aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar Tad <tad@spotco.us>2017-08-11 11:23:21 -0400
committerLibravatar Tad <tad@spotco.us>2017-08-11 21:03:13 -0400
commit71f838b5bab312174c589aa7404a750660165a17 (patch)
tree15ea81e81836b59eb5909c218a431473de4300c9
parentprivate-dev enhancements (diff)
downloadfirejail-71f838b5bab312174c589aa7404a750660165a17.tar.gz
firejail-71f838b5bab312174c589aa7404a750660165a17.tar.zst
firejail-71f838b5bab312174c589aa7404a750660165a17.zip
Fix notv placement
Diffstat
-rw-r--r--etc/0ad.profile2
-rw-r--r--etc/2048-qt.profile2
-rw-r--r--etc/7z.profile3
-rw-r--r--etc/Cryptocat.profile2
-rw-r--r--etc/Mathematica.profile2
-rw-r--r--etc/Thunar.profile2
-rw-r--r--etc/Xephyr.profile2
-rw-r--r--etc/Xvfb.profile2
-rw-r--r--etc/abrowser.profile2
-rw-r--r--etc/akregator.profile2
-rw-r--r--etc/amarok.profile2
-rw-r--r--etc/android-studio.profile2
-rw-r--r--etc/apktool.profile2
-rw-r--r--etc/arduino.profile2
-rw-r--r--etc/ark.profile2
-rw-r--r--etc/arm.profile2
-rw-r--r--etc/atom-beta.profile2
-rw-r--r--etc/atom.profile2
-rw-r--r--etc/atool.profile2
-rw-r--r--etc/atril.profile2
-rw-r--r--etc/audacious.profile2
-rw-r--r--etc/audacity.profile2
-rw-r--r--etc/aweather.profile2
-rw-r--r--etc/baloo_file.profile2
-rw-r--r--etc/baobab.profile2
-rw-r--r--etc/bibletime.profile2
-rw-r--r--etc/bitlbee.profile2
-rw-r--r--etc/bleachbit.profile2
-rw-r--r--etc/blender.profile2
-rw-r--r--etc/bless.profile2
-rw-r--r--etc/brasero.profile2
-rw-r--r--etc/brave.profile2
-rw-r--r--etc/caja.profile2
-rw-r--r--etc/calibre.profile2
-rw-r--r--etc/catfish.profile2
-rw-r--r--etc/cherrytree.profile2
-rw-r--r--etc/chromium.profile2
-rw-r--r--etc/claws-mail.profile2
-rw-r--r--etc/clementine.profile2
-rw-r--r--etc/clipit.profile2
-rw-r--r--etc/cmus.profile2
-rw-r--r--etc/conkeror.profile2
-rw-r--r--etc/corebird.profile2
-rw-r--r--etc/cpio.profile2
-rw-r--r--etc/curl.profile2
-rw-r--r--etc/cvlc.profile2
-rw-r--r--etc/cyberfox.profile2
-rw-r--r--etc/darktable.profile2
-rw-r--r--etc/deadbeef.profile2
-rw-r--r--etc/default.profile4
-rw-r--r--etc/deluge.profile2
-rw-r--r--etc/dex2jar.profile2
-rw-r--r--etc/dia.profile2
-rw-r--r--etc/digikam.profile2
-rw-r--r--etc/dillo.profile2
-rw-r--r--etc/dino.profile2
-rw-r--r--etc/display.profile2
-rw-r--r--etc/dnscrypt-proxy.profile2
-rw-r--r--etc/dnsmasq.profile2
-rw-r--r--etc/dolphin.profile2
-rw-r--r--etc/dosbox.profile2
-rw-r--r--etc/dragon.profile2
-rw-r--r--etc/dropbox.profile2
-rw-r--r--etc/electron.profile2
-rw-r--r--etc/elinks.profile2
-rw-r--r--etc/emacs.profile2
-rw-r--r--etc/empathy.profile2
-rw-r--r--etc/enchant.profile2
-rw-r--r--etc/engrampa.profile2
-rw-r--r--etc/eog.profile2
-rw-r--r--etc/eom.profile2
-rw-r--r--etc/epiphany.profile2
-rw-r--r--etc/etr.profile2
-rw-r--r--etc/evince.profile2
-rw-r--r--etc/evolution.profile2
-rw-r--r--etc/exiftool.profile2
-rw-r--r--etc/fbreader.profile2
-rw-r--r--etc/feh.profile2
-rw-r--r--etc/file-roller.profile2
-rw-r--r--etc/file.profile2
-rw-r--r--etc/filezilla.profile2
-rw-r--r--etc/firefox.profile2
-rw-r--r--etc/flashpeak-slimjet.profile2
-rw-r--r--etc/flowblade.profile2
-rw-r--r--etc/fontforge.profile2
-rw-r--r--etc/fossamail.profile3
-rw-r--r--etc/franz.profile2
-rw-r--r--etc/frozen-bubble.profile2
-rw-r--r--etc/gajim.profile2
-rw-r--r--etc/galculator.profile2
-rw-r--r--etc/geany.profile2
-rw-r--r--etc/gedit.profile2
-rw-r--r--etc/geeqie.profile2
-rw-r--r--etc/gimp.profile2
-rw-r--r--etc/git.profile2
-rw-r--r--etc/gitg.profile2
-rw-r--r--etc/gitter.profile2
-rw-r--r--etc/gjs.profile2
-rw-r--r--etc/globaltime.profile2
-rw-r--r--etc/gnome-2048.profile2
-rw-r--r--etc/gnome-books.profile2
-rw-r--r--etc/gnome-calculator.profile2
-rw-r--r--etc/gnome-chess.profile2
-rw-r--r--etc/gnome-clocks.profile2
-rw-r--r--etc/gnome-contacts.profile2
-rw-r--r--etc/gnome-documents.profile2
-rw-r--r--etc/gnome-font-viewer.profile2
-rw-r--r--etc/gnome-maps.profile2
-rw-r--r--etc/gnome-music.profile2
-rw-r--r--etc/gnome-photos.profile2
-rw-r--r--etc/gnome-twitch.profile2
-rw-r--r--etc/gnome-weather.profile2
-rw-r--r--etc/goobox.profile2
-rw-r--r--etc/google-chrome-beta.profile2
-rw-r--r--etc/google-chrome-unstable.profile2
-rw-r--r--etc/google-chrome.profile2
-rw-r--r--etc/google-play-music-desktop-player.profile2
-rw-r--r--etc/gpa.profile2
-rw-r--r--etc/gpg-agent.profile2
-rw-r--r--etc/gpg.profile2
-rw-r--r--etc/gpicview.profile2
-rw-r--r--etc/gpredict.profile2
-rw-r--r--etc/gthumb.profile2
-rw-r--r--etc/guayadeque.profile2
-rw-r--r--etc/gucharmap.profile2
-rw-r--r--etc/gwenview.profile2
-rw-r--r--etc/gzip.profile2
-rw-r--r--etc/handbrake.profile2
-rw-r--r--etc/hashcat.profile2
-rw-r--r--etc/hedgewars.profile2
-rw-r--r--etc/hexchat.profile2
-rw-r--r--etc/highlight.profile2
-rw-r--r--etc/hugin.profile2
-rw-r--r--etc/icecat.profile2
-rw-r--r--etc/idea.sh.profile2
-rw-r--r--etc/img2txt.profile2
-rw-r--r--etc/inkscape.profile2
-rw-r--r--etc/jd-gui.profile2
-rw-r--r--etc/jitsi.profile2
-rw-r--r--etc/k3b.profile2
-rw-r--r--etc/kate.profile2
-rw-r--r--etc/kcalc.profile2
-rw-r--r--etc/keepass.profile2
-rw-r--r--etc/keepassx.profile2
-rw-r--r--etc/keepassx2.profile2
-rw-r--r--etc/keepassxc.profile2
-rw-r--r--etc/kino.profile2
-rw-r--r--etc/kmail.profile2
-rw-r--r--etc/knotes.profile2
-rw-r--r--etc/konversation.profile2
-rw-r--r--etc/ktorrent.profile2
-rw-r--r--etc/kwrite.profile2
-rw-r--r--etc/leafpad.profile2
-rw-r--r--etc/less.profile4
-rw-r--r--etc/libreoffice.profile2
-rw-r--r--etc/liferea.profile2
-rw-r--r--etc/lollypop.profile2
-rw-r--r--etc/luminance-hdr.profile2
-rw-r--r--etc/lximage-qt.profile2
-rw-r--r--etc/lxmusic.profile2
-rw-r--r--etc/lxterminal.profile2
-rw-r--r--etc/lynx.profile2
-rw-r--r--etc/mate-calc.profile2
-rw-r--r--etc/mate-calculator.profile9
-rw-r--r--etc/mate-color-select.profile2
-rw-r--r--etc/mate-dictionary.profile2
-rw-r--r--etc/mcabber.profile2
-rw-r--r--etc/mediainfo.profile2
-rw-r--r--etc/mediathekview.profile2
-rw-r--r--etc/meld.profile2
-rw-r--r--etc/midori.profile2
-rw-r--r--etc/mousepad.profile2
-rw-r--r--etc/multimc5.profile2
-rw-r--r--etc/mumble.profile2
-rw-r--r--etc/mupdf.profile3
-rw-r--r--etc/mupen64plus.profile2
-rw-r--r--etc/mutt.profile2
-rw-r--r--etc/nautilus.profile2
-rw-r--r--etc/nemo.profile2
-rw-r--r--etc/netsurf.profile2
-rw-r--r--etc/nylas.profile2
-rw-r--r--etc/obs.profile2
-rw-r--r--etc/odt2txt.profile2
-rw-r--r--etc/okular.profile2
-rw-r--r--etc/open-invaders.profile2
-rw-r--r--etc/openshot.profile2
-rw-r--r--etc/orage.profile2
-rw-r--r--etc/palemoon.profile2
-rw-r--r--etc/parole.profile2
-rw-r--r--etc/pcmanfm.profile2
-rw-r--r--etc/pdfsam.profile2
-rw-r--r--etc/pdftotext.profile2
-rw-r--r--etc/peek.profile2
-rw-r--r--etc/picard.profile2
-rw-r--r--etc/pidgin.profile2
-rw-r--r--etc/pingus.profile2
-rw-r--r--etc/pithos.profile2
-rw-r--r--etc/pix.profile2
-rw-r--r--etc/pluma.profile2
-rw-r--r--etc/polari.profile2
-rw-r--r--etc/psi-plus.profile2
-rw-r--r--etc/qbittorrent.profile2
-rw-r--r--etc/qemu-launcher.profile2
-rw-r--r--etc/qemu-system-x86_64.profile2
-rw-r--r--etc/qlipper.profile2
-rw-r--r--etc/qpdfview.profile2
-rw-r--r--etc/qtox.profile2
-rw-r--r--etc/quassel.profile2
-rw-r--r--etc/quiterss.profile2
-rw-r--r--etc/qupzilla.profile2
-rw-r--r--etc/qutebrowser.profile2
-rw-r--r--etc/rambox.profile2
-rw-r--r--etc/ranger.profile2
-rw-r--r--etc/remmina.profile2
-rw-r--r--etc/rhythmbox.profile2
-rw-r--r--etc/ristretto.profile2
-rw-r--r--etc/rtorrent.profile2
-rw-r--r--etc/scribus.profile2
-rw-r--r--etc/sdat2img.profile2
-rw-r--r--etc/seamonkey.profile2
-rw-r--r--etc/silentarmy.profile2
-rw-r--r--etc/simple-scan.profile2
-rw-r--r--etc/simutrans.profile2
-rw-r--r--etc/skanlite.profile2
-rw-r--r--etc/skype.profile2
-rw-r--r--etc/skypeforlinux.profile2
-rw-r--r--etc/slack.profile2
-rw-r--r--etc/soundconverter.profile2
-rw-r--r--etc/spotify.profile2
-rw-r--r--etc/sqlitebrowser.profile2
-rw-r--r--etc/ssh-agent.profile2
-rw-r--r--etc/ssh.profile2
-rw-r--r--etc/start-tor-browser.profile2
-rw-r--r--etc/steam.profile2
-rw-r--r--etc/stellarium.profile2
-rw-r--r--etc/strings.profile2
-rw-r--r--etc/supertux2.profile2
-rw-r--r--etc/synfigstudio.profile2
-rw-r--r--etc/tar.profile2
-rw-r--r--etc/telegram.profile2
-rw-r--r--etc/tracker.profile2
-rw-r--r--etc/transmission-cli.profile2
-rw-r--r--etc/transmission-gtk.profile2
-rw-r--r--etc/transmission-qt.profile2
-rw-r--r--etc/transmission-show.profile2
-rw-r--r--etc/truecraft.profile2
-rw-r--r--etc/tuxguitar.profile2
-rw-r--r--etc/uget-gtk.profile2
-rw-r--r--etc/unbound.profile2
-rw-r--r--etc/unknown-horizons.profile2
-rw-r--r--etc/unrar.profile2
-rw-r--r--etc/unzip.profile2
-rw-r--r--etc/uudeview.profile2
-rw-r--r--etc/uzbl-browser.profile2
-rw-r--r--etc/viewnior.profile2
-rw-r--r--etc/viking.profile2
-rw-r--r--etc/vim.profile2
-rw-r--r--etc/vivaldi.profile2
-rw-r--r--etc/vym.profile2
-rw-r--r--etc/w3m.profile2
-rw-r--r--etc/warzone2100.profile2
-rw-r--r--etc/waterfox.profile2
-rw-r--r--etc/weechat.profile2
-rw-r--r--etc/wesnoth.profile2
-rw-r--r--etc/wget.profile2
-rw-r--r--etc/wine.profile2
-rw-r--r--etc/wire.profile2
-rw-r--r--etc/wireshark.profile2
-rw-r--r--etc/xchat.profile2
-rw-r--r--etc/xed.profile2
-rw-r--r--etc/xfburn.profile2
-rw-r--r--etc/xfce4-dict.profile2
-rw-r--r--etc/xfce4-notes.profile2
-rw-r--r--etc/xiphos.profile2
-rw-r--r--etc/xmms.profile2
-rw-r--r--etc/xonotic.profile2
-rw-r--r--etc/xpdf.profile2
-rw-r--r--etc/xplayer.profile2
-rw-r--r--etc/xreader.profile2
-rw-r--r--etc/xviewer.profile2
-rw-r--r--etc/xzdec.profile2
-rw-r--r--etc/youtube-dl.profile2
-rw-r--r--etc/zathura.profile2
-rw-r--r--etc/zoom.profile2
284 files changed, 290 insertions, 292 deletions
diff --git a/etc/0ad.profile b/etc/0ad.profile
index e05d4c0ed..56aa8532f 100644
--- a/etc/0ad.profile
+++ b/etc/0ad.profile
@@ -27,6 +27,7 @@ netfilter
27nogroups 27nogroups
28nonewprivs 28nonewprivs
29noroot 29noroot
30notv
30novideo 31novideo
31protocol unix,inet,inet6 32protocol unix,inet,inet6
32seccomp 33seccomp
@@ -39,4 +40,3 @@ private-tmp
39 40
40noexec ${HOME} 41noexec ${HOME}
41noexec /tmp 42noexec /tmp
42notv
diff --git a/etc/2048-qt.profile b/etc/2048-qt.profile
index da4123517..b5956b439 100644
--- a/etc/2048-qt.profile
+++ b/etc/2048-qt.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/7z.profile b/etc/7z.profile
index 8e782d11f..1333a8c20 100644
--- a/etc/7z.profile
+++ b/etc/7z.profile
@@ -12,7 +12,7 @@ ignore noroot
12net none 12net none
13no3d 13no3d
14nosound 14nosound
15nosound 15notv
16novideo 16novideo
17shell none 17shell none
18tracelog 18tracelog
@@ -20,4 +20,3 @@ tracelog
20private-dev 20private-dev
21 21
22include /etc/firejail/default.profile 22include /etc/firejail/default.profile
23notv
diff --git a/etc/Cryptocat.profile b/etc/Cryptocat.profile
index e0fc13f0c..1db1af9a6 100644
--- a/etc/Cryptocat.profile
+++ b/etc/Cryptocat.profile
@@ -18,10 +18,10 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix,inet,inet6,netlink 22protocol unix,inet,inet6,netlink
22seccomp 23seccomp
23shell none 24shell none
24 25
25private-dev 26private-dev
26private-tmp 27private-tmp
27notv
diff --git a/etc/Mathematica.profile b/etc/Mathematica.profile
index ddc76fadc..c023f87ee 100644
--- a/etc/Mathematica.profile
+++ b/etc/Mathematica.profile
@@ -23,5 +23,5 @@ include /etc/firejail/whitelist-common.inc
23caps.drop all 23caps.drop all
24nonewprivs 24nonewprivs
25noroot 25noroot
26seccomp
27notv 26notv
27seccomp
diff --git a/etc/Thunar.profile b/etc/Thunar.profile
index 2e3483b2e..039edc63a 100644
--- a/etc/Thunar.profile
+++ b/etc/Thunar.profile
@@ -21,9 +21,9 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix 26protocol unix
26seccomp 27seccomp
27shell none 28shell none
28tracelog 29tracelog
29notv
diff --git a/etc/Xephyr.profile b/etc/Xephyr.profile
index 7af518397..8ea000750 100644
--- a/etc/Xephyr.profile
+++ b/etc/Xephyr.profile
@@ -27,6 +27,7 @@ nonewprivs
27# In noroot mode, Xephyr cannot create a socket in the real /tmp/.X11-unix. 27# In noroot mode, Xephyr cannot create a socket in the real /tmp/.X11-unix.
28# noroot 28# noroot
29nosound 29nosound
30notv
30protocol unix 31protocol unix
31seccomp 32seccomp
32shell none 33shell none
@@ -38,4 +39,3 @@ private
38private-dev 39private-dev
39# private-etc ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname 40# private-etc ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname
40private-tmp 41private-tmp
41notv
diff --git a/etc/Xvfb.profile b/etc/Xvfb.profile
index 934008110..28102d339 100644
--- a/etc/Xvfb.profile
+++ b/etc/Xvfb.profile
@@ -28,6 +28,7 @@ nonewprivs
28# In noroot mode, Xvfb cannot create a socket in the real /tmp/.X11-unix. 28# In noroot mode, Xvfb cannot create a socket in the real /tmp/.X11-unix.
29#noroot 29#noroot
30nosound 30nosound
31notv
31protocol unix 32protocol unix
32seccomp 33seccomp
33shell none 34shell none
@@ -39,4 +40,3 @@ private
39private-dev 40private-dev
40private-etc ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname 41private-etc ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname
41private-tmp 42private-tmp
42notv
diff --git a/etc/abrowser.profile b/etc/abrowser.profile
index b30924dbb..ca9e87ff5 100644
--- a/etc/abrowser.profile
+++ b/etc/abrowser.profile
@@ -39,9 +39,9 @@ caps.drop all
39netfilter 39netfilter
40nonewprivs 40nonewprivs
41noroot 41noroot
42notv
42protocol unix,inet,inet6,netlink 43protocol unix,inet,inet6,netlink
43seccomp 44seccomp
44tracelog 45tracelog
45 46
46# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse 47# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
47notv
diff --git a/etc/akregator.profile b/etc/akregator.profile
index fea540566..0e4a7290a 100644
--- a/etc/akregator.profile
+++ b/etc/akregator.profile
@@ -19,6 +19,7 @@ no3d
19nogroups 19nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22notv
22novideo 23novideo
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/amarok.profile b/etc/amarok.profile
index ece667fac..e10cfbefe 100644
--- a/etc/amarok.profile
+++ b/etc/amarok.profile
@@ -16,6 +16,7 @@ netfilter
16nogroups 16nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20# seccomp 21# seccomp
21shell none 22shell none
@@ -24,4 +25,3 @@ shell none
24private-dev 25private-dev
25# private-etc none 26# private-etc none
26private-tmp 27private-tmp
27notv
diff --git a/etc/android-studio.profile b/etc/android-studio.profile
index 65f57a0c7..eee6f3ce8 100644
--- a/etc/android-studio.profile
+++ b/etc/android-studio.profile
@@ -23,6 +23,7 @@ netfilter
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix,inet,inet6 28protocol unix,inet,inet6
28seccomp 29seccomp
@@ -32,4 +33,3 @@ private-dev
32# private-tmp 33# private-tmp
33 34
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/apktool.profile b/etc/apktool.profile
index 8c4204fdd..6e8b9ba53 100644
--- a/etc/apktool.profile
+++ b/etc/apktool.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -27,4 +28,3 @@ private-dev
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/arduino.profile b/etc/arduino.profile
index 62320fe5d..8732b8dec 100644
--- a/etc/arduino.profile
+++ b/etc/arduino.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/ark.profile b/etc/ark.profile
index ccc209e78..45548a566 100644
--- a/etc/ark.profile
+++ b/etc/ark.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -27,4 +28,3 @@ shell none
27private-dev 28private-dev
28# private-etc 29# private-etc
29private-tmp 30private-tmp
30notv
diff --git a/etc/arm.profile b/etc/arm.profile
index b37c5910f..5deb15738 100644
--- a/etc/arm.profile
+++ b/etc/arm.profile
@@ -24,6 +24,7 @@ nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26nosound 26nosound
27notv
27novideo 28novideo
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
@@ -38,4 +39,3 @@ private-tmp
38 39
39noexec ${HOME} 40noexec ${HOME}
40noexec /tmp 41noexec /tmp
41notv
diff --git a/etc/atom-beta.profile b/etc/atom-beta.profile
index 0e7eb4235..74a1e649a 100644
--- a/etc/atom-beta.profile
+++ b/etc/atom-beta.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix,inet,inet6,netlink 23protocol unix,inet,inet6,netlink
23seccomp 24seccomp
@@ -25,4 +26,3 @@ shell none
25 26
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/atom.profile b/etc/atom.profile
index 540c5dfc8..4f144e8b4 100644
--- a/etc/atom.profile
+++ b/etc/atom.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix,inet,inet6,netlink 23protocol unix,inet,inet6,netlink
23seccomp 24seccomp
@@ -25,4 +26,3 @@ shell none
25 26
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/atool.profile b/etc/atool.profile
index ed937b07b..30ad86498 100644
--- a/etc/atool.profile
+++ b/etc/atool.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ tracelog
29private-dev 30private-dev
30private-etc none 31private-etc none
31private-tmp 32private-tmp
32notv
diff --git a/etc/atril.profile b/etc/atril.profile
index 1f4b124a8..2a52ba6a7 100644
--- a/etc/atril.profile
+++ b/etc/atril.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -27,4 +28,3 @@ tracelog
27private-bin atril, atril-previewer, atril-thumbnailer 28private-bin atril, atril-previewer, atril-thumbnailer
28private-dev 29private-dev
29private-tmp 30private-tmp
30notv
diff --git a/etc/audacious.profile b/etc/audacious.profile
index bbb1fb6fd..3baa0ddba 100644
--- a/etc/audacious.profile
+++ b/etc/audacious.profile
@@ -17,6 +17,7 @@ caps.drop all
17netfilter 17netfilter
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -25,4 +26,3 @@ tracelog
25 26
26private-bin audacious 27private-bin audacious
27private-tmp 28private-tmp
28notv
diff --git a/etc/audacity.profile b/etc/audacity.profile
index fb87cf252..5387761e8 100644
--- a/etc/audacity.profile
+++ b/etc/audacity.profile
@@ -18,6 +18,7 @@ no3d
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/aweather.profile b/etc/aweather.profile
index 28e63c9ce..2bdf95f0e 100644
--- a/etc/aweather.profile
+++ b/etc/aweather.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25novideo 26novideo
26protocol unix,inet,inet6 27protocol unix,inet,inet6
27seccomp 28seccomp
@@ -31,4 +32,3 @@ tracelog
31private-bin aweather 32private-bin aweather
32private-dev 33private-dev
33private-tmp 34private-tmp
34notv
diff --git a/etc/baloo_file.profile b/etc/baloo_file.profile
index e2b60e49e..fc55ae1cb 100644
--- a/etc/baloo_file.profile
+++ b/etc/baloo_file.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25novideo 26novideo
26protocol unix 27protocol unix
27# Baloo makes ioprio_set system calls, which are blacklisted by default. 28# Baloo makes ioprio_set system calls, which are blacklisted by default.
@@ -39,4 +40,3 @@ noexec /tmp
39# read-only ${HOME} 40# read-only ${HOME}
40# read-write ${HOME}/.local/share 41# read-write ${HOME}/.local/share
41# noexec ${HOME}/.local/share 42# noexec ${HOME}/.local/share
42notv
diff --git a/etc/baobab.profile b/etc/baobab.profile
index a3644f876..fc05e9e3e 100644
--- a/etc/baobab.profile
+++ b/etc/baobab.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -29,4 +30,3 @@ private-tmp
29memory-deny-write-execute 30memory-deny-write-execute
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/bibletime.profile b/etc/bibletime.profile
index ec20f3725..d0f76fd1b 100644
--- a/etc/bibletime.profile
+++ b/etc/bibletime.profile
@@ -28,6 +28,7 @@ nogroups
28nonewprivs 28nonewprivs
29noroot 29noroot
30nosound 30nosound
31notv
31novideo 32novideo
32protocol unix,inet,inet6,netlink 33protocol unix,inet,inet6,netlink
33seccomp 34seccomp
@@ -38,4 +39,3 @@ tracelog
38private-dev 39private-dev
39private-etc fonts,resolv.conf,sword,sword.conf,passwd 40private-etc fonts,resolv.conf,sword,sword.conf,passwd
40private-tmp 41private-tmp
41notv
diff --git a/etc/bitlbee.profile b/etc/bitlbee.profile
index 307a9c47a..5f714ab04 100644
--- a/etc/bitlbee.profile
+++ b/etc/bitlbee.profile
@@ -17,6 +17,7 @@ netfilter
17no3d 17no3d
18nonewprivs 18nonewprivs
19nosound 19nosound
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -29,4 +30,3 @@ private-tmp
29read-write /var/lib/bitlbee 30read-write /var/lib/bitlbee
30 31
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/bleachbit.profile b/etc/bleachbit.profile
index a48b6d8e8..2fc9bf5b1 100644
--- a/etc/bleachbit.profile
+++ b/etc/bleachbit.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -31,4 +32,3 @@ shell none
31memory-deny-write-execute 32memory-deny-write-execute
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/blender.profile b/etc/blender.profile
index 557dfb4ac..ec203eaed 100644
--- a/etc/blender.profile
+++ b/etc/blender.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6,netlink 21protocol unix,inet,inet6,netlink
21seccomp 22seccomp
22shell none 23shell none
@@ -26,4 +27,3 @@ private-tmp
26 27
27noexec ${HOME} 28noexec ${HOME}
28noexec /tmp 29noexec /tmp
29notv
diff --git a/etc/bless.profile b/etc/bless.profile
index 01a6deaf4..6f0fc3f84 100644
--- a/etc/bless.profile
+++ b/etc/bless.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/brasero.profile b/etc/brasero.profile
index d26c745d6..eff4cba43 100644
--- a/etc/brasero.profile
+++ b/etc/brasero.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20novideo 21novideo
21protocol unix 22protocol unix
22seccomp 23seccomp
@@ -31,4 +32,3 @@ tracelog
31memory-deny-write-execute 32memory-deny-write-execute
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/brave.profile b/etc/brave.profile
index bfa16d7af..38c9cfed4 100644
--- a/etc/brave.profile
+++ b/etc/brave.profile
@@ -30,8 +30,8 @@ include /etc/firejail/whitelist-common.inc
30netfilter 30netfilter
31# nonewprivs 31# nonewprivs
32# noroot 32# noroot
33notv
33# protocol unix,inet,inet6,netlink 34# protocol unix,inet,inet6,netlink
34# seccomp 35# seccomp
35 36
36# disable-mnt 37# disable-mnt
37notv
diff --git a/etc/caja.profile b/etc/caja.profile
index 293709e14..fb57f5fd8 100644
--- a/etc/caja.profile
+++ b/etc/caja.profile
@@ -22,6 +22,7 @@ netfilter
22nogroups 22nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25notv
25protocol unix 26protocol unix
26seccomp 27seccomp
27shell none 28shell none
@@ -32,4 +33,3 @@ tracelog
32# private-dev 33# private-dev
33# private-etc fonts 34# private-etc fonts
34# private-tmp 35# private-tmp
35notv
diff --git a/etc/calibre.profile b/etc/calibre.profile
index e2ac57521..1fe2f6c93 100644
--- a/etc/calibre.profile
+++ b/etc/calibre.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/catfish.profile b/etc/catfish.profile
index 21232206e..190a1ba97 100644
--- a/etc/catfish.profile
+++ b/etc/catfish.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -29,4 +30,3 @@ tracelog
29# private-bin bash,catfish,env,locate,ls,mlocate,python,python2,python2.7,python3,python3.5,python3.5m,python3m 30# private-bin bash,catfish,env,locate,ls,mlocate,python,python2,python2.7,python3,python3.5,python3.5m,python3m
30# private-dev 31# private-dev
31# private-tmp 32# private-tmp
32notv
diff --git a/etc/cherrytree.profile b/etc/cherrytree.profile
index 676d17db7..d11ea8206 100644
--- a/etc/cherrytree.profile
+++ b/etc/cherrytree.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6,netlink 26protocol unix,inet,inet6,netlink
26seccomp 27seccomp
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/chromium.profile b/etc/chromium.profile
index 580a1643c..8454d3d17 100644
--- a/etc/chromium.profile
+++ b/etc/chromium.profile
@@ -28,6 +28,7 @@ include /etc/firejail/whitelist-common.inc
28caps.keep sys_chroot,sys_admin 28caps.keep sys_chroot,sys_admin
29netfilter 29netfilter
30nogroups 30nogroups
31notv
31shell none 32shell none
32 33
33private-dev 34private-dev
@@ -35,4 +36,3 @@ private-dev
35 36
36noexec ${HOME} 37noexec ${HOME}
37noexec /tmp 38noexec /tmp
38notv
diff --git a/etc/claws-mail.profile b/etc/claws-mail.profile
index 7d81b3da7..0af5de283 100644
--- a/etc/claws-mail.profile
+++ b/etc/claws-mail.profile
@@ -20,10 +20,10 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
25shell none 26shell none
26 27
27private-dev 28private-dev
28private-tmp 29private-tmp
29notv
diff --git a/etc/clementine.profile b/etc/clementine.profile
index d86a0266f..14437db3e 100644
--- a/etc/clementine.profile
+++ b/etc/clementine.profile
@@ -15,8 +15,8 @@ include /etc/firejail/disable-programs.inc
15caps.drop all 15caps.drop all
16nonewprivs 16nonewprivs
17noroot 17noroot
18notv
18novideo 19novideo
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20# Clementine makes ioprio_set system calls, which are blacklisted by default. 21# Clementine makes ioprio_set system calls, which are blacklisted by default.
21seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,name_to_handle_at,open_by_handle_at,create_module,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,mfsservctl,get_kernel_syms,bpf,clock_settime,personality,process_vm_writev,query_module,settimeofday,stime,umount,userfaultfd,ustat,vm86,vm86old 22seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,name_to_handle_at,open_by_handle_at,create_module,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,chroot,tuxcall,reboot,mfsservctl,get_kernel_syms,bpf,clock_settime,personality,process_vm_writev,query_module,settimeofday,stime,umount,userfaultfd,ustat,vm86,vm86old
22notv
diff --git a/etc/clipit.profile b/etc/clipit.profile
index cb053a318..83b27000d 100644
--- a/etc/clipit.profile
+++ b/etc/clipit.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix 25protocol unix
25seccomp 26seccomp
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/cmus.profile b/etc/cmus.profile
index 0deeb9bce..cf0830475 100644
--- a/etc/cmus.profile
+++ b/etc/cmus.profile
@@ -16,10 +16,10 @@ caps.drop all
16netfilter 16netfilter
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20seccomp 21seccomp
21shell none 22shell none
22 23
23private-bin cmus 24private-bin cmus
24private-etc group 25private-etc group
25notv
diff --git a/etc/conkeror.profile b/etc/conkeror.profile
index 931678e82..8d031f8b6 100644
--- a/etc/conkeror.profile
+++ b/etc/conkeror.profile
@@ -27,6 +27,6 @@ caps.drop all
27netfilter 27netfilter
28nonewprivs 28nonewprivs
29noroot 29noroot
30notv
30protocol unix,inet,inet6 31protocol unix,inet,inet6
31seccomp 32seccomp
32notv
diff --git a/etc/corebird.profile b/etc/corebird.profile
index 58ec38c07..f7810b4ae 100644
--- a/etc/corebird.profile
+++ b/etc/corebird.profile
@@ -14,6 +14,6 @@ include /etc/firejail/disable-programs.inc
14caps.drop all 14caps.drop all
15netfilter 15netfilter
16noroot 16noroot
17notv
17protocol unix,inet,inet6 18protocol unix,inet,inet6
18seccomp 19seccomp
19notv
diff --git a/etc/cpio.profile b/etc/cpio.profile
index f198ed26f..373e13c7c 100644
--- a/etc/cpio.profile
+++ b/etc/cpio.profile
@@ -20,9 +20,9 @@ net none
20net none 20net none
21no3d 21no3d
22nosound 22nosound
23notv
23seccomp 24seccomp
24shell none 25shell none
25tracelog 26tracelog
26 27
27private-dev 28private-dev
28notv
diff --git a/etc/curl.profile b/etc/curl.profile
index 25a97c3c3..22c82a106 100644
--- a/etc/curl.profile
+++ b/etc/curl.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26shell none 27shell none
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/cvlc.profile b/etc/cvlc.profile
index 68347d12e..04168b7f5 100644
--- a/etc/cvlc.profile
+++ b/etc/cvlc.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6,netlink 21protocol unix,inet,inet6,netlink
21seccomp 22seccomp
22shell none 23shell none
@@ -28,4 +29,3 @@ private-dev
28private-tmp 29private-tmp
29 30
30memory-deny-write-execute 31memory-deny-write-execute
31notv
diff --git a/etc/cyberfox.profile b/etc/cyberfox.profile
index 20089ec41..eb1ea39e0 100644
--- a/etc/cyberfox.profile
+++ b/etc/cyberfox.profile
@@ -55,6 +55,7 @@ netfilter
55nogroups 55nogroups
56nonewprivs 56nonewprivs
57noroot 57noroot
58notv
58protocol unix,inet,inet6,netlink 59protocol unix,inet,inet6,netlink
59seccomp 60seccomp
60shell none 61shell none
@@ -68,4 +69,3 @@ private-tmp
68 69
69noexec ${HOME} 70noexec ${HOME}
70noexec /tmp 71noexec /tmp
71notv
diff --git a/etc/darktable.profile b/etc/darktable.profile
index 4b7f0d1fd..001f24e7e 100644
--- a/etc/darktable.profile
+++ b/etc/darktable.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/deadbeef.profile b/etc/deadbeef.profile
index c6843f27c..3367aa8f4 100644
--- a/etc/deadbeef.profile
+++ b/etc/deadbeef.profile
@@ -18,6 +18,7 @@ no3d
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/default.profile b/etc/default.profile
index eaefa34e4..066cb1fef 100644
--- a/etc/default.profile
+++ b/etc/default.profile
@@ -16,13 +16,13 @@ include /etc/firejail/disable-programs.inc
16caps.drop all 16caps.drop all
17# ipc-namespace 17# ipc-namespace
18netfilter 18netfilter
19# no3d
19# nogroups 20# nogroups
20nonewprivs 21nonewprivs
21noroot 22noroot
22# nosound 23# nosound
23# novideo
24# notv 24# notv
25# no3d 25# novideo
26protocol unix,inet,inet6 26protocol unix,inet,inet6
27seccomp 27seccomp
28# shell none 28# shell none
diff --git a/etc/deluge.profile b/etc/deluge.profile
index 6685c88aa..f406fb133 100644
--- a/etc/deluge.profile
+++ b/etc/deluge.profile
@@ -22,6 +22,7 @@ netfilter
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25novideo 26novideo
26protocol unix,inet,inet6 27protocol unix,inet,inet6
27seccomp 28seccomp
@@ -31,4 +32,3 @@ shell none
31# private-bin deluge,sh,python,uname 32# private-bin deluge,sh,python,uname
32private-dev 33private-dev
33private-tmp 34private-tmp
34notv
diff --git a/etc/dex2jar.profile b/etc/dex2jar.profile
index afcd23300..a4917b66e 100644
--- a/etc/dex2jar.profile
+++ b/etc/dex2jar.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -28,4 +29,3 @@ private-dev
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/dia.profile b/etc/dia.profile
index 7f3c17167..4a20aa4da 100644
--- a/etc/dia.profile
+++ b/etc/dia.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/digikam.profile b/etc/digikam.profile
index 3fff61433..e0906b06c 100644
--- a/etc/digikam.profile
+++ b/etc/digikam.profile
@@ -19,6 +19,7 @@ netfilter
19nogroups 19nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22notv
22protocol unix,inet,inet6,netlink 23protocol unix,inet,inet6,netlink
23seccomp 24seccomp
24# seccomp.keep fallocate,getrusage,openat,access,arch_prctl,bind,brk,chdir,chmod,clock_getres,clone,close,connect,dup2,dup3,eventfd2,execve,fadvise64,fcntl,fdatasync,flock,fstat,fstatfs,ftruncate,futex,getcwd,getdents,getegid,geteuid,getgid,getpeername,getpgrp,getpid,getppid,getrandom,getresgid,getresuid,getrlimit,getsockname,getsockopt,gettid,getuid,inotify_add_watch,inotify_init,inotify_init1,inotify_rm_watch,ioctl,lseek,lstat,madvise,mbind,memfd_create,mkdir,mmap,mprotect,msync,munmap,nanosleep,open,pipe,pipe2,poll,ppoll,prctl,pread64,pwrite64,read,readlink,readlinkat,recvfrom,recvmsg,rename,rt_sigaction,rt_sigprocmask,rt_sigreturn,sched_getaffinity,sched_getparam,sched_get_priority_max,sched_get_priority_min,sched_getscheduler,sched_setscheduler,sched_yield,sendmsg,sendto,setgid,setresgid,setresuid,set_robust_list,setsid,setsockopt,set_tid_address,setuid,shmat,shmctl,shmdt,shmget,shutdown,socket,stat,statfs,sysinfo,timerfd_create,umask,uname,unlink,wait4,waitid,write,writev,fchmod,fchown,unshare,exit,exit_group 25# seccomp.keep fallocate,getrusage,openat,access,arch_prctl,bind,brk,chdir,chmod,clock_getres,clone,close,connect,dup2,dup3,eventfd2,execve,fadvise64,fcntl,fdatasync,flock,fstat,fstatfs,ftruncate,futex,getcwd,getdents,getegid,geteuid,getgid,getpeername,getpgrp,getpid,getppid,getrandom,getresgid,getresuid,getrlimit,getsockname,getsockopt,gettid,getuid,inotify_add_watch,inotify_init,inotify_init1,inotify_rm_watch,ioctl,lseek,lstat,madvise,mbind,memfd_create,mkdir,mmap,mprotect,msync,munmap,nanosleep,open,pipe,pipe2,poll,ppoll,prctl,pread64,pwrite64,read,readlink,readlinkat,recvfrom,recvmsg,rename,rt_sigaction,rt_sigprocmask,rt_sigreturn,sched_getaffinity,sched_getparam,sched_get_priority_max,sched_get_priority_min,sched_getscheduler,sched_setscheduler,sched_yield,sendmsg,sendto,setgid,setresgid,setresuid,set_robust_list,setsid,setsockopt,set_tid_address,setuid,shmat,shmctl,shmdt,shmget,shutdown,socket,stat,statfs,sysinfo,timerfd_create,umask,uname,unlink,wait4,waitid,write,writev,fchmod,fchown,unshare,exit,exit_group
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/dillo.profile b/etc/dillo.profile
index 1e2b7ced5..45eda5c91 100644
--- a/etc/dillo.profile
+++ b/etc/dillo.profile
@@ -23,7 +23,7 @@ caps.drop all
23netfilter 23netfilter
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26protocol unix,inet,inet6 27protocol unix,inet,inet6
27seccomp 28seccomp
28tracelog 29tracelog
29notv
diff --git a/etc/dino.profile b/etc/dino.profile
index 34705f498..cfda5de89 100644
--- a/etc/dino.profile
+++ b/etc/dino.profile
@@ -24,6 +24,7 @@ nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26nosound 26nosound
27notv
27novideo 28novideo
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
@@ -37,4 +38,3 @@ private-tmp
37 38
38noexec ${HOME} 39noexec ${HOME}
39noexec /tmp 40noexec /tmp
40notv
diff --git a/etc/display.profile b/etc/display.profile
index 56cc16698..17dd01fdf 100644
--- a/etc/display.profile
+++ b/etc/display.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix 21protocol unix
21seccomp 22seccomp
22shell none 23shell none
@@ -26,4 +27,3 @@ private-bin display
26private-dev 27private-dev
27private-etc none 28private-etc none
28private-tmp 29private-tmp
29notv
diff --git a/etc/dnscrypt-proxy.profile b/etc/dnscrypt-proxy.profile
index ddb379bb0..07f089703 100644
--- a/etc/dnscrypt-proxy.profile
+++ b/etc/dnscrypt-proxy.profile
@@ -15,8 +15,8 @@ include /etc/firejail/disable-programs.inc
15 15
16no3d 16no3d
17nosound 17nosound
18notv
18seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,open_by_handle_at,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,perf_event_open 19seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,open_by_handle_at,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,perf_event_open
19 20
20private 21private
21private-dev 22private-dev
22notv
diff --git a/etc/dnsmasq.profile b/etc/dnsmasq.profile
index ddf7e8416..84ec9c9e2 100644
--- a/etc/dnsmasq.profile
+++ b/etc/dnsmasq.profile
@@ -18,10 +18,10 @@ netfilter
18no3d 18no3d
19nonewprivs 19nonewprivs
20nosound 20nosound
21notv
21protocol unix,inet,inet6,netlink 22protocol unix,inet,inet6,netlink
22seccomp 23seccomp
23 24
24disable-mnt 25disable-mnt
25private 26private
26private-dev 27private-dev
27notv
diff --git a/etc/dolphin.profile b/etc/dolphin.profile
index 348f933c5..3db73d712 100644
--- a/etc/dolphin.profile
+++ b/etc/dolphin.profile
@@ -22,6 +22,7 @@ netfilter
22nogroups 22nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25notv
25novideo 26novideo
26protocol unix 27protocol unix
27seccomp 28seccomp
@@ -31,4 +32,3 @@ shell none
31# private-dev 32# private-dev
32# private-etc 33# private-etc
33# private-tmp 34# private-tmp
34notv
diff --git a/etc/dosbox.profile b/etc/dosbox.profile
index 540ef6eea..d9a8606de 100644
--- a/etc/dosbox.profile
+++ b/etc/dosbox.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
@@ -25,4 +26,3 @@ tracelog
25private-bin dosbox 26private-bin dosbox
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/dragon.profile b/etc/dragon.profile
index 7bcef0b44..474911d2f 100644
--- a/etc/dragon.profile
+++ b/etc/dragon.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/dropbox.profile b/etc/dropbox.profile
index 37dc196df..4a1e192c7 100644
--- a/etc/dropbox.profile
+++ b/etc/dropbox.profile
@@ -30,6 +30,7 @@ nogroups
30nonewprivs 30nonewprivs
31noroot 31noroot
32nosound 32nosound
33notv
33novideo 34novideo
34protocol unix,inet,inet6 35protocol unix,inet,inet6
35seccomp 36seccomp
@@ -39,4 +40,3 @@ private-dev
39private-tmp 40private-tmp
40 41
41noexec /tmp 42noexec /tmp
42notv
diff --git a/etc/electron.profile b/etc/electron.profile
index 1c5794af6..6ca67f8bb 100644
--- a/etc/electron.profile
+++ b/etc/electron.profile
@@ -15,6 +15,6 @@ netfilter
15nogroups 15nogroups
16nonewprivs 16nonewprivs
17noroot 17noroot
18notv
18protocol unix,inet,inet6,netlink 19protocol unix,inet,inet6,netlink
19seccomp 20seccomp
20notv
diff --git a/etc/elinks.profile b/etc/elinks.profile
index 35b27d015..d162a8c34 100644
--- a/etc/elinks.profile
+++ b/etc/elinks.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -31,4 +32,3 @@ tracelog
31private-dev 32private-dev
32# private-etc none 33# private-etc none
33private-tmp 34private-tmp
34notv
diff --git a/etc/emacs.profile b/etc/emacs.profile
index e0bc682f4..fbf183f43 100644
--- a/etc/emacs.profile
+++ b/etc/emacs.profile
@@ -17,6 +17,6 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22notv
diff --git a/etc/empathy.profile b/etc/empathy.profile
index f3e6813a1..7a2503d34 100644
--- a/etc/empathy.profile
+++ b/etc/empathy.profile
@@ -15,6 +15,6 @@ netfilter
15nogroups 15nogroups
16nonewprivs 16nonewprivs
17noroot 17noroot
18notv
18protocol unix,inet,inet6 19protocol unix,inet,inet6
19seccomp 20seccomp
20notv
diff --git a/etc/enchant.profile b/etc/enchant.profile
index f5acf432e..35ead9c86 100644
--- a/etc/enchant.profile
+++ b/etc/enchant.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix 22protocol unix
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ tracelog
27# private-dev 28# private-dev
28# private-etc fonts 29# private-etc fonts
29# private-tmp 30# private-tmp
30notv
diff --git a/etc/engrampa.profile b/etc/engrampa.profile
index 45d2abcbb..05959e2cd 100644
--- a/etc/engrampa.profile
+++ b/etc/engrampa.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20novideo 21novideo
21protocol unix 22protocol unix
22seccomp 23seccomp
@@ -27,4 +28,3 @@ tracelog
27private-dev 28private-dev
28# private-etc fonts 29# private-etc fonts
29# private-tmp 30# private-tmp
30notv
diff --git a/etc/eog.profile b/etc/eog.profile
index 655763b08..f65f854a8 100644
--- a/etc/eog.profile
+++ b/etc/eog.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25novideo 26novideo
26protocol unix 27protocol unix
27seccomp 28seccomp
@@ -35,4 +36,3 @@ private-tmp
35memory-deny-write-execute 36memory-deny-write-execute
36noexec ${HOME} 37noexec ${HOME}
37noexec /tmp 38noexec /tmp
38notv
diff --git a/etc/eom.profile b/etc/eom.profile
index ba31eaa5d..99f784c52 100644
--- a/etc/eom.profile
+++ b/etc/eom.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix 25protocol unix
25seccomp 26seccomp
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/epiphany.profile b/etc/epiphany.profile
index d1a0c2f53..aec536d42 100644
--- a/etc/epiphany.profile
+++ b/etc/epiphany.profile
@@ -25,6 +25,6 @@ include /etc/firejail/whitelist-common.inc
25caps.drop all 25caps.drop all
26netfilter 26netfilter
27nonewprivs 27nonewprivs
28notv
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
30notv
diff --git a/etc/etr.profile b/etc/etr.profile
index 5676d9ea7..8b079754a 100644
--- a/etc/etr.profile
+++ b/etc/etr.profile
@@ -20,6 +20,7 @@ net none
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix,netlink 24protocol unix,netlink
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ shell none
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/evince.profile b/etc/evince.profile
index aba6a1d5a..23eee6c55 100644
--- a/etc/evince.profile
+++ b/etc/evince.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -34,4 +35,3 @@ private-etc fonts
34memory-deny-write-execute 35memory-deny-write-execute
35noexec ${HOME} 36noexec ${HOME}
36noexec /tmp 37noexec /tmp
37notv
diff --git a/etc/evolution.profile b/etc/evolution.profile
index 94cd82ed8..cedbd2a18 100644
--- a/etc/evolution.profile
+++ b/etc/evolution.profile
@@ -27,6 +27,7 @@ nogroups
27nonewprivs 27nonewprivs
28noroot 28noroot
29nosound 29nosound
30notv
30protocol unix,inet,inet6 31protocol unix,inet,inet6
31seccomp 32seccomp
32shell none 33shell none
@@ -36,4 +37,3 @@ private-tmp
36 37
37noexec ${HOME} 38noexec ${HOME}
38noexec /tmp 39noexec /tmp
39notv
diff --git a/etc/exiftool.profile b/etc/exiftool.profile
index 58c0c9fc7..e743e6b41 100644
--- a/etc/exiftool.profile
+++ b/etc/exiftool.profile
@@ -24,6 +24,7 @@ nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26nosound 26nosound
27notv
27protocol unix 28protocol unix
28seccomp 29seccomp
29shell none 30shell none
@@ -33,4 +34,3 @@ tracelog
33private-dev 34private-dev
34private-etc none 35private-etc none
35private-tmp 36private-tmp
36notv
diff --git a/etc/fbreader.profile b/etc/fbreader.profile
index 27345be2a..e124200fc 100644
--- a/etc/fbreader.profile
+++ b/etc/fbreader.profile
@@ -17,6 +17,7 @@ netfilter
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
@@ -24,4 +25,3 @@ shell none
24private-bin fbreader,FBReader 25private-bin fbreader,FBReader
25private-dev 26private-dev
26private-tmp 27private-tmp
27notv
diff --git a/etc/feh.profile b/etc/feh.profile
index 65639b4f7..c0d457ed1 100644
--- a/etc/feh.profile
+++ b/etc/feh.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix 21protocol unix
21seccomp 22seccomp
22shell none 23shell none
@@ -25,4 +26,3 @@ private-bin feh
25private-dev 26private-dev
26private-etc feh 27private-etc feh
27private-tmp 28private-tmp
28notv
diff --git a/etc/file-roller.profile b/etc/file-roller.profile
index 9effc7b38..68c0e8602 100644
--- a/etc/file-roller.profile
+++ b/etc/file-roller.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -32,4 +33,3 @@ private-dev
32memory-deny-write-execute 33memory-deny-write-execute
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/file.profile b/etc/file.profile
index 24f498213..0b34b5b37 100644
--- a/etc/file.profile
+++ b/etc/file.profile
@@ -19,6 +19,7 @@ no3d
19nogroups 19nogroups
20nonewprivs 20nonewprivs
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -28,4 +29,3 @@ x11 none
28private-bin file 29private-bin file
29private-dev 30private-dev
30private-etc magic.mgc,magic,localtime 31private-etc magic.mgc,magic,localtime
31notv
diff --git a/etc/filezilla.profile b/etc/filezilla.profile
index 002eebb8e..53bb0a1a7 100644
--- a/etc/filezilla.profile
+++ b/etc/filezilla.profile
@@ -17,6 +17,7 @@ netfilter
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
@@ -24,4 +25,3 @@ shell none
24private-bin filezilla,uname,sh,bash,dash,python,lsb_release,fzputtygen,fzsftp 25private-bin filezilla,uname,sh,bash,dash,python,lsb_release,fzputtygen,fzsftp
25private-dev 26private-dev
26private-tmp 27private-tmp
27notv
diff --git a/etc/firefox.profile b/etc/firefox.profile
index e94507c8f..b6d21a158 100644
--- a/etc/firefox.profile
+++ b/etc/firefox.profile
@@ -55,6 +55,7 @@ netfilter
55nogroups 55nogroups
56nonewprivs 56nonewprivs
57noroot 57noroot
58notv
58protocol unix,inet,inet6,netlink 59protocol unix,inet,inet6,netlink
59seccomp 60seccomp
60shell none 61shell none
@@ -68,4 +69,3 @@ private-tmp
68 69
69noexec ${HOME} 70noexec ${HOME}
70noexec /tmp 71noexec /tmp
71notv
diff --git a/etc/flashpeak-slimjet.profile b/etc/flashpeak-slimjet.profile
index 659fe1d43..e9c09e4ba 100644
--- a/etc/flashpeak-slimjet.profile
+++ b/etc/flashpeak-slimjet.profile
@@ -32,6 +32,6 @@ caps.drop all
32netfilter 32netfilter
33nonewprivs 33nonewprivs
34noroot 34noroot
35notv
35protocol unix,inet,inet6,netlink 36protocol unix,inet,inet6,netlink
36seccomp 37seccomp
37notv
diff --git a/etc/flowblade.profile b/etc/flowblade.profile
index d10d3eb7c..a00b1bf5e 100644
--- a/etc/flowblade.profile
+++ b/etc/flowblade.profile
@@ -18,6 +18,7 @@ netfilter
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21protocol unix,inet,inet6,netlink 22protocol unix,inet,inet6,netlink
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ private-tmp
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/fontforge.profile b/etc/fontforge.profile
index d22c7310b..001e550e7 100644
--- a/etc/fontforge.profile
+++ b/etc/fontforge.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/fossamail.profile b/etc/fossamail.profile
index 75766f7d2..a6f07266b 100644
--- a/etc/fossamail.profile
+++ b/etc/fossamail.profile
@@ -17,5 +17,6 @@ whitelist ~/.fossamail
17whitelist ~/.gnupg 17whitelist ~/.gnupg
18include /etc/firejail/whitelist-common.inc 18include /etc/firejail/whitelist-common.inc
19 19
20include /etc/firejail/firefox.profile
21notv 20notv
21
22include /etc/firejail/firefox.profile
diff --git a/etc/franz.profile b/etc/franz.profile
index aa200367c..128d88a9a 100644
--- a/etc/franz.profile
+++ b/etc/franz.profile
@@ -27,6 +27,7 @@ netfilter
27nogroups 27nogroups
28nonewprivs 28nonewprivs
29noroot 29noroot
30notv
30protocol unix,inet,inet6,netlink 31protocol unix,inet,inet6,netlink
31seccomp 32seccomp
32shell none 33shell none
@@ -37,4 +38,3 @@ private-tmp
37 38
38noexec ${HOME} 39noexec ${HOME}
39noexec /tmp 40noexec /tmp
40notv
diff --git a/etc/frozen-bubble.profile b/etc/frozen-bubble.profile
index aa52fc264..c66c76c05 100644
--- a/etc/frozen-bubble.profile
+++ b/etc/frozen-bubble.profile
@@ -20,6 +20,7 @@ net none
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix,netlink 24protocol unix,netlink
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ shell none
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/gajim.profile b/etc/gajim.profile
index fead7f6ae..79ff6217a 100644
--- a/etc/gajim.profile
+++ b/etc/gajim.profile
@@ -31,6 +31,7 @@ netfilter
31nogroups 31nogroups
32nonewprivs 32nonewprivs
33noroot 33noroot
34notv
34protocol unix,inet,inet6 35protocol unix,inet,inet6
35seccomp 36seccomp
36shell none 37shell none
@@ -42,4 +43,3 @@ private-dev
42# private-tmp 43# private-tmp
43# Allow the local python 2.7 site packages, in case any plugins are using these 44# Allow the local python 2.7 site packages, in case any plugins are using these
44read-only ${HOME}/.local/lib/python2.7/site-packages/ 45read-only ${HOME}/.local/lib/python2.7/site-packages/
45notv
diff --git a/etc/galculator.profile b/etc/galculator.profile
index 816a338a7..e6006aded 100644
--- a/etc/galculator.profile
+++ b/etc/galculator.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25protocol unix 26protocol unix
26seccomp 27seccomp
27shell none 28shell none
@@ -31,4 +32,3 @@ private-bin galculator
31private-dev 32private-dev
32private-etc fonts 33private-etc fonts
33private-tmp 34private-tmp
34notv
diff --git a/etc/geany.profile b/etc/geany.profile
index 88ce48bc1..f5e821d62 100644
--- a/etc/geany.profile
+++ b/etc/geany.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
@@ -25,4 +26,3 @@ shell none
25 26
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/gedit.profile b/etc/gedit.profile
index f82077366..a215a0d61 100644
--- a/etc/gedit.profile
+++ b/etc/gedit.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix 25protocol unix
25seccomp 26seccomp
26shell none 27shell none
@@ -33,4 +34,3 @@ private-tmp
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/geeqie.profile b/etc/geeqie.profile
index e33e0b7b1..26636ca64 100644
--- a/etc/geeqie.profile
+++ b/etc/geeqie.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -26,4 +27,3 @@ shell none
26# private-bin geeqie 27# private-bin geeqie
27private-dev 28private-dev
28# private-etc X11 29# private-etc X11
29notv
diff --git a/etc/gimp.profile b/etc/gimp.profile
index b7b5b03b7..510d2aa0a 100644
--- a/etc/gimp.profile
+++ b/etc/gimp.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix 21protocol unix
21seccomp 22seccomp
22shell none 23shell none
@@ -28,4 +29,3 @@ private-tmp
28# if you are not using external plugins, you can enable noexec statement below 29# if you are not using external plugins, you can enable noexec statement below
29# noexec ${HOME} 30# noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/git.profile b/etc/git.profile
index 563175307..142edcf1c 100644
--- a/etc/git.profile
+++ b/etc/git.profile
@@ -27,9 +27,9 @@ nogroups
27nonewprivs 27nonewprivs
28noroot 28noroot
29nosound 29nosound
30notv
30protocol unix,inet,inet6 31protocol unix,inet,inet6
31seccomp 32seccomp
32shell none 33shell none
33 34
34private-dev 35private-dev
35notv
diff --git a/etc/gitg.profile b/etc/gitg.profile
index a088b3cd8..570ed5a46 100644
--- a/etc/gitg.profile
+++ b/etc/gitg.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
@@ -31,4 +32,3 @@ private-tmp
31memory-deny-write-execute 32memory-deny-write-execute
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/gitter.profile b/etc/gitter.profile
index e54ea88d2..8566f636a 100644
--- a/etc/gitter.profile
+++ b/etc/gitter.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix,inet,inet6,netlink 22protocol unix,inet,inet6,netlink
22seccomp 23seccomp
23shell none 24shell none
@@ -25,4 +26,3 @@ shell none
25private-bin gitter 26private-bin gitter
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/gjs.profile b/etc/gjs.profile
index 348ccfe25..5e4bea850 100644
--- a/etc/gjs.profile
+++ b/etc/gjs.profile
@@ -22,6 +22,7 @@ netfilter
22nogroups 22nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25notv
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
27shell none 28shell none
@@ -31,4 +32,3 @@ tracelog
31private-dev 32private-dev
32# private-etc fonts 33# private-etc fonts
33private-tmp 34private-tmp
34notv
diff --git a/etc/globaltime.profile b/etc/globaltime.profile
index d86820d1e..1b16f4171 100644
--- a/etc/globaltime.profile
+++ b/etc/globaltime.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/gnome-2048.profile b/etc/gnome-2048.profile
index 531660e38..a31602338 100644
--- a/etc/gnome-2048.profile
+++ b/etc/gnome-2048.profile
@@ -21,6 +21,7 @@ netfilter
21no3d 21no3d
22nonewprivs 22nonewprivs
23noroot 23noroot
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile
index 955afe32b..ae8dbb35e 100644
--- a/etc/gnome-books.profile
+++ b/etc/gnome-books.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix 26protocol unix
26seccomp 27seccomp
@@ -34,4 +35,3 @@ private-tmp
34 35
35noexec ${HOME} 36noexec ${HOME}
36noexec /tmp 37noexec /tmp
37notv
diff --git a/etc/gnome-calculator.profile b/etc/gnome-calculator.profile
index 874ca5a87..b31ec3371 100644
--- a/etc/gnome-calculator.profile
+++ b/etc/gnome-calculator.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
24shell none 25shell none
@@ -33,4 +34,3 @@ private-tmp
33memory-deny-write-execute 34memory-deny-write-execute
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/gnome-chess.profile b/etc/gnome-chess.profile
index 8082fd253..6801a0f49 100644
--- a/etc/gnome-chess.profile
+++ b/etc/gnome-chess.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/gnome-clocks.profile b/etc/gnome-clocks.profile
index ad77c4f53..411bc8bdc 100644
--- a/etc/gnome-clocks.profile
+++ b/etc/gnome-clocks.profile
@@ -17,6 +17,7 @@ no3d
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/gnome-contacts.profile b/etc/gnome-contacts.profile
index 3a33a2ae3..7ce444eed 100644
--- a/etc/gnome-contacts.profile
+++ b/etc/gnome-contacts.profile
@@ -18,6 +18,7 @@ no3d
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile
index 4168d1b0b..62be67c5e 100644
--- a/etc/gnome-documents.profile
+++ b/etc/gnome-documents.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix 26protocol unix
26seccomp 27seccomp
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/gnome-font-viewer.profile b/etc/gnome-font-viewer.profile
index 1427a02ba..06e8f2bd0 100644
--- a/etc/gnome-font-viewer.profile
+++ b/etc/gnome-font-viewer.profile
@@ -17,6 +17,7 @@ no3d
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -27,4 +28,3 @@ private-tmp
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile
index 497e3e724..0e3846c05 100644
--- a/etc/gnome-maps.profile
+++ b/etc/gnome-maps.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
@@ -34,4 +35,3 @@ private-tmp
34 35
35noexec ${HOME} 36noexec ${HOME}
36noexec /tmp 37noexec /tmp
37notv
diff --git a/etc/gnome-music.profile b/etc/gnome-music.profile
index bc0ddc117..d3c61d9b4 100644
--- a/etc/gnome-music.profile
+++ b/etc/gnome-music.profile
@@ -18,6 +18,7 @@ no3d
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/gnome-photos.profile b/etc/gnome-photos.profile
index a2e74b9d7..68d1f2617 100644
--- a/etc/gnome-photos.profile
+++ b/etc/gnome-photos.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23protocol unix 24protocol unix
24seccomp 25seccomp
25shell none 26shell none
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/gnome-twitch.profile b/etc/gnome-twitch.profile
index 42fb81b36..0c325d3f2 100644
--- a/etc/gnome-twitch.profile
+++ b/etc/gnome-twitch.profile
@@ -23,6 +23,7 @@ caps.drop all
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix,inet,inet6 28protocol unix,inet,inet6
28seccomp 29seccomp
@@ -33,4 +34,3 @@ private-tmp
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile
index d0657a1d1..4d64defcf 100644
--- a/etc/gnome-weather.profile
+++ b/etc/gnome-weather.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -35,4 +36,3 @@ private-tmp
35 36
36noexec ${HOME} 37noexec ${HOME}
37noexec /tmp 38noexec /tmp
38notv
diff --git a/etc/goobox.profile b/etc/goobox.profile
index 7a9157e84..cfd479acc 100644
--- a/etc/goobox.profile
+++ b/etc/goobox.profile
@@ -16,6 +16,7 @@ netfilter
16nogroups 16nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix 20protocol unix
20seccomp 21seccomp
21shell none 22shell none
@@ -25,4 +26,3 @@ tracelog
25# private-dev 26# private-dev
26# private-etc fonts 27# private-etc fonts
27# private-tmp 28# private-tmp
28notv
diff --git a/etc/google-chrome-beta.profile b/etc/google-chrome-beta.profile
index 7f07bc959..a0a67883d 100644
--- a/etc/google-chrome-beta.profile
+++ b/etc/google-chrome-beta.profile
@@ -26,6 +26,7 @@ include /etc/firejail/whitelist-common.inc
26caps.keep sys_chroot,sys_admin 26caps.keep sys_chroot,sys_admin
27netfilter 27netfilter
28nogroups 28nogroups
29notv
29shell none 30shell none
30 31
31private-dev 32private-dev
@@ -33,4 +34,3 @@ private-dev
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/google-chrome-unstable.profile b/etc/google-chrome-unstable.profile
index 7dc90faf3..8d5057a5d 100644
--- a/etc/google-chrome-unstable.profile
+++ b/etc/google-chrome-unstable.profile
@@ -26,6 +26,7 @@ include /etc/firejail/whitelist-common.inc
26caps.keep sys_chroot,sys_admin 26caps.keep sys_chroot,sys_admin
27netfilter 27netfilter
28nogroups 28nogroups
29notv
29shell none 30shell none
30 31
31private-dev 32private-dev
@@ -33,4 +34,3 @@ private-dev
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/google-chrome.profile b/etc/google-chrome.profile
index 3e539ea71..be016d7e7 100644
--- a/etc/google-chrome.profile
+++ b/etc/google-chrome.profile
@@ -26,6 +26,7 @@ include /etc/firejail/whitelist-common.inc
26caps.keep sys_chroot,sys_admin 26caps.keep sys_chroot,sys_admin
27netfilter 27netfilter
28nogroups 28nogroups
29notv
29shell none 30shell none
30 31
31private-dev 32private-dev
@@ -33,4 +34,3 @@ private-dev
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/google-play-music-desktop-player.profile b/etc/google-play-music-desktop-player.profile
index c1af553c3..550d3d63c 100644
--- a/etc/google-play-music-desktop-player.profile
+++ b/etc/google-play-music-desktop-player.profile
@@ -23,6 +23,7 @@ no3d
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix,inet,inet6,netlink 28protocol unix,inet,inet6,netlink
28seccomp 29seccomp
@@ -34,4 +35,3 @@ private-tmp
34 35
35noexec ${HOME} 36noexec ${HOME}
36noexec /tmp 37noexec /tmp
37notv
diff --git a/etc/gpa.profile b/etc/gpa.profile
index b55a60e02..c5f767cf8 100644
--- a/etc/gpa.profile
+++ b/etc/gpa.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
23shell none 24shell none
@@ -25,4 +26,3 @@ tracelog
25 26
26# private-bin gpa,gpg 27# private-bin gpa,gpg
27private-dev 28private-dev
28notv
diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile
index f73b21379..c1c6b7686 100644
--- a/etc/gpg-agent.profile
+++ b/etc/gpg-agent.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26shell none 27shell none
@@ -28,4 +29,3 @@ tracelog
28 29
29# private-bin gpg-agent,gpg 30# private-bin gpg-agent,gpg
30private-dev 31private-dev
31notv
diff --git a/etc/gpg.profile b/etc/gpg.profile
index 73d7eeaf9..137e37d5f 100644
--- a/etc/gpg.profile
+++ b/etc/gpg.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26shell none 27shell none
@@ -28,4 +29,3 @@ tracelog
28 29
29# private-bin gpg,gpg-agent 30# private-bin gpg,gpg-agent
30private-dev 31private-dev
31notv
diff --git a/etc/gpicview.profile b/etc/gpicview.profile
index 32cd56956..ad30915a4 100644
--- a/etc/gpicview.profile
+++ b/etc/gpicview.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix 22protocol unix
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ private-bin gpicview
27private-dev 28private-dev
28private-etc fonts 29private-etc fonts
29private-tmp 30private-tmp
30notv
diff --git a/etc/gpredict.profile b/etc/gpredict.profile
index 4bf4fd78d..8066579d3 100644
--- a/etc/gpredict.profile
+++ b/etc/gpredict.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26shell none 27shell none
@@ -33,4 +34,3 @@ private-tmp
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/gthumb.profile b/etc/gthumb.profile
index 244fe4d61..4911fbaae 100644
--- a/etc/gthumb.profile
+++ b/etc/gthumb.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -27,4 +28,3 @@ tracelog
27private-bin gthumb 28private-bin gthumb
28private-dev 29private-dev
29private-tmp 30private-tmp
30notv
diff --git a/etc/guayadeque.profile b/etc/guayadeque.profile
index ac0000bd8..7713f216f 100644
--- a/etc/guayadeque.profile
+++ b/etc/guayadeque.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6,netlink 21protocol unix,inet,inet6,netlink
21seccomp 22seccomp
22shell none 23shell none
@@ -27,4 +28,3 @@ private-tmp
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/gucharmap.profile b/etc/gucharmap.profile
index 75b58178a..cfb014623 100644
--- a/etc/gucharmap.profile
+++ b/etc/gucharmap.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/gwenview.profile b/etc/gwenview.profile
index 463bfd9bc..b0a1fc5ef 100644
--- a/etc/gwenview.profile
+++ b/etc/gwenview.profile
@@ -23,6 +23,7 @@ caps.drop all
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix 28protocol unix
28seccomp 29seccomp
@@ -35,4 +36,3 @@ private-dev
35 36
36noexec ${HOME} 37noexec ${HOME}
37noexec /tmp 38noexec /tmp
38notv
diff --git a/etc/gzip.profile b/etc/gzip.profile
index 2c6e521fd..3d0f223f0 100644
--- a/etc/gzip.profile
+++ b/etc/gzip.profile
@@ -12,10 +12,10 @@ ignore noroot
12net none 12net none
13no3d 13no3d
14nosound 14nosound
15notv
15shell none 16shell none
16tracelog 17tracelog
17 18
18private-dev 19private-dev
19 20
20include /etc/firejail/default.profile 21include /etc/firejail/default.profile
21notv
diff --git a/etc/handbrake.profile b/etc/handbrake.profile
index 11d1210ea..2b32abca6 100644
--- a/etc/handbrake.profile
+++ b/etc/handbrake.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix,inet,inet6,netlink 23protocol unix,inet,inet6,netlink
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/hashcat.profile b/etc/hashcat.profile
index f79b764a9..8f4ddce07 100644
--- a/etc/hashcat.profile
+++ b/etc/hashcat.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/hedgewars.profile b/etc/hedgewars.profile
index 80630b6d6..90515b8de 100644
--- a/etc/hedgewars.profile
+++ b/etc/hedgewars.profile
@@ -21,10 +21,10 @@ netfilter
21nogroups 21nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24notv
24seccomp 25seccomp
25tracelog 26tracelog
26 27
27disable-mnt 28disable-mnt
28private-dev 29private-dev
29private-tmp 30private-tmp
30notv
diff --git a/etc/hexchat.profile b/etc/hexchat.profile
index 2befcf1fb..178f384b1 100644
--- a/etc/hexchat.profile
+++ b/etc/hexchat.profile
@@ -24,6 +24,7 @@ nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26nosound 26nosound
27notv
27novideo 28novideo
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
@@ -38,4 +39,3 @@ private-tmp
38 39
39noexec ${HOME} 40noexec ${HOME}
40noexec /tmp 41noexec /tmp
41notv
diff --git a/etc/highlight.profile b/etc/highlight.profile
index 69027e9af..decba5f6c 100644
--- a/etc/highlight.profile
+++ b/etc/highlight.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -28,4 +29,3 @@ private-bin highlight
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/hugin.profile b/etc/hugin.profile
index 9e6f8525e..5d66ce3db 100644
--- a/etc/hugin.profile
+++ b/etc/hugin.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/icecat.profile b/etc/icecat.profile
index fcce3f931..4829675bb 100644
--- a/etc/icecat.profile
+++ b/etc/icecat.profile
@@ -39,6 +39,7 @@ caps.drop all
39netfilter 39netfilter
40nonewprivs 40nonewprivs
41noroot 41noroot
42notv
42protocol unix,inet,inet6,netlink 43protocol unix,inet,inet6,netlink
43seccomp 44seccomp
44tracelog 45tracelog
@@ -47,4 +48,3 @@ tracelog
47 48
48noexec ${HOME} 49noexec ${HOME}
49noexec /tmp 50noexec /tmp
50notv
diff --git a/etc/idea.sh.profile b/etc/idea.sh.profile
index 8986e5082..d74386afa 100644
--- a/etc/idea.sh.profile
+++ b/etc/idea.sh.profile
@@ -23,6 +23,7 @@ netfilter
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix,inet,inet6 28protocol unix,inet,inet6
28seccomp 29seccomp
@@ -32,4 +33,3 @@ private-dev
32# private-tmp 33# private-tmp
33 34
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/img2txt.profile b/etc/img2txt.profile
index cfcbdab1b..2d2e686b8 100644
--- a/etc/img2txt.profile
+++ b/etc/img2txt.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix 21protocol unix
21seccomp 22seccomp
22shell none 23shell none
@@ -26,4 +27,3 @@ tracelog
26private-dev 27private-dev
27# private-etc none 28# private-etc none
28private-tmp 29private-tmp
29notv
diff --git a/etc/inkscape.profile b/etc/inkscape.profile
index b289a7fbd..7c0fdfc97 100644
--- a/etc/inkscape.profile
+++ b/etc/inkscape.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/jd-gui.profile b/etc/jd-gui.profile
index 302389bec..990e1a563 100644
--- a/etc/jd-gui.profile
+++ b/etc/jd-gui.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix 25protocol unix
25seccomp 26seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/jitsi.profile b/etc/jitsi.profile
index 5c4e66d7c..5e835b2a3 100644
--- a/etc/jitsi.profile
+++ b/etc/jitsi.profile
@@ -16,6 +16,7 @@ caps.drop all
16nogroups 16nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20seccomp 21seccomp
21shell none 22shell none
@@ -23,4 +24,3 @@ tracelog
23 24
24disable-mnt 25disable-mnt
25private-tmp 26private-tmp
26notv
diff --git a/etc/k3b.profile b/etc/k3b.profile
index 79566fbc8..ca190ecb9 100644
--- a/etc/k3b.profile
+++ b/etc/k3b.profile
@@ -19,6 +19,7 @@ no3d
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -28,4 +29,3 @@ tracelog
28# private-bin 29# private-bin
29# private-etc 30# private-etc
30# private-tmp 31# private-tmp
31notv
diff --git a/etc/kate.profile b/etc/kate.profile
index 32b27b419..7f44454b7 100644
--- a/etc/kate.profile
+++ b/etc/kate.profile
@@ -23,6 +23,7 @@ nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25nosound 25nosound
26notv
26novideo 27novideo
27protocol unix 28protocol unix
28seccomp 29seccomp
@@ -33,4 +34,3 @@ tracelog
33private-dev 34private-dev
34# private-etc fonts 35# private-etc fonts
35private-tmp 36private-tmp
36notv
diff --git a/etc/kcalc.profile b/etc/kcalc.profile
index bf113fd73..8e1239848 100644
--- a/etc/kcalc.profile
+++ b/etc/kcalc.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/keepass.profile b/etc/keepass.profile
index 558d35086..d925261a2 100644
--- a/etc/keepass.profile
+++ b/etc/keepass.profile
@@ -25,6 +25,7 @@ nogroups
25nonewprivs 25nonewprivs
26noroot 26noroot
27nosound 27nosound
28notv
28novideo 29novideo
29protocol unix,inet,inet6 30protocol unix,inet,inet6
30seccomp 31seccomp
@@ -35,4 +36,3 @@ private-tmp
35 36
36noexec ${HOME} 37noexec ${HOME}
37noexec /tmp 38noexec /tmp
38notv
diff --git a/etc/keepassx.profile b/etc/keepassx.profile
index 6397cea8e..cd9d7d0b3 100644
--- a/etc/keepassx.profile
+++ b/etc/keepassx.profile
@@ -23,6 +23,7 @@ nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25nosound 25nosound
26notv
26novideo 27novideo
27protocol unix 28protocol unix
28seccomp 29seccomp
@@ -36,4 +37,3 @@ private-tmp
36 37
37noexec ${HOME} 38noexec ${HOME}
38noexec /tmp 39noexec /tmp
39notv
diff --git a/etc/keepassx2.profile b/etc/keepassx2.profile
index def4f24af..dd81311df 100644
--- a/etc/keepassx2.profile
+++ b/etc/keepassx2.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25novideo 26novideo
26protocol unix 27protocol unix
27seccomp 28seccomp
@@ -34,4 +35,3 @@ private-tmp
34 35
35noexec ${HOME} 36noexec ${HOME}
36noexec /tmp 37noexec /tmp
37notv
diff --git a/etc/keepassxc.profile b/etc/keepassxc.profile
index 92f033d2d..5c8229b95 100644
--- a/etc/keepassxc.profile
+++ b/etc/keepassxc.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25novideo 26novideo
26protocol unix 27protocol unix
27seccomp 28seccomp
@@ -35,4 +36,3 @@ private-tmp
35memory-deny-write-execute 36memory-deny-write-execute
36noexec ${HOME} 37noexec ${HOME}
37noexec /tmp 38noexec /tmp
38notv
diff --git a/etc/kino.profile b/etc/kino.profile
index ecb96b73d..240dab8ef 100644
--- a/etc/kino.profile
+++ b/etc/kino.profile
@@ -18,6 +18,7 @@ netfilter
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/kmail.profile b/etc/kmail.profile
index 9539be64d..180beb2a6 100644
--- a/etc/kmail.profile
+++ b/etc/kmail.profile
@@ -17,10 +17,10 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6,netlink 21protocol unix,inet,inet6,netlink
21seccomp 22seccomp
22tracelog 23tracelog
23 24
24private-dev 25private-dev
25# private-tmp 26# private-tmp
26notv
diff --git a/etc/knotes.profile b/etc/knotes.profile
index a05100cf7..e5e449b35 100644
--- a/etc/knotes.profile
+++ b/etc/knotes.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix 22protocol unix
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ tracelog
27private-dev 28private-dev
28# private-etc fonts 29# private-etc fonts
29private-tmp 30private-tmp
30notv
diff --git a/etc/konversation.profile b/etc/konversation.profile
index 8372c1b6a..926839633 100644
--- a/etc/konversation.profile
+++ b/etc/konversation.profile
@@ -15,8 +15,8 @@ caps.drop all
15netfilter 15netfilter
16nogroups 16nogroups
17noroot 17noroot
18notv
18protocol unix,inet,inet6 19protocol unix,inet,inet6
19seccomp 20seccomp
20 21
21private-tmp 22private-tmp
22notv
diff --git a/etc/ktorrent.profile b/etc/ktorrent.profile
index 7256a3627..0c159bb0e 100644
--- a/etc/ktorrent.profile
+++ b/etc/ktorrent.profile
@@ -39,6 +39,7 @@ nogroups
39nonewprivs 39nonewprivs
40noroot 40noroot
41nosound 41nosound
42notv
42novideo 43novideo
43protocol unix,inet,inet6 44protocol unix,inet,inet6
44seccomp 45seccomp
@@ -49,4 +50,3 @@ private-tmp
49 50
50noexec ${HOME} 51noexec ${HOME}
51noexec /tmp 52noexec /tmp
52notv
diff --git a/etc/kwrite.profile b/etc/kwrite.profile
index ef2d801fd..15113f361 100644
--- a/etc/kwrite.profile
+++ b/etc/kwrite.profile
@@ -23,6 +23,7 @@ nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25# nosound - KWrite is using ALSA! 25# nosound - KWrite is using ALSA!
26notv
26novideo 27novideo
27protocol unix 28protocol unix
28seccomp 29seccomp
@@ -33,4 +34,3 @@ tracelog
33private-dev 34private-dev
34# private-etc fonts 35# private-etc fonts
35private-tmp 36private-tmp
36notv
diff --git a/etc/leafpad.profile b/etc/leafpad.profile
index bb3b0113d..4fc549241 100644
--- a/etc/leafpad.profile
+++ b/etc/leafpad.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -28,4 +29,3 @@ private-dev
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/less.profile b/etc/less.profile
index 6259a61b5..e0800891e 100644
--- a/etc/less.profile
+++ b/etc/less.profile
@@ -12,9 +12,11 @@ ignore noroot
12net none 12net none
13no3d 13no3d
14nosound 14nosound
15notv
15novideo 16novideo
16shell none 17shell none
17tracelog 18tracelog
19writable-var-log
18 20
19# The user can have a custom coloring scritps configured in ~/.lessfilter. 21# The user can have a custom coloring scritps configured in ~/.lessfilter.
20# Enable private-bin if you are not using any filter. 22# Enable private-bin if you are not using any filter.
@@ -24,7 +26,5 @@ private-dev
24memory-deny-write-execute 26memory-deny-write-execute
25noexec ${HOME} 27noexec ${HOME}
26noexec /tmp 28noexec /tmp
27writable-var-log
28 29
29include /etc/firejail/default.profile 30include /etc/firejail/default.profile
30notv
diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile
index 3204788c4..584020919 100644
--- a/etc/libreoffice.profile
+++ b/etc/libreoffice.profile
@@ -19,6 +19,7 @@ netfilter
19nogroups 19nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22notv
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
24shell none 25shell none
@@ -28,4 +29,3 @@ private-dev
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/liferea.profile b/etc/liferea.profile
index 4c1ec4282..78adac568 100644
--- a/etc/liferea.profile
+++ b/etc/liferea.profile
@@ -29,6 +29,7 @@ nogroups
29nonewprivs 29nonewprivs
30noroot 30noroot
31# nosound 31# nosound
32notv
32novideo 33novideo
33protocol unix,inet,inet6 34protocol unix,inet,inet6
34seccomp 35seccomp
@@ -40,4 +41,3 @@ private-tmp
40 41
41noexec ${HOME} 42noexec ${HOME}
42noexec /tmp 43noexec /tmp
43notv
diff --git a/etc/lollypop.profile b/etc/lollypop.profile
index 5b211cf53..587a46353 100644
--- a/etc/lollypop.profile
+++ b/etc/lollypop.profile
@@ -18,6 +18,7 @@ no3d
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/luminance-hdr.profile b/etc/luminance-hdr.profile
index 230cd9dfb..164b6296f 100644
--- a/etc/luminance-hdr.profile
+++ b/etc/luminance-hdr.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/lximage-qt.profile b/etc/lximage-qt.profile
index 350ad51e6..08c6007ae 100644
--- a/etc/lximage-qt.profile
+++ b/etc/lximage-qt.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/lxmusic.profile b/etc/lxmusic.profile
index c99c4d80b..c5db75467 100644
--- a/etc/lxmusic.profile
+++ b/etc/lxmusic.profile
@@ -19,6 +19,7 @@ no3d
19nogroups 19nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/lxterminal.profile b/etc/lxterminal.profile
index 026c9858a..72401bdff 100644
--- a/etc/lxterminal.profile
+++ b/etc/lxterminal.profile
@@ -13,6 +13,6 @@ include /etc/firejail/disable-programs.inc
13caps.drop all 13caps.drop all
14netfilter 14netfilter
15# noroot - somehow this breaks on Debian Jessie! 15# noroot - somehow this breaks on Debian Jessie!
16notv
16protocol unix,inet,inet6 17protocol unix,inet,inet6
17seccomp 18seccomp
18notv
diff --git a/etc/lynx.profile b/etc/lynx.profile
index 2df2b88a5..365f6dcdb 100644
--- a/etc/lynx.profile
+++ b/etc/lynx.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
24shell none 25shell none
@@ -28,4 +29,3 @@ tracelog
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile
index 03c6e8b6c..83f4f530f 100644
--- a/etc/mate-calc.profile
+++ b/etc/mate-calc.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/mate-calculator.profile b/etc/mate-calculator.profile
index 3fce03aa3..43bb3ebb4 100644
--- a/etc/mate-calculator.profile
+++ b/etc/mate-calculator.profile
@@ -1,9 +1,6 @@
1# Firejail profile for mate-calculator 1# Firejail profile alias for mate-calc
2# This file is overwritten after every install/update 2# This file is overwritten after every install/update
3# Persistent local customizations 3
4include /etc/firejail/mate-calculator.local
5# Persistent global definitions
6include /etc/firejail/globals.local
7 4
8# Redirect 5# Redirect
9include include /etc/firejail/mate-calc.profile 6include /etc/firejail/mate-calc.profile
diff --git a/etc/mate-color-select.profile b/etc/mate-color-select.profile
index ad18883aa..6b41ab005 100644
--- a/etc/mate-color-select.profile
+++ b/etc/mate-color-select.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/mate-dictionary.profile b/etc/mate-dictionary.profile
index d12129614..dbeb9567b 100644
--- a/etc/mate-dictionary.profile
+++ b/etc/mate-dictionary.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/mcabber.profile b/etc/mcabber.profile
index f667b87d6..9a4505ab2 100644
--- a/etc/mcabber.profile
+++ b/etc/mcabber.profile
@@ -18,6 +18,7 @@ netfilter
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol inet,inet6 22protocol inet,inet6
22seccomp 23seccomp
23shell none 24shell none
@@ -25,4 +26,3 @@ shell none
25private-bin mcabber 26private-bin mcabber
26private-dev 27private-dev
27private-etc null 28private-etc null
28notv
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile
index b499a8ec4..81840d1b4 100644
--- a/etc/mediainfo.profile
+++ b/etc/mediainfo.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -28,4 +29,3 @@ private-bin mediainfo
28private-dev 29private-dev
29private-etc none 30private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/mediathekview.profile b/etc/mediathekview.profile
index 17c2eb035..b3c239be7 100644
--- a/etc/mediathekview.profile
+++ b/etc/mediathekview.profile
@@ -23,6 +23,7 @@ caps.drop all
23netfilter 23netfilter
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix,inet,inet6 28protocol unix,inet,inet6
28seccomp 29seccomp
@@ -33,4 +34,3 @@ private-tmp
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/meld.profile b/etc/meld.profile
index 012a6b515..e2c6dd00e 100644
--- a/etc/meld.profile
+++ b/etc/meld.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/midori.profile b/etc/midori.profile
index 5c35c4bab..6de433ae0 100644
--- a/etc/midori.profile
+++ b/etc/midori.profile
@@ -37,7 +37,7 @@ caps.drop all
37netfilter 37netfilter
38nonewprivs 38nonewprivs
39# noroot - problems on Ubuntu 14.04 39# noroot - problems on Ubuntu 14.04
40notv
40protocol unix,inet,inet6,netlink 41protocol unix,inet,inet6,netlink
41seccomp 42seccomp
42tracelog 43tracelog
43notv
diff --git a/etc/mousepad.profile b/etc/mousepad.profile
index e1eab3759..2725f004c 100644
--- a/etc/mousepad.profile
+++ b/etc/mousepad.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix 22protocol unix
22seccomp 23seccomp
23shell none 24shell none
@@ -26,4 +27,3 @@ tracelog
26private-bin mousepad 27private-bin mousepad
27private-dev 28private-dev
28private-tmp 29private-tmp
29notv
diff --git a/etc/multimc5.profile b/etc/multimc5.profile
index 27ca0a7e4..94cf7da86 100644
--- a/etc/multimc5.profile
+++ b/etc/multimc5.profile
@@ -25,6 +25,7 @@ netfilter
25nogroups 25nogroups
26nonewprivs 26nonewprivs
27noroot 27noroot
28notv
28novideo 29novideo
29protocol unix,inet,inet6 30protocol unix,inet,inet6
30# seccomp 31# seccomp
@@ -36,4 +37,3 @@ private-tmp
36 37
37noexec ${HOME} 38noexec ${HOME}
38noexec /tmp 39noexec /tmp
39notv
diff --git a/etc/mumble.profile b/etc/mumble.profile
index 0f9283d66..b4c6ed7cf 100644
--- a/etc/mumble.profile
+++ b/etc/mumble.profile
@@ -25,6 +25,7 @@ no3d
25nogroups 25nogroups
26nonewprivs 26nonewprivs
27noroot 27noroot
28notv
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
30shell none 31shell none
@@ -37,4 +38,3 @@ private-tmp
37memory-deny-write-execute 38memory-deny-write-execute
38noexec ${HOME} 39noexec ${HOME}
39noexec /tmp 40noexec /tmp
40notv
diff --git a/etc/mupdf.profile b/etc/mupdf.profile
index 761150754..7d933867f 100644
--- a/etc/mupdf.profile
+++ b/etc/mupdf.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20protocol unix 21protocol unix
21seccomp 22seccomp
22# seccomp.keep access,arch_prctl,brk,clone,close,connect,execve,exit_group,fchmod,fchown,fcntl,fstat,futex,getcwd,getpeername,getrlimit,getsockname,getsockopt,lseek,lstat,mlock,mmap,mprotect,mremap,munmap,nanosleep,open,poll,prctl,read,recvfrom,recvmsg,restart_syscall,rt_sigaction,rt_sigprocmask,select,sendmsg,set_robust_list,set_tid_address,setresgid,setresuid,shmat,shmctl,shmget,shutdown,socket,stat,sysinfo,uname,unshare,wait4,write,writev 23# seccomp.keep access,arch_prctl,brk,clone,close,connect,execve,exit_group,fchmod,fchown,fcntl,fstat,futex,getcwd,getpeername,getrlimit,getsockname,getsockopt,lseek,lstat,mlock,mmap,mprotect,mremap,munmap,nanosleep,open,poll,prctl,read,recvfrom,recvmsg,restart_syscall,rt_sigaction,rt_sigprocmask,select,sendmsg,set_robust_list,set_tid_address,setresgid,setresuid,shmat,shmctl,shmget,shutdown,socket,stat,sysinfo,uname,unshare,wait4,write,writev
@@ -27,6 +28,6 @@ tracelog
27private-dev 28private-dev
28private-etc fonts 29private-etc fonts
29private-tmp 30private-tmp
31
30# mupdf will never write anything 32# mupdf will never write anything
31read-only ${HOME} 33read-only ${HOME}
32notv
diff --git a/etc/mupen64plus.profile b/etc/mupen64plus.profile
index 980ed522e..b2415acab 100644
--- a/etc/mupen64plus.profile
+++ b/etc/mupen64plus.profile
@@ -24,5 +24,5 @@ caps.drop all
24net none 24net none
25nonewprivs 25nonewprivs
26noroot 26noroot
27seccomp
28notv 27notv
28seccomp
diff --git a/etc/mutt.profile b/etc/mutt.profile
index c5202c9f0..1ce1b7065 100644
--- a/etc/mutt.profile
+++ b/etc/mutt.profile
@@ -42,9 +42,9 @@ nogroups
42nonewprivs 42nonewprivs
43noroot 43noroot
44nosound 44nosound
45notv
45protocol unix,inet,inet6 46protocol unix,inet,inet6
46seccomp 47seccomp
47shell none 48shell none
48 49
49private-dev 50private-dev
50notv
diff --git a/etc/nautilus.profile b/etc/nautilus.profile
index 577f63b8a..83599c683 100644
--- a/etc/nautilus.profile
+++ b/etc/nautilus.profile
@@ -23,6 +23,7 @@ netfilter
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26protocol unix 27protocol unix
27seccomp 28seccomp
28shell none 29shell none
@@ -33,4 +34,3 @@ tracelog
33# private-dev 34# private-dev
34# private-etc fonts 35# private-etc fonts
35# private-tmp 36# private-tmp
36notv
diff --git a/etc/nemo.profile b/etc/nemo.profile
index 1df3688a3..29a2cad9d 100644
--- a/etc/nemo.profile
+++ b/etc/nemo.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -28,4 +29,3 @@ shell none
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/netsurf.profile b/etc/netsurf.profile
index e32b7250f..df2241f3a 100644
--- a/etc/netsurf.profile
+++ b/etc/netsurf.profile
@@ -23,7 +23,7 @@ caps.drop all
23netfilter 23netfilter
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26protocol unix,inet,inet6,netlink 27protocol unix,inet,inet6,netlink
27seccomp 28seccomp
28tracelog 29tracelog
29notv
diff --git a/etc/nylas.profile b/etc/nylas.profile
index 9dda3c303..e9a277e5c 100644
--- a/etc/nylas.profile
+++ b/etc/nylas.profile
@@ -24,9 +24,9 @@ nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26nosound 26nosound
27notv
27protocol unix,inet,inet6,netlink 28protocol unix,inet,inet6,netlink
28seccomp 29seccomp
29shell none 30shell none
30 31
31private-dev 32private-dev
32notv
diff --git a/etc/obs.profile b/etc/obs.profile
index 5aa46b64f..407161de5 100644
--- a/etc/obs.profile
+++ b/etc/obs.profile
@@ -16,6 +16,7 @@ caps.drop all
16nogroups 16nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20seccomp 21seccomp
21shell none 22shell none
@@ -26,4 +27,3 @@ private-tmp
26 27
27noexec ${HOME} 28noexec ${HOME}
28noexec /tmp 29noexec /tmp
29notv
diff --git a/etc/odt2txt.profile b/etc/odt2txt.profile
index dd45cf8df..d146dc571 100644
--- a/etc/odt2txt.profile
+++ b/etc/odt2txt.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -29,4 +30,3 @@ private-dev
29private-etc none 30private-etc none
30private-tmp 31private-tmp
31read-only ${HOME} 32read-only ${HOME}
32notv
diff --git a/etc/okular.profile b/etc/okular.profile
index 82841aa47..c36b76432 100644
--- a/etc/okular.profile
+++ b/etc/okular.profile
@@ -26,6 +26,7 @@ nogroups
26nonewprivs 26nonewprivs
27noroot 27noroot
28nosound 28nosound
29notv
29novideo 30novideo
30protocol unix 31protocol unix
31seccomp 32seccomp
@@ -39,4 +40,3 @@ private-tmp
39 40
40noexec ${HOME} 41noexec ${HOME}
41noexec /tmp 42noexec /tmp
42notv
diff --git a/etc/open-invaders.profile b/etc/open-invaders.profile
index 7eed37c20..8414315ea 100644
--- a/etc/open-invaders.profile
+++ b/etc/open-invaders.profile
@@ -20,6 +20,7 @@ net none
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix,netlink 24protocol unix,netlink
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ shell none
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/openshot.profile b/etc/openshot.profile
index 24d92cd9f..554bbd40b 100644
--- a/etc/openshot.profile
+++ b/etc/openshot.profile
@@ -18,6 +18,7 @@ netfilter
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21protocol unix,inet,inet6,netlink 22protocol unix,inet,inet6,netlink
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ private-tmp
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/orage.profile b/etc/orage.profile
index 410d27053..fb29becc5 100644
--- a/etc/orage.profile
+++ b/etc/orage.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix 25protocol unix
25seccomp 26seccomp
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/palemoon.profile b/etc/palemoon.profile
index 6e5d1f720..e21a9a73e 100644
--- a/etc/palemoon.profile
+++ b/etc/palemoon.profile
@@ -44,6 +44,7 @@ netfilter
44nogroups 44nogroups
45nonewprivs 45nonewprivs
46noroot 46noroot
47notv
47protocol unix,inet,inet6,netlink 48protocol unix,inet,inet6,netlink
48seccomp 49seccomp
49shell none 50shell none
@@ -54,4 +55,3 @@ tracelog
54# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse 55# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
55# private-opt palemoon 56# private-opt palemoon
56private-tmp 57private-tmp
57notv
diff --git a/etc/parole.profile b/etc/parole.profile
index 60a7cc365..a8ce63e73 100644
--- a/etc/parole.profile
+++ b/etc/parole.profile
@@ -15,10 +15,10 @@ caps.drop all
15netfilter 15netfilter
16nonewprivs 16nonewprivs
17noroot 17noroot
18notv
18protocol unix,inet,inet6 19protocol unix,inet,inet6
19seccomp 20seccomp
20shell none 21shell none
21 22
22private-bin parole,dbus-launch 23private-bin parole,dbus-launch
23private-etc passwd,group,fonts 24private-etc passwd,group,fonts
24notv
diff --git a/etc/pcmanfm.profile b/etc/pcmanfm.profile
index 0417cebd0..d35d4b369 100644
--- a/etc/pcmanfm.profile
+++ b/etc/pcmanfm.profile
@@ -20,9 +20,9 @@ no3d
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23novideo 24novideo
24protocol unix 25protocol unix
25seccomp 26seccomp
26shell none 27shell none
27tracelog 28tracelog
28notv
diff --git a/etc/pdfsam.profile b/etc/pdfsam.profile
index 89f830814..8af809e27 100644
--- a/etc/pdfsam.profile
+++ b/etc/pdfsam.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile
index bf1f2811b..d668f4554 100644
--- a/etc/pdftotext.profile
+++ b/etc/pdftotext.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-bin pdftotext
29private-dev 30private-dev
30private-etc none 31private-etc none
31private-tmp 32private-tmp
32notv
diff --git a/etc/peek.profile b/etc/peek.profile
index e39163b1f..54d7d105d 100644
--- a/etc/peek.profile
+++ b/etc/peek.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -31,4 +32,3 @@ private-tmp
31memory-deny-write-execute 32memory-deny-write-execute
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/picard.profile b/etc/picard.profile
index 2fa5dc22d..94a6f8573 100644
--- a/etc/picard.profile
+++ b/etc/picard.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/pidgin.profile b/etc/pidgin.profile
index 016f1c251..4471bcd87 100644
--- a/etc/pidgin.profile
+++ b/etc/pidgin.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
@@ -25,4 +26,3 @@ tracelog
25private-bin pidgin 26private-bin pidgin
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/pingus.profile b/etc/pingus.profile
index 981d7e5da..b3078db67 100644
--- a/etc/pingus.profile
+++ b/etc/pingus.profile
@@ -20,6 +20,7 @@ net none
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix,netlink 24protocol unix,netlink
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ shell none
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/pithos.profile b/etc/pithos.profile
index 8629853d5..9f60d41d0 100644
--- a/etc/pithos.profile
+++ b/etc/pithos.profile
@@ -18,6 +18,7 @@ no3d
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/pix.profile b/etc/pix.profile
index 4d37e3aa6..8062ff322 100644
--- a/etc/pix.profile
+++ b/etc/pix.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23protocol unix 24protocol unix
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ tracelog
28private-bin pix 29private-bin pix
29private-dev 30private-dev
30private-tmp 31private-tmp
31notv
diff --git a/etc/pluma.profile b/etc/pluma.profile
index f9682980a..80f9a8e57 100644
--- a/etc/pluma.profile
+++ b/etc/pluma.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21seccomp 22seccomp
22shell none 23shell none
23tracelog 24tracelog
@@ -25,4 +26,3 @@ tracelog
25private-bin pluma 26private-bin pluma
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/polari.profile b/etc/polari.profile
index 278c8765e..b31954ed4 100644
--- a/etc/polari.profile
+++ b/etc/polari.profile
@@ -31,6 +31,7 @@ nogroups
31nonewprivs 31nonewprivs
32noroot 32noroot
33nosound 33nosound
34notv
34protocol unix,inet,inet6 35protocol unix,inet,inet6
35seccomp 36seccomp
36shell none 37shell none
@@ -42,4 +43,3 @@ private-tmp
42 43
43noexec ${HOME} 44noexec ${HOME}
44noexec /tmp 45noexec /tmp
45notv
diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile
index b57999bf0..96dbfdfb4 100644
--- a/etc/psi-plus.profile
+++ b/etc/psi-plus.profile
@@ -28,6 +28,7 @@ no3d
28nogroups 28nogroups
29nonewprivs 29nonewprivs
30noroot 30noroot
31notv
31novideo 32novideo
32protocol unix,inet,inet6 33protocol unix,inet,inet6
33seccomp 34seccomp
@@ -39,4 +40,3 @@ private-tmp
39 40
40noexec ${HOME} 41noexec ${HOME}
41noexec /tmp 42noexec /tmp
42notv
diff --git a/etc/qbittorrent.profile b/etc/qbittorrent.profile
index 7cd512ca5..3cfbff52e 100644
--- a/etc/qbittorrent.profile
+++ b/etc/qbittorrent.profile
@@ -33,6 +33,7 @@ nogroups
33nonewprivs 33nonewprivs
34noroot 34noroot
35nosound 35nosound
36notv
36protocol unix,inet,inet6,netlink 37protocol unix,inet,inet6,netlink
37seccomp 38seccomp
38# shell none 39# shell none
@@ -41,4 +42,3 @@ seccomp
41private-dev 42private-dev
42# private-etc X11,fonts,xdg,resolv.conf 43# private-etc X11,fonts,xdg,resolv.conf
43private-tmp 44private-tmp
44notv
diff --git a/etc/qemu-launcher.profile b/etc/qemu-launcher.profile
index 96fbf90bd..a80d21129 100644
--- a/etc/qemu-launcher.profile
+++ b/etc/qemu-launcher.profile
@@ -16,6 +16,7 @@ netfilter
16nogroups 16nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20seccomp 21seccomp
21shell none 22shell none
@@ -24,4 +25,3 @@ tracelog
24private-tmp 25private-tmp
25 26
26noexec /tmp 27noexec /tmp
27notv
diff --git a/etc/qemu-system-x86_64.profile b/etc/qemu-system-x86_64.profile
index 146588dcc..bec350bc5 100644
--- a/etc/qemu-system-x86_64.profile
+++ b/etc/qemu-system-x86_64.profile
@@ -15,6 +15,7 @@ netfilter
15nogroups 15nogroups
16nonewprivs 16nonewprivs
17noroot 17noroot
18notv
18protocol unix,inet,inet6 19protocol unix,inet,inet6
19seccomp 20seccomp
20shell none 21shell none
@@ -23,4 +24,3 @@ tracelog
23private-tmp 24private-tmp
24 25
25noexec /tmp 26noexec /tmp
26notv
diff --git a/etc/qlipper.profile b/etc/qlipper.profile
index 94347c1f6..8e37515ee 100644
--- a/etc/qlipper.profile
+++ b/etc/qlipper.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/qpdfview.profile b/etc/qpdfview.profile
index 7e3d32f61..fb34ff788 100644
--- a/etc/qpdfview.profile
+++ b/etc/qpdfview.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -27,4 +28,3 @@ tracelog
27private-bin qpdfview 28private-bin qpdfview
28private-dev 29private-dev
29private-tmp 30private-tmp
30notv
diff --git a/etc/qtox.profile b/etc/qtox.profile
index 78ec984cd..b4c019979 100644
--- a/etc/qtox.profile
+++ b/etc/qtox.profile
@@ -25,6 +25,7 @@ netfilter
25nogroups 25nogroups
26nonewprivs 26nonewprivs
27noroot 27noroot
28notv
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
30shell none 31shell none
@@ -36,4 +37,3 @@ private-tmp
36 37
37noexec ${HOME} 38noexec ${HOME}
38noexec /tmp 39noexec /tmp
39notv
diff --git a/etc/quassel.profile b/etc/quassel.profile
index 498556426..897fc1044 100644
--- a/etc/quassel.profile
+++ b/etc/quassel.profile
@@ -14,6 +14,6 @@ caps.drop all
14netfilter 14netfilter
15nonewprivs 15nonewprivs
16noroot 16noroot
17notv
17protocol unix,inet,inet6 18protocol unix,inet,inet6
18seccomp 19seccomp
19notv
diff --git a/etc/quiterss.profile b/etc/quiterss.profile
index 42dceec83..7508365ca 100644
--- a/etc/quiterss.profile
+++ b/etc/quiterss.profile
@@ -32,6 +32,7 @@ nogroups
32nonewprivs 32nonewprivs
33noroot 33noroot
34nosound 34nosound
35notv
35protocol unix,inet,inet6 36protocol unix,inet,inet6
36seccomp 37seccomp
37shell none 38shell none
@@ -44,4 +45,3 @@ private-dev
44 45
45noexec ${HOME} 46noexec ${HOME}
46noexec /tmp 47noexec /tmp
47notv
diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile
index 5fd6765f2..35687c51c 100644
--- a/etc/qupzilla.profile
+++ b/etc/qupzilla.profile
@@ -21,9 +21,9 @@ include /etc/firejail/whitelist-common.inc
21caps.drop all 21caps.drop all
22netfilter 22netfilter
23noroot 23noroot
24notv
24protocol unix,inet,inet6,netlink 25protocol unix,inet,inet6,netlink
25seccomp 26seccomp
26tracelog 27tracelog
27 28
28# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse 29# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
29notv
diff --git a/etc/qutebrowser.profile b/etc/qutebrowser.profile
index aa44a0a94..035636d9b 100644
--- a/etc/qutebrowser.profile
+++ b/etc/qutebrowser.profile
@@ -25,7 +25,7 @@ caps.drop all
25netfilter 25netfilter
26nonewprivs 26nonewprivs
27noroot 27noroot
28notv
28protocol unix,inet,inet6,netlink 29protocol unix,inet,inet6,netlink
29seccomp 30seccomp
30tracelog 31tracelog
31notv
diff --git a/etc/rambox.profile b/etc/rambox.profile
index cb859d25e..c66fdb964 100644
--- a/etc/rambox.profile
+++ b/etc/rambox.profile
@@ -24,7 +24,7 @@ netfilter
24nogroups 24nogroups
25nonewprivs 25nonewprivs
26noroot 26noroot
27notv
27protocol unix,inet,inet6,netlink 28protocol unix,inet,inet6,netlink
28seccomp 29seccomp
29# tracelog 30# tracelog
30notv
diff --git a/etc/ranger.profile b/etc/ranger.profile
index 34231e3a5..1cc3b07b9 100644
--- a/etc/ranger.profile
+++ b/etc/ranger.profile
@@ -22,8 +22,8 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25protocol unix 26protocol unix
26seccomp 27seccomp
27 28
28private-dev 29private-dev
29notv
diff --git a/etc/remmina.profile b/etc/remmina.profile
index fec723145..b03c0d9de 100644
--- a/etc/remmina.profile
+++ b/etc/remmina.profile
@@ -18,6 +18,7 @@ caps.drop all
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21novideo 22novideo
22protocol unix,inet,inet6 23protocol unix,inet,inet6
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile
index 03d50bf20..bcd72be9a 100644
--- a/etc/rhythmbox.profile
+++ b/etc/rhythmbox.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/ristretto.profile b/etc/ristretto.profile
index cf61b2da3..7971c79e6 100644
--- a/etc/ristretto.profile
+++ b/etc/ristretto.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix 26protocol unix
26seccomp 27seccomp
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/rtorrent.profile b/etc/rtorrent.profile
index 5c57d5bf5..5dcf1fe8d 100644
--- a/etc/rtorrent.profile
+++ b/etc/rtorrent.profile
@@ -16,6 +16,7 @@ netfilter
16nonewprivs 16nonewprivs
17noroot 17noroot
18nosound 18nosound
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20seccomp 21seccomp
21shell none 22shell none
@@ -23,4 +24,3 @@ shell none
23private-bin rtorrent 24private-bin rtorrent
24private-dev 25private-dev
25private-tmp 26private-tmp
26notv
diff --git a/etc/scribus.profile b/etc/scribus.profile
index b7e0b69e3..f18be4ac8 100644
--- a/etc/scribus.profile
+++ b/etc/scribus.profile
@@ -30,6 +30,7 @@ caps.drop all
30nonewprivs 30nonewprivs
31noroot 31noroot
32nosound 32nosound
33notv
33novideo 34novideo
34protocol unix 35protocol unix
35seccomp 36seccomp
@@ -37,4 +38,3 @@ tracelog
37 38
38private-dev 39private-dev
39# private-tmp 40# private-tmp
40notv
diff --git a/etc/sdat2img.profile b/etc/sdat2img.profile
index 78e04c9e7..7b13ac772 100644
--- a/etc/sdat2img.profile
+++ b/etc/sdat2img.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -28,4 +29,3 @@ private-dev
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile
index a127774ab..7d35eeb1b 100644
--- a/etc/seamonkey.profile
+++ b/etc/seamonkey.profile
@@ -39,9 +39,9 @@ caps.drop all
39netfilter 39netfilter
40nonewprivs 40nonewprivs
41noroot 41noroot
42notv
42protocol unix,inet,inet6,netlink 43protocol unix,inet,inet6,netlink
43seccomp 44seccomp
44tracelog 45tracelog
45 46
46# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse 47# private-etc passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse
47notv
diff --git a/etc/silentarmy.profile b/etc/silentarmy.profile
index fa8d570b9..bbbd5be10 100644
--- a/etc/silentarmy.profile
+++ b/etc/silentarmy.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/simple-scan.profile b/etc/simple-scan.profile
index 14c039fe1..9cf150066 100644
--- a/etc/simple-scan.profile
+++ b/etc/simple-scan.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22shell none 23shell none
23# seccomp 24# seccomp
@@ -27,4 +28,3 @@ tracelog
27# private-dev 28# private-dev
28# private-etc fonts 29# private-etc fonts
29# private-tmp 30# private-tmp
30notv
diff --git a/etc/simutrans.profile b/etc/simutrans.profile
index 540cbbb97..c2ef90853 100644
--- a/etc/simutrans.profile
+++ b/etc/simutrans.profile
@@ -20,6 +20,7 @@ net none
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix 24protocol unix
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ shell none
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/skanlite.profile b/etc/skanlite.profile
index 432e3633d..6fccba92c 100644
--- a/etc/skanlite.profile
+++ b/etc/skanlite.profile
@@ -17,6 +17,7 @@ nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19nosound 19nosound
20notv
20# protocol unix,inet,inet6 21# protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
@@ -25,4 +26,3 @@ shell none
25# private-dev 26# private-dev
26# private-etc 27# private-etc
27# private-tmp 28# private-tmp
28notv
diff --git a/etc/skype.profile b/etc/skype.profile
index 900c77b2c..13bf06aa6 100644
--- a/etc/skype.profile
+++ b/etc/skype.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
@@ -27,4 +28,3 @@ private-tmp
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/skypeforlinux.profile b/etc/skypeforlinux.profile
index a385d5d13..20632e91b 100644
--- a/etc/skypeforlinux.profile
+++ b/etc/skypeforlinux.profile
@@ -17,6 +17,7 @@ netfilter
17nogroups 17nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6,netlink 21protocol unix,inet,inet6,netlink
21seccomp 22seccomp
22shell none 23shell none
@@ -27,4 +28,3 @@ private-tmp
27 28
28noexec ${HOME} 29noexec ${HOME}
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/slack.profile b/etc/slack.profile
index 356c0366d..62463ff5c 100644
--- a/etc/slack.profile
+++ b/etc/slack.profile
@@ -27,6 +27,7 @@ netfilter
27nogroups 27nogroups
28nonewprivs 28nonewprivs
29noroot 29noroot
30notv
30protocol unix,inet,inet6,netlink 31protocol unix,inet,inet6,netlink
31seccomp 32seccomp
32shell none 33shell none
@@ -36,4 +37,3 @@ private-bin slack
36private-dev 37private-dev
37private-etc fonts,resolv.conf,ld.so.conf,ld.so.cache,localtime 38private-etc fonts,resolv.conf,ld.so.conf,ld.so.cache,localtime
38private-tmp 39private-tmp
39notv
diff --git a/etc/soundconverter.profile b/etc/soundconverter.profile
index ee9ee4f1d..933c0fc70 100644
--- a/etc/soundconverter.profile
+++ b/etc/soundconverter.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21novideo 22novideo
22protocol unix 23protocol unix
23seccomp 24seccomp
@@ -28,4 +29,3 @@ private-tmp
28 29
29noexec ${HOME} 30noexec ${HOME}
30noexec /tmp 31noexec /tmp
31notv
diff --git a/etc/spotify.profile b/etc/spotify.profile
index f75135ac7..8eac3610b 100644
--- a/etc/spotify.profile
+++ b/etc/spotify.profile
@@ -36,6 +36,7 @@ netfilter
36nogroups 36nogroups
37nonewprivs 37nonewprivs
38noroot 38noroot
39notv
39protocol unix,inet,inet6,netlink 40protocol unix,inet,inet6,netlink
40seccomp 41seccomp
41shell none 42shell none
@@ -48,4 +49,3 @@ private-tmp
48 49
49noexec ${HOME} 50noexec ${HOME}
50noexec /tmp 51noexec /tmp
51notv
diff --git a/etc/sqlitebrowser.profile b/etc/sqlitebrowser.profile
index 5b5ed3c61..bfa8cac8b 100644
--- a/etc/sqlitebrowser.profile
+++ b/etc/sqlitebrowser.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -31,4 +32,3 @@ private-tmp
31memory-deny-write-execute 32memory-deny-write-execute
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/ssh-agent.profile b/etc/ssh-agent.profile
index 891b9d0fd..0005f0ecb 100644
--- a/etc/ssh-agent.profile
+++ b/etc/ssh-agent.profile
@@ -21,6 +21,6 @@ netfilter
21no3d 21no3d
22nonewprivs 22nonewprivs
23noroot 23noroot
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26notv
diff --git a/etc/ssh.profile b/etc/ssh.profile
index 300511a60..3bb115631 100644
--- a/etc/ssh.profile
+++ b/etc/ssh.profile
@@ -22,6 +22,7 @@ nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24nosound 24nosound
25notv
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
27shell none 28shell none
@@ -33,4 +34,3 @@ private-dev
33memory-deny-write-execute 34memory-deny-write-execute
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/start-tor-browser.profile b/etc/start-tor-browser.profile
index 05817d06a..47cceaddd 100644
--- a/etc/start-tor-browser.profile
+++ b/etc/start-tor-browser.profile
@@ -16,6 +16,7 @@ netfilter
16nogroups 16nogroups
17nonewprivs 17nonewprivs
18noroot 18noroot
19notv
19protocol unix,inet,inet6 20protocol unix,inet,inet6
20seccomp 21seccomp
21shell none 22shell none
@@ -25,4 +26,3 @@ private-bin bash,dash,sh,grep,tail,env,gpg,id,readlink,dirname,test,mkdir,ln,sed
25private-dev 26private-dev
26private-etc fonts 27private-etc fonts
27private-tmp 28private-tmp
28notv
diff --git a/etc/steam.profile b/etc/steam.profile
index efd834cdc..ec6ea09cc 100644
--- a/etc/steam.profile
+++ b/etc/steam.profile
@@ -27,6 +27,7 @@ netfilter
27nogroups 27nogroups
28nonewprivs 28nonewprivs
29noroot 29noroot
30notv
30# novideo 31# novideo
31protocol unix,inet,inet6,netlink 32protocol unix,inet,inet6,netlink
32seccomp 33seccomp
@@ -36,4 +37,3 @@ shell none
36 37
37private-dev 38private-dev
38private-tmp 39private-tmp
39notv
diff --git a/etc/stellarium.profile b/etc/stellarium.profile
index 2b561eff0..eff80393e 100644
--- a/etc/stellarium.profile
+++ b/etc/stellarium.profile
@@ -25,6 +25,7 @@ nogroups
25nonewprivs 25nonewprivs
26noroot 26noroot
27nosound 27nosound
28notv
28protocol unix,inet,inet6,netlink 29protocol unix,inet,inet6,netlink
29seccomp 30seccomp
30shell none 31shell none
@@ -34,4 +35,3 @@ disable-mnt
34private-bin stellarium 35private-bin stellarium
35private-dev 36private-dev
36private-tmp 37private-tmp
37notv
diff --git a/etc/strings.profile b/etc/strings.profile
index 0ef004abe..4bbdcb97e 100644
--- a/etc/strings.profile
+++ b/etc/strings.profile
@@ -12,6 +12,7 @@ ignore noroot
12net none 12net none
13no3d 13no3d
14nosound 14nosound
15notv
15novideo 16novideo
16shell none 17shell none
17tracelog 18tracelog
@@ -21,4 +22,3 @@ private-dev
21memory-deny-write-execute 22memory-deny-write-execute
22 23
23include /etc/firejail/default.profile 24include /etc/firejail/default.profile
24notv
diff --git a/etc/supertux2.profile b/etc/supertux2.profile
index a74c476cb..0a99246cc 100644
--- a/etc/supertux2.profile
+++ b/etc/supertux2.profile
@@ -20,6 +20,7 @@ net none
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix,netlink 24protocol unix,netlink
24seccomp 25seccomp
25shell none 26shell none
@@ -28,4 +29,3 @@ shell none
28private-dev 29private-dev
29# private-etc none 30# private-etc none
30private-tmp 31private-tmp
31notv
diff --git a/etc/synfigstudio.profile b/etc/synfigstudio.profile
index 4a663bf3d..1ec2185f0 100644
--- a/etc/synfigstudio.profile
+++ b/etc/synfigstudio.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/tar.profile b/etc/tar.profile
index d0633d4ff..3fc0e975c 100644
--- a/etc/tar.profile
+++ b/etc/tar.profile
@@ -13,6 +13,7 @@ ignore noroot
13net none 13net none
14no3d 14no3d
15nosound 15nosound
16notv
16shell none 17shell none
17tracelog 18tracelog
18 19
@@ -22,4 +23,3 @@ private-dev
22private-etc passwd,group,localtime 23private-etc passwd,group,localtime
23 24
24include /etc/firejail/default.profile 25include /etc/firejail/default.profile
25notv
diff --git a/etc/telegram.profile b/etc/telegram.profile
index ea30928e6..5257083bc 100644
--- a/etc/telegram.profile
+++ b/etc/telegram.profile
@@ -15,6 +15,7 @@ caps.drop all
15netfilter 15netfilter
16nonewprivs 16nonewprivs
17noroot 17noroot
18notv
18protocol unix,inet,inet6 19protocol unix,inet,inet6
19seccomp 20seccomp
20 21
@@ -23,4 +24,3 @@ private-tmp
23 24
24noexec ${HOME} 25noexec ${HOME}
25noexec /tmp 26noexec /tmp
26notv
diff --git a/etc/tracker.profile b/etc/tracker.profile
index 5ca42fc1c..52929c548 100644
--- a/etc/tracker.profile
+++ b/etc/tracker.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix 25protocol unix
25seccomp 26seccomp
26shell none 27shell none
@@ -30,4 +31,3 @@ tracelog
30# private-dev 31# private-dev
31# private-etc fonts 32# private-etc fonts
32# private-tmp 33# private-tmp
33notv
diff --git a/etc/transmission-cli.profile b/etc/transmission-cli.profile
index e7c75e84b..b3a4bbb84 100644
--- a/etc/transmission-cli.profile
+++ b/etc/transmission-cli.profile
@@ -18,6 +18,7 @@ netfilter
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
23shell none 24shell none
@@ -29,4 +30,3 @@ private-etc none
29private-tmp 30private-tmp
30 31
31memory-deny-write-execute 32memory-deny-write-execute
32notv
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile
index a53e61b73..b8872adfe 100644
--- a/etc/transmission-gtk.profile
+++ b/etc/transmission-gtk.profile
@@ -25,6 +25,7 @@ netfilter
25nonewprivs 25nonewprivs
26noroot 26noroot
27nosound 27nosound
28notv
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
30shell none 31shell none
@@ -35,4 +36,3 @@ private-dev
35private-tmp 36private-tmp
36 37
37memory-deny-write-execute 38memory-deny-write-execute
38notv
diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile
index c4670c52e..083b293e1 100644
--- a/etc/transmission-qt.profile
+++ b/etc/transmission-qt.profile
@@ -25,6 +25,7 @@ netfilter
25nonewprivs 25nonewprivs
26noroot 26noroot
27nosound 27nosound
28notv
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
30shell none 31shell none
@@ -33,4 +34,3 @@ tracelog
33private-bin transmission-qt 34private-bin transmission-qt
34private-dev 35private-dev
35private-tmp 36private-tmp
36notv
diff --git a/etc/transmission-show.profile b/etc/transmission-show.profile
index ee67b6bb7..ad97b537a 100644
--- a/etc/transmission-show.profile
+++ b/etc/transmission-show.profile
@@ -18,6 +18,7 @@ net none
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix 22protocol unix
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ tracelog
27private-dev 28private-dev
28private-etc none 29private-etc none
29private-tmp 30private-tmp
30notv
diff --git a/etc/truecraft.profile b/etc/truecraft.profile
index a177ca7e3..186f6c7f7 100644
--- a/etc/truecraft.profile
+++ b/etc/truecraft.profile
@@ -23,6 +23,7 @@ caps.drop all
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26novideo 27novideo
27protocol unix,inet,inet6 28protocol unix,inet,inet6
28seccomp 29seccomp
@@ -34,4 +35,3 @@ private-tmp
34 35
35noexec ${HOME} 36noexec ${HOME}
36noexec /tmp 37noexec /tmp
37notv
diff --git a/etc/tuxguitar.profile b/etc/tuxguitar.profile
index df46cc698..5f64095f0 100644
--- a/etc/tuxguitar.profile
+++ b/etc/tuxguitar.profile
@@ -17,6 +17,7 @@ caps.drop all
17no3d 17no3d
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20novideo 21novideo
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
@@ -27,4 +28,3 @@ private-tmp
27 28
28# noexec ${HOME} - tuxguitar may fail to launch 29# noexec ${HOME} - tuxguitar may fail to launch
29noexec /tmp 30noexec /tmp
30notv
diff --git a/etc/uget-gtk.profile b/etc/uget-gtk.profile
index eaf03bed7..a9c332799 100644
--- a/etc/uget-gtk.profile
+++ b/etc/uget-gtk.profile
@@ -21,6 +21,7 @@ netfilter
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26shell none 27shell none
@@ -28,4 +29,3 @@ shell none
28private-bin uget-gtk 29private-bin uget-gtk
29private-dev 30private-dev
30private-tmp 31private-tmp
31notv
diff --git a/etc/unbound.profile b/etc/unbound.profile
index debba08fc..0e5539764 100644
--- a/etc/unbound.profile
+++ b/etc/unbound.profile
@@ -15,8 +15,8 @@ include /etc/firejail/disable-programs.inc
15 15
16no3d 16no3d
17nosound 17nosound
18notv
18seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,open_by_handle_at,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,perf_event_open 19seccomp.drop mount,umount2,ptrace,kexec_load,kexec_file_load,open_by_handle_at,init_module,finit_module,delete_module,iopl,ioperm,swapon,swapoff,syslog,process_vm_readv,process_vm_writev,sysfs,_sysctl,adjtimex,clock_adjtime,lookup_dcookie,perf_event_open,fanotify_init,kcmp,add_key,request_key,keyctl,uselib,acct,modify_ldt,pivot_root,io_setup,io_destroy,io_getevents,io_submit,io_cancel,remap_file_pages,mbind,get_mempolicy,set_mempolicy,migrate_pages,move_pages,vmsplice,perf_event_open
19 20
20private 21private
21private-dev 22private-dev
22notv
diff --git a/etc/unknown-horizons.profile b/etc/unknown-horizons.profile
index e211b5e4d..db768b883 100644
--- a/etc/unknown-horizons.profile
+++ b/etc/unknown-horizons.profile
@@ -19,6 +19,7 @@ caps.drop all
19nogroups 19nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22notv
22protocol unix,netlink,inet,inet6 23protocol unix,netlink,inet,inet6
23seccomp 24seccomp
24shell none 25shell none
@@ -27,4 +28,3 @@ shell none
27private-dev 28private-dev
28# private-etc none 29# private-etc none
29private-tmp 30private-tmp
30notv
diff --git a/etc/unrar.profile b/etc/unrar.profile
index 455ce8369..37227e5d3 100644
--- a/etc/unrar.profile
+++ b/etc/unrar.profile
@@ -13,6 +13,7 @@ ignore noroot
13net none 13net none
14no3d 14no3d
15nosound 15nosound
16notv
16shell none 17shell none
17tracelog 18tracelog
18 19
@@ -22,4 +23,3 @@ private-etc passwd,group,localtime
22private-tmp 23private-tmp
23 24
24include /etc/firejail/default.profile 25include /etc/firejail/default.profile
25notv
diff --git a/etc/unzip.profile b/etc/unzip.profile
index 57d0c7898..8a0a79bf8 100644
--- a/etc/unzip.profile
+++ b/etc/unzip.profile
@@ -13,6 +13,7 @@ ignore noroot
13net none 13net none
14no3d 14no3d
15nosound 15nosound
16notv
16shell none 17shell none
17tracelog 18tracelog
18 19
@@ -21,4 +22,3 @@ private-dev
21private-etc passwd,group,localtime 22private-etc passwd,group,localtime
22 23
23include /etc/firejail/default.profile 24include /etc/firejail/default.profile
24notv
diff --git a/etc/uudeview.profile b/etc/uudeview.profile
index 69fd43e4f..3f86a43f2 100644
--- a/etc/uudeview.profile
+++ b/etc/uudeview.profile
@@ -11,6 +11,7 @@ hostname uudeview
11ignore noroot 11ignore noroot
12net none 12net none
13nosound 13nosound
14notv
14shell none 15shell none
15tracelog 16tracelog
16 17
@@ -19,4 +20,3 @@ private-dev
19private-etc ld.so.preload 20private-etc ld.so.preload
20 21
21include /etc/firejail/default.profile 22include /etc/firejail/default.profile
22notv
diff --git a/etc/uzbl-browser.profile b/etc/uzbl-browser.profile
index 7bc6bee28..d8eba6c7d 100644
--- a/etc/uzbl-browser.profile
+++ b/etc/uzbl-browser.profile
@@ -27,7 +27,7 @@ caps.drop all
27netfilter 27netfilter
28nonewprivs 28nonewprivs
29noroot 29noroot
30notv
30protocol unix,inet,inet6 31protocol unix,inet,inet6
31seccomp 32seccomp
32tracelog 33tracelog
33notv
diff --git a/etc/viewnior.profile b/etc/viewnior.profile
index 25ac611e6..5f6b9848d 100644
--- a/etc/viewnior.profile
+++ b/etc/viewnior.profile
@@ -23,6 +23,7 @@ nogroups
23nonewprivs 23nonewprivs
24noroot 24noroot
25nosound 25nosound
26notv
26protocol unix 27protocol unix
27seccomp 28seccomp
28shell none 29shell none
@@ -32,4 +33,3 @@ private-bin viewnior
32private-dev 33private-dev
33private-etc fonts 34private-etc fonts
34private-tmp 35private-tmp
35notv
diff --git a/etc/viking.profile b/etc/viking.profile
index fd9744bc0..331a759c4 100644
--- a/etc/viking.profile
+++ b/etc/viking.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
25shell none 26shell none
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/vim.profile b/etc/vim.profile
index 169026166..adbcef008 100644
--- a/etc/vim.profile
+++ b/etc/vim.profile
@@ -18,6 +18,6 @@ netfilter
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
23notv
diff --git a/etc/vivaldi.profile b/etc/vivaldi.profile
index 366374b55..816548bc7 100644
--- a/etc/vivaldi.profile
+++ b/etc/vivaldi.profile
@@ -22,6 +22,7 @@ include /etc/firejail/whitelist-common.inc
22caps.keep sys_chroot,sys_admin 22caps.keep sys_chroot,sys_admin
23netfilter 23netfilter
24nogroups 24nogroups
25notv
25shell none 26shell none
26 27
27private-dev 28private-dev
@@ -29,4 +30,3 @@ private-dev
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/vym.profile b/etc/vym.profile
index d648082ab..c81bc580a 100644
--- a/etc/vym.profile
+++ b/etc/vym.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/w3m.profile b/etc/w3m.profile
index 2401416a4..f7f7d30b2 100644
--- a/etc/w3m.profile
+++ b/etc/w3m.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24protocol unix,inet,inet6 25protocol unix,inet,inet6
25seccomp 26seccomp
26shell none 27shell none
@@ -30,4 +31,3 @@ tracelog
30private-dev 31private-dev
31private-etc none 32private-etc none
32private-tmp 33private-tmp
33notv
diff --git a/etc/warzone2100.profile b/etc/warzone2100.profile
index 1485b0316..c40114b24 100644
--- a/etc/warzone2100.profile
+++ b/etc/warzone2100.profile
@@ -23,6 +23,7 @@ netfilter
23nogroups 23nogroups
24nonewprivs 24nonewprivs
25noroot 25noroot
26notv
26protocol unix,inet,inet6,netlink 27protocol unix,inet,inet6,netlink
27seccomp 28seccomp
28shell none 29shell none
@@ -32,4 +33,3 @@ disable-mnt
32private-bin warzone2100 33private-bin warzone2100
33private-dev 34private-dev
34private-tmp 35private-tmp
35notv
diff --git a/etc/waterfox.profile b/etc/waterfox.profile
index 541e8f350..af5ce150d 100644
--- a/etc/waterfox.profile
+++ b/etc/waterfox.profile
@@ -55,6 +55,7 @@ netfilter
55nogroups 55nogroups
56nonewprivs 56nonewprivs
57noroot 57noroot
58notv
58protocol unix,inet,inet6,netlink 59protocol unix,inet,inet6,netlink
59seccomp 60seccomp
60shell none 61shell none
@@ -68,4 +69,3 @@ private-tmp
68 69
69noexec ${HOME} 70noexec ${HOME}
70noexec /tmp 71noexec /tmp
71notv
diff --git a/etc/weechat.profile b/etc/weechat.profile
index 9dd1ea3a9..7a2c46cd1 100644
--- a/etc/weechat.profile
+++ b/etc/weechat.profile
@@ -14,10 +14,10 @@ caps.drop all
14netfilter 14netfilter
15nonewprivs 15nonewprivs
16noroot 16noroot
17notv
17protocol unix,inet,inet6 18protocol unix,inet,inet6
18seccomp 19seccomp
19 20
20# no private-bin support for various reasons: 21# no private-bin support for various reasons:
21# Plugins loaded: alias, aspell, charset, exec, fifo, guile, irc, 22# Plugins loaded: alias, aspell, charset, exec, fifo, guile, irc,
22# logger, lua, perl, python, relay, ruby, script, tcl, trigger, xferloading plugins 23# logger, lua, perl, python, relay, ruby, script, tcl, trigger, xferloading plugins
23notv
diff --git a/etc/wesnoth.profile b/etc/wesnoth.profile
index 1236044e2..4796b792e 100644
--- a/etc/wesnoth.profile
+++ b/etc/wesnoth.profile
@@ -25,9 +25,9 @@ include /etc/firejail/whitelist-common.inc
25caps.drop all 25caps.drop all
26nonewprivs 26nonewprivs
27noroot 27noroot
28notv
28protocol unix,inet,inet6 29protocol unix,inet,inet6
29seccomp 30seccomp
30 31
31private-dev 32private-dev
32private-tmp 33private-tmp
33notv
diff --git a/etc/wget.profile b/etc/wget.profile
index a93ae0627..553e03c33 100644
--- a/etc/wget.profile
+++ b/etc/wget.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -33,4 +34,3 @@ private-dev
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/wine.profile b/etc/wine.profile
index 44abb173a..0f7c48837 100644
--- a/etc/wine.profile
+++ b/etc/wine.profile
@@ -20,5 +20,5 @@ netfilter
20nogroups 20nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23seccomp
24notv 23notv
24seccomp
diff --git a/etc/wire.profile b/etc/wire.profile
index 74b72ea48..d1aba549d 100644
--- a/etc/wire.profile
+++ b/etc/wire.profile
@@ -21,6 +21,7 @@ netfilter
21nogroups 21nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24notv
24protocol unix,inet,inet6,netlink 25protocol unix,inet,inet6,netlink
25seccomp 26seccomp
26shell none 27shell none
@@ -28,4 +29,3 @@ shell none
28disable-mnt 29disable-mnt
29private-dev 30private-dev
30private-tmp 31private-tmp
31notv
diff --git a/etc/wireshark.profile b/etc/wireshark.profile
index be2d38126..d6b8ba23c 100644
--- a/etc/wireshark.profile
+++ b/etc/wireshark.profile
@@ -19,6 +19,7 @@ no3d
19# nonewprivs - breaks unprivileged wireshark usage 19# nonewprivs - breaks unprivileged wireshark usage
20# noroot 20# noroot
21nosound 21nosound
22notv
22# protocol unix,inet,inet6,netlink 23# protocol unix,inet,inet6,netlink
23# seccomp - breaks unprivileged wireshark usage 24# seccomp - breaks unprivileged wireshark usage
24shell none 25shell none
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/xchat.profile b/etc/xchat.profile
index 2cf9faf62..3297b24fc 100644
--- a/etc/xchat.profile
+++ b/etc/xchat.profile
@@ -14,8 +14,8 @@ include /etc/firejail/disable-programs.inc
14caps.drop all 14caps.drop all
15nonewprivs 15nonewprivs
16noroot 16noroot
17notv
17protocol unix,inet,inet6 18protocol unix,inet,inet6
18seccomp 19seccomp
19 20
20# private-bin requires perl, python, etc. 21# private-bin requires perl, python, etc.
21notv
diff --git a/etc/xed.profile b/etc/xed.profile
index eac7d0346..29c35c08c 100644
--- a/etc/xed.profile
+++ b/etc/xed.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21seccomp 22seccomp
22shell none 23shell none
23tracelog 24tracelog
@@ -25,4 +26,3 @@ tracelog
25private-bin xed 26private-bin xed
26private-dev 27private-dev
27private-tmp 28private-tmp
28notv
diff --git a/etc/xfburn.profile b/etc/xfburn.profile
index 7be9c69de..0f94698f2 100644
--- a/etc/xfburn.profile
+++ b/etc/xfburn.profile
@@ -18,6 +18,7 @@ nogroups
18nonewprivs 18nonewprivs
19noroot 19noroot
20nosound 20nosound
21notv
21protocol unix 22protocol unix
22seccomp 23seccomp
23shell none 24shell none
@@ -27,4 +28,3 @@ tracelog
27# private-dev 28# private-dev
28# private-etc fonts 29# private-etc fonts
29# private-tmp 30# private-tmp
30notv
diff --git a/etc/xfce4-dict.profile b/etc/xfce4-dict.profile
index 020965840..aea5aa80a 100644
--- a/etc/xfce4-dict.profile
+++ b/etc/xfce4-dict.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
@@ -30,4 +31,3 @@ private-tmp
30 31
31noexec ${HOME} 32noexec ${HOME}
32noexec /tmp 33noexec /tmp
33notv
diff --git a/etc/xfce4-notes.profile b/etc/xfce4-notes.profile
index dec1accf3..302b26c5e 100644
--- a/etc/xfce4-notes.profile
+++ b/etc/xfce4-notes.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix 26protocol unix
26seccomp 27seccomp
@@ -32,4 +33,3 @@ private-tmp
32 33
33noexec ${HOME} 34noexec ${HOME}
34noexec /tmp 35noexec /tmp
35notv
diff --git a/etc/xiphos.profile b/etc/xiphos.profile
index 82a55e30f..eae4e338d 100644
--- a/etc/xiphos.profile
+++ b/etc/xiphos.profile
@@ -26,6 +26,7 @@ nogroups
26nonewprivs 26nonewprivs
27noroot 27noroot
28nosound 28nosound
29notv
29protocol unix,inet,inet6 30protocol unix,inet,inet6
30seccomp 31seccomp
31shell none 32shell none
@@ -35,4 +36,3 @@ private-bin xiphos
35private-dev 36private-dev
36private-etc fonts,resolv.conf,sword 37private-etc fonts,resolv.conf,sword
37private-tmp 38private-tmp
38notv
diff --git a/etc/xmms.profile b/etc/xmms.profile
index b99c2d847..d2e6eddac 100644
--- a/etc/xmms.profile
+++ b/etc/xmms.profile
@@ -17,10 +17,10 @@ netfilter
17no3d 17no3d
18nonewprivs 18nonewprivs
19noroot 19noroot
20notv
20protocol unix,inet,inet6 21protocol unix,inet,inet6
21seccomp 22seccomp
22shell none 23shell none
23 24
24private-bin xmms 25private-bin xmms
25private-dev 26private-dev
26notv
diff --git a/etc/xonotic.profile b/etc/xonotic.profile
index 2ff75f9f5..5275e4a09 100644
--- a/etc/xonotic.profile
+++ b/etc/xonotic.profile
@@ -21,6 +21,7 @@ netfilter
21nogroups 21nogroups
22nonewprivs 22nonewprivs
23noroot 23noroot
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -33,4 +34,3 @@ private-tmp
33 34
34noexec ${HOME} 35noexec ${HOME}
35noexec /tmp 36noexec /tmp
36notv
diff --git a/etc/xpdf.profile b/etc/xpdf.profile
index 2672edfbe..ab2b33455 100644
--- a/etc/xpdf.profile
+++ b/etc/xpdf.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22novideo 23novideo
23protocol unix 24protocol unix
24seccomp 25seccomp
@@ -29,4 +30,3 @@ private-tmp
29 30
30noexec ${HOME} 31noexec ${HOME}
31noexec /tmp 32noexec /tmp
32notv
diff --git a/etc/xplayer.profile b/etc/xplayer.profile
index d887984e1..0722768d1 100644
--- a/etc/xplayer.profile
+++ b/etc/xplayer.profile
@@ -18,6 +18,7 @@ netfilter
18nogroups 18nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21notv
21protocol unix,inet,inet6 22protocol unix,inet,inet6
22seccomp 23seccomp
23shell none 24shell none
@@ -26,4 +27,3 @@ tracelog
26private-bin xplayer,xplayer-audio-preview,xplayer-video-thumbnailer 27private-bin xplayer,xplayer-audio-preview,xplayer-video-thumbnailer
27private-dev 28private-dev
28private-tmp 29private-tmp
29notv
diff --git a/etc/xreader.profile b/etc/xreader.profile
index 15226a4d0..cb5ad1ee6 100644
--- a/etc/xreader.profile
+++ b/etc/xreader.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -27,4 +28,3 @@ tracelog
27private-bin xreader, xreader-previewer, xreader-thumbnailer 28private-bin xreader, xreader-previewer, xreader-thumbnailer
28private-dev 29private-dev
29private-tmp 30private-tmp
30notv
diff --git a/etc/xviewer.profile b/etc/xviewer.profile
index e4cb200d1..6fa286937 100644
--- a/etc/xviewer.profile
+++ b/etc/xviewer.profile
@@ -20,6 +20,7 @@ nogroups
20nonewprivs 20nonewprivs
21noroot 21noroot
22nosound 22nosound
23notv
23protocol unix 24protocol unix
24seccomp 25seccomp
25shell none 26shell none
@@ -31,4 +32,3 @@ private-tmp
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/xzdec.profile b/etc/xzdec.profile
index 4481e2ee5..c7d3ebac3 100644
--- a/etc/xzdec.profile
+++ b/etc/xzdec.profile
@@ -12,10 +12,10 @@ ignore noroot
12net none 12net none
13no3d 13no3d
14nosound 14nosound
15notv
15shell none 16shell none
16tracelog 17tracelog
17 18
18private-dev 19private-dev
19 20
20include /etc/firejail/default.profile 21include /etc/firejail/default.profile
21notv
diff --git a/etc/youtube-dl.profile b/etc/youtube-dl.profile
index 39b4277c9..3e99add9c 100644
--- a/etc/youtube-dl.profile
+++ b/etc/youtube-dl.profile
@@ -21,6 +21,7 @@ nogroups
21nonewprivs 21nonewprivs
22noroot 22noroot
23nosound 23nosound
24notv
24novideo 25novideo
25protocol unix,inet,inet6 26protocol unix,inet,inet6
26seccomp 27seccomp
@@ -31,4 +32,3 @@ private-dev
31 32
32noexec ${HOME} 33noexec ${HOME}
33noexec /tmp 34noexec /tmp
34notv
diff --git a/etc/zathura.profile b/etc/zathura.profile
index 523d8ba1f..f495e1973 100644
--- a/etc/zathura.profile
+++ b/etc/zathura.profile
@@ -19,6 +19,7 @@ nogroups
19nonewprivs 19nonewprivs
20noroot 20noroot
21nosound 21nosound
22notv
22protocol unix 23protocol unix
23seccomp 24seccomp
24shell none 25shell none
@@ -29,4 +30,3 @@ private-etc fonts
29private-tmp 30private-tmp
30read-only ~/ 31read-only ~/
31read-write ~/.local/share/zathura/ 32read-write ~/.local/share/zathura/
32notv
diff --git a/etc/zoom.profile b/etc/zoom.profile
index 861c31982..8f52f2f7f 100644
--- a/etc/zoom.profile
+++ b/etc/zoom.profile
@@ -20,8 +20,8 @@ caps.drop all
20netfilter 20netfilter
21nonewprivs 21nonewprivs
22noroot 22noroot
23notv
23protocol unix,inet,inet6 24protocol unix,inet,inet6
24seccomp 25seccomp
25 26
26private-tmp 27private-tmp
27notv
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-26 14:02:24 +0000