I would like to setup my Fedora Linux install so that I have control over outgoing traffic on a per application basis. In order to achieve this I have setup an firewall policy to drop everything from my default user account (the one I use to graphically log into the desktop), and allow everything from my second user account. I have then setup a pkexec policy to allow me to run Firefox as the second user from my default user account.
The problem I'm having with this setup is that sound doesn't work in Firefox when run as the second user from the default user account. My policy file is as follows:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
<policyconfig>
<action id="org.firefox.user2">
<description>Run the Firefox web browser</description>
<message>Authentication is not required to run the Firefox web browser</message>
<icon_name>firefox</icon_name>
<defaults>
<allow_any>no</allow_any>
<allow_inactive>no</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.exec.path">/usr/bin/firefox</annotate>
<annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
</action>
</policyconfig>
Has anyone else out there tried to achieve something similar, and managed to get sound working?
Is there any danger in allowing no unauthorised access to Firefox, or should I be prompting for authorisation?
Is there another better way to achieve this?
Finally you may be asking why I want to do this.. well I used to be a Windows user and then for a short time an Ubuntu user and both OS's decided to data mine me. So I want control over outgoing traffic.
