Merge pull request #3161 from rusty-snake/bl-wayland

blacklist ${RUNUSER}/wayland-* in every profile with blacklist /tmp/.X11-unix or x11 none

65 files changed, 108 insertions, 0 deletions

diff --git a/etc/7z.profile b/etc/7z.profile
index 5ff02e1c0..b60bb9ee9 100644
--- a/etc/7z.profile
+++ b/etc/7z.profile
@@ -7,6 +7,8 @@ include 7z.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/ar.profile b/etc/ar.profile
index 6b1fb830c..e28370450 100644
--- a/etc/ar.profile
+++ b/etc/ar.profile
@@ -7,6 +7,8 @@ include ar.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/aria2c.profile b/etc/aria2c.profile
index f46202ac8..7819300af 100644
--- a/etc/aria2c.profile
+++ b/etc/aria2c.profile
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/aria2
 noblacklist ${HOME}/.netrc
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/artha.profile b/etc/artha.profile
index 31f8887c4..aaaede7ee 100644
--- a/etc/artha.profile
+++ b/etc/artha.profile
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/artha.log
 noblacklist ${HOME}/.config/enchant
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/atool.profile b/etc/atool.profile
index fb75c8408..0250451fc 100644
--- a/etc/atool.profile
+++ b/etc/atool.profile
@@ -7,6 +7,8 @@ include atool.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 # Allow perl (blacklisted by disable-interpreters.inc)
 include allow-perl.inc
 
diff --git a/etc/audio-recorder.profile b/etc/audio-recorder.profile
index afd1033de..799405f1d 100644
--- a/etc/audio-recorder.profile
+++ b/etc/audio-recorder.profile
@@ -7,6 +7,8 @@ include audio-recorder.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${MUSIC}
 
 include disable-common.inc
diff --git a/etc/bsdtar.profile b/etc/bsdtar.profile
index 17c67ed26..5ce9b6406 100644
--- a/etc/bsdtar.profile
+++ b/etc/bsdtar.profile
@@ -6,6 +6,8 @@ include bsdtar.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 # include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile
index c66776b9f..e15131dca 100644
--- a/etc/checkbashisms.profile
+++ b/etc/checkbashisms.profile
@@ -7,6 +7,8 @@ include checkbashisms.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 
 # Allow perl (blacklisted by disable-interpreters.inc)
diff --git a/etc/clamav.profile b/etc/clamav.profile
index 45e7723eb..51bc58108 100644
--- a/etc/clamav.profile
+++ b/etc/clamav.profile
@@ -7,6 +7,8 @@ include clamav.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-exec.inc
 
 caps.drop all
diff --git a/etc/cpio.profile b/etc/cpio.profile
index 17a765700..1156b7439 100644
--- a/etc/cpio.profile
+++ b/etc/cpio.profile
@@ -7,6 +7,8 @@ include cpio.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist /sbin
 noblacklist /usr/sbin
 
diff --git a/etc/dconf.profile b/etc/dconf.profile
index ebb362fb6..2ee573463 100644
--- a/etc/dconf.profile
+++ b/etc/dconf.profile
@@ -6,6 +6,8 @@ include dconf.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/ddgtk.profile b/etc/ddgtk.profile
index ef65046e1..46386f09e 100644
--- a/etc/ddgtk.profile
+++ b/etc/ddgtk.profile
@@ -6,6 +6,8 @@ include ddgtk.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 # Allow python (blacklisted by disable-interpreters.inc)
 include allow-python2.inc
 include allow-python3.inc
diff --git a/etc/devilspie.profile b/etc/devilspie.profile
index 4a08ad5e2..b561787d8 100644
--- a/etc/devilspie.profile
+++ b/etc/devilspie.profile
@@ -6,6 +6,8 @@ include devilspie.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.devilspie
 
 include disable-common.inc
diff --git a/etc/devilspie2.profile b/etc/devilspie2.profile
index 2c1f7c9ac..0a1faf8d2 100644
--- a/etc/devilspie2.profile
+++ b/etc/devilspie2.profile
@@ -6,6 +6,8 @@ include devilspie2.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.config/devilspie2
 
 # Allow lua (blacklisted by disable-interpreters.inc)
diff --git a/etc/dnsmasq.profile b/etc/dnsmasq.profile
index dfb1b61c1..6db71bd49 100644
--- a/etc/dnsmasq.profile
+++ b/etc/dnsmasq.profile
@@ -11,6 +11,7 @@ noblacklist /sbin
 noblacklist /usr/sbin
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/elinks.profile b/etc/elinks.profile
index 94f4179c7..82d1ba528 100644
--- a/etc/elinks.profile
+++ b/etc/elinks.profile
@@ -9,6 +9,7 @@ include globals.local
 noblacklist ${HOME}/.elinks
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/enchant.profile b/etc/enchant.profile
index 82bd7174d..fa556c7d2 100644
--- a/etc/enchant.profile
+++ b/etc/enchant.profile
@@ -6,6 +6,8 @@ include enchant.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.config/enchant
 
 include disable-common.inc
diff --git a/etc/exiftool.profile b/etc/exiftool.profile
index e9c7d290a..9316a0585 100644
--- a/etc/exiftool.profile
+++ b/etc/exiftool.profile
@@ -6,6 +6,8 @@ include exiftool.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 # Allow perl (blacklisted by disable-interpreters.inc)
 include allow-perl.inc
 
diff --git a/etc/file.profile b/etc/file.profile
index 37c7ee9e7..9b21818f8 100644
--- a/etc/file.profile
+++ b/etc/file.profile
@@ -7,6 +7,8 @@ include file.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-exec.inc
 include disable-passwdmgr.inc
diff --git a/etc/gconf-editor.profile b/etc/gconf-editor.profile
index a2c441a20..7325bfb4c 100644
--- a/etc/gconf-editor.profile
+++ b/etc/gconf-editor.profile
@@ -8,6 +8,7 @@ include gconf-editor.local
 #include globals.local
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 ignore net none
 ignore x11 none
diff --git a/etc/gconf.profile b/etc/gconf.profile
index 25145c77d..f070e6944 100644
--- a/etc/gconf.profile
+++ b/etc/gconf.profile
@@ -6,6 +6,8 @@ include gconf.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.config/gconf
 
 # Allow python (blacklisted by disable-interpreters.inc)
diff --git a/etc/gist.profile b/etc/gist.profile
index 7413238c8..59fcb2775 100644
--- a/etc/gist.profile
+++ b/etc/gist.profile
@@ -8,6 +8,7 @@ include gist.local
 include globals.local
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 noblacklist ${HOME}/.gist
 
diff --git a/etc/git.profile b/etc/git.profile
index dbaaefcc4..da55f8744 100644
--- a/etc/git.profile
+++ b/etc/git.profile
@@ -20,6 +20,7 @@ noblacklist ${HOME}/.vim
 noblacklist ${HOME}/.viminfo
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-exec.inc
diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile
index c11773147..2710ac88e 100644
--- a/etc/gpg-agent.profile
+++ b/etc/gpg-agent.profile
@@ -10,6 +10,7 @@ include globals.local
 noblacklist ${HOME}/.gnupg
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/gpg.profile b/etc/gpg.profile
index 5eb18a0bc..a60d42cf8 100644
--- a/etc/gpg.profile
+++ b/etc/gpg.profile
@@ -10,6 +10,7 @@ include globals.local
 noblacklist ${HOME}/.gnupg
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/gtk-update-icon-cache.profile b/etc/gtk-update-icon-cache.profile
index fd35a563b..668a48f9a 100644
--- a/etc/gtk-update-icon-cache.profile
+++ b/etc/gtk-update-icon-cache.profile
@@ -7,6 +7,8 @@ include gtk-update-icon-cache.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/gzip.profile b/etc/gzip.profile
index 48e495c60..1af15d227 100644
--- a/etc/gzip.profile
+++ b/etc/gzip.profile
@@ -7,6 +7,8 @@ include gzip.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only.
 noblacklist /var/lib/pacman
 
diff --git a/etc/hashcat.profile b/etc/hashcat.profile
index da59984d7..b4d6d52f0 100644
--- a/etc/hashcat.profile
+++ b/etc/hashcat.profile
@@ -7,6 +7,8 @@ include hashcat.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.hashcat
 noblacklist /usr/include
 noblacklist ${DOCUMENTS}
diff --git a/etc/highlight.profile b/etc/highlight.profile
index 249d5cd17..036de8d99 100644
--- a/etc/highlight.profile
+++ b/etc/highlight.profile
@@ -6,6 +6,8 @@ include highlight.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-interpreters.inc
diff --git a/etc/img2txt.profile b/etc/img2txt.profile
index c17e82870..419da765d 100644
--- a/etc/img2txt.profile
+++ b/etc/img2txt.profile
@@ -5,6 +5,8 @@ include img2txt.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 noblacklist ${PICTURES}
 
diff --git a/etc/less.profile b/etc/less.profile
index 282b033a6..00624e0f1 100644
--- a/etc/less.profile
+++ b/etc/less.profile
@@ -7,6 +7,8 @@ include less.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.lesshst
 
 include disable-devel.inc
diff --git a/etc/links.profile b/etc/links.profile
index bd0b0cc92..a31001c87 100644
--- a/etc/links.profile
+++ b/etc/links.profile
@@ -9,6 +9,7 @@ include globals.local
 noblacklist ${HOME}/.links
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/lynx.profile b/etc/lynx.profile
index 063285316..fb6fe94ec 100644
--- a/etc/lynx.profile
+++ b/etc/lynx.profile
@@ -7,6 +7,7 @@ include lynx.local
 include globals.local
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile
index 00730c00b..fb8db3e3d 100644
--- a/etc/mediainfo.profile
+++ b/etc/mediainfo.profile
@@ -6,6 +6,8 @@ include mediainfo.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/mp3splt.profile b/etc/mp3splt.profile
index 95173a890..7754d276b 100644
--- a/etc/mp3splt.profile
+++ b/etc/mp3splt.profile
@@ -6,6 +6,8 @@ include mp3splt.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${MUSIC}
 
 include disable-common.inc
diff --git a/etc/mutt.profile b/etc/mutt.profile
index 92babd50f..1fc412955 100644
--- a/etc/mutt.profile
+++ b/etc/mutt.profile
@@ -32,6 +32,7 @@ noblacklist ${HOME}/postponed
 noblacklist ${HOME}/sent
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/nano.profile b/etc/nano.profile
index af6fcc3fe..bc8c3dde0 100644
--- a/etc/nano.profile
+++ b/etc/nano.profile
@@ -7,6 +7,8 @@ include nano.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${HOME}/.config/nano
 noblacklist ${HOME}/.nanorc
 
diff --git a/etc/ncdu.profile b/etc/ncdu.profile
index 0d7915839..9fda6ebe0 100644
--- a/etc/ncdu.profile
+++ b/etc/ncdu.profile
@@ -6,6 +6,8 @@ include ncdu.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-exec.inc
 
 caps.drop all
diff --git a/etc/odt2txt.profile b/etc/odt2txt.profile
index 719753c87..c0c5b671c 100644
--- a/etc/odt2txt.profile
+++ b/etc/odt2txt.profile
@@ -6,6 +6,8 @@ include odt2txt.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 
 include disable-common.inc
diff --git a/etc/pandoc.profile b/etc/pandoc.profile
index 57b5d7e39..9a8d82a96 100644
--- a/etc/pandoc.profile
+++ b/etc/pandoc.profile
@@ -7,6 +7,8 @@ include pandoc.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 
 include disable-common.inc
diff --git a/etc/patch.profile b/etc/patch.profile
index 03f5a4b71..4a3365378 100644
--- a/etc/patch.profile
+++ b/etc/patch.profile
@@ -7,6 +7,8 @@ include patch.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 
 include disable-common.inc
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile
index f8448f514..73ebf4615 100644
--- a/etc/pdftotext.profile
+++ b/etc/pdftotext.profile
@@ -6,6 +6,8 @@ include pdftotext.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 
 include disable-common.inc
diff --git a/etc/pngquant.profile b/etc/pngquant.profile
index 8c06cef1a..f9ce43c4c 100644
--- a/etc/pngquant.profile
+++ b/etc/pngquant.profile
@@ -7,6 +7,8 @@ include pngquant.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/rsync-download_only.profile b/etc/rsync-download_only.profile
index bda3bca92..84147f0a5 100644
--- a/etc/rsync-download_only.profile
+++ b/etc/rsync-download_only.profile
@@ -13,6 +13,7 @@ include globals.local
 # Usage: firejail --profile=rsync-download_only rsync
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/seahorse.profile b/etc/seahorse.profile
index 5a742d05f..0470dc286 100644
--- a/etc/seahorse.profile
+++ b/etc/seahorse.profile
@@ -7,6 +7,7 @@ include seahorse.local
 include globals.local
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 noblacklist ${HOME}/.gnupg
 noblacklist ${HOME}/.ssh
diff --git a/etc/server.profile b/etc/server.profile
index 6e077ff84..ce318a828 100644
--- a/etc/server.profile
+++ b/etc/server.profile
@@ -14,6 +14,7 @@ noblacklist /usr/sbin
 # noblacklist /var/opt
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 # include disable-devel.inc
diff --git a/etc/shellcheck.profile b/etc/shellcheck.profile
index d26096c77..f8744bdf8 100644
--- a/etc/shellcheck.profile
+++ b/etc/shellcheck.profile
@@ -7,6 +7,8 @@ include shellcheck.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${DOCUMENTS}
 
 include disable-common.inc
diff --git a/etc/signal-cli.profile b/etc/signal-cli.profile
index bb1bf732d..6a2f5c434 100644
--- a/etc/signal-cli.profile
+++ b/etc/signal-cli.profile
@@ -7,6 +7,7 @@ include signal-cli.local
 include globals.local
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 noblacklist ${HOME}/.local/share/signal-cli
 
diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile
index 3306181e4..e27df4cc8 100644
--- a/etc/spectre-meltdown-checker.profile
+++ b/etc/spectre-meltdown-checker.profile
@@ -6,6 +6,8 @@ include spectre-meltdown-checker.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 noblacklist ${PATH}/mount
 noblacklist ${PATH}/umount
 
diff --git a/etc/ssh-agent.profile b/etc/ssh-agent.profile
index 8e355a176..cf509852a 100644
--- a/etc/ssh-agent.profile
+++ b/etc/ssh-agent.profile
@@ -11,6 +11,7 @@ noblacklist /tmp/ssh-*
 noblacklist ${HOME}/.ssh
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-passwdmgr.inc
diff --git a/etc/strings.profile b/etc/strings.profile
index 52b762108..7dc453b1f 100644
--- a/etc/strings.profile
+++ b/etc/strings.profile
@@ -7,6 +7,8 @@ include strings.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 #include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/tar.profile b/etc/tar.profile
index 455a370de..0858dcb26 100644
--- a/etc/tar.profile
+++ b/etc/tar.profile
@@ -7,6 +7,8 @@ include tar.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only.
 noblacklist /var/lib/pacman
 
diff --git a/etc/templates/profile.template b/etc/templates/profile.template
index 7bfc3cf0d..828b3f50e 100644
--- a/etc/templates/profile.template
+++ b/etc/templates/profile.template
@@ -42,6 +42,7 @@
 #  ${HOME} (user's home)
 #  ${PATH} (contents of PATH envvar)
 #  ${MUSIC}
+#  ${RUNUSER} (/run/user/UID)
 #  ${VIDEOS}
 #
 # Check contents of ~/.config/user-dirs.dirs to see how they translate to actual paths.
@@ -59,6 +60,8 @@ include globals.local
 ##blacklist PATH
 # Disable X11 (CLI only), see also 'x11 none' below
 #blacklist /tmp/.X11-unix
+# Disable Wayland
+#blacklist ${RUNUSER}/wayland-*
 
 # It is common practice to add files/dirs containing program-specific configuration
 # (often ${HOME}/PROGRAMNAME or ${HOME}/.config/PROGRAMNAME) into disable-programs.inc
diff --git a/etc/tracker.profile b/etc/tracker.profile
index 6e107d99e..d47185b1d 100644
--- a/etc/tracker.profile
+++ b/etc/tracker.profile
@@ -9,6 +9,7 @@ include globals.local
 # Tracker is started by systemd on most systems. Therefore it is not firejailed by default
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/unbound.profile b/etc/unbound.profile
index 67448d766..36533a762 100644
--- a/etc/unbound.profile
+++ b/etc/unbound.profile
@@ -10,6 +10,7 @@ noblacklist /sbin
 noblacklist /usr/sbin
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/unf.profile b/etc/unf.profile
index 1f0b2aa32..7687a1a53 100644
--- a/etc/unf.profile
+++ b/etc/unf.profile
@@ -7,6 +7,8 @@ include unf.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/unrar.profile b/etc/unrar.profile
index 428173e7d..bf28746b0 100644
--- a/etc/unrar.profile
+++ b/etc/unrar.profile
@@ -7,6 +7,8 @@ include unrar.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/unzip.profile b/etc/unzip.profile
index 60e447049..7882f2b63 100644
--- a/etc/unzip.profile
+++ b/etc/unzip.profile
@@ -7,6 +7,8 @@ include unzip.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 # GNOME Shell integration (chrome-gnome-shell)
 noblacklist ${HOME}/.local/share/gnome-shell
 
diff --git a/etc/uudeview.profile b/etc/uudeview.profile
index 60a7f0d20..bd2ee01d5 100644
--- a/etc/uudeview.profile
+++ b/etc/uudeview.profile
@@ -7,6 +7,8 @@ include uudeview.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/w3m.profile b/etc/w3m.profile
index 76531d315..97465baa1 100644
--- a/etc/w3m.profile
+++ b/etc/w3m.profile
@@ -9,6 +9,7 @@ include globals.local
 noblacklist ${HOME}/.w3m
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include allow-perl.inc
 
diff --git a/etc/wget.profile b/etc/wget.profile
index c1f7dfc3f..401926e2d 100644
--- a/etc/wget.profile
+++ b/etc/wget.profile
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.wget-hsts
 noblacklist ${HOME}/.wgetrc
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/whois.profile b/etc/whois.profile
index bd0870bea..7f48afd36 100644
--- a/etc/whois.profile
+++ b/etc/whois.profile
@@ -8,6 +8,7 @@ include whois.local
 include globals.local
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/xzdec.profile b/etc/xzdec.profile
index 93c288d6e..ca6aaf1d5 100644
--- a/etc/xzdec.profile
+++ b/etc/xzdec.profile
@@ -7,6 +7,8 @@ include xzdec.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
diff --git a/etc/youtube-dl.profile b/etc/youtube-dl.profile
index 5fa72c9dc..19effef47 100644
--- a/etc/youtube-dl.profile
+++ b/etc/youtube-dl.profile
@@ -21,6 +21,7 @@ include allow-python2.inc
 include allow-python3.inc
 
 blacklist /tmp/.X11-unix
+blacklist ${RUNUSER}/wayland-*
 
 include disable-common.inc
 include disable-devel.inc
diff --git a/etc/zstd.profile b/etc/zstd.profile
index ea7bbfb0d..93b849568 100644
--- a/etc/zstd.profile
+++ b/etc/zstd.profile
@@ -7,6 +7,8 @@ include zstd.local
 # Persistent global definitions
 include globals.local
 
+blacklist ${RUNUSER}/wayland-*
+
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc