summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar rusty-snake <print_hello_world+Public@protonmail.com>2019-06-02 21:01:08 +0200
committerLibravatar rusty-snake <print_hello_world+Public@protonmail.com>2019-06-02 21:01:08 +0200
commit109b1865669ac1038454023762fb83cd0ebf6cca (patch)
treeefd9bc13c2c6e7f583709e3d46f2e9fe120de9bf
parentmany profile cleanups (2) (diff)
downloadfirejail-109b1865669ac1038454023762fb83cd0ebf6cca.tar.gz
firejail-109b1865669ac1038454023762fb83cd0ebf6cca.tar.zst
firejail-109b1865669ac1038454023762fb83cd0ebf6cca.zip
many profile cleanups (3)
Diffstat
-rw-r--r--etc/JDownloader.profile1
-rw-r--r--etc/Mathematica.profile1
-rw-r--r--etc/Viber.profile3
-rw-r--r--etc/amule.profile2
-rw-r--r--etc/anki.profile1
-rw-r--r--etc/assogiate.profile3
-rw-r--r--etc/basilisk.profile1
-rw-r--r--etc/chromium.profile1
-rw-r--r--etc/conkeror.profile3
-rw-r--r--etc/cower.profile18
-rw-r--r--etc/dconf-editor.profile5
-rw-r--r--etc/dconf.profile3
-rw-r--r--etc/disable-common.inc11
-rw-r--r--etc/disable-programs.inc5
-rw-r--r--etc/dooble.profile3
-rw-r--r--etc/enpass.profile6
-rw-r--r--etc/falkon.profile2
-rw-r--r--etc/gpredict.profile1
-rw-r--r--etc/mate-calc.profile9
-rw-r--r--etc/mate-color-select.profile6
-rw-r--r--etc/mate-dictionary.profile6
-rw-r--r--etc/meteo-qt.profile2
-rw-r--r--etc/mpsyt.profile8
-rw-r--r--etc/multimc5.profile2
-rw-r--r--etc/nethack-vultures.profile2
-rw-r--r--etc/nethack.profile1
-rw-r--r--etc/nheko.profile2
-rw-r--r--etc/nylas.profile2
-rw-r--r--etc/qgis.profile1
-rw-r--r--etc/quiterss.profile2
-rw-r--r--etc/qupzilla.profile2
-rw-r--r--etc/ricochet.profile2
-rw-r--r--etc/rocketchat.profile1
-rw-r--r--etc/seahorse.profile1
-rw-r--r--etc/seamonkey.profile2
-rw-r--r--etc/slack.profile1
-rw-r--r--etc/slashem.profile1
-rw-r--r--etc/start-tor-browser.desktop.profile1
-rw-r--r--etc/surf.profile1
-rw-r--r--etc/wire-desktop.profile1
-rw-r--r--etc/zaproxy.profile1
-rw-r--r--etc/zoom.profile2
42 files changed, 76 insertions, 53 deletions
diff --git a/etc/JDownloader.profile b/etc/JDownloader.profile
index c00730ef4..1435f3422 100644
--- a/etc/JDownloader.profile
+++ b/etc/JDownloader.profile
@@ -5,7 +5,6 @@ include JDownloader.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8
9noblacklist ${HOME}/.jd 8noblacklist ${HOME}/.jd
10 9
11# Allow java (blacklisted by disable-devel.inc) 10# Allow java (blacklisted by disable-devel.inc)
diff --git a/etc/Mathematica.profile b/etc/Mathematica.profile
index 6aba2678b..c2734b1c1 100644
--- a/etc/Mathematica.profile
+++ b/etc/Mathematica.profile
@@ -16,6 +16,7 @@ include disable-programs.inc
16 16
17mkdir ${HOME}/.Mathematica 17mkdir ${HOME}/.Mathematica
18mkdir ${HOME}/.Wolfram Research 18mkdir ${HOME}/.Wolfram Research
19mkdir ${HOME}/Documents/Wolfram Mathematica
19whitelist ${HOME}/.Mathematica 20whitelist ${HOME}/.Mathematica
20whitelist ${HOME}/.Wolfram Research 21whitelist ${HOME}/.Wolfram Research
21whitelist ${HOME}/Documents/Wolfram Mathematica 22whitelist ${HOME}/Documents/Wolfram Mathematica
diff --git a/etc/Viber.profile b/etc/Viber.profile
index 3f3ee8590..40358aa87 100644
--- a/etc/Viber.profile
+++ b/etc/Viber.profile
@@ -5,7 +5,6 @@ include Viber.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8
9noblacklist ${HOME}/.ViberPC 8noblacklist ${HOME}/.ViberPC
10 9
11include disable-common.inc 10include disable-common.inc
@@ -15,6 +14,7 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 14include disable-passwdmgr.inc
16include disable-programs.inc 15include disable-programs.inc
17 16
17mkdir ${HOME}/.ViberPC
18whitelist ${DOWNLOADS} 18whitelist ${DOWNLOADS}
19whitelist ${HOME}/.ViberPC 19whitelist ${HOME}/.ViberPC
20include whitelist-common.inc 20include whitelist-common.inc
@@ -36,5 +36,4 @@ private-bin sh,bash,dig,awk,Viber
36private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf 36private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf
37private-tmp 37private-tmp
38 38
39
40env QTWEBENGINE_DISABLE_SANDBOX=1 39env QTWEBENGINE_DISABLE_SANDBOX=1
diff --git a/etc/amule.profile b/etc/amule.profile
index 7cb2130bb..feb4a5e7e 100644
--- a/etc/amule.profile
+++ b/etc/amule.profile
@@ -6,7 +6,6 @@ include amule.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9
10noblacklist ${HOME}/.aMule 9noblacklist ${HOME}/.aMule
11 10
12include disable-common.inc 11include disable-common.inc
@@ -16,6 +15,7 @@ include disable-interpreters.inc
16include disable-passwdmgr.inc 15include disable-passwdmgr.inc
17include disable-programs.inc 16include disable-programs.inc
18 17
18mkdir ${HOME}/.aMule
19whitelist ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20whitelist ${HOME}/.aMule 20whitelist ${HOME}/.aMule
21include whitelist-common.inc 21include whitelist-common.inc
diff --git a/etc/anki.profile b/etc/anki.profile
index f7fa8c780..d50c720f7 100644
--- a/etc/anki.profile
+++ b/etc/anki.profile
@@ -21,6 +21,7 @@ include disable-passwdmgr.inc
21include disable-programs.inc 21include disable-programs.inc
22include disable-xdg.inc 22include disable-xdg.inc
23 23
24mkdir ${HOME}/.local/share/Anki2
24whitelist ${DOCUMENTS} 25whitelist ${DOCUMENTS}
25whitelist ${HOME}/.local/share/Anki2 26whitelist ${HOME}/.local/share/Anki2
26include whitelist-common.inc 27include whitelist-common.inc
diff --git a/etc/assogiate.profile b/etc/assogiate.profile
index 6a9848e83..02a4798f4 100644
--- a/etc/assogiate.profile
+++ b/etc/assogiate.profile
@@ -7,7 +7,6 @@ include assogiate.local
7include globals.local 7include globals.local
8 8
9noblacklist ${PICTURES} 9noblacklist ${PICTURES}
10whitelist ${PICTURES}
11 10
12include disable-common.inc 11include disable-common.inc
13include disable-devel.inc 12include disable-devel.inc
@@ -16,6 +15,8 @@ include disable-interpreters.inc
16include disable-passwdmgr.inc 15include disable-passwdmgr.inc
17include disable-programs.inc 16include disable-programs.inc
18include disable-xdg.inc 17include disable-xdg.inc
18
19whitelist ${PICTURES}
19include whitelist-common.inc 20include whitelist-common.inc
20include whitelist-var-common.inc 21include whitelist-var-common.inc
21 22
diff --git a/etc/basilisk.profile b/etc/basilisk.profile
index 5f9fc8ef7..5bc91dc74 100644
--- a/etc/basilisk.profile
+++ b/etc/basilisk.profile
@@ -10,7 +10,6 @@ noblacklist ${HOME}/.moonchild productions/basilisk
10 10
11mkdir ${HOME}/.cache/moonchild productions/basilisk 11mkdir ${HOME}/.cache/moonchild productions/basilisk
12mkdir ${HOME}/.moonchild productions 12mkdir ${HOME}/.moonchild productions
13whitelist ${DOWNLOADS}
14whitelist ${HOME}/.cache/moonchild productions/basilisk 13whitelist ${HOME}/.cache/moonchild productions/basilisk
15whitelist ${HOME}/.moonchild productions 14whitelist ${HOME}/.moonchild productions
16 15
diff --git a/etc/chromium.profile b/etc/chromium.profile
index dab9ce449..1c977a8ba 100644
--- a/etc/chromium.profile
+++ b/etc/chromium.profile
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.config/chromium-flags.conf
12 12
13mkdir ${HOME}/.cache/chromium 13mkdir ${HOME}/.cache/chromium
14mkdir ${HOME}/.config/chromium 14mkdir ${HOME}/.config/chromium
15mkfile ${HOME}/.config/chromium-flags.conf
15whitelist ${HOME}/.cache/chromium 16whitelist ${HOME}/.cache/chromium
16whitelist ${HOME}/.config/chromium 17whitelist ${HOME}/.config/chromium
17whitelist ${HOME}/.config/chromium-flags.conf 18whitelist ${HOME}/.config/chromium-flags.conf
diff --git a/etc/conkeror.profile b/etc/conkeror.profile
index 21bef48a4..38edf0d21 100644
--- a/etc/conkeror.profile
+++ b/etc/conkeror.profile
@@ -10,9 +10,10 @@ noblacklist ${HOME}/.conkeror.mozdev.org
10include disable-common.inc 10include disable-common.inc
11include disable-programs.inc 11include disable-programs.inc
12 12
13mkdir ${HOME}/.conkeror.mozdev.org
14mkfile ${HOME}/.conkerorrc
13whitelist ${HOME}/.conkeror.mozdev.org 15whitelist ${HOME}/.conkeror.mozdev.org
14whitelist ${HOME}/.conkerorrc 16whitelist ${HOME}/.conkerorrc
15whitelist ${HOME}/.gtkrc-2.0
16whitelist ${HOME}/.lastpass 17whitelist ${HOME}/.lastpass
17whitelist ${HOME}/.pentadactyl 18whitelist ${HOME}/.pentadactyl
18whitelist ${HOME}/.pentadactylrc 19whitelist ${HOME}/.pentadactylrc
diff --git a/etc/cower.profile b/etc/cower.profile
index bc1eeedc0..69575cea4 100644
--- a/etc/cower.profile
+++ b/etc/cower.profile
@@ -1,20 +1,13 @@
1# Firejail profile for cower 1# Firejail profile for cower
2# Description: a simple AUR agent with a pretentious name
2# This file is overwritten after every install/update 3# This file is overwritten after every install/update
3
4# This profile could be significantly strengthened by adding the following to cower.local
5# whitelist ${HOME}/<Your Build Folder>
6# whitelist ${HOME}/.config/cower/
7
8quiet 4quiet
9
10# Persistent local customizations 5# Persistent local customizations
11include cower.local 6include cower.local
12# Persistent global definitions 7# Persistent global definitions
13include globals.local 8include globals.local
14 9
15noblacklist ${HOME}/.config/cower/config 10noblacklist ${HOME}/.config/cower
16read-only ${HOME}/.config/cower/config
17
18noblacklist /var/lib/pacman 11noblacklist /var/lib/pacman
19 12
20include disable-common.inc 13include disable-common.inc
@@ -23,6 +16,11 @@ include disable-exec.inc
23include disable-interpreters.inc 16include disable-interpreters.inc
24include disable-passwdmgr.inc 17include disable-passwdmgr.inc
25include disable-programs.inc 18include disable-programs.inc
19include disable-xdg.inc
20
21# This profile could be significantly strengthened by adding the following to cower.local
22# whitelist ${HOME}/<Your Build Folder>
23# whitelist ${HOME}/.config/cower
26 24
27caps.drop all 25caps.drop all
28ipc-namespace 26ipc-namespace
@@ -42,7 +40,9 @@ shell none
42 40
43disable-mnt 41disable-mnt
44private-bin cower 42private-bin cower
43private-cache
45private-dev 44private-dev
46private-tmp 45private-tmp
47 46
48memory-deny-write-execute 47memory-deny-write-execute
48read-only ${HOME}/.config/cower/config
diff --git a/etc/dconf-editor.profile b/etc/dconf-editor.profile
index 6b7f8f112..7cd39ca6a 100644
--- a/etc/dconf-editor.profile
+++ b/etc/dconf-editor.profile
@@ -6,8 +6,6 @@ include dconf-editor.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9whitelist ${HOME}/.local/share/glib-2.0
10
11include disable-common.inc 9include disable-common.inc
12include disable-devel.inc 10include disable-devel.inc
13include disable-exec.inc 11include disable-exec.inc
@@ -16,6 +14,7 @@ include disable-passwdmgr.inc
16include disable-programs.inc 14include disable-programs.inc
17include disable-xdg.inc 15include disable-xdg.inc
18 16
17whitelist ${HOME}/.local/share/glib-2.0
19include whitelist-common.inc 18include whitelist-common.inc
20 19
21apparmor 20apparmor
@@ -39,7 +38,7 @@ disable-mnt
39private-bin dconf-editor 38private-bin dconf-editor
40private-cache 39private-cache
41private-dev 40private-dev
42private-etc alternatives,fonts,machine-id 41private-etc alternatives,dconf,fonts,gtk-3.0,machine-id
43private-lib 42private-lib
44private-tmp 43private-tmp
45 44
diff --git a/etc/dconf.profile b/etc/dconf.profile
index 6ffcddaf5..cf8b4ab43 100644
--- a/etc/dconf.profile
+++ b/etc/dconf.profile
@@ -6,8 +6,6 @@ include dconf.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9whitelist ${HOME}/.local/share/glib-2.0
10
11include disable-common.inc 9include disable-common.inc
12include disable-devel.inc 10include disable-devel.inc
13include disable-exec.inc 11include disable-exec.inc
@@ -16,6 +14,7 @@ include disable-passwdmgr.inc
16include disable-programs.inc 14include disable-programs.inc
17include disable-xdg.inc 15include disable-xdg.inc
18 16
17whitelist ${HOME}/.local/share/glib-2.0
19# dconf paths are whitelisted by the following 18# dconf paths are whitelisted by the following
20include whitelist-common.inc 19include whitelist-common.inc
21 20
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index 9d7a34bc5..9d9be1426 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -242,6 +242,7 @@ read-only ${HOME}/.ssh/authorized_keys
242 242
243# Initialization files that allow arbitrary command execution 243# Initialization files that allow arbitrary command execution
244read-only ${HOME}/.caffrc 244read-only ${HOME}/.caffrc
245read-only ${HOME}/.cargo/env
245read-only ${HOME}/.dotfiles 246read-only ${HOME}/.dotfiles
246read-only ${HOME}/.emacs 247read-only ${HOME}/.emacs
247read-only ${HOME}/.emacs.d 248read-only ${HOME}/.emacs.d
@@ -275,7 +276,6 @@ read-only ${HOME}/bin
275read-only ${HOME}/.bin 276read-only ${HOME}/.bin
276read-only ${HOME}/.local/bin 277read-only ${HOME}/.local/bin
277read-only ${HOME}/.cargo/bin 278read-only ${HOME}/.cargo/bin
278read-only ${HOME}/.cargo/env
279blacklist ${HOME}/.cargo/registry 279blacklist ${HOME}/.cargo/registry
280blacklist ${HOME}/.cargo/config 280blacklist ${HOME}/.cargo/config
281 281
@@ -414,3 +414,12 @@ blacklist /usr/share/flatpak
414blacklist /var/lib/flatpak 414blacklist /var/lib/flatpak
415# most of the time bwrap is SUID binary 415# most of the time bwrap is SUID binary
416blacklist ${PATH}/bwrap 416blacklist ${PATH}/bwrap
417
418# mail directories used by mutt
419blacklist ${HOME}/.Mail
420blacklist ${HOME}/.mail
421blacklist ${HOME}/.signature
422blacklist ${HOME}/Mail
423blacklist ${HOME}/mail
424blacklist ${HOME}/postponed
425blacklist ${HOME}/sent
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc
index d03a709ca..cf0db34d0 100644
--- a/etc/disable-programs.inc
+++ b/etc/disable-programs.inc
@@ -7,6 +7,7 @@ blacklist ${HOME}/Monero/wallets
7blacklist ${HOME}/Nextcloud/Notes 7blacklist ${HOME}/Nextcloud/Notes
8blacklist ${HOME}/SoftMaker 8blacklist ${HOME}/SoftMaker
9blacklist ${HOME}/Standard Notes Backups 9blacklist ${HOME}/Standard Notes Backups
10blacklist ${HOME}/mps
10blacklist ${HOME}/wallet.dat 11blacklist ${HOME}/wallet.dat
11blacklist ${HOME}/.*coin 12blacklist ${HOME}/.*coin
12blacklist ${HOME}/.8pecxstudios 13blacklist ${HOME}/.8pecxstudios
@@ -118,6 +119,7 @@ blacklist ${HOME}/.config/artha.conf
118blacklist ${HOME}/.config/asunder 119blacklist ${HOME}/.config/asunder
119blacklist ${HOME}/.config/atril 120blacklist ${HOME}/.config/atril
120blacklist ${HOME}/.config/audacious 121blacklist ${HOME}/.config/audacious
122blacklist ${HOME}/.config/autokey
121blacklist ${HOME}/.config/aweather 123blacklist ${HOME}/.config/aweather
122blacklist ${HOME}/.config/baloofilerc 124blacklist ${HOME}/.config/baloofilerc
123blacklist ${HOME}/.config/baloorc 125blacklist ${HOME}/.config/baloorc
@@ -140,6 +142,7 @@ blacklist ${HOME}/.config/clipit
140blacklist ${HOME}/.config/cliqz 142blacklist ${HOME}/.config/cliqz
141blacklist ${HOME}/.config/cmus 143blacklist ${HOME}/.config/cmus
142blacklist ${HOME}/.config/corebird 144blacklist ${HOME}/.config/corebird
145blacklist ${HOME}/.config/cower
143blacklist ${HOME}/.config/darktable 146blacklist ${HOME}/.config/darktable
144blacklist ${HOME}/.config/deadbeef 147blacklist ${HOME}/.config/deadbeef
145blacklist ${HOME}/.config/deluge 148blacklist ${HOME}/.config/deluge
@@ -267,6 +270,7 @@ blacklist ${HOME}/.config/redshift.conf
267blacklist ${HOME}/.config/remmina 270blacklist ${HOME}/.config/remmina
268blacklist ${HOME}/.config/ristretto 271blacklist ${HOME}/.config/ristretto
269blacklist ${HOME}/.config/scribus 272blacklist ${HOME}/.config/scribus
273blacklist ${HOME}/.config/scribusrc
270blacklist ${HOME}/.config/sinew.in 274blacklist ${HOME}/.config/sinew.in
271blacklist ${HOME}/.config/skypeforlinux 275blacklist ${HOME}/.config/skypeforlinux
272blacklist ${HOME}/.config/slimjet 276blacklist ${HOME}/.config/slimjet
@@ -455,6 +459,7 @@ blacklist ${HOME}/.local/share/akonadi*
455blacklist ${HOME}/.local/share/akregator 459blacklist ${HOME}/.local/share/akregator
456blacklist ${HOME}/.local/share/apps/korganizer 460blacklist ${HOME}/.local/share/apps/korganizer
457blacklist ${HOME}/.local/share/aspyr-media 461blacklist ${HOME}/.local/share/aspyr-media
462blacklist ${HOME}/.local/share/autokey
458blacklist ${HOME}/.local/share/baloo 463blacklist ${HOME}/.local/share/baloo
459blacklist ${HOME}/.local/share/bibletime 464blacklist ${HOME}/.local/share/bibletime
460blacklist ${HOME}/.local/share/caja-python 465blacklist ${HOME}/.local/share/caja-python
diff --git a/etc/dooble.profile b/etc/dooble.profile
index 80bcce463..bc197b223 100644
--- a/etc/dooble.profile
+++ b/etc/dooble.profile
@@ -1,11 +1,12 @@
1# Firejail profile for dooble 1# Firejail profile for dooble
2# This file is overwritten after every install/update 2# This file is overwritten after every install/update
3# Persistent local customizations 3# Persistent local customizations
4include dooble.local
5# Backward compatibility
4include dooble-qt4.local 6include dooble-qt4.local
5# Persistent global definitions 7# Persistent global definitions
6include globals.local 8include globals.local
7 9
8
9noblacklist ${HOME}/.dooble 10noblacklist ${HOME}/.dooble
10 11
11include disable-common.inc 12include disable-common.inc
diff --git a/etc/enpass.profile b/etc/enpass.profile
index b337c721d..4ac35bbd6 100644
--- a/etc/enpass.profile
+++ b/etc/enpass.profile
@@ -20,12 +20,16 @@ include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23mkdir ${HOME}/.cache/Enpass
24mkfile ${HOME}/.config/sinew.in
25mkdir ${HOME}/.config/Sinew Software Systems
26mkdir ${HOME}/.local/share/Enpass
23whitelist ${HOME}/.cache/Enpass 27whitelist ${HOME}/.cache/Enpass
24whitelist ${HOME}/.config/sinew.in 28whitelist ${HOME}/.config/sinew.in
25whitelist ${HOME}/.config/Sinew Software Systems 29whitelist ${HOME}/.config/Sinew Software Systems
26whitelist ${HOME}/.local/share/Enpass 30whitelist ${HOME}/.local/share/Enpass
27whitelist ${DOCUMENTS} 31whitelist ${DOCUMENTS}
28 32include whitelist-common.inc
29include whitelist-var-common.inc 33include whitelist-var-common.inc
30 34
31# machine-id and nosound break audio notification functionality 35# machine-id and nosound break audio notification functionality
diff --git a/etc/falkon.profile b/etc/falkon.profile
index af6aaa1a7..cabf5aeba 100644
--- a/etc/falkon.profile
+++ b/etc/falkon.profile
@@ -16,6 +16,8 @@ include disable-interpreters.inc
16include disable-passwdmgr.inc 16include disable-passwdmgr.inc
17include disable-programs.inc 17include disable-programs.inc
18 18
19mkdir ${HOME}/.cache/falkon
20mkdir ${HOME}/.config/falkon
19whitelist ${DOWNLOADS} 21whitelist ${DOWNLOADS}
20whitelist ${HOME}/.cache/falkon 22whitelist ${HOME}/.cache/falkon
21whitelist ${HOME}/.config/falkon 23whitelist ${HOME}/.config/falkon
diff --git a/etc/gpredict.profile b/etc/gpredict.profile
index be3742fe3..e6d37ee27 100644
--- a/etc/gpredict.profile
+++ b/etc/gpredict.profile
@@ -15,6 +15,7 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 15include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18mkdir ${HOME}/.config/Gpredict
18whitelist ${HOME}/.config/Gpredict 19whitelist ${HOME}/.config/Gpredict
19include whitelist-common.inc 20include whitelist-common.inc
20 21
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile
index ac5577b4c..2f6020ad3 100644
--- a/etc/mate-calc.profile
+++ b/etc/mate-calc.profile
@@ -15,12 +15,13 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 15include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18mkdir ${HOME}/.cache/mate-calc
19mkdir ${HOME}/.config/caja
20mkdir ${HOME}/.config/mate-menu
18whitelist ${HOME}/.cache/mate-calc 21whitelist ${HOME}/.cache/mate-calc
19whitelist ${HOME}/.config/caja 22whitelist ${HOME}/.config/caja
20whitelist ${HOME}/.config/gtk-3.0
21whitelist ${HOME}/.config/dconf
22whitelist ${HOME}/.config/mate-menu 23whitelist ${HOME}/.config/mate-menu
23whitelist ${HOME}/.themes 24include whitelist-common.inc
24 25
25caps.drop all 26caps.drop all
26net none 27net none
@@ -40,7 +41,7 @@ shell none
40 41
41disable-mnt 42disable-mnt
42private-bin mate-calc,mate-calculator 43private-bin mate-calc,mate-calculator
43private-etc alternatives,fonts 44private-etc alternatives,dconf,fonts,gtk-3.0
44private-dev 45private-dev
45private-opt none 46private-opt none
46private-tmp 47private-tmp
diff --git a/etc/mate-color-select.profile b/etc/mate-color-select.profile
index bd3631445..f1a7ca18f 100644
--- a/etc/mate-color-select.profile
+++ b/etc/mate-color-select.profile
@@ -5,7 +5,6 @@ include mate-color-select.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8
9include disable-common.inc 8include disable-common.inc
10include disable-devel.inc 9include disable-devel.inc
11include disable-exec.inc 10include disable-exec.inc
@@ -13,10 +12,7 @@ include disable-interpreters.inc
13include disable-passwdmgr.inc 12include disable-passwdmgr.inc
14include disable-programs.inc 13include disable-programs.inc
15 14
16whitelist ${HOME}/.config/gtk-3.0 15include whitelist-common.inc
17whitelist ${HOME}/.fonts
18whitelist ${HOME}/.icons
19whitelist ${HOME}/.themes
20 16
21caps.drop all 17caps.drop all
22netfilter 18netfilter
diff --git a/etc/mate-dictionary.profile b/etc/mate-dictionary.profile
index 1217910a0..d1dc76260 100644
--- a/etc/mate-dictionary.profile
+++ b/etc/mate-dictionary.profile
@@ -14,11 +14,9 @@ include disable-interpreters.inc
14include disable-passwdmgr.inc 14include disable-passwdmgr.inc
15include disable-programs.inc 15include disable-programs.inc
16 16
17mkdir ${HOME}/.config/mate/mate-dictionary
17whitelist ${HOME}/.config/mate/mate-dictionary 18whitelist ${HOME}/.config/mate/mate-dictionary
18whitelist ${HOME}/.config/gtk-3.0 19include whitelist-common.inc
19whitelist ${HOME}/.fonts
20whitelist ${HOME}/.icons
21whitelist ${HOME}/.themes
22 20
23caps.drop all 21caps.drop all
24netfilter 22netfilter
diff --git a/etc/meteo-qt.profile b/etc/meteo-qt.profile
index 7c9b5f7f1..4437d86ea 100644
--- a/etc/meteo-qt.profile
+++ b/etc/meteo-qt.profile
@@ -20,8 +20,8 @@ include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23whitelist ${HOME}/.config/autostart
24mkdir ${HOME}/.config/meteo-qt 23mkdir ${HOME}/.config/meteo-qt
24whitelist ${HOME}/.config/autostart
25whitelist ${HOME}/.config/meteo-qt 25whitelist ${HOME}/.config/meteo-qt
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
diff --git a/etc/mpsyt.profile b/etc/mpsyt.profile
index 88d464b5f..775e137bc 100644
--- a/etc/mpsyt.profile
+++ b/etc/mpsyt.profile
@@ -6,10 +6,6 @@ include mpsyt.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9# Allow python (blacklisted by disable-interpreters.inc)
10include allow-python2.inc
11include allow-python3.inc
12
13noblacklist ${HOME}/.config/mpv 9noblacklist ${HOME}/.config/mpv
14noblacklist ${HOME}/.mplayer 10noblacklist ${HOME}/.mplayer
15noblacklist ${HOME}/.config/mps-youtube 11noblacklist ${HOME}/.config/mps-youtube
@@ -18,6 +14,10 @@ noblacklist ${HOME}/mps
18noblacklist ${MUSIC} 14noblacklist ${MUSIC}
19noblacklist ${VIDEOS} 15noblacklist ${VIDEOS}
20 16
17# Allow python (blacklisted by disable-interpreters.inc)
18include allow-python2.inc
19include allow-python3.inc
20
21include disable-common.inc 21include disable-common.inc
22include disable-devel.inc 22include disable-devel.inc
23include disable-exec.inc 23include disable-exec.inc
diff --git a/etc/multimc5.profile b/etc/multimc5.profile
index 88dd4c536..98edf273e 100644
--- a/etc/multimc5.profile
+++ b/etc/multimc5.profile
@@ -21,6 +21,8 @@ include disable-passwdmgr.inc
21include disable-programs.inc 21include disable-programs.inc
22 22
23mkdir ${HOME}/.local/share/multimc 23mkdir ${HOME}/.local/share/multimc
24mkdir ${HOME}/.local/share/multimc5
25mkdir ${HOME}/.multimc5
24whitelist ${HOME}/.local/share/multimc 26whitelist ${HOME}/.local/share/multimc
25whitelist ${HOME}/.local/share/multimc5 27whitelist ${HOME}/.local/share/multimc5
26whitelist ${HOME}/.multimc5 28whitelist ${HOME}/.multimc5
diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile
index 2c23a4868..e1294153b 100644
--- a/etc/nethack-vultures.profile
+++ b/etc/nethack-vultures.profile
@@ -6,7 +6,6 @@ include nethack.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9
10noblacklist ${HOME}/.vultures 9noblacklist ${HOME}/.vultures
11noblacklist /var/log 10noblacklist /var/log
12 11
@@ -43,4 +42,3 @@ private-cache
43private-dev 42private-dev
44private-tmp 43private-tmp
45writable-var 44writable-var
46
diff --git a/etc/nethack.profile b/etc/nethack.profile
index 5375d2f4f..3df632451 100644
--- a/etc/nethack.profile
+++ b/etc/nethack.profile
@@ -6,7 +6,6 @@ include nethack.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9
10noblacklist /var/games/nethack 9noblacklist /var/games/nethack
11 10
12include disable-common.inc 11include disable-common.inc
diff --git a/etc/nheko.profile b/etc/nheko.profile
index 2dfddf872..119b30239 100644
--- a/etc/nheko.profile
+++ b/etc/nheko.profile
@@ -18,11 +18,9 @@ include disable-programs.inc
18 18
19mkdir ${HOME}/.config/nheko 19mkdir ${HOME}/.config/nheko
20mkdir ${HOME}/.cache/nheko/nheko 20mkdir ${HOME}/.cache/nheko/nheko
21
22whitelist ${HOME}/.config/nheko 21whitelist ${HOME}/.config/nheko
23whitelist ${HOME}/.cache/nheko/nheko 22whitelist ${HOME}/.cache/nheko/nheko
24whitelist ${DOWNLOADS} 23whitelist ${DOWNLOADS}
25
26include whitelist-common.inc 24include whitelist-common.inc
27 25
28caps.drop all 26caps.drop all
diff --git a/etc/nylas.profile b/etc/nylas.profile
index 263e09198..c959eb991 100644
--- a/etc/nylas.profile
+++ b/etc/nylas.profile
@@ -14,6 +14,8 @@ include disable-interpreters.inc
14include disable-passwdmgr.inc 14include disable-passwdmgr.inc
15include disable-programs.inc 15include disable-programs.inc
16 16
17mkdir ${HOME}/.config/Nylas Mail
18mkdir ${HOME}/.nylas-mail
17whitelist ${DOWNLOADS} 19whitelist ${DOWNLOADS}
18whitelist ${HOME}/.config/Nylas Mail 20whitelist ${HOME}/.config/Nylas Mail
19whitelist ${HOME}/.nylas-mail 21whitelist ${HOME}/.nylas-mail
diff --git a/etc/qgis.profile b/etc/qgis.profile
index c3d6011eb..70788b207 100644
--- a/etc/qgis.profile
+++ b/etc/qgis.profile
@@ -6,7 +6,6 @@ include qgis.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9noblacklist ${HOME}/.config/QtProject.conf
10noblacklist ${HOME}/.config/QGIS 9noblacklist ${HOME}/.config/QGIS
11noblacklist ${HOME}/.local/share/QGIS 10noblacklist ${HOME}/.local/share/QGIS
12noblacklist ${HOME}/.qgis2 11noblacklist ${HOME}/.qgis2
diff --git a/etc/quiterss.profile b/etc/quiterss.profile
index 41c84425b..e2a3c9c23 100644
--- a/etc/quiterss.profile
+++ b/etc/quiterss.profile
@@ -22,6 +22,8 @@ mkdir ${HOME}/.cache/QuiteRss
22mkdir ${HOME}/.config/QuiteRss 22mkdir ${HOME}/.config/QuiteRss
23mkdir ${HOME}/.local/share/data 23mkdir ${HOME}/.local/share/data
24mkdir ${HOME}/.local/share/data/QuiteRss 24mkdir ${HOME}/.local/share/data/QuiteRss
25mkdir ${HOME}/.local/share/QuiteRss
26mkfile ${HOME}/quiterssfeeds.opml
25whitelist ${HOME}/.cache/QuiteRss 27whitelist ${HOME}/.cache/QuiteRss
26whitelist ${HOME}/.config/QuiteRss/ 28whitelist ${HOME}/.config/QuiteRss/
27whitelist ${HOME}/.config/QuiteRssrc 29whitelist ${HOME}/.config/QuiteRssrc
diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile
index 1b23b2baf..954b1a3b4 100644
--- a/etc/qupzilla.profile
+++ b/etc/qupzilla.profile
@@ -15,6 +15,8 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 15include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18mkdir ${HOME}/.cache/qupzilla
19mkdir ${HOME}/.config/qupzilla
18whitelist ${DOWNLOADS} 20whitelist ${DOWNLOADS}
19whitelist ${HOME}/.cache/qupzilla 21whitelist ${HOME}/.cache/qupzilla
20whitelist ${HOME}/.config/qupzilla 22whitelist ${HOME}/.config/qupzilla
diff --git a/etc/ricochet.profile b/etc/ricochet.profile
index 3cb30c459..fc770d62d 100644
--- a/etc/ricochet.profile
+++ b/etc/ricochet.profile
@@ -5,7 +5,6 @@ include ricochet.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8
9noblacklist ${HOME}/.local/share/Ricochet 8noblacklist ${HOME}/.local/share/Ricochet
10 9
11include disable-common.inc 10include disable-common.inc
@@ -15,6 +14,7 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 14include disable-passwdmgr.inc
16include disable-programs.inc 15include disable-programs.inc
17 16
17mkdir ${HOME}/.local/share/Ricochet
18whitelist ${DOWNLOADS} 18whitelist ${DOWNLOADS}
19whitelist ${HOME}/.local/share/Ricochet 19whitelist ${HOME}/.local/share/Ricochet
20include whitelist-common.inc 20include whitelist-common.inc
diff --git a/etc/rocketchat.profile b/etc/rocketchat.profile
index c95bc3c3d..8170c62e7 100644
--- a/etc/rocketchat.profile
+++ b/etc/rocketchat.profile
@@ -7,6 +7,7 @@ include globals.local
7 7
8noblacklist ${HOME}/.config/Rocket.Chat 8noblacklist ${HOME}/.config/Rocket.Chat
9 9
10mkdir ${HOME}/.config/Rocket.Chat
10whitelist ${HOME}/.config/Rocket.Chat 11whitelist ${HOME}/.config/Rocket.Chat
11include whitelist-common.inc 12include whitelist-common.inc
12 13
diff --git a/etc/seahorse.profile b/etc/seahorse.profile
index fc54a0716..7baae2603 100644
--- a/etc/seahorse.profile
+++ b/etc/seahorse.profile
@@ -32,6 +32,7 @@ include disable-interpreters.inc
32include disable-passwdmgr.inc 32include disable-passwdmgr.inc
33include disable-programs.inc 33include disable-programs.inc
34include disable-xdg.inc 34include disable-xdg.inc
35
35include whitelist-common.inc 36include whitelist-common.inc
36include whitelist-var-common.inc 37include whitelist-var-common.inc
37 38
diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile
index d92c62a52..ca74efe68 100644
--- a/etc/seamonkey.profile
+++ b/etc/seamonkey.profile
@@ -18,6 +18,8 @@ include disable-programs.inc
18 18
19mkdir ${HOME}/.cache/mozilla 19mkdir ${HOME}/.cache/mozilla
20mkdir ${HOME}/.mozilla 20mkdir ${HOME}/.mozilla
21mkdir ${HOME}/.pki
22mkdir ${HOME}/.local/share/pki
21whitelist ${DOWNLOADS} 23whitelist ${DOWNLOADS}
22whitelist ${HOME}/.cache/gnome-mplayer/plugin 24whitelist ${HOME}/.cache/gnome-mplayer/plugin
23whitelist ${HOME}/.cache/mozilla 25whitelist ${HOME}/.cache/mozilla
diff --git a/etc/slack.profile b/etc/slack.profile
index ed76be373..53baf5f40 100644
--- a/etc/slack.profile
+++ b/etc/slack.profile
@@ -13,7 +13,6 @@ include disable-interpreters.inc
13include disable-passwdmgr.inc 13include disable-passwdmgr.inc
14include disable-programs.inc 14include disable-programs.inc
15 15
16mkdir ${HOME}/.config
17mkdir ${HOME}/.config/Slack 16mkdir ${HOME}/.config/Slack
18whitelist ${HOME}/.config/Slack 17whitelist ${HOME}/.config/Slack
19whitelist ${DOWNLOADS} 18whitelist ${DOWNLOADS}
diff --git a/etc/slashem.profile b/etc/slashem.profile
index 011698e1f..8c84180d7 100644
--- a/etc/slashem.profile
+++ b/etc/slashem.profile
@@ -6,7 +6,6 @@ include slashem.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9
10noblacklist /var/games/slashem 9noblacklist /var/games/slashem
11 10
12include disable-common.inc 11include disable-common.inc
diff --git a/etc/start-tor-browser.desktop.profile b/etc/start-tor-browser.desktop.profile
index a61038157..d5d7a17e4 100644
--- a/etc/start-tor-browser.desktop.profile
+++ b/etc/start-tor-browser.desktop.profile
@@ -3,7 +3,6 @@
3# Persistent local customizations 3# Persistent local customizations
4include start-tor-browser.desktop.local 4include start-tor-browser.desktop.local
5 5
6
7noblacklist ${HOME}/.tor-browser-* 6noblacklist ${HOME}/.tor-browser-*
8noblacklist ${HOME}/.tor-browser_* 7noblacklist ${HOME}/.tor-browser_*
9 8
diff --git a/etc/surf.profile b/etc/surf.profile
index 0504b5fe5..5f116fd0c 100644
--- a/etc/surf.profile
+++ b/etc/surf.profile
@@ -15,6 +15,7 @@ include disable-passwdmgr.inc
15include disable-programs.inc 15include disable-programs.inc
16 16
17mkdir ${HOME}/.surf 17mkdir ${HOME}/.surf
18whitelist ${HOME}/.surf
18whitelist ${DOWNLOADS} 19whitelist ${DOWNLOADS}
19include whitelist-common.inc 20include whitelist-common.inc
20 21
diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile
index 3953de614..7c545d08f 100644
--- a/etc/wire-desktop.profile
+++ b/etc/wire-desktop.profile
@@ -16,7 +16,6 @@ include disable-programs.inc
16mkdir ${HOME}/.config/Wire 16mkdir ${HOME}/.config/Wire
17whitelist ${HOME}/.config/Wire 17whitelist ${HOME}/.config/Wire
18whitelist ${DOWNLOADS} 18whitelist ${DOWNLOADS}
19
20include whitelist-common.inc 19include whitelist-common.inc
21 20
22caps.drop all 21caps.drop all
diff --git a/etc/zaproxy.profile b/etc/zaproxy.profile
index 9ef3e713e..0598ea18d 100644
--- a/etc/zaproxy.profile
+++ b/etc/zaproxy.profile
@@ -19,6 +19,7 @@ include disable-interpreters.inc
19include disable-passwdmgr.inc 19include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21 21
22mkdir ${HOME}/.java
22mkdir ${HOME}/.ZAP 23mkdir ${HOME}/.ZAP
23whitelist ${HOME}/.java 24whitelist ${HOME}/.java
24whitelist ${HOME}/.ZAP 25whitelist ${HOME}/.ZAP
diff --git a/etc/zoom.profile b/etc/zoom.profile
index 456b197f3..6d312aff6 100644
--- a/etc/zoom.profile
+++ b/etc/zoom.profile
@@ -13,6 +13,8 @@ include disable-devel.inc
13include disable-interpreters.inc 13include disable-interpreters.inc
14include disable-programs.inc 14include disable-programs.inc
15 15
16mkdir ${HOME}/.cache/zoom
17mkfile ${HOME}/.config/zoomus.conf
16mkdir ${HOME}/.zoom 18mkdir ${HOME}/.zoom
17whitelist ${HOME}/.cache/zoom 19whitelist ${HOME}/.cache/zoom
18whitelist ${HOME}/.config/zoomus.conf 20whitelist ${HOME}/.config/zoomus.conf
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-30 18:05:50 +0000