diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-16 12:50:04 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-16 12:50:04 +0200 |
commit | 4beaf8f9da729046dc3f644bc3c0aff9c80a73b0 (patch) | |
tree | 936660d832f85cf78e73c6109c3d6c02afe79228 | |
parent | add rhythmbox-client.profile (diff) | |
download | firejail-4beaf8f9da729046dc3f644bc3c0aff9c80a73b0.tar.gz firejail-4beaf8f9da729046dc3f644bc3c0aff9c80a73b0.tar.zst firejail-4beaf8f9da729046dc3f644bc3c0aff9c80a73b0.zip |
Sort comented private-{bin,etc} lines
41 files changed, 49 insertions, 50 deletions
diff --git a/etc/Xephyr.profile b/etc/Xephyr.profile index 230a88472..5ef75022b 100644 --- a/etc/Xephyr.profile +++ b/etc/Xephyr.profile | |||
@@ -34,8 +34,8 @@ shell none | |||
34 | disable-mnt | 34 | disable-mnt |
35 | # using a private home directory | 35 | # using a private home directory |
36 | private | 36 | private |
37 | # private-bin Xephyr,sh,xkbcomp | 37 | # private-bin sh,Xephyr,xkbcomp |
38 | # private-bin Xephyr,sh,xkbcomp,strace,bash,cat,ls | 38 | # private-bin bash,cat,ls,sh,strace,Xephyr,xkbcomp |
39 | private-dev | 39 | private-dev |
40 | # private-etc alternatives,ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname | 40 | # private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,nsswitch.conf,resolv.conf |
41 | #private-tmp | 41 | #private-tmp |
diff --git a/etc/Xvfb.profile b/etc/Xvfb.profile index 259077d86..3ecda698e 100644 --- a/etc/Xvfb.profile +++ b/etc/Xvfb.profile | |||
@@ -37,8 +37,8 @@ shell none | |||
37 | disable-mnt | 37 | disable-mnt |
38 | # using a private home directory | 38 | # using a private home directory |
39 | private | 39 | private |
40 | # private-bin Xvfb,sh,xkbcomp | 40 | # private-bin sh,xkbcomp,Xvfb |
41 | # private-bin Xvfb,sh,xkbcomp,strace,bash,cat,ls | 41 | # private-bin bash,cat,ls,sh,strace,xkbcomp,Xvfb |
42 | private-dev | 42 | private-dev |
43 | private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,nsswitch.conf,resolv.conf | 43 | private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,nsswitch.conf,resolv.conf |
44 | private-tmp | 44 | private-tmp |
diff --git a/etc/ardour5.profile b/etc/ardour5.profile index 211a32e22..5ebeafa76 100644 --- a/etc/ardour5.profile +++ b/etc/ardour5.profile | |||
@@ -34,9 +34,9 @@ protocol unix | |||
34 | seccomp | 34 | seccomp |
35 | shell none | 35 | shell none |
36 | 36 | ||
37 | #private-bin sh,ardour4,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,sed,ldd,nm | 37 | #private-bin ardour4,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,ldd,nm,sed,sh |
38 | private-cache | 38 | private-cache |
39 | private-dev | 39 | private-dev |
40 | #private-etc alternatives,pulse,X11,alternatives,ardour4,ardour5,fonts,machine-id,asound.conf | 40 | #private-etc alternatives,ardour4,ardour5,asound.conf,fonts,machine-id,pulse,X11 |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
diff --git a/etc/ark.profile b/etc/ark.profile index ee0899b1d..7f74a4d49 100644 --- a/etc/ark.profile +++ b/etc/ark.profile | |||
@@ -35,7 +35,7 @@ seccomp | |||
35 | shell none | 35 | shell none |
36 | 36 | ||
37 | private-bin 7z,ark,bash,lrzip,lsar,lz4,lzop,p7zip,rar,sh,tclsh,unar,unrar,unzip,zip,zipinfo | 37 | private-bin 7z,ark,bash,lrzip,lsar,lz4,lzop,p7zip,rar,sh,tclsh,unar,unrar,unzip,zip,zipinfo |
38 | #private-etc alternatives,smb.conf,samba,mtab,fonts,drirc,kde5rc,passwd,group,xdg | 38 | #private-etc alternatives,drirc,fonts,group,kde5rc,mtab,passwd,samba,smb.conf,xdg |
39 | 39 | ||
40 | private-dev | 40 | private-dev |
41 | private-tmp | 41 | private-tmp |
diff --git a/etc/bitcoin-qt.profile b/etc/bitcoin-qt.profile index 8aae5d668..ac1e21ba7 100644 --- a/etc/bitcoin-qt.profile +++ b/etc/bitcoin-qt.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | private-bin bitcoin-qt | 43 | private-bin bitcoin-qt |
44 | private-dev | 44 | private-dev |
45 | # Causes problem with loading of libGL.so | 45 | # Causes problem with loading of libGL.so |
46 | #private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies | 46 | #private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | memory-deny-write-execute | 49 | memory-deny-write-execute |
diff --git a/etc/bless.profile b/etc/bless.profile index d4ac80db1..35235962e 100644 --- a/etc/bless.profile +++ b/etc/bless.profile | |||
@@ -33,7 +33,7 @@ protocol unix | |||
33 | seccomp | 33 | seccomp |
34 | shell none | 34 | shell none |
35 | 35 | ||
36 | # private-bin bless,sh,bash,mono | 36 | # private-bin bash,bless,mono,sh |
37 | private-cache | 37 | private-cache |
38 | private-dev | 38 | private-dev |
39 | private-etc alternatives,fonts,mono | 39 | private-etc alternatives,fonts,mono |
diff --git a/etc/cantata.profile b/etc/cantata.profile index 19abbfea2..c44d56b90 100644 --- a/etc/cantata.profile +++ b/etc/cantata.profile | |||
@@ -34,6 +34,6 @@ protocol unix,inet,inet6,netlink | |||
34 | seccomp | 34 | seccomp |
35 | shell none | 35 | shell none |
36 | 36 | ||
37 | # private-etc samba,gcrypt,drirc,fonts,mpd.conf,kde5rc,passwd,xdg,hosts,ssl | 37 | # private-etc drirc,fonts,gcrypt,hosts,kde5rc,mpd.conf,passwd,samba,ssl,xdg |
38 | private-bin cantata,mpd,perl | 38 | private-bin cantata,mpd,perl |
39 | private-dev | 39 | private-dev |
diff --git a/etc/curl.profile b/etc/curl.profile index b8b91d278..76beee46a 100644 --- a/etc/curl.profile +++ b/etc/curl.profile | |||
@@ -34,5 +34,5 @@ shell none | |||
34 | # private-bin curl | 34 | # private-bin curl |
35 | private-cache | 35 | private-cache |
36 | private-dev | 36 | private-dev |
37 | # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies | 37 | # private-etc alternatives,ca-certificates,crypto-policies,pki,resolv.conf,ssl |
38 | private-tmp | 38 | private-tmp |
diff --git a/etc/cyberfox.profile b/etc/cyberfox.profile index fcb448b30..d1fff0004 100644 --- a/etc/cyberfox.profile +++ b/etc/cyberfox.profile | |||
@@ -13,7 +13,7 @@ mkdir ${HOME}/.cache/8pecxstudios | |||
13 | whitelist ${HOME}/.8pecxstudios | 13 | whitelist ${HOME}/.8pecxstudios |
14 | whitelist ${HOME}/.cache/8pecxstudios | 14 | whitelist ${HOME}/.cache/8pecxstudios |
15 | 15 | ||
16 | # private-bin cyberfox,which,sh,dbus-launch,dbus-send,env | 16 | # private-bin cyberfox,dbus-launch,dbus-send,env,sh,which |
17 | # private-etc must first be enabled in firefox-common.profile | 17 | # private-etc must first be enabled in firefox-common.profile |
18 | #private-etc cyberfox | 18 | #private-etc cyberfox |
19 | 19 | ||
diff --git a/etc/dino.profile b/etc/dino.profile index 2db395e02..f7b220936 100644 --- a/etc/dino.profile +++ b/etc/dino.profile | |||
@@ -37,6 +37,6 @@ shell none | |||
37 | disable-mnt | 37 | disable-mnt |
38 | private-bin dino | 38 | private-bin dino |
39 | private-dev | 39 | private-dev |
40 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies # breaks server connection | 40 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl -- breaks server connection |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
diff --git a/etc/elinks.profile b/etc/elinks.profile index 980fa7617..94f4179c7 100644 --- a/etc/elinks.profile +++ b/etc/elinks.profile | |||
@@ -36,5 +36,5 @@ tracelog | |||
36 | # private-bin elinks | 36 | # private-bin elinks |
37 | private-cache | 37 | private-cache |
38 | private-dev | 38 | private-dev |
39 | # private-etc alternatives,ca-certificates,ssl,pki,crypto-policies | 39 | # private-etc alternatives,ca-certificates,crypto-policies,pki,ssl |
40 | private-tmp | 40 | private-tmp |
diff --git a/etc/fetchmail.profile b/etc/fetchmail.profile index 46d0bd08e..d64fe830f 100644 --- a/etc/fetchmail.profile +++ b/etc/fetchmail.profile | |||
@@ -30,5 +30,5 @@ protocol unix,inet,inet6 | |||
30 | seccomp | 30 | seccomp |
31 | shell none | 31 | shell none |
32 | 32 | ||
33 | #private-bin fetchmail,procmail,bash,chmod | 33 | #private-bin bash,chmod,fetchmail,procmail |
34 | private-dev | 34 | private-dev |
diff --git a/etc/firefox-common.profile b/etc/firefox-common.profile index bccbb3412..49e34f248 100644 --- a/etc/firefox-common.profile +++ b/etc/firefox-common.profile | |||
@@ -57,5 +57,5 @@ shell none | |||
57 | disable-mnt | 57 | disable-mnt |
58 | private-dev | 58 | private-dev |
59 | # private-etc below works fine on most distributions. There are some problems on CentOS. | 59 | # private-etc below works fine on most distributions. There are some problems on CentOS. |
60 | #private-etc alternatives,ca-certificates,ssl,machine-id,dconf,selinux,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,mime.types,mailcap,asound.conf,pulse,pki,crypto-policies,ld.so.cache | 60 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
61 | private-tmp | 61 | private-tmp |
diff --git a/etc/firefox.profile b/etc/firefox.profile index 830bbc6a7..84c647cb9 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -15,7 +15,7 @@ whitelist ${HOME}/.cache/mozilla/firefox | |||
15 | whitelist ${HOME}/.mozilla | 15 | whitelist ${HOME}/.mozilla |
16 | 16 | ||
17 | # firefox requires a shell to launch on Arch. | 17 | # firefox requires a shell to launch on Arch. |
18 | #private-bin firefox,which,sh,dbus-launch,dbus-send,env,bash | 18 | #private-bin bash,dbus-launch,dbus-send,env,firefox,sh,which |
19 | # private-etc must first be enabled in firefox-common.profile | 19 | # private-etc must first be enabled in firefox-common.profile |
20 | #private-etc firefox | 20 | #private-etc firefox |
21 | 21 | ||
diff --git a/etc/gjs.profile b/etc/gjs.profile index f119e5b34..17b0aa5cf 100644 --- a/etc/gjs.profile +++ b/etc/gjs.profile | |||
@@ -32,7 +32,7 @@ seccomp | |||
32 | shell none | 32 | shell none |
33 | tracelog | 33 | tracelog |
34 | 34 | ||
35 | # private-bin gjs,gnome-books,gnome-documents,gnome-photos,gnome-maps,gnome-weather | 35 | # private-bin gjs,gnome-books,gnome-documents,gnome-maps,gnome-photos,gnome-weather |
36 | private-dev | 36 | private-dev |
37 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies | 37 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl |
38 | private-tmp | 38 | private-tmp |
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile index 97de9c2be..1a192cbe5 100644 --- a/etc/gnome-maps.profile +++ b/etc/gnome-maps.profile | |||
@@ -39,8 +39,8 @@ shell none | |||
39 | tracelog | 39 | tracelog |
40 | 40 | ||
41 | disable-mnt | 41 | disable-mnt |
42 | # private-bin gjs gnome-maps | 42 | # private-bin gjs,gnome-maps |
43 | private-dev | 43 | private-dev |
44 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies | 44 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index ef7255130..a43db7e2f 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile | |||
@@ -37,8 +37,8 @@ shell none | |||
37 | tracelog | 37 | tracelog |
38 | 38 | ||
39 | disable-mnt | 39 | disable-mnt |
40 | # private-bin gjs gnome-weather | 40 | # private-bin gjs,gnome-weather |
41 | private-dev | 41 | private-dev |
42 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies | 42 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl |
43 | private-tmp | 43 | private-tmp |
44 | 44 | ||
diff --git a/etc/goobox.profile b/etc/goobox.profile index be332665e..c932ad528 100644 --- a/etc/goobox.profile +++ b/etc/goobox.profile | |||
@@ -31,5 +31,5 @@ tracelog | |||
31 | 31 | ||
32 | # private-bin goobox | 32 | # private-bin goobox |
33 | private-dev | 33 | private-dev |
34 | # private-etc alternatives,fonts,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies | 34 | # private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,machine-id,pki,pulse,ssl |
35 | # private-tmp | 35 | # private-tmp |
diff --git a/etc/kdenlive.profile b/etc/kdenlive.profile index 710c86e9a..361109127 100644 --- a/etc/kdenlive.profile +++ b/etc/kdenlive.profile | |||
@@ -35,4 +35,4 @@ shell none | |||
35 | 35 | ||
36 | private-bin dbus-launch,dvdauthor,ffmpeg,ffplay,ffprobe,genisoimage,kdeinit4,kdeinit4_shutdown,kdeinit4_wrapper,kdeinit5,kdeinit5_shutdown,kdeinit5_wrapper,kdenlive,kdenlive_render,kshell4,kshell5,melt,mlt-melt,vlc,xine | 36 | private-bin dbus-launch,dvdauthor,ffmpeg,ffplay,ffprobe,genisoimage,kdeinit4,kdeinit4_shutdown,kdeinit4_wrapper,kdeinit5,kdeinit5_shutdown,kdeinit5_wrapper,kdenlive,kdenlive_render,kshell4,kshell5,melt,mlt-melt,vlc,xine |
37 | private-dev | 37 | private-dev |
38 | # private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,machine-id,passwd,pulse,xdg,X11 | 38 | # private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,machine-id,passwd,pulse,X11,xdg |
diff --git a/etc/lynx.profile b/etc/lynx.profile index 2f043c9b9..063285316 100644 --- a/etc/lynx.profile +++ b/etc/lynx.profile | |||
@@ -34,5 +34,5 @@ tracelog | |||
34 | # private-bin lynx | 34 | # private-bin lynx |
35 | private-cache | 35 | private-cache |
36 | private-dev | 36 | private-dev |
37 | # private-etc alternatives,ca-certificates,ssl,pki,crypto-policies | 37 | # private-etc alternatives,ca-certificates,crypto-policies,pki,ssl |
38 | private-tmp | 38 | private-tmp |
diff --git a/etc/minetest.profile b/etc/minetest.profile index f656d5a87..0439a1ccc 100644 --- a/etc/minetest.profile +++ b/etc/minetest.profile | |||
@@ -45,5 +45,5 @@ private-bin minetest | |||
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | # private-etc needs to be updated, see #1702 | 47 | # private-etc needs to be updated, see #1702 |
48 | #private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies,machine-id | 48 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl |
49 | private-tmp | 49 | private-tmp |
diff --git a/etc/mpd.profile b/etc/mpd.profile index 0a98de7c4..0b5ebf705 100644 --- a/etc/mpd.profile +++ b/etc/mpd.profile | |||
@@ -34,7 +34,7 @@ protocol unix,inet,inet6 | |||
34 | seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice | 34 | seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice |
35 | shell none | 35 | shell none |
36 | 36 | ||
37 | #private-bin mpd,bash | 37 | #private-bin bash,mpd |
38 | private-cache | 38 | private-cache |
39 | private-dev | 39 | private-dev |
40 | private-tmp | 40 | private-tmp |
diff --git a/etc/multimc5.profile b/etc/multimc5.profile index 98edf273e..e5ef0c202 100644 --- a/etc/multimc5.profile +++ b/etc/multimc5.profile | |||
@@ -43,7 +43,7 @@ shell none | |||
43 | 43 | ||
44 | disable-mnt | 44 | disable-mnt |
45 | # private-bin works, but causes weirdness | 45 | # private-bin works, but causes weirdness |
46 | # private-bin multimc5,bash,mkdir,which,zenity,kdialog,ldd,chmod,valgrind,apt-file,pkgfile,dnf,yum,zypper,pfl,java,grep,sort,awk,readlink,dirname | 46 | # private-bin apt-file,awk,bash,chmod,dirname,dnf,grep,java,kdialog,ldd,mkdir,multimc5,pfl,pkgfile,readlink,sort,valgrind,which,yum,zenity,zypper |
47 | private-dev | 47 | private-dev |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
diff --git a/etc/mupdf.profile b/etc/mupdf.profile index 1d5953ff7..673c9fd0b 100644 --- a/etc/mupdf.profile +++ b/etc/mupdf.profile | |||
@@ -36,7 +36,7 @@ seccomp | |||
36 | shell none | 36 | shell none |
37 | tracelog | 37 | tracelog |
38 | 38 | ||
39 | # private-bin mupdf,sh,tempfile,rm | 39 | # private-bin mupdf,rm,sh,tempfile |
40 | private-dev | 40 | private-dev |
41 | private-etc alternatives,fonts | 41 | private-etc alternatives,fonts |
42 | private-tmp | 42 | private-tmp |
diff --git a/etc/peek.profile b/etc/peek.profile index fd836560e..8cbff0c64 100644 --- a/etc/peek.profile +++ b/etc/peek.profile | |||
@@ -34,7 +34,7 @@ seccomp | |||
34 | shell none | 34 | shell none |
35 | 35 | ||
36 | # private-bin breaks gif mode, mp4 and webm mode work fine however | 36 | # private-bin breaks gif mode, mp4 and webm mode work fine however |
37 | # private-bin peek,convert,ffmpeg | 37 | # private-bin convert,ffmpeg,peek |
38 | private-dev | 38 | private-dev |
39 | private-tmp | 39 | private-tmp |
40 | 40 | ||
diff --git a/etc/qbittorrent.profile b/etc/qbittorrent.profile index d5198ef61..fe9caec77 100644 --- a/etc/qbittorrent.profile +++ b/etc/qbittorrent.profile | |||
@@ -53,8 +53,7 @@ shell none | |||
53 | 53 | ||
54 | private-bin python*,qbittorrent | 54 | private-bin python*,qbittorrent |
55 | private-dev | 55 | private-dev |
56 | # private-etc alternatives,X11,fonts,xdg,resolv.conf,ca-certificates,ssl,pki,crypto-policies | 56 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,resolv.conf,ssl,X11,xdg |
57 | # private-lib - problems on Arch | ||
58 | private-tmp | 57 | private-tmp |
59 | 58 | ||
60 | # memory-deny-write-execute - problems on Arch, see #1690 on GitHub repo | 59 | # memory-deny-write-execute - problems on Arch, see #1690 on GitHub repo |
diff --git a/etc/quiterss.profile b/etc/quiterss.profile index e2a3c9c23..ca1abcdc9 100644 --- a/etc/quiterss.profile +++ b/etc/quiterss.profile | |||
@@ -50,5 +50,5 @@ tracelog | |||
50 | disable-mnt | 50 | disable-mnt |
51 | private-bin quiterss | 51 | private-bin quiterss |
52 | private-dev | 52 | private-dev |
53 | # private-etc alternatives,X11,ssl,pki,ca-certificates,crypto-policies | 53 | # private-etc alternatives,ca-certificates,crypto-policies,pki,ssl,X11 |
54 | 54 | ||
diff --git a/etc/ricochet.profile b/etc/ricochet.profile index fc770d62d..1b8fbbc97 100644 --- a/etc/ricochet.profile +++ b/etc/ricochet.profile | |||
@@ -37,5 +37,5 @@ shell none | |||
37 | disable-mnt | 37 | disable-mnt |
38 | private-bin ricochet,tor | 38 | private-bin ricochet,tor |
39 | private-dev | 39 | private-dev |
40 | #private-etc alternatives,fonts,tor,X11,alternatives,ca-certificates,ssl,pki,crypto-policies | 40 | #private-etc alternatives,alternatives,ca-certificates,crypto-policies,fonts,pki,ssl,tor,X11 |
41 | 41 | ||
diff --git a/etc/scribus.profile b/etc/scribus.profile index c50e0861c..e20cd1b5a 100644 --- a/etc/scribus.profile +++ b/etc/scribus.profile | |||
@@ -56,7 +56,7 @@ seccomp | |||
56 | shell none | 56 | shell none |
57 | tracelog | 57 | tracelog |
58 | 58 | ||
59 | # private-bin scribus,gs,gimp* | 59 | # private-bin gimp*,gs,scribus |
60 | private-dev | 60 | private-dev |
61 | private-tmp | 61 | private-tmp |
62 | 62 | ||
diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile index ca74efe68..807effbeb 100644 --- a/etc/seamonkey.profile +++ b/etc/seamonkey.profile | |||
@@ -52,4 +52,4 @@ seccomp | |||
52 | tracelog | 52 | tracelog |
53 | 53 | ||
54 | disable-mnt | 54 | disable-mnt |
55 | # private-etc alternatives,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse,machine-id,ca-certificates,ssl,pki,crypto-policies | 55 | # private-etc adobe,alternatives,asound.conf,ca-certificates,crypto-policies,firefox,fonts,group,gtk-2.0,hostname,hosts,iceweasel,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,ssl |
diff --git a/etc/simple-scan.profile b/etc/simple-scan.profile index 4ad841880..64441483d 100644 --- a/etc/simple-scan.profile +++ b/etc/simple-scan.profile | |||
@@ -33,5 +33,5 @@ tracelog | |||
33 | 33 | ||
34 | # private-bin simple-scan | 34 | # private-bin simple-scan |
35 | # private-dev | 35 | # private-dev |
36 | # private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies | 36 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl |
37 | # private-tmp | 37 | # private-tmp |
diff --git a/etc/skype.profile b/etc/skype.profile index 55057c546..5fab8bdc7 100644 --- a/etc/skype.profile +++ b/etc/skype.profile | |||
@@ -28,7 +28,7 @@ seccomp | |||
28 | shell none | 28 | shell none |
29 | 29 | ||
30 | disable-mnt | 30 | disable-mnt |
31 | #private-bin skype,bash | 31 | #private-bin bash,skype |
32 | private-cache | 32 | private-cache |
33 | private-dev | 33 | private-dev |
34 | private-tmp | 34 | private-tmp |
diff --git a/etc/steam.profile b/etc/steam.profile index df7bfba85..d34b392ad 100644 --- a/etc/steam.profile +++ b/etc/steam.profile | |||
@@ -60,7 +60,7 @@ shell none | |||
60 | #tracelog | 60 | #tracelog |
61 | 61 | ||
62 | # private-bin is disabled while in testing, but has been tested working with multiple games | 62 | # private-bin is disabled while in testing, but has been tested working with multiple games |
63 | #private-bin awk,basename,bash,bsdtar,bzip2,cat,chmod,cksum,cmp,comm,compress,cp,curl,cut,date,dbus-launch,dbus-send,desktop-file-edit,desktop-file-install,desktop-file-validate,dirname,echo,env,expr,file,find,getopt,grep,gtar,gzip,head,hostname,id,lbzip2,ldconfig,ldd,ln,ls,lsb_release,lspci,lsof,lz4,lzip,lzma,lzop,md5sum,mkdir,mktemp,mv,netstat,ps,pulseaudio,python*,readlink,realpath,rm,sed,sh,sha1sum,sha256sum,sha512sum,sleep,sort,steam,steamdeps,steam-native,steam-runtime,sum,tail,tar,tclsh,test,touch,tr,umask,uname,update-desktop-database,wc,wget,which,whoami,xterm,xz,zenity | 63 | #private-bin awk,basename,bash,bsdtar,bzip2,cat,chmod,cksum,cmp,comm,compress,cp,curl,cut,date,dbus-launch,dbus-send,desktop-file-edit,desktop-file-install,desktop-file-validate,dirname,echo,env,expr,file,find,getopt,grep,gtar,gzip,head,hostname,id,lbzip2,ldconfig,ldd,ln,ls,lsb_release,lsof,lspci,lz4,lzip,lzma,lzop,md5sum,mkdir,mktemp,mv,netstat,ps,pulseaudio,python*,readlink,realpath,rm,sed,sh,sha1sum,sha256sum,sha512sum,sleep,sort,steam,steamdeps,steam-native,steam-runtime,sum,tail,tar,tclsh,test,touch,tr,umask,uname,update-desktop-database,wc,wget,which,whoami,xterm,xz,zenity |
64 | # extra programs are available which might be needed for select games | 64 | # extra programs are available which might be needed for select games |
65 | #private-bin java,java-config,mono | 65 | #private-bin java,java-config,mono |
66 | # picture viewers are needed for viewing screenshots | 66 | # picture viewers are needed for viewing screenshots |
diff --git a/etc/synfigstudio.profile b/etc/synfigstudio.profile index 33086a99d..30b0ad762 100644 --- a/etc/synfigstudio.profile +++ b/etc/synfigstudio.profile | |||
@@ -31,7 +31,7 @@ protocol unix | |||
31 | seccomp | 31 | seccomp |
32 | shell none | 32 | shell none |
33 | 33 | ||
34 | #private-bin synfigstudio,synfig,ffmpeg | 34 | #private-bin ffmpeg,synfig,synfigstudio |
35 | private-cache | 35 | private-cache |
36 | private-dev | 36 | private-dev |
37 | private-tmp | 37 | private-tmp |
diff --git a/etc/totem.profile b/etc/totem.profile index 9e6684824..5b74709e3 100644 --- a/etc/totem.profile +++ b/etc/totem.profile | |||
@@ -40,6 +40,6 @@ private-bin totem | |||
40 | # totem needs access to ~/.cache/tracker or it exits | 40 | # totem needs access to ~/.cache/tracker or it exits |
41 | #private-cache | 41 | #private-cache |
42 | private-dev | 42 | private-dev |
43 | # private-etc alternatives,fonts,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies | 43 | # private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,machine-id,pki,pulse,ssl |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
diff --git a/etc/unknown-horizons.profile b/etc/unknown-horizons.profile index 6c2d08988..b62d3111d 100644 --- a/etc/unknown-horizons.profile +++ b/etc/unknown-horizons.profile | |||
@@ -29,5 +29,5 @@ shell none | |||
29 | 29 | ||
30 | # private-bin unknown-horizons | 30 | # private-bin unknown-horizons |
31 | private-dev | 31 | private-dev |
32 | # private-etc alternatives,ca-certificates,ssl,pki,crypto-policies | 32 | # private-etc alternatives,ca-certificates,crypto-policies,pki,ssl |
33 | private-tmp | 33 | private-tmp |
diff --git a/etc/waterfox.profile b/etc/waterfox.profile index 3dc21958d..b8ee67ae0 100644 --- a/etc/waterfox.profile +++ b/etc/waterfox.profile | |||
@@ -20,7 +20,7 @@ whitelist ${HOME}/.mozilla | |||
20 | whitelist ${HOME}/.waterfox | 20 | whitelist ${HOME}/.waterfox |
21 | 21 | ||
22 | # waterfox requires a shell to launch on Arch. We can possibly remove sh though. | 22 | # waterfox requires a shell to launch on Arch. We can possibly remove sh though. |
23 | #private-bin waterfox,which,sh,dbus-launch,dbus-send,env,bash | 23 | #private-bin bash,dbus-launch,dbus-send,env,sh,waterfox,which |
24 | # private-etc must first be enabled in firefox-common.profile | 24 | # private-etc must first be enabled in firefox-common.profile |
25 | #private-etc waterfox | 25 | #private-etc waterfox |
26 | 26 | ||
diff --git a/etc/wget.profile b/etc/wget.profile index ff10b2316..2d5c0c4d6 100644 --- a/etc/wget.profile +++ b/etc/wget.profile | |||
@@ -36,6 +36,6 @@ shell none | |||
36 | 36 | ||
37 | # private-bin wget | 37 | # private-bin wget |
38 | private-dev | 38 | private-dev |
39 | # private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies | 39 | # private-etc alternatives,ca-certificates,crypto-policie,pki,resolv.conf,ssl |
40 | # private-tmp | 40 | # private-tmp |
41 | 41 | ||
diff --git a/etc/wireshark.profile b/etc/wireshark.profile index b44eae128..58ff93750 100644 --- a/etc/wireshark.profile +++ b/etc/wireshark.profile | |||
@@ -43,6 +43,6 @@ tracelog | |||
43 | 43 | ||
44 | # private-bin wireshark | 44 | # private-bin wireshark |
45 | private-dev | 45 | private-dev |
46 | # private-etc alternatives,fonts,group,hosts,machine-id,passwd,ca-certificates,ssl,pki,crypto-policies | 46 | # private-etc alternatives,ca-certificates,crypto-policies,fonts,group,hosts,machine-id,passwd,pki,ssl |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/xplayer.profile b/etc/xplayer.profile index 5f4e3bf4c..325ce7627 100644 --- a/etc/xplayer.profile +++ b/etc/xplayer.profile | |||
@@ -39,6 +39,6 @@ tracelog | |||
39 | 39 | ||
40 | private-bin xplayer,xplayer-audio-preview,xplayer-video-thumbnailer | 40 | private-bin xplayer,xplayer-audio-preview,xplayer-video-thumbnailer |
41 | private-dev | 41 | private-dev |
42 | # private-etc alternatives,fonts,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies | 42 | # private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,machine-id,pki,pulse,ssl |
43 | private-tmp | 43 | private-tmp |
44 | 44 | ||
diff --git a/etc/xpra.profile b/etc/xpra.profile index dc8d7a665..6f66b9300 100644 --- a/etc/xpra.profile +++ b/etc/xpra.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | # private home directory doesn't work on some distros, so we go for a regular home | 47 | # private home directory doesn't work on some distros, so we go for a regular home |
48 | # private | 48 | # private |
49 | # older Xpra versions also use Xvfb | 49 | # older Xpra versions also use Xvfb |
50 | # private-bin xpra,python*,Xvfb,Xorg,sh,xkbcomp,xauth,dbus-launch,pactl,ldconfig,which,strace,bash,cat,ls | 50 | # private-bin bash,cat,dbus-launch,ldconfig,ls,pactl,python*,sh,strace,which,xauth,xkbcomp,Xorg,xpra,Xvfb |
51 | private-dev | 51 | private-dev |
52 | # private-etc alternatives,ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname,machine-id,xpra,X11 | 52 | # private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,machine-id,nsswitch.conf,resolv.conf,X11,xpra |
53 | private-tmp | 53 | private-tmp |