b7a7c7a2244623073a0fe966d550f1aaa3f3accd5d4e2' + '3b590956582e7e918c05734d13ea40b7226c796e2c97009d179989055e188b7a' + 'e1f453c44c80e48c4f27a38f99fa77d714b2c25b5ebdeeca2ebcf1d2d8d04bf2' + '71c754a6c19e8f01b884e6b07d973a1907283d3ec5d6e193037ec2d34437973c' + 'b11bb4101f390cfd250823c1a08ec57f0df9374fbf21ef0b0f6080e598c8bb8c' + '3ea8226effb58b209a6942c807ae9b22db4b2a5258cc4ebedc50a16004c62f57' + '094ecdb1351050abf11d0d8f556f8fb65126f5c0cffa91a3a264bfb74d638aea' + '02a9a93e18392a7e409bb89aff8fe67b3f23b210873276d45a37ec1c6546838c' + '0233d5440e9cc0833d7d92c0bd093e69ca52d573c8abd91136f5d8ead43f6f36' + '63220e730d8f5b1ac8e9d7bbd93b2b97d772eb1b1331fb5cb8e5741776a41a31' ) -sha512sums=('8d0c4ecce1e466b61cc0c6eaf8250ff78b37828e27bf53e818590c74a3daf368b65fd238570dd7db889d3facd37da78bf1be67dd9cc24bb78ab546891d67b9df' + +sha512sums=('7e94af384588b350596efb9761000ad8f253eb4542cf53925d43130c4af3312d2c7d37ee59654f2dcaf7e71f0daed2b6235aaf15d26b22633410eb765d0be386' 'd586028e757c5d3f5b94cc2808263a18df9cd572a65729cf50c03d8544e15fb354d50d645e6db95e1fe72fa31d4ac003e8856c5dc313cf330a715ac6ced67636' '7372f47acf2a6531c3a13d7a7acc35f3b43bd0ee6e2eb21d34b48e59bfaf1baf86e1b4c90a36d81a822c4260948b37669e767856ca84199f31d6dd37fb314690' '88a8918f1e792ce255faad18ca9bef89cdbd863aec3eaa2e321e890304107315d68afb6828bd383024b398156b88e312e698ce2a74e348ffba7cd368df613399' -) -sha1sums=('953b4e7455badf1fab43c0e9ea938281ec5bbc18' - 'b0090c44d5e86c42aa40d25b81ddac4457577ea8' - '974bab382c77b3ff38ac9b6c7f70cf7733bbb763' - '88227e258f045bca598c53997d070578e201aff9' + '5e777c21ba8c66c0bb3de82ba5607edcf4b8b20e0092ab95d54f4b2e99e781421335484055a32cefa8faa107ee9269e390ddf9dd19f378d9b4e3e826988410c1' + 'a8277567e8a42a43b992b65374210d149f632e1656fb45e7df5204a4a5cd2df2bcf0c1987be8737505ee42adc7ae21046c25bcb3cb6e1bd8b9dac743e40d466f' + '3c52e1d3c6b41bb88e9cd3328dfa5e521d96cfbfca037bf9e6af446532553df7e7688315d752e78b5fdab676b0d2226bfb2dccf6d6e18077386dbca2bb0ab9e0' + '2e7d2fab98a24cf87fffd9dde8d4af670272bda9118b7757cd12677b7595226d526798f8a4c1bdee2dd5fde943ff566feb5c837e564a66f54511e1409a5bd0a3' + '5f7f252f6b0ed144faf840490f1e840bc01745f79d0f9225c5f0022fde828318ab15bf90439a85d24bdda593ecbab98231d6f76d5d70f86b9b41c0e910f09a70' + '4d6af7462f83f11dd3d9b5c1449a37721999a6c6ea378e5307059dd025fa21eb270081843e921249e01d381c07bf3c886cbce4ecbd8ed42c256a0d51c4840439' + '9d37a24d8890cfe47478dc6587626993c96858aa7560ef16a7a69c338ec568c26bbdeda88360cb5a9fd92faf1b59e5123177a8b23fab3892bc7197e23c7e089b' + 'b027ceadcae2fac124ed7fc079aced1ccf374b1912ab37af6948fa9d2c2bc451969ba5c2f1838ab7e280e271d04190cd5ccd7b91785540eee62fa16866ae371a' + '60a96daa53dcd4928bd9ca6b92608b7040b9f55965aab3e203420f75986f048ef4dd4afd03e201a83e9ecaf5aebf80955ce4a4388c27abb2916ff2c1c86cbfe4' + 'a89dbf25938d27f56b53dac41c79cb4761f3bab8c91d203afd63644be3c1e342a46c236a226516e4213ffb6fe0819c43cc9aac2223374a01fd65fd935a1e1b11' + 'fe2663eeda4dfc6d3bd4a46a303138f05918e900c36c4d434caf1034fef21df145a67a20a926b09d7d7f2cf4be72ecef7d23e0ad1322d1f8ae8f1966a749375c' + ) -sha224sums=('a99e8e38c2daad1c2957deb8c85e2c29049c7a7f0449a5123e70bafb' +sha224sums=('842e7d4cfb275db809f0c14383d0998db69bd94adb0558ba87ce0980' '7f00990b1159ae11a12cbea9c32410a07fba61965a8a938b6fa11ffd' '6fff0cd0079e90a8b6ffbdc26862b314ae77d9bf4a28f600be974c96' '1979e07c907f2f41737e9358d74c2995ae37056b86e4a9e308cdadb8' + '3427fb0e53fb785d719e991498c0880b5f428fb171f81297f7331b5a' + '7da3749d6c16bd2836a8061450b6e01ba91928e947cd6c4dc371abc9' + '4b82e9c843c2dca854758ed5b3a1177d889dc5db57dd6ee44d35851e' + '7d220b834e55d0e6c3616215718efb78639ce7e9e65a10774e7f0512' + '5b14553d672028b4e33fad25cb598c3cfd46bcebf079e5c72499e87a' + '6aff7132c679f4c2fcf1a40dd5db101994cab57c4151ca76e572c17e' + '0ffeb52ce0d227890a623c12c46a5e915a0cbcbf605dec349fb20401' + 'f9f5a7b29bd589533a150622781288669828729528cb74da2d70f27d' + 'c0841469887f8a3d42a6c193c75a974b589a8ca59017aa57dc57efb4' + '90b4e20ffe1c9165a9cd7efbaec55b59276d8a717f993df6c841ff07' + '3a65a2fa392fa5834358b41c21feb36f7b2793c0d153835a8d4e2fe5' + ) -sha384sums=('d1417ac48db95ed387629f8002b3ffac855dd0cb52cea160293474b2ccb171a956207e2c24f8dc32ba8ccdf38f6fe305' +sha384sums=('9170e420cc5d3f7201d932cfcb78c6ac7490864777c6c2bbc61d42265a70702f706eb58c1a5d84ab7718effbf2686991' 'e8c1c0d1466cab074b0fbf5f8b98cfff5c828ebf7d37baa63eff29af9733d282f788142ba629f76f0321349de4d81779' '987b6544bdfc56218e41c22bb309b15a91db66170f46d94c2125bdbeda8aff065c66cf9fcb5495fb12a12878c092ce06' 'fa9a069d46d20572ea174f3507996e88ec558f3fb5224ab4abbd22535476b4cac7ed9541075596b77865a2099d9a66c1' -) + '2d9e06ff76261c2e57f7782aac3b9d1f09995db032dca8bde5449a5b4f394ad4991806063f26f5c25e4c46a86e45c6b4' + 'b71f3d606d5a36f14049e7ecb56d445c8378692b178638c08f6a8defe42a3b1f474108d23a0e734093770103d9bd9327' + 'deef0ff4892f86b7861864a316d43d9f6936eb90826b47762efda4f2ed9fa7f2c1928c9bb171557bfc7e54975fcd6156' + '2aa44d733636cd172a1c467a64b6a4d0498a0e04c90630068e902535817a5de94055eacc260bd8f5dfda4a619a96dfa3' + '6a8d3f7841cfc9792fc7983ec727434c9115e711d28217bf5c4785ac2219fd72d787f4c8bca6abd6b20d6a1af57206d4' + '6f51fa710a927a00217a41337ace6fb9897a0ebd3eea9aee948b3cb939295bd990425127d31b91ae85762f948f96231e' + '34a73e3e94da4e6455e535d91cc28b874478c0e5512d0bddd729731f49566e9fde2ab439b868cc2d45e032761260d691' + '5518543d65de2384786882c669fbf5915dc598f8973b22f6d399180a71291d6b50b786bedd8f38bd676ef7ef9fe82b90' + '414e5d4ede38b0f0d0c43f8e9616f946e36ea888e90b0e0bb223c214b30d9a3e1e5b60fb3f67c4e766d9676e120a38b2' + 'e5b710f9241dc3d45171125e31a81a67605c2307a99aa30bbdf27b9b8ee9978e5413defc2b7f2f96bf60152bfc8e5507' + '1a30c620308c6b59e6edfe86428ce27fb5e7956a5859c34d3bb3a34cd113b2572bcc028aee3b57fc2ff4d2239c44343f ' -md5sums=('3724fdcd1ba5a5f7b16220810fac1c3d' - '50e641863a677c1090fee316992c2732' - 'c3ef2b516dae3c5085eba5a1fa2599fe' - 'e26f29550ec222669b01dbf43fcc1245' ) diff --git a/blender.profile b/blender.profile new file mode 100644 index 000000000000..6d92c078b8fa --- /dev/null +++ b/blender.profile @@ -0,0 +1,18 @@ +whitelist ${DOWNLOADS} +whitelist ${HOME}/Images +whitelist ${HOME}/Videos + +private-bin blender +private-etc fonts,X11 +private-dev +whitelist /tmp/.X11-unix + +noexec ${HOME} +noexec /tmp + +shell none +noroot +ipc-namespace +net none +seccomp +caps.drop all
\ No newline at end of file diff --git a/brackets.profile b/brackets.profile new file mode 100644 index 000000000000..b79d3abae320 --- /dev/null +++ b/brackets.profile @@ -0,0 +1,21 @@ +whitelist ${HOME}/.config/Brackets +whitelist ${HOME}/.gtkrc-2.0 +whitelist ${HOME}/.themes +whitelist ${DOWNLOADS} +whitelist ${HOME}/Documents + +whitelist /opt/brackets/ +whitelist /opt/google/ + +private-bin bash,brackets,readlink,dirname,google-chrome,cat +private-dev +whitelist /tmp/.X11-unix + +# Comment out or use --ignore=net if you want to install extensions or themes +net none + +# Disable these if you use live preview (until I figure out a workaround) +# Doing so should be relatively safe since there is no network access +seccomp +noroot +caps.drop all
\ No newline at end of file diff --git a/fetchmail.profile b/fetchmail.profile new file mode 100644 index 000000000000..1919803b770b --- /dev/null +++ b/fetchmail.profile @@ -0,0 +1,13 @@ +whitelist ${HOME}/scripts/fetchmail-real.sh +# whitelist ${HOME}/.fetchmailrc.gpg +# whitelist /tmp/fetchmailrc +whitelist ${HOME}/Mail +whitelist ${HOME}/.procmailrc.gmail +whitelist ${HOME}/.procmailrc.brown + +noroot +private-dev +caps.drop all +seccomp +nogroups +nosound
\ No newline at end of file diff --git a/linphone.profile b/linphone.profile new file mode 100644 index 000000000000..6a2c89b36792 --- /dev/null +++ b/linphone.profile @@ -0,0 +1,8 @@ +whitelist ${HOME}/.linphonerc +whitelist ${HOME}/.linphone-history.db +whitelist ${HOME}/Downloads +whitelist ${HOME}/.gtkrc-2.0 +whitelist ${HOME}/.gtkrc.mine +caps.drop all +noroot +seccomp
\ No newline at end of file diff --git a/luminance-hdr.profile b/luminance-hdr.profile new file mode 100644 index 000000000000..d6d24fec4296 --- /dev/null +++ b/luminance-hdr.profile @@ -0,0 +1,21 @@ +private-bin luminance-hdr,luminance-hdr-cli,align_image_stack +private-dev +private-etc fonts,X11,alternatives +whitelist /tmp/.X11-unix + +whitelist ${HOME}/Pictures +whitelist ${HOME}/Downloads +whitelist ${HOME}/.LuminanceHDR +whitelist ${HOME}/.config/Luminance + +noexec ${HOME} +noexec /tmp + +shell none +seccomp +caps.drop all +noroot +net none +nogroups +nosound +ipc-namespace
\ No newline at end of file diff --git a/mpd.profile b/mpd.profile new file mode 100644 index 000000000000..ec80780f7b4c --- /dev/null +++ b/mpd.profile @@ -0,0 +1,11 @@ +whitelist ${HOME}/Music +whitelist ${HOME}/mpd +whitelist ${HOME}/.mpdconf +whitelist ${HOME}/.config/pulse/ +whitelist ${HOME}/.pulse/ +read-only ${HOME}/Music/ +private-dev +private-bin mpd,bash +caps.drop all +noroot +seccomp
\ No newline at end of file diff --git a/mutt.profile b/mutt.profile new file mode 100644 index 000000000000..da60111e293d --- /dev/null +++ b/mutt.profile @@ -0,0 +1,36 @@ +# Necessary to get Mutt working +whitelist ${HOME}/.mutt +whitelist ${HOME}/.muttrc +whitelist ${HOME}/.mutt_certificates +whitelist ${HOME}/.signatures +whitelist ${HOME}/.mailcap +whitelist ${HOME}/sent +whitelist ${HOME}/.mutt_cache +whitelist ${HOME}/Mail +whitelist ${HOME}/.gnupg + +# To store files +whitelist ${HOME}/Downloads + +whitelist /tmp/user/1000/emacs1000/ +whitelist /tmp/user/1000/mutt1000/ + +noexec ${HOME}/ +noexec /tmp/ + +# Enhance security + +private-bin sh,mutt,mutt_dotlock,bash,emacsclient,elinks,gpg,gpg-agent,pinentry + +# private-dev +whitelist /dev/stdout +whitelist /dev/stdin +whitelist /dev/stderr +whitelist /dev/urandom +whitelist /dev/random + +private-etc Muttrc.d/,Muttrc,alternatives/,resolv.conf,ssl/,mime.types +noroot +caps.drop all +seccomp.keep open,access,prctl,fstat,mmap,write,read,close,munmap,chown,unshare,fcntl,execve,brk,mprotect,arch_prctl,getpid,getuid,getgid,geteuid,getegid,rt_sigprocmask,rt_sigaction,uname,stat,getppid,getpgrp,getrlimit,getpeername,set_tid_address,set_robust_list,futex,getrusage,umask,ioctl,socket,connect,lseek,getsid,pipe,clone,dup2,wait4,openat,rt_sigreturn,getdents,exit_group,faccessat,lstat,pread64,pwrite64,ftruncate,select,unlink,mkdir,link,rmdir,alarm,readlink,sendto,fdatasync,recvfrom,chmod,getcwd,setrlimit,utime,mlock,clock_gettime,setresgid,chdir,fsync,nanosleep,poll,sendmmsg,bind,getsockname,recvmsg,writev,mremap,rename,truncate,sched_yield,sysinfo,kill,sendmsg,setresuid,setsid,listen,pselect6,accept,getsockopt,tgkill,madvise,exit,statfs,getrandom,fchmod,fchown,gettid +nogroups diff --git a/natron.profile b/natron.profile new file mode 100644 index 000000000000..5279cf2b66ce --- /dev/null +++ b/natron.profile @@ -0,0 +1,25 @@ +whitelist ${HOME}/.Natron +whitelist ${HOME}/.cache/INRIA/Natron/ +whitelist ${HOME}/.config/INRIA/ +whitelist ${HOME}/.gtkrc-2.0 +whitelist ${HOME}/.themes +whitelist ${DOWNLOADS} +whitelist ${HOME}/Videos + +whitelist /opt/natron/ + + +private-bin natron +private-etc fonts,X11 +private-dev +whitelist /tmp/.X11-unix + +noexec ${HOME} +noexec /tmp + +shell none +noroot +ipc-namespace +net none +seccomp +caps.drop all
\ No newline at end of file diff --git a/qpdfview.profile b/qpdfview.profile new file mode 100644 index 000000000000..bc6e095230b9 --- /dev/null +++ b/qpdfview.profile @@ -0,0 +1,26 @@ +whitelist /tmp/.X11-unix + +## Add other whitelisted directories here if desired + +whitelist ${DOWNLOADS} +whitelist ${HOME}/Documents + +## + +whitelist ${HOME}/.config/qpdfview + +private-dev +private-etc fonts,X11,alternatives +private-bin qpdfview + +noexec ${HOME} +noexec /tmp + +shell none +seccomp +caps.drop all +noroot +net none +nogroups +nosound +ipc-namespace
\ No newline at end of file diff --git a/shotcut.profile b/shotcut.profile new file mode 100644 index 000000000000..5c2603ead18c --- /dev/null +++ b/shotcut.profile @@ -0,0 +1,17 @@ +whitelist ${DOWNLOADS} +whitelist ${HOME}/Videos +whitelist /opt/shotcut +private-bin shotcut +private-etc fonts,X11 +private-dev +whitelist /tmp/.X11-unix + +noexec ${HOME} +noexec /tmp + +shell none +noroot +ipc-namespace +net none +seccomp +caps.drop all
\ No newline at end of file diff --git a/synfigstudio.profile b/synfigstudio.profile new file mode 100644 index 000000000000..2227cba7b0d3 --- /dev/null +++ b/synfigstudio.profile @@ -0,0 +1,17 @@ +whitelist ${DOWNLOADS} +whitelist ${HOME}/.synfig + +private-bin synfigstudio +private-etc fonts,X11,synfig +private-dev +whitelist /tmp/.X11-unix + +noexec ${HOME} +noexec /tmp + +shell none +noroot +ipc-namespace +net none +seccomp +caps.drop all
\ No newline at end of file diff --git a/virtualbox.profile b/virtualbox.profile new file mode 100644 index 000000000000..037e93c9bf72 --- /dev/null +++ b/virtualbox.profile @@ -0,0 +1,13 @@ +caps.drop all + +whitelist ${HOME}/Downloads +whitelist ${HOME}/VirtualBox_VMs +whitelist ${HOME}/.config/VirtualBox +whitelist ${HOME}/.gtkrc-2.0 +whitelist ${HOME}/.gtkrc.mine +whitelist ${HOME}/.config/Trolltech.conf + +whitelist /dev/vboxdrv +whitelist /dev/vboxdrvu +whitelist /dev/vboxnetctl +whitelist /dev/null
\ No newline at end of file |