From 00e2d5f86608cc56dfa637ed49f849fca4527ab7 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Fri, 26 Feb 2021 09:27:40 -0500
Subject: [PATCH] small fixes and updates

---
 README                                    | 19 +++++++++++++++++--
 README.md                                 |  3 ++-
 RELNOTES                                  |  8 +++++++-
 etc/profile-m-z/mate-color-select.profile |  1 +
 etc/profile-m-z/virtualbox.profile        |  2 ++
 5 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/README b/README
index 3faa88350a9..e7267b4e24a 100644
--- a/README
+++ b/README
@@ -77,6 +77,9 @@ Aidan Gauland (https://github.com/aidalgol)
 	- whitelist Bohemia Interactive config dir for Steam
 Akhil Hans Maulloo (https://github.com/kouul)
 	- xz profile
+Albin Kauffmann (https://github.com/albinou)
+	- Firefox and Chromium profile fixes
+	- info to allow screen sharing in profiles
 Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
 	- src/lib/libnetlink.c extracted from iproute2 software package
 Aleksey Manevich (https://github.com/manevich)
@@ -166,9 +169,12 @@ Barış Ekin Yıldırım (https://github.com/circuitshaker)
 	- removing net none from code.profile
 bbhtt (https://github.com/bbhtt)
 	- improvements to balsa,fractal,gajim,trojita profiles
-	- improvements to nheko, spectral, feh, links, lynx profiles
+	- improvements to nheko, spectral, feh, links, lynx, smplayer, profiles
 	- added alacartem com.github.bleakgrey.tootle, photoflare profiles
 	- add profiles for MS Edge dev build for Linux and Librewolf
+	- fixes to cheese, authneticator, liferea
+	- add profile for straw-viewer
+	- email clients whitelisting and fixes
 Benjamin Kampmann (https://github.com/ligthyear)
 	- Forward exit code from child process
 bitfreak25 (https://github.com/bitfreak25)
@@ -453,6 +459,8 @@ Impyy (https://github.com/Impyy)
 	- added mumble profile
 intika (https://github.com/intika)
 	- added musixmatch profile
+irandms (https://github.com/irandms)
+	- man firecfg fixes
 irregulator (https://github.com/irregulator)
 	- thunderbird profile fixes for debian stretch
 Irvine (https://github.com/Irvinehimself)
@@ -799,7 +807,9 @@ Simon Peter (https://github.com/probonopd)
 sinkuu (https://github.com/sinkuu)
 	- blacklisting kwalletd
 	- fix symlink invocation for programs placing symlinks in $PATH
-smithsohu (https://github.com/smitsohu)
+Simo Piiroinen (https://github.com/spiiroin)
+	- Jolla/SailfishOS patches
+smitsohu (https://github.com/smitsohu)
 	- read-only kde4 services directory
 	- enhanced mediathekview profile
 	- added tuxguitar profile
@@ -914,6 +924,8 @@ Tom Mellor (https://github.com/kalegrill)
 	- mupen64plus profile
 Tomasz Jan Góralczyk (https://github.com/tjg)
 	- fixed Steam profile
+Tomi Leppänen (https://github.com/Tomin1)
+	- Jolla/SailfishOS patches
 Topi Miettinen (https://github.com/topimiettinen)
 	- improved seccomp printing
 	- improve mount handling, fix /run/user handling
@@ -1012,4 +1024,7 @@ Zack Weinberg (https://github.com/zackw)
 	  with firejail --x11
 	- support for xpra-extra-params in firejail.config
 
+zupatisc (https://github.com/zupatisc)
+	- patch-util fix
+
 Copyright (C) 2014-2021 Firejail Authors
diff --git a/README.md b/README.md
index 9d78c3ef7e5..d7abc77ae82 100644
--- a/README.md
+++ b/README.md
@@ -330,4 +330,5 @@ Stats:
 
 ### New profiles:
 
-vmware-view, display-im6.q16, ipcalc, ipcalc-ng, ebook-convert, ebook-edit, ebook-meta, ebook-polish, lzop, gget
+vmware-view, display-im6.q16, ipcalc, ipcalc-ng, ebook-convert, ebook-edit, ebook-meta, ebook-polish, lzop.
+avidemux, calligragemini, vmware-player, vmware-workstation, gget
\ No newline at end of file
diff --git a/RELNOTES b/RELNOTES
index 64034bd577d..eac1a02ee09 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -2,8 +2,14 @@ firejail (0.9.65) baseline; urgency=low
   * filtering environment variables
   * zsh completion
   * --mkdir, --mkfile
+  * Jolla/SailfishOS patches
+  * privatelib rework
+  * jailtest
+  * capabilities list update
+  * faccessat2 syscall support
   * new profiles: vmware-view, display-im6.q16, ipcalc, ipcalc-ng
-  * ebook-convert, ebook-edit, ebook-meta, ebook-polish, lzop
+  * ebook-convert, ebook-edit, ebook-meta, ebook-polish, lzop,
+  * avidemux, calligragemini, vmware-player, vmware-workstation
   * gget
  -- netblue30 <netblue30@yahoo.com>  Tue, 9 Feb 2021 09:00:00 -0500
 
diff --git a/etc/profile-m-z/mate-color-select.profile b/etc/profile-m-z/mate-color-select.profile
index b6dc643d41f..d309659220d 100644
--- a/etc/profile-m-z/mate-color-select.profile
+++ b/etc/profile-m-z/mate-color-select.profile
@@ -15,6 +15,7 @@ include disable-shell.inc
 
 include whitelist-common.inc
 
+apparmor
 caps.drop all
 netfilter
 no3d
diff --git a/etc/profile-m-z/virtualbox.profile b/etc/profile-m-z/virtualbox.profile
index 7a49ad88aee..232ff8ae458 100644
--- a/etc/profile-m-z/virtualbox.profile
+++ b/etc/profile-m-z/virtualbox.profile
@@ -34,6 +34,7 @@ include whitelist-var-common.inc
 
 # For host-only network sys_admin is needed. See https://github.com/netblue30/firejail/issues/2868#issuecomment-518647630
 
+apparmor
 caps.keep net_raw,sys_nice
 netfilter
 nodvd
@@ -45,6 +46,7 @@ tracelog
 #disable-mnt
 private-cache
 private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,hostname,hosts,ld.so.cache,localtime,machine-id,pki,pulse,resolv.conf,ssl
+private-tmp
 
 dbus-user none
 dbus-system none