diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-07-18 20:39:14 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-07-18 20:39:14 -0300 |
commit | f43382f1e9707b4fd5e63c7bfe881912aa4ee994 (patch) | |
tree | 499639bb962c8b071b153dcdad1b42af8286521d | |
parent | Add MS Edge Beta profile (diff) | |
download | firejail-f43382f1e9707b4fd5e63c7bfe881912aa4ee994.tar.gz firejail-f43382f1e9707b4fd5e63c7bfe881912aa4ee994.tar.zst firejail-f43382f1e9707b4fd5e63c7bfe881912aa4ee994.zip |
Revert "move whitelist/blacklist to allow/deny"
This reverts commit fe0f975f447d59977d90c3226cc8c623b31b20b3.
Note: This only reverts the changes from etc.
The 4 aliases introduced on commit 45f2ba544 are mere, well, aliases.
That is, they fail to address the different usability problems discussed
on [#3447][3447] and in fact only make things more confusing (as has
already been mentioned on [this][4379] and later comments). The main
reason is that the aliases do not meaningfully map to the original
commands. For example, the commands from each pair below seem like they
would do the exact same thing:
* `allow` and `nodeny`
* `deny` and `noallow`
Additionally, if these aliases are not the final commands, but only a
test/work-in-progress, then keeping the wide-scale search/replace
changes made on commit fe0f975f4 would only serve to cause confusion, as
users of firejail-git, contributors and downstream projects might start
changing the commands used on their profiles, only to later have to
change them again, potentially to completely different commands.
The sooner this is undone the better, as (besides the above reasons) the
more profile changes there are between the original commit and the
revert, the harder it is to e.g.: `git diff` versions of files across
the following revision ranges: before the commit, after the commit but
before the revert and after the revert. Note: This is still the case
even if a commit is [ignored by `git blame`][4390].
So let us revert fe0f975f4 and only reapply similar large-scale changes
once we have discussed and settled on better commands.
How the revert was applied: Despite using the auto-generated message
from `git revert`, to ensure correctness and to avoid conflicts the
changes were reverted in different steps: Firstly, revert the files
which can be safely reverted directly ("filestorevert"):
# Find out which files have been changed on fe0f975f44, but have not
# been changed afterwards and list them on "filestorevert"
git show --pretty='' --name-only fe0f975f44 -- etc | LC_ALL=C sort >allfiles
git diff --name-only fe0f975f44..master -- etc | LC_ALL=C sort >filestoignore
comm -2 -3 allfiles filestoignore >filestorevert
# Note: There are 3 extra files on filestoignore because they were
# added after commit fe0f975f44
wc -l allfiles filestoignore filestorevert | head -n 3
# 797 allfiles
# 8 filestoignore
# 792 filestorevert
# Automatically revert files in "filestorevert"
# See https://stackoverflow.com/a/23401018/10095231
tr '\n' '\000' <filestorevert | xargs -0 git show fe0f975f44 -- |
git apply --reverse
printf 'Total files reverted:\n'
git diff --name-only | wc -l
# 792
Secondly, do some search/replace on the rest:
tr '\n' '\000' <filestoignore | xargs -0 sed -i.bak \
-e 's/allow /whitelist /' -e 's/noallow /nowhitelist /' \
-e 's/deny /blacklist /' -e 's/nodeny /noblacklist /' \
-e 's/deny-nolog /blacklist-nolog /'
find etc -name '*.bak' -print0 | xargs -0 rm
Thirdly, verify the result. The following command shows the difference
between all the changes in etc from before fe0f975f44 and this commit
(inclusive):
git diff fe0f975f44~1 -- etc
From the output, it looks like all alias changes are fully reverted and
that the other changes to etc (from after fe0f975f44) remain, so the
revert seems to be done correctly.
[3447]: https://github.com/netblue30/firejail/issues/3447
[4379]: https://github.com/netblue30/firejail/issues/4379#issuecomment-876460222
[4390]: https://github.com/netblue30/firejail/issues/4390
798 files changed, 5084 insertions, 5084 deletions
diff --git a/etc/inc/allow-bin-sh.inc b/etc/inc/allow-bin-sh.inc index 59cd40878..d6c295414 100644 --- a/etc/inc/allow-bin-sh.inc +++ b/etc/inc/allow-bin-sh.inc | |||
@@ -2,6 +2,6 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-bin-sh.local | 3 | include allow-bin-sh.local |
4 | 4 | ||
5 | nodeny ${PATH}/bash | 5 | noblacklist ${PATH}/bash |
6 | nodeny ${PATH}/dash | 6 | noblacklist ${PATH}/dash |
7 | nodeny ${PATH}/sh | 7 | noblacklist ${PATH}/sh |
diff --git a/etc/inc/allow-common-devel.inc b/etc/inc/allow-common-devel.inc index 71b1483cd..011bbe226 100644 --- a/etc/inc/allow-common-devel.inc +++ b/etc/inc/allow-common-devel.inc | |||
@@ -3,29 +3,29 @@ | |||
3 | include allow-common-devel.local | 3 | include allow-common-devel.local |
4 | 4 | ||
5 | # Git | 5 | # Git |
6 | nodeny ${HOME}/.config/git | 6 | noblacklist ${HOME}/.config/git |
7 | nodeny ${HOME}/.gitconfig | 7 | noblacklist ${HOME}/.gitconfig |
8 | nodeny ${HOME}/.git-credentials | 8 | noblacklist ${HOME}/.git-credentials |
9 | 9 | ||
10 | # Java | 10 | # Java |
11 | nodeny ${HOME}/.gradle | 11 | noblacklist ${HOME}/.gradle |
12 | nodeny ${HOME}/.java | 12 | noblacklist ${HOME}/.java |
13 | 13 | ||
14 | # Node.js | 14 | # Node.js |
15 | nodeny ${HOME}/.node-gyp | 15 | noblacklist ${HOME}/.node-gyp |
16 | nodeny ${HOME}/.npm | 16 | noblacklist ${HOME}/.npm |
17 | nodeny ${HOME}/.npmrc | 17 | noblacklist ${HOME}/.npmrc |
18 | nodeny ${HOME}/.nvm | 18 | noblacklist ${HOME}/.nvm |
19 | nodeny ${HOME}/.yarn | 19 | noblacklist ${HOME}/.yarn |
20 | nodeny ${HOME}/.yarn-config | 20 | noblacklist ${HOME}/.yarn-config |
21 | nodeny ${HOME}/.yarncache | 21 | noblacklist ${HOME}/.yarncache |
22 | nodeny ${HOME}/.yarnrc | 22 | noblacklist ${HOME}/.yarnrc |
23 | 23 | ||
24 | # Python | 24 | # Python |
25 | nodeny ${HOME}/.pylint.d | 25 | noblacklist ${HOME}/.pylint.d |
26 | nodeny ${HOME}/.python-history | 26 | noblacklist ${HOME}/.python-history |
27 | nodeny ${HOME}/.python_history | 27 | noblacklist ${HOME}/.python_history |
28 | nodeny ${HOME}/.pythonhist | 28 | noblacklist ${HOME}/.pythonhist |
29 | 29 | ||
30 | # Rust | 30 | # Rust |
31 | nodeny ${HOME}/.cargo/* | 31 | noblacklist ${HOME}/.cargo/* |
diff --git a/etc/inc/allow-gjs.inc b/etc/inc/allow-gjs.inc index 2e2490079..c1366e093 100644 --- a/etc/inc/allow-gjs.inc +++ b/etc/inc/allow-gjs.inc | |||
@@ -2,11 +2,11 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-gjs.local | 3 | include allow-gjs.local |
4 | 4 | ||
5 | nodeny ${PATH}/gjs | 5 | noblacklist ${PATH}/gjs |
6 | nodeny ${PATH}/gjs-console | 6 | noblacklist ${PATH}/gjs-console |
7 | nodeny /usr/lib/gjs | 7 | noblacklist /usr/lib/gjs |
8 | nodeny /usr/lib/libgjs* | 8 | noblacklist /usr/lib/libgjs* |
9 | nodeny /usr/lib/libmozjs-* | 9 | noblacklist /usr/lib/libmozjs-* |
10 | nodeny /usr/lib64/gjs | 10 | noblacklist /usr/lib64/gjs |
11 | nodeny /usr/lib64/libgjs* | 11 | noblacklist /usr/lib64/libgjs* |
12 | nodeny /usr/lib64/libmozjs-* | 12 | noblacklist /usr/lib64/libmozjs-* |
diff --git a/etc/inc/allow-java.inc b/etc/inc/allow-java.inc index af44f3664..24d18fb77 100644 --- a/etc/inc/allow-java.inc +++ b/etc/inc/allow-java.inc | |||
@@ -2,8 +2,8 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-java.local | 3 | include allow-java.local |
4 | 4 | ||
5 | nodeny ${HOME}/.java | 5 | noblacklist ${HOME}/.java |
6 | nodeny ${PATH}/java | 6 | noblacklist ${PATH}/java |
7 | nodeny /etc/java | 7 | noblacklist /etc/java |
8 | nodeny /usr/lib/java | 8 | noblacklist /usr/lib/java |
9 | nodeny /usr/share/java | 9 | noblacklist /usr/share/java |
diff --git a/etc/inc/allow-lua.inc b/etc/inc/allow-lua.inc index 3d0a1997b..9c47e7a3b 100644 --- a/etc/inc/allow-lua.inc +++ b/etc/inc/allow-lua.inc | |||
@@ -2,11 +2,11 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-lua.local | 3 | include allow-lua.local |
4 | 4 | ||
5 | nodeny ${PATH}/lua* | 5 | noblacklist ${PATH}/lua* |
6 | nodeny /usr/include | 6 | noblacklist /usr/include |
7 | nodeny /usr/lib/liblua* | 7 | noblacklist /usr/lib/liblua* |
8 | nodeny /usr/lib/lua | 8 | noblacklist /usr/lib/lua |
9 | nodeny /usr/lib64/liblua* | 9 | noblacklist /usr/lib64/liblua* |
10 | nodeny /usr/lib64/lua | 10 | noblacklist /usr/lib64/lua |
11 | nodeny /usr/share/lua | 11 | noblacklist /usr/share/lua |
12 | nodeny /usr/share/lua* | 12 | noblacklist /usr/share/lua* |
diff --git a/etc/inc/allow-nodejs.inc b/etc/inc/allow-nodejs.inc index e915b3866..351c94ab8 100644 --- a/etc/inc/allow-nodejs.inc +++ b/etc/inc/allow-nodejs.inc | |||
@@ -2,8 +2,8 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-nodejs.local | 3 | include allow-nodejs.local |
4 | 4 | ||
5 | nodeny ${PATH}/node | 5 | noblacklist ${PATH}/node |
6 | nodeny /usr/include/node | 6 | noblacklist /usr/include/node |
7 | 7 | ||
8 | # Allow python for node-gyp (blacklisted by disable-interpreters.inc) | 8 | # Allow python for node-gyp (blacklisted by disable-interpreters.inc) |
9 | include allow-python2.inc | 9 | include allow-python2.inc |
diff --git a/etc/inc/allow-opengl-game.inc b/etc/inc/allow-opengl-game.inc index 00e35e983..5d2d6c5c1 100644 --- a/etc/inc/allow-opengl-game.inc +++ b/etc/inc/allow-opengl-game.inc | |||
@@ -2,6 +2,6 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-opengl-game.local | 3 | include allow-opengl-game.local |
4 | 4 | ||
5 | nodeny ${PATH}/bash | 5 | noblacklist ${PATH}/bash |
6 | allow /usr/share/opengl-games-utils/opengl-game-functions.sh | 6 | whitelist /usr/share/opengl-games-utils/opengl-game-functions.sh |
7 | private-bin basename,bash,cut,glxinfo,grep,head,sed,zenity | 7 | private-bin basename,bash,cut,glxinfo,grep,head,sed,zenity |
diff --git a/etc/inc/allow-perl.inc b/etc/inc/allow-perl.inc index 134d27239..5a1952c94 100644 --- a/etc/inc/allow-perl.inc +++ b/etc/inc/allow-perl.inc | |||
@@ -2,11 +2,11 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-perl.local | 3 | include allow-perl.local |
4 | 4 | ||
5 | nodeny ${PATH}/core_perl | 5 | noblacklist ${PATH}/core_perl |
6 | nodeny ${PATH}/cpan* | 6 | noblacklist ${PATH}/cpan* |
7 | nodeny ${PATH}/perl | 7 | noblacklist ${PATH}/perl |
8 | nodeny ${PATH}/site_perl | 8 | noblacklist ${PATH}/site_perl |
9 | nodeny ${PATH}/vendor_perl | 9 | noblacklist ${PATH}/vendor_perl |
10 | nodeny /usr/lib/perl* | 10 | noblacklist /usr/lib/perl* |
11 | nodeny /usr/lib64/perl* | 11 | noblacklist /usr/lib64/perl* |
12 | nodeny /usr/share/perl* | 12 | noblacklist /usr/share/perl* |
diff --git a/etc/inc/allow-php.inc b/etc/inc/allow-php.inc index 520c2019e..a0950dc26 100644 --- a/etc/inc/allow-php.inc +++ b/etc/inc/allow-php.inc | |||
@@ -2,6 +2,6 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-php.local | 3 | include allow-php.local |
4 | 4 | ||
5 | nodeny ${PATH}/php* | 5 | noblacklist ${PATH}/php* |
6 | nodeny /usr/lib/php* | 6 | noblacklist /usr/lib/php* |
7 | nodeny /usr/share/php* | 7 | noblacklist /usr/share/php* |
diff --git a/etc/inc/allow-python2.inc b/etc/inc/allow-python2.inc index f1830043a..b0525e2e1 100644 --- a/etc/inc/allow-python2.inc +++ b/etc/inc/allow-python2.inc | |||
@@ -2,8 +2,8 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-python2.local | 3 | include allow-python2.local |
4 | 4 | ||
5 | nodeny ${PATH}/python2* | 5 | noblacklist ${PATH}/python2* |
6 | nodeny /usr/include/python2* | 6 | noblacklist /usr/include/python2* |
7 | nodeny /usr/lib/python2* | 7 | noblacklist /usr/lib/python2* |
8 | nodeny /usr/local/lib/python2* | 8 | noblacklist /usr/local/lib/python2* |
9 | nodeny /usr/share/python2* | 9 | noblacklist /usr/share/python2* |
diff --git a/etc/inc/allow-python3.inc b/etc/inc/allow-python3.inc index e4b6ed1a9..d968886b0 100644 --- a/etc/inc/allow-python3.inc +++ b/etc/inc/allow-python3.inc | |||
@@ -2,9 +2,9 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-python3.local | 3 | include allow-python3.local |
4 | 4 | ||
5 | nodeny ${PATH}/python3* | 5 | noblacklist ${PATH}/python3* |
6 | nodeny /usr/include/python3* | 6 | noblacklist /usr/include/python3* |
7 | nodeny /usr/lib/python3* | 7 | noblacklist /usr/lib/python3* |
8 | nodeny /usr/lib64/python3* | 8 | noblacklist /usr/lib64/python3* |
9 | nodeny /usr/local/lib/python3* | 9 | noblacklist /usr/local/lib/python3* |
10 | nodeny /usr/share/python3* | 10 | noblacklist /usr/share/python3* |
diff --git a/etc/inc/allow-ruby.inc b/etc/inc/allow-ruby.inc index d949bbc84..a8c701219 100644 --- a/etc/inc/allow-ruby.inc +++ b/etc/inc/allow-ruby.inc | |||
@@ -2,5 +2,5 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-ruby.local | 3 | include allow-ruby.local |
4 | 4 | ||
5 | nodeny ${PATH}/ruby | 5 | noblacklist ${PATH}/ruby |
6 | nodeny /usr/lib/ruby | 6 | noblacklist /usr/lib/ruby |
diff --git a/etc/inc/allow-ssh.inc b/etc/inc/allow-ssh.inc index 44957bf32..67c78a483 100644 --- a/etc/inc/allow-ssh.inc +++ b/etc/inc/allow-ssh.inc | |||
@@ -2,7 +2,7 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include allow-ssh.local | 3 | include allow-ssh.local |
4 | 4 | ||
5 | nodeny ${HOME}/.ssh | 5 | noblacklist ${HOME}/.ssh |
6 | nodeny /etc/ssh | 6 | noblacklist /etc/ssh |
7 | nodeny /etc/ssh/ssh_config | 7 | noblacklist /etc/ssh/ssh_config |
8 | nodeny /tmp/ssh-* | 8 | noblacklist /tmp/ssh-* |
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 1283a3a3d..6df0c4990 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -5,63 +5,63 @@ include disable-common.local | |||
5 | # The following block breaks trash functionality in file managers | 5 | # The following block breaks trash functionality in file managers |
6 | #read-only ${HOME}/.local | 6 | #read-only ${HOME}/.local |
7 | #read-write ${HOME}/.local/share | 7 | #read-write ${HOME}/.local/share |
8 | deny ${HOME}/.local/share/Trash | 8 | blacklist ${HOME}/.local/share/Trash |
9 | 9 | ||
10 | # History files in $HOME and clipboard managers | 10 | # History files in $HOME and clipboard managers |
11 | deny-nolog ${HOME}/.*_history | 11 | blacklist-nolog ${HOME}/.*_history |
12 | deny-nolog ${HOME}/.adobe | 12 | blacklist-nolog ${HOME}/.adobe |
13 | deny-nolog ${HOME}/.cache/greenclip* | 13 | blacklist-nolog ${HOME}/.cache/greenclip* |
14 | deny-nolog ${HOME}/.histfile | 14 | blacklist-nolog ${HOME}/.histfile |
15 | deny-nolog ${HOME}/.history | 15 | blacklist-nolog ${HOME}/.history |
16 | deny-nolog ${HOME}/.kde/share/apps/klipper | 16 | blacklist-nolog ${HOME}/.kde/share/apps/klipper |
17 | deny-nolog ${HOME}/.kde4/share/apps/klipper | 17 | blacklist-nolog ${HOME}/.kde4/share/apps/klipper |
18 | deny-nolog ${HOME}/.local/share/fish/fish_history | 18 | blacklist-nolog ${HOME}/.local/share/fish/fish_history |
19 | deny-nolog ${HOME}/.local/share/klipper | 19 | blacklist-nolog ${HOME}/.local/share/klipper |
20 | deny-nolog ${HOME}/.macromedia | 20 | blacklist-nolog ${HOME}/.macromedia |
21 | deny-nolog ${HOME}/.mupdf.history | 21 | blacklist-nolog ${HOME}/.mupdf.history |
22 | deny-nolog ${HOME}/.python-history | 22 | blacklist-nolog ${HOME}/.python-history |
23 | deny-nolog ${HOME}/.python_history | 23 | blacklist-nolog ${HOME}/.python_history |
24 | deny-nolog ${HOME}/.pythonhist | 24 | blacklist-nolog ${HOME}/.pythonhist |
25 | deny-nolog ${HOME}/.lesshst | 25 | blacklist-nolog ${HOME}/.lesshst |
26 | deny-nolog ${HOME}/.viminfo | 26 | blacklist-nolog ${HOME}/.viminfo |
27 | deny-nolog /tmp/clipmenu* | 27 | blacklist-nolog /tmp/clipmenu* |
28 | 28 | ||
29 | # X11 session autostart | 29 | # X11 session autostart |
30 | # blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs | 30 | # blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs |
31 | deny ${HOME}/.Xsession | 31 | blacklist ${HOME}/.Xsession |
32 | deny ${HOME}/.blackbox | 32 | blacklist ${HOME}/.blackbox |
33 | deny ${HOME}/.config/autostart | 33 | blacklist ${HOME}/.config/autostart |
34 | deny ${HOME}/.config/autostart-scripts | 34 | blacklist ${HOME}/.config/autostart-scripts |
35 | deny ${HOME}/.config/awesome | 35 | blacklist ${HOME}/.config/awesome |
36 | deny ${HOME}/.config/i3 | 36 | blacklist ${HOME}/.config/i3 |
37 | deny ${HOME}/.config/sway | 37 | blacklist ${HOME}/.config/sway |
38 | deny ${HOME}/.config/lxsession/LXDE/autostart | 38 | blacklist ${HOME}/.config/lxsession/LXDE/autostart |
39 | deny ${HOME}/.config/openbox | 39 | blacklist ${HOME}/.config/openbox |
40 | deny ${HOME}/.config/plasma-workspace | 40 | blacklist ${HOME}/.config/plasma-workspace |
41 | deny ${HOME}/.config/startupconfig | 41 | blacklist ${HOME}/.config/startupconfig |
42 | deny ${HOME}/.config/startupconfigkeys | 42 | blacklist ${HOME}/.config/startupconfigkeys |
43 | deny ${HOME}/.fluxbox | 43 | blacklist ${HOME}/.fluxbox |
44 | deny ${HOME}/.gnomerc | 44 | blacklist ${HOME}/.gnomerc |
45 | deny ${HOME}/.kde/Autostart | 45 | blacklist ${HOME}/.kde/Autostart |
46 | deny ${HOME}/.kde/env | 46 | blacklist ${HOME}/.kde/env |
47 | deny ${HOME}/.kde/share/autostart | 47 | blacklist ${HOME}/.kde/share/autostart |
48 | deny ${HOME}/.kde/share/config/startupconfig | 48 | blacklist ${HOME}/.kde/share/config/startupconfig |
49 | deny ${HOME}/.kde/share/config/startupconfigkeys | 49 | blacklist ${HOME}/.kde/share/config/startupconfigkeys |
50 | deny ${HOME}/.kde/shutdown | 50 | blacklist ${HOME}/.kde/shutdown |
51 | deny ${HOME}/.kde4/env | 51 | blacklist ${HOME}/.kde4/env |
52 | deny ${HOME}/.kde4/Autostart | 52 | blacklist ${HOME}/.kde4/Autostart |
53 | deny ${HOME}/.kde4/share/autostart | 53 | blacklist ${HOME}/.kde4/share/autostart |
54 | deny ${HOME}/.kde4/shutdown | 54 | blacklist ${HOME}/.kde4/shutdown |
55 | deny ${HOME}/.kde4/share/config/startupconfig | 55 | blacklist ${HOME}/.kde4/share/config/startupconfig |
56 | deny ${HOME}/.kde4/share/config/startupconfigkeys | 56 | blacklist ${HOME}/.kde4/share/config/startupconfigkeys |
57 | deny ${HOME}/.local/share/autostart | 57 | blacklist ${HOME}/.local/share/autostart |
58 | deny ${HOME}/.xinitrc | 58 | blacklist ${HOME}/.xinitrc |
59 | deny ${HOME}/.xprofile | 59 | blacklist ${HOME}/.xprofile |
60 | deny ${HOME}/.xserverrc | 60 | blacklist ${HOME}/.xserverrc |
61 | deny ${HOME}/.xsession | 61 | blacklist ${HOME}/.xsession |
62 | deny ${HOME}/.xsessionrc | 62 | blacklist ${HOME}/.xsessionrc |
63 | deny /etc/X11/Xsession.d | 63 | blacklist /etc/X11/Xsession.d |
64 | deny /etc/xdg/autostart | 64 | blacklist /etc/xdg/autostart |
65 | read-only ${HOME}/.Xauthority | 65 | read-only ${HOME}/.Xauthority |
66 | 66 | ||
67 | # Session manager | 67 | # Session manager |
@@ -70,46 +70,46 @@ read-only ${HOME}/.Xauthority | |||
70 | #?HAS_X11: blacklist /tmp/.ICE-unix | 70 | #?HAS_X11: blacklist /tmp/.ICE-unix |
71 | 71 | ||
72 | # KDE config | 72 | # KDE config |
73 | deny ${HOME}/.cache/konsole | 73 | blacklist ${HOME}/.cache/konsole |
74 | deny ${HOME}/.config/khotkeysrc | 74 | blacklist ${HOME}/.config/khotkeysrc |
75 | deny ${HOME}/.config/krunnerrc | 75 | blacklist ${HOME}/.config/krunnerrc |
76 | deny ${HOME}/.config/kscreenlockerrc | 76 | blacklist ${HOME}/.config/kscreenlockerrc |
77 | deny ${HOME}/.config/ksslcertificatemanager | 77 | blacklist ${HOME}/.config/ksslcertificatemanager |
78 | deny ${HOME}/.config/kwalletrc | 78 | blacklist ${HOME}/.config/kwalletrc |
79 | deny ${HOME}/.config/kwinrc | 79 | blacklist ${HOME}/.config/kwinrc |
80 | deny ${HOME}/.config/kwinrulesrc | 80 | blacklist ${HOME}/.config/kwinrulesrc |
81 | deny ${HOME}/.config/plasma-locale-settings.sh | 81 | blacklist ${HOME}/.config/plasma-locale-settings.sh |
82 | deny ${HOME}/.config/plasma-org.kde.plasma.desktop-appletsrc | 82 | blacklist ${HOME}/.config/plasma-org.kde.plasma.desktop-appletsrc |
83 | deny ${HOME}/.config/plasmashellrc | 83 | blacklist ${HOME}/.config/plasmashellrc |
84 | deny ${HOME}/.config/plasmavaultrc | 84 | blacklist ${HOME}/.config/plasmavaultrc |
85 | deny ${HOME}/.kde/share/apps/kwin | 85 | blacklist ${HOME}/.kde/share/apps/kwin |
86 | deny ${HOME}/.kde/share/apps/plasma | 86 | blacklist ${HOME}/.kde/share/apps/plasma |
87 | deny ${HOME}/.kde/share/apps/solid | 87 | blacklist ${HOME}/.kde/share/apps/solid |
88 | deny ${HOME}/.kde/share/config/khotkeysrc | 88 | blacklist ${HOME}/.kde/share/config/khotkeysrc |
89 | deny ${HOME}/.kde/share/config/krunnerrc | 89 | blacklist ${HOME}/.kde/share/config/krunnerrc |
90 | deny ${HOME}/.kde/share/config/kscreensaverrc | 90 | blacklist ${HOME}/.kde/share/config/kscreensaverrc |
91 | deny ${HOME}/.kde/share/config/ksslcertificatemanager | 91 | blacklist ${HOME}/.kde/share/config/ksslcertificatemanager |
92 | deny ${HOME}/.kde/share/config/kwalletrc | 92 | blacklist ${HOME}/.kde/share/config/kwalletrc |
93 | deny ${HOME}/.kde/share/config/kwinrc | 93 | blacklist ${HOME}/.kde/share/config/kwinrc |
94 | deny ${HOME}/.kde/share/config/kwinrulesrc | 94 | blacklist ${HOME}/.kde/share/config/kwinrulesrc |
95 | deny ${HOME}/.kde/share/config/plasma-desktop-appletsrc | 95 | blacklist ${HOME}/.kde/share/config/plasma-desktop-appletsrc |
96 | deny ${HOME}/.kde4/share/apps/kwin | 96 | blacklist ${HOME}/.kde4/share/apps/kwin |
97 | deny ${HOME}/.kde4/share/apps/plasma | 97 | blacklist ${HOME}/.kde4/share/apps/plasma |
98 | deny ${HOME}/.kde4/share/apps/solid | 98 | blacklist ${HOME}/.kde4/share/apps/solid |
99 | deny ${HOME}/.kde4/share/config/khotkeysrc | 99 | blacklist ${HOME}/.kde4/share/config/khotkeysrc |
100 | deny ${HOME}/.kde4/share/config/krunnerrc | 100 | blacklist ${HOME}/.kde4/share/config/krunnerrc |
101 | deny ${HOME}/.kde4/share/config/kscreensaverrc | 101 | blacklist ${HOME}/.kde4/share/config/kscreensaverrc |
102 | deny ${HOME}/.kde4/share/config/ksslcertificatemanager | 102 | blacklist ${HOME}/.kde4/share/config/ksslcertificatemanager |
103 | deny ${HOME}/.kde4/share/config/kwalletrc | 103 | blacklist ${HOME}/.kde4/share/config/kwalletrc |
104 | deny ${HOME}/.kde4/share/config/kwinrc | 104 | blacklist ${HOME}/.kde4/share/config/kwinrc |
105 | deny ${HOME}/.kde4/share/config/kwinrulesrc | 105 | blacklist ${HOME}/.kde4/share/config/kwinrulesrc |
106 | deny ${HOME}/.kde4/share/config/plasma-desktop-appletsrc | 106 | blacklist ${HOME}/.kde4/share/config/plasma-desktop-appletsrc |
107 | deny ${HOME}/.local/share/kglobalaccel | 107 | blacklist ${HOME}/.local/share/kglobalaccel |
108 | deny ${HOME}/.local/share/kwin | 108 | blacklist ${HOME}/.local/share/kwin |
109 | deny ${HOME}/.local/share/plasma | 109 | blacklist ${HOME}/.local/share/plasma |
110 | deny ${HOME}/.local/share/plasmashell | 110 | blacklist ${HOME}/.local/share/plasmashell |
111 | deny ${HOME}/.local/share/solid | 111 | blacklist ${HOME}/.local/share/solid |
112 | deny /tmp/konsole-*.history | 112 | blacklist /tmp/konsole-*.history |
113 | read-only ${HOME}/.cache/ksycoca5_* | 113 | read-only ${HOME}/.cache/ksycoca5_* |
114 | read-only ${HOME}/.config/*notifyrc | 114 | read-only ${HOME}/.config/*notifyrc |
115 | read-only ${HOME}/.config/kdeglobals | 115 | read-only ${HOME}/.config/kdeglobals |
@@ -138,139 +138,139 @@ read-only ${HOME}/.local/share/kservices5 | |||
138 | read-only ${HOME}/.local/share/kssl | 138 | read-only ${HOME}/.local/share/kssl |
139 | 139 | ||
140 | # KDE sockets | 140 | # KDE sockets |
141 | deny ${RUNUSER}/*.slave-socket | 141 | blacklist ${RUNUSER}/*.slave-socket |
142 | deny ${RUNUSER}/kdeinit5__* | 142 | blacklist ${RUNUSER}/kdeinit5__* |
143 | deny ${RUNUSER}/kdesud_* | 143 | blacklist ${RUNUSER}/kdesud_* |
144 | # see #3358 | 144 | # see #3358 |
145 | #?HAS_NODBUS: blacklist ${RUNUSER}/ksocket-* | 145 | #?HAS_NODBUS: blacklist ${RUNUSER}/ksocket-* |
146 | #?HAS_NODBUS: blacklist /tmp/ksocket-* | 146 | #?HAS_NODBUS: blacklist /tmp/ksocket-* |
147 | 147 | ||
148 | # gnome | 148 | # gnome |
149 | # contains extensions, last used times of applications, and notifications | 149 | # contains extensions, last used times of applications, and notifications |
150 | deny ${HOME}/.local/share/gnome-shell | 150 | blacklist ${HOME}/.local/share/gnome-shell |
151 | # contains recently used files and serials of static/removable storage | 151 | # contains recently used files and serials of static/removable storage |
152 | deny ${HOME}/.local/share/gvfs-metadata | 152 | blacklist ${HOME}/.local/share/gvfs-metadata |
153 | # no direct modification of dconf database | 153 | # no direct modification of dconf database |
154 | read-only ${HOME}/.config/dconf | 154 | read-only ${HOME}/.config/dconf |
155 | deny ${RUNUSER}/gnome-session-leader-fifo | 155 | blacklist ${RUNUSER}/gnome-session-leader-fifo |
156 | deny ${RUNUSER}/gnome-shell | 156 | blacklist ${RUNUSER}/gnome-shell |
157 | deny ${RUNUSER}/gsconnect | 157 | blacklist ${RUNUSER}/gsconnect |
158 | 158 | ||
159 | # systemd | 159 | # systemd |
160 | deny ${HOME}/.config/systemd | 160 | blacklist ${HOME}/.config/systemd |
161 | deny ${HOME}/.local/share/systemd | 161 | blacklist ${HOME}/.local/share/systemd |
162 | deny /var/lib/systemd | 162 | blacklist /var/lib/systemd |
163 | deny ${PATH}/systemd-run | 163 | blacklist ${PATH}/systemd-run |
164 | deny ${RUNUSER}/systemd | 164 | blacklist ${RUNUSER}/systemd |
165 | deny ${PATH}/systemctl | 165 | blacklist ${PATH}/systemctl |
166 | deny /etc/systemd/system | 166 | blacklist /etc/systemd/system |
167 | deny /etc/systemd/network | 167 | blacklist /etc/systemd/network |
168 | # creates problems on Arch where /etc/resolv.conf is a symlink to /var/run/systemd/resolve/resolv.conf | 168 | # creates problems on Arch where /etc/resolv.conf is a symlink to /var/run/systemd/resolve/resolv.conf |
169 | #blacklist /var/run/systemd | 169 | #blacklist /var/run/systemd |
170 | 170 | ||
171 | # openrc | 171 | # openrc |
172 | deny /etc/runlevels/ | 172 | blacklist /etc/runlevels/ |
173 | deny /etc/init.d/ | 173 | blacklist /etc/init.d/ |
174 | deny /etc/rc.conf | 174 | blacklist /etc/rc.conf |
175 | 175 | ||
176 | # VirtualBox | 176 | # VirtualBox |
177 | deny ${HOME}/.VirtualBox | 177 | blacklist ${HOME}/.VirtualBox |
178 | deny ${HOME}/.config/VirtualBox | 178 | blacklist ${HOME}/.config/VirtualBox |
179 | deny ${HOME}/VirtualBox VMs | 179 | blacklist ${HOME}/VirtualBox VMs |
180 | 180 | ||
181 | # GNOME Boxes | 181 | # GNOME Boxes |
182 | deny ${HOME}/.config/gnome-boxes | 182 | blacklist ${HOME}/.config/gnome-boxes |
183 | deny ${HOME}/.local/share/gnome-boxes | 183 | blacklist ${HOME}/.local/share/gnome-boxes |
184 | 184 | ||
185 | # libvirt | 185 | # libvirt |
186 | deny ${HOME}/.cache/libvirt | 186 | blacklist ${HOME}/.cache/libvirt |
187 | deny ${HOME}/.config/libvirt | 187 | blacklist ${HOME}/.config/libvirt |
188 | deny ${RUNUSER}/libvirt | 188 | blacklist ${RUNUSER}/libvirt |
189 | deny /var/cache/libvirt | 189 | blacklist /var/cache/libvirt |
190 | deny /var/lib/libvirt | 190 | blacklist /var/lib/libvirt |
191 | deny /var/log/libvirt | 191 | blacklist /var/log/libvirt |
192 | 192 | ||
193 | # OCI-Containers / Podman | 193 | # OCI-Containers / Podman |
194 | deny ${RUNUSER}/containers | 194 | blacklist ${RUNUSER}/containers |
195 | deny ${RUNUSER}/crun | 195 | blacklist ${RUNUSER}/crun |
196 | deny ${RUNUSER}/libpod | 196 | blacklist ${RUNUSER}/libpod |
197 | deny ${RUNUSER}/runc | 197 | blacklist ${RUNUSER}/runc |
198 | deny ${RUNUSER}/toolbox | 198 | blacklist ${RUNUSER}/toolbox |
199 | 199 | ||
200 | # VeraCrypt | 200 | # VeraCrypt |
201 | deny ${HOME}/.VeraCrypt | 201 | blacklist ${HOME}/.VeraCrypt |
202 | deny ${PATH}/veracrypt | 202 | blacklist ${PATH}/veracrypt |
203 | deny ${PATH}/veracrypt-uninstall.sh | 203 | blacklist ${PATH}/veracrypt-uninstall.sh |
204 | deny /usr/share/applications/veracrypt.* | 204 | blacklist /usr/share/applications/veracrypt.* |
205 | deny /usr/share/pixmaps/veracrypt.* | 205 | blacklist /usr/share/pixmaps/veracrypt.* |
206 | deny /usr/share/veracrypt | 206 | blacklist /usr/share/veracrypt |
207 | 207 | ||
208 | # TrueCrypt | 208 | # TrueCrypt |
209 | deny ${HOME}/.TrueCrypt | 209 | blacklist ${HOME}/.TrueCrypt |
210 | deny ${PATH}/truecrypt | 210 | blacklist ${PATH}/truecrypt |
211 | deny ${PATH}/truecrypt-uninstall.sh | 211 | blacklist ${PATH}/truecrypt-uninstall.sh |
212 | deny /usr/share/applications/truecrypt.* | 212 | blacklist /usr/share/applications/truecrypt.* |
213 | deny /usr/share/pixmaps/truecrypt.* | 213 | blacklist /usr/share/pixmaps/truecrypt.* |
214 | deny /usr/share/truecrypt | 214 | blacklist /usr/share/truecrypt |
215 | 215 | ||
216 | # zuluCrypt | 216 | # zuluCrypt |
217 | deny ${HOME}/.zuluCrypt | 217 | blacklist ${HOME}/.zuluCrypt |
218 | deny ${HOME}/.zuluCrypt-socket | 218 | blacklist ${HOME}/.zuluCrypt-socket |
219 | deny ${PATH}/zuluCrypt-cli | 219 | blacklist ${PATH}/zuluCrypt-cli |
220 | deny ${PATH}/zuluMount-cli | 220 | blacklist ${PATH}/zuluMount-cli |
221 | 221 | ||
222 | # var | 222 | # var |
223 | deny /var/cache/apt | 223 | blacklist /var/cache/apt |
224 | deny /var/cache/pacman | 224 | blacklist /var/cache/pacman |
225 | deny /var/lib/apt | 225 | blacklist /var/lib/apt |
226 | deny /var/lib/clamav | 226 | blacklist /var/lib/clamav |
227 | deny /var/lib/dkms | 227 | blacklist /var/lib/dkms |
228 | deny /var/lib/mysql/mysql.sock | 228 | blacklist /var/lib/mysql/mysql.sock |
229 | deny /var/lib/mysqld/mysql.sock | 229 | blacklist /var/lib/mysqld/mysql.sock |
230 | deny /var/lib/pacman | 230 | blacklist /var/lib/pacman |
231 | deny /var/lib/upower | 231 | blacklist /var/lib/upower |
232 | # blacklist /var/log - a virtual /var/log directory (mostly empty) is build up by default for | 232 | # blacklist /var/log - a virtual /var/log directory (mostly empty) is build up by default for |
233 | # every sandbox, unless --writable-var-log switch is activated | 233 | # every sandbox, unless --writable-var-log switch is activated |
234 | deny /var/mail | 234 | blacklist /var/mail |
235 | deny /var/opt | 235 | blacklist /var/opt |
236 | deny /var/run/acpid.socket | 236 | blacklist /var/run/acpid.socket |
237 | deny /var/run/docker.sock | 237 | blacklist /var/run/docker.sock |
238 | deny /var/run/minissdpd.sock | 238 | blacklist /var/run/minissdpd.sock |
239 | deny /var/run/mysql/mysqld.sock | 239 | blacklist /var/run/mysql/mysqld.sock |
240 | deny /var/run/mysqld/mysqld.sock | 240 | blacklist /var/run/mysqld/mysqld.sock |
241 | deny /var/run/rpcbind.sock | 241 | blacklist /var/run/rpcbind.sock |
242 | deny /var/run/screens | 242 | blacklist /var/run/screens |
243 | deny /var/spool/anacron | 243 | blacklist /var/spool/anacron |
244 | deny /var/spool/cron | 244 | blacklist /var/spool/cron |
245 | deny /var/spool/mail | 245 | blacklist /var/spool/mail |
246 | 246 | ||
247 | # etc | 247 | # etc |
248 | deny /etc/anacrontab | 248 | blacklist /etc/anacrontab |
249 | deny /etc/cron* | 249 | blacklist /etc/cron* |
250 | deny /etc/profile.d | 250 | blacklist /etc/profile.d |
251 | deny /etc/rc.local | 251 | blacklist /etc/rc.local |
252 | # rc1.d, rc2.d, ... | 252 | # rc1.d, rc2.d, ... |
253 | deny /etc/rc?.d | 253 | blacklist /etc/rc?.d |
254 | deny /etc/kernel* | 254 | blacklist /etc/kernel* |
255 | deny /etc/grub* | 255 | blacklist /etc/grub* |
256 | deny /etc/dkms | 256 | blacklist /etc/dkms |
257 | deny /etc/apparmor* | 257 | blacklist /etc/apparmor* |
258 | deny /etc/selinux | 258 | blacklist /etc/selinux |
259 | deny /etc/modules* | 259 | blacklist /etc/modules* |
260 | deny /etc/logrotate* | 260 | blacklist /etc/logrotate* |
261 | deny /etc/adduser.conf | 261 | blacklist /etc/adduser.conf |
262 | 262 | ||
263 | # hide config for various intrusion detection systems | 263 | # hide config for various intrusion detection systems |
264 | deny /etc/rkhunter.conf | 264 | blacklist /etc/rkhunter.conf |
265 | deny /var/lib/rkhunter | 265 | blacklist /var/lib/rkhunter |
266 | deny /etc/chkrootkit.conf | 266 | blacklist /etc/chkrootkit.conf |
267 | deny /etc/lynis | 267 | blacklist /etc/lynis |
268 | deny /etc/aide | 268 | blacklist /etc/aide |
269 | deny /etc/logcheck | 269 | blacklist /etc/logcheck |
270 | deny /etc/tripwire | 270 | blacklist /etc/tripwire |
271 | deny /etc/snort | 271 | blacklist /etc/snort |
272 | deny /etc/fail2ban.conf | 272 | blacklist /etc/fail2ban.conf |
273 | deny /etc/suricata | 273 | blacklist /etc/suricata |
274 | 274 | ||
275 | # Startup files | 275 | # Startup files |
276 | read-only ${HOME}/.antigen | 276 | read-only ${HOME}/.antigen |
@@ -307,13 +307,13 @@ read-only ${HOME}/.zshrc | |||
307 | read-only ${HOME}/.zshrc.local | 307 | read-only ${HOME}/.zshrc.local |
308 | 308 | ||
309 | # Remote access | 309 | # Remote access |
310 | deny ${HOME}/.rhosts | 310 | blacklist ${HOME}/.rhosts |
311 | deny ${HOME}/.shosts | 311 | blacklist ${HOME}/.shosts |
312 | deny ${HOME}/.ssh/authorized_keys | 312 | blacklist ${HOME}/.ssh/authorized_keys |
313 | deny ${HOME}/.ssh/authorized_keys2 | 313 | blacklist ${HOME}/.ssh/authorized_keys2 |
314 | deny ${HOME}/.ssh/environment | 314 | blacklist ${HOME}/.ssh/environment |
315 | deny ${HOME}/.ssh/rc | 315 | blacklist ${HOME}/.ssh/rc |
316 | deny /etc/hosts.equiv | 316 | blacklist /etc/hosts.equiv |
317 | read-only ${HOME}/.ssh/config | 317 | read-only ${HOME}/.ssh/config |
318 | read-only ${HOME}/.ssh/config.d | 318 | read-only ${HOME}/.ssh/config.d |
319 | 319 | ||
@@ -374,200 +374,200 @@ read-only ${HOME}/.local/share/mime | |||
374 | read-only ${HOME}/.local/share/thumbnailers | 374 | read-only ${HOME}/.local/share/thumbnailers |
375 | 375 | ||
376 | # prevent access to ssh-agent | 376 | # prevent access to ssh-agent |
377 | deny /tmp/ssh-* | 377 | blacklist /tmp/ssh-* |
378 | 378 | ||
379 | # top secret | 379 | # top secret |
380 | deny ${HOME}/*.kdb | 380 | blacklist ${HOME}/*.kdb |
381 | deny ${HOME}/*.kdbx | 381 | blacklist ${HOME}/*.kdbx |
382 | deny ${HOME}/*.key | 382 | blacklist ${HOME}/*.key |
383 | deny ${HOME}/.Private | 383 | blacklist ${HOME}/.Private |
384 | deny ${HOME}/.caff | 384 | blacklist ${HOME}/.caff |
385 | deny ${HOME}/.cargo/credentials | 385 | blacklist ${HOME}/.cargo/credentials |
386 | deny ${HOME}/.cargo/credentials.toml | 386 | blacklist ${HOME}/.cargo/credentials.toml |
387 | deny ${HOME}/.cert | 387 | blacklist ${HOME}/.cert |
388 | deny ${HOME}/.config/keybase | 388 | blacklist ${HOME}/.config/keybase |
389 | deny ${HOME}/.davfs2/secrets | 389 | blacklist ${HOME}/.davfs2/secrets |
390 | deny ${HOME}/.ecryptfs | 390 | blacklist ${HOME}/.ecryptfs |
391 | deny ${HOME}/.fetchmailrc | 391 | blacklist ${HOME}/.fetchmailrc |
392 | deny ${HOME}/.fscrypt | 392 | blacklist ${HOME}/.fscrypt |
393 | deny ${HOME}/.git-credential-cache | 393 | blacklist ${HOME}/.git-credential-cache |
394 | deny ${HOME}/.git-credentials | 394 | blacklist ${HOME}/.git-credentials |
395 | deny ${HOME}/.gnome2/keyrings | 395 | blacklist ${HOME}/.gnome2/keyrings |
396 | deny ${HOME}/.gnupg | 396 | blacklist ${HOME}/.gnupg |
397 | deny ${HOME}/.config/hub | 397 | blacklist ${HOME}/.config/hub |
398 | deny ${HOME}/.kde/share/apps/kwallet | 398 | blacklist ${HOME}/.kde/share/apps/kwallet |
399 | deny ${HOME}/.kde4/share/apps/kwallet | 399 | blacklist ${HOME}/.kde4/share/apps/kwallet |
400 | deny ${HOME}/.local/share/keyrings | 400 | blacklist ${HOME}/.local/share/keyrings |
401 | deny ${HOME}/.local/share/kwalletd | 401 | blacklist ${HOME}/.local/share/kwalletd |
402 | deny ${HOME}/.local/share/plasma-vault | 402 | blacklist ${HOME}/.local/share/plasma-vault |
403 | deny ${HOME}/.msmtprc | 403 | blacklist ${HOME}/.msmtprc |
404 | deny ${HOME}/.mutt | 404 | blacklist ${HOME}/.mutt |
405 | deny ${HOME}/.muttrc | 405 | blacklist ${HOME}/.muttrc |
406 | deny ${HOME}/.netrc | 406 | blacklist ${HOME}/.netrc |
407 | deny ${HOME}/.nyx | 407 | blacklist ${HOME}/.nyx |
408 | deny ${HOME}/.pki | 408 | blacklist ${HOME}/.pki |
409 | deny ${HOME}/.local/share/pki | 409 | blacklist ${HOME}/.local/share/pki |
410 | deny ${HOME}/.smbcredentials | 410 | blacklist ${HOME}/.smbcredentials |
411 | deny ${HOME}/.ssh | 411 | blacklist ${HOME}/.ssh |
412 | deny ${HOME}/.vaults | 412 | blacklist ${HOME}/.vaults |
413 | deny /.fscrypt | 413 | blacklist /.fscrypt |
414 | deny /etc/davfs2/secrets | 414 | blacklist /etc/davfs2/secrets |
415 | deny /etc/group+ | 415 | blacklist /etc/group+ |
416 | deny /etc/group- | 416 | blacklist /etc/group- |
417 | deny /etc/gshadow | 417 | blacklist /etc/gshadow |
418 | deny /etc/gshadow+ | 418 | blacklist /etc/gshadow+ |
419 | deny /etc/gshadow- | 419 | blacklist /etc/gshadow- |
420 | deny /etc/passwd+ | 420 | blacklist /etc/passwd+ |
421 | deny /etc/passwd- | 421 | blacklist /etc/passwd- |
422 | deny /etc/shadow | 422 | blacklist /etc/shadow |
423 | deny /etc/shadow+ | 423 | blacklist /etc/shadow+ |
424 | deny /etc/shadow- | 424 | blacklist /etc/shadow- |
425 | deny /etc/ssh | 425 | blacklist /etc/ssh |
426 | deny /etc/ssh/* | 426 | blacklist /etc/ssh/* |
427 | deny /home/.ecryptfs | 427 | blacklist /home/.ecryptfs |
428 | deny /home/.fscrypt | 428 | blacklist /home/.fscrypt |
429 | deny /var/backup | 429 | blacklist /var/backup |
430 | 430 | ||
431 | # cloud provider configuration | 431 | # cloud provider configuration |
432 | deny ${HOME}/.aws | 432 | blacklist ${HOME}/.aws |
433 | deny ${HOME}/.boto | 433 | blacklist ${HOME}/.boto |
434 | deny ${HOME}/.config/gcloud | 434 | blacklist ${HOME}/.config/gcloud |
435 | deny ${HOME}/.kube | 435 | blacklist ${HOME}/.kube |
436 | deny ${HOME}/.passwd-s3fs | 436 | blacklist ${HOME}/.passwd-s3fs |
437 | deny ${HOME}/.s3cmd | 437 | blacklist ${HOME}/.s3cmd |
438 | deny /etc/boto.cfg | 438 | blacklist /etc/boto.cfg |
439 | 439 | ||
440 | # system directories | 440 | # system directories |
441 | deny /sbin | 441 | blacklist /sbin |
442 | deny /usr/local/sbin | 442 | blacklist /usr/local/sbin |
443 | deny /usr/sbin | 443 | blacklist /usr/sbin |
444 | 444 | ||
445 | # system management | 445 | # system management |
446 | deny ${PATH}/at | 446 | blacklist ${PATH}/at |
447 | deny ${PATH}/busybox | 447 | blacklist ${PATH}/busybox |
448 | deny ${PATH}/chage | 448 | blacklist ${PATH}/chage |
449 | deny ${PATH}/chfn | 449 | blacklist ${PATH}/chfn |
450 | deny ${PATH}/chsh | 450 | blacklist ${PATH}/chsh |
451 | deny ${PATH}/crontab | 451 | blacklist ${PATH}/crontab |
452 | deny ${PATH}/evtest | 452 | blacklist ${PATH}/evtest |
453 | deny ${PATH}/expiry | 453 | blacklist ${PATH}/expiry |
454 | deny ${PATH}/fusermount | 454 | blacklist ${PATH}/fusermount |
455 | deny ${PATH}/gksu | 455 | blacklist ${PATH}/gksu |
456 | deny ${PATH}/gksudo | 456 | blacklist ${PATH}/gksudo |
457 | deny ${PATH}/gpasswd | 457 | blacklist ${PATH}/gpasswd |
458 | deny ${PATH}/kdesudo | 458 | blacklist ${PATH}/kdesudo |
459 | deny ${PATH}/ksu | 459 | blacklist ${PATH}/ksu |
460 | deny ${PATH}/mount | 460 | blacklist ${PATH}/mount |
461 | deny ${PATH}/mount.ecryptfs_private | 461 | blacklist ${PATH}/mount.ecryptfs_private |
462 | deny ${PATH}/nc | 462 | blacklist ${PATH}/nc |
463 | deny ${PATH}/ncat | 463 | blacklist ${PATH}/ncat |
464 | deny ${PATH}/nmap | 464 | blacklist ${PATH}/nmap |
465 | deny ${PATH}/newgidmap | 465 | blacklist ${PATH}/newgidmap |
466 | deny ${PATH}/newgrp | 466 | blacklist ${PATH}/newgrp |
467 | deny ${PATH}/newuidmap | 467 | blacklist ${PATH}/newuidmap |
468 | deny ${PATH}/ntfs-3g | 468 | blacklist ${PATH}/ntfs-3g |
469 | deny ${PATH}/pkexec | 469 | blacklist ${PATH}/pkexec |
470 | deny ${PATH}/procmail | 470 | blacklist ${PATH}/procmail |
471 | deny ${PATH}/sg | 471 | blacklist ${PATH}/sg |
472 | deny ${PATH}/strace | 472 | blacklist ${PATH}/strace |
473 | deny ${PATH}/su | 473 | blacklist ${PATH}/su |
474 | deny ${PATH}/sudo | 474 | blacklist ${PATH}/sudo |
475 | deny ${PATH}/tcpdump | 475 | blacklist ${PATH}/tcpdump |
476 | deny ${PATH}/umount | 476 | blacklist ${PATH}/umount |
477 | deny ${PATH}/unix_chkpwd | 477 | blacklist ${PATH}/unix_chkpwd |
478 | deny ${PATH}/xev | 478 | blacklist ${PATH}/xev |
479 | deny ${PATH}/xinput | 479 | blacklist ${PATH}/xinput |
480 | 480 | ||
481 | # other SUID binaries | 481 | # other SUID binaries |
482 | deny /usr/lib/virtualbox | 482 | blacklist /usr/lib/virtualbox |
483 | deny /usr/lib64/virtualbox | 483 | blacklist /usr/lib64/virtualbox |
484 | 484 | ||
485 | # prevent lxterminal connecting to an existing lxterminal session | 485 | # prevent lxterminal connecting to an existing lxterminal session |
486 | deny /tmp/.lxterminal-socket* | 486 | blacklist /tmp/.lxterminal-socket* |
487 | # prevent tmux connecting to an existing session | 487 | # prevent tmux connecting to an existing session |
488 | deny /tmp/tmux-* | 488 | blacklist /tmp/tmux-* |
489 | 489 | ||
490 | # disable terminals running as server resulting in sandbox escape | 490 | # disable terminals running as server resulting in sandbox escape |
491 | deny ${PATH}/lxterminal | 491 | blacklist ${PATH}/lxterminal |
492 | deny ${PATH}/gnome-terminal | 492 | blacklist ${PATH}/gnome-terminal |
493 | deny ${PATH}/gnome-terminal.wrapper | 493 | blacklist ${PATH}/gnome-terminal.wrapper |
494 | deny ${PATH}/lilyterm | 494 | blacklist ${PATH}/lilyterm |
495 | deny ${PATH}/mate-terminal | 495 | blacklist ${PATH}/mate-terminal |
496 | deny ${PATH}/mate-terminal.wrapper | 496 | blacklist ${PATH}/mate-terminal.wrapper |
497 | deny ${PATH}/pantheon-terminal | 497 | blacklist ${PATH}/pantheon-terminal |
498 | deny ${PATH}/roxterm | 498 | blacklist ${PATH}/roxterm |
499 | deny ${PATH}/roxterm-config | 499 | blacklist ${PATH}/roxterm-config |
500 | deny ${PATH}/terminix | 500 | blacklist ${PATH}/terminix |
501 | deny ${PATH}/tilix | 501 | blacklist ${PATH}/tilix |
502 | deny ${PATH}/urxvtc | 502 | blacklist ${PATH}/urxvtc |
503 | deny ${PATH}/urxvtcd | 503 | blacklist ${PATH}/urxvtcd |
504 | deny ${PATH}/xfce4-terminal | 504 | blacklist ${PATH}/xfce4-terminal |
505 | deny ${PATH}/xfce4-terminal.wrapper | 505 | blacklist ${PATH}/xfce4-terminal.wrapper |
506 | # blacklist ${PATH}/konsole | 506 | # blacklist ${PATH}/konsole |
507 | # konsole doesn't seem to have this problem - last tested on Ubuntu 16.04 | 507 | # konsole doesn't seem to have this problem - last tested on Ubuntu 16.04 |
508 | 508 | ||
509 | # kernel files | 509 | # kernel files |
510 | deny /initrd* | 510 | blacklist /initrd* |
511 | deny /vmlinuz* | 511 | blacklist /vmlinuz* |
512 | 512 | ||
513 | # snapshot files | 513 | # snapshot files |
514 | deny /.snapshots | 514 | blacklist /.snapshots |
515 | 515 | ||
516 | # flatpak | 516 | # flatpak |
517 | deny ${HOME}/.cache/flatpak | 517 | blacklist ${HOME}/.cache/flatpak |
518 | deny ${HOME}/.config/flatpak | 518 | blacklist ${HOME}/.config/flatpak |
519 | nodeny ${HOME}/.local/share/flatpak/exports | 519 | noblacklist ${HOME}/.local/share/flatpak/exports |
520 | read-only ${HOME}/.local/share/flatpak/exports | 520 | read-only ${HOME}/.local/share/flatpak/exports |
521 | deny ${HOME}/.local/share/flatpak/* | 521 | blacklist ${HOME}/.local/share/flatpak/* |
522 | deny ${HOME}/.var | 522 | blacklist ${HOME}/.var |
523 | deny ${RUNUSER}/app | 523 | blacklist ${RUNUSER}/app |
524 | deny ${RUNUSER}/doc | 524 | blacklist ${RUNUSER}/doc |
525 | deny ${RUNUSER}/.dbus-proxy | 525 | blacklist ${RUNUSER}/.dbus-proxy |
526 | deny ${RUNUSER}/.flatpak | 526 | blacklist ${RUNUSER}/.flatpak |
527 | deny ${RUNUSER}/.flatpak-cache | 527 | blacklist ${RUNUSER}/.flatpak-cache |
528 | deny ${RUNUSER}/.flatpak-helper | 528 | blacklist ${RUNUSER}/.flatpak-helper |
529 | deny /usr/share/flatpak | 529 | blacklist /usr/share/flatpak |
530 | nodeny /var/lib/flatpak/exports | 530 | noblacklist /var/lib/flatpak/exports |
531 | deny /var/lib/flatpak/* | 531 | blacklist /var/lib/flatpak/* |
532 | # most of the time bwrap is SUID binary | 532 | # most of the time bwrap is SUID binary |
533 | deny ${PATH}/bwrap | 533 | blacklist ${PATH}/bwrap |
534 | 534 | ||
535 | # snap | 535 | # snap |
536 | deny ${RUNUSER}/snapd-session-agent.socket | 536 | blacklist ${RUNUSER}/snapd-session-agent.socket |
537 | 537 | ||
538 | # mail directories used by mutt | 538 | # mail directories used by mutt |
539 | deny ${HOME}/.Mail | 539 | blacklist ${HOME}/.Mail |
540 | deny ${HOME}/.mail | 540 | blacklist ${HOME}/.mail |
541 | deny ${HOME}/.signature | 541 | blacklist ${HOME}/.signature |
542 | deny ${HOME}/Mail | 542 | blacklist ${HOME}/Mail |
543 | deny ${HOME}/mail | 543 | blacklist ${HOME}/mail |
544 | deny ${HOME}/postponed | 544 | blacklist ${HOME}/postponed |
545 | deny ${HOME}/sent | 545 | blacklist ${HOME}/sent |
546 | 546 | ||
547 | # kernel configuration | 547 | # kernel configuration |
548 | deny /proc/config.gz | 548 | blacklist /proc/config.gz |
549 | 549 | ||
550 | # prevent DNS malware attempting to communicate with the server | 550 | # prevent DNS malware attempting to communicate with the server |
551 | # using regular DNS tools | 551 | # using regular DNS tools |
552 | deny ${PATH}/dig | 552 | blacklist ${PATH}/dig |
553 | deny ${PATH}/dlint | 553 | blacklist ${PATH}/dlint |
554 | deny ${PATH}/dns2tcp | 554 | blacklist ${PATH}/dns2tcp |
555 | deny ${PATH}/dnssec-* | 555 | blacklist ${PATH}/dnssec-* |
556 | deny ${PATH}/dnswalk | 556 | blacklist ${PATH}/dnswalk |
557 | deny ${PATH}/drill | 557 | blacklist ${PATH}/drill |
558 | deny ${PATH}/host | 558 | blacklist ${PATH}/host |
559 | deny ${PATH}/iodine | 559 | blacklist ${PATH}/iodine |
560 | deny ${PATH}/kdig | 560 | blacklist ${PATH}/kdig |
561 | deny ${PATH}/khost | 561 | blacklist ${PATH}/khost |
562 | deny ${PATH}/knsupdate | 562 | blacklist ${PATH}/knsupdate |
563 | deny ${PATH}/ldns-* | 563 | blacklist ${PATH}/ldns-* |
564 | deny ${PATH}/ldnsd | 564 | blacklist ${PATH}/ldnsd |
565 | deny ${PATH}/nslookup | 565 | blacklist ${PATH}/nslookup |
566 | deny ${PATH}/resolvectl | 566 | blacklist ${PATH}/resolvectl |
567 | deny ${PATH}/unbound-host | 567 | blacklist ${PATH}/unbound-host |
568 | 568 | ||
569 | # rest of ${RUNUSER} | 569 | # rest of ${RUNUSER} |
570 | deny ${RUNUSER}/*.lock | 570 | blacklist ${RUNUSER}/*.lock |
571 | deny ${RUNUSER}/inaccessible | 571 | blacklist ${RUNUSER}/inaccessible |
572 | deny ${RUNUSER}/pk-debconf-socket | 572 | blacklist ${RUNUSER}/pk-debconf-socket |
573 | deny ${RUNUSER}/update-notifier.pid | 573 | blacklist ${RUNUSER}/update-notifier.pid |
diff --git a/etc/inc/disable-devel.inc b/etc/inc/disable-devel.inc index a893eb3f3..e74b1b40b 100644 --- a/etc/inc/disable-devel.inc +++ b/etc/inc/disable-devel.inc | |||
@@ -5,65 +5,65 @@ include disable-devel.local | |||
5 | # development tools | 5 | # development tools |
6 | 6 | ||
7 | # clang/llvm | 7 | # clang/llvm |
8 | deny ${PATH}/clang* | 8 | blacklist ${PATH}/clang* |
9 | deny ${PATH}/lldb* | 9 | blacklist ${PATH}/lldb* |
10 | deny ${PATH}/llvm* | 10 | blacklist ${PATH}/llvm* |
11 | # see issue #2106 - it disables hardware acceleration in Firefox on Radeon GPU | 11 | # see issue #2106 - it disables hardware acceleration in Firefox on Radeon GPU |
12 | # blacklist /usr/lib/llvm* | 12 | # blacklist /usr/lib/llvm* |
13 | 13 | ||
14 | # GCC | 14 | # GCC |
15 | deny ${PATH}/as | 15 | blacklist ${PATH}/as |
16 | deny ${PATH}/cc | 16 | blacklist ${PATH}/cc |
17 | deny ${PATH}/c++* | 17 | blacklist ${PATH}/c++* |
18 | deny ${PATH}/c8* | 18 | blacklist ${PATH}/c8* |
19 | deny ${PATH}/c9* | 19 | blacklist ${PATH}/c9* |
20 | deny ${PATH}/cpp* | 20 | blacklist ${PATH}/cpp* |
21 | deny ${PATH}/g++* | 21 | blacklist ${PATH}/g++* |
22 | deny ${PATH}/gcc* | 22 | blacklist ${PATH}/gcc* |
23 | deny ${PATH}/gdb | 23 | blacklist ${PATH}/gdb |
24 | deny ${PATH}/ld | 24 | blacklist ${PATH}/ld |
25 | deny ${PATH}/*-gcc* | 25 | blacklist ${PATH}/*-gcc* |
26 | deny ${PATH}/*-g++* | 26 | blacklist ${PATH}/*-g++* |
27 | deny ${PATH}/*-gcc* | 27 | blacklist ${PATH}/*-gcc* |
28 | deny ${PATH}/*-g++* | 28 | blacklist ${PATH}/*-g++* |
29 | # seems to create problems on Gentoo | 29 | # seems to create problems on Gentoo |
30 | #blacklist /usr/lib/gcc | 30 | #blacklist /usr/lib/gcc |
31 | 31 | ||
32 | #Go | 32 | #Go |
33 | deny ${PATH}/gccgo | 33 | blacklist ${PATH}/gccgo |
34 | deny ${PATH}/go | 34 | blacklist ${PATH}/go |
35 | deny ${PATH}/gofmt | 35 | blacklist ${PATH}/gofmt |
36 | 36 | ||
37 | # Java | 37 | # Java |
38 | deny ${PATH}/java | 38 | blacklist ${PATH}/java |
39 | deny ${PATH}/javac | 39 | blacklist ${PATH}/javac |
40 | deny /etc/java | 40 | blacklist /etc/java |
41 | deny /usr/lib/java | 41 | blacklist /usr/lib/java |
42 | deny /usr/share/java | 42 | blacklist /usr/share/java |
43 | 43 | ||
44 | #OpenSSL | 44 | #OpenSSL |
45 | deny ${PATH}/openssl | 45 | blacklist ${PATH}/openssl |
46 | deny ${PATH}/openssl-1.0 | 46 | blacklist ${PATH}/openssl-1.0 |
47 | 47 | ||
48 | #Rust | 48 | #Rust |
49 | deny ${PATH}/rust-gdb | 49 | blacklist ${PATH}/rust-gdb |
50 | deny ${PATH}/rust-lldb | 50 | blacklist ${PATH}/rust-lldb |
51 | deny ${PATH}/rustc | 51 | blacklist ${PATH}/rustc |
52 | deny ${HOME}/.rustup | 52 | blacklist ${HOME}/.rustup |
53 | 53 | ||
54 | # tcc - Tiny C Compiler | 54 | # tcc - Tiny C Compiler |
55 | deny ${PATH}/tcc | 55 | blacklist ${PATH}/tcc |
56 | deny ${PATH}/x86_64-tcc | 56 | blacklist ${PATH}/x86_64-tcc |
57 | deny /usr/lib/tcc | 57 | blacklist /usr/lib/tcc |
58 | 58 | ||
59 | # Valgrind | 59 | # Valgrind |
60 | deny ${PATH}/valgrind* | 60 | blacklist ${PATH}/valgrind* |
61 | deny /usr/lib/valgrind | 61 | blacklist /usr/lib/valgrind |
62 | 62 | ||
63 | 63 | ||
64 | # Source-Code | 64 | # Source-Code |
65 | 65 | ||
66 | deny /usr/src | 66 | blacklist /usr/src |
67 | deny /usr/local/src | 67 | blacklist /usr/local/src |
68 | deny /usr/include | 68 | blacklist /usr/include |
69 | deny /usr/local/include | 69 | blacklist /usr/local/include |
diff --git a/etc/inc/disable-interpreters.inc b/etc/inc/disable-interpreters.inc index c77d9a490..5d8a236fb 100644 --- a/etc/inc/disable-interpreters.inc +++ b/etc/inc/disable-interpreters.inc | |||
@@ -3,66 +3,66 @@ | |||
3 | include disable-interpreters.local | 3 | include disable-interpreters.local |
4 | 4 | ||
5 | # gjs | 5 | # gjs |
6 | deny ${PATH}/gjs | 6 | blacklist ${PATH}/gjs |
7 | deny ${PATH}/gjs-console | 7 | blacklist ${PATH}/gjs-console |
8 | deny /usr/lib/gjs | 8 | blacklist /usr/lib/gjs |
9 | deny /usr/lib/libgjs* | 9 | blacklist /usr/lib/libgjs* |
10 | deny /usr/lib64/gjs | 10 | blacklist /usr/lib64/gjs |
11 | deny /usr/lib64/libgjs* | 11 | blacklist /usr/lib64/libgjs* |
12 | 12 | ||
13 | # Lua | 13 | # Lua |
14 | deny ${PATH}/lua* | 14 | blacklist ${PATH}/lua* |
15 | deny /usr/include/lua* | 15 | blacklist /usr/include/lua* |
16 | deny /usr/lib/liblua* | 16 | blacklist /usr/lib/liblua* |
17 | deny /usr/lib/lua | 17 | blacklist /usr/lib/lua |
18 | deny /usr/lib64/liblua* | 18 | blacklist /usr/lib64/liblua* |
19 | deny /usr/lib64/lua | 19 | blacklist /usr/lib64/lua |
20 | deny /usr/share/lua* | 20 | blacklist /usr/share/lua* |
21 | 21 | ||
22 | # mozjs | 22 | # mozjs |
23 | deny /usr/lib/libmozjs-* | 23 | blacklist /usr/lib/libmozjs-* |
24 | deny /usr/lib64/libmozjs-* | 24 | blacklist /usr/lib64/libmozjs-* |
25 | 25 | ||
26 | # Node.js | 26 | # Node.js |
27 | deny ${PATH}/node | 27 | blacklist ${PATH}/node |
28 | deny /usr/include/node | 28 | blacklist /usr/include/node |
29 | 29 | ||
30 | # nvm | 30 | # nvm |
31 | deny ${HOME}/.nvm | 31 | blacklist ${HOME}/.nvm |
32 | 32 | ||
33 | # Perl | 33 | # Perl |
34 | deny ${PATH}/core_perl | 34 | blacklist ${PATH}/core_perl |
35 | deny ${PATH}/cpan* | 35 | blacklist ${PATH}/cpan* |
36 | deny ${PATH}/perl | 36 | blacklist ${PATH}/perl |
37 | deny ${PATH}/site_perl | 37 | blacklist ${PATH}/site_perl |
38 | deny ${PATH}/vendor_perl | 38 | blacklist ${PATH}/vendor_perl |
39 | deny /usr/lib/perl* | 39 | blacklist /usr/lib/perl* |
40 | deny /usr/lib64/perl* | 40 | blacklist /usr/lib64/perl* |
41 | deny /usr/share/perl* | 41 | blacklist /usr/share/perl* |
42 | 42 | ||
43 | # PHP | 43 | # PHP |
44 | deny ${PATH}/php* | 44 | blacklist ${PATH}/php* |
45 | deny /usr/lib/php* | 45 | blacklist /usr/lib/php* |
46 | deny /usr/share/php* | 46 | blacklist /usr/share/php* |
47 | 47 | ||
48 | # Ruby | 48 | # Ruby |
49 | deny ${PATH}/ruby | 49 | blacklist ${PATH}/ruby |
50 | deny /usr/lib/ruby | 50 | blacklist /usr/lib/ruby |
51 | 51 | ||
52 | # Programs using python: deluge, firefox addons, filezilla, cherrytree, xchat, hexchat, libreoffice, scribus | 52 | # Programs using python: deluge, firefox addons, filezilla, cherrytree, xchat, hexchat, libreoffice, scribus |
53 | # Python 2 | 53 | # Python 2 |
54 | deny ${PATH}/python2* | 54 | blacklist ${PATH}/python2* |
55 | deny /usr/include/python2* | 55 | blacklist /usr/include/python2* |
56 | deny /usr/lib/python2* | 56 | blacklist /usr/lib/python2* |
57 | deny /usr/local/lib/python2* | 57 | blacklist /usr/local/lib/python2* |
58 | deny /usr/share/python2* | 58 | blacklist /usr/share/python2* |
59 | 59 | ||
60 | # You will want to add noblacklist for python3 stuff in the firefox and/or chromium profiles if you use the Gnome connector (see Issue #2026) | 60 | # You will want to add noblacklist for python3 stuff in the firefox and/or chromium profiles if you use the Gnome connector (see Issue #2026) |
61 | 61 | ||
62 | # Python 3 | 62 | # Python 3 |
63 | deny ${PATH}/python3* | 63 | blacklist ${PATH}/python3* |
64 | deny /usr/include/python3* | 64 | blacklist /usr/include/python3* |
65 | deny /usr/lib/python3* | 65 | blacklist /usr/lib/python3* |
66 | deny /usr/lib64/python3* | 66 | blacklist /usr/lib64/python3* |
67 | deny /usr/local/lib/python3* | 67 | blacklist /usr/local/lib/python3* |
68 | deny /usr/share/python3* | 68 | blacklist /usr/share/python3* |
diff --git a/etc/inc/disable-passwdmgr.inc b/etc/inc/disable-passwdmgr.inc index 0a61bc46f..3ed9a1b14 100644 --- a/etc/inc/disable-passwdmgr.inc +++ b/etc/inc/disable-passwdmgr.inc | |||
@@ -2,18 +2,18 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include disable-passwdmgr.local | 3 | include disable-passwdmgr.local |
4 | 4 | ||
5 | deny ${HOME}/.config/Bitwarden | 5 | blacklist ${HOME}/.config/Bitwarden |
6 | deny ${HOME}/.config/KeePass | 6 | blacklist ${HOME}/.config/KeePass |
7 | deny ${HOME}/.config/keepass | 7 | blacklist ${HOME}/.config/keepass |
8 | deny ${HOME}/.config/keepassx | 8 | blacklist ${HOME}/.config/keepassx |
9 | deny ${HOME}/.config/keepassxc | 9 | blacklist ${HOME}/.config/keepassxc |
10 | deny ${HOME}/.config/KeePassXCrc | 10 | blacklist ${HOME}/.config/KeePassXCrc |
11 | deny ${HOME}/.config/Sinew Software Systems | 11 | blacklist ${HOME}/.config/Sinew Software Systems |
12 | deny ${HOME}/.fpm | 12 | blacklist ${HOME}/.fpm |
13 | deny ${HOME}/.keepass | 13 | blacklist ${HOME}/.keepass |
14 | deny ${HOME}/.keepassx | 14 | blacklist ${HOME}/.keepassx |
15 | deny ${HOME}/.keepassxc | 15 | blacklist ${HOME}/.keepassxc |
16 | deny ${HOME}/.lastpass | 16 | blacklist ${HOME}/.lastpass |
17 | deny ${HOME}/.local/share/KeePass | 17 | blacklist ${HOME}/.local/share/KeePass |
18 | deny ${HOME}/.local/share/keepass | 18 | blacklist ${HOME}/.local/share/keepass |
19 | deny ${HOME}/.password-store | 19 | blacklist ${HOME}/.password-store |
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 5fe2f8c28..fd907034f 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -2,1097 +2,1097 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include disable-programs.local | 3 | include disable-programs.local |
4 | 4 | ||
5 | deny ${HOME}/.*coin | 5 | blacklist ${HOME}/.*coin |
6 | deny ${HOME}/.8pecxstudios | 6 | blacklist ${HOME}/.8pecxstudios |
7 | deny ${HOME}/.AndroidStudio* | 7 | blacklist ${HOME}/.AndroidStudio* |
8 | deny ${HOME}/.Atom | 8 | blacklist ${HOME}/.Atom |
9 | deny ${HOME}/.CLion* | 9 | blacklist ${HOME}/.CLion* |
10 | deny ${HOME}/.FBReader | 10 | blacklist ${HOME}/.FBReader |
11 | deny ${HOME}/.FontForge | 11 | blacklist ${HOME}/.FontForge |
12 | deny ${HOME}/.IdeaIC* | 12 | blacklist ${HOME}/.IdeaIC* |
13 | deny ${HOME}/.LuminanceHDR | 13 | blacklist ${HOME}/.LuminanceHDR |
14 | deny ${HOME}/.Mathematica | 14 | blacklist ${HOME}/.Mathematica |
15 | deny ${HOME}/.Natron | 15 | blacklist ${HOME}/.Natron |
16 | deny ${HOME}/.PlayOnLinux | 16 | blacklist ${HOME}/.PlayOnLinux |
17 | deny ${HOME}/.PyCharm* | 17 | blacklist ${HOME}/.PyCharm* |
18 | deny ${HOME}/.Sayonara | 18 | blacklist ${HOME}/.Sayonara |
19 | deny ${HOME}/.Steam | 19 | blacklist ${HOME}/.Steam |
20 | deny ${HOME}/.Steampath | 20 | blacklist ${HOME}/.Steampath |
21 | deny ${HOME}/.Steampid | 21 | blacklist ${HOME}/.Steampid |
22 | deny ${HOME}/.TelegramDesktop | 22 | blacklist ${HOME}/.TelegramDesktop |
23 | deny ${HOME}/.VSCodium | 23 | blacklist ${HOME}/.VSCodium |
24 | deny ${HOME}/.ViberPC | 24 | blacklist ${HOME}/.ViberPC |
25 | deny ${HOME}/.VirtualBox | 25 | blacklist ${HOME}/.VirtualBox |
26 | deny ${HOME}/.WebStorm* | 26 | blacklist ${HOME}/.WebStorm* |
27 | deny ${HOME}/.Wolfram Research | 27 | blacklist ${HOME}/.Wolfram Research |
28 | deny ${HOME}/.ZAP | 28 | blacklist ${HOME}/.ZAP |
29 | deny ${HOME}/.aMule | 29 | blacklist ${HOME}/.aMule |
30 | deny ${HOME}/.abook | 30 | blacklist ${HOME}/.abook |
31 | deny ${HOME}/.addressbook | 31 | blacklist ${HOME}/.addressbook |
32 | deny ${HOME}/.alpine-smime | 32 | blacklist ${HOME}/.alpine-smime |
33 | deny ${HOME}/.android | 33 | blacklist ${HOME}/.android |
34 | deny ${HOME}/.anydesk | 34 | blacklist ${HOME}/.anydesk |
35 | deny ${HOME}/.arduino15 | 35 | blacklist ${HOME}/.arduino15 |
36 | deny ${HOME}/.aria2 | 36 | blacklist ${HOME}/.aria2 |
37 | deny ${HOME}/.arm | 37 | blacklist ${HOME}/.arm |
38 | deny ${HOME}/.asunder_album_artist | 38 | blacklist ${HOME}/.asunder_album_artist |
39 | deny ${HOME}/.asunder_album_genre | 39 | blacklist ${HOME}/.asunder_album_genre |
40 | deny ${HOME}/.asunder_album_title | 40 | blacklist ${HOME}/.asunder_album_title |
41 | deny ${HOME}/.atom | 41 | blacklist ${HOME}/.atom |
42 | deny ${HOME}/.attic | 42 | blacklist ${HOME}/.attic |
43 | deny ${HOME}/.audacity-data | 43 | blacklist ${HOME}/.audacity-data |
44 | deny ${HOME}/.avidemux6 | 44 | blacklist ${HOME}/.avidemux6 |
45 | deny ${HOME}/.ballbuster.hs | 45 | blacklist ${HOME}/.ballbuster.hs |
46 | deny ${HOME}/.balsa | 46 | blacklist ${HOME}/.balsa |
47 | deny ${HOME}/.bcast5 | 47 | blacklist ${HOME}/.bcast5 |
48 | deny ${HOME}/.bibletime | 48 | blacklist ${HOME}/.bibletime |
49 | deny ${HOME}/.bitcoin | 49 | blacklist ${HOME}/.bitcoin |
50 | deny ${HOME}/.blobby | 50 | blacklist ${HOME}/.blobby |
51 | deny ${HOME}/.bogofilter | 51 | blacklist ${HOME}/.bogofilter |
52 | deny ${HOME}/.bzf | 52 | blacklist ${HOME}/.bzf |
53 | deny ${HOME}/.cargo/* | 53 | blacklist ${HOME}/.cargo/* |
54 | deny ${HOME}/.claws-mail | 54 | blacklist ${HOME}/.claws-mail |
55 | deny ${HOME}/.cliqz | 55 | blacklist ${HOME}/.cliqz |
56 | deny ${HOME}/.clion* | 56 | blacklist ${HOME}/.clion* |
57 | deny ${HOME}/.clonk | 57 | blacklist ${HOME}/.clonk |
58 | deny ${HOME}/.config/0ad | 58 | blacklist ${HOME}/.config/0ad |
59 | deny ${HOME}/.config/2048-qt | 59 | blacklist ${HOME}/.config/2048-qt |
60 | deny ${HOME}/.config/Atom | 60 | blacklist ${HOME}/.config/Atom |
61 | deny ${HOME}/.config/Audaciousrc | 61 | blacklist ${HOME}/.config/Audaciousrc |
62 | deny ${HOME}/.config/Authenticator | 62 | blacklist ${HOME}/.config/Authenticator |
63 | deny ${HOME}/.config/Beaker Browser | 63 | blacklist ${HOME}/.config/Beaker Browser |
64 | deny ${HOME}/.config/Bitcoin | 64 | blacklist ${HOME}/.config/Bitcoin |
65 | deny ${HOME}/.config/Bitwarden | 65 | blacklist ${HOME}/.config/Bitwarden |
66 | deny ${HOME}/.config/Brackets | 66 | blacklist ${HOME}/.config/Brackets |
67 | deny ${HOME}/.config/BraveSoftware | 67 | blacklist ${HOME}/.config/BraveSoftware |
68 | deny ${HOME}/.config/Clementine | 68 | blacklist ${HOME}/.config/Clementine |
69 | deny ${HOME}/.config/Code | 69 | blacklist ${HOME}/.config/Code |
70 | deny ${HOME}/.config/Code - OSS | 70 | blacklist ${HOME}/.config/Code - OSS |
71 | deny ${HOME}/.config/Code Industry | 71 | blacklist ${HOME}/.config/Code Industry |
72 | deny ${HOME}/.config/Cryptocat | 72 | blacklist ${HOME}/.config/Cryptocat |
73 | deny ${HOME}/.config/Debauchee/Barrier.conf | 73 | blacklist ${HOME}/.config/Debauchee/Barrier.conf |
74 | deny ${HOME}/.config/Dharkael | 74 | blacklist ${HOME}/.config/Dharkael |
75 | deny ${HOME}/.config/ENCOM | 75 | blacklist ${HOME}/.config/ENCOM |
76 | deny ${HOME}/.config/Element | 76 | blacklist ${HOME}/.config/Element |
77 | deny ${HOME}/.config/Element (Riot) | 77 | blacklist ${HOME}/.config/Element (Riot) |
78 | deny ${HOME}/.config/Enox | 78 | blacklist ${HOME}/.config/Enox |
79 | deny ${HOME}/.config/Epic | 79 | blacklist ${HOME}/.config/Epic |
80 | deny ${HOME}/.config/Ferdi | 80 | blacklist ${HOME}/.config/Ferdi |
81 | deny ${HOME}/.config/Flavio Tordini | 81 | blacklist ${HOME}/.config/Flavio Tordini |
82 | deny ${HOME}/.config/Franz | 82 | blacklist ${HOME}/.config/Franz |
83 | deny ${HOME}/.config/FreeCAD | 83 | blacklist ${HOME}/.config/FreeCAD |
84 | deny ${HOME}/.config/FreeTube | 84 | blacklist ${HOME}/.config/FreeTube |
85 | deny ${HOME}/.config/Fritzing | 85 | blacklist ${HOME}/.config/Fritzing |
86 | deny ${HOME}/.config/GIMP | 86 | blacklist ${HOME}/.config/GIMP |
87 | deny ${HOME}/.config/GitHub Desktop | 87 | blacklist ${HOME}/.config/GitHub Desktop |
88 | deny ${HOME}/.config/Gitter | 88 | blacklist ${HOME}/.config/Gitter |
89 | deny ${HOME}/.config/Google | 89 | blacklist ${HOME}/.config/Google |
90 | deny ${HOME}/.config/Google Play Music Desktop Player | 90 | blacklist ${HOME}/.config/Google Play Music Desktop Player |
91 | deny ${HOME}/.config/Gpredict | 91 | blacklist ${HOME}/.config/Gpredict |
92 | deny ${HOME}/.config/INRIA | 92 | blacklist ${HOME}/.config/INRIA |
93 | deny ${HOME}/.config/InSilmaril | 93 | blacklist ${HOME}/.config/InSilmaril |
94 | deny ${HOME}/.config/Jitsi Meet | 94 | blacklist ${HOME}/.config/Jitsi Meet |
95 | deny ${HOME}/.config/JetBrains/CLion* | 95 | blacklist ${HOME}/.config/JetBrains/CLion* |
96 | deny ${HOME}/.config/KDE/neochat | 96 | blacklist ${HOME}/.config/KDE/neochat |
97 | deny ${HOME}/.config/Kid3 | 97 | blacklist ${HOME}/.config/Kid3 |
98 | deny ${HOME}/.config/Kingsoft | 98 | blacklist ${HOME}/.config/Kingsoft |
99 | deny ${HOME}/.config/LibreCAD | 99 | blacklist ${HOME}/.config/LibreCAD |
100 | deny ${HOME}/.config/Loop_Hero | 100 | blacklist ${HOME}/.config/Loop_Hero |
101 | deny ${HOME}/.config/Luminance | 101 | blacklist ${HOME}/.config/Luminance |
102 | deny ${HOME}/.config/LyX | 102 | blacklist ${HOME}/.config/LyX |
103 | deny ${HOME}/.config/Mattermost | 103 | blacklist ${HOME}/.config/Mattermost |
104 | deny ${HOME}/.config/Meltytech | 104 | blacklist ${HOME}/.config/Meltytech |
105 | deny ${HOME}/.config/Mendeley Ltd. | 105 | blacklist ${HOME}/.config/Mendeley Ltd. |
106 | deny ${HOME}/.config/Microsoft | 106 | blacklist ${HOME}/.config/Microsoft |
107 | deny ${HOME}/.config/Min | 107 | blacklist ${HOME}/.config/Min |
108 | deny ${HOME}/.config/ModTheSpire | 108 | blacklist ${HOME}/.config/ModTheSpire |
109 | deny ${HOME}/.config/Mousepad | 109 | blacklist ${HOME}/.config/Mousepad |
110 | deny ${HOME}/.config/Mumble | 110 | blacklist ${HOME}/.config/Mumble |
111 | deny ${HOME}/.config/MusE | 111 | blacklist ${HOME}/.config/MusE |
112 | deny ${HOME}/.config/MuseScore | 112 | blacklist ${HOME}/.config/MuseScore |
113 | deny ${HOME}/.config/MusicBrainz | 113 | blacklist ${HOME}/.config/MusicBrainz |
114 | deny ${HOME}/.config/Nathan Osman | 114 | blacklist ${HOME}/.config/Nathan Osman |
115 | deny ${HOME}/.config/Nextcloud | 115 | blacklist ${HOME}/.config/Nextcloud |
116 | deny ${HOME}/.config/NitroShare | 116 | blacklist ${HOME}/.config/NitroShare |
117 | deny ${HOME}/.config/Nylas Mail | 117 | blacklist ${HOME}/.config/Nylas Mail |
118 | deny ${HOME}/.config/PBE | 118 | blacklist ${HOME}/.config/PBE |
119 | deny ${HOME}/.config/PacmanLogViewer | 119 | blacklist ${HOME}/.config/PacmanLogViewer |
120 | deny ${HOME}/.config/PawelStolowski | 120 | blacklist ${HOME}/.config/PawelStolowski |
121 | deny ${HOME}/.config/Philipp Schmieder | 121 | blacklist ${HOME}/.config/Philipp Schmieder |
122 | deny ${HOME}/.config/Pinta | 122 | blacklist ${HOME}/.config/Pinta |
123 | deny ${HOME}/.config/QGIS | 123 | blacklist ${HOME}/.config/QGIS |
124 | deny ${HOME}/.config/QMediathekView | 124 | blacklist ${HOME}/.config/QMediathekView |
125 | deny ${HOME}/.config/Qlipper | 125 | blacklist ${HOME}/.config/Qlipper |
126 | deny ${HOME}/.config/QuiteRss | 126 | blacklist ${HOME}/.config/QuiteRss |
127 | deny ${HOME}/.config/QuiteRssrc | 127 | blacklist ${HOME}/.config/QuiteRssrc |
128 | deny ${HOME}/.config/Quotient | 128 | blacklist ${HOME}/.config/Quotient |
129 | deny ${HOME}/.config/Rambox | 129 | blacklist ${HOME}/.config/Rambox |
130 | deny ${HOME}/.config/Riot | 130 | blacklist ${HOME}/.config/Riot |
131 | deny ${HOME}/.config/Rocket.Chat | 131 | blacklist ${HOME}/.config/Rocket.Chat |
132 | deny ${HOME}/.config/RogueLegacy | 132 | blacklist ${HOME}/.config/RogueLegacy |
133 | deny ${HOME}/.config/RogueLegacyStorageContainer | 133 | blacklist ${HOME}/.config/RogueLegacyStorageContainer |
134 | deny ${HOME}/.config/Signal | 134 | blacklist ${HOME}/.config/Signal |
135 | deny ${HOME}/.config/Sinew Software Systems | 135 | blacklist ${HOME}/.config/Sinew Software Systems |
136 | deny ${HOME}/.config/Slack | 136 | blacklist ${HOME}/.config/Slack |
137 | deny ${HOME}/.config/Standard Notes | 137 | blacklist ${HOME}/.config/Standard Notes |
138 | deny ${HOME}/.config/SubDownloader | 138 | blacklist ${HOME}/.config/SubDownloader |
139 | deny ${HOME}/.config/Thunar | 139 | blacklist ${HOME}/.config/Thunar |
140 | deny ${HOME}/.config/Twitch | 140 | blacklist ${HOME}/.config/Twitch |
141 | deny ${HOME}/.config/Unknown Organization | 141 | blacklist ${HOME}/.config/Unknown Organization |
142 | deny ${HOME}/.config/VirtualBox | 142 | blacklist ${HOME}/.config/VirtualBox |
143 | deny ${HOME}/.config/Whalebird | 143 | blacklist ${HOME}/.config/Whalebird |
144 | deny ${HOME}/.config/Wire | 144 | blacklist ${HOME}/.config/Wire |
145 | deny ${HOME}/.config/Youtube | 145 | blacklist ${HOME}/.config/Youtube |
146 | deny ${HOME}/.config/ZeGrapher Project | 146 | blacklist ${HOME}/.config/ZeGrapher Project |
147 | deny ${HOME}/.config/Zeal | 147 | blacklist ${HOME}/.config/Zeal |
148 | deny ${HOME}/.config/Zulip | 148 | blacklist ${HOME}/.config/Zulip |
149 | deny ${HOME}/.config/aacs | 149 | blacklist ${HOME}/.config/aacs |
150 | deny ${HOME}/.config/abiword | 150 | blacklist ${HOME}/.config/abiword |
151 | deny ${HOME}/.config/agenda | 151 | blacklist ${HOME}/.config/agenda |
152 | deny ${HOME}/.config/akonadi* | 152 | blacklist ${HOME}/.config/akonadi* |
153 | deny ${HOME}/.config/akregatorrc | 153 | blacklist ${HOME}/.config/akregatorrc |
154 | deny ${HOME}/.config/alacritty | 154 | blacklist ${HOME}/.config/alacritty |
155 | deny ${HOME}/.config/ardour4 | 155 | blacklist ${HOME}/.config/ardour4 |
156 | deny ${HOME}/.config/ardour5 | 156 | blacklist ${HOME}/.config/ardour5 |
157 | deny ${HOME}/.config/aria2 | 157 | blacklist ${HOME}/.config/aria2 |
158 | deny ${HOME}/.config/arkrc | 158 | blacklist ${HOME}/.config/arkrc |
159 | deny ${HOME}/.config/artha.conf | 159 | blacklist ${HOME}/.config/artha.conf |
160 | deny ${HOME}/.config/artha.log | 160 | blacklist ${HOME}/.config/artha.log |
161 | deny ${HOME}/.config/asunder | 161 | blacklist ${HOME}/.config/asunder |
162 | deny ${HOME}/.config/atril | 162 | blacklist ${HOME}/.config/atril |
163 | deny ${HOME}/.config/audacious | 163 | blacklist ${HOME}/.config/audacious |
164 | deny ${HOME}/.config/autokey | 164 | blacklist ${HOME}/.config/autokey |
165 | deny ${HOME}/.config/avidemux3_qt5rc | 165 | blacklist ${HOME}/.config/avidemux3_qt5rc |
166 | deny ${HOME}/.config/aweather | 166 | blacklist ${HOME}/.config/aweather |
167 | deny ${HOME}/.config/backintime | 167 | blacklist ${HOME}/.config/backintime |
168 | deny ${HOME}/.config/baloofilerc | 168 | blacklist ${HOME}/.config/baloofilerc |
169 | deny ${HOME}/.config/baloorc | 169 | blacklist ${HOME}/.config/baloorc |
170 | deny ${HOME}/.config/bcompare | 170 | blacklist ${HOME}/.config/bcompare |
171 | deny ${HOME}/.config/blender | 171 | blacklist ${HOME}/.config/blender |
172 | deny ${HOME}/.config/bless | 172 | blacklist ${HOME}/.config/bless |
173 | deny ${HOME}/.config/bnox | 173 | blacklist ${HOME}/.config/bnox |
174 | deny ${HOME}/.config/borg | 174 | blacklist ${HOME}/.config/borg |
175 | deny ${HOME}/.config/brasero | 175 | blacklist ${HOME}/.config/brasero |
176 | deny ${HOME}/.config/brave | 176 | blacklist ${HOME}/.config/brave |
177 | deny ${HOME}/.config/brave-flags.conf | 177 | blacklist ${HOME}/.config/brave-flags.conf |
178 | deny ${HOME}/.config/caja | 178 | blacklist ${HOME}/.config/caja |
179 | deny ${HOME}/.config/calibre | 179 | blacklist ${HOME}/.config/calibre |
180 | deny ${HOME}/.config/cantata | 180 | blacklist ${HOME}/.config/cantata |
181 | deny ${HOME}/.config/catfish | 181 | blacklist ${HOME}/.config/catfish |
182 | deny ${HOME}/.config/cawbird | 182 | blacklist ${HOME}/.config/cawbird |
183 | deny ${HOME}/.config/celluloid | 183 | blacklist ${HOME}/.config/celluloid |
184 | deny ${HOME}/.config/cherrytree | 184 | blacklist ${HOME}/.config/cherrytree |
185 | deny ${HOME}/.config/chrome-beta-flags.conf | 185 | blacklist ${HOME}/.config/chrome-beta-flags.conf |
186 | deny ${HOME}/.config/chrome-beta-flags.config | 186 | blacklist ${HOME}/.config/chrome-beta-flags.config |
187 | deny ${HOME}/.config/chrome-flags.conf | 187 | blacklist ${HOME}/.config/chrome-flags.conf |
188 | deny ${HOME}/.config/chrome-flags.config | 188 | blacklist ${HOME}/.config/chrome-flags.config |
189 | deny ${HOME}/.config/chrome-unstable-flags.conf | 189 | blacklist ${HOME}/.config/chrome-unstable-flags.conf |
190 | deny ${HOME}/.config/chrome-unstable-flags.config | 190 | blacklist ${HOME}/.config/chrome-unstable-flags.config |
191 | deny ${HOME}/.config/chromium | 191 | blacklist ${HOME}/.config/chromium |
192 | deny ${HOME}/.config/chromium-dev | 192 | blacklist ${HOME}/.config/chromium-dev |
193 | deny ${HOME}/.config/chromium-flags.conf | 193 | blacklist ${HOME}/.config/chromium-flags.conf |
194 | deny ${HOME}/.config/clipit | 194 | blacklist ${HOME}/.config/clipit |
195 | deny ${HOME}/.config/cliqz | 195 | blacklist ${HOME}/.config/cliqz |
196 | deny ${HOME}/.config/cmus | 196 | blacklist ${HOME}/.config/cmus |
197 | deny ${HOME}/.config/com.github.bleakgrey.tootle | 197 | blacklist ${HOME}/.config/com.github.bleakgrey.tootle |
198 | deny ${HOME}/.config/corebird | 198 | blacklist ${HOME}/.config/corebird |
199 | deny ${HOME}/.config/cower | 199 | blacklist ${HOME}/.config/cower |
200 | deny ${HOME}/.config/coyim | 200 | blacklist ${HOME}/.config/coyim |
201 | deny ${HOME}/.config/d-feet | 201 | blacklist ${HOME}/.config/d-feet |
202 | deny ${HOME}/.config/darktable | 202 | blacklist ${HOME}/.config/darktable |
203 | deny ${HOME}/.config/deadbeef | 203 | blacklist ${HOME}/.config/deadbeef |
204 | deny ${HOME}/.config/deluge | 204 | blacklist ${HOME}/.config/deluge |
205 | deny ${HOME}/.config/devilspie2 | 205 | blacklist ${HOME}/.config/devilspie2 |
206 | deny ${HOME}/.config/digikam | 206 | blacklist ${HOME}/.config/digikam |
207 | deny ${HOME}/.config/digikamrc | 207 | blacklist ${HOME}/.config/digikamrc |
208 | deny ${HOME}/.config/discord | 208 | blacklist ${HOME}/.config/discord |
209 | deny ${HOME}/.config/discordcanary | 209 | blacklist ${HOME}/.config/discordcanary |
210 | deny ${HOME}/.config/dkl | 210 | blacklist ${HOME}/.config/dkl |
211 | deny ${HOME}/.config/dnox | 211 | blacklist ${HOME}/.config/dnox |
212 | deny ${HOME}/.config/dolphin-emu | 212 | blacklist ${HOME}/.config/dolphin-emu |
213 | deny ${HOME}/.config/dolphinrc | 213 | blacklist ${HOME}/.config/dolphinrc |
214 | deny ${HOME}/.config/dragonplayerrc | 214 | blacklist ${HOME}/.config/dragonplayerrc |
215 | deny ${HOME}/.config/draw.io | 215 | blacklist ${HOME}/.config/draw.io |
216 | deny ${HOME}/.config/electron-mail | 216 | blacklist ${HOME}/.config/electron-mail |
217 | deny ${HOME}/.config/emaildefaults | 217 | blacklist ${HOME}/.config/emaildefaults |
218 | deny ${HOME}/.config/emailidentities | 218 | blacklist ${HOME}/.config/emailidentities |
219 | deny ${HOME}/.config/emilia | 219 | blacklist ${HOME}/.config/emilia |
220 | deny ${HOME}/.config/enchant | 220 | blacklist ${HOME}/.config/enchant |
221 | deny ${HOME}/.config/eog | 221 | blacklist ${HOME}/.config/eog |
222 | deny ${HOME}/.config/epiphany | 222 | blacklist ${HOME}/.config/epiphany |
223 | deny ${HOME}/.config/equalx | 223 | blacklist ${HOME}/.config/equalx |
224 | deny ${HOME}/.config/evince | 224 | blacklist ${HOME}/.config/evince |
225 | deny ${HOME}/.config/evolution | 225 | blacklist ${HOME}/.config/evolution |
226 | deny ${HOME}/.config/falkon | 226 | blacklist ${HOME}/.config/falkon |
227 | deny ${HOME}/.config/filezilla | 227 | blacklist ${HOME}/.config/filezilla |
228 | deny ${HOME}/.config/flameshot | 228 | blacklist ${HOME}/.config/flameshot |
229 | deny ${HOME}/.config/flaska.net | 229 | blacklist ${HOME}/.config/flaska.net |
230 | deny ${HOME}/.config/flowblade | 230 | blacklist ${HOME}/.config/flowblade |
231 | deny ${HOME}/.config/font-manager | 231 | blacklist ${HOME}/.config/font-manager |
232 | deny ${HOME}/.config/freecol | 232 | blacklist ${HOME}/.config/freecol |
233 | deny ${HOME}/.config/gajim | 233 | blacklist ${HOME}/.config/gajim |
234 | deny ${HOME}/.config/galculator | 234 | blacklist ${HOME}/.config/galculator |
235 | deny ${HOME}/.config/gconf | 235 | blacklist ${HOME}/.config/gconf |
236 | deny ${HOME}/.config/geany | 236 | blacklist ${HOME}/.config/geany |
237 | deny ${HOME}/.config/geary | 237 | blacklist ${HOME}/.config/geary |
238 | deny ${HOME}/.config/gedit | 238 | blacklist ${HOME}/.config/gedit |
239 | deny ${HOME}/.config/geeqie | 239 | blacklist ${HOME}/.config/geeqie |
240 | deny ${HOME}/.config/ghb | 240 | blacklist ${HOME}/.config/ghb |
241 | deny ${HOME}/.config/ghostwriter | 241 | blacklist ${HOME}/.config/ghostwriter |
242 | deny ${HOME}/.config/git | 242 | blacklist ${HOME}/.config/git |
243 | deny ${HOME}/.config/git-cola | 243 | blacklist ${HOME}/.config/git-cola |
244 | deny ${HOME}/.config/glade.conf | 244 | blacklist ${HOME}/.config/glade.conf |
245 | deny ${HOME}/.config/globaltime | 245 | blacklist ${HOME}/.config/globaltime |
246 | deny ${HOME}/.config/gmpc | 246 | blacklist ${HOME}/.config/gmpc |
247 | deny ${HOME}/.config/gnome-builder | 247 | blacklist ${HOME}/.config/gnome-builder |
248 | deny ${HOME}/.config/gnome-chess | 248 | blacklist ${HOME}/.config/gnome-chess |
249 | deny ${HOME}/.config/gnome-control-center | 249 | blacklist ${HOME}/.config/gnome-control-center |
250 | deny ${HOME}/.config/gnome-initial-setup-done | 250 | blacklist ${HOME}/.config/gnome-initial-setup-done |
251 | deny ${HOME}/.config/gnome-latex | 251 | blacklist ${HOME}/.config/gnome-latex |
252 | deny ${HOME}/.config/gnome-mplayer | 252 | blacklist ${HOME}/.config/gnome-mplayer |
253 | deny ${HOME}/.config/gnome-mpv | 253 | blacklist ${HOME}/.config/gnome-mpv |
254 | deny ${HOME}/.config/gnome-pie | 254 | blacklist ${HOME}/.config/gnome-pie |
255 | deny ${HOME}/.config/gnome-session | 255 | blacklist ${HOME}/.config/gnome-session |
256 | deny ${HOME}/.config/gnote | 256 | blacklist ${HOME}/.config/gnote |
257 | deny ${HOME}/.config/godot | 257 | blacklist ${HOME}/.config/godot |
258 | deny ${HOME}/.config/google-chrome | 258 | blacklist ${HOME}/.config/google-chrome |
259 | deny ${HOME}/.config/google-chrome-beta | 259 | blacklist ${HOME}/.config/google-chrome-beta |
260 | deny ${HOME}/.config/google-chrome-unstable | 260 | blacklist ${HOME}/.config/google-chrome-unstable |
261 | deny ${HOME}/.config/gpicview | 261 | blacklist ${HOME}/.config/gpicview |
262 | deny ${HOME}/.config/gthumb | 262 | blacklist ${HOME}/.config/gthumb |
263 | deny ${HOME}/.config/gummi | 263 | blacklist ${HOME}/.config/gummi |
264 | deny ${HOME}/.config/guvcview2 | 264 | blacklist ${HOME}/.config/guvcview2 |
265 | deny ${HOME}/.config/gwenviewrc | 265 | blacklist ${HOME}/.config/gwenviewrc |
266 | deny ${HOME}/.config/hexchat | 266 | blacklist ${HOME}/.config/hexchat |
267 | deny ${HOME}/.config/homebank | 267 | blacklist ${HOME}/.config/homebank |
268 | deny ${HOME}/.config/i2p | 268 | blacklist ${HOME}/.config/i2p |
269 | deny ${HOME}/.config/inkscape | 269 | blacklist ${HOME}/.config/inkscape |
270 | deny ${HOME}/.config/inox | 270 | blacklist ${HOME}/.config/inox |
271 | deny ${HOME}/.config/iridium | 271 | blacklist ${HOME}/.config/iridium |
272 | deny ${HOME}/.config/itch | 272 | blacklist ${HOME}/.config/itch |
273 | deny ${HOME}/.config/jami | 273 | blacklist ${HOME}/.config/jami |
274 | deny ${HOME}/.config/jd-gui.cfg | 274 | blacklist ${HOME}/.config/jd-gui.cfg |
275 | deny ${HOME}/.config/k3brc | 275 | blacklist ${HOME}/.config/k3brc |
276 | deny ${HOME}/.config/kaffeinerc | 276 | blacklist ${HOME}/.config/kaffeinerc |
277 | deny ${HOME}/.config/kalgebrarc | 277 | blacklist ${HOME}/.config/kalgebrarc |
278 | deny ${HOME}/.config/katemetainfos | 278 | blacklist ${HOME}/.config/katemetainfos |
279 | deny ${HOME}/.config/katepartrc | 279 | blacklist ${HOME}/.config/katepartrc |
280 | deny ${HOME}/.config/katerc | 280 | blacklist ${HOME}/.config/katerc |
281 | deny ${HOME}/.config/kateschemarc | 281 | blacklist ${HOME}/.config/kateschemarc |
282 | deny ${HOME}/.config/katesyntaxhighlightingrc | 282 | blacklist ${HOME}/.config/katesyntaxhighlightingrc |
283 | deny ${HOME}/.config/katevirc | 283 | blacklist ${HOME}/.config/katevirc |
284 | deny ${HOME}/.config/kazam | 284 | blacklist ${HOME}/.config/kazam |
285 | deny ${HOME}/.config/kdeconnect | 285 | blacklist ${HOME}/.config/kdeconnect |
286 | deny ${HOME}/.config/kdenliverc | 286 | blacklist ${HOME}/.config/kdenliverc |
287 | deny ${HOME}/.config/kdiff3fileitemactionrc | 287 | blacklist ${HOME}/.config/kdiff3fileitemactionrc |
288 | deny ${HOME}/.config/kdiff3rc | 288 | blacklist ${HOME}/.config/kdiff3rc |
289 | deny ${HOME}/.config/kfindrc | 289 | blacklist ${HOME}/.config/kfindrc |
290 | deny ${HOME}/.config/kgetrc | 290 | blacklist ${HOME}/.config/kgetrc |
291 | deny ${HOME}/.config/kid3rc | 291 | blacklist ${HOME}/.config/kid3rc |
292 | deny ${HOME}/.config/klavaro | 292 | blacklist ${HOME}/.config/klavaro |
293 | deny ${HOME}/.config/klipperrc | 293 | blacklist ${HOME}/.config/klipperrc |
294 | deny ${HOME}/.config/kmail2rc | 294 | blacklist ${HOME}/.config/kmail2rc |
295 | deny ${HOME}/.config/kmailsearchindexingrc | 295 | blacklist ${HOME}/.config/kmailsearchindexingrc |
296 | deny ${HOME}/.config/kmplayerrc | 296 | blacklist ${HOME}/.config/kmplayerrc |
297 | deny ${HOME}/.config/knotesrc | 297 | blacklist ${HOME}/.config/knotesrc |
298 | deny ${HOME}/.config/konversation.notifyrc | 298 | blacklist ${HOME}/.config/konversation.notifyrc |
299 | deny ${HOME}/.config/konversationrc | 299 | blacklist ${HOME}/.config/konversationrc |
300 | deny ${HOME}/.config/kritarc | 300 | blacklist ${HOME}/.config/kritarc |
301 | deny ${HOME}/.config/ktorrentrc | 301 | blacklist ${HOME}/.config/ktorrentrc |
302 | deny ${HOME}/.config/ktouch2rc | 302 | blacklist ${HOME}/.config/ktouch2rc |
303 | deny ${HOME}/.config/kube | 303 | blacklist ${HOME}/.config/kube |
304 | deny ${HOME}/.config/kwriterc | 304 | blacklist ${HOME}/.config/kwriterc |
305 | deny ${HOME}/.config/leafpad | 305 | blacklist ${HOME}/.config/leafpad |
306 | deny ${HOME}/.config/libreoffice | 306 | blacklist ${HOME}/.config/libreoffice |
307 | deny ${HOME}/.config/liferea | 307 | blacklist ${HOME}/.config/liferea |
308 | deny ${HOME}/.config/linphone | 308 | blacklist ${HOME}/.config/linphone |
309 | deny ${HOME}/.config/lugaru | 309 | blacklist ${HOME}/.config/lugaru |
310 | deny ${HOME}/.config/lutris | 310 | blacklist ${HOME}/.config/lutris |
311 | deny ${HOME}/.config/lximage-qt | 311 | blacklist ${HOME}/.config/lximage-qt |
312 | deny ${HOME}/.config/mailtransports | 312 | blacklist ${HOME}/.config/mailtransports |
313 | deny ${HOME}/.config/mana | 313 | blacklist ${HOME}/.config/mana |
314 | deny ${HOME}/.config/mate-calc | 314 | blacklist ${HOME}/.config/mate-calc |
315 | deny ${HOME}/.config/mate/eom | 315 | blacklist ${HOME}/.config/mate/eom |
316 | deny ${HOME}/.config/mate/mate-dictionary | 316 | blacklist ${HOME}/.config/mate/mate-dictionary |
317 | deny ${HOME}/.config/matrix-mirage | 317 | blacklist ${HOME}/.config/matrix-mirage |
318 | deny ${HOME}/.config/mcomix | 318 | blacklist ${HOME}/.config/mcomix |
319 | deny ${HOME}/.config/meld | 319 | blacklist ${HOME}/.config/meld |
320 | deny ${HOME}/.config/menulibre.cfg | 320 | blacklist ${HOME}/.config/menulibre.cfg |
321 | deny ${HOME}/.config/meteo-qt | 321 | blacklist ${HOME}/.config/meteo-qt |
322 | deny ${HOME}/.config/mfusion | 322 | blacklist ${HOME}/.config/mfusion |
323 | deny ${HOME}/.config/microsoft-edge-dev | 323 | blacklist ${HOME}/.config/microsoft-edge-dev |
324 | deny ${HOME}/.config/midori | 324 | blacklist ${HOME}/.config/midori |
325 | deny ${HOME}/.config/mirage | 325 | blacklist ${HOME}/.config/mirage |
326 | deny ${HOME}/.config/mono | 326 | blacklist ${HOME}/.config/mono |
327 | deny ${HOME}/.config/mpDris2 | 327 | blacklist ${HOME}/.config/mpDris2 |
328 | deny ${HOME}/.config/mpd | 328 | blacklist ${HOME}/.config/mpd |
329 | deny ${HOME}/.config/mps-youtube | 329 | blacklist ${HOME}/.config/mps-youtube |
330 | deny ${HOME}/.config/mpv | 330 | blacklist ${HOME}/.config/mpv |
331 | deny ${HOME}/.config/mupen64plus | 331 | blacklist ${HOME}/.config/mupen64plus |
332 | deny ${HOME}/.config/mutt | 332 | blacklist ${HOME}/.config/mutt |
333 | deny ${HOME}/.config/mutter | 333 | blacklist ${HOME}/.config/mutter |
334 | deny ${HOME}/.config/mypaint | 334 | blacklist ${HOME}/.config/mypaint |
335 | deny ${HOME}/.config/nano | 335 | blacklist ${HOME}/.config/nano |
336 | deny ${HOME}/.config/nautilus | 336 | blacklist ${HOME}/.config/nautilus |
337 | deny ${HOME}/.config/nemo | 337 | blacklist ${HOME}/.config/nemo |
338 | deny ${HOME}/.config/neochat.notifyrc | 338 | blacklist ${HOME}/.config/neochat.notifyrc |
339 | deny ${HOME}/.config/neochatrc | 339 | blacklist ${HOME}/.config/neochatrc |
340 | deny ${HOME}/.config/neomutt | 340 | blacklist ${HOME}/.config/neomutt |
341 | deny ${HOME}/.config/netsurf | 341 | blacklist ${HOME}/.config/netsurf |
342 | deny ${HOME}/.config/newsbeuter | 342 | blacklist ${HOME}/.config/newsbeuter |
343 | deny ${HOME}/.config/newsboat | 343 | blacklist ${HOME}/.config/newsboat |
344 | deny ${HOME}/.config/newsflash | 344 | blacklist ${HOME}/.config/newsflash |
345 | deny ${HOME}/.config/nheko | 345 | blacklist ${HOME}/.config/nheko |
346 | deny ${HOME}/.config/nomacs | 346 | blacklist ${HOME}/.config/nomacs |
347 | deny ${HOME}/.config/nuclear | 347 | blacklist ${HOME}/.config/nuclear |
348 | deny ${HOME}/.config/obs-studio | 348 | blacklist ${HOME}/.config/obs-studio |
349 | deny ${HOME}/.config/okularpartrc | 349 | blacklist ${HOME}/.config/okularpartrc |
350 | deny ${HOME}/.config/okularrc | 350 | blacklist ${HOME}/.config/okularrc |
351 | deny ${HOME}/.config/onboard | 351 | blacklist ${HOME}/.config/onboard |
352 | deny ${HOME}/.config/onionshare | 352 | blacklist ${HOME}/.config/onionshare |
353 | deny ${HOME}/.config/onlyoffice | 353 | blacklist ${HOME}/.config/onlyoffice |
354 | deny ${HOME}/.config/openmw | 354 | blacklist ${HOME}/.config/openmw |
355 | deny ${HOME}/.config/opera | 355 | blacklist ${HOME}/.config/opera |
356 | deny ${HOME}/.config/opera-beta | 356 | blacklist ${HOME}/.config/opera-beta |
357 | deny ${HOME}/.config/orage | 357 | blacklist ${HOME}/.config/orage |
358 | deny ${HOME}/.config/org.gabmus.gfeeds.json | 358 | blacklist ${HOME}/.config/org.gabmus.gfeeds.json |
359 | deny ${HOME}/.config/org.gabmus.gfeeds.saved_articles | 359 | blacklist ${HOME}/.config/org.gabmus.gfeeds.saved_articles |
360 | deny ${HOME}/.config/org.kde.gwenviewrc | 360 | blacklist ${HOME}/.config/org.kde.gwenviewrc |
361 | deny ${HOME}/.config/otter | 361 | blacklist ${HOME}/.config/otter |
362 | deny ${HOME}/.config/pavucontrol-qt | 362 | blacklist ${HOME}/.config/pavucontrol-qt |
363 | deny ${HOME}/.config/pavucontrol.ini | 363 | blacklist ${HOME}/.config/pavucontrol.ini |
364 | deny ${HOME}/.config/pcmanfm | 364 | blacklist ${HOME}/.config/pcmanfm |
365 | deny ${HOME}/.config/pdfmod | 365 | blacklist ${HOME}/.config/pdfmod |
366 | deny ${HOME}/.config/pipe-viewer | 366 | blacklist ${HOME}/.config/pipe-viewer |
367 | deny ${HOME}/.config/pitivi | 367 | blacklist ${HOME}/.config/pitivi |
368 | deny ${HOME}/.config/pix | 368 | blacklist ${HOME}/.config/pix |
369 | deny ${HOME}/.config/pluma | 369 | blacklist ${HOME}/.config/pluma |
370 | deny ${HOME}/.config/ppsspp | 370 | blacklist ${HOME}/.config/ppsspp |
371 | deny ${HOME}/.config/pragha | 371 | blacklist ${HOME}/.config/pragha |
372 | deny ${HOME}/.config/profanity | 372 | blacklist ${HOME}/.config/profanity |
373 | deny ${HOME}/.config/psi | 373 | blacklist ${HOME}/.config/psi |
374 | deny ${HOME}/.config/psi+ | 374 | blacklist ${HOME}/.config/psi+ |
375 | deny ${HOME}/.config/qBittorrent | 375 | blacklist ${HOME}/.config/qBittorrent |
376 | deny ${HOME}/.config/qBittorrentrc | 376 | blacklist ${HOME}/.config/qBittorrentrc |
377 | deny ${HOME}/.config/qnapi.ini | 377 | blacklist ${HOME}/.config/qnapi.ini |
378 | deny ${HOME}/.config/qpdfview | 378 | blacklist ${HOME}/.config/qpdfview |
379 | deny ${HOME}/.config/quodlibet | 379 | blacklist ${HOME}/.config/quodlibet |
380 | deny ${HOME}/.config/qupzilla | 380 | blacklist ${HOME}/.config/qupzilla |
381 | deny ${HOME}/.config/qutebrowser | 381 | blacklist ${HOME}/.config/qutebrowser |
382 | deny ${HOME}/.config/ranger | 382 | blacklist ${HOME}/.config/ranger |
383 | deny ${HOME}/.config/redshift | 383 | blacklist ${HOME}/.config/redshift |
384 | deny ${HOME}/.config/redshift.conf | 384 | blacklist ${HOME}/.config/redshift.conf |
385 | deny ${HOME}/.config/remmina | 385 | blacklist ${HOME}/.config/remmina |
386 | deny ${HOME}/.config/ristretto | 386 | blacklist ${HOME}/.config/ristretto |
387 | deny ${HOME}/.config/rtv | 387 | blacklist ${HOME}/.config/rtv |
388 | deny ${HOME}/.config/scribus | 388 | blacklist ${HOME}/.config/scribus |
389 | deny ${HOME}/.config/scribusrc | 389 | blacklist ${HOME}/.config/scribusrc |
390 | deny ${HOME}/.config/sinew.in | 390 | blacklist ${HOME}/.config/sinew.in |
391 | deny ${HOME}/.config/sink | 391 | blacklist ${HOME}/.config/sink |
392 | deny ${HOME}/.config/skypeforlinux | 392 | blacklist ${HOME}/.config/skypeforlinux |
393 | deny ${HOME}/.config/slimjet | 393 | blacklist ${HOME}/.config/slimjet |
394 | deny ${HOME}/.config/smplayer | 394 | blacklist ${HOME}/.config/smplayer |
395 | deny ${HOME}/.config/smtube | 395 | blacklist ${HOME}/.config/smtube |
396 | deny ${HOME}/.config/smuxi | 396 | blacklist ${HOME}/.config/smuxi |
397 | deny ${HOME}/.config/snox | 397 | blacklist ${HOME}/.config/snox |
398 | deny ${HOME}/.config/sound-juicer | 398 | blacklist ${HOME}/.config/sound-juicer |
399 | deny ${HOME}/.config/specialmailcollectionsrc | 399 | blacklist ${HOME}/.config/specialmailcollectionsrc |
400 | deny ${HOME}/.config/spectaclerc | 400 | blacklist ${HOME}/.config/spectaclerc |
401 | deny ${HOME}/.config/spotify | 401 | blacklist ${HOME}/.config/spotify |
402 | deny ${HOME}/.config/sqlitebrowser | 402 | blacklist ${HOME}/.config/sqlitebrowser |
403 | deny ${HOME}/.config/stellarium | 403 | blacklist ${HOME}/.config/stellarium |
404 | deny ${HOME}/.config/straw-viewer | 404 | blacklist ${HOME}/.config/straw-viewer |
405 | deny ${HOME}/.config/strawberry | 405 | blacklist ${HOME}/.config/strawberry |
406 | deny ${HOME}/.config/supertuxkart | 406 | blacklist ${HOME}/.config/supertuxkart |
407 | deny ${HOME}/.config/synfig | 407 | blacklist ${HOME}/.config/synfig |
408 | deny ${HOME}/.config/teams | 408 | blacklist ${HOME}/.config/teams |
409 | deny ${HOME}/.config/teams-for-linux | 409 | blacklist ${HOME}/.config/teams-for-linux |
410 | deny ${HOME}/.config/telepathy-account-widgets | 410 | blacklist ${HOME}/.config/telepathy-account-widgets |
411 | deny ${HOME}/.config/torbrowser | 411 | blacklist ${HOME}/.config/torbrowser |
412 | deny ${HOME}/.config/totem | 412 | blacklist ${HOME}/.config/totem |
413 | deny ${HOME}/.config/tox | 413 | blacklist ${HOME}/.config/tox |
414 | deny ${HOME}/.config/transgui | 414 | blacklist ${HOME}/.config/transgui |
415 | deny ${HOME}/.config/transmission | 415 | blacklist ${HOME}/.config/transmission |
416 | deny ${HOME}/.config/truecraft | 416 | blacklist ${HOME}/.config/truecraft |
417 | deny ${HOME}/.config/tuta_integration | 417 | blacklist ${HOME}/.config/tuta_integration |
418 | deny ${HOME}/.config/tutanota-desktop | 418 | blacklist ${HOME}/.config/tutanota-desktop |
419 | deny ${HOME}/.config/tvbrowser | 419 | blacklist ${HOME}/.config/tvbrowser |
420 | deny ${HOME}/.config/uGet | 420 | blacklist ${HOME}/.config/uGet |
421 | deny ${HOME}/.config/ungoogled-chromium | 421 | blacklist ${HOME}/.config/ungoogled-chromium |
422 | deny ${HOME}/.config/uzbl | 422 | blacklist ${HOME}/.config/uzbl |
423 | deny ${HOME}/.config/viewnior | 423 | blacklist ${HOME}/.config/viewnior |
424 | deny ${HOME}/.config/vivaldi | 424 | blacklist ${HOME}/.config/vivaldi |
425 | deny ${HOME}/.config/vivaldi-snapshot | 425 | blacklist ${HOME}/.config/vivaldi-snapshot |
426 | deny ${HOME}/.config/vlc | 426 | blacklist ${HOME}/.config/vlc |
427 | deny ${HOME}/.config/wesnoth | 427 | blacklist ${HOME}/.config/wesnoth |
428 | deny ${HOME}/.config/wireshark | 428 | blacklist ${HOME}/.config/wireshark |
429 | deny ${HOME}/.config/wormux | 429 | blacklist ${HOME}/.config/wormux |
430 | deny ${HOME}/.config/xchat | 430 | blacklist ${HOME}/.config/xchat |
431 | deny ${HOME}/.config/xed | 431 | blacklist ${HOME}/.config/xed |
432 | deny ${HOME}/.config/xfburn | 432 | blacklist ${HOME}/.config/xfburn |
433 | deny ${HOME}/.config/xfce4-dict | 433 | blacklist ${HOME}/.config/xfce4-dict |
434 | deny ${HOME}/.config/xfce4/xfce4-notes.gtkrc | 434 | blacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc |
435 | deny ${HOME}/.config/xfce4/xfce4-notes.rc | 435 | blacklist ${HOME}/.config/xfce4/xfce4-notes.rc |
436 | deny ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml | 436 | blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml |
437 | deny ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 437 | blacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
438 | deny ${HOME}/.config/xiaoyong | 438 | blacklist ${HOME}/.config/xiaoyong |
439 | deny ${HOME}/.config/xmms2 | 439 | blacklist ${HOME}/.config/xmms2 |
440 | deny ${HOME}/.config/xplayer | 440 | blacklist ${HOME}/.config/xplayer |
441 | deny ${HOME}/.config/xreader | 441 | blacklist ${HOME}/.config/xreader |
442 | deny ${HOME}/.config/xviewer | 442 | blacklist ${HOME}/.config/xviewer |
443 | deny ${HOME}/.config/yandex-browser | 443 | blacklist ${HOME}/.config/yandex-browser |
444 | deny ${HOME}/.config/yandex-browser-beta | 444 | blacklist ${HOME}/.config/yandex-browser-beta |
445 | deny ${HOME}/.config/yelp | 445 | blacklist ${HOME}/.config/yelp |
446 | deny ${HOME}/.config/youtube-dl | 446 | blacklist ${HOME}/.config/youtube-dl |
447 | deny ${HOME}/.config/youtube-dlg | 447 | blacklist ${HOME}/.config/youtube-dlg |
448 | deny ${HOME}/.config/youtube-music-desktop-app | 448 | blacklist ${HOME}/.config/youtube-music-desktop-app |
449 | deny ${HOME}/.config/youtube-viewer | 449 | blacklist ${HOME}/.config/youtube-viewer |
450 | deny ${HOME}/.config/youtubemusic-nativefier-040164 | 450 | blacklist ${HOME}/.config/youtubemusic-nativefier-040164 |
451 | deny ${HOME}/.config/zathura | 451 | blacklist ${HOME}/.config/zathura |
452 | deny ${HOME}/.config/zoomus.conf | 452 | blacklist ${HOME}/.config/zoomus.conf |
453 | deny ${HOME}/.conkeror.mozdev.org | 453 | blacklist ${HOME}/.conkeror.mozdev.org |
454 | deny ${HOME}/.crawl | 454 | blacklist ${HOME}/.crawl |
455 | deny ${HOME}/.cups | 455 | blacklist ${HOME}/.cups |
456 | deny ${HOME}/.curl-hsts | 456 | blacklist ${HOME}/.curl-hsts |
457 | deny ${HOME}/.curlrc | 457 | blacklist ${HOME}/.curlrc |
458 | deny ${HOME}/.dashcore | 458 | blacklist ${HOME}/.dashcore |
459 | deny ${HOME}/.devilspie | 459 | blacklist ${HOME}/.devilspie |
460 | deny ${HOME}/.dia | 460 | blacklist ${HOME}/.dia |
461 | deny ${HOME}/.digrc | 461 | blacklist ${HOME}/.digrc |
462 | deny ${HOME}/.dillo | 462 | blacklist ${HOME}/.dillo |
463 | deny ${HOME}/.dooble | 463 | blacklist ${HOME}/.dooble |
464 | deny ${HOME}/.dosbox | 464 | blacklist ${HOME}/.dosbox |
465 | deny ${HOME}/.dropbox* | 465 | blacklist ${HOME}/.dropbox* |
466 | deny ${HOME}/.easystroke | 466 | blacklist ${HOME}/.easystroke |
467 | deny ${HOME}/.electron-cache | 467 | blacklist ${HOME}/.electron-cache |
468 | deny ${HOME}/.electrum* | 468 | blacklist ${HOME}/.electrum* |
469 | deny ${HOME}/.elinks | 469 | blacklist ${HOME}/.elinks |
470 | deny ${HOME}/.emacs | 470 | blacklist ${HOME}/.emacs |
471 | deny ${HOME}/.emacs.d | 471 | blacklist ${HOME}/.emacs.d |
472 | deny ${HOME}/.equalx | 472 | blacklist ${HOME}/.equalx |
473 | deny ${HOME}/.ethereum | 473 | blacklist ${HOME}/.ethereum |
474 | deny ${HOME}/.etr | 474 | blacklist ${HOME}/.etr |
475 | deny ${HOME}/.filezilla | 475 | blacklist ${HOME}/.filezilla |
476 | deny ${HOME}/.firedragon | 476 | blacklist ${HOME}/.firedragon |
477 | deny ${HOME}/.flowblade | 477 | blacklist ${HOME}/.flowblade |
478 | deny ${HOME}/.fltk | 478 | blacklist ${HOME}/.fltk |
479 | deny ${HOME}/.fossamail | 479 | blacklist ${HOME}/.fossamail |
480 | deny ${HOME}/.freeciv | 480 | blacklist ${HOME}/.freeciv |
481 | deny ${HOME}/.freecol | 481 | blacklist ${HOME}/.freecol |
482 | deny ${HOME}/.freemind | 482 | blacklist ${HOME}/.freemind |
483 | deny ${HOME}/.frogatto | 483 | blacklist ${HOME}/.frogatto |
484 | deny ${HOME}/.frozen-bubble | 484 | blacklist ${HOME}/.frozen-bubble |
485 | deny ${HOME}/.funnyboat | 485 | blacklist ${HOME}/.funnyboat |
486 | deny ${HOME}/.gimp* | 486 | blacklist ${HOME}/.gimp* |
487 | deny ${HOME}/.gist | 487 | blacklist ${HOME}/.gist |
488 | deny ${HOME}/.gitconfig | 488 | blacklist ${HOME}/.gitconfig |
489 | deny ${HOME}/.gl-117 | 489 | blacklist ${HOME}/.gl-117 |
490 | deny ${HOME}/.glaxiumrc | 490 | blacklist ${HOME}/.glaxiumrc |
491 | deny ${HOME}/.gnome/gnome-schedule | 491 | blacklist ${HOME}/.gnome/gnome-schedule |
492 | deny ${HOME}/.googleearth | 492 | blacklist ${HOME}/.googleearth |
493 | deny ${HOME}/.gradle | 493 | blacklist ${HOME}/.gradle |
494 | deny ${HOME}/.gramps | 494 | blacklist ${HOME}/.gramps |
495 | deny ${HOME}/.guayadeque | 495 | blacklist ${HOME}/.guayadeque |
496 | deny ${HOME}/.hashcat | 496 | blacklist ${HOME}/.hashcat |
497 | deny ${HOME}/.hedgewars | 497 | blacklist ${HOME}/.hedgewars |
498 | deny ${HOME}/.hex-a-hop | 498 | blacklist ${HOME}/.hex-a-hop |
499 | deny ${HOME}/.hugin | 499 | blacklist ${HOME}/.hugin |
500 | deny ${HOME}/.i2p | 500 | blacklist ${HOME}/.i2p |
501 | deny ${HOME}/.icedove | 501 | blacklist ${HOME}/.icedove |
502 | deny ${HOME}/.imagej | 502 | blacklist ${HOME}/.imagej |
503 | deny ${HOME}/.inkscape | 503 | blacklist ${HOME}/.inkscape |
504 | deny ${HOME}/.itch | 504 | blacklist ${HOME}/.itch |
505 | deny ${HOME}/.jack-server | 505 | blacklist ${HOME}/.jack-server |
506 | deny ${HOME}/.jack-settings | 506 | blacklist ${HOME}/.jack-settings |
507 | deny ${HOME}/.jak | 507 | blacklist ${HOME}/.jak |
508 | deny ${HOME}/.java | 508 | blacklist ${HOME}/.java |
509 | deny ${HOME}/.jd | 509 | blacklist ${HOME}/.jd |
510 | deny ${HOME}/.jitsi | 510 | blacklist ${HOME}/.jitsi |
511 | deny ${HOME}/.jumpnbump | 511 | blacklist ${HOME}/.jumpnbump |
512 | deny ${HOME}/.kde/share/apps/digikam | 512 | blacklist ${HOME}/.kde/share/apps/digikam |
513 | deny ${HOME}/.kde/share/apps/gwenview | 513 | blacklist ${HOME}/.kde/share/apps/gwenview |
514 | deny ${HOME}/.kde/share/apps/kaffeine | 514 | blacklist ${HOME}/.kde/share/apps/kaffeine |
515 | deny ${HOME}/.kde/share/apps/kcookiejar | 515 | blacklist ${HOME}/.kde/share/apps/kcookiejar |
516 | deny ${HOME}/.kde/share/apps/kget | 516 | blacklist ${HOME}/.kde/share/apps/kget |
517 | deny ${HOME}/.kde/share/apps/khtml | 517 | blacklist ${HOME}/.kde/share/apps/khtml |
518 | deny ${HOME}/.kde/share/apps/klatexformula | 518 | blacklist ${HOME}/.kde/share/apps/klatexformula |
519 | deny ${HOME}/.kde/share/apps/konqsidebartng | 519 | blacklist ${HOME}/.kde/share/apps/konqsidebartng |
520 | deny ${HOME}/.kde/share/apps/konqueror | 520 | blacklist ${HOME}/.kde/share/apps/konqueror |
521 | deny ${HOME}/.kde/share/apps/kopete | 521 | blacklist ${HOME}/.kde/share/apps/kopete |
522 | deny ${HOME}/.kde/share/apps/ktorrent | 522 | blacklist ${HOME}/.kde/share/apps/ktorrent |
523 | deny ${HOME}/.kde/share/apps/okular | 523 | blacklist ${HOME}/.kde/share/apps/okular |
524 | deny ${HOME}/.kde/share/config/baloofilerc | 524 | blacklist ${HOME}/.kde/share/config/baloofilerc |
525 | deny ${HOME}/.kde/share/config/baloorc | 525 | blacklist ${HOME}/.kde/share/config/baloorc |
526 | deny ${HOME}/.kde/share/config/digikam | 526 | blacklist ${HOME}/.kde/share/config/digikam |
527 | deny ${HOME}/.kde/share/config/gwenviewrc | 527 | blacklist ${HOME}/.kde/share/config/gwenviewrc |
528 | deny ${HOME}/.kde/share/config/k3brc | 528 | blacklist ${HOME}/.kde/share/config/k3brc |
529 | deny ${HOME}/.kde/share/config/kaffeinerc | 529 | blacklist ${HOME}/.kde/share/config/kaffeinerc |
530 | deny ${HOME}/.kde/share/config/kcookiejarrc | 530 | blacklist ${HOME}/.kde/share/config/kcookiejarrc |
531 | deny ${HOME}/.kde/share/config/kfindrc | 531 | blacklist ${HOME}/.kde/share/config/kfindrc |
532 | deny ${HOME}/.kde/share/config/kgetrc | 532 | blacklist ${HOME}/.kde/share/config/kgetrc |
533 | deny ${HOME}/.kde/share/config/khtmlrc | 533 | blacklist ${HOME}/.kde/share/config/khtmlrc |
534 | deny ${HOME}/.kde/share/config/klipperrc | 534 | blacklist ${HOME}/.kde/share/config/klipperrc |
535 | deny ${HOME}/.kde/share/config/kmplayerrc | 535 | blacklist ${HOME}/.kde/share/config/kmplayerrc |
536 | deny ${HOME}/.kde/share/config/konq_history | 536 | blacklist ${HOME}/.kde/share/config/konq_history |
537 | deny ${HOME}/.kde/share/config/konqsidebartngrc | 537 | blacklist ${HOME}/.kde/share/config/konqsidebartngrc |
538 | deny ${HOME}/.kde/share/config/konquerorrc | 538 | blacklist ${HOME}/.kde/share/config/konquerorrc |
539 | deny ${HOME}/.kde/share/config/konversationrc | 539 | blacklist ${HOME}/.kde/share/config/konversationrc |
540 | deny ${HOME}/.kde/share/config/kopeterc | 540 | blacklist ${HOME}/.kde/share/config/kopeterc |
541 | deny ${HOME}/.kde/share/config/ktorrentrc | 541 | blacklist ${HOME}/.kde/share/config/ktorrentrc |
542 | deny ${HOME}/.kde/share/config/okularpartrc | 542 | blacklist ${HOME}/.kde/share/config/okularpartrc |
543 | deny ${HOME}/.kde/share/config/okularrc | 543 | blacklist ${HOME}/.kde/share/config/okularrc |
544 | deny ${HOME}/.kde4/share/apps/digikam | 544 | blacklist ${HOME}/.kde4/share/apps/digikam |
545 | deny ${HOME}/.kde4/share/apps/gwenview | 545 | blacklist ${HOME}/.kde4/share/apps/gwenview |
546 | deny ${HOME}/.kde4/share/apps/kaffeine | 546 | blacklist ${HOME}/.kde4/share/apps/kaffeine |
547 | deny ${HOME}/.kde4/share/apps/kcookiejar | 547 | blacklist ${HOME}/.kde4/share/apps/kcookiejar |
548 | deny ${HOME}/.kde4/share/apps/kget | 548 | blacklist ${HOME}/.kde4/share/apps/kget |
549 | deny ${HOME}/.kde4/share/apps/khtml | 549 | blacklist ${HOME}/.kde4/share/apps/khtml |
550 | deny ${HOME}/.kde4/share/apps/konqsidebartng | 550 | blacklist ${HOME}/.kde4/share/apps/konqsidebartng |
551 | deny ${HOME}/.kde4/share/apps/konqueror | 551 | blacklist ${HOME}/.kde4/share/apps/konqueror |
552 | deny ${HOME}/.kde4/share/apps/kopete | 552 | blacklist ${HOME}/.kde4/share/apps/kopete |
553 | deny ${HOME}/.kde4/share/apps/ktorrent | 553 | blacklist ${HOME}/.kde4/share/apps/ktorrent |
554 | deny ${HOME}/.kde4/share/apps/okular | 554 | blacklist ${HOME}/.kde4/share/apps/okular |
555 | deny ${HOME}/.kde4/share/config/baloofilerc | 555 | blacklist ${HOME}/.kde4/share/config/baloofilerc |
556 | deny ${HOME}/.kde4/share/config/baloorc | 556 | blacklist ${HOME}/.kde4/share/config/baloorc |
557 | deny ${HOME}/.kde4/share/config/digikam | 557 | blacklist ${HOME}/.kde4/share/config/digikam |
558 | deny ${HOME}/.kde4/share/config/gwenviewrc | 558 | blacklist ${HOME}/.kde4/share/config/gwenviewrc |
559 | deny ${HOME}/.kde4/share/config/k3brc | 559 | blacklist ${HOME}/.kde4/share/config/k3brc |
560 | deny ${HOME}/.kde4/share/config/kaffeinerc | 560 | blacklist ${HOME}/.kde4/share/config/kaffeinerc |
561 | deny ${HOME}/.kde4/share/config/kcookiejarrc | 561 | blacklist ${HOME}/.kde4/share/config/kcookiejarrc |
562 | deny ${HOME}/.kde4/share/config/kfindrc | 562 | blacklist ${HOME}/.kde4/share/config/kfindrc |
563 | deny ${HOME}/.kde4/share/config/kgetrc | 563 | blacklist ${HOME}/.kde4/share/config/kgetrc |
564 | deny ${HOME}/.kde4/share/config/khtmlrc | 564 | blacklist ${HOME}/.kde4/share/config/khtmlrc |
565 | deny ${HOME}/.kde4/share/config/klipperrc | 565 | blacklist ${HOME}/.kde4/share/config/klipperrc |
566 | deny ${HOME}/.kde4/share/config/konq_history | 566 | blacklist ${HOME}/.kde4/share/config/konq_history |
567 | deny ${HOME}/.kde4/share/config/konqsidebartngrc | 567 | blacklist ${HOME}/.kde4/share/config/konqsidebartngrc |
568 | deny ${HOME}/.kde4/share/config/konquerorrc | 568 | blacklist ${HOME}/.kde4/share/config/konquerorrc |
569 | deny ${HOME}/.kde4/share/config/konversationrc | 569 | blacklist ${HOME}/.kde4/share/config/konversationrc |
570 | deny ${HOME}/.kde4/share/config/kopeterc | 570 | blacklist ${HOME}/.kde4/share/config/kopeterc |
571 | deny ${HOME}/.kde4/share/config/ktorrentrc | 571 | blacklist ${HOME}/.kde4/share/config/ktorrentrc |
572 | deny ${HOME}/.kde4/share/config/okularpartrc | 572 | blacklist ${HOME}/.kde4/share/config/okularpartrc |
573 | deny ${HOME}/.kde4/share/config/okularrc | 573 | blacklist ${HOME}/.kde4/share/config/okularrc |
574 | deny ${HOME}/.killingfloor | 574 | blacklist ${HOME}/.killingfloor |
575 | deny ${HOME}/.kingsoft | 575 | blacklist ${HOME}/.kingsoft |
576 | deny ${HOME}/.kino-history | 576 | blacklist ${HOME}/.kino-history |
577 | deny ${HOME}/.kinorc | 577 | blacklist ${HOME}/.kinorc |
578 | deny ${HOME}/.klatexformula | 578 | blacklist ${HOME}/.klatexformula |
579 | deny ${HOME}/.klei | 579 | blacklist ${HOME}/.klei |
580 | deny ${HOME}/.kodi | 580 | blacklist ${HOME}/.kodi |
581 | deny ${HOME}/.librewolf | 581 | blacklist ${HOME}/.librewolf |
582 | deny ${HOME}/.lincity-ng | 582 | blacklist ${HOME}/.lincity-ng |
583 | deny ${HOME}/.links | 583 | blacklist ${HOME}/.links |
584 | deny ${HOME}/.links2 | 584 | blacklist ${HOME}/.links2 |
585 | deny ${HOME}/.linphone-history.db | 585 | blacklist ${HOME}/.linphone-history.db |
586 | deny ${HOME}/.linphonerc | 586 | blacklist ${HOME}/.linphonerc |
587 | deny ${HOME}/.lmmsrc.xml | 587 | blacklist ${HOME}/.lmmsrc.xml |
588 | deny ${HOME}/.local/lib/vivaldi | 588 | blacklist ${HOME}/.local/lib/vivaldi |
589 | deny ${HOME}/.local/share/0ad | 589 | blacklist ${HOME}/.local/share/0ad |
590 | deny ${HOME}/.local/share/3909/PapersPlease | 590 | blacklist ${HOME}/.local/share/3909/PapersPlease |
591 | deny ${HOME}/.local/share/Anki2 | 591 | blacklist ${HOME}/.local/share/Anki2 |
592 | deny ${HOME}/.local/share/Dredmor | 592 | blacklist ${HOME}/.local/share/Dredmor |
593 | deny ${HOME}/.local/share/Empathy | 593 | blacklist ${HOME}/.local/share/Empathy |
594 | deny ${HOME}/.local/share/Enpass | 594 | blacklist ${HOME}/.local/share/Enpass |
595 | deny ${HOME}/.local/share/FasterThanLight | 595 | blacklist ${HOME}/.local/share/FasterThanLight |
596 | deny ${HOME}/.local/share/Flavio Tordini | 596 | blacklist ${HOME}/.local/share/Flavio Tordini |
597 | deny ${HOME}/.local/share/IntoTheBreach | 597 | blacklist ${HOME}/.local/share/IntoTheBreach |
598 | deny ${HOME}/.local/share/JetBrains | 598 | blacklist ${HOME}/.local/share/JetBrains |
599 | deny ${HOME}/.local/share/KDE/neochat | 599 | blacklist ${HOME}/.local/share/KDE/neochat |
600 | deny ${HOME}/.local/share/Kingsoft | 600 | blacklist ${HOME}/.local/share/Kingsoft |
601 | deny ${HOME}/.local/share/LibreCAD | 601 | blacklist ${HOME}/.local/share/LibreCAD |
602 | deny ${HOME}/.local/share/Mendeley Ltd. | 602 | blacklist ${HOME}/.local/share/Mendeley Ltd. |
603 | deny ${HOME}/.local/share/Mumble | 603 | blacklist ${HOME}/.local/share/Mumble |
604 | deny ${HOME}/.local/share/Nextcloud | 604 | blacklist ${HOME}/.local/share/Nextcloud |
605 | deny ${HOME}/.local/share/PBE | 605 | blacklist ${HOME}/.local/share/PBE |
606 | deny ${HOME}/.local/share/Paradox Interactive | 606 | blacklist ${HOME}/.local/share/Paradox Interactive |
607 | deny ${HOME}/.local/share/PawelStolowski | 607 | blacklist ${HOME}/.local/share/PawelStolowski |
608 | deny ${HOME}/.local/share/PillarsOfEternity | 608 | blacklist ${HOME}/.local/share/PillarsOfEternity |
609 | deny ${HOME}/.local/share/Psi | 609 | blacklist ${HOME}/.local/share/Psi |
610 | deny ${HOME}/.local/share/QGIS | 610 | blacklist ${HOME}/.local/share/QGIS |
611 | deny ${HOME}/.local/share/QMediathekView | 611 | blacklist ${HOME}/.local/share/QMediathekView |
612 | deny ${HOME}/.local/share/QuiteRss | 612 | blacklist ${HOME}/.local/share/QuiteRss |
613 | deny ${HOME}/.local/share/Ricochet | 613 | blacklist ${HOME}/.local/share/Ricochet |
614 | deny ${HOME}/.local/share/RogueLegacy | 614 | blacklist ${HOME}/.local/share/RogueLegacy |
615 | deny ${HOME}/.local/share/RogueLegacyStorageContainer | 615 | blacklist ${HOME}/.local/share/RogueLegacyStorageContainer |
616 | deny ${HOME}/.local/share/Shortwave | 616 | blacklist ${HOME}/.local/share/Shortwave |
617 | deny ${HOME}/.local/share/Steam | 617 | blacklist ${HOME}/.local/share/Steam |
618 | deny ${HOME}/.local/share/SteamWorld Dig 2 | 618 | blacklist ${HOME}/.local/share/SteamWorld Dig 2 |
619 | deny ${HOME}/.local/share/SteamWorldDig | 619 | blacklist ${HOME}/.local/share/SteamWorldDig |
620 | deny ${HOME}/.local/share/SuperHexagon | 620 | blacklist ${HOME}/.local/share/SuperHexagon |
621 | deny ${HOME}/.local/share/TelegramDesktop | 621 | blacklist ${HOME}/.local/share/TelegramDesktop |
622 | deny ${HOME}/.local/share/Terraria | 622 | blacklist ${HOME}/.local/share/Terraria |
623 | deny ${HOME}/.local/share/TpLogger | 623 | blacklist ${HOME}/.local/share/TpLogger |
624 | deny ${HOME}/.local/share/Zeal | 624 | blacklist ${HOME}/.local/share/Zeal |
625 | deny ${HOME}/.local/share/agenda | 625 | blacklist ${HOME}/.local/share/agenda |
626 | deny ${HOME}/.local/share/akonadi* | 626 | blacklist ${HOME}/.local/share/akonadi* |
627 | deny ${HOME}/.local/share/akregator | 627 | blacklist ${HOME}/.local/share/akregator |
628 | deny ${HOME}/.local/share/apps/korganizer | 628 | blacklist ${HOME}/.local/share/apps/korganizer |
629 | deny ${HOME}/.local/share/aspyr-media | 629 | blacklist ${HOME}/.local/share/aspyr-media |
630 | deny ${HOME}/.local/share/authenticator-rs | 630 | blacklist ${HOME}/.local/share/authenticator-rs |
631 | deny ${HOME}/.local/share/autokey | 631 | blacklist ${HOME}/.local/share/autokey |
632 | deny ${HOME}/.local/share/backintime | 632 | blacklist ${HOME}/.local/share/backintime |
633 | deny ${HOME}/.local/share/baloo | 633 | blacklist ${HOME}/.local/share/baloo |
634 | deny ${HOME}/.local/share/barrier | 634 | blacklist ${HOME}/.local/share/barrier |
635 | deny ${HOME}/.local/share/bibletime | 635 | blacklist ${HOME}/.local/share/bibletime |
636 | deny ${HOME}/.local/share/bijiben | 636 | blacklist ${HOME}/.local/share/bijiben |
637 | deny ${HOME}/.local/share/bohemiainteractive | 637 | blacklist ${HOME}/.local/share/bohemiainteractive |
638 | deny ${HOME}/.local/share/caja-python | 638 | blacklist ${HOME}/.local/share/caja-python |
639 | deny ${HOME}/.local/share/calligragemini | 639 | blacklist ${HOME}/.local/share/calligragemini |
640 | deny ${HOME}/.local/share/cantata | 640 | blacklist ${HOME}/.local/share/cantata |
641 | deny ${HOME}/.local/share/cdprojektred | 641 | blacklist ${HOME}/.local/share/cdprojektred |
642 | deny ${HOME}/.local/share/clipit | 642 | blacklist ${HOME}/.local/share/clipit |
643 | deny ${HOME}/.local/share/com.github.johnfactotum.Foliate | 643 | blacklist ${HOME}/.local/share/com.github.johnfactotum.Foliate |
644 | deny ${HOME}/.local/share/contacts | 644 | blacklist ${HOME}/.local/share/contacts |
645 | deny ${HOME}/.local/share/cor-games | 645 | blacklist ${HOME}/.local/share/cor-games |
646 | deny ${HOME}/.local/share/data/Mendeley Ltd. | 646 | blacklist ${HOME}/.local/share/data/Mendeley Ltd. |
647 | deny ${HOME}/.local/share/data/Mumble | 647 | blacklist ${HOME}/.local/share/data/Mumble |
648 | deny ${HOME}/.local/share/data/MusE | 648 | blacklist ${HOME}/.local/share/data/MusE |
649 | deny ${HOME}/.local/share/data/MuseScore | 649 | blacklist ${HOME}/.local/share/data/MuseScore |
650 | deny ${HOME}/.local/share/data/nomacs | 650 | blacklist ${HOME}/.local/share/data/nomacs |
651 | deny ${HOME}/.local/share/data/qBittorrent | 651 | blacklist ${HOME}/.local/share/data/qBittorrent |
652 | deny ${HOME}/.local/share/dino | 652 | blacklist ${HOME}/.local/share/dino |
653 | deny ${HOME}/.local/share/dolphin | 653 | blacklist ${HOME}/.local/share/dolphin |
654 | deny ${HOME}/.local/share/dolphin-emu | 654 | blacklist ${HOME}/.local/share/dolphin-emu |
655 | deny ${HOME}/.local/share/emailidentities | 655 | blacklist ${HOME}/.local/share/emailidentities |
656 | deny ${HOME}/.local/share/epiphany | 656 | blacklist ${HOME}/.local/share/epiphany |
657 | deny ${HOME}/.local/share/evolution | 657 | blacklist ${HOME}/.local/share/evolution |
658 | deny ${HOME}/.local/share/feedreader | 658 | blacklist ${HOME}/.local/share/feedreader |
659 | deny ${HOME}/.local/share/feral-interactive | 659 | blacklist ${HOME}/.local/share/feral-interactive |
660 | deny ${HOME}/.local/share/five-or-more | 660 | blacklist ${HOME}/.local/share/five-or-more |
661 | deny ${HOME}/.local/share/freecol | 661 | blacklist ${HOME}/.local/share/freecol |
662 | deny ${HOME}/.local/share/gajim | 662 | blacklist ${HOME}/.local/share/gajim |
663 | deny ${HOME}/.local/share/geary | 663 | blacklist ${HOME}/.local/share/geary |
664 | deny ${HOME}/.local/share/geeqie | 664 | blacklist ${HOME}/.local/share/geeqie |
665 | deny ${HOME}/.local/share/ghostwriter | 665 | blacklist ${HOME}/.local/share/ghostwriter |
666 | deny ${HOME}/.local/share/gitg | 666 | blacklist ${HOME}/.local/share/gitg |
667 | deny ${HOME}/.local/share/gnome-2048 | 667 | blacklist ${HOME}/.local/share/gnome-2048 |
668 | deny ${HOME}/.local/share/gnome-boxes | 668 | blacklist ${HOME}/.local/share/gnome-boxes |
669 | deny ${HOME}/.local/share/gnome-builder | 669 | blacklist ${HOME}/.local/share/gnome-builder |
670 | deny ${HOME}/.local/share/gnome-chess | 670 | blacklist ${HOME}/.local/share/gnome-chess |
671 | deny ${HOME}/.local/share/gnome-klotski | 671 | blacklist ${HOME}/.local/share/gnome-klotski |
672 | deny ${HOME}/.local/share/gnome-latex | 672 | blacklist ${HOME}/.local/share/gnome-latex |
673 | deny ${HOME}/.local/share/gnome-mines | 673 | blacklist ${HOME}/.local/share/gnome-mines |
674 | deny ${HOME}/.local/share/gnome-music | 674 | blacklist ${HOME}/.local/share/gnome-music |
675 | deny ${HOME}/.local/share/gnome-nibbles | 675 | blacklist ${HOME}/.local/share/gnome-nibbles |
676 | deny ${HOME}/.local/share/gnome-photos | 676 | blacklist ${HOME}/.local/share/gnome-photos |
677 | deny ${HOME}/.local/share/gnome-pomodoro | 677 | blacklist ${HOME}/.local/share/gnome-pomodoro |
678 | deny ${HOME}/.local/share/gnome-recipes | 678 | blacklist ${HOME}/.local/share/gnome-recipes |
679 | deny ${HOME}/.local/share/gnome-ring | 679 | blacklist ${HOME}/.local/share/gnome-ring |
680 | deny ${HOME}/.local/share/gnome-sudoku | 680 | blacklist ${HOME}/.local/share/gnome-sudoku |
681 | deny ${HOME}/.local/share/gnome-twitch | 681 | blacklist ${HOME}/.local/share/gnome-twitch |
682 | deny ${HOME}/.local/share/gnote | 682 | blacklist ${HOME}/.local/share/gnote |
683 | deny ${HOME}/.local/share/godot | 683 | blacklist ${HOME}/.local/share/godot |
684 | deny ${HOME}/.local/share/gradio | 684 | blacklist ${HOME}/.local/share/gradio |
685 | deny ${HOME}/.local/share/gwenview | 685 | blacklist ${HOME}/.local/share/gwenview |
686 | deny ${HOME}/.local/share/i2p | 686 | blacklist ${HOME}/.local/share/i2p |
687 | deny ${HOME}/.local/share/jami | 687 | blacklist ${HOME}/.local/share/jami |
688 | deny ${HOME}/.local/share/kaffeine | 688 | blacklist ${HOME}/.local/share/kaffeine |
689 | deny ${HOME}/.local/share/kalgebra | 689 | blacklist ${HOME}/.local/share/kalgebra |
690 | deny ${HOME}/.local/share/kate | 690 | blacklist ${HOME}/.local/share/kate |
691 | deny ${HOME}/.local/share/kdenlive | 691 | blacklist ${HOME}/.local/share/kdenlive |
692 | deny ${HOME}/.local/share/kget | 692 | blacklist ${HOME}/.local/share/kget |
693 | deny ${HOME}/.local/share/kiwix | 693 | blacklist ${HOME}/.local/share/kiwix |
694 | deny ${HOME}/.local/share/kiwix-desktop | 694 | blacklist ${HOME}/.local/share/kiwix-desktop |
695 | deny ${HOME}/.local/share/klavaro | 695 | blacklist ${HOME}/.local/share/klavaro |
696 | deny ${HOME}/.local/share/kmail2 | 696 | blacklist ${HOME}/.local/share/kmail2 |
697 | deny ${HOME}/.local/share/kmplayer | 697 | blacklist ${HOME}/.local/share/kmplayer |
698 | deny ${HOME}/.local/share/knotes | 698 | blacklist ${HOME}/.local/share/knotes |
699 | deny ${HOME}/.local/share/krita | 699 | blacklist ${HOME}/.local/share/krita |
700 | deny ${HOME}/.local/share/ktorrent | 700 | blacklist ${HOME}/.local/share/ktorrent |
701 | deny ${HOME}/.local/share/ktorrentrc | 701 | blacklist ${HOME}/.local/share/ktorrentrc |
702 | deny ${HOME}/.local/share/ktouch | 702 | blacklist ${HOME}/.local/share/ktouch |
703 | deny ${HOME}/.local/share/kube | 703 | blacklist ${HOME}/.local/share/kube |
704 | deny ${HOME}/.local/share/kwrite | 704 | blacklist ${HOME}/.local/share/kwrite |
705 | deny ${HOME}/.local/share/kxmlgui5/* | 705 | blacklist ${HOME}/.local/share/kxmlgui5/* |
706 | deny ${HOME}/.local/share/liferea | 706 | blacklist ${HOME}/.local/share/liferea |
707 | deny ${HOME}/.local/share/linphone | 707 | blacklist ${HOME}/.local/share/linphone |
708 | deny ${HOME}/.local/share/local-mail | 708 | blacklist ${HOME}/.local/share/local-mail |
709 | deny ${HOME}/.local/share/lollypop | 709 | blacklist ${HOME}/.local/share/lollypop |
710 | deny ${HOME}/.local/share/love | 710 | blacklist ${HOME}/.local/share/love |
711 | deny ${HOME}/.local/share/lugaru | 711 | blacklist ${HOME}/.local/share/lugaru |
712 | deny ${HOME}/.local/share/lutris | 712 | blacklist ${HOME}/.local/share/lutris |
713 | deny ${HOME}/.local/share/man | 713 | blacklist ${HOME}/.local/share/man |
714 | deny ${HOME}/.local/share/mana | 714 | blacklist ${HOME}/.local/share/mana |
715 | deny ${HOME}/.local/share/maps-places.json | 715 | blacklist ${HOME}/.local/share/maps-places.json |
716 | deny ${HOME}/.local/share/matrix-mirage | 716 | blacklist ${HOME}/.local/share/matrix-mirage |
717 | deny ${HOME}/.local/share/mcomix | 717 | blacklist ${HOME}/.local/share/mcomix |
718 | deny ${HOME}/.local/share/meld | 718 | blacklist ${HOME}/.local/share/meld |
719 | deny ${HOME}/.local/share/midori | 719 | blacklist ${HOME}/.local/share/midori |
720 | deny ${HOME}/.local/share/minder | 720 | blacklist ${HOME}/.local/share/minder |
721 | deny ${HOME}/.local/share/mirage | 721 | blacklist ${HOME}/.local/share/mirage |
722 | deny ${HOME}/.local/share/multimc | 722 | blacklist ${HOME}/.local/share/multimc |
723 | deny ${HOME}/.local/share/multimc5 | 723 | blacklist ${HOME}/.local/share/multimc5 |
724 | deny ${HOME}/.local/share/mupen64plus | 724 | blacklist ${HOME}/.local/share/mupen64plus |
725 | deny ${HOME}/.local/share/mypaint | 725 | blacklist ${HOME}/.local/share/mypaint |
726 | deny ${HOME}/.local/share/nautilus | 726 | blacklist ${HOME}/.local/share/nautilus |
727 | deny ${HOME}/.local/share/nautilus-python | 727 | blacklist ${HOME}/.local/share/nautilus-python |
728 | deny ${HOME}/.local/share/nemo | 728 | blacklist ${HOME}/.local/share/nemo |
729 | deny ${HOME}/.local/share/nemo-python | 729 | blacklist ${HOME}/.local/share/nemo-python |
730 | deny ${HOME}/.local/share/news-flash | 730 | blacklist ${HOME}/.local/share/news-flash |
731 | deny ${HOME}/.local/share/newsbeuter | 731 | blacklist ${HOME}/.local/share/newsbeuter |
732 | deny ${HOME}/.local/share/newsboat | 732 | blacklist ${HOME}/.local/share/newsboat |
733 | deny ${HOME}/.local/share/nheko | 733 | blacklist ${HOME}/.local/share/nheko |
734 | deny ${HOME}/.local/share/nomacs | 734 | blacklist ${HOME}/.local/share/nomacs |
735 | deny ${HOME}/.local/share/notes | 735 | blacklist ${HOME}/.local/share/notes |
736 | deny ${HOME}/.local/share/ocenaudio | 736 | blacklist ${HOME}/.local/share/ocenaudio |
737 | deny ${HOME}/.local/share/okular | 737 | blacklist ${HOME}/.local/share/okular |
738 | deny ${HOME}/.local/share/onlyoffice | 738 | blacklist ${HOME}/.local/share/onlyoffice |
739 | deny ${HOME}/.local/share/openmw | 739 | blacklist ${HOME}/.local/share/openmw |
740 | deny ${HOME}/.local/share/orage | 740 | blacklist ${HOME}/.local/share/orage |
741 | deny ${HOME}/.local/share/org.kde.gwenview | 741 | blacklist ${HOME}/.local/share/org.kde.gwenview |
742 | deny ${HOME}/.local/share/pix | 742 | blacklist ${HOME}/.local/share/pix |
743 | deny ${HOME}/.local/share/plasma_notes | 743 | blacklist ${HOME}/.local/share/plasma_notes |
744 | deny ${HOME}/.local/share/profanity | 744 | blacklist ${HOME}/.local/share/profanity |
745 | deny ${HOME}/.local/share/psi | 745 | blacklist ${HOME}/.local/share/psi |
746 | deny ${HOME}/.local/share/psi+ | 746 | blacklist ${HOME}/.local/share/psi+ |
747 | deny ${HOME}/.local/share/qpdfview | 747 | blacklist ${HOME}/.local/share/qpdfview |
748 | deny ${HOME}/.local/share/quadrapassel | 748 | blacklist ${HOME}/.local/share/quadrapassel |
749 | deny ${HOME}/.local/share/qutebrowser | 749 | blacklist ${HOME}/.local/share/qutebrowser |
750 | deny ${HOME}/.local/share/remmina | 750 | blacklist ${HOME}/.local/share/remmina |
751 | deny ${HOME}/.local/share/rhythmbox | 751 | blacklist ${HOME}/.local/share/rhythmbox |
752 | deny ${HOME}/.local/share/rtv | 752 | blacklist ${HOME}/.local/share/rtv |
753 | deny ${HOME}/.local/share/scribus | 753 | blacklist ${HOME}/.local/share/scribus |
754 | deny ${HOME}/.local/share/shotwell | 754 | blacklist ${HOME}/.local/share/shotwell |
755 | deny ${HOME}/.local/share/signal-cli | 755 | blacklist ${HOME}/.local/share/signal-cli |
756 | deny ${HOME}/.local/share/sink | 756 | blacklist ${HOME}/.local/share/sink |
757 | deny ${HOME}/.local/share/smuxi | 757 | blacklist ${HOME}/.local/share/smuxi |
758 | deny ${HOME}/.local/share/spotify | 758 | blacklist ${HOME}/.local/share/spotify |
759 | deny ${HOME}/.local/share/steam | 759 | blacklist ${HOME}/.local/share/steam |
760 | deny ${HOME}/.local/share/strawberry | 760 | blacklist ${HOME}/.local/share/strawberry |
761 | deny ${HOME}/.local/share/supertux2 | 761 | blacklist ${HOME}/.local/share/supertux2 |
762 | deny ${HOME}/.local/share/supertuxkart | 762 | blacklist ${HOME}/.local/share/supertuxkart |
763 | deny ${HOME}/.local/share/swell-foop | 763 | blacklist ${HOME}/.local/share/swell-foop |
764 | deny ${HOME}/.local/share/telepathy | 764 | blacklist ${HOME}/.local/share/telepathy |
765 | deny ${HOME}/.local/share/terasology | 765 | blacklist ${HOME}/.local/share/terasology |
766 | deny ${HOME}/.local/share/torbrowser | 766 | blacklist ${HOME}/.local/share/torbrowser |
767 | deny ${HOME}/.local/share/totem | 767 | blacklist ${HOME}/.local/share/totem |
768 | deny ${HOME}/.local/share/uzbl | 768 | blacklist ${HOME}/.local/share/uzbl |
769 | deny ${HOME}/.local/share/vlc | 769 | blacklist ${HOME}/.local/share/vlc |
770 | deny ${HOME}/.local/share/vpltd | 770 | blacklist ${HOME}/.local/share/vpltd |
771 | deny ${HOME}/.local/share/vulkan | 771 | blacklist ${HOME}/.local/share/vulkan |
772 | deny ${HOME}/.local/share/warsow-2.1 | 772 | blacklist ${HOME}/.local/share/warsow-2.1 |
773 | deny ${HOME}/.local/share/wesnoth | 773 | blacklist ${HOME}/.local/share/wesnoth |
774 | deny ${HOME}/.local/share/wormux | 774 | blacklist ${HOME}/.local/share/wormux |
775 | deny ${HOME}/.local/share/xplayer | 775 | blacklist ${HOME}/.local/share/xplayer |
776 | deny ${HOME}/.local/share/xreader | 776 | blacklist ${HOME}/.local/share/xreader |
777 | deny ${HOME}/.local/share/zathura | 777 | blacklist ${HOME}/.local/share/zathura |
778 | deny ${HOME}/.lv2 | 778 | blacklist ${HOME}/.lv2 |
779 | deny ${HOME}/.lyx | 779 | blacklist ${HOME}/.lyx |
780 | deny ${HOME}/.magicor | 780 | blacklist ${HOME}/.magicor |
781 | deny ${HOME}/.masterpdfeditor | 781 | blacklist ${HOME}/.masterpdfeditor |
782 | deny ${HOME}/.mbwarband | 782 | blacklist ${HOME}/.mbwarband |
783 | deny ${HOME}/.mcabber | 783 | blacklist ${HOME}/.mcabber |
784 | deny ${HOME}/.mcabberrc | 784 | blacklist ${HOME}/.mcabberrc |
785 | deny ${HOME}/.mediathek3 | 785 | blacklist ${HOME}/.mediathek3 |
786 | deny ${HOME}/.megaglest | 786 | blacklist ${HOME}/.megaglest |
787 | deny ${HOME}/.minecraft | 787 | blacklist ${HOME}/.minecraft |
788 | deny ${HOME}/.minetest | 788 | blacklist ${HOME}/.minetest |
789 | deny ${HOME}/.mirrormagic | 789 | blacklist ${HOME}/.mirrormagic |
790 | deny ${HOME}/.moc | 790 | blacklist ${HOME}/.moc |
791 | deny ${HOME}/.moonchild productions/basilisk | 791 | blacklist ${HOME}/.moonchild productions/basilisk |
792 | deny ${HOME}/.moonchild productions/pale moon | 792 | blacklist ${HOME}/.moonchild productions/pale moon |
793 | deny ${HOME}/.mozilla | 793 | blacklist ${HOME}/.mozilla |
794 | deny ${HOME}/.mp3splt-gtk | 794 | blacklist ${HOME}/.mp3splt-gtk |
795 | deny ${HOME}/.mpd | 795 | blacklist ${HOME}/.mpd |
796 | deny ${HOME}/.mpdconf | 796 | blacklist ${HOME}/.mpdconf |
797 | deny ${HOME}/.mplayer | 797 | blacklist ${HOME}/.mplayer |
798 | deny ${HOME}/.msmtprc | 798 | blacklist ${HOME}/.msmtprc |
799 | deny ${HOME}/.multimc5 | 799 | blacklist ${HOME}/.multimc5 |
800 | deny ${HOME}/.nanorc | 800 | blacklist ${HOME}/.nanorc |
801 | deny ${HOME}/.netactview | 801 | blacklist ${HOME}/.netactview |
802 | deny ${HOME}/.neverball | 802 | blacklist ${HOME}/.neverball |
803 | deny ${HOME}/.newsbeuter | 803 | blacklist ${HOME}/.newsbeuter |
804 | deny ${HOME}/.newsboat | 804 | blacklist ${HOME}/.newsboat |
805 | deny ${HOME}/.newsrc | 805 | blacklist ${HOME}/.newsrc |
806 | deny ${HOME}/.nicotine | 806 | blacklist ${HOME}/.nicotine |
807 | deny ${HOME}/.node-gyp | 807 | blacklist ${HOME}/.node-gyp |
808 | deny ${HOME}/.npm | 808 | blacklist ${HOME}/.npm |
809 | deny ${HOME}/.npmrc | 809 | blacklist ${HOME}/.npmrc |
810 | deny ${HOME}/.nv | 810 | blacklist ${HOME}/.nv |
811 | deny ${HOME}/.nvm | 811 | blacklist ${HOME}/.nvm |
812 | deny ${HOME}/.nylas-mail | 812 | blacklist ${HOME}/.nylas-mail |
813 | deny ${HOME}/.openarena | 813 | blacklist ${HOME}/.openarena |
814 | deny ${HOME}/.opencity | 814 | blacklist ${HOME}/.opencity |
815 | deny ${HOME}/.openinvaders | 815 | blacklist ${HOME}/.openinvaders |
816 | deny ${HOME}/.openshot | 816 | blacklist ${HOME}/.openshot |
817 | deny ${HOME}/.openshot_qt | 817 | blacklist ${HOME}/.openshot_qt |
818 | deny ${HOME}/.openttd | 818 | blacklist ${HOME}/.openttd |
819 | deny ${HOME}/.opera | 819 | blacklist ${HOME}/.opera |
820 | deny ${HOME}/.opera-beta | 820 | blacklist ${HOME}/.opera-beta |
821 | deny ${HOME}/.ostrichriders | 821 | blacklist ${HOME}/.ostrichriders |
822 | deny ${HOME}/.paradoxinteractive | 822 | blacklist ${HOME}/.paradoxinteractive |
823 | deny ${HOME}/.parallelrealities/blobwars | 823 | blacklist ${HOME}/.parallelrealities/blobwars |
824 | deny ${HOME}/.pcsxr | 824 | blacklist ${HOME}/.pcsxr |
825 | deny ${HOME}/.penguin-command | 825 | blacklist ${HOME}/.penguin-command |
826 | deny ${HOME}/.pine-crash | 826 | blacklist ${HOME}/.pine-crash |
827 | deny ${HOME}/.pine-debug1 | 827 | blacklist ${HOME}/.pine-debug1 |
828 | deny ${HOME}/.pine-debug2 | 828 | blacklist ${HOME}/.pine-debug2 |
829 | deny ${HOME}/.pine-debug3 | 829 | blacklist ${HOME}/.pine-debug3 |
830 | deny ${HOME}/.pine-debug4 | 830 | blacklist ${HOME}/.pine-debug4 |
831 | deny ${HOME}/.pine-interrupted-mail | 831 | blacklist ${HOME}/.pine-interrupted-mail |
832 | deny ${HOME}/.pinerc | 832 | blacklist ${HOME}/.pinerc |
833 | deny ${HOME}/.pinercex | 833 | blacklist ${HOME}/.pinercex |
834 | deny ${HOME}/.pingus | 834 | blacklist ${HOME}/.pingus |
835 | deny ${HOME}/.pioneer | 835 | blacklist ${HOME}/.pioneer |
836 | deny ${HOME}/.purple | 836 | blacklist ${HOME}/.purple |
837 | deny ${HOME}/.pylint.d | 837 | blacklist ${HOME}/.pylint.d |
838 | deny ${HOME}/.qemu-launcher | 838 | blacklist ${HOME}/.qemu-launcher |
839 | deny ${HOME}/.qgis2 | 839 | blacklist ${HOME}/.qgis2 |
840 | deny ${HOME}/.qmmp | 840 | blacklist ${HOME}/.qmmp |
841 | deny ${HOME}/.quodlibet | 841 | blacklist ${HOME}/.quodlibet |
842 | deny ${HOME}/.redeclipse | 842 | blacklist ${HOME}/.redeclipse |
843 | deny ${HOME}/.remmina | 843 | blacklist ${HOME}/.remmina |
844 | deny ${HOME}/.repo_.gitconfig.json | 844 | blacklist ${HOME}/.repo_.gitconfig.json |
845 | deny ${HOME}/.repoconfig | 845 | blacklist ${HOME}/.repoconfig |
846 | deny ${HOME}/.retroshare | 846 | blacklist ${HOME}/.retroshare |
847 | deny ${HOME}/.ripperXrc | 847 | blacklist ${HOME}/.ripperXrc |
848 | deny ${HOME}/.scorched3d | 848 | blacklist ${HOME}/.scorched3d |
849 | deny ${HOME}/.scribus | 849 | blacklist ${HOME}/.scribus |
850 | deny ${HOME}/.scribusrc | 850 | blacklist ${HOME}/.scribusrc |
851 | deny ${HOME}/.simutrans | 851 | blacklist ${HOME}/.simutrans |
852 | deny ${HOME}/.smartgit/*/passwords | 852 | blacklist ${HOME}/.smartgit/*/passwords |
853 | deny ${HOME}/.ssr | 853 | blacklist ${HOME}/.ssr |
854 | deny ${HOME}/.steam | 854 | blacklist ${HOME}/.steam |
855 | deny ${HOME}/.steampath | 855 | blacklist ${HOME}/.steampath |
856 | deny ${HOME}/.steampid | 856 | blacklist ${HOME}/.steampid |
857 | deny ${HOME}/.stellarium | 857 | blacklist ${HOME}/.stellarium |
858 | deny ${HOME}/.subversion | 858 | blacklist ${HOME}/.subversion |
859 | deny ${HOME}/.surf | 859 | blacklist ${HOME}/.surf |
860 | deny ${HOME}/.suve/colorful | 860 | blacklist ${HOME}/.suve/colorful |
861 | deny ${HOME}/.swb.ini | 861 | blacklist ${HOME}/.swb.ini |
862 | deny ${HOME}/.sword | 862 | blacklist ${HOME}/.sword |
863 | deny ${HOME}/.sylpheed-2.0 | 863 | blacklist ${HOME}/.sylpheed-2.0 |
864 | deny ${HOME}/.synfig | 864 | blacklist ${HOME}/.synfig |
865 | deny ${HOME}/.tb | 865 | blacklist ${HOME}/.tb |
866 | deny ${HOME}/.tconn | 866 | blacklist ${HOME}/.tconn |
867 | deny ${HOME}/.teeworlds | 867 | blacklist ${HOME}/.teeworlds |
868 | deny ${HOME}/.texlive20* | 868 | blacklist ${HOME}/.texlive20* |
869 | deny ${HOME}/.thunderbird | 869 | blacklist ${HOME}/.thunderbird |
870 | deny ${HOME}/.tilp | 870 | blacklist ${HOME}/.tilp |
871 | deny ${HOME}/.tin | 871 | blacklist ${HOME}/.tin |
872 | deny ${HOME}/.tooling | 872 | blacklist ${HOME}/.tooling |
873 | deny ${HOME}/.tor-browser* | 873 | blacklist ${HOME}/.tor-browser* |
874 | deny ${HOME}/.torcs | 874 | blacklist ${HOME}/.torcs |
875 | deny ${HOME}/.tremulous | 875 | blacklist ${HOME}/.tremulous |
876 | deny ${HOME}/.ts3client | 876 | blacklist ${HOME}/.ts3client |
877 | deny ${HOME}/.tuxguitar* | 877 | blacklist ${HOME}/.tuxguitar* |
878 | deny ${HOME}/.tvbrowser | 878 | blacklist ${HOME}/.tvbrowser |
879 | deny ${HOME}/.unknown-horizons | 879 | blacklist ${HOME}/.unknown-horizons |
880 | deny ${HOME}/.viking | 880 | blacklist ${HOME}/.viking |
881 | deny ${HOME}/.viking-maps | 881 | blacklist ${HOME}/.viking-maps |
882 | deny ${HOME}/.vim | 882 | blacklist ${HOME}/.vim |
883 | deny ${HOME}/.vimrc | 883 | blacklist ${HOME}/.vimrc |
884 | deny ${HOME}/.vmware | 884 | blacklist ${HOME}/.vmware |
885 | deny ${HOME}/.vscode | 885 | blacklist ${HOME}/.vscode |
886 | deny ${HOME}/.vscode-oss | 886 | blacklist ${HOME}/.vscode-oss |
887 | deny ${HOME}/.vst | 887 | blacklist ${HOME}/.vst |
888 | deny ${HOME}/.vultures | 888 | blacklist ${HOME}/.vultures |
889 | deny ${HOME}/.w3m | 889 | blacklist ${HOME}/.w3m |
890 | deny ${HOME}/.warzone2100-3.* | 890 | blacklist ${HOME}/.warzone2100-3.* |
891 | deny ${HOME}/.waterfox | 891 | blacklist ${HOME}/.waterfox |
892 | deny ${HOME}/.weechat | 892 | blacklist ${HOME}/.weechat |
893 | deny ${HOME}/.wget-hsts | 893 | blacklist ${HOME}/.wget-hsts |
894 | deny ${HOME}/.wgetrc | 894 | blacklist ${HOME}/.wgetrc |
895 | deny ${HOME}/.widelands | 895 | blacklist ${HOME}/.widelands |
896 | deny ${HOME}/.wine | 896 | blacklist ${HOME}/.wine |
897 | deny ${HOME}/.wine64 | 897 | blacklist ${HOME}/.wine64 |
898 | deny ${HOME}/.wireshark | 898 | blacklist ${HOME}/.wireshark |
899 | deny ${HOME}/.wordwarvi | 899 | blacklist ${HOME}/.wordwarvi |
900 | deny ${HOME}/.wormux | 900 | blacklist ${HOME}/.wormux |
901 | deny ${HOME}/.xiphos | 901 | blacklist ${HOME}/.xiphos |
902 | deny ${HOME}/.xmind | 902 | blacklist ${HOME}/.xmind |
903 | deny ${HOME}/.xmms | 903 | blacklist ${HOME}/.xmms |
904 | deny ${HOME}/.xmr-stak | 904 | blacklist ${HOME}/.xmr-stak |
905 | deny ${HOME}/.xonotic | 905 | blacklist ${HOME}/.xonotic |
906 | deny ${HOME}/.xournalpp | 906 | blacklist ${HOME}/.xournalpp |
907 | deny ${HOME}/.xpdfrc | 907 | blacklist ${HOME}/.xpdfrc |
908 | deny ${HOME}/.yarn | 908 | blacklist ${HOME}/.yarn |
909 | deny ${HOME}/.yarn-config | 909 | blacklist ${HOME}/.yarn-config |
910 | deny ${HOME}/.yarncache | 910 | blacklist ${HOME}/.yarncache |
911 | deny ${HOME}/.yarnrc | 911 | blacklist ${HOME}/.yarnrc |
912 | deny ${HOME}/.zoom | 912 | blacklist ${HOME}/.zoom |
913 | deny ${HOME}/Arduino | 913 | blacklist ${HOME}/Arduino |
914 | deny ${HOME}/Monero/wallets | 914 | blacklist ${HOME}/Monero/wallets |
915 | deny ${HOME}/Nextcloud | 915 | blacklist ${HOME}/Nextcloud |
916 | deny ${HOME}/Nextcloud/Notes | 916 | blacklist ${HOME}/Nextcloud/Notes |
917 | deny ${HOME}/SoftMaker | 917 | blacklist ${HOME}/SoftMaker |
918 | deny ${HOME}/Standard Notes Backups | 918 | blacklist ${HOME}/Standard Notes Backups |
919 | deny ${HOME}/TeamSpeak3-Client-linux_amd64 | 919 | blacklist ${HOME}/TeamSpeak3-Client-linux_amd64 |
920 | deny ${HOME}/TeamSpeak3-Client-linux_x86 | 920 | blacklist ${HOME}/TeamSpeak3-Client-linux_x86 |
921 | deny ${HOME}/hyperrogue.ini | 921 | blacklist ${HOME}/hyperrogue.ini |
922 | deny ${HOME}/i2p | 922 | blacklist ${HOME}/i2p |
923 | deny ${HOME}/mps | 923 | blacklist ${HOME}/mps |
924 | deny ${HOME}/wallet.dat | 924 | blacklist ${HOME}/wallet.dat |
925 | deny /tmp/.wine-* | 925 | blacklist /tmp/.wine-* |
926 | deny /tmp/akonadi-* | 926 | blacklist /tmp/akonadi-* |
927 | deny /var/games/nethack | 927 | blacklist /var/games/nethack |
928 | deny /var/games/slashem | 928 | blacklist /var/games/slashem |
929 | deny /var/games/vulturesclaw | 929 | blacklist /var/games/vulturesclaw |
930 | deny /var/games/vultureseye | 930 | blacklist /var/games/vultureseye |
931 | deny /var/lib/games/Maelstrom-Scores | 931 | blacklist /var/lib/games/Maelstrom-Scores |
932 | 932 | ||
933 | # ${HOME}/.cache directory | 933 | # ${HOME}/.cache directory |
934 | deny ${HOME}/.cache/0ad | 934 | blacklist ${HOME}/.cache/0ad |
935 | deny ${HOME}/.cache/8pecxstudios | 935 | blacklist ${HOME}/.cache/8pecxstudios |
936 | deny ${HOME}/.cache/Authenticator | 936 | blacklist ${HOME}/.cache/Authenticator |
937 | deny ${HOME}/.cache/BraveSoftware | 937 | blacklist ${HOME}/.cache/BraveSoftware |
938 | deny ${HOME}/.cache/Clementine | 938 | blacklist ${HOME}/.cache/Clementine |
939 | deny ${HOME}/.cache/ENCOM/Spectral | 939 | blacklist ${HOME}/.cache/ENCOM/Spectral |
940 | deny ${HOME}/.cache/Enox | 940 | blacklist ${HOME}/.cache/Enox |
941 | deny ${HOME}/.cache/Enpass | 941 | blacklist ${HOME}/.cache/Enpass |
942 | deny ${HOME}/.cache/Ferdi | 942 | blacklist ${HOME}/.cache/Ferdi |
943 | deny ${HOME}/.cache/Flavio Tordini | 943 | blacklist ${HOME}/.cache/Flavio Tordini |
944 | deny ${HOME}/.cache/Franz | 944 | blacklist ${HOME}/.cache/Franz |
945 | deny ${HOME}/.cache/INRIA | 945 | blacklist ${HOME}/.cache/INRIA |
946 | deny ${HOME}/.cache/INRIA/Natron | 946 | blacklist ${HOME}/.cache/INRIA/Natron |
947 | deny ${HOME}/.cache/KDE/neochat | 947 | blacklist ${HOME}/.cache/KDE/neochat |
948 | deny ${HOME}/.cache/Mendeley Ltd. | 948 | blacklist ${HOME}/.cache/Mendeley Ltd. |
949 | deny ${HOME}/.cache/MusicBrainz | 949 | blacklist ${HOME}/.cache/MusicBrainz |
950 | deny ${HOME}/.cache/NewsFlashGTK | 950 | blacklist ${HOME}/.cache/NewsFlashGTK |
951 | deny ${HOME}/.cache/Otter | 951 | blacklist ${HOME}/.cache/Otter |
952 | deny ${HOME}/.cache/PawelStolowski | 952 | blacklist ${HOME}/.cache/PawelStolowski |
953 | deny ${HOME}/.cache/Psi | 953 | blacklist ${HOME}/.cache/Psi |
954 | deny ${HOME}/.cache/QuiteRss | 954 | blacklist ${HOME}/.cache/QuiteRss |
955 | deny ${HOME}/.cache/Quotient/quaternion | 955 | blacklist ${HOME}/.cache/Quotient/quaternion |
956 | deny ${HOME}/.cache/Shortwave | 956 | blacklist ${HOME}/.cache/Shortwave |
957 | deny ${HOME}/.cache/Tox | 957 | blacklist ${HOME}/.cache/Tox |
958 | deny ${HOME}/.cache/Zeal | 958 | blacklist ${HOME}/.cache/Zeal |
959 | deny ${HOME}/.cache/agenda | 959 | blacklist ${HOME}/.cache/agenda |
960 | deny ${HOME}/.cache/akonadi* | 960 | blacklist ${HOME}/.cache/akonadi* |
961 | deny ${HOME}/.cache/atril | 961 | blacklist ${HOME}/.cache/atril |
962 | deny ${HOME}/.cache/attic | 962 | blacklist ${HOME}/.cache/attic |
963 | deny ${HOME}/.cache/babl | 963 | blacklist ${HOME}/.cache/babl |
964 | deny ${HOME}/.cache/bnox | 964 | blacklist ${HOME}/.cache/bnox |
965 | deny ${HOME}/.cache/borg | 965 | blacklist ${HOME}/.cache/borg |
966 | deny ${HOME}/.cache/calibre | 966 | blacklist ${HOME}/.cache/calibre |
967 | deny ${HOME}/.cache/cantata | 967 | blacklist ${HOME}/.cache/cantata |
968 | deny ${HOME}/.cache/champlain | 968 | blacklist ${HOME}/.cache/champlain |
969 | deny ${HOME}/.cache/chromium | 969 | blacklist ${HOME}/.cache/chromium |
970 | deny ${HOME}/.cache/chromium-dev | 970 | blacklist ${HOME}/.cache/chromium-dev |
971 | deny ${HOME}/.cache/cliqz | 971 | blacklist ${HOME}/.cache/cliqz |
972 | deny ${HOME}/.cache/com.github.johnfactotum.Foliate | 972 | blacklist ${HOME}/.cache/com.github.johnfactotum.Foliate |
973 | deny ${HOME}/.cache/darktable | 973 | blacklist ${HOME}/.cache/darktable |
974 | deny ${HOME}/.cache/deja-dup | 974 | blacklist ${HOME}/.cache/deja-dup |
975 | deny ${HOME}/.cache/discover | 975 | blacklist ${HOME}/.cache/discover |
976 | deny ${HOME}/.cache/dnox | 976 | blacklist ${HOME}/.cache/dnox |
977 | deny ${HOME}/.cache/dolphin | 977 | blacklist ${HOME}/.cache/dolphin |
978 | deny ${HOME}/.cache/dolphin-emu | 978 | blacklist ${HOME}/.cache/dolphin-emu |
979 | deny ${HOME}/.cache/ephemeral | 979 | blacklist ${HOME}/.cache/ephemeral |
980 | deny ${HOME}/.cache/epiphany | 980 | blacklist ${HOME}/.cache/epiphany |
981 | deny ${HOME}/.cache/evolution | 981 | blacklist ${HOME}/.cache/evolution |
982 | deny ${HOME}/.cache/falkon | 982 | blacklist ${HOME}/.cache/falkon |
983 | deny ${HOME}/.cache/feedreader | 983 | blacklist ${HOME}/.cache/feedreader |
984 | deny ${HOME}/.cache/firedragon | 984 | blacklist ${HOME}/.cache/firedragon |
985 | deny ${HOME}/.cache/flaska.net/trojita | 985 | blacklist ${HOME}/.cache/flaska.net/trojita |
986 | deny ${HOME}/.cache/folks | 986 | blacklist ${HOME}/.cache/folks |
987 | deny ${HOME}/.cache/font-manager | 987 | blacklist ${HOME}/.cache/font-manager |
988 | deny ${HOME}/.cache/fossamail | 988 | blacklist ${HOME}/.cache/fossamail |
989 | deny ${HOME}/.cache/fractal | 989 | blacklist ${HOME}/.cache/fractal |
990 | deny ${HOME}/.cache/freecol | 990 | blacklist ${HOME}/.cache/freecol |
991 | deny ${HOME}/.cache/gajim | 991 | blacklist ${HOME}/.cache/gajim |
992 | deny ${HOME}/.cache/geary | 992 | blacklist ${HOME}/.cache/geary |
993 | deny ${HOME}/.cache/geeqie | 993 | blacklist ${HOME}/.cache/geeqie |
994 | deny ${HOME}/.cache/gegl-0.4 | 994 | blacklist ${HOME}/.cache/gegl-0.4 |
995 | deny ${HOME}/.cache/gfeeds | 995 | blacklist ${HOME}/.cache/gfeeds |
996 | deny ${HOME}/.cache/gimp | 996 | blacklist ${HOME}/.cache/gimp |
997 | deny ${HOME}/.cache/gnome-boxes | 997 | blacklist ${HOME}/.cache/gnome-boxes |
998 | deny ${HOME}/.cache/gnome-builder | 998 | blacklist ${HOME}/.cache/gnome-builder |
999 | deny ${HOME}/.cache/gnome-control-center | 999 | blacklist ${HOME}/.cache/gnome-control-center |
1000 | deny ${HOME}/.cache/gnome-recipes | 1000 | blacklist ${HOME}/.cache/gnome-recipes |
1001 | deny ${HOME}/.cache/gnome-screenshot | 1001 | blacklist ${HOME}/.cache/gnome-screenshot |
1002 | deny ${HOME}/.cache/gnome-software | 1002 | blacklist ${HOME}/.cache/gnome-software |
1003 | deny ${HOME}/.cache/gnome-twitch | 1003 | blacklist ${HOME}/.cache/gnome-twitch |
1004 | deny ${HOME}/.cache/godot | 1004 | blacklist ${HOME}/.cache/godot |
1005 | deny ${HOME}/.cache/google-chrome | 1005 | blacklist ${HOME}/.cache/google-chrome |
1006 | deny ${HOME}/.cache/google-chrome-beta | 1006 | blacklist ${HOME}/.cache/google-chrome-beta |
1007 | deny ${HOME}/.cache/google-chrome-unstable | 1007 | blacklist ${HOME}/.cache/google-chrome-unstable |
1008 | deny ${HOME}/.cache/gradio | 1008 | blacklist ${HOME}/.cache/gradio |
1009 | deny ${HOME}/.cache/gummi | 1009 | blacklist ${HOME}/.cache/gummi |
1010 | deny ${HOME}/.cache/icedove | 1010 | blacklist ${HOME}/.cache/icedove |
1011 | deny ${HOME}/.cache/inkscape | 1011 | blacklist ${HOME}/.cache/inkscape |
1012 | deny ${HOME}/.cache/inox | 1012 | blacklist ${HOME}/.cache/inox |
1013 | deny ${HOME}/.cache/iridium | 1013 | blacklist ${HOME}/.cache/iridium |
1014 | deny ${HOME}/.cache/JetBrains/CLion* | 1014 | blacklist ${HOME}/.cache/JetBrains/CLion* |
1015 | deny ${HOME}/.cache/kcmshell5 | 1015 | blacklist ${HOME}/.cache/kcmshell5 |
1016 | deny ${HOME}/.cache/kdenlive | 1016 | blacklist ${HOME}/.cache/kdenlive |
1017 | deny ${HOME}/.cache/keepassxc | 1017 | blacklist ${HOME}/.cache/keepassxc |
1018 | deny ${HOME}/.cache/kfind | 1018 | blacklist ${HOME}/.cache/kfind |
1019 | deny ${HOME}/.cache/kinfocenter | 1019 | blacklist ${HOME}/.cache/kinfocenter |
1020 | deny ${HOME}/.cache/kmail2 | 1020 | blacklist ${HOME}/.cache/kmail2 |
1021 | deny ${HOME}/.cache/krunner | 1021 | blacklist ${HOME}/.cache/krunner |
1022 | deny ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite* | 1022 | blacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite* |
1023 | deny ${HOME}/.cache/kscreenlocker_greet | 1023 | blacklist ${HOME}/.cache/kscreenlocker_greet |
1024 | deny ${HOME}/.cache/ksmserver-logout-greeter | 1024 | blacklist ${HOME}/.cache/ksmserver-logout-greeter |
1025 | deny ${HOME}/.cache/ksplashqml | 1025 | blacklist ${HOME}/.cache/ksplashqml |
1026 | deny ${HOME}/.cache/kube | 1026 | blacklist ${HOME}/.cache/kube |
1027 | deny ${HOME}/.cache/kwin | 1027 | blacklist ${HOME}/.cache/kwin |
1028 | deny ${HOME}/.cache/libgweather | 1028 | blacklist ${HOME}/.cache/libgweather |
1029 | deny ${HOME}/.cache/librewolf | 1029 | blacklist ${HOME}/.cache/librewolf |
1030 | deny ${HOME}/.cache/liferea | 1030 | blacklist ${HOME}/.cache/liferea |
1031 | deny ${HOME}/.cache/lutris | 1031 | blacklist ${HOME}/.cache/lutris |
1032 | deny ${HOME}/.cache/marker | 1032 | blacklist ${HOME}/.cache/marker |
1033 | deny ${HOME}/.cache/matrix-mirage | 1033 | blacklist ${HOME}/.cache/matrix-mirage |
1034 | deny ${HOME}/.cache/microsoft-edge-dev | 1034 | blacklist ${HOME}/.cache/microsoft-edge-dev |
1035 | deny ${HOME}/.cache/midori | 1035 | blacklist ${HOME}/.cache/midori |
1036 | deny ${HOME}/.cache/minetest | 1036 | blacklist ${HOME}/.cache/minetest |
1037 | deny ${HOME}/.cache/mirage | 1037 | blacklist ${HOME}/.cache/mirage |
1038 | deny ${HOME}/.cache/moonchild productions/basilisk | 1038 | blacklist ${HOME}/.cache/moonchild productions/basilisk |
1039 | deny ${HOME}/.cache/moonchild productions/pale moon | 1039 | blacklist ${HOME}/.cache/moonchild productions/pale moon |
1040 | deny ${HOME}/.cache/mozilla | 1040 | blacklist ${HOME}/.cache/mozilla |
1041 | deny ${HOME}/.cache/ms-excel-online | 1041 | blacklist ${HOME}/.cache/ms-excel-online |
1042 | deny ${HOME}/.cache/ms-office-online | 1042 | blacklist ${HOME}/.cache/ms-office-online |
1043 | deny ${HOME}/.cache/ms-onenote-online | 1043 | blacklist ${HOME}/.cache/ms-onenote-online |
1044 | deny ${HOME}/.cache/ms-outlook-online | 1044 | blacklist ${HOME}/.cache/ms-outlook-online |
1045 | deny ${HOME}/.cache/ms-powerpoint-online | 1045 | blacklist ${HOME}/.cache/ms-powerpoint-online |
1046 | deny ${HOME}/.cache/ms-skype-online | 1046 | blacklist ${HOME}/.cache/ms-skype-online |
1047 | deny ${HOME}/.cache/ms-word-online | 1047 | blacklist ${HOME}/.cache/ms-word-online |
1048 | deny ${HOME}/.cache/mutt | 1048 | blacklist ${HOME}/.cache/mutt |
1049 | deny ${HOME}/.cache/mypaint | 1049 | blacklist ${HOME}/.cache/mypaint |
1050 | deny ${HOME}/.cache/netsurf | 1050 | blacklist ${HOME}/.cache/netsurf |
1051 | deny ${HOME}/.cache/nheko | 1051 | blacklist ${HOME}/.cache/nheko |
1052 | deny ${HOME}/.cache/okular | 1052 | blacklist ${HOME}/.cache/okular |
1053 | deny ${HOME}/.cache/opera | 1053 | blacklist ${HOME}/.cache/opera |
1054 | deny ${HOME}/.cache/opera-beta | 1054 | blacklist ${HOME}/.cache/opera-beta |
1055 | deny ${HOME}/.cache/org.gabmus.gfeeds | 1055 | blacklist ${HOME}/.cache/org.gabmus.gfeeds |
1056 | deny ${HOME}/.cache/org.gnome.Books | 1056 | blacklist ${HOME}/.cache/org.gnome.Books |
1057 | deny ${HOME}/.cache/org.gnome.Maps | 1057 | blacklist ${HOME}/.cache/org.gnome.Maps |
1058 | deny ${HOME}/.cache/pdfmod | 1058 | blacklist ${HOME}/.cache/pdfmod |
1059 | deny ${HOME}/.cache/peek | 1059 | blacklist ${HOME}/.cache/peek |
1060 | deny ${HOME}/.cache/pip | 1060 | blacklist ${HOME}/.cache/pip |
1061 | deny ${HOME}/.cache/pipe-viewer | 1061 | blacklist ${HOME}/.cache/pipe-viewer |
1062 | deny ${HOME}/.cache/plasmashell | 1062 | blacklist ${HOME}/.cache/plasmashell |
1063 | deny ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite* | 1063 | blacklist ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite* |
1064 | deny ${HOME}/.cache/psi | 1064 | blacklist ${HOME}/.cache/psi |
1065 | deny ${HOME}/.cache/qBittorrent | 1065 | blacklist ${HOME}/.cache/qBittorrent |
1066 | deny ${HOME}/.cache/quodlibet | 1066 | blacklist ${HOME}/.cache/quodlibet |
1067 | deny ${HOME}/.cache/qupzilla | 1067 | blacklist ${HOME}/.cache/qupzilla |
1068 | deny ${HOME}/.cache/qutebrowser | 1068 | blacklist ${HOME}/.cache/qutebrowser |
1069 | deny ${HOME}/.cache/rhythmbox | 1069 | blacklist ${HOME}/.cache/rhythmbox |
1070 | deny ${HOME}/.cache/shotwell | 1070 | blacklist ${HOME}/.cache/shotwell |
1071 | deny ${HOME}/.cache/simple-scan | 1071 | blacklist ${HOME}/.cache/simple-scan |
1072 | deny ${HOME}/.cache/slimjet | 1072 | blacklist ${HOME}/.cache/slimjet |
1073 | deny ${HOME}/.cache/smuxi | 1073 | blacklist ${HOME}/.cache/smuxi |
1074 | deny ${HOME}/.cache/snox | 1074 | blacklist ${HOME}/.cache/snox |
1075 | deny ${HOME}/.cache/spotify | 1075 | blacklist ${HOME}/.cache/spotify |
1076 | deny ${HOME}/.cache/straw-viewer | 1076 | blacklist ${HOME}/.cache/straw-viewer |
1077 | deny ${HOME}/.cache/strawberry | 1077 | blacklist ${HOME}/.cache/strawberry |
1078 | deny ${HOME}/.cache/supertuxkart | 1078 | blacklist ${HOME}/.cache/supertuxkart |
1079 | deny ${HOME}/.cache/systemsettings | 1079 | blacklist ${HOME}/.cache/systemsettings |
1080 | deny ${HOME}/.cache/telepathy | 1080 | blacklist ${HOME}/.cache/telepathy |
1081 | deny ${HOME}/.cache/thunderbird | 1081 | blacklist ${HOME}/.cache/thunderbird |
1082 | deny ${HOME}/.cache/torbrowser | 1082 | blacklist ${HOME}/.cache/torbrowser |
1083 | deny ${HOME}/.cache/transmission | 1083 | blacklist ${HOME}/.cache/transmission |
1084 | deny ${HOME}/.cache/ungoogled-chromium | 1084 | blacklist ${HOME}/.cache/ungoogled-chromium |
1085 | deny ${HOME}/.cache/vivaldi | 1085 | blacklist ${HOME}/.cache/vivaldi |
1086 | deny ${HOME}/.cache/vivaldi-snapshot | 1086 | blacklist ${HOME}/.cache/vivaldi-snapshot |
1087 | deny ${HOME}/.cache/vlc | 1087 | blacklist ${HOME}/.cache/vlc |
1088 | deny ${HOME}/.cache/vmware | 1088 | blacklist ${HOME}/.cache/vmware |
1089 | deny ${HOME}/.cache/warsow-2.1 | 1089 | blacklist ${HOME}/.cache/warsow-2.1 |
1090 | deny ${HOME}/.cache/waterfox | 1090 | blacklist ${HOME}/.cache/waterfox |
1091 | deny ${HOME}/.cache/wesnoth | 1091 | blacklist ${HOME}/.cache/wesnoth |
1092 | deny ${HOME}/.cache/winetricks | 1092 | blacklist ${HOME}/.cache/winetricks |
1093 | deny ${HOME}/.cache/xmms2 | 1093 | blacklist ${HOME}/.cache/xmms2 |
1094 | deny ${HOME}/.cache/xreader | 1094 | blacklist ${HOME}/.cache/xreader |
1095 | deny ${HOME}/.cache/yandex-browser | 1095 | blacklist ${HOME}/.cache/yandex-browser |
1096 | deny ${HOME}/.cache/yandex-browser-beta | 1096 | blacklist ${HOME}/.cache/yandex-browser-beta |
1097 | deny ${HOME}/.cache/youtube-dl | 1097 | blacklist ${HOME}/.cache/youtube-dl |
1098 | deny ${HOME}/.cache/youtube-viewer | 1098 | blacklist ${HOME}/.cache/youtube-viewer |
diff --git a/etc/inc/disable-shell.inc b/etc/inc/disable-shell.inc index da6fb31a3..8274b0215 100644 --- a/etc/inc/disable-shell.inc +++ b/etc/inc/disable-shell.inc | |||
@@ -2,14 +2,14 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include disable-shell.local | 3 | include disable-shell.local |
4 | 4 | ||
5 | deny ${PATH}/bash | 5 | blacklist ${PATH}/bash |
6 | deny ${PATH}/csh | 6 | blacklist ${PATH}/csh |
7 | deny ${PATH}/dash | 7 | blacklist ${PATH}/dash |
8 | deny ${PATH}/fish | 8 | blacklist ${PATH}/fish |
9 | deny ${PATH}/ksh | 9 | blacklist ${PATH}/ksh |
10 | deny ${PATH}/mksh | 10 | blacklist ${PATH}/mksh |
11 | deny ${PATH}/oksh | 11 | blacklist ${PATH}/oksh |
12 | deny ${PATH}/sh | 12 | blacklist ${PATH}/sh |
13 | deny ${PATH}/tclsh | 13 | blacklist ${PATH}/tclsh |
14 | deny ${PATH}/tcsh | 14 | blacklist ${PATH}/tcsh |
15 | deny ${PATH}/zsh | 15 | blacklist ${PATH}/zsh |
diff --git a/etc/inc/disable-xdg.inc b/etc/inc/disable-xdg.inc index 32aa8c7f6..22acf272d 100644 --- a/etc/inc/disable-xdg.inc +++ b/etc/inc/disable-xdg.inc | |||
@@ -2,10 +2,10 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include disable-xdg.local | 3 | include disable-xdg.local |
4 | 4 | ||
5 | deny ${DOCUMENTS} | 5 | blacklist ${DOCUMENTS} |
6 | deny ${MUSIC} | 6 | blacklist ${MUSIC} |
7 | deny ${PICTURES} | 7 | blacklist ${PICTURES} |
8 | deny ${VIDEOS} | 8 | blacklist ${VIDEOS} |
9 | 9 | ||
10 | # The following should be considered catch-all directories | 10 | # The following should be considered catch-all directories |
11 | #blacklist ${DESKTOP} | 11 | #blacklist ${DESKTOP} |
diff --git a/etc/inc/whitelist-1793-workaround.inc b/etc/inc/whitelist-1793-workaround.inc index 06a424440..862837f12 100644 --- a/etc/inc/whitelist-1793-workaround.inc +++ b/etc/inc/whitelist-1793-workaround.inc | |||
@@ -3,27 +3,27 @@ | |||
3 | include whitelist-1793-workaround.local | 3 | include whitelist-1793-workaround.local |
4 | # This works around bug 1793, and allows whitelisting to be used for some KDE applications. | 4 | # This works around bug 1793, and allows whitelisting to be used for some KDE applications. |
5 | 5 | ||
6 | nodeny ${HOME}/.config/ibus | 6 | noblacklist ${HOME}/.config/ibus |
7 | nodeny ${HOME}/.config/mimeapps.list | 7 | noblacklist ${HOME}/.config/mimeapps.list |
8 | nodeny ${HOME}/.config/pkcs11 | 8 | noblacklist ${HOME}/.config/pkcs11 |
9 | nodeny ${HOME}/.config/user-dirs.dirs | 9 | noblacklist ${HOME}/.config/user-dirs.dirs |
10 | nodeny ${HOME}/.config/user-dirs.locale | 10 | noblacklist ${HOME}/.config/user-dirs.locale |
11 | nodeny ${HOME}/.config/dconf | 11 | noblacklist ${HOME}/.config/dconf |
12 | nodeny ${HOME}/.config/fontconfig | 12 | noblacklist ${HOME}/.config/fontconfig |
13 | nodeny ${HOME}/.config/gtk-2.0 | 13 | noblacklist ${HOME}/.config/gtk-2.0 |
14 | nodeny ${HOME}/.config/gtk-3.0 | 14 | noblacklist ${HOME}/.config/gtk-3.0 |
15 | nodeny ${HOME}/.config/gtk-4.0 | 15 | noblacklist ${HOME}/.config/gtk-4.0 |
16 | nodeny ${HOME}/.config/gtkrc | 16 | noblacklist ${HOME}/.config/gtkrc |
17 | nodeny ${HOME}/.config/gtkrc-2.0 | 17 | noblacklist ${HOME}/.config/gtkrc-2.0 |
18 | nodeny ${HOME}/.config/Kvantum | 18 | noblacklist ${HOME}/.config/Kvantum |
19 | nodeny ${HOME}/.config/Trolltech.conf | 19 | noblacklist ${HOME}/.config/Trolltech.conf |
20 | nodeny ${HOME}/.config/QtProject.conf | 20 | noblacklist ${HOME}/.config/QtProject.conf |
21 | nodeny ${HOME}/.config/kdeglobals | 21 | noblacklist ${HOME}/.config/kdeglobals |
22 | nodeny ${HOME}/.config/kio_httprc | 22 | noblacklist ${HOME}/.config/kio_httprc |
23 | nodeny ${HOME}/.config/kioslaverc | 23 | noblacklist ${HOME}/.config/kioslaverc |
24 | nodeny ${HOME}/.config/ksslcablacklist | 24 | noblacklist ${HOME}/.config/ksslcablacklist |
25 | nodeny ${HOME}/.config/qt5ct | 25 | noblacklist ${HOME}/.config/qt5ct |
26 | nodeny ${HOME}/.config/qtcurve | 26 | noblacklist ${HOME}/.config/qtcurve |
27 | 27 | ||
28 | deny ${HOME}/.config/* | 28 | blacklist ${HOME}/.config/* |
29 | allow ${HOME}/.config | 29 | whitelist ${HOME}/.config |
diff --git a/etc/inc/whitelist-common.inc b/etc/inc/whitelist-common.inc index 11070e372..fedfb2bc2 100644 --- a/etc/inc/whitelist-common.inc +++ b/etc/inc/whitelist-common.inc | |||
@@ -4,82 +4,82 @@ include whitelist-common.local | |||
4 | 4 | ||
5 | # common whitelist for all profiles | 5 | # common whitelist for all profiles |
6 | 6 | ||
7 | allow ${HOME}/.XCompose | 7 | whitelist ${HOME}/.XCompose |
8 | allow ${HOME}/.alsaequal.bin | 8 | whitelist ${HOME}/.alsaequal.bin |
9 | allow ${HOME}/.asoundrc | 9 | whitelist ${HOME}/.asoundrc |
10 | allow ${HOME}/.config/ibus | 10 | whitelist ${HOME}/.config/ibus |
11 | allow ${HOME}/.config/mimeapps.list | 11 | whitelist ${HOME}/.config/mimeapps.list |
12 | allow ${HOME}/.config/pkcs11 | 12 | whitelist ${HOME}/.config/pkcs11 |
13 | read-only ${HOME}/.config/pkcs11 | 13 | read-only ${HOME}/.config/pkcs11 |
14 | allow ${HOME}/.config/user-dirs.dirs | 14 | whitelist ${HOME}/.config/user-dirs.dirs |
15 | read-only ${HOME}/.config/user-dirs.dirs | 15 | read-only ${HOME}/.config/user-dirs.dirs |
16 | allow ${HOME}/.config/user-dirs.locale | 16 | whitelist ${HOME}/.config/user-dirs.locale |
17 | read-only ${HOME}/.config/user-dirs.locale | 17 | read-only ${HOME}/.config/user-dirs.locale |
18 | allow ${HOME}/.drirc | 18 | whitelist ${HOME}/.drirc |
19 | allow ${HOME}/.icons | 19 | whitelist ${HOME}/.icons |
20 | ?HAS_APPIMAGE: whitelist ${HOME}/.local/share/appimagekit | 20 | ?HAS_APPIMAGE: whitelist ${HOME}/.local/share/appimagekit |
21 | allow ${HOME}/.local/share/applications | 21 | whitelist ${HOME}/.local/share/applications |
22 | read-only ${HOME}/.local/share/applications | 22 | read-only ${HOME}/.local/share/applications |
23 | allow ${HOME}/.local/share/icons | 23 | whitelist ${HOME}/.local/share/icons |
24 | allow ${HOME}/.local/share/mime | 24 | whitelist ${HOME}/.local/share/mime |
25 | allow ${HOME}/.mime.types | 25 | whitelist ${HOME}/.mime.types |
26 | allow ${HOME}/.sndio/cookie | 26 | whitelist ${HOME}/.sndio/cookie |
27 | allow ${HOME}/.uim.d | 27 | whitelist ${HOME}/.uim.d |
28 | 28 | ||
29 | # dconf | 29 | # dconf |
30 | mkdir ${HOME}/.config/dconf | 30 | mkdir ${HOME}/.config/dconf |
31 | allow ${HOME}/.config/dconf | 31 | whitelist ${HOME}/.config/dconf |
32 | 32 | ||
33 | # fonts | 33 | # fonts |
34 | allow ${HOME}/.cache/fontconfig | 34 | whitelist ${HOME}/.cache/fontconfig |
35 | allow ${HOME}/.config/fontconfig | 35 | whitelist ${HOME}/.config/fontconfig |
36 | allow ${HOME}/.fontconfig | 36 | whitelist ${HOME}/.fontconfig |
37 | allow ${HOME}/.fonts | 37 | whitelist ${HOME}/.fonts |
38 | allow ${HOME}/.fonts.conf | 38 | whitelist ${HOME}/.fonts.conf |
39 | allow ${HOME}/.fonts.conf.d | 39 | whitelist ${HOME}/.fonts.conf.d |
40 | allow ${HOME}/.fonts.d | 40 | whitelist ${HOME}/.fonts.d |
41 | allow ${HOME}/.local/share/fonts | 41 | whitelist ${HOME}/.local/share/fonts |
42 | allow ${HOME}/.pangorc | 42 | whitelist ${HOME}/.pangorc |
43 | 43 | ||
44 | # gtk | 44 | # gtk |
45 | allow ${HOME}/.config/gtk-2.0 | 45 | whitelist ${HOME}/.config/gtk-2.0 |
46 | allow ${HOME}/.config/gtk-3.0 | 46 | whitelist ${HOME}/.config/gtk-3.0 |
47 | allow ${HOME}/.config/gtk-4.0 | 47 | whitelist ${HOME}/.config/gtk-4.0 |
48 | allow ${HOME}/.config/gtkrc | 48 | whitelist ${HOME}/.config/gtkrc |
49 | allow ${HOME}/.config/gtkrc-2.0 | 49 | whitelist ${HOME}/.config/gtkrc-2.0 |
50 | allow ${HOME}/.gnome2 | 50 | whitelist ${HOME}/.gnome2 |
51 | allow ${HOME}/.gnome2-private | 51 | whitelist ${HOME}/.gnome2-private |
52 | allow ${HOME}/.gtk-2.0 | 52 | whitelist ${HOME}/.gtk-2.0 |
53 | allow ${HOME}/.gtkrc | 53 | whitelist ${HOME}/.gtkrc |
54 | allow ${HOME}/.gtkrc-2.0 | 54 | whitelist ${HOME}/.gtkrc-2.0 |
55 | allow ${HOME}/.kde/share/config/gtkrc | 55 | whitelist ${HOME}/.kde/share/config/gtkrc |
56 | allow ${HOME}/.kde/share/config/gtkrc-2.0 | 56 | whitelist ${HOME}/.kde/share/config/gtkrc-2.0 |
57 | allow ${HOME}/.kde4/share/config/gtkrc | 57 | whitelist ${HOME}/.kde4/share/config/gtkrc |
58 | allow ${HOME}/.kde4/share/config/gtkrc-2.0 | 58 | whitelist ${HOME}/.kde4/share/config/gtkrc-2.0 |
59 | allow ${HOME}/.local/share/themes | 59 | whitelist ${HOME}/.local/share/themes |
60 | allow ${HOME}/.themes | 60 | whitelist ${HOME}/.themes |
61 | 61 | ||
62 | # qt/kde | 62 | # qt/kde |
63 | allow ${HOME}/.cache/kioexec/krun | 63 | whitelist ${HOME}/.cache/kioexec/krun |
64 | allow ${HOME}/.config/Kvantum | 64 | whitelist ${HOME}/.config/Kvantum |
65 | allow ${HOME}/.config/Trolltech.conf | 65 | whitelist ${HOME}/.config/Trolltech.conf |
66 | allow ${HOME}/.config/QtProject.conf | 66 | whitelist ${HOME}/.config/QtProject.conf |
67 | allow ${HOME}/.config/kdeglobals | 67 | whitelist ${HOME}/.config/kdeglobals |
68 | allow ${HOME}/.config/kio_httprc | 68 | whitelist ${HOME}/.config/kio_httprc |
69 | allow ${HOME}/.config/kioslaverc | 69 | whitelist ${HOME}/.config/kioslaverc |
70 | allow ${HOME}/.config/ksslcablacklist | 70 | whitelist ${HOME}/.config/ksslcablacklist |
71 | allow ${HOME}/.config/qt5ct | 71 | whitelist ${HOME}/.config/qt5ct |
72 | allow ${HOME}/.config/qtcurve | 72 | whitelist ${HOME}/.config/qtcurve |
73 | allow ${HOME}/.kde/share/config/kdeglobals | 73 | whitelist ${HOME}/.kde/share/config/kdeglobals |
74 | allow ${HOME}/.kde/share/config/kio_httprc | 74 | whitelist ${HOME}/.kde/share/config/kio_httprc |
75 | allow ${HOME}/.kde/share/config/kioslaverc | 75 | whitelist ${HOME}/.kde/share/config/kioslaverc |
76 | allow ${HOME}/.kde/share/config/ksslcablacklist | 76 | whitelist ${HOME}/.kde/share/config/ksslcablacklist |
77 | allow ${HOME}/.kde/share/config/oxygenrc | 77 | whitelist ${HOME}/.kde/share/config/oxygenrc |
78 | allow ${HOME}/.kde/share/icons | 78 | whitelist ${HOME}/.kde/share/icons |
79 | allow ${HOME}/.kde4/share/config/kdeglobals | 79 | whitelist ${HOME}/.kde4/share/config/kdeglobals |
80 | allow ${HOME}/.kde4/share/config/kio_httprc | 80 | whitelist ${HOME}/.kde4/share/config/kio_httprc |
81 | allow ${HOME}/.kde4/share/config/kioslaverc | 81 | whitelist ${HOME}/.kde4/share/config/kioslaverc |
82 | allow ${HOME}/.kde4/share/config/ksslcablacklist | 82 | whitelist ${HOME}/.kde4/share/config/ksslcablacklist |
83 | allow ${HOME}/.kde4/share/config/oxygenrc | 83 | whitelist ${HOME}/.kde4/share/config/oxygenrc |
84 | allow ${HOME}/.kde4/share/icons | 84 | whitelist ${HOME}/.kde4/share/icons |
85 | allow ${HOME}/.local/share/qt5ct | 85 | whitelist ${HOME}/.local/share/qt5ct |
diff --git a/etc/inc/whitelist-player-common.inc b/etc/inc/whitelist-player-common.inc index d6ae8eab6..e5bf36804 100644 --- a/etc/inc/whitelist-player-common.inc +++ b/etc/inc/whitelist-player-common.inc | |||
@@ -4,8 +4,8 @@ include whitelist-player-common.local | |||
4 | 4 | ||
5 | # common whitelist for all media players | 5 | # common whitelist for all media players |
6 | 6 | ||
7 | allow ${DESKTOP} | 7 | whitelist ${DESKTOP} |
8 | allow ${DOWNLOADS} | 8 | whitelist ${DOWNLOADS} |
9 | allow ${MUSIC} | 9 | whitelist ${MUSIC} |
10 | allow ${PICTURES} | 10 | whitelist ${PICTURES} |
11 | allow ${VIDEOS} | 11 | whitelist ${VIDEOS} |
diff --git a/etc/inc/whitelist-runuser-common.inc b/etc/inc/whitelist-runuser-common.inc index 86e5264b9..48309ffe3 100644 --- a/etc/inc/whitelist-runuser-common.inc +++ b/etc/inc/whitelist-runuser-common.inc | |||
@@ -4,13 +4,13 @@ include whitelist-runuser-common.local | |||
4 | 4 | ||
5 | # common ${RUNUSER} (=/run/user/$UID) whitelist for all profiles | 5 | # common ${RUNUSER} (=/run/user/$UID) whitelist for all profiles |
6 | 6 | ||
7 | allow ${RUNUSER}/bus | 7 | whitelist ${RUNUSER}/bus |
8 | allow ${RUNUSER}/dconf | 8 | whitelist ${RUNUSER}/dconf |
9 | allow ${RUNUSER}/gdm/Xauthority | 9 | whitelist ${RUNUSER}/gdm/Xauthority |
10 | allow ${RUNUSER}/ICEauthority | 10 | whitelist ${RUNUSER}/ICEauthority |
11 | allow ${RUNUSER}/.mutter-Xwaylandauth.* | 11 | whitelist ${RUNUSER}/.mutter-Xwaylandauth.* |
12 | allow ${RUNUSER}/pulse/native | 12 | whitelist ${RUNUSER}/pulse/native |
13 | allow ${RUNUSER}/wayland-0 | 13 | whitelist ${RUNUSER}/wayland-0 |
14 | allow ${RUNUSER}/wayland-1 | 14 | whitelist ${RUNUSER}/wayland-1 |
15 | allow ${RUNUSER}/xauth_* | 15 | whitelist ${RUNUSER}/xauth_* |
16 | allow ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] | 16 | whitelist ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] |
diff --git a/etc/inc/whitelist-usr-share-common.inc b/etc/inc/whitelist-usr-share-common.inc index 64296da15..fe0097934 100644 --- a/etc/inc/whitelist-usr-share-common.inc +++ b/etc/inc/whitelist-usr-share-common.inc | |||
@@ -4,66 +4,66 @@ include whitelist-usr-share-common.local | |||
4 | 4 | ||
5 | # common /usr/share whitelist for all profiles | 5 | # common /usr/share whitelist for all profiles |
6 | 6 | ||
7 | allow /usr/share/alsa | 7 | whitelist /usr/share/alsa |
8 | allow /usr/share/applications | 8 | whitelist /usr/share/applications |
9 | allow /usr/share/ca-certificates | 9 | whitelist /usr/share/ca-certificates |
10 | allow /usr/share/crypto-policies | 10 | whitelist /usr/share/crypto-policies |
11 | allow /usr/share/cursors | 11 | whitelist /usr/share/cursors |
12 | allow /usr/share/dconf | 12 | whitelist /usr/share/dconf |
13 | allow /usr/share/distro-info | 13 | whitelist /usr/share/distro-info |
14 | allow /usr/share/drirc.d | 14 | whitelist /usr/share/drirc.d |
15 | allow /usr/share/enchant | 15 | whitelist /usr/share/enchant |
16 | allow /usr/share/enchant-2 | 16 | whitelist /usr/share/enchant-2 |
17 | allow /usr/share/file | 17 | whitelist /usr/share/file |
18 | allow /usr/share/fontconfig | 18 | whitelist /usr/share/fontconfig |
19 | allow /usr/share/fonts | 19 | whitelist /usr/share/fonts |
20 | allow /usr/share/fonts-config | 20 | whitelist /usr/share/fonts-config |
21 | allow /usr/share/gir-1.0 | 21 | whitelist /usr/share/gir-1.0 |
22 | allow /usr/share/gjs-1.0 | 22 | whitelist /usr/share/gjs-1.0 |
23 | allow /usr/share/glib-2.0 | 23 | whitelist /usr/share/glib-2.0 |
24 | allow /usr/share/glvnd | 24 | whitelist /usr/share/glvnd |
25 | allow /usr/share/gtk-2.0 | 25 | whitelist /usr/share/gtk-2.0 |
26 | allow /usr/share/gtk-3.0 | 26 | whitelist /usr/share/gtk-3.0 |
27 | allow /usr/share/gtk-engines | 27 | whitelist /usr/share/gtk-engines |
28 | allow /usr/share/gtksourceview-3.0 | 28 | whitelist /usr/share/gtksourceview-3.0 |
29 | allow /usr/share/gtksourceview-4 | 29 | whitelist /usr/share/gtksourceview-4 |
30 | allow /usr/share/hunspell | 30 | whitelist /usr/share/hunspell |
31 | allow /usr/share/hwdata | 31 | whitelist /usr/share/hwdata |
32 | allow /usr/share/icons | 32 | whitelist /usr/share/icons |
33 | allow /usr/share/icu | 33 | whitelist /usr/share/icu |
34 | allow /usr/share/knotifications5 | 34 | whitelist /usr/share/knotifications5 |
35 | allow /usr/share/kservices5 | 35 | whitelist /usr/share/kservices5 |
36 | allow /usr/share/Kvantum | 36 | whitelist /usr/share/Kvantum |
37 | allow /usr/share/kxmlgui5 | 37 | whitelist /usr/share/kxmlgui5 |
38 | allow /usr/share/libdrm | 38 | whitelist /usr/share/libdrm |
39 | allow /usr/share/libthai | 39 | whitelist /usr/share/libthai |
40 | allow /usr/share/locale | 40 | whitelist /usr/share/locale |
41 | allow /usr/share/mime | 41 | whitelist /usr/share/mime |
42 | allow /usr/share/misc | 42 | whitelist /usr/share/misc |
43 | allow /usr/share/Modules | 43 | whitelist /usr/share/Modules |
44 | allow /usr/share/myspell | 44 | whitelist /usr/share/myspell |
45 | allow /usr/share/p11-kit | 45 | whitelist /usr/share/p11-kit |
46 | allow /usr/share/perl | 46 | whitelist /usr/share/perl |
47 | allow /usr/share/perl5 | 47 | whitelist /usr/share/perl5 |
48 | allow /usr/share/pixmaps | 48 | whitelist /usr/share/pixmaps |
49 | allow /usr/share/pki | 49 | whitelist /usr/share/pki |
50 | allow /usr/share/plasma | 50 | whitelist /usr/share/plasma |
51 | allow /usr/share/publicsuffix | 51 | whitelist /usr/share/publicsuffix |
52 | allow /usr/share/qt | 52 | whitelist /usr/share/qt |
53 | allow /usr/share/qt4 | 53 | whitelist /usr/share/qt4 |
54 | allow /usr/share/qt5 | 54 | whitelist /usr/share/qt5 |
55 | allow /usr/share/qt5ct | 55 | whitelist /usr/share/qt5ct |
56 | allow /usr/share/sounds | 56 | whitelist /usr/share/sounds |
57 | allow /usr/share/tcl8.6 | 57 | whitelist /usr/share/tcl8.6 |
58 | allow /usr/share/tcltk | 58 | whitelist /usr/share/tcltk |
59 | allow /usr/share/terminfo | 59 | whitelist /usr/share/terminfo |
60 | allow /usr/share/texlive | 60 | whitelist /usr/share/texlive |
61 | allow /usr/share/texmf | 61 | whitelist /usr/share/texmf |
62 | allow /usr/share/themes | 62 | whitelist /usr/share/themes |
63 | allow /usr/share/thumbnail.so | 63 | whitelist /usr/share/thumbnail.so |
64 | allow /usr/share/uim | 64 | whitelist /usr/share/uim |
65 | allow /usr/share/vulkan | 65 | whitelist /usr/share/vulkan |
66 | allow /usr/share/X11 | 66 | whitelist /usr/share/X11 |
67 | allow /usr/share/xml | 67 | whitelist /usr/share/xml |
68 | allow /usr/share/zenity | 68 | whitelist /usr/share/zenity |
69 | allow /usr/share/zoneinfo | 69 | whitelist /usr/share/zoneinfo |
diff --git a/etc/inc/whitelist-var-common.inc b/etc/inc/whitelist-var-common.inc index c449e8905..d8ba84ad0 100644 --- a/etc/inc/whitelist-var-common.inc +++ b/etc/inc/whitelist-var-common.inc | |||
@@ -4,12 +4,12 @@ include whitelist-var-common.local | |||
4 | 4 | ||
5 | # common /var whitelist for all profiles | 5 | # common /var whitelist for all profiles |
6 | 6 | ||
7 | allow /var/lib/aspell | 7 | whitelist /var/lib/aspell |
8 | allow /var/lib/ca-certificates | 8 | whitelist /var/lib/ca-certificates |
9 | allow /var/lib/dbus | 9 | whitelist /var/lib/dbus |
10 | allow /var/lib/menu-xdg | 10 | whitelist /var/lib/menu-xdg |
11 | allow /var/lib/uim | 11 | whitelist /var/lib/uim |
12 | allow /var/cache/fontconfig | 12 | whitelist /var/cache/fontconfig |
13 | allow /var/tmp | 13 | whitelist /var/tmp |
14 | allow /var/run | 14 | whitelist /var/run |
15 | allow /var/lock | 15 | whitelist /var/lock |
diff --git a/etc/profile-a-l/0ad.profile b/etc/profile-a-l/0ad.profile index 6f493fff1..4009853d3 100644 --- a/etc/profile-a-l/0ad.profile +++ b/etc/profile-a-l/0ad.profile | |||
@@ -6,11 +6,11 @@ include 0ad.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/0ad | 9 | noblacklist ${HOME}/.cache/0ad |
10 | nodeny ${HOME}/.config/0ad | 10 | noblacklist ${HOME}/.config/0ad |
11 | nodeny ${HOME}/.local/share/0ad | 11 | noblacklist ${HOME}/.local/share/0ad |
12 | 12 | ||
13 | deny /usr/libexec | 13 | blacklist /usr/libexec |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -23,11 +23,11 @@ include disable-xdg.inc | |||
23 | mkdir ${HOME}/.cache/0ad | 23 | mkdir ${HOME}/.cache/0ad |
24 | mkdir ${HOME}/.config/0ad | 24 | mkdir ${HOME}/.config/0ad |
25 | mkdir ${HOME}/.local/share/0ad | 25 | mkdir ${HOME}/.local/share/0ad |
26 | allow ${HOME}/.cache/0ad | 26 | whitelist ${HOME}/.cache/0ad |
27 | allow ${HOME}/.config/0ad | 27 | whitelist ${HOME}/.config/0ad |
28 | allow ${HOME}/.local/share/0ad | 28 | whitelist ${HOME}/.local/share/0ad |
29 | allow /usr/share/0ad | 29 | whitelist /usr/share/0ad |
30 | allow /usr/share/games | 30 | whitelist /usr/share/games |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/2048-qt.profile b/etc/profile-a-l/2048-qt.profile index 3a7b331a7..1d787cba7 100644 --- a/etc/profile-a-l/2048-qt.profile +++ b/etc/profile-a-l/2048-qt.profile | |||
@@ -6,8 +6,8 @@ include 2048-qt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/2048-qt | 9 | noblacklist ${HOME}/.config/2048-qt |
10 | nodeny ${HOME}/.config/xiaoyong | 10 | noblacklist ${HOME}/.config/xiaoyong |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.config/2048-qt | 19 | mkdir ${HOME}/.config/2048-qt |
20 | mkdir ${HOME}/.config/xiaoyong | 20 | mkdir ${HOME}/.config/xiaoyong |
21 | allow ${HOME}/.config/2048-qt | 21 | whitelist ${HOME}/.config/2048-qt |
22 | allow ${HOME}/.config/xiaoyong | 22 | whitelist ${HOME}/.config/xiaoyong |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
diff --git a/etc/profile-a-l/Cryptocat.profile b/etc/profile-a-l/Cryptocat.profile index def0ec111..1d86b0fbf 100644 --- a/etc/profile-a-l/Cryptocat.profile +++ b/etc/profile-a-l/Cryptocat.profile | |||
@@ -5,7 +5,7 @@ include Cryptocat.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/Cryptocat | 8 | noblacklist ${HOME}/.config/Cryptocat |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-a-l/Discord.profile b/etc/profile-a-l/Discord.profile index 1d3ae49ca..3f274b21c 100644 --- a/etc/profile-a-l/Discord.profile +++ b/etc/profile-a-l/Discord.profile | |||
@@ -5,10 +5,10 @@ include Discord.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/discord | 8 | noblacklist ${HOME}/.config/discord |
9 | 9 | ||
10 | mkdir ${HOME}/.config/discord | 10 | mkdir ${HOME}/.config/discord |
11 | allow ${HOME}/.config/discord | 11 | whitelist ${HOME}/.config/discord |
12 | 12 | ||
13 | private-bin Discord | 13 | private-bin Discord |
14 | private-opt Discord | 14 | private-opt Discord |
diff --git a/etc/profile-a-l/DiscordCanary.profile b/etc/profile-a-l/DiscordCanary.profile index 3c85f187b..d24e73ed8 100644 --- a/etc/profile-a-l/DiscordCanary.profile +++ b/etc/profile-a-l/DiscordCanary.profile | |||
@@ -5,10 +5,10 @@ include DiscordCanary.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/discordcanary | 8 | noblacklist ${HOME}/.config/discordcanary |
9 | 9 | ||
10 | mkdir ${HOME}/.config/discordcanary | 10 | mkdir ${HOME}/.config/discordcanary |
11 | allow ${HOME}/.config/discordcanary | 11 | whitelist ${HOME}/.config/discordcanary |
12 | 12 | ||
13 | private-bin DiscordCanary | 13 | private-bin DiscordCanary |
14 | private-opt DiscordCanary | 14 | private-opt DiscordCanary |
diff --git a/etc/profile-a-l/Fritzing.profile b/etc/profile-a-l/Fritzing.profile index 8f746581f..7dc6b5ff0 100644 --- a/etc/profile-a-l/Fritzing.profile +++ b/etc/profile-a-l/Fritzing.profile | |||
@@ -6,8 +6,8 @@ include Fritzing.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Fritzing | 9 | noblacklist ${HOME}/.config/Fritzing |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/JDownloader.profile b/etc/profile-a-l/JDownloader.profile index 9a00c3230..d10b70796 100644 --- a/etc/profile-a-l/JDownloader.profile +++ b/etc/profile-a-l/JDownloader.profile | |||
@@ -5,7 +5,7 @@ include JDownloader.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.jd | 8 | noblacklist ${HOME}/.jd |
9 | 9 | ||
10 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
11 | include allow-java.inc | 11 | include allow-java.inc |
@@ -19,8 +19,8 @@ include disable-programs.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.jd | 21 | mkdir ${HOME}/.jd |
22 | allow ${HOME}/.jd | 22 | whitelist ${HOME}/.jd |
23 | allow ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-a-l/abiword.profile b/etc/profile-a-l/abiword.profile index 2a92c7db4..75da9a956 100644 --- a/etc/profile-a-l/abiword.profile +++ b/etc/profile-a-l/abiword.profile | |||
@@ -6,7 +6,7 @@ include abiword.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/abiword | 9 | noblacklist ${HOME}/.config/abiword |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | allow /usr/share/abiword-3.0 | 19 | whitelist /usr/share/abiword-3.0 |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-runuser-common.inc | 21 | include whitelist-runuser-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/abrowser.profile b/etc/profile-a-l/abrowser.profile index 70ddcec20..2e6e8f1af 100644 --- a/etc/profile-a-l/abrowser.profile +++ b/etc/profile-a-l/abrowser.profile | |||
@@ -5,13 +5,13 @@ include abrowser.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/mozilla | 8 | noblacklist ${HOME}/.cache/mozilla |
9 | nodeny ${HOME}/.mozilla | 9 | noblacklist ${HOME}/.mozilla |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/mozilla/abrowser | 11 | mkdir ${HOME}/.cache/mozilla/abrowser |
12 | mkdir ${HOME}/.mozilla | 12 | mkdir ${HOME}/.mozilla |
13 | allow ${HOME}/.cache/mozilla/abrowser | 13 | whitelist ${HOME}/.cache/mozilla/abrowser |
14 | allow ${HOME}/.mozilla | 14 | whitelist ${HOME}/.mozilla |
15 | 15 | ||
16 | # private-etc must first be enabled in firefox-common.profile | 16 | # private-etc must first be enabled in firefox-common.profile |
17 | #private-etc abrowser | 17 | #private-etc abrowser |
diff --git a/etc/profile-a-l/agetpkg.profile b/etc/profile-a-l/agetpkg.profile index d32586c5b..34f59769e 100644 --- a/etc/profile-a-l/agetpkg.profile +++ b/etc/profile-a-l/agetpkg.profile | |||
@@ -7,8 +7,8 @@ include agetpkg.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | #include allow-python2.inc | 14 | #include allow-python2.inc |
@@ -23,7 +23,7 @@ include disable-programs.inc | |||
23 | include disable-shell.inc | 23 | include disable-shell.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | allow ${DOWNLOADS} | 26 | whitelist ${DOWNLOADS} |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/akonadi_control.profile b/etc/profile-a-l/akonadi_control.profile index 7b1d1445f..37fdb38b5 100644 --- a/etc/profile-a-l/akonadi_control.profile +++ b/etc/profile-a-l/akonadi_control.profile | |||
@@ -4,22 +4,22 @@ include akonadi_control.local | |||
4 | # Persistent global definitions | 4 | # Persistent global definitions |
5 | include globals.local | 5 | include globals.local |
6 | 6 | ||
7 | nodeny ${HOME}/.cache/akonadi* | 7 | noblacklist ${HOME}/.cache/akonadi* |
8 | nodeny ${HOME}/.config/akonadi* | 8 | noblacklist ${HOME}/.config/akonadi* |
9 | nodeny ${HOME}/.config/baloorc | 9 | noblacklist ${HOME}/.config/baloorc |
10 | nodeny ${HOME}/.config/emaildefaults | 10 | noblacklist ${HOME}/.config/emaildefaults |
11 | nodeny ${HOME}/.config/emailidentities | 11 | noblacklist ${HOME}/.config/emailidentities |
12 | nodeny ${HOME}/.config/kmail2rc | 12 | noblacklist ${HOME}/.config/kmail2rc |
13 | nodeny ${HOME}/.config/mailtransports | 13 | noblacklist ${HOME}/.config/mailtransports |
14 | nodeny ${HOME}/.config/specialmailcollectionsrc | 14 | noblacklist ${HOME}/.config/specialmailcollectionsrc |
15 | nodeny ${HOME}/.local/share/akonadi* | 15 | noblacklist ${HOME}/.local/share/akonadi* |
16 | nodeny ${HOME}/.local/share/apps/korganizer | 16 | noblacklist ${HOME}/.local/share/apps/korganizer |
17 | nodeny ${HOME}/.local/share/contacts | 17 | noblacklist ${HOME}/.local/share/contacts |
18 | nodeny ${HOME}/.local/share/local-mail | 18 | noblacklist ${HOME}/.local/share/local-mail |
19 | nodeny ${HOME}/.local/share/notes | 19 | noblacklist ${HOME}/.local/share/notes |
20 | nodeny /sbin | 20 | noblacklist /sbin |
21 | nodeny /tmp/akonadi-* | 21 | noblacklist /tmp/akonadi-* |
22 | nodeny /usr/sbin | 22 | noblacklist /usr/sbin |
23 | 23 | ||
24 | include disable-common.inc | 24 | include disable-common.inc |
25 | include disable-devel.inc | 25 | include disable-devel.inc |
diff --git a/etc/profile-a-l/akregator.profile b/etc/profile-a-l/akregator.profile index b2323547c..38fcd2dc1 100644 --- a/etc/profile-a-l/akregator.profile +++ b/etc/profile-a-l/akregator.profile | |||
@@ -6,9 +6,9 @@ include akregator.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/akregatorrc | 9 | noblacklist ${HOME}/.config/akregatorrc |
10 | nodeny ${HOME}/.local/share/akregator | 10 | noblacklist ${HOME}/.local/share/akregator |
11 | nodeny ${HOME}/.local/share/kxmlgui5/akregator | 11 | noblacklist ${HOME}/.local/share/kxmlgui5/akregator |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,10 +21,10 @@ include disable-shell.inc | |||
21 | mkfile ${HOME}/.config/akregatorrc | 21 | mkfile ${HOME}/.config/akregatorrc |
22 | mkdir ${HOME}/.local/share/akregator | 22 | mkdir ${HOME}/.local/share/akregator |
23 | mkdir ${HOME}/.local/share/kxmlgui5/akregator | 23 | mkdir ${HOME}/.local/share/kxmlgui5/akregator |
24 | allow ${HOME}/.config/akregatorrc | 24 | whitelist ${HOME}/.config/akregatorrc |
25 | allow ${HOME}/.local/share/akregator | 25 | whitelist ${HOME}/.local/share/akregator |
26 | allow ${HOME}/.local/share/kssl | 26 | whitelist ${HOME}/.local/share/kssl |
27 | allow ${HOME}/.local/share/kxmlgui5/akregator | 27 | whitelist ${HOME}/.local/share/kxmlgui5/akregator |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
diff --git a/etc/profile-a-l/alacarte.profile b/etc/profile-a-l/alacarte.profile index ca6c8d887..4c6d68020 100644 --- a/etc/profile-a-l/alacarte.profile +++ b/etc/profile-a-l/alacarte.profile | |||
@@ -19,13 +19,13 @@ include disable-passwdmgr.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | # Whitelist your system icon directory,varies by distro | 21 | # Whitelist your system icon directory,varies by distro |
22 | allow /usr/share/alacarte | 22 | whitelist /usr/share/alacarte |
23 | allow /usr/share/app-info | 23 | whitelist /usr/share/app-info |
24 | allow /usr/share/desktop-directories | 24 | whitelist /usr/share/desktop-directories |
25 | allow /usr/share/icons | 25 | whitelist /usr/share/icons |
26 | allow /var/lib/app-info/icons | 26 | whitelist /var/lib/app-info/icons |
27 | allow /var/lib/flatpak/exports/share/applications | 27 | whitelist /var/lib/flatpak/exports/share/applications |
28 | allow /var/lib/flatpak/exports/share/icons | 28 | whitelist /var/lib/flatpak/exports/share/icons |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/alienarena.profile b/etc/profile-a-l/alienarena.profile index 220c3345d..81ee6bd46 100644 --- a/etc/profile-a-l/alienarena.profile +++ b/etc/profile-a-l/alienarena.profile | |||
@@ -6,7 +6,7 @@ include alienarena.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/cor-games | 9 | noblacklist ${HOME}/.local/share/cor-games |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/cor-games | 20 | mkdir ${HOME}/.local/share/cor-games |
21 | allow ${HOME}/.local/share/cor-games | 21 | whitelist ${HOME}/.local/share/cor-games |
22 | allow /usr/share/alienarena | 22 | whitelist /usr/share/alienarena |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/alpine.profile b/etc/profile-a-l/alpine.profile index 6fa3edfa1..0b5cf0df0 100644 --- a/etc/profile-a-l/alpine.profile +++ b/etc/profile-a-l/alpine.profile | |||
@@ -10,28 +10,28 @@ include globals.local | |||
10 | # Workaround for bug https://github.com/netblue30/firejail/issues/2747 | 10 | # Workaround for bug https://github.com/netblue30/firejail/issues/2747 |
11 | # firejail --private-bin=sh --include='${CFG}/allow-bin-sh.inc' --profile=alpine sh -c '(alpine)' | 11 | # firejail --private-bin=sh --include='${CFG}/allow-bin-sh.inc' --profile=alpine sh -c '(alpine)' |
12 | 12 | ||
13 | nodeny /var/mail | 13 | noblacklist /var/mail |
14 | nodeny /var/spool/mail | 14 | noblacklist /var/spool/mail |
15 | nodeny ${DOCUMENTS} | 15 | noblacklist ${DOCUMENTS} |
16 | nodeny ${HOME}/.addressbook | 16 | noblacklist ${HOME}/.addressbook |
17 | nodeny ${HOME}/.alpine-smime | 17 | noblacklist ${HOME}/.alpine-smime |
18 | nodeny ${HOME}/.mailcap | 18 | noblacklist ${HOME}/.mailcap |
19 | nodeny ${HOME}/.mh_profile | 19 | noblacklist ${HOME}/.mh_profile |
20 | nodeny ${HOME}/.mime.types | 20 | noblacklist ${HOME}/.mime.types |
21 | nodeny ${HOME}/.newsrc | 21 | noblacklist ${HOME}/.newsrc |
22 | nodeny ${HOME}/.pine-crash | 22 | noblacklist ${HOME}/.pine-crash |
23 | nodeny ${HOME}/.pine-debug1 | 23 | noblacklist ${HOME}/.pine-debug1 |
24 | nodeny ${HOME}/.pine-debug2 | 24 | noblacklist ${HOME}/.pine-debug2 |
25 | nodeny ${HOME}/.pine-debug3 | 25 | noblacklist ${HOME}/.pine-debug3 |
26 | nodeny ${HOME}/.pine-debug4 | 26 | noblacklist ${HOME}/.pine-debug4 |
27 | nodeny ${HOME}/.pine-interrupted-mail | 27 | noblacklist ${HOME}/.pine-interrupted-mail |
28 | nodeny ${HOME}/.pinerc | 28 | noblacklist ${HOME}/.pinerc |
29 | nodeny ${HOME}/.pinercex | 29 | noblacklist ${HOME}/.pinercex |
30 | nodeny ${HOME}/.signature | 30 | noblacklist ${HOME}/.signature |
31 | nodeny ${HOME}/mail | 31 | noblacklist ${HOME}/mail |
32 | 32 | ||
33 | deny /tmp/.X11-unix | 33 | blacklist /tmp/.X11-unix |
34 | deny ${RUNUSER}/wayland-* | 34 | blacklist ${RUNUSER}/wayland-* |
35 | 35 | ||
36 | include disable-common.inc | 36 | include disable-common.inc |
37 | include disable-devel.inc | 37 | include disable-devel.inc |
@@ -60,8 +60,8 @@ include disable-xdg.inc | |||
60 | #whitelist ${HOME}/.pine-debug4 | 60 | #whitelist ${HOME}/.pine-debug4 |
61 | #whitelist ${HOME}/.signature | 61 | #whitelist ${HOME}/.signature |
62 | #whitelist ${HOME}/mail | 62 | #whitelist ${HOME}/mail |
63 | allow /var/mail | 63 | whitelist /var/mail |
64 | allow /var/spool/mail | 64 | whitelist /var/spool/mail |
65 | #include whitelist-common.inc | 65 | #include whitelist-common.inc |
66 | include whitelist-runuser-common.inc | 66 | include whitelist-runuser-common.inc |
67 | include whitelist-usr-share-common.inc | 67 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/amarok.profile b/etc/profile-a-l/amarok.profile index 03aba36e4..a7caddc4c 100644 --- a/etc/profile-a-l/amarok.profile +++ b/etc/profile-a-l/amarok.profile | |||
@@ -6,7 +6,7 @@ include amarok.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/amule.profile b/etc/profile-a-l/amule.profile index 00039a7e9..e3c4164ee 100644 --- a/etc/profile-a-l/amule.profile +++ b/etc/profile-a-l/amule.profile | |||
@@ -6,7 +6,7 @@ include amule.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.aMule | 9 | noblacklist ${HOME}/.aMule |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.aMule | 18 | mkdir ${HOME}/.aMule |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.aMule | 20 | whitelist ${HOME}/.aMule |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-a-l/android-studio.profile b/etc/profile-a-l/android-studio.profile index 5bf6ed773..5a21744cf 100644 --- a/etc/profile-a-l/android-studio.profile +++ b/etc/profile-a-l/android-studio.profile | |||
@@ -5,13 +5,13 @@ include android-studio.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/Google | 8 | noblacklist ${HOME}/.config/Google |
9 | nodeny ${HOME}/.AndroidStudio* | 9 | noblacklist ${HOME}/.AndroidStudio* |
10 | nodeny ${HOME}/.android | 10 | noblacklist ${HOME}/.android |
11 | nodeny ${HOME}/.jack-server | 11 | noblacklist ${HOME}/.jack-server |
12 | nodeny ${HOME}/.jack-settings | 12 | noblacklist ${HOME}/.jack-settings |
13 | nodeny ${HOME}/.local/share/JetBrains | 13 | noblacklist ${HOME}/.local/share/JetBrains |
14 | nodeny ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
15 | 15 | ||
16 | # Allows files commonly used by IDEs | 16 | # Allows files commonly used by IDEs |
17 | include allow-common-devel.inc | 17 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/anki.profile b/etc/profile-a-l/anki.profile index c1aa18ff3..13bb01ce2 100644 --- a/etc/profile-a-l/anki.profile +++ b/etc/profile-a-l/anki.profile | |||
@@ -6,8 +6,8 @@ include anki.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${HOME}/.local/share/Anki2 | 10 | noblacklist ${HOME}/.local/share/Anki2 |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
@@ -23,8 +23,8 @@ include disable-shell.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.local/share/Anki2 | 25 | mkdir ${HOME}/.local/share/Anki2 |
26 | allow ${DOCUMENTS} | 26 | whitelist ${DOCUMENTS} |
27 | allow ${HOME}/.local/share/Anki2 | 27 | whitelist ${HOME}/.local/share/Anki2 |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
diff --git a/etc/profile-a-l/anydesk.profile b/etc/profile-a-l/anydesk.profile index cb30ed8da..fdaf10259 100644 --- a/etc/profile-a-l/anydesk.profile +++ b/etc/profile-a-l/anydesk.profile | |||
@@ -5,7 +5,7 @@ include anydesk.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.anydesk | 8 | noblacklist ${HOME}/.anydesk |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.anydesk | 17 | mkdir ${HOME}/.anydesk |
18 | allow ${HOME}/.anydesk | 18 | whitelist ${HOME}/.anydesk |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | 20 | ||
21 | caps.drop all | 21 | caps.drop all |
diff --git a/etc/profile-a-l/aosp.profile b/etc/profile-a-l/aosp.profile index d647a4657..e7b09283e 100644 --- a/etc/profile-a-l/aosp.profile +++ b/etc/profile-a-l/aosp.profile | |||
@@ -5,13 +5,13 @@ include aosp.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.android | 8 | noblacklist ${HOME}/.android |
9 | nodeny ${HOME}/.bash_history | 9 | noblacklist ${HOME}/.bash_history |
10 | nodeny ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
11 | nodeny ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
12 | nodeny ${HOME}/.repo_.gitconfig.json | 12 | noblacklist ${HOME}/.repo_.gitconfig.json |
13 | nodeny ${HOME}/.repoconfig | 13 | noblacklist ${HOME}/.repoconfig |
14 | nodeny ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
15 | 15 | ||
16 | # Allows files commonly used by IDEs | 16 | # Allows files commonly used by IDEs |
17 | include allow-common-devel.inc | 17 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/apostrophe.profile b/etc/profile-a-l/apostrophe.profile index 020ae2812..01566314f 100644 --- a/etc/profile-a-l/apostrophe.profile +++ b/etc/profile-a-l/apostrophe.profile | |||
@@ -6,9 +6,9 @@ include apostrophe.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.texlive20* | 9 | noblacklist ${HOME}/.texlive20* |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | 13 | # Allow lua (blacklisted by disable-interpreters.inc) |
14 | include allow-lua.inc | 14 | include allow-lua.inc |
@@ -31,12 +31,12 @@ include disable-programs.inc | |||
31 | include disable-shell.inc | 31 | include disable-shell.inc |
32 | include disable-xdg.inc | 32 | include disable-xdg.inc |
33 | 33 | ||
34 | allow /usr/libexec/webkit2gtk-4.0 | 34 | whitelist /usr/libexec/webkit2gtk-4.0 |
35 | allow /usr/share/apostrophe | 35 | whitelist /usr/share/apostrophe |
36 | allow /usr/share/texlive | 36 | whitelist /usr/share/texlive |
37 | allow /usr/share/texmf | 37 | whitelist /usr/share/texmf |
38 | allow /usr/share/pandoc-* | 38 | whitelist /usr/share/pandoc-* |
39 | allow /usr/share/perl5 | 39 | whitelist /usr/share/perl5 |
40 | include whitelist-runuser-common.inc | 40 | include whitelist-runuser-common.inc |
41 | include whitelist-usr-share-common.inc | 41 | include whitelist-usr-share-common.inc |
42 | include whitelist-var-common.inc | 42 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/arch-audit.profile b/etc/profile-a-l/arch-audit.profile index 8c71dd574..accabb6f5 100644 --- a/etc/profile-a-l/arch-audit.profile +++ b/etc/profile-a-l/arch-audit.profile | |||
@@ -7,7 +7,7 @@ include arch-audit.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny /var/lib/pacman | 10 | noblacklist /var/lib/pacman |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-programs.inc | |||
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | allow /usr/share/arch-audit | 21 | whitelist /usr/share/arch-audit |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | 23 | ||
24 | apparmor | 24 | apparmor |
diff --git a/etc/profile-a-l/archaudit-report.profile b/etc/profile-a-l/archaudit-report.profile index 0915ede33..19c37f90e 100644 --- a/etc/profile-a-l/archaudit-report.profile +++ b/etc/profile-a-l/archaudit-report.profile | |||
@@ -6,7 +6,7 @@ include archaudit-report.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /var/lib/pacman | 9 | noblacklist /var/lib/pacman |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/archiver-common.profile b/etc/profile-a-l/archiver-common.profile index 5b859ceb1..1fab4606b 100644 --- a/etc/profile-a-l/archiver-common.profile +++ b/etc/profile-a-l/archiver-common.profile | |||
@@ -4,7 +4,7 @@ include archiver-common.local | |||
4 | 4 | ||
5 | # common profile for archiver/compression tools | 5 | # common profile for archiver/compression tools |
6 | 6 | ||
7 | deny ${RUNUSER} | 7 | blacklist ${RUNUSER} |
8 | 8 | ||
9 | # Comment/uncomment the relevant include file(s) in your archiver-common.local | 9 | # Comment/uncomment the relevant include file(s) in your archiver-common.local |
10 | # to (un)restrict file access for **all** archivers. Another option is to do this **per archiver** | 10 | # to (un)restrict file access for **all** archivers. Another option is to do this **per archiver** |
diff --git a/etc/profile-a-l/ardour5.profile b/etc/profile-a-l/ardour5.profile index 960948afc..84b1d6c18 100644 --- a/etc/profile-a-l/ardour5.profile +++ b/etc/profile-a-l/ardour5.profile | |||
@@ -5,12 +5,12 @@ include ardour5.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/ardour4 | 8 | noblacklist ${HOME}/.config/ardour4 |
9 | nodeny ${HOME}/.config/ardour5 | 9 | noblacklist ${HOME}/.config/ardour5 |
10 | nodeny ${HOME}/.lv2 | 10 | noblacklist ${HOME}/.lv2 |
11 | nodeny ${HOME}/.vst | 11 | noblacklist ${HOME}/.vst |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | nodeny ${MUSIC} | 13 | noblacklist ${MUSIC} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/arduino.profile b/etc/profile-a-l/arduino.profile index 88f14fbfe..fd1ca9a09 100644 --- a/etc/profile-a-l/arduino.profile +++ b/etc/profile-a-l/arduino.profile | |||
@@ -6,9 +6,9 @@ include arduino.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.arduino15 | 9 | noblacklist ${HOME}/.arduino15 |
10 | nodeny ${HOME}/Arduino | 10 | noblacklist ${HOME}/Arduino |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow java (blacklisted by disable-devel.inc) | 13 | # Allow java (blacklisted by disable-devel.inc) |
14 | include allow-java.inc | 14 | include allow-java.inc |
diff --git a/etc/profile-a-l/aria2c.profile b/etc/profile-a-l/aria2c.profile index be56011f0..22b8ecd65 100644 --- a/etc/profile-a-l/aria2c.profile +++ b/etc/profile-a-l/aria2c.profile | |||
@@ -6,12 +6,12 @@ include aria2c.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.aria2 | 9 | noblacklist ${HOME}/.aria2 |
10 | nodeny ${HOME}/.config/aria2 | 10 | noblacklist ${HOME}/.config/aria2 |
11 | nodeny ${HOME}/.netrc | 11 | noblacklist ${HOME}/.netrc |
12 | 12 | ||
13 | deny /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | deny ${RUNUSER}/wayland-* | 14 | blacklist ${RUNUSER}/wayland-* |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/ark.profile b/etc/profile-a-l/ark.profile index 031c57080..a63dd8f5f 100644 --- a/etc/profile-a-l/ark.profile +++ b/etc/profile-a-l/ark.profile | |||
@@ -6,8 +6,8 @@ include ark.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/arkrc | 9 | noblacklist ${HOME}/.config/arkrc |
10 | nodeny ${HOME}/.local/share/kxmlgui5/ark | 10 | noblacklist ${HOME}/.local/share/kxmlgui5/ark |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-interpreters.inc | |||
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | allow /usr/share/ark | 19 | whitelist /usr/share/ark |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-a-l/arm.profile b/etc/profile-a-l/arm.profile index 9ed8076be..2c8b630ce 100644 --- a/etc/profile-a-l/arm.profile +++ b/etc/profile-a-l/arm.profile | |||
@@ -6,7 +6,7 @@ include arm.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.arm | 9 | noblacklist ${HOME}/.arm |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -20,7 +20,7 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.arm | 22 | mkdir ${HOME}/.arm |
23 | allow ${HOME}/.arm | 23 | whitelist ${HOME}/.arm |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | 25 | ||
26 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/profile-a-l/artha.profile b/etc/profile-a-l/artha.profile index 7cfac4915..fab72b7d3 100644 --- a/etc/profile-a-l/artha.profile +++ b/etc/profile-a-l/artha.profile | |||
@@ -6,12 +6,12 @@ include artha.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/artha.conf | 9 | noblacklist ${HOME}/.config/artha.conf |
10 | nodeny ${HOME}/.config/artha.log | 10 | noblacklist ${HOME}/.config/artha.log |
11 | nodeny ${HOME}/.config/enchant | 11 | noblacklist ${HOME}/.config/enchant |
12 | 12 | ||
13 | deny /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | deny ${RUNUSER}/wayland-* | 14 | blacklist ${RUNUSER}/wayland-* |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -28,8 +28,8 @@ include disable-xdg.inc | |||
28 | #whitelist ${HOME}/.config/artha.conf | 28 | #whitelist ${HOME}/.config/artha.conf |
29 | #whitelist ${HOME}/.config/artha.log | 29 | #whitelist ${HOME}/.config/artha.log |
30 | #whitelist ${HOME}/.config/enchant | 30 | #whitelist ${HOME}/.config/enchant |
31 | allow /usr/share/artha | 31 | whitelist /usr/share/artha |
32 | allow /usr/share/wordnet | 32 | whitelist /usr/share/wordnet |
33 | #include whitelist-common.inc | 33 | #include whitelist-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/assogiate.profile b/etc/profile-a-l/assogiate.profile index f2251c210..977fe30a4 100644 --- a/etc/profile-a-l/assogiate.profile +++ b/etc/profile-a-l/assogiate.profile | |||
@@ -6,7 +6,7 @@ include assogiate.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow ${PICTURES} | 20 | whitelist ${PICTURES} |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/asunder.profile b/etc/profile-a-l/asunder.profile index e65072266..c97fd691a 100644 --- a/etc/profile-a-l/asunder.profile +++ b/etc/profile-a-l/asunder.profile | |||
@@ -6,11 +6,11 @@ include asunder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/asunder | 9 | noblacklist ${HOME}/.config/asunder |
10 | nodeny ${HOME}/.asunder_album_genre | 10 | noblacklist ${HOME}/.asunder_album_genre |
11 | nodeny ${HOME}/.asunder_album_title | 11 | noblacklist ${HOME}/.asunder_album_title |
12 | nodeny ${HOME}/.asunder_album_artist | 12 | noblacklist ${HOME}/.asunder_album_artist |
13 | nodeny ${MUSIC} | 13 | noblacklist ${MUSIC} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/atom.profile b/etc/profile-a-l/atom.profile index ea3038537..5f237ac59 100644 --- a/etc/profile-a-l/atom.profile +++ b/etc/profile-a-l/atom.profile | |||
@@ -18,8 +18,8 @@ ignore include whitelist-var-common.inc | |||
18 | ignore apparmor | 18 | ignore apparmor |
19 | ignore disable-mnt | 19 | ignore disable-mnt |
20 | 20 | ||
21 | nodeny ${HOME}/.atom | 21 | noblacklist ${HOME}/.atom |
22 | nodeny ${HOME}/.config/Atom | 22 | noblacklist ${HOME}/.config/Atom |
23 | 23 | ||
24 | # Allows files commonly used by IDEs | 24 | # Allows files commonly used by IDEs |
25 | include allow-common-devel.inc | 25 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/atril.profile b/etc/profile-a-l/atril.profile index 8ae8617cf..1c3ed66ff 100644 --- a/etc/profile-a-l/atril.profile +++ b/etc/profile-a-l/atril.profile | |||
@@ -6,9 +6,9 @@ include atril.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/atril | 9 | noblacklist ${HOME}/.cache/atril |
10 | nodeny ${HOME}/.config/atril | 10 | noblacklist ${HOME}/.config/atril |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | #noblacklist ${HOME}/.local/share | 13 | #noblacklist ${HOME}/.local/share |
14 | # it seems to use only ${HOME}/.local/share/webkitgtk | 14 | # it seems to use only ${HOME}/.local/share/webkitgtk |
diff --git a/etc/profile-a-l/audacious.profile b/etc/profile-a-l/audacious.profile index 53baf0a2a..f9f209786 100644 --- a/etc/profile-a-l/audacious.profile +++ b/etc/profile-a-l/audacious.profile | |||
@@ -6,9 +6,9 @@ include audacious.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Audaciousrc | 9 | noblacklist ${HOME}/.config/Audaciousrc |
10 | nodeny ${HOME}/.config/audacious | 10 | noblacklist ${HOME}/.config/audacious |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/audacity.profile b/etc/profile-a-l/audacity.profile index c244846e1..a2de8436a 100644 --- a/etc/profile-a-l/audacity.profile +++ b/etc/profile-a-l/audacity.profile | |||
@@ -6,9 +6,9 @@ include audacity.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.audacity-data | 9 | noblacklist ${HOME}/.audacity-data |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/audio-recorder.profile b/etc/profile-a-l/audio-recorder.profile index 534792cc6..2c7fdc812 100644 --- a/etc/profile-a-l/audio-recorder.profile +++ b/etc/profile-a-l/audio-recorder.profile | |||
@@ -7,7 +7,7 @@ include audio-recorder.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,10 +17,10 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow ${MUSIC} | 20 | whitelist ${MUSIC} |
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | allow /usr/share/audio-recorder | 22 | whitelist /usr/share/audio-recorder |
23 | allow /usr/share/gstreamer-1.0 | 23 | whitelist /usr/share/gstreamer-1.0 |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/authenticator-rs.profile b/etc/profile-a-l/authenticator-rs.profile index 0d6eb6a21..2ebe35dd5 100644 --- a/etc/profile-a-l/authenticator-rs.profile +++ b/etc/profile-a-l/authenticator-rs.profile | |||
@@ -6,7 +6,7 @@ include authenticator-rs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/authenticator-rs | 9 | noblacklist ${HOME}/.local/share/authenticator-rs |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/authenticator-rs | 20 | mkdir ${HOME}/.local/share/authenticator-rs |
21 | allow ${HOME}/.local/share/authenticator-rs | 21 | whitelist ${HOME}/.local/share/authenticator-rs |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow /usr/share/uk.co.grumlimited.authenticator-rs | 23 | whitelist /usr/share/uk.co.grumlimited.authenticator-rs |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/authenticator.profile b/etc/profile-a-l/authenticator.profile index 55d967e3e..42d9cd56a 100644 --- a/etc/profile-a-l/authenticator.profile +++ b/etc/profile-a-l/authenticator.profile | |||
@@ -6,8 +6,8 @@ include authenticator.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Authenticator | 9 | noblacklist ${HOME}/.cache/Authenticator |
10 | nodeny ${HOME}/.config/Authenticator | 10 | noblacklist ${HOME}/.config/Authenticator |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | #include allow-python2.inc | 13 | #include allow-python2.inc |
diff --git a/etc/profile-a-l/autokey-common.profile b/etc/profile-a-l/autokey-common.profile index a5b3b22f6..891928e5a 100644 --- a/etc/profile-a-l/autokey-common.profile +++ b/etc/profile-a-l/autokey-common.profile | |||
@@ -7,8 +7,8 @@ include autokey-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/autokey | 10 | noblacklist ${HOME}/.config/autokey |
11 | nodeny ${HOME}/.local/share/autokey | 11 | noblacklist ${HOME}/.local/share/autokey |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-a-l/avidemux.profile b/etc/profile-a-l/avidemux.profile index 0feb05d75..1ecc03da1 100644 --- a/etc/profile-a-l/avidemux.profile +++ b/etc/profile-a-l/avidemux.profile | |||
@@ -5,9 +5,9 @@ include avidemux.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.avidemux6 | 8 | noblacklist ${HOME}/.avidemux6 |
9 | nodeny ${HOME}/.config/avidemux3_qt5rc | 9 | noblacklist ${HOME}/.config/avidemux3_qt5rc |
10 | nodeny ${VIDEOS} | 10 | noblacklist ${VIDEOS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.avidemux6 | 21 | mkdir ${HOME}/.avidemux6 |
22 | mkdir ${HOME}/.config/avidemux3_qt5rc | 22 | mkdir ${HOME}/.config/avidemux3_qt5rc |
23 | allow ${HOME}/.avidemux6 | 23 | whitelist ${HOME}/.avidemux6 |
24 | allow ${HOME}/.config/avidemux3_qt5rc | 24 | whitelist ${HOME}/.config/avidemux3_qt5rc |
25 | allow ${VIDEOS} | 25 | whitelist ${VIDEOS} |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/aweather.profile b/etc/profile-a-l/aweather.profile index abe9fdb24..a57ad4014 100644 --- a/etc/profile-a-l/aweather.profile +++ b/etc/profile-a-l/aweather.profile | |||
@@ -6,7 +6,7 @@ include aweather.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/aweather | 9 | noblacklist ${HOME}/.config/aweather |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/aweather | 18 | mkdir ${HOME}/.config/aweather |
19 | allow ${HOME}/.config/aweather | 19 | whitelist ${HOME}/.config/aweather |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-a-l/awesome.profile b/etc/profile-a-l/awesome.profile index 58f4f5e96..5d1bf5071 100644 --- a/etc/profile-a-l/awesome.profile +++ b/etc/profile-a-l/awesome.profile | |||
@@ -7,7 +7,7 @@ include awesome.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in awesome will run in this profile | 9 | # all applications started in awesome will run in this profile |
10 | nodeny ${HOME}/.config/awesome | 10 | noblacklist ${HOME}/.config/awesome |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/profile-a-l/ballbuster.profile b/etc/profile-a-l/ballbuster.profile index 46bb0b44e..3952921a3 100644 --- a/etc/profile-a-l/ballbuster.profile +++ b/etc/profile-a-l/ballbuster.profile | |||
@@ -6,7 +6,7 @@ include ballbuster.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.ballbuster.hs | 9 | noblacklist ${HOME}/.ballbuster.hs |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/.ballbuster.hs | 20 | mkfile ${HOME}/.ballbuster.hs |
21 | allow ${HOME}/.ballbuster.hs | 21 | whitelist ${HOME}/.ballbuster.hs |
22 | allow /usr/share/ballbuster | 22 | whitelist /usr/share/ballbuster |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/baloo_file.profile b/etc/profile-a-l/baloo_file.profile index 2b10883f7..fe86d9b80 100644 --- a/etc/profile-a-l/baloo_file.profile +++ b/etc/profile-a-l/baloo_file.profile | |||
@@ -12,12 +12,12 @@ include globals.local | |||
12 | # read-write ${HOME}/.local/share/baloo | 12 | # read-write ${HOME}/.local/share/baloo |
13 | # ignore read-write | 13 | # ignore read-write |
14 | 14 | ||
15 | nodeny ${HOME}/.config/baloofilerc | 15 | noblacklist ${HOME}/.config/baloofilerc |
16 | nodeny ${HOME}/.kde/share/config/baloofilerc | 16 | noblacklist ${HOME}/.kde/share/config/baloofilerc |
17 | nodeny ${HOME}/.kde/share/config/baloorc | 17 | noblacklist ${HOME}/.kde/share/config/baloorc |
18 | nodeny ${HOME}/.kde4/share/config/baloofilerc | 18 | noblacklist ${HOME}/.kde4/share/config/baloofilerc |
19 | nodeny ${HOME}/.kde4/share/config/baloorc | 19 | noblacklist ${HOME}/.kde4/share/config/baloorc |
20 | nodeny ${HOME}/.local/share/baloo | 20 | noblacklist ${HOME}/.local/share/baloo |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
diff --git a/etc/profile-a-l/balsa.profile b/etc/profile-a-l/balsa.profile index 1e74443aa..8c69652c5 100644 --- a/etc/profile-a-l/balsa.profile +++ b/etc/profile-a-l/balsa.profile | |||
@@ -6,13 +6,13 @@ include balsa.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.balsa | 9 | noblacklist ${HOME}/.balsa |
10 | nodeny ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | nodeny ${HOME}/.mozilla | 11 | noblacklist ${HOME}/.mozilla |
12 | nodeny ${HOME}/.signature | 12 | noblacklist ${HOME}/.signature |
13 | nodeny ${HOME}/mail | 13 | noblacklist ${HOME}/mail |
14 | nodeny /var/mail | 14 | noblacklist /var/mail |
15 | nodeny /var/spool/mail | 15 | noblacklist /var/spool/mail |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -27,17 +27,17 @@ mkdir ${HOME}/.balsa | |||
27 | mkdir ${HOME}/.gnupg | 27 | mkdir ${HOME}/.gnupg |
28 | mkfile ${HOME}/.signature | 28 | mkfile ${HOME}/.signature |
29 | mkdir ${HOME}/mail | 29 | mkdir ${HOME}/mail |
30 | allow ${HOME}/.balsa | 30 | whitelist ${HOME}/.balsa |
31 | allow ${HOME}/.gnupg | 31 | whitelist ${HOME}/.gnupg |
32 | allow ${HOME}/.mozilla/firefox/profiles.ini | 32 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
33 | allow ${HOME}/.signature | 33 | whitelist ${HOME}/.signature |
34 | allow ${HOME}/mail | 34 | whitelist ${HOME}/mail |
35 | allow ${RUNUSER}/gnupg | 35 | whitelist ${RUNUSER}/gnupg |
36 | allow /usr/share/balsa | 36 | whitelist /usr/share/balsa |
37 | allow /usr/share/gnupg | 37 | whitelist /usr/share/gnupg |
38 | allow /usr/share/gnupg2 | 38 | whitelist /usr/share/gnupg2 |
39 | allow /var/mail | 39 | whitelist /var/mail |
40 | allow /var/spool/mail | 40 | whitelist /var/spool/mail |
41 | include whitelist-common.inc | 41 | include whitelist-common.inc |
42 | include whitelist-runuser-common.inc | 42 | include whitelist-runuser-common.inc |
43 | include whitelist-usr-share-common.inc | 43 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/barrier.profile b/etc/profile-a-l/barrier.profile index fcea9b3ba..7b50e9199 100644 --- a/etc/profile-a-l/barrier.profile +++ b/etc/profile-a-l/barrier.profile | |||
@@ -6,9 +6,9 @@ include barrier.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Debauchee/Barrier.conf | 9 | noblacklist ${HOME}/.config/Debauchee/Barrier.conf |
10 | nodeny ${HOME}/.local/share/barrier | 10 | noblacklist ${HOME}/.local/share/barrier |
11 | nodeny ${PATH}/openssl | 11 | noblacklist ${PATH}/openssl |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/basilisk.profile b/etc/profile-a-l/basilisk.profile index 547c67fc8..8dc3847a0 100644 --- a/etc/profile-a-l/basilisk.profile +++ b/etc/profile-a-l/basilisk.profile | |||
@@ -5,13 +5,13 @@ include basilisk.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/moonchild productions/basilisk | 8 | noblacklist ${HOME}/.cache/moonchild productions/basilisk |
9 | nodeny ${HOME}/.moonchild productions/basilisk | 9 | noblacklist ${HOME}/.moonchild productions/basilisk |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/moonchild productions/basilisk | 11 | mkdir ${HOME}/.cache/moonchild productions/basilisk |
12 | mkdir ${HOME}/.moonchild productions | 12 | mkdir ${HOME}/.moonchild productions |
13 | allow ${HOME}/.cache/moonchild productions/basilisk | 13 | whitelist ${HOME}/.cache/moonchild productions/basilisk |
14 | allow ${HOME}/.moonchild productions | 14 | whitelist ${HOME}/.moonchild productions |
15 | 15 | ||
16 | # Basilisk can use the full firejail seccomp filter (unlike firefox >= 60) | 16 | # Basilisk can use the full firejail seccomp filter (unlike firefox >= 60) |
17 | seccomp | 17 | seccomp |
diff --git a/etc/profile-a-l/bcompare.profile b/etc/profile-a-l/bcompare.profile index a1d2b1e73..3ecaea7fe 100644 --- a/etc/profile-a-l/bcompare.profile +++ b/etc/profile-a-l/bcompare.profile | |||
@@ -7,10 +7,10 @@ include bcompare.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/bcompare | 10 | noblacklist ${HOME}/.config/bcompare |
11 | # In case the user decides to include disable-programs.inc, still allow | 11 | # In case the user decides to include disable-programs.inc, still allow |
12 | # KDE's Gwenview to view images via right click -> Open With -> Associated Application | 12 | # KDE's Gwenview to view images via right click -> Open With -> Associated Application |
13 | nodeny ${HOME}/.config/gwenviewrc | 13 | noblacklist ${HOME}/.config/gwenviewrc |
14 | 14 | ||
15 | # Add the next line to your bcompare.local if you don't need to compare files in disable-common.inc. | 15 | # Add the next line to your bcompare.local if you don't need to compare files in disable-common.inc. |
16 | #include disable-common.inc | 16 | #include disable-common.inc |
diff --git a/etc/profile-a-l/beaker.profile b/etc/profile-a-l/beaker.profile index 588f460a8..f3a9568bd 100644 --- a/etc/profile-a-l/beaker.profile +++ b/etc/profile-a-l/beaker.profile | |||
@@ -19,10 +19,10 @@ ignore private-cache | |||
19 | ignore private-dev | 19 | ignore private-dev |
20 | ignore private-tmp | 20 | ignore private-tmp |
21 | 21 | ||
22 | nodeny ${HOME}/.config/Beaker Browser | 22 | noblacklist ${HOME}/.config/Beaker Browser |
23 | 23 | ||
24 | mkdir ${HOME}/.config/Beaker Browser | 24 | mkdir ${HOME}/.config/Beaker Browser |
25 | allow ${HOME}/.config/Beaker Browser | 25 | whitelist ${HOME}/.config/Beaker Browser |
26 | 26 | ||
27 | # Redirect | 27 | # Redirect |
28 | include electron.profile | 28 | include electron.profile |
diff --git a/etc/profile-a-l/bibletime.profile b/etc/profile-a-l/bibletime.profile index 717d7258d..c7a82afbd 100644 --- a/etc/profile-a-l/bibletime.profile +++ b/etc/profile-a-l/bibletime.profile | |||
@@ -6,11 +6,11 @@ include bibletime.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.bibletime | 9 | noblacklist ${HOME}/.bibletime |
10 | nodeny ${HOME}/.sword | 10 | noblacklist ${HOME}/.sword |
11 | nodeny ${HOME}/.local/share/bibletime | 11 | noblacklist ${HOME}/.local/share/bibletime |
12 | 12 | ||
13 | deny ${HOME}/.bashrc | 13 | blacklist ${HOME}/.bashrc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,12 +22,12 @@ include disable-programs.inc | |||
22 | mkdir ${HOME}/.bibletime | 22 | mkdir ${HOME}/.bibletime |
23 | mkdir ${HOME}/.sword | 23 | mkdir ${HOME}/.sword |
24 | mkdir ${HOME}/.local/share/bibletime | 24 | mkdir ${HOME}/.local/share/bibletime |
25 | allow ${HOME}/.bibletime | 25 | whitelist ${HOME}/.bibletime |
26 | allow ${HOME}/.sword | 26 | whitelist ${HOME}/.sword |
27 | allow ${HOME}/.local/share/bibletime | 27 | whitelist ${HOME}/.local/share/bibletime |
28 | allow /usr/share/bibletime | 28 | whitelist /usr/share/bibletime |
29 | allow /usr/share/doc/bibletime | 29 | whitelist /usr/share/doc/bibletime |
30 | allow /usr/share/sword | 30 | whitelist /usr/share/sword |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/bijiben.profile b/etc/profile-a-l/bijiben.profile index b02fcc3e0..854fe5cb9 100644 --- a/etc/profile-a-l/bijiben.profile +++ b/etc/profile-a-l/bijiben.profile | |||
@@ -6,7 +6,7 @@ include bijiben.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/bijiben | 9 | noblacklist ${HOME}/.local/share/bijiben |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,12 +18,12 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/bijiben | 20 | mkdir ${HOME}/.local/share/bijiben |
21 | allow ${HOME}/.local/share/bijiben | 21 | whitelist ${HOME}/.local/share/bijiben |
22 | allow ${HOME}/.cache/tracker | 22 | whitelist ${HOME}/.cache/tracker |
23 | allow /usr/libexec/webkit2gtk-4.0 | 23 | whitelist /usr/libexec/webkit2gtk-4.0 |
24 | allow /usr/share/bijiben | 24 | whitelist /usr/share/bijiben |
25 | allow /usr/share/tracker | 25 | whitelist /usr/share/tracker |
26 | allow /usr/share/tracker3 | 26 | whitelist /usr/share/tracker3 |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/bitcoin-qt.profile b/etc/profile-a-l/bitcoin-qt.profile index c4ec0f820..932db9b73 100644 --- a/etc/profile-a-l/bitcoin-qt.profile +++ b/etc/profile-a-l/bitcoin-qt.profile | |||
@@ -6,8 +6,8 @@ include bitcoin-qt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.bitcoin | 9 | noblacklist ${HOME}/.bitcoin |
10 | nodeny ${HOME}/.config/Bitcoin | 10 | noblacklist ${HOME}/.config/Bitcoin |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.bitcoin | 20 | mkdir ${HOME}/.bitcoin |
21 | mkdir ${HOME}/.config/Bitcoin | 21 | mkdir ${HOME}/.config/Bitcoin |
22 | allow ${HOME}/.bitcoin | 22 | whitelist ${HOME}/.bitcoin |
23 | allow ${HOME}/.config/Bitcoin | 23 | whitelist ${HOME}/.config/Bitcoin |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-a-l/bitlbee.profile b/etc/profile-a-l/bitlbee.profile index 0f000b26b..dd7651979 100644 --- a/etc/profile-a-l/bitlbee.profile +++ b/etc/profile-a-l/bitlbee.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny /sbin | 11 | noblacklist /sbin |
12 | nodeny /usr/sbin | 12 | noblacklist /usr/sbin |
13 | # noblacklist /var/log | 13 | # noblacklist /var/log |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
diff --git a/etc/profile-a-l/bitwarden.profile b/etc/profile-a-l/bitwarden.profile index 4b292d72a..ba2eb2ea7 100644 --- a/etc/profile-a-l/bitwarden.profile +++ b/etc/profile-a-l/bitwarden.profile | |||
@@ -11,12 +11,12 @@ ignore include whitelist-usr-share-common.inc | |||
11 | 11 | ||
12 | ignore noexec /tmp | 12 | ignore noexec /tmp |
13 | 13 | ||
14 | nodeny ${HOME}/.config/Bitwarden | 14 | noblacklist ${HOME}/.config/Bitwarden |
15 | 15 | ||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/Bitwarden | 18 | mkdir ${HOME}/.config/Bitwarden |
19 | allow ${HOME}/.config/Bitwarden | 19 | whitelist ${HOME}/.config/Bitwarden |
20 | 20 | ||
21 | machine-id | 21 | machine-id |
22 | no3d | 22 | no3d |
diff --git a/etc/profile-a-l/blackbox.profile b/etc/profile-a-l/blackbox.profile index 616ad6801..233f9a96f 100644 --- a/etc/profile-a-l/blackbox.profile +++ b/etc/profile-a-l/blackbox.profile | |||
@@ -7,7 +7,7 @@ include blackbox.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in blackbox will run in this profile | 9 | # all applications started in blackbox will run in this profile |
10 | nodeny ${HOME}/.blackbox | 10 | noblacklist ${HOME}/.blackbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/profile-a-l/blender.profile b/etc/profile-a-l/blender.profile index 8d0b5616f..701ae431e 100644 --- a/etc/profile-a-l/blender.profile +++ b/etc/profile-a-l/blender.profile | |||
@@ -6,7 +6,7 @@ include blender.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/blender | 9 | noblacklist ${HOME}/.config/blender |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -20,8 +20,8 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | # Allow usage of AMD GPU by OpenCL | 22 | # Allow usage of AMD GPU by OpenCL |
23 | nodeny /sys/module | 23 | noblacklist /sys/module |
24 | allow /sys/module/amdgpu | 24 | whitelist /sys/module/amdgpu |
25 | read-only /sys/module/amdgpu | 25 | read-only /sys/module/amdgpu |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-a-l/bless.profile b/etc/profile-a-l/bless.profile index ca5f96eee..80dc750f7 100644 --- a/etc/profile-a-l/bless.profile +++ b/etc/profile-a-l/bless.profile | |||
@@ -6,7 +6,7 @@ include bless.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/bless | 9 | noblacklist ${HOME}/.config/bless |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/blobby.profile b/etc/profile-a-l/blobby.profile index ee2a73b54..229c20293 100644 --- a/etc/profile-a-l/blobby.profile +++ b/etc/profile-a-l/blobby.profile | |||
@@ -4,7 +4,7 @@ include blobby.local | |||
4 | # Persistent global definitions | 4 | # Persistent global definitions |
5 | include globals.local | 5 | include globals.local |
6 | 6 | ||
7 | nodeny ${HOME}/.blobby | 7 | noblacklist ${HOME}/.blobby |
8 | 8 | ||
9 | include disable-common.inc | 9 | include disable-common.inc |
10 | include disable-devel.inc | 10 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-shell.inc | |||
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.blobby | 18 | mkdir ${HOME}/.blobby |
19 | allow ${HOME}/.blobby | 19 | whitelist ${HOME}/.blobby |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | allow /usr/share/blobby | 21 | whitelist /usr/share/blobby |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/blobwars.profile b/etc/profile-a-l/blobwars.profile index e0be5261e..904710cb5 100644 --- a/etc/profile-a-l/blobwars.profile +++ b/etc/profile-a-l/blobwars.profile | |||
@@ -6,7 +6,7 @@ include blobwars.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.parallelrealities/blobwars | 9 | noblacklist ${HOME}/.parallelrealities/blobwars |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.parallelrealities/blobwars | 20 | mkdir ${HOME}/.parallelrealities/blobwars |
21 | allow ${HOME}/.parallelrealities/blobwars | 21 | whitelist ${HOME}/.parallelrealities/blobwars |
22 | allow /usr/share/blobwars | 22 | whitelist /usr/share/blobwars |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/bnox.profile b/etc/profile-a-l/bnox.profile index dcfd5d8d2..6e8f0d7d1 100644 --- a/etc/profile-a-l/bnox.profile +++ b/etc/profile-a-l/bnox.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/bnox | 13 | noblacklist ${HOME}/.cache/bnox |
14 | nodeny ${HOME}/.config/bnox | 14 | noblacklist ${HOME}/.config/bnox |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/bnox | 16 | mkdir ${HOME}/.cache/bnox |
17 | mkdir ${HOME}/.config/bnox | 17 | mkdir ${HOME}/.config/bnox |
18 | allow ${HOME}/.cache/bnox | 18 | whitelist ${HOME}/.cache/bnox |
19 | allow ${HOME}/.config/bnox | 19 | whitelist ${HOME}/.config/bnox |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-a-l/brackets.profile b/etc/profile-a-l/brackets.profile index a14bb8fef..0cbac049a 100644 --- a/etc/profile-a-l/brackets.profile +++ b/etc/profile-a-l/brackets.profile | |||
@@ -5,7 +5,7 @@ include brackets.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/Brackets | 8 | noblacklist ${HOME}/.config/Brackets |
9 | #noblacklist /opt/brackets | 9 | #noblacklist /opt/brackets |
10 | #noblacklist /opt/google | 10 | #noblacklist /opt/google |
11 | 11 | ||
diff --git a/etc/profile-a-l/brasero.profile b/etc/profile-a-l/brasero.profile index a78882409..417a6b3e0 100644 --- a/etc/profile-a-l/brasero.profile +++ b/etc/profile-a-l/brasero.profile | |||
@@ -6,7 +6,7 @@ include brasero.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/brasero | 9 | noblacklist ${HOME}/.config/brasero |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/brave.profile b/etc/profile-a-l/brave.profile index bc2d7a6a1..09548c761 100644 --- a/etc/profile-a-l/brave.profile +++ b/etc/profile-a-l/brave.profile | |||
@@ -14,24 +14,24 @@ ignore noexec /tmp | |||
14 | # Alternatively you can add 'ignore apparmor' to your brave.local. | 14 | # Alternatively you can add 'ignore apparmor' to your brave.local. |
15 | ignore noexec ${HOME} | 15 | ignore noexec ${HOME} |
16 | 16 | ||
17 | nodeny ${HOME}/.cache/BraveSoftware | 17 | noblacklist ${HOME}/.cache/BraveSoftware |
18 | nodeny ${HOME}/.config/BraveSoftware | 18 | noblacklist ${HOME}/.config/BraveSoftware |
19 | nodeny ${HOME}/.config/brave | 19 | noblacklist ${HOME}/.config/brave |
20 | nodeny ${HOME}/.config/brave-flags.conf | 20 | noblacklist ${HOME}/.config/brave-flags.conf |
21 | # brave uses gpg for built-in password manager | 21 | # brave uses gpg for built-in password manager |
22 | nodeny ${HOME}/.gnupg | 22 | noblacklist ${HOME}/.gnupg |
23 | 23 | ||
24 | mkdir ${HOME}/.cache/BraveSoftware | 24 | mkdir ${HOME}/.cache/BraveSoftware |
25 | mkdir ${HOME}/.config/BraveSoftware | 25 | mkdir ${HOME}/.config/BraveSoftware |
26 | mkdir ${HOME}/.config/brave | 26 | mkdir ${HOME}/.config/brave |
27 | allow ${HOME}/.cache/BraveSoftware | 27 | whitelist ${HOME}/.cache/BraveSoftware |
28 | allow ${HOME}/.config/BraveSoftware | 28 | whitelist ${HOME}/.config/BraveSoftware |
29 | allow ${HOME}/.config/brave | 29 | whitelist ${HOME}/.config/brave |
30 | allow ${HOME}/.config/brave-flags.conf | 30 | whitelist ${HOME}/.config/brave-flags.conf |
31 | allow ${HOME}/.gnupg | 31 | whitelist ${HOME}/.gnupg |
32 | 32 | ||
33 | # Brave sandbox needs read access to /proc/config.gz | 33 | # Brave sandbox needs read access to /proc/config.gz |
34 | nodeny /proc/config.gz | 34 | noblacklist /proc/config.gz |
35 | 35 | ||
36 | # Redirect | 36 | # Redirect |
37 | include chromium-common.profile | 37 | include chromium-common.profile |
diff --git a/etc/profile-a-l/bzflag.profile b/etc/profile-a-l/bzflag.profile index 62ca041c2..bda96bbb3 100644 --- a/etc/profile-a-l/bzflag.profile +++ b/etc/profile-a-l/bzflag.profile | |||
@@ -6,7 +6,7 @@ include bzflag.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.bzf | 9 | noblacklist ${HOME}/.bzf |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.bzf | 20 | mkdir ${HOME}/.bzf |
21 | allow ${HOME}/.bzf | 21 | whitelist ${HOME}/.bzf |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/calibre.profile b/etc/profile-a-l/calibre.profile index 99706620c..83571397b 100644 --- a/etc/profile-a-l/calibre.profile +++ b/etc/profile-a-l/calibre.profile | |||
@@ -6,9 +6,9 @@ include calibre.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/calibre | 9 | noblacklist ${HOME}/.cache/calibre |
10 | nodeny ${HOME}/.config/calibre | 10 | noblacklist ${HOME}/.config/calibre |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/calligra.profile b/etc/profile-a-l/calligra.profile index 36ecc06a0..fcff47662 100644 --- a/etc/profile-a-l/calligra.profile +++ b/etc/profile-a-l/calligra.profile | |||
@@ -6,7 +6,7 @@ include calligra.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/calligra | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/calligra |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/calligragemini.profile b/etc/profile-a-l/calligragemini.profile index 76123c96a..006c307ab 100644 --- a/etc/profile-a-l/calligragemini.profile +++ b/etc/profile-a-l/calligragemini.profile | |||
@@ -6,7 +6,7 @@ include calligragemini.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/calligragemini | 9 | noblacklist ${HOME}/.local/share/calligragemini |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include calligra.profile | 12 | include calligra.profile |
diff --git a/etc/profile-a-l/calligraplan.profile b/etc/profile-a-l/calligraplan.profile index 5fb1e16da..81dbd4dcd 100644 --- a/etc/profile-a-l/calligraplan.profile +++ b/etc/profile-a-l/calligraplan.profile | |||
@@ -6,7 +6,7 @@ include calligraplan.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/calligraplan | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/calligraplan |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include calligra.profile | 12 | include calligra.profile |
diff --git a/etc/profile-a-l/calligraplanwork.profile b/etc/profile-a-l/calligraplanwork.profile index c176bfea1..bba91b66b 100644 --- a/etc/profile-a-l/calligraplanwork.profile +++ b/etc/profile-a-l/calligraplanwork.profile | |||
@@ -6,7 +6,7 @@ include calligraplanwork.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/calligraplanwork | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/calligraplanwork |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include calligra.profile | 12 | include calligra.profile |
diff --git a/etc/profile-a-l/calligrasheets.profile b/etc/profile-a-l/calligrasheets.profile index b7ac68945..7bc296047 100644 --- a/etc/profile-a-l/calligrasheets.profile +++ b/etc/profile-a-l/calligrasheets.profile | |||
@@ -6,7 +6,7 @@ include calligrasheets.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/calligrasheets | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrasheets |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include calligra.profile | 12 | include calligra.profile |
diff --git a/etc/profile-a-l/calligrastage.profile b/etc/profile-a-l/calligrastage.profile index 1258fec56..7694abbe4 100644 --- a/etc/profile-a-l/calligrastage.profile +++ b/etc/profile-a-l/calligrastage.profile | |||
@@ -6,7 +6,7 @@ include calligrastage.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/calligrastage | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrastage |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include calligra.profile | 12 | include calligra.profile |
diff --git a/etc/profile-a-l/calligrawords.profile b/etc/profile-a-l/calligrawords.profile index c2b6c8041..d69d56a95 100644 --- a/etc/profile-a-l/calligrawords.profile +++ b/etc/profile-a-l/calligrawords.profile | |||
@@ -6,7 +6,7 @@ include calligrawords.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/calligrawords | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/calligrawords |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include calligra.profile | 12 | include calligra.profile |
diff --git a/etc/profile-a-l/cameramonitor.profile b/etc/profile-a-l/cameramonitor.profile index 390ae383c..74c7cc34b 100644 --- a/etc/profile-a-l/cameramonitor.profile +++ b/etc/profile-a-l/cameramonitor.profile | |||
@@ -20,7 +20,7 @@ include disable-programs.inc | |||
20 | include disable-shell.inc | 20 | include disable-shell.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | allow /usr/share/cameramonitor | 23 | whitelist /usr/share/cameramonitor |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/cantata.profile b/etc/profile-a-l/cantata.profile index 77bdc09e0..96f88a7c4 100644 --- a/etc/profile-a-l/cantata.profile +++ b/etc/profile-a-l/cantata.profile | |||
@@ -6,10 +6,10 @@ include cantata.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/cantata | 9 | noblacklist ${HOME}/.cache/cantata |
10 | nodeny ${HOME}/.config/cantata | 10 | noblacklist ${HOME}/.config/cantata |
11 | nodeny ${HOME}/.local/share/cantata | 11 | noblacklist ${HOME}/.local/share/cantata |
12 | nodeny ${MUSIC} | 12 | noblacklist ${MUSIC} |
13 | 13 | ||
14 | # Allow perl (blacklisted by disable-interpreters.inc) | 14 | # Allow perl (blacklisted by disable-interpreters.inc) |
15 | include allow-perl.inc | 15 | include allow-perl.inc |
diff --git a/etc/profile-a-l/cargo.profile b/etc/profile-a-l/cargo.profile index 9c53af84f..7cf04c550 100644 --- a/etc/profile-a-l/cargo.profile +++ b/etc/profile-a-l/cargo.profile | |||
@@ -10,11 +10,11 @@ include globals.local | |||
10 | ignore noexec ${HOME} | 10 | ignore noexec ${HOME} |
11 | ignore noexec /tmp | 11 | ignore noexec /tmp |
12 | 12 | ||
13 | deny /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | deny ${RUNUSER} | 14 | blacklist ${RUNUSER} |
15 | 15 | ||
16 | nodeny ${HOME}/.cargo/credentials | 16 | noblacklist ${HOME}/.cargo/credentials |
17 | nodeny ${HOME}/.cargo/credentials.toml | 17 | noblacklist ${HOME}/.cargo/credentials.toml |
18 | 18 | ||
19 | # Allows files commonly used by IDEs | 19 | # Allows files commonly used by IDEs |
20 | include allow-common-devel.inc | 20 | include allow-common-devel.inc |
@@ -34,7 +34,7 @@ include disable-xdg.inc | |||
34 | #whitelist ${HOME}/.cargo | 34 | #whitelist ${HOME}/.cargo |
35 | #whitelist ${HOME}/.rustup | 35 | #whitelist ${HOME}/.rustup |
36 | #include whitelist-common.inc | 36 | #include whitelist-common.inc |
37 | allow /usr/share/pkgconfig | 37 | whitelist /usr/share/pkgconfig |
38 | include whitelist-runuser-common.inc | 38 | include whitelist-runuser-common.inc |
39 | include whitelist-usr-share-common.inc | 39 | include whitelist-usr-share-common.inc |
40 | include whitelist-var-common.inc | 40 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/catfish.profile b/etc/profile-a-l/catfish.profile index 4ea53ea6b..009d3a049 100644 --- a/etc/profile-a-l/catfish.profile +++ b/etc/profile-a-l/catfish.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | # We can't blacklist much since catfish | 9 | # We can't blacklist much since catfish |
10 | # is for finding files/content | 10 | # is for finding files/content |
11 | 11 | ||
12 | nodeny ${HOME}/.config/catfish | 12 | noblacklist ${HOME}/.config/catfish |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
@@ -21,7 +21,7 @@ include disable-interpreters.inc | |||
21 | include disable-passwdmgr.inc | 21 | include disable-passwdmgr.inc |
22 | # include disable-programs.inc | 22 | # include disable-programs.inc |
23 | 23 | ||
24 | allow /var/lib/mlocate | 24 | whitelist /var/lib/mlocate |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
27 | apparmor | 27 | apparmor |
diff --git a/etc/profile-a-l/cawbird.profile b/etc/profile-a-l/cawbird.profile index d7aee1902..6e137010c 100644 --- a/etc/profile-a-l/cawbird.profile +++ b/etc/profile-a-l/cawbird.profile | |||
@@ -6,7 +6,7 @@ include cawbird.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/cawbird | 9 | noblacklist ${HOME}/.config/cawbird |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/celluloid.profile b/etc/profile-a-l/celluloid.profile index d6f4306ba..1c539cc93 100644 --- a/etc/profile-a-l/celluloid.profile +++ b/etc/profile-a-l/celluloid.profile | |||
@@ -6,9 +6,9 @@ include celluloid.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/celluloid | 9 | noblacklist ${HOME}/.config/celluloid |
10 | nodeny ${HOME}/.config/gnome-mpv | 10 | noblacklist ${HOME}/.config/gnome-mpv |
11 | nodeny ${HOME}/.config/youtube-dl | 11 | noblacklist ${HOME}/.config/youtube-dl |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | 13 | # Allow lua (blacklisted by disable-interpreters.inc) |
14 | include allow-lua.inc | 14 | include allow-lua.inc |
@@ -17,7 +17,7 @@ include allow-lua.inc | |||
17 | include allow-python2.inc | 17 | include allow-python2.inc |
18 | include allow-python3.inc | 18 | include allow-python3.inc |
19 | 19 | ||
20 | deny /usr/libexec | 20 | blacklist /usr/libexec |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
@@ -30,9 +30,9 @@ read-only ${DESKTOP} | |||
30 | mkdir ${HOME}/.config/celluloid | 30 | mkdir ${HOME}/.config/celluloid |
31 | mkdir ${HOME}/.config/gnome-mpv | 31 | mkdir ${HOME}/.config/gnome-mpv |
32 | mkdir ${HOME}/.config/youtube-dl | 32 | mkdir ${HOME}/.config/youtube-dl |
33 | allow ${HOME}/.config/celluloid | 33 | whitelist ${HOME}/.config/celluloid |
34 | allow ${HOME}/.config/gnome-mpv | 34 | whitelist ${HOME}/.config/gnome-mpv |
35 | allow ${HOME}/.config/youtube-dl | 35 | whitelist ${HOME}/.config/youtube-dl |
36 | include whitelist-common.inc | 36 | include whitelist-common.inc |
37 | include whitelist-player-common.inc | 37 | include whitelist-player-common.inc |
38 | include whitelist-runuser-common.inc | 38 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/checkbashisms.profile b/etc/profile-a-l/checkbashisms.profile index 0f61084e0..24939fc70 100644 --- a/etc/profile-a-l/checkbashisms.profile +++ b/etc/profile-a-l/checkbashisms.profile | |||
@@ -7,9 +7,9 @@ include checkbashisms.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow perl (blacklisted by disable-interpreters.inc) | 14 | # Allow perl (blacklisted by disable-interpreters.inc) |
15 | include allow-perl.inc | 15 | include allow-perl.inc |
diff --git a/etc/profile-a-l/cheese.profile b/etc/profile-a-l/cheese.profile index bde3e1311..aca1f5876 100644 --- a/etc/profile-a-l/cheese.profile +++ b/etc/profile-a-l/cheese.profile | |||
@@ -6,8 +6,8 @@ include cheese.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${VIDEOS} | 9 | noblacklist ${VIDEOS} |
10 | nodeny ${PICTURES} | 10 | noblacklist ${PICTURES} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow ${VIDEOS} | 20 | whitelist ${VIDEOS} |
21 | allow ${PICTURES} | 21 | whitelist ${PICTURES} |
22 | allow /usr/share/gnome-video-effects | 22 | whitelist /usr/share/gnome-video-effects |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/cherrytree.profile b/etc/profile-a-l/cherrytree.profile index d5dedd81d..7621b3c8c 100644 --- a/etc/profile-a-l/cherrytree.profile +++ b/etc/profile-a-l/cherrytree.profile | |||
@@ -6,8 +6,8 @@ include cherrytree.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/cherrytree | 9 | noblacklist ${HOME}/.config/cherrytree |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/chromium-browser-privacy.profile b/etc/profile-a-l/chromium-browser-privacy.profile index 64c45772a..8803a4d9d 100644 --- a/etc/profile-a-l/chromium-browser-privacy.profile +++ b/etc/profile-a-l/chromium-browser-privacy.profile | |||
@@ -3,15 +3,15 @@ | |||
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include chromium-browser-privacy.local | 4 | include chromium-browser-privacy.local |
5 | 5 | ||
6 | nodeny ${HOME}/.cache/ungoogled-chromium | 6 | noblacklist ${HOME}/.cache/ungoogled-chromium |
7 | nodeny ${HOME}/.config/ungoogled-chromium | 7 | noblacklist ${HOME}/.config/ungoogled-chromium |
8 | 8 | ||
9 | deny /usr/libexec | 9 | blacklist /usr/libexec |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/ungoogled-chromium | 11 | mkdir ${HOME}/.cache/ungoogled-chromium |
12 | mkdir ${HOME}/.config/ungoogled-chromium | 12 | mkdir ${HOME}/.config/ungoogled-chromium |
13 | allow ${HOME}/.cache/ungoogled-chromium | 13 | whitelist ${HOME}/.cache/ungoogled-chromium |
14 | allow ${HOME}/.config/ungoogled-chromium | 14 | whitelist ${HOME}/.config/ungoogled-chromium |
15 | 15 | ||
16 | # private-bin basename,bash,cat,chromium-browser-privacy,dirname,mkdir,readlink,sed,touch,which,xdg-settings | 16 | # private-bin basename,bash,cat,chromium-browser-privacy,dirname,mkdir,readlink,sed,touch,which,xdg-settings |
17 | 17 | ||
diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile index dbeb715d4..b0e0254d4 100644 --- a/etc/profile-a-l/chromium-common.profile +++ b/etc/profile-a-l/chromium-common.profile | |||
@@ -9,8 +9,8 @@ include chromium-common.local | |||
9 | # noexec ${HOME} breaks DRM binaries. | 9 | # noexec ${HOME} breaks DRM binaries. |
10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
11 | 11 | ||
12 | nodeny ${HOME}/.pki | 12 | noblacklist ${HOME}/.pki |
13 | nodeny ${HOME}/.local/share/pki | 13 | noblacklist ${HOME}/.local/share/pki |
14 | 14 | ||
15 | # Add the next line to your chromium-common.local if you want Google Chrome/Chromium browser | 15 | # Add the next line to your chromium-common.local if you want Google Chrome/Chromium browser |
16 | # to have access to Gnome extensions (extensions.gnome.org) via browser connector | 16 | # to have access to Gnome extensions (extensions.gnome.org) via browser connector |
@@ -26,9 +26,9 @@ include disable-xdg.inc | |||
26 | 26 | ||
27 | mkdir ${HOME}/.pki | 27 | mkdir ${HOME}/.pki |
28 | mkdir ${HOME}/.local/share/pki | 28 | mkdir ${HOME}/.local/share/pki |
29 | allow ${DOWNLOADS} | 29 | whitelist ${DOWNLOADS} |
30 | allow ${HOME}/.pki | 30 | whitelist ${HOME}/.pki |
31 | allow ${HOME}/.local/share/pki | 31 | whitelist ${HOME}/.local/share/pki |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/chromium.profile b/etc/profile-a-l/chromium.profile index ea92e90a8..9ac33aa1c 100644 --- a/etc/profile-a-l/chromium.profile +++ b/etc/profile-a-l/chromium.profile | |||
@@ -6,17 +6,17 @@ include chromium.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/chromium | 9 | noblacklist ${HOME}/.cache/chromium |
10 | nodeny ${HOME}/.config/chromium | 10 | noblacklist ${HOME}/.config/chromium |
11 | nodeny ${HOME}/.config/chromium-flags.conf | 11 | noblacklist ${HOME}/.config/chromium-flags.conf |
12 | 12 | ||
13 | mkdir ${HOME}/.cache/chromium | 13 | mkdir ${HOME}/.cache/chromium |
14 | mkdir ${HOME}/.config/chromium | 14 | mkdir ${HOME}/.config/chromium |
15 | allow ${HOME}/.cache/chromium | 15 | whitelist ${HOME}/.cache/chromium |
16 | allow ${HOME}/.config/chromium | 16 | whitelist ${HOME}/.config/chromium |
17 | allow ${HOME}/.config/chromium-flags.conf | 17 | whitelist ${HOME}/.config/chromium-flags.conf |
18 | allow /usr/share/chromium | 18 | whitelist /usr/share/chromium |
19 | allow /usr/share/mozilla/extensions | 19 | whitelist /usr/share/mozilla/extensions |
20 | 20 | ||
21 | # private-bin chromium,chromium-browser,chromedriver | 21 | # private-bin chromium,chromium-browser,chromedriver |
22 | 22 | ||
diff --git a/etc/profile-a-l/cin.profile b/etc/profile-a-l/cin.profile index c967e1c96..e1f9523c4 100644 --- a/etc/profile-a-l/cin.profile +++ b/etc/profile-a-l/cin.profile | |||
@@ -5,7 +5,7 @@ include cin.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.bcast5 | 8 | noblacklist ${HOME}/.bcast5 |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-a-l/clamav.profile b/etc/profile-a-l/clamav.profile index 0efbcd4f2..e403c2c41 100644 --- a/etc/profile-a-l/clamav.profile +++ b/etc/profile-a-l/clamav.profile | |||
@@ -7,7 +7,7 @@ include clamav.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-exec.inc | 12 | include disable-exec.inc |
13 | 13 | ||
diff --git a/etc/profile-a-l/claws-mail.profile b/etc/profile-a-l/claws-mail.profile index 3e4e1f2a1..691657fa0 100644 --- a/etc/profile-a-l/claws-mail.profile +++ b/etc/profile-a-l/claws-mail.profile | |||
@@ -6,17 +6,17 @@ include claws-mail.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.claws-mail | 9 | noblacklist ${HOME}/.claws-mail |
10 | 10 | ||
11 | mkdir ${HOME}/.claws-mail | 11 | mkdir ${HOME}/.claws-mail |
12 | allow ${HOME}/.claws-mail | 12 | whitelist ${HOME}/.claws-mail |
13 | 13 | ||
14 | # Add the below lines to your claws-mail.local if you use python-based plugins. | 14 | # Add the below lines to your claws-mail.local if you use python-based plugins. |
15 | # Allow python (blacklisted by disable-interpreters.inc) | 15 | # Allow python (blacklisted by disable-interpreters.inc) |
16 | #include allow-python2.inc | 16 | #include allow-python2.inc |
17 | #include allow-python3.inc | 17 | #include allow-python3.inc |
18 | 18 | ||
19 | allow /usr/share/doc/claws-mail | 19 | whitelist /usr/share/doc/claws-mail |
20 | 20 | ||
21 | # private-bin claws-mail,curl,gpg,gpg2,gpg-agent,gpgsm,gpgme-config,pinentry,pinentry-gtk-2 | 21 | # private-bin claws-mail,curl,gpg,gpg2,gpg-agent,gpgsm,gpgme-config,pinentry,pinentry-gtk-2 |
22 | 22 | ||
diff --git a/etc/profile-a-l/clawsker.profile b/etc/profile-a-l/clawsker.profile index ee64391d9..9b62a1f73 100644 --- a/etc/profile-a-l/clawsker.profile +++ b/etc/profile-a-l/clawsker.profile | |||
@@ -6,7 +6,7 @@ include clawsker.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.claws-mail | 9 | noblacklist ${HOME}/.claws-mail |
10 | 10 | ||
11 | # Allow perl (blacklisted by disable-interpreters.inc) | 11 | # Allow perl (blacklisted by disable-interpreters.inc) |
12 | include allow-perl.inc | 12 | include allow-perl.inc |
@@ -19,7 +19,7 @@ include disable-passwdmgr.inc | |||
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.claws-mail | 21 | mkdir ${HOME}/.claws-mail |
22 | allow ${HOME}/.claws-mail | 22 | whitelist ${HOME}/.claws-mail |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/clementine.profile b/etc/profile-a-l/clementine.profile index f9c0006f9..fa33795c1 100644 --- a/etc/profile-a-l/clementine.profile +++ b/etc/profile-a-l/clementine.profile | |||
@@ -6,9 +6,9 @@ include clementine.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Clementine | 9 | noblacklist ${HOME}/.cache/Clementine |
10 | nodeny ${HOME}/.config/Clementine | 10 | noblacklist ${HOME}/.config/Clementine |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/clion.profile b/etc/profile-a-l/clion.profile index 5c5399069..77952358f 100644 --- a/etc/profile-a-l/clion.profile +++ b/etc/profile-a-l/clion.profile | |||
@@ -5,16 +5,16 @@ include clion.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/JetBrains/CLion* | 8 | noblacklist ${HOME}/.config/JetBrains/CLion* |
9 | nodeny ${HOME}/.cache/JetBrains/CLion* | 9 | noblacklist ${HOME}/.cache/JetBrains/CLion* |
10 | nodeny ${HOME}/.clion* | 10 | noblacklist ${HOME}/.clion* |
11 | nodeny ${HOME}/.CLion* | 11 | noblacklist ${HOME}/.CLion* |
12 | nodeny ${HOME}/.config/git | 12 | noblacklist ${HOME}/.config/git |
13 | nodeny ${HOME}/.gitconfig | 13 | noblacklist ${HOME}/.gitconfig |
14 | nodeny ${HOME}/.git-credentials | 14 | noblacklist ${HOME}/.git-credentials |
15 | nodeny ${HOME}/.java | 15 | noblacklist ${HOME}/.java |
16 | nodeny ${HOME}/.local/share/JetBrains | 16 | noblacklist ${HOME}/.local/share/JetBrains |
17 | nodeny ${HOME}/.tooling | 17 | noblacklist ${HOME}/.tooling |
18 | 18 | ||
19 | # Allow ssh (blacklisted by disable-common.inc) | 19 | # Allow ssh (blacklisted by disable-common.inc) |
20 | include allow-ssh.inc | 20 | include allow-ssh.inc |
diff --git a/etc/profile-a-l/clipgrab.profile b/etc/profile-a-l/clipgrab.profile index 89f8d96f0..c8258da07 100644 --- a/etc/profile-a-l/clipgrab.profile +++ b/etc/profile-a-l/clipgrab.profile | |||
@@ -6,9 +6,9 @@ include clipgrab.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Philipp Schmieder | 9 | noblacklist ${HOME}/.config/Philipp Schmieder |
10 | nodeny ${HOME}/.pki | 10 | noblacklist ${HOME}/.pki |
11 | nodeny ${VIDEOS} | 11 | noblacklist ${VIDEOS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/clipit.profile b/etc/profile-a-l/clipit.profile index 4a2a5171b..d421903a3 100644 --- a/etc/profile-a-l/clipit.profile +++ b/etc/profile-a-l/clipit.profile | |||
@@ -6,8 +6,8 @@ include clipit.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/clipit | 9 | noblacklist ${HOME}/.config/clipit |
10 | nodeny ${HOME}/.local/share/clipit | 10 | noblacklist ${HOME}/.local/share/clipit |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.config/clipit | 20 | mkdir ${HOME}/.config/clipit |
21 | mkdir ${HOME}/.local/share/clipit | 21 | mkdir ${HOME}/.local/share/clipit |
22 | allow ${HOME}/.config/clipit | 22 | whitelist ${HOME}/.config/clipit |
23 | allow ${HOME}/.local/share/clipit | 23 | whitelist ${HOME}/.local/share/clipit |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/cliqz.profile b/etc/profile-a-l/cliqz.profile index 22c6ef882..d0b8cc0ef 100644 --- a/etc/profile-a-l/cliqz.profile +++ b/etc/profile-a-l/cliqz.profile | |||
@@ -5,16 +5,16 @@ include cliqz.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/cliqz | 8 | noblacklist ${HOME}/.cache/cliqz |
9 | nodeny ${HOME}/.cliqz | 9 | noblacklist ${HOME}/.cliqz |
10 | nodeny ${HOME}/.config/cliqz | 10 | noblacklist ${HOME}/.config/cliqz |
11 | 11 | ||
12 | mkdir ${HOME}/.cache/cliqz | 12 | mkdir ${HOME}/.cache/cliqz |
13 | mkdir ${HOME}/.cliqz | 13 | mkdir ${HOME}/.cliqz |
14 | mkdir ${HOME}/.config/cliqz | 14 | mkdir ${HOME}/.config/cliqz |
15 | allow ${HOME}/.cache/cliqz | 15 | whitelist ${HOME}/.cache/cliqz |
16 | allow ${HOME}/.cliqz | 16 | whitelist ${HOME}/.cliqz |
17 | allow ${HOME}/.config/cliqz | 17 | whitelist ${HOME}/.config/cliqz |
18 | 18 | ||
19 | # private-etc must first be enabled in firefox-common.profile | 19 | # private-etc must first be enabled in firefox-common.profile |
20 | #private-etc cliqz | 20 | #private-etc cliqz |
diff --git a/etc/profile-a-l/cmus.profile b/etc/profile-a-l/cmus.profile index 51e53209f..bcd557787 100644 --- a/etc/profile-a-l/cmus.profile +++ b/etc/profile-a-l/cmus.profile | |||
@@ -6,8 +6,8 @@ include cmus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/cmus | 9 | noblacklist ${HOME}/.config/cmus |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/code.profile b/etc/profile-a-l/code.profile index 1933c66fa..e19b78908 100644 --- a/etc/profile-a-l/code.profile +++ b/etc/profile-a-l/code.profile | |||
@@ -5,10 +5,10 @@ include code.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/Code | 8 | noblacklist ${HOME}/.config/Code |
9 | nodeny ${HOME}/.config/Code - OSS | 9 | noblacklist ${HOME}/.config/Code - OSS |
10 | nodeny ${HOME}/.vscode | 10 | noblacklist ${HOME}/.vscode |
11 | nodeny ${HOME}/.vscode-oss | 11 | noblacklist ${HOME}/.vscode-oss |
12 | 12 | ||
13 | # Allows files commonly used by IDEs | 13 | # Allows files commonly used by IDEs |
14 | include allow-common-devel.inc | 14 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/colorful.profile b/etc/profile-a-l/colorful.profile index efa7f516c..bd6d8f5b0 100644 --- a/etc/profile-a-l/colorful.profile +++ b/etc/profile-a-l/colorful.profile | |||
@@ -6,7 +6,7 @@ include colorful.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.suve/colorful | 9 | noblacklist ${HOME}/.suve/colorful |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.suve/colorful | 20 | mkdir ${HOME}/.suve/colorful |
21 | allow ${HOME}/.suve/colorful | 21 | whitelist ${HOME}/.suve/colorful |
22 | allow /usr/share/suve | 22 | whitelist /usr/share/suve |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/com.github.bleakgrey.tootle.profile b/etc/profile-a-l/com.github.bleakgrey.tootle.profile index 34b662959..c8bdfec23 100644 --- a/etc/profile-a-l/com.github.bleakgrey.tootle.profile +++ b/etc/profile-a-l/com.github.bleakgrey.tootle.profile | |||
@@ -6,7 +6,7 @@ include com.github.bleakgrey.tootle.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/com.github.bleakgrey.tootle | 9 | noblacklist ${HOME}/.config/com.github.bleakgrey.tootle |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/com.github.bleakgrey.tootle | 20 | mkdir ${HOME}/.config/com.github.bleakgrey.tootle |
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | allow ${HOME}/.config/com.github.bleakgrey.tootle | 22 | whitelist ${HOME}/.config/com.github.bleakgrey.tootle |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/com.github.dahenson.agenda.profile b/etc/profile-a-l/com.github.dahenson.agenda.profile index 4e26e4925..b467a0f7a 100644 --- a/etc/profile-a-l/com.github.dahenson.agenda.profile +++ b/etc/profile-a-l/com.github.dahenson.agenda.profile | |||
@@ -6,9 +6,9 @@ include com.github.dahenson.agenda.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/agenda | 9 | noblacklist ${HOME}/.cache/agenda |
10 | nodeny ${HOME}/.config/agenda | 10 | noblacklist ${HOME}/.config/agenda |
11 | nodeny ${HOME}/.local/share/agenda | 11 | noblacklist ${HOME}/.local/share/agenda |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/agenda | 22 | mkdir ${HOME}/.cache/agenda |
23 | mkdir ${HOME}/.config/agenda | 23 | mkdir ${HOME}/.config/agenda |
24 | mkdir ${HOME}/.local/share/agenda | 24 | mkdir ${HOME}/.local/share/agenda |
25 | allow ${HOME}/.cache/agenda | 25 | whitelist ${HOME}/.cache/agenda |
26 | allow ${HOME}/.config/agenda | 26 | whitelist ${HOME}/.config/agenda |
27 | allow ${HOME}/.local/share/agenda | 27 | whitelist ${HOME}/.local/share/agenda |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile index bbfc1fe41..c13f9618b 100644 --- a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile +++ b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile | |||
@@ -6,9 +6,9 @@ include foliate.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${HOME}/.cache/com.github.johnfactotum.Foliate | 10 | noblacklist ${HOME}/.cache/com.github.johnfactotum.Foliate |
11 | nodeny ${HOME}/.local/share/com.github.johnfactotum.Foliate | 11 | noblacklist ${HOME}/.local/share/com.github.johnfactotum.Foliate |
12 | 12 | ||
13 | # Allow gjs (blacklisted by disable-interpreters.inc) | 13 | # Allow gjs (blacklisted by disable-interpreters.inc) |
14 | include allow-gjs.inc | 14 | include allow-gjs.inc |
@@ -24,12 +24,12 @@ include disable-xdg.inc | |||
24 | 24 | ||
25 | mkdir ${HOME}/.cache/com.github.johnfactotum.Foliate | 25 | mkdir ${HOME}/.cache/com.github.johnfactotum.Foliate |
26 | mkdir ${HOME}/.local/share/com.github.johnfactotum.Foliate | 26 | mkdir ${HOME}/.local/share/com.github.johnfactotum.Foliate |
27 | allow ${HOME}/.cache/com.github.johnfactotum.Foliate | 27 | whitelist ${HOME}/.cache/com.github.johnfactotum.Foliate |
28 | allow ${HOME}/.local/share/com.github.johnfactotum.Foliate | 28 | whitelist ${HOME}/.local/share/com.github.johnfactotum.Foliate |
29 | allow ${DOCUMENTS} | 29 | whitelist ${DOCUMENTS} |
30 | allow ${DOWNLOADS} | 30 | whitelist ${DOWNLOADS} |
31 | allow /usr/share/com.github.johnfactotum.Foliate | 31 | whitelist /usr/share/com.github.johnfactotum.Foliate |
32 | allow /usr/share/hyphen | 32 | whitelist /usr/share/hyphen |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/com.github.phase1geo.minder.profile b/etc/profile-a-l/com.github.phase1geo.minder.profile index 3e9acc6c8..d0402d188 100644 --- a/etc/profile-a-l/com.github.phase1geo.minder.profile +++ b/etc/profile-a-l/com.github.phase1geo.minder.profile | |||
@@ -6,9 +6,9 @@ include com.github.phase1geo.minder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/minder | 9 | noblacklist ${HOME}/.local/share/minder |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,10 +20,10 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.local/share/minder | 22 | mkdir ${HOME}/.local/share/minder |
23 | allow ${HOME}/.local/share/minder | 23 | whitelist ${HOME}/.local/share/minder |
24 | allow ${DOCUMENTS} | 24 | whitelist ${DOCUMENTS} |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | allow ${PICTURES} | 26 | whitelist ${PICTURES} |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/conkeror.profile b/etc/profile-a-l/conkeror.profile index 6cc9ec551..38edf0d21 100644 --- a/etc/profile-a-l/conkeror.profile +++ b/etc/profile-a-l/conkeror.profile | |||
@@ -5,23 +5,23 @@ include conkeror.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.conkeror.mozdev.org | 8 | noblacklist ${HOME}/.conkeror.mozdev.org |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-programs.inc | 11 | include disable-programs.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.conkeror.mozdev.org | 13 | mkdir ${HOME}/.conkeror.mozdev.org |
14 | mkfile ${HOME}/.conkerorrc | 14 | mkfile ${HOME}/.conkerorrc |
15 | allow ${HOME}/.conkeror.mozdev.org | 15 | whitelist ${HOME}/.conkeror.mozdev.org |
16 | allow ${HOME}/.conkerorrc | 16 | whitelist ${HOME}/.conkerorrc |
17 | allow ${HOME}/.lastpass | 17 | whitelist ${HOME}/.lastpass |
18 | allow ${HOME}/.pentadactyl | 18 | whitelist ${HOME}/.pentadactyl |
19 | allow ${HOME}/.pentadactylrc | 19 | whitelist ${HOME}/.pentadactylrc |
20 | allow ${HOME}/.vimperator | 20 | whitelist ${HOME}/.vimperator |
21 | allow ${HOME}/.vimperatorrc | 21 | whitelist ${HOME}/.vimperatorrc |
22 | allow ${HOME}/.zotero | 22 | whitelist ${HOME}/.zotero |
23 | allow ${HOME}/dwhelper | 23 | whitelist ${HOME}/dwhelper |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-a-l/conky.profile b/etc/profile-a-l/conky.profile index 1b3fe6651..eaa18739d 100644 --- a/etc/profile-a-l/conky.profile +++ b/etc/profile-a-l/conky.profile | |||
@@ -6,7 +6,7 @@ include conky.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | 10 | ||
11 | # Allow lua (blacklisted by disable-interpreters.inc) | 11 | # Allow lua (blacklisted by disable-interpreters.inc) |
12 | include allow-lua.inc | 12 | include allow-lua.inc |
diff --git a/etc/profile-a-l/corebird.profile b/etc/profile-a-l/corebird.profile index 266c404ee..2fb446e2a 100644 --- a/etc/profile-a-l/corebird.profile +++ b/etc/profile-a-l/corebird.profile | |||
@@ -6,7 +6,7 @@ include corebird.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/corebird | 9 | noblacklist ${HOME}/.config/corebird |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/cower.profile b/etc/profile-a-l/cower.profile index 0a1353e40..1635995dc 100644 --- a/etc/profile-a-l/cower.profile +++ b/etc/profile-a-l/cower.profile | |||
@@ -7,8 +7,8 @@ include cower.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/cower | 10 | noblacklist ${HOME}/.config/cower |
11 | nodeny /var/lib/pacman | 11 | noblacklist /var/lib/pacman |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/coyim.profile b/etc/profile-a-l/coyim.profile index 5e48c8022..7ece35c2b 100644 --- a/etc/profile-a-l/coyim.profile +++ b/etc/profile-a-l/coyim.profile | |||
@@ -6,7 +6,7 @@ include coyim.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/coyim | 9 | noblacklist ${HOME}/.config/coyim |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/coyim | 20 | mkdir ${HOME}/.config/coyim |
21 | allow ${HOME}/.config/coyim | 21 | whitelist ${HOME}/.config/coyim |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/cpio.profile b/etc/profile-a-l/cpio.profile index dec8c086b..bdc4f21a6 100644 --- a/etc/profile-a-l/cpio.profile +++ b/etc/profile-a-l/cpio.profile | |||
@@ -7,8 +7,8 @@ include cpio.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny /sbin | 10 | noblacklist /sbin |
11 | nodeny /usr/sbin | 11 | noblacklist /usr/sbin |
12 | 12 | ||
13 | # Redirect | 13 | # Redirect |
14 | include archiver-common.profile | 14 | include archiver-common.profile |
diff --git a/etc/profile-a-l/crawl.profile b/etc/profile-a-l/crawl.profile index 81292c01c..b10216895 100644 --- a/etc/profile-a-l/crawl.profile +++ b/etc/profile-a-l/crawl.profile | |||
@@ -6,7 +6,7 @@ include crawl-tiles.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.crawl | 9 | noblacklist ${HOME}/.crawl |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.crawl | 19 | mkdir ${HOME}/.crawl |
20 | allow ${HOME}/.crawl | 20 | whitelist ${HOME}/.crawl |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-a-l/crow.profile b/etc/profile-a-l/crow.profile index 36bd93778..02b15ecc2 100644 --- a/etc/profile-a-l/crow.profile +++ b/etc/profile-a-l/crow.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | mkdir ${HOME}/.config/crow | 9 | mkdir ${HOME}/.config/crow |
10 | mkdir ${HOME}/.cache/gstreamer-1.0 | 10 | mkdir ${HOME}/.cache/gstreamer-1.0 |
11 | allow ${HOME}/.config/crow | 11 | whitelist ${HOME}/.config/crow |
12 | allow ${HOME}/.cache/gstreamer-1.0 | 12 | whitelist ${HOME}/.cache/gstreamer-1.0 |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-a-l/curl.profile b/etc/profile-a-l/curl.profile index 4950b7a4c..c9867c5d7 100644 --- a/etc/profile-a-l/curl.profile +++ b/etc/profile-a-l/curl.profile | |||
@@ -12,11 +12,11 @@ include globals.local | |||
12 | # Technically this file can be anywhere but let's assume users have it in ${HOME}/.curl-hsts. | 12 | # Technically this file can be anywhere but let's assume users have it in ${HOME}/.curl-hsts. |
13 | # If your setup diverts, add 'blacklist /path/to/curl/hsts/file' to your disable-programs.local | 13 | # If your setup diverts, add 'blacklist /path/to/curl/hsts/file' to your disable-programs.local |
14 | # and 'noblacklist /path/to/curl/hsts/file' to curl.local to keep the sandbox logic intact. | 14 | # and 'noblacklist /path/to/curl/hsts/file' to curl.local to keep the sandbox logic intact. |
15 | nodeny ${HOME}/.curl-hsts | 15 | noblacklist ${HOME}/.curl-hsts |
16 | nodeny ${HOME}/.curlrc | 16 | noblacklist ${HOME}/.curlrc |
17 | 17 | ||
18 | deny /tmp/.X11-unix | 18 | blacklist /tmp/.X11-unix |
19 | deny ${RUNUSER} | 19 | blacklist ${RUNUSER} |
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-exec.inc | 22 | include disable-exec.inc |
diff --git a/etc/profile-a-l/cyberfox.profile b/etc/profile-a-l/cyberfox.profile index 49f972e4a..d1fff0004 100644 --- a/etc/profile-a-l/cyberfox.profile +++ b/etc/profile-a-l/cyberfox.profile | |||
@@ -5,13 +5,13 @@ include cyberfox.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.8pecxstudios | 8 | noblacklist ${HOME}/.8pecxstudios |
9 | nodeny ${HOME}/.cache/8pecxstudios | 9 | noblacklist ${HOME}/.cache/8pecxstudios |
10 | 10 | ||
11 | mkdir ${HOME}/.8pecxstudios | 11 | mkdir ${HOME}/.8pecxstudios |
12 | mkdir ${HOME}/.cache/8pecxstudios | 12 | mkdir ${HOME}/.cache/8pecxstudios |
13 | allow ${HOME}/.8pecxstudios | 13 | whitelist ${HOME}/.8pecxstudios |
14 | allow ${HOME}/.cache/8pecxstudios | 14 | whitelist ${HOME}/.cache/8pecxstudios |
15 | 15 | ||
16 | # private-bin cyberfox,dbus-launch,dbus-send,env,sh,which | 16 | # private-bin cyberfox,dbus-launch,dbus-send,env,sh,which |
17 | # private-etc must first be enabled in firefox-common.profile | 17 | # private-etc must first be enabled in firefox-common.profile |
diff --git a/etc/profile-a-l/d-feet.profile b/etc/profile-a-l/d-feet.profile index c7ce1730a..ba1e7adad 100644 --- a/etc/profile-a-l/d-feet.profile +++ b/etc/profile-a-l/d-feet.profile | |||
@@ -6,7 +6,7 @@ include d-feet.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/d-feet | 9 | noblacklist ${HOME}/.config/d-feet |
10 | 10 | ||
11 | # Allow python (disabled by disable-interpreters.inc) | 11 | # Allow python (disabled by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,8 +22,8 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.config/d-feet | 24 | mkdir ${HOME}/.config/d-feet |
25 | allow ${HOME}/.config/d-feet | 25 | whitelist ${HOME}/.config/d-feet |
26 | allow /usr/share/d-feet | 26 | whitelist /usr/share/d-feet |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/darktable.profile b/etc/profile-a-l/darktable.profile index 4d51c255e..61fa52928 100644 --- a/etc/profile-a-l/darktable.profile +++ b/etc/profile-a-l/darktable.profile | |||
@@ -6,9 +6,9 @@ include darktable.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/darktable | 9 | noblacklist ${HOME}/.cache/darktable |
10 | nodeny ${HOME}/.config/darktable | 10 | noblacklist ${HOME}/.config/darktable |
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/dbus-send.profile b/etc/profile-a-l/dbus-send.profile index 745042d6f..67a61bb60 100644 --- a/etc/profile-a-l/dbus-send.profile +++ b/etc/profile-a-l/dbus-send.profile | |||
@@ -7,8 +7,8 @@ include dbus-send.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/dconf-editor.profile b/etc/profile-a-l/dconf-editor.profile index c1231c6cf..0c221850a 100644 --- a/etc/profile-a-l/dconf-editor.profile +++ b/etc/profile-a-l/dconf-editor.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow ${HOME}/.local/share/glib-2.0 | 18 | whitelist ${HOME}/.local/share/glib-2.0 |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/dconf.profile b/etc/profile-a-l/dconf.profile index b9d385adf..be7514cbf 100644 --- a/etc/profile-a-l/dconf.profile +++ b/etc/profile-a-l/dconf.profile | |||
@@ -6,7 +6,7 @@ include dconf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | allow ${HOME}/.local/share/glib-2.0 | 19 | whitelist ${HOME}/.local/share/glib-2.0 |
20 | # dconf paths are whitelisted by the following | 20 | # dconf paths are whitelisted by the following |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/ddgtk.profile b/etc/profile-a-l/ddgtk.profile index 09fa7a07a..5b95b74be 100644 --- a/etc/profile-a-l/ddgtk.profile +++ b/etc/profile-a-l/ddgtk.profile | |||
@@ -18,8 +18,8 @@ include disable-passwdmgr.inc | |||
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | allow /usr/share/ddgtk | 22 | whitelist /usr/share/ddgtk |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/deadbeef.profile b/etc/profile-a-l/deadbeef.profile index 25fa944a1..a221ebbd7 100644 --- a/etc/profile-a-l/deadbeef.profile +++ b/etc/profile-a-l/deadbeef.profile | |||
@@ -6,8 +6,8 @@ include deadbeef.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/deadbeef | 9 | noblacklist ${HOME}/.config/deadbeef |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/deluge.profile b/etc/profile-a-l/deluge.profile index d41a4a023..ad7aa6ed5 100644 --- a/etc/profile-a-l/deluge.profile +++ b/etc/profile-a-l/deluge.profile | |||
@@ -6,7 +6,7 @@ include deluge.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/deluge | 9 | noblacklist ${HOME}/.config/deluge |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -20,8 +20,8 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/deluge | 22 | mkdir ${HOME}/.config/deluge |
23 | allow ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
24 | allow ${HOME}/.config/deluge | 24 | whitelist ${HOME}/.config/deluge |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-a-l/desktopeditors.profile b/etc/profile-a-l/desktopeditors.profile index aed4355d5..212cdab60 100644 --- a/etc/profile-a-l/desktopeditors.profile +++ b/etc/profile-a-l/desktopeditors.profile | |||
@@ -6,9 +6,9 @@ include desktopeditors.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/onlyoffice | 9 | noblacklist ${HOME}/.config/onlyoffice |
10 | nodeny ${HOME}/.local/share/onlyoffice | 10 | noblacklist ${HOME}/.local/share/onlyoffice |
11 | nodeny ${HOME}/.pki | 11 | noblacklist ${HOME}/.pki |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/devhelp.profile b/etc/profile-a-l/devhelp.profile index dc0f290fb..5007f8e74 100644 --- a/etc/profile-a-l/devhelp.profile +++ b/etc/profile-a-l/devhelp.profile | |||
@@ -16,9 +16,9 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | allow /usr/share/devhelp | 19 | whitelist /usr/share/devhelp |
20 | allow /usr/share/doc | 20 | whitelist /usr/share/doc |
21 | allow /usr/share/gtk-doc/html | 21 | whitelist /usr/share/gtk-doc/html |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/devilspie.profile b/etc/profile-a-l/devilspie.profile index 631f15f93..6267b5709 100644 --- a/etc/profile-a-l/devilspie.profile +++ b/etc/profile-a-l/devilspie.profile | |||
@@ -6,9 +6,9 @@ include devilspie.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | nodeny ${HOME}/.devilspie | 11 | noblacklist ${HOME}/.devilspie |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-programs.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.devilspie | 21 | mkdir ${HOME}/.devilspie |
22 | allow ${HOME}/.devilspie | 22 | whitelist ${HOME}/.devilspie |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/devilspie2.profile b/etc/profile-a-l/devilspie2.profile index 140c9da0f..9eab3f536 100644 --- a/etc/profile-a-l/devilspie2.profile +++ b/etc/profile-a-l/devilspie2.profile | |||
@@ -6,17 +6,17 @@ include devilspie2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | deny ${HOME}/.devilspie | 9 | blacklist ${HOME}/.devilspie |
10 | 10 | ||
11 | deny ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | 12 | ||
13 | nodeny ${HOME}/.config/devilspie2 | 13 | noblacklist ${HOME}/.config/devilspie2 |
14 | 14 | ||
15 | # Allow lua (blacklisted by disable-interpreters.inc) | 15 | # Allow lua (blacklisted by disable-interpreters.inc) |
16 | include allow-lua.inc | 16 | include allow-lua.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/devilspie2 | 18 | mkdir ${HOME}/.config/devilspie2 |
19 | allow ${HOME}/.config/devilspie2 | 19 | whitelist ${HOME}/.config/devilspie2 |
20 | 20 | ||
21 | private-bin devilspie2 | 21 | private-bin devilspie2 |
22 | 22 | ||
diff --git a/etc/profile-a-l/dia.profile b/etc/profile-a-l/dia.profile index 2a808238b..531734b7d 100644 --- a/etc/profile-a-l/dia.profile +++ b/etc/profile-a-l/dia.profile | |||
@@ -6,8 +6,8 @@ include dia.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.dia | 9 | noblacklist ${HOME}/.dia |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
@@ -25,7 +25,7 @@ include disable-xdg.inc | |||
25 | #whitelist ${HOME}/.dia | 25 | #whitelist ${HOME}/.dia |
26 | #whitelist ${DOCUMENTS} | 26 | #whitelist ${DOCUMENTS} |
27 | #include whitelist-common.inc | 27 | #include whitelist-common.inc |
28 | allow /usr/share/dia | 28 | whitelist /usr/share/dia |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/dig.profile b/etc/profile-a-l/dig.profile index 2d683b811..247159a8a 100644 --- a/etc/profile-a-l/dig.profile +++ b/etc/profile-a-l/dig.profile | |||
@@ -7,11 +7,11 @@ include dig.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.digrc | 10 | noblacklist ${HOME}/.digrc |
11 | nodeny ${PATH}/dig | 11 | noblacklist ${PATH}/dig |
12 | 12 | ||
13 | deny /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | deny ${RUNUSER} | 14 | blacklist ${RUNUSER} |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | # include disable-devel.inc | 17 | # include disable-devel.inc |
@@ -22,7 +22,7 @@ include disable-programs.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | #mkfile ${HOME}/.digrc - see #903 | 24 | #mkfile ${HOME}/.digrc - see #903 |
25 | allow ${HOME}/.digrc | 25 | whitelist ${HOME}/.digrc |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/digikam.profile b/etc/profile-a-l/digikam.profile index 124b50952..2ca7bd400 100644 --- a/etc/profile-a-l/digikam.profile +++ b/etc/profile-a-l/digikam.profile | |||
@@ -6,12 +6,12 @@ include digikam.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/digikam | 9 | noblacklist ${HOME}/.config/digikam |
10 | nodeny ${HOME}/.config/digikamrc | 10 | noblacklist ${HOME}/.config/digikamrc |
11 | nodeny ${HOME}/.kde/share/apps/digikam | 11 | noblacklist ${HOME}/.kde/share/apps/digikam |
12 | nodeny ${HOME}/.kde4/share/apps/digikam | 12 | noblacklist ${HOME}/.kde4/share/apps/digikam |
13 | nodeny ${HOME}/.local/share/kxmlgui5/digikam | 13 | noblacklist ${HOME}/.local/share/kxmlgui5/digikam |
14 | nodeny ${PICTURES} | 14 | noblacklist ${PICTURES} |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/dillo.profile b/etc/profile-a-l/dillo.profile index 883466f4d..9871a6095 100644 --- a/etc/profile-a-l/dillo.profile +++ b/etc/profile-a-l/dillo.profile | |||
@@ -6,7 +6,7 @@ include dillo.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.dillo | 9 | noblacklist ${HOME}/.dillo |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-programs.inc | |||
16 | 16 | ||
17 | mkdir ${HOME}/.dillo | 17 | mkdir ${HOME}/.dillo |
18 | mkdir ${HOME}/.fltk | 18 | mkdir ${HOME}/.fltk |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.dillo | 20 | whitelist ${HOME}/.dillo |
21 | allow ${HOME}/.fltk | 21 | whitelist ${HOME}/.fltk |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/dino.profile b/etc/profile-a-l/dino.profile index 3078bef71..c3174b35f 100644 --- a/etc/profile-a-l/dino.profile +++ b/etc/profile-a-l/dino.profile | |||
@@ -6,7 +6,7 @@ include dino.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/dino | 9 | noblacklist ${HOME}/.local/share/dino |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.local/share/dino | 19 | mkdir ${HOME}/.local/share/dino |
20 | allow ${HOME}/.local/share/dino | 20 | whitelist ${HOME}/.local/share/dino |
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | 23 | include whitelist-runuser-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/discord-canary.profile b/etc/profile-a-l/discord-canary.profile index 1c53cd211..43db95b8a 100644 --- a/etc/profile-a-l/discord-canary.profile +++ b/etc/profile-a-l/discord-canary.profile | |||
@@ -5,10 +5,10 @@ include discord-canary.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/discordcanary | 8 | noblacklist ${HOME}/.config/discordcanary |
9 | 9 | ||
10 | mkdir ${HOME}/.config/discordcanary | 10 | mkdir ${HOME}/.config/discordcanary |
11 | allow ${HOME}/.config/discordcanary | 11 | whitelist ${HOME}/.config/discordcanary |
12 | 12 | ||
13 | private-bin discord-canary,electron,electron[0-9],electron[0-9][0-9] | 13 | private-bin discord-canary,electron,electron[0-9],electron[0-9][0-9] |
14 | private-opt discord-canary | 14 | private-opt discord-canary |
diff --git a/etc/profile-a-l/discord-common.profile b/etc/profile-a-l/discord-common.profile index 6bee1901c..19e7bd9ab 100644 --- a/etc/profile-a-l/discord-common.profile +++ b/etc/profile-a-l/discord-common.profile | |||
@@ -20,8 +20,8 @@ ignore dbus-system none | |||
20 | ignore noexec ${HOME} | 20 | ignore noexec ${HOME} |
21 | ignore novideo | 21 | ignore novideo |
22 | 22 | ||
23 | allow ${HOME}/.config/BetterDiscord | 23 | whitelist ${HOME}/.config/BetterDiscord |
24 | allow ${HOME}/.local/share/betterdiscordctl | 24 | whitelist ${HOME}/.local/share/betterdiscordctl |
25 | 25 | ||
26 | private-bin bash,cut,echo,egrep,fish,grep,head,sed,sh,tclsh,tr,xdg-mime,xdg-open,zsh | 26 | private-bin bash,cut,echo,egrep,fish,grep,head,sed,sh,tclsh,tr,xdg-mime,xdg-open,zsh |
27 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,localtime,login.defs,machine-id,password,pki,pulse,resolv.conf,ssl | 27 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,localtime,login.defs,machine-id,password,pki,pulse,resolv.conf,ssl |
diff --git a/etc/profile-a-l/discord.profile b/etc/profile-a-l/discord.profile index 658d3fc83..8ef02a30f 100644 --- a/etc/profile-a-l/discord.profile +++ b/etc/profile-a-l/discord.profile | |||
@@ -5,10 +5,10 @@ include discord.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/discord | 8 | noblacklist ${HOME}/.config/discord |
9 | 9 | ||
10 | mkdir ${HOME}/.config/discord | 10 | mkdir ${HOME}/.config/discord |
11 | allow ${HOME}/.config/discord | 11 | whitelist ${HOME}/.config/discord |
12 | 12 | ||
13 | private-bin discord | 13 | private-bin discord |
14 | private-opt discord | 14 | private-opt discord |
diff --git a/etc/profile-a-l/display.profile b/etc/profile-a-l/display.profile index 4474b97d2..11f3fd36e 100644 --- a/etc/profile-a-l/display.profile +++ b/etc/profile-a-l/display.profile | |||
@@ -5,7 +5,7 @@ include display.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${PICTURES} | 8 | noblacklist ${PICTURES} |
9 | 9 | ||
10 | # Allow python (blacklisted by disable-interpreters.inc) | 10 | # Allow python (blacklisted by disable-interpreters.inc) |
11 | include allow-python2.inc | 11 | include allow-python2.inc |
diff --git a/etc/profile-a-l/dnox.profile b/etc/profile-a-l/dnox.profile index 8c3d6211b..51ba6f8b7 100644 --- a/etc/profile-a-l/dnox.profile +++ b/etc/profile-a-l/dnox.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/dnox | 13 | noblacklist ${HOME}/.cache/dnox |
14 | nodeny ${HOME}/.config/dnox | 14 | noblacklist ${HOME}/.config/dnox |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/dnox | 16 | mkdir ${HOME}/.cache/dnox |
17 | mkdir ${HOME}/.config/dnox | 17 | mkdir ${HOME}/.config/dnox |
18 | allow ${HOME}/.cache/dnox | 18 | whitelist ${HOME}/.cache/dnox |
19 | allow ${HOME}/.config/dnox | 19 | whitelist ${HOME}/.config/dnox |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-a-l/dnscrypt-proxy.profile b/etc/profile-a-l/dnscrypt-proxy.profile index dbcef36f8..f8fb1a331 100644 --- a/etc/profile-a-l/dnscrypt-proxy.profile +++ b/etc/profile-a-l/dnscrypt-proxy.profile | |||
@@ -7,11 +7,11 @@ include dnscrypt-proxy.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | 12 | ||
13 | nodeny /sbin | 13 | noblacklist /sbin |
14 | nodeny /usr/sbin | 14 | noblacklist /usr/sbin |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -21,7 +21,7 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | allow /usr/share/dnscrypt-proxy | 24 | whitelist /usr/share/dnscrypt-proxy |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-a-l/dnsmasq.profile b/etc/profile-a-l/dnsmasq.profile index b1acbf392..01398c2b2 100644 --- a/etc/profile-a-l/dnsmasq.profile +++ b/etc/profile-a-l/dnsmasq.profile | |||
@@ -7,11 +7,11 @@ include dnsmasq.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny /sbin | 10 | noblacklist /sbin |
11 | nodeny /usr/sbin | 11 | noblacklist /usr/sbin |
12 | 12 | ||
13 | deny /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | deny ${RUNUSER}/wayland-* | 14 | blacklist ${RUNUSER}/wayland-* |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/dolphin-emu.profile b/etc/profile-a-l/dolphin-emu.profile index 15b312ecb..49feec32e 100644 --- a/etc/profile-a-l/dolphin-emu.profile +++ b/etc/profile-a-l/dolphin-emu.profile | |||
@@ -8,9 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your dolphin-emu.local. | 9 | # Note: you must whitelist your games folder in your dolphin-emu.local. |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/dolphin-emu | 11 | noblacklist ${HOME}/.cache/dolphin-emu |
12 | nodeny ${HOME}/.config/dolphin-emu | 12 | noblacklist ${HOME}/.config/dolphin-emu |
13 | nodeny ${HOME}/.local/share/dolphin-emu | 13 | noblacklist ${HOME}/.local/share/dolphin-emu |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -24,10 +24,10 @@ include disable-xdg.inc | |||
24 | mkdir ${HOME}/.cache/dolphin-emu | 24 | mkdir ${HOME}/.cache/dolphin-emu |
25 | mkdir ${HOME}/.config/dolphin-emu | 25 | mkdir ${HOME}/.config/dolphin-emu |
26 | mkdir ${HOME}/.local/share/dolphin-emu | 26 | mkdir ${HOME}/.local/share/dolphin-emu |
27 | allow ${HOME}/.cache/dolphin-emu | 27 | whitelist ${HOME}/.cache/dolphin-emu |
28 | allow ${HOME}/.config/dolphin-emu | 28 | whitelist ${HOME}/.config/dolphin-emu |
29 | allow ${HOME}/.local/share/dolphin-emu | 29 | whitelist ${HOME}/.local/share/dolphin-emu |
30 | allow /usr/share/dolphin-emu | 30 | whitelist /usr/share/dolphin-emu |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
33 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/dooble.profile b/etc/profile-a-l/dooble.profile index 3b0adcc36..37a4113cb 100644 --- a/etc/profile-a-l/dooble.profile +++ b/etc/profile-a-l/dooble.profile | |||
@@ -7,7 +7,7 @@ include dooble-qt4.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.dooble | 10 | noblacklist ${HOME}/.dooble |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.dooble | 19 | mkdir ${HOME}/.dooble |
20 | allow ${DOWNLOADS} | 20 | whitelist ${DOWNLOADS} |
21 | allow ${HOME}/.dooble | 21 | whitelist ${HOME}/.dooble |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-a-l/dosbox.profile b/etc/profile-a-l/dosbox.profile index 29e506764..988f66f28 100644 --- a/etc/profile-a-l/dosbox.profile +++ b/etc/profile-a-l/dosbox.profile | |||
@@ -6,8 +6,8 @@ include dosbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.dosbox | 9 | noblacklist ${HOME}/.dosbox |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/dragon.profile b/etc/profile-a-l/dragon.profile index 90ca11774..8fa01d504 100644 --- a/etc/profile-a-l/dragon.profile +++ b/etc/profile-a-l/dragon.profile | |||
@@ -6,9 +6,9 @@ include dragon.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/dragonplayerrc | 9 | noblacklist ${HOME}/.config/dragonplayerrc |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | nodeny ${VIDEOS} | 11 | noblacklist ${VIDEOS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-programs.inc | |||
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | allow /usr/share/dragonplayer | 22 | whitelist /usr/share/dragonplayer |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
diff --git a/etc/profile-a-l/drawio.profile b/etc/profile-a-l/drawio.profile index 84a77ce34..82d96e405 100644 --- a/etc/profile-a-l/drawio.profile +++ b/etc/profile-a-l/drawio.profile | |||
@@ -6,7 +6,7 @@ include drawio.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/draw.io | 9 | noblacklist ${HOME}/.config/draw.io |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/draw.io | 20 | mkdir ${HOME}/.config/draw.io |
21 | allow ${HOME}/.config/draw.io | 21 | whitelist ${HOME}/.config/draw.io |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/drill.profile b/etc/profile-a-l/drill.profile index e177fd60e..068bd88d8 100644 --- a/etc/profile-a-l/drill.profile +++ b/etc/profile-a-l/drill.profile | |||
@@ -7,10 +7,10 @@ include drill.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${PATH}/drill | 10 | noblacklist ${PATH}/drill |
11 | 11 | ||
12 | deny /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | deny ${RUNUSER} | 13 | blacklist ${RUNUSER} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | # include disable-devel.inc | 16 | # include disable-devel.inc |
diff --git a/etc/profile-a-l/dropbox.profile b/etc/profile-a-l/dropbox.profile index 274cdd478..b3b2aaf40 100644 --- a/etc/profile-a-l/dropbox.profile +++ b/etc/profile-a-l/dropbox.profile | |||
@@ -5,9 +5,9 @@ include dropbox.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/autostart | 8 | noblacklist ${HOME}/.config/autostart |
9 | nodeny ${HOME}/.dropbox | 9 | noblacklist ${HOME}/.dropbox |
10 | nodeny ${HOME}/.dropbox-dist | 10 | noblacklist ${HOME}/.dropbox-dist |
11 | 11 | ||
12 | # Allow python3 (blacklisted by disable-interpreters.inc) | 12 | # Allow python3 (blacklisted by disable-interpreters.inc) |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
@@ -22,10 +22,10 @@ mkdir ${HOME}/.dropbox | |||
22 | mkdir ${HOME}/.dropbox-dist | 22 | mkdir ${HOME}/.dropbox-dist |
23 | mkdir ${HOME}/Dropbox | 23 | mkdir ${HOME}/Dropbox |
24 | mkfile ${HOME}/.config/autostart/dropbox.desktop | 24 | mkfile ${HOME}/.config/autostart/dropbox.desktop |
25 | allow ${HOME}/.config/autostart/dropbox.desktop | 25 | whitelist ${HOME}/.config/autostart/dropbox.desktop |
26 | allow ${HOME}/.dropbox | 26 | whitelist ${HOME}/.dropbox |
27 | allow ${HOME}/.dropbox-dist | 27 | whitelist ${HOME}/.dropbox-dist |
28 | allow ${HOME}/Dropbox | 28 | whitelist ${HOME}/Dropbox |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | 30 | ||
31 | caps.drop all | 31 | caps.drop all |
diff --git a/etc/profile-a-l/easystroke.profile b/etc/profile-a-l/easystroke.profile index da54fec34..38e4b16f7 100644 --- a/etc/profile-a-l/easystroke.profile +++ b/etc/profile-a-l/easystroke.profile | |||
@@ -6,7 +6,7 @@ include easystroke.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.easystroke | 9 | noblacklist ${HOME}/.easystroke |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.easystroke | 19 | mkdir ${HOME}/.easystroke |
20 | allow ${HOME}/.easystroke | 20 | whitelist ${HOME}/.easystroke |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile index 10e57371e..278dd6cbd 100644 --- a/etc/profile-a-l/electron-mail.profile +++ b/etc/profile-a-l/electron-mail.profile | |||
@@ -6,7 +6,7 @@ include electron-mail.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/electron-mail | 9 | noblacklist ${HOME}/.config/electron-mail |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/electron-mail | 20 | mkdir ${HOME}/.config/electron-mail |
21 | allow ${HOME}/.config/electron-mail | 21 | whitelist ${HOME}/.config/electron-mail |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | 23 | ||
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/electron.profile b/etc/profile-a-l/electron.profile index e8d8d35c4..493af79d4 100644 --- a/etc/profile-a-l/electron.profile +++ b/etc/profile-a-l/electron.profile | |||
@@ -12,7 +12,7 @@ include disable-passwdmgr.inc | |||
12 | include disable-programs.inc | 12 | include disable-programs.inc |
13 | include disable-xdg.inc | 13 | include disable-xdg.inc |
14 | 14 | ||
15 | allow ${DOWNLOADS} | 15 | whitelist ${DOWNLOADS} |
16 | include whitelist-common.inc | 16 | include whitelist-common.inc |
17 | include whitelist-runuser-common.inc | 17 | include whitelist-runuser-common.inc |
18 | include whitelist-usr-share-common.inc | 18 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/electrum.profile b/etc/profile-a-l/electrum.profile index f6691017c..ad636d71a 100644 --- a/etc/profile-a-l/electrum.profile +++ b/etc/profile-a-l/electrum.profile | |||
@@ -6,7 +6,7 @@ include electrum.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.electrum | 9 | noblacklist ${HOME}/.electrum |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,7 +22,7 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.electrum | 24 | mkdir ${HOME}/.electrum |
25 | allow ${HOME}/.electrum | 25 | whitelist ${HOME}/.electrum |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-a-l/element-desktop.profile b/etc/profile-a-l/element-desktop.profile index ec28866b8..48a826f2e 100644 --- a/etc/profile-a-l/element-desktop.profile +++ b/etc/profile-a-l/element-desktop.profile | |||
@@ -9,11 +9,11 @@ include element-desktop.local | |||
9 | 9 | ||
10 | ignore dbus-user none | 10 | ignore dbus-user none |
11 | 11 | ||
12 | nodeny ${HOME}/.config/Element | 12 | noblacklist ${HOME}/.config/Element |
13 | 13 | ||
14 | mkdir ${HOME}/.config/Element | 14 | mkdir ${HOME}/.config/Element |
15 | allow ${HOME}/.config/Element | 15 | whitelist ${HOME}/.config/Element |
16 | allow /opt/Element | 16 | whitelist /opt/Element |
17 | 17 | ||
18 | private-opt Element | 18 | private-opt Element |
19 | 19 | ||
diff --git a/etc/profile-a-l/elinks.profile b/etc/profile-a-l/elinks.profile index 30dca05cb..5a29eb24b 100644 --- a/etc/profile-a-l/elinks.profile +++ b/etc/profile-a-l/elinks.profile | |||
@@ -7,10 +7,10 @@ include elinks.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.elinks | 10 | noblacklist ${HOME}/.elinks |
11 | 11 | ||
12 | mkdir ${HOME}/.elinks | 12 | mkdir ${HOME}/.elinks |
13 | allow ${HOME}/.elinks | 13 | whitelist ${HOME}/.elinks |
14 | 14 | ||
15 | private-bin elinks | 15 | private-bin elinks |
16 | 16 | ||
diff --git a/etc/profile-a-l/emacs.profile b/etc/profile-a-l/emacs.profile index f0e0e2830..55bf743ef 100644 --- a/etc/profile-a-l/emacs.profile +++ b/etc/profile-a-l/emacs.profile | |||
@@ -6,8 +6,8 @@ include emacs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.emacs | 9 | noblacklist ${HOME}/.emacs |
10 | nodeny ${HOME}/.emacs.d | 10 | noblacklist ${HOME}/.emacs.d |
11 | # Add the next line to your emacs.local if you need gpg support. | 11 | # Add the next line to your emacs.local if you need gpg support. |
12 | #noblacklist ${HOME}/.gnupg | 12 | #noblacklist ${HOME}/.gnupg |
13 | 13 | ||
diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile index 5fc72d340..6c9a8a6ea 100644 --- a/etc/profile-a-l/email-common.profile +++ b/etc/profile-a-l/email-common.profile | |||
@@ -7,14 +7,14 @@ include email-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | nodeny ${HOME}/.mozilla | 11 | noblacklist ${HOME}/.mozilla |
12 | nodeny ${HOME}/.signature | 12 | noblacklist ${HOME}/.signature |
13 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your email-common.local | 13 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your email-common.local |
14 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications | 14 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications |
15 | nodeny ${HOME}/Mail | 15 | noblacklist ${HOME}/Mail |
16 | 16 | ||
17 | nodeny ${DOCUMENTS} | 17 | noblacklist ${DOCUMENTS} |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
@@ -27,17 +27,17 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/.gnupg | 27 | mkdir ${HOME}/.gnupg |
28 | mkfile ${HOME}/.config/mimeapps.list | 28 | mkfile ${HOME}/.config/mimeapps.list |
29 | mkfile ${HOME}/.signature | 29 | mkfile ${HOME}/.signature |
30 | allow ${HOME}/.config/mimeapps.list | 30 | whitelist ${HOME}/.config/mimeapps.list |
31 | allow ${HOME}/.mozilla/firefox/profiles.ini | 31 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
32 | allow ${HOME}/.gnupg | 32 | whitelist ${HOME}/.gnupg |
33 | allow ${HOME}/.signature | 33 | whitelist ${HOME}/.signature |
34 | allow ${DOCUMENTS} | 34 | whitelist ${DOCUMENTS} |
35 | allow ${DOWNLOADS} | 35 | whitelist ${DOWNLOADS} |
36 | # when storing mail outside the default ${HOME}/Mail path, 'whitelist' the custom path in your email-common.local | 36 | # when storing mail outside the default ${HOME}/Mail path, 'whitelist' the custom path in your email-common.local |
37 | allow ${HOME}/Mail | 37 | whitelist ${HOME}/Mail |
38 | allow ${RUNUSER}/gnupg | 38 | whitelist ${RUNUSER}/gnupg |
39 | allow /usr/share/gnupg | 39 | whitelist /usr/share/gnupg |
40 | allow /usr/share/gnupg2 | 40 | whitelist /usr/share/gnupg2 |
41 | include whitelist-common.inc | 41 | include whitelist-common.inc |
42 | include whitelist-runuser-common.inc | 42 | include whitelist-runuser-common.inc |
43 | include whitelist-usr-share-common.inc | 43 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/enchant.profile b/etc/profile-a-l/enchant.profile index 36015b702..ac17b1726 100644 --- a/etc/profile-a-l/enchant.profile +++ b/etc/profile-a-l/enchant.profile | |||
@@ -6,9 +6,9 @@ include enchant.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | nodeny ${HOME}/.config/enchant | 11 | noblacklist ${HOME}/.config/enchant |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-programs.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/enchant | 21 | mkdir ${HOME}/.config/enchant |
22 | allow ${HOME}/.config/enchant | 22 | whitelist ${HOME}/.config/enchant |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/enox.profile b/etc/profile-a-l/enox.profile index 9a1d89bba..d982433e2 100644 --- a/etc/profile-a-l/enox.profile +++ b/etc/profile-a-l/enox.profile | |||
@@ -10,15 +10,15 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/Enox | 13 | noblacklist ${HOME}/.cache/Enox |
14 | nodeny ${HOME}/.config/Enox | 14 | noblacklist ${HOME}/.config/Enox |
15 | 15 | ||
16 | #mkdir ${HOME}/.cache/dnox | 16 | #mkdir ${HOME}/.cache/dnox |
17 | #mkdir ${HOME}/.config/dnox | 17 | #mkdir ${HOME}/.config/dnox |
18 | mkdir ${HOME}/.cache/Enox | 18 | mkdir ${HOME}/.cache/Enox |
19 | mkdir ${HOME}/.config/Enox | 19 | mkdir ${HOME}/.config/Enox |
20 | allow ${HOME}/.cache/Enox | 20 | whitelist ${HOME}/.cache/Enox |
21 | allow ${HOME}/.config/Enox | 21 | whitelist ${HOME}/.config/Enox |
22 | 22 | ||
23 | # Redirect | 23 | # Redirect |
24 | include chromium-common.profile | 24 | include chromium-common.profile |
diff --git a/etc/profile-a-l/enpass.profile b/etc/profile-a-l/enpass.profile index 5d8f8a0b9..c4123b4c2 100644 --- a/etc/profile-a-l/enpass.profile +++ b/etc/profile-a-l/enpass.profile | |||
@@ -6,11 +6,11 @@ include enpass.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Enpass | 9 | noblacklist ${HOME}/.cache/Enpass |
10 | nodeny ${HOME}/.config/sinew.in | 10 | noblacklist ${HOME}/.config/sinew.in |
11 | nodeny ${HOME}/.config/Sinew Software Systems | 11 | noblacklist ${HOME}/.config/Sinew Software Systems |
12 | nodeny ${HOME}/.local/share/Enpass | 12 | noblacklist ${HOME}/.local/share/Enpass |
13 | nodeny ${DOCUMENTS} | 13 | noblacklist ${DOCUMENTS} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -24,11 +24,11 @@ mkdir ${HOME}/.cache/Enpass | |||
24 | mkfile ${HOME}/.config/sinew.in | 24 | mkfile ${HOME}/.config/sinew.in |
25 | mkdir ${HOME}/.config/Sinew Software Systems | 25 | mkdir ${HOME}/.config/Sinew Software Systems |
26 | mkdir ${HOME}/.local/share/Enpass | 26 | mkdir ${HOME}/.local/share/Enpass |
27 | allow ${HOME}/.cache/Enpass | 27 | whitelist ${HOME}/.cache/Enpass |
28 | allow ${HOME}/.config/sinew.in | 28 | whitelist ${HOME}/.config/sinew.in |
29 | allow ${HOME}/.config/Sinew Software Systems | 29 | whitelist ${HOME}/.config/Sinew Software Systems |
30 | allow ${HOME}/.local/share/Enpass | 30 | whitelist ${HOME}/.local/share/Enpass |
31 | allow ${DOCUMENTS} | 31 | whitelist ${DOCUMENTS} |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-a-l/eo-common.profile b/etc/profile-a-l/eo-common.profile index ff7040e5c..fe7913e77 100644 --- a/etc/profile-a-l/eo-common.profile +++ b/etc/profile-a-l/eo-common.profile | |||
@@ -7,11 +7,11 @@ include eo-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.local/share/Trash | 10 | noblacklist ${HOME}/.local/share/Trash |
11 | nodeny ${HOME}/.Steam | 11 | noblacklist ${HOME}/.Steam |
12 | nodeny ${HOME}/.steam | 12 | noblacklist ${HOME}/.steam |
13 | 13 | ||
14 | deny /usr/libexec | 14 | blacklist /usr/libexec |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/eog.profile b/etc/profile-a-l/eog.profile index e8592c7df..5892374bd 100644 --- a/etc/profile-a-l/eog.profile +++ b/etc/profile-a-l/eog.profile | |||
@@ -6,9 +6,9 @@ include eog.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/eog | 9 | noblacklist ${HOME}/.config/eog |
10 | 10 | ||
11 | allow /usr/share/eog | 11 | whitelist /usr/share/eog |
12 | 12 | ||
13 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager'. | 13 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager'. |
14 | # Add the next lines to your eog.local if you need that functionality. | 14 | # Add the next lines to your eog.local if you need that functionality. |
diff --git a/etc/profile-a-l/eom.profile b/etc/profile-a-l/eom.profile index 323f5ade2..7143a8e03 100644 --- a/etc/profile-a-l/eom.profile +++ b/etc/profile-a-l/eom.profile | |||
@@ -6,9 +6,9 @@ include eom.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mate/eom | 9 | noblacklist ${HOME}/.config/mate/eom |
10 | 10 | ||
11 | allow /usr/share/eom | 11 | whitelist /usr/share/eom |
12 | 12 | ||
13 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager'. | 13 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager'. |
14 | # Add the next lines to your eom.local if you need that functionality. | 14 | # Add the next lines to your eom.local if you need that functionality. |
diff --git a/etc/profile-a-l/ephemeral.profile b/etc/profile-a-l/ephemeral.profile index 3657742b9..131d68951 100644 --- a/etc/profile-a-l/ephemeral.profile +++ b/etc/profile-a-l/ephemeral.profile | |||
@@ -9,8 +9,8 @@ include globals.local | |||
9 | # enforce private-cache | 9 | # enforce private-cache |
10 | #noblacklist ${HOME}/.cache/ephemeral | 10 | #noblacklist ${HOME}/.cache/ephemeral |
11 | 11 | ||
12 | nodeny ${HOME}/.pki | 12 | noblacklist ${HOME}/.pki |
13 | nodeny ${HOME}/.local/share/pki | 13 | noblacklist ${HOME}/.local/share/pki |
14 | 14 | ||
15 | # noexec ${HOME} breaks DRM binaries. | 15 | # noexec ${HOME} breaks DRM binaries. |
16 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 16 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
@@ -27,9 +27,9 @@ mkdir ${HOME}/.pki | |||
27 | mkdir ${HOME}/.local/share/pki | 27 | mkdir ${HOME}/.local/share/pki |
28 | # enforce private-cache | 28 | # enforce private-cache |
29 | #whitelist ${HOME}/.cache/ephemeral | 29 | #whitelist ${HOME}/.cache/ephemeral |
30 | allow ${HOME}/.pki | 30 | whitelist ${HOME}/.pki |
31 | allow ${HOME}/.local/share/pki | 31 | whitelist ${HOME}/.local/share/pki |
32 | allow ${DOWNLOADS} | 32 | whitelist ${DOWNLOADS} |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/epiphany.profile b/etc/profile-a-l/epiphany.profile index daedb2193..225811226 100644 --- a/etc/profile-a-l/epiphany.profile +++ b/etc/profile-a-l/epiphany.profile | |||
@@ -9,9 +9,9 @@ include globals.local | |||
9 | # Note: Epiphany use bwrap since 3.34 and can not be firejailed any more. | 9 | # Note: Epiphany use bwrap since 3.34 and can not be firejailed any more. |
10 | # See https://github.com/netblue30/firejail/issues/2995 | 10 | # See https://github.com/netblue30/firejail/issues/2995 |
11 | 11 | ||
12 | nodeny ${HOME}/.cache/epiphany | 12 | noblacklist ${HOME}/.cache/epiphany |
13 | nodeny ${HOME}/.config/epiphany | 13 | noblacklist ${HOME}/.config/epiphany |
14 | nodeny ${HOME}/.local/share/epiphany | 14 | noblacklist ${HOME}/.local/share/epiphany |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -21,10 +21,10 @@ include disable-programs.inc | |||
21 | mkdir ${HOME}/.cache/epiphany | 21 | mkdir ${HOME}/.cache/epiphany |
22 | mkdir ${HOME}/.config/epiphany | 22 | mkdir ${HOME}/.config/epiphany |
23 | mkdir ${HOME}/.local/share/epiphany | 23 | mkdir ${HOME}/.local/share/epiphany |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | allow ${HOME}/.cache/epiphany | 25 | whitelist ${HOME}/.cache/epiphany |
26 | allow ${HOME}/.config/epiphany | 26 | whitelist ${HOME}/.config/epiphany |
27 | allow ${HOME}/.local/share/epiphany | 27 | whitelist ${HOME}/.local/share/epiphany |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | 29 | ||
30 | caps.drop all | 30 | caps.drop all |
diff --git a/etc/profile-a-l/equalx.profile b/etc/profile-a-l/equalx.profile index ac957870c..964d3b7ca 100644 --- a/etc/profile-a-l/equalx.profile +++ b/etc/profile-a-l/equalx.profile | |||
@@ -6,8 +6,8 @@ include equalx.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/equalx | 9 | noblacklist ${HOME}/.config/equalx |
10 | nodeny ${HOME}/.equalx | 10 | noblacklist ${HOME}/.equalx |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,13 +20,13 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.config/equalx | 21 | mkdir ${HOME}/.config/equalx |
22 | mkdir ${HOME}/.equalx | 22 | mkdir ${HOME}/.equalx |
23 | allow ${HOME}/.config/equalx | 23 | whitelist ${HOME}/.config/equalx |
24 | allow ${HOME}/.equalx | 24 | whitelist ${HOME}/.equalx |
25 | allow /usr/share/poppler | 25 | whitelist /usr/share/poppler |
26 | allow /usr/share/ghostscript | 26 | whitelist /usr/share/ghostscript |
27 | allow /usr/share/texlive | 27 | whitelist /usr/share/texlive |
28 | allow /usr/share/equalx | 28 | whitelist /usr/share/equalx |
29 | allow /var/lib/texmf | 29 | whitelist /var/lib/texmf |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/etr.profile b/etc/profile-a-l/etr.profile index a2f46b757..fdff1e4b5 100644 --- a/etc/profile-a-l/etr.profile +++ b/etc/profile-a-l/etr.profile | |||
@@ -6,9 +6,9 @@ include etr.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.etr | 9 | noblacklist ${HOME}/.etr |
10 | 10 | ||
11 | deny /usr/libexec | 11 | blacklist /usr/libexec |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,10 +20,10 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.etr | 22 | mkdir ${HOME}/.etr |
23 | allow ${HOME}/.etr | 23 | whitelist ${HOME}/.etr |
24 | allow /usr/share/etr | 24 | whitelist /usr/share/etr |
25 | # Debian version | 25 | # Debian version |
26 | allow /usr/share/games/etr | 26 | whitelist /usr/share/games/etr |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index ce2617ad6..a9e39b15c 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile | |||
@@ -10,10 +10,10 @@ include globals.local | |||
10 | # Add the next line to your evince.local if you need bookmarks support. This also needs additional dbus-user filtering (see below). | 10 | # Add the next line to your evince.local if you need bookmarks support. This also needs additional dbus-user filtering (see below). |
11 | #noblacklist ${HOME}/.local/share/gvfs-metadata | 11 | #noblacklist ${HOME}/.local/share/gvfs-metadata |
12 | 12 | ||
13 | nodeny ${HOME}/.config/evince | 13 | noblacklist ${HOME}/.config/evince |
14 | nodeny ${DOCUMENTS} | 14 | noblacklist ${DOCUMENTS} |
15 | 15 | ||
16 | deny /usr/libexec | 16 | blacklist /usr/libexec |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -24,10 +24,10 @@ include disable-programs.inc | |||
24 | include disable-shell.inc | 24 | include disable-shell.inc |
25 | include disable-xdg.inc | 25 | include disable-xdg.inc |
26 | 26 | ||
27 | allow /usr/share/doc | 27 | whitelist /usr/share/doc |
28 | allow /usr/share/evince | 28 | whitelist /usr/share/evince |
29 | allow /usr/share/poppler | 29 | whitelist /usr/share/poppler |
30 | allow /usr/share/tracker | 30 | whitelist /usr/share/tracker |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/evolution.profile b/etc/profile-a-l/evolution.profile index 142498a28..7222493ac 100644 --- a/etc/profile-a-l/evolution.profile +++ b/etc/profile-a-l/evolution.profile | |||
@@ -6,15 +6,15 @@ include evolution.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /var/mail | 9 | noblacklist /var/mail |
10 | nodeny /var/spool/mail | 10 | noblacklist /var/spool/mail |
11 | nodeny ${HOME}/.bogofilter | 11 | noblacklist ${HOME}/.bogofilter |
12 | nodeny ${HOME}/.cache/evolution | 12 | noblacklist ${HOME}/.cache/evolution |
13 | nodeny ${HOME}/.config/evolution | 13 | noblacklist ${HOME}/.config/evolution |
14 | nodeny ${HOME}/.gnupg | 14 | noblacklist ${HOME}/.gnupg |
15 | nodeny ${HOME}/.local/share/evolution | 15 | noblacklist ${HOME}/.local/share/evolution |
16 | nodeny ${HOME}/.pki | 16 | noblacklist ${HOME}/.pki |
17 | nodeny ${HOME}/.local/share/pki | 17 | noblacklist ${HOME}/.local/share/pki |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
diff --git a/etc/profile-a-l/exiftool.profile b/etc/profile-a-l/exiftool.profile index 216814989..7b09a2c64 100644 --- a/etc/profile-a-l/exiftool.profile +++ b/etc/profile-a-l/exiftool.profile | |||
@@ -6,7 +6,7 @@ include exiftool.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | # Allow perl (blacklisted by disable-interpreters.inc) | 11 | # Allow perl (blacklisted by disable-interpreters.inc) |
12 | include allow-perl.inc | 12 | include allow-perl.inc |
@@ -18,7 +18,7 @@ include disable-interpreters.inc | |||
18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | 20 | ||
21 | allow /usr/share/perl-image-exiftool | 21 | whitelist /usr/share/perl-image-exiftool |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/falkon.profile b/etc/profile-a-l/falkon.profile index 9bb42945b..b2061db79 100644 --- a/etc/profile-a-l/falkon.profile +++ b/etc/profile-a-l/falkon.profile | |||
@@ -6,8 +6,8 @@ include falkon.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/falkon | 9 | noblacklist ${HOME}/.cache/falkon |
10 | nodeny ${HOME}/.config/falkon | 10 | noblacklist ${HOME}/.config/falkon |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,10 +19,10 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/falkon | 20 | mkdir ${HOME}/.cache/falkon |
21 | mkdir ${HOME}/.config/falkon | 21 | mkdir ${HOME}/.config/falkon |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow ${HOME}/.cache/falkon | 23 | whitelist ${HOME}/.cache/falkon |
24 | allow ${HOME}/.config/falkon | 24 | whitelist ${HOME}/.config/falkon |
25 | allow /usr/share/falkon | 25 | whitelist /usr/share/falkon |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/fbreader.profile b/etc/profile-a-l/fbreader.profile index d141c6ed5..8e81000fd 100644 --- a/etc/profile-a-l/fbreader.profile +++ b/etc/profile-a-l/fbreader.profile | |||
@@ -6,8 +6,8 @@ include fbreader.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.FBReader | 9 | noblacklist ${HOME}/.FBReader |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/fdns.profile b/etc/profile-a-l/fdns.profile index 17a365053..31cb1776c 100644 --- a/etc/profile-a-l/fdns.profile +++ b/etc/profile-a-l/fdns.profile | |||
@@ -5,11 +5,11 @@ include fdns.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny /sbin | 8 | noblacklist /sbin |
9 | nodeny /usr/sbin | 9 | noblacklist /usr/sbin |
10 | 10 | ||
11 | deny /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | deny ${RUNUSER}/wayland-* | 12 | blacklist ${RUNUSER}/wayland-* |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-a-l/feedreader.profile b/etc/profile-a-l/feedreader.profile index 359be083e..664ec2da6 100644 --- a/etc/profile-a-l/feedreader.profile +++ b/etc/profile-a-l/feedreader.profile | |||
@@ -6,8 +6,8 @@ include feedreader.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/feedreader | 9 | noblacklist ${HOME}/.cache/feedreader |
10 | nodeny ${HOME}/.local/share/feedreader | 10 | noblacklist ${HOME}/.local/share/feedreader |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.cache/feedreader | 21 | mkdir ${HOME}/.cache/feedreader |
22 | mkdir ${HOME}/.local/share/feedreader | 22 | mkdir ${HOME}/.local/share/feedreader |
23 | allow ${HOME}/.cache/feedreader | 23 | whitelist ${HOME}/.cache/feedreader |
24 | allow ${HOME}/.local/share/feedreader | 24 | whitelist ${HOME}/.local/share/feedreader |
25 | allow /usr/share/feedreader | 25 | whitelist /usr/share/feedreader |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/ferdi.profile b/etc/profile-a-l/ferdi.profile index f60055f37..a2372ec8a 100644 --- a/etc/profile-a-l/ferdi.profile +++ b/etc/profile-a-l/ferdi.profile | |||
@@ -7,10 +7,10 @@ include globals.local | |||
7 | 7 | ||
8 | ignore noexec /tmp | 8 | ignore noexec /tmp |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/Ferdi | 10 | noblacklist ${HOME}/.cache/Ferdi |
11 | nodeny ${HOME}/.config/Ferdi | 11 | noblacklist ${HOME}/.config/Ferdi |
12 | nodeny ${HOME}/.pki | 12 | noblacklist ${HOME}/.pki |
13 | nodeny ${HOME}/.local/share/pki | 13 | noblacklist ${HOME}/.local/share/pki |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,11 +22,11 @@ mkdir ${HOME}/.cache/Ferdi | |||
22 | mkdir ${HOME}/.config/Ferdi | 22 | mkdir ${HOME}/.config/Ferdi |
23 | mkdir ${HOME}/.pki | 23 | mkdir ${HOME}/.pki |
24 | mkdir ${HOME}/.local/share/pki | 24 | mkdir ${HOME}/.local/share/pki |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | allow ${HOME}/.cache/Ferdi | 26 | whitelist ${HOME}/.cache/Ferdi |
27 | allow ${HOME}/.config/Ferdi | 27 | whitelist ${HOME}/.config/Ferdi |
28 | allow ${HOME}/.pki | 28 | whitelist ${HOME}/.pki |
29 | allow ${HOME}/.local/share/pki | 29 | whitelist ${HOME}/.local/share/pki |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | 31 | ||
32 | caps.drop all | 32 | caps.drop all |
diff --git a/etc/profile-a-l/fetchmail.profile b/etc/profile-a-l/fetchmail.profile index 1e06ec29a..7358ed5c7 100644 --- a/etc/profile-a-l/fetchmail.profile +++ b/etc/profile-a-l/fetchmail.profile | |||
@@ -6,8 +6,8 @@ include fetchmail.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.fetchmailrc | 9 | noblacklist ${HOME}/.fetchmailrc |
10 | nodeny ${HOME}/.netrc | 10 | noblacklist ${HOME}/.netrc |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/ffmpeg.profile b/etc/profile-a-l/ffmpeg.profile index 1a64183ab..13ef1beb9 100644 --- a/etc/profile-a-l/ffmpeg.profile +++ b/etc/profile-a-l/ffmpeg.profile | |||
@@ -7,8 +7,8 @@ include ffmpeg.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | nodeny ${VIDEOS} | 11 | noblacklist ${VIDEOS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | allow /usr/share/devedeng | 22 | whitelist /usr/share/devedeng |
23 | allow /usr/share/ffmpeg | 23 | whitelist /usr/share/ffmpeg |
24 | allow /usr/share/qtchooser | 24 | whitelist /usr/share/qtchooser |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-a-l/file-roller.profile b/etc/profile-a-l/file-roller.profile index f7a938f24..4eeceeee8 100644 --- a/etc/profile-a-l/file-roller.profile +++ b/etc/profile-a-l/file-roller.profile | |||
@@ -13,9 +13,9 @@ include disable-interpreters.inc | |||
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | allow /usr/libexec/file-roller | 16 | whitelist /usr/libexec/file-roller |
17 | allow /usr/libexec/p7zip | 17 | whitelist /usr/libexec/p7zip |
18 | allow /usr/share/file-roller | 18 | whitelist /usr/share/file-roller |
19 | include whitelist-runuser-common.inc | 19 | include whitelist-runuser-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/file.profile b/etc/profile-a-l/file.profile index 426d1e72d..5c7583605 100644 --- a/etc/profile-a-l/file.profile +++ b/etc/profile-a-l/file.profile | |||
@@ -7,7 +7,7 @@ include file.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-exec.inc | 13 | include disable-exec.inc |
diff --git a/etc/profile-a-l/filezilla.profile b/etc/profile-a-l/filezilla.profile index d9e0e9da0..dc5def54f 100644 --- a/etc/profile-a-l/filezilla.profile +++ b/etc/profile-a-l/filezilla.profile | |||
@@ -6,8 +6,8 @@ include filezilla.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/filezilla | 9 | noblacklist ${HOME}/.config/filezilla |
10 | nodeny ${HOME}/.filezilla | 10 | noblacklist ${HOME}/.filezilla |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/firedragon.profile b/etc/profile-a-l/firedragon.profile index e22424794..77487161e 100644 --- a/etc/profile-a-l/firedragon.profile +++ b/etc/profile-a-l/firedragon.profile | |||
@@ -6,13 +6,13 @@ include firedragon.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/firedragon | 9 | noblacklist ${HOME}/.cache/firedragon |
10 | nodeny ${HOME}/.firedragon | 10 | noblacklist ${HOME}/.firedragon |
11 | 11 | ||
12 | mkdir ${HOME}/.cache/firedragon | 12 | mkdir ${HOME}/.cache/firedragon |
13 | mkdir ${HOME}/.firedragon | 13 | mkdir ${HOME}/.firedragon |
14 | allow ${HOME}/.cache/firedragon | 14 | whitelist ${HOME}/.cache/firedragon |
15 | allow ${HOME}/.firedragon | 15 | whitelist ${HOME}/.firedragon |
16 | 16 | ||
17 | # Add the next lines to your firedragon.local if you want to use the migration wizard. | 17 | # Add the next lines to your firedragon.local if you want to use the migration wizard. |
18 | #noblacklist ${HOME}/.mozilla | 18 | #noblacklist ${HOME}/.mozilla |
diff --git a/etc/profile-a-l/firefox-common-addons.profile b/etc/profile-a-l/firefox-common-addons.profile index 7e2e8760d..d282f9a60 100644 --- a/etc/profile-a-l/firefox-common-addons.profile +++ b/etc/profile-a-l/firefox-common-addons.profile | |||
@@ -5,74 +5,74 @@ include firefox-common-addons.local | |||
5 | ignore include whitelist-runuser-common.inc | 5 | ignore include whitelist-runuser-common.inc |
6 | ignore private-cache | 6 | ignore private-cache |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/youtube-dl | 8 | noblacklist ${HOME}/.cache/youtube-dl |
9 | nodeny ${HOME}/.config/kgetrc | 9 | noblacklist ${HOME}/.config/kgetrc |
10 | nodeny ${HOME}/.config/mpv | 10 | noblacklist ${HOME}/.config/mpv |
11 | nodeny ${HOME}/.config/okularpartrc | 11 | noblacklist ${HOME}/.config/okularpartrc |
12 | nodeny ${HOME}/.config/okularrc | 12 | noblacklist ${HOME}/.config/okularrc |
13 | nodeny ${HOME}/.config/qpdfview | 13 | noblacklist ${HOME}/.config/qpdfview |
14 | nodeny ${HOME}/.config/youtube-dl | 14 | noblacklist ${HOME}/.config/youtube-dl |
15 | nodeny ${HOME}/.kde/share/apps/kget | 15 | noblacklist ${HOME}/.kde/share/apps/kget |
16 | nodeny ${HOME}/.kde/share/apps/okular | 16 | noblacklist ${HOME}/.kde/share/apps/okular |
17 | nodeny ${HOME}/.kde/share/config/kgetrc | 17 | noblacklist ${HOME}/.kde/share/config/kgetrc |
18 | nodeny ${HOME}/.kde/share/config/okularpartrc | 18 | noblacklist ${HOME}/.kde/share/config/okularpartrc |
19 | nodeny ${HOME}/.kde/share/config/okularrc | 19 | noblacklist ${HOME}/.kde/share/config/okularrc |
20 | nodeny ${HOME}/.kde4/share/apps/kget | 20 | noblacklist ${HOME}/.kde4/share/apps/kget |
21 | nodeny ${HOME}/.kde4/share/apps/okular | 21 | noblacklist ${HOME}/.kde4/share/apps/okular |
22 | nodeny ${HOME}/.kde4/share/config/kgetrc | 22 | noblacklist ${HOME}/.kde4/share/config/kgetrc |
23 | nodeny ${HOME}/.kde4/share/config/okularpartrc | 23 | noblacklist ${HOME}/.kde4/share/config/okularpartrc |
24 | nodeny ${HOME}/.kde4/share/config/okularrc | 24 | noblacklist ${HOME}/.kde4/share/config/okularrc |
25 | nodeny ${HOME}/.local/share/kget | 25 | noblacklist ${HOME}/.local/share/kget |
26 | nodeny ${HOME}/.local/share/kxmlgui5/okular | 26 | noblacklist ${HOME}/.local/share/kxmlgui5/okular |
27 | nodeny ${HOME}/.local/share/okular | 27 | noblacklist ${HOME}/.local/share/okular |
28 | nodeny ${HOME}/.local/share/qpdfview | 28 | noblacklist ${HOME}/.local/share/qpdfview |
29 | nodeny ${HOME}/.netrc | 29 | noblacklist ${HOME}/.netrc |
30 | 30 | ||
31 | allow ${HOME}/.cache/gnome-mplayer/plugin | 31 | whitelist ${HOME}/.cache/gnome-mplayer/plugin |
32 | allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs | 32 | whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs |
33 | allow ${HOME}/.config/gnome-mplayer | 33 | whitelist ${HOME}/.config/gnome-mplayer |
34 | allow ${HOME}/.config/kgetrc | 34 | whitelist ${HOME}/.config/kgetrc |
35 | allow ${HOME}/.config/mpv | 35 | whitelist ${HOME}/.config/mpv |
36 | allow ${HOME}/.config/okularpartrc | 36 | whitelist ${HOME}/.config/okularpartrc |
37 | allow ${HOME}/.config/okularrc | 37 | whitelist ${HOME}/.config/okularrc |
38 | allow ${HOME}/.config/pipelight-silverlight5.1 | 38 | whitelist ${HOME}/.config/pipelight-silverlight5.1 |
39 | allow ${HOME}/.config/pipelight-widevine | 39 | whitelist ${HOME}/.config/pipelight-widevine |
40 | allow ${HOME}/.config/qpdfview | 40 | whitelist ${HOME}/.config/qpdfview |
41 | allow ${HOME}/.config/youtube-dl | 41 | whitelist ${HOME}/.config/youtube-dl |
42 | allow ${HOME}/.kde/share/apps/kget | 42 | whitelist ${HOME}/.kde/share/apps/kget |
43 | allow ${HOME}/.kde/share/apps/okular | 43 | whitelist ${HOME}/.kde/share/apps/okular |
44 | allow ${HOME}/.kde/share/config/kgetrc | 44 | whitelist ${HOME}/.kde/share/config/kgetrc |
45 | allow ${HOME}/.kde/share/config/okularpartrc | 45 | whitelist ${HOME}/.kde/share/config/okularpartrc |
46 | allow ${HOME}/.kde/share/config/okularrc | 46 | whitelist ${HOME}/.kde/share/config/okularrc |
47 | allow ${HOME}/.kde4/share/apps/kget | 47 | whitelist ${HOME}/.kde4/share/apps/kget |
48 | allow ${HOME}/.kde4/share/apps/okular | 48 | whitelist ${HOME}/.kde4/share/apps/okular |
49 | allow ${HOME}/.kde4/share/config/kgetrc | 49 | whitelist ${HOME}/.kde4/share/config/kgetrc |
50 | allow ${HOME}/.kde4/share/config/okularpartrc | 50 | whitelist ${HOME}/.kde4/share/config/okularpartrc |
51 | allow ${HOME}/.kde4/share/config/okularrc | 51 | whitelist ${HOME}/.kde4/share/config/okularrc |
52 | allow ${HOME}/.keysnail.js | 52 | whitelist ${HOME}/.keysnail.js |
53 | allow ${HOME}/.lastpass | 53 | whitelist ${HOME}/.lastpass |
54 | allow ${HOME}/.local/share/kget | 54 | whitelist ${HOME}/.local/share/kget |
55 | allow ${HOME}/.local/share/kxmlgui5/okular | 55 | whitelist ${HOME}/.local/share/kxmlgui5/okular |
56 | allow ${HOME}/.local/share/okular | 56 | whitelist ${HOME}/.local/share/okular |
57 | allow ${HOME}/.local/share/qpdfview | 57 | whitelist ${HOME}/.local/share/qpdfview |
58 | allow ${HOME}/.local/share/tridactyl | 58 | whitelist ${HOME}/.local/share/tridactyl |
59 | allow ${HOME}/.netrc | 59 | whitelist ${HOME}/.netrc |
60 | allow ${HOME}/.pentadactyl | 60 | whitelist ${HOME}/.pentadactyl |
61 | allow ${HOME}/.pentadactylrc | 61 | whitelist ${HOME}/.pentadactylrc |
62 | allow ${HOME}/.tridactylrc | 62 | whitelist ${HOME}/.tridactylrc |
63 | allow ${HOME}/.vimperator | 63 | whitelist ${HOME}/.vimperator |
64 | allow ${HOME}/.vimperatorrc | 64 | whitelist ${HOME}/.vimperatorrc |
65 | allow ${HOME}/.wine-pipelight | 65 | whitelist ${HOME}/.wine-pipelight |
66 | allow ${HOME}/.wine-pipelight64 | 66 | whitelist ${HOME}/.wine-pipelight64 |
67 | allow ${HOME}/.zotero | 67 | whitelist ${HOME}/.zotero |
68 | allow ${HOME}/dwhelper | 68 | whitelist ${HOME}/dwhelper |
69 | allow /usr/share/lua | 69 | whitelist /usr/share/lua |
70 | allow /usr/share/lua* | 70 | whitelist /usr/share/lua* |
71 | allow /usr/share/vulkan | 71 | whitelist /usr/share/vulkan |
72 | 72 | ||
73 | # GNOME Shell integration (chrome-gnome-shell) needs dbus and python | 73 | # GNOME Shell integration (chrome-gnome-shell) needs dbus and python |
74 | nodeny ${HOME}/.local/share/gnome-shell | 74 | noblacklist ${HOME}/.local/share/gnome-shell |
75 | allow ${HOME}/.local/share/gnome-shell | 75 | whitelist ${HOME}/.local/share/gnome-shell |
76 | dbus-user.talk ca.desrt.dconf | 76 | dbus-user.talk ca.desrt.dconf |
77 | dbus-user.talk org.gnome.ChromeGnomeShell | 77 | dbus-user.talk org.gnome.ChromeGnomeShell |
78 | dbus-user.talk org.gnome.Shell | 78 | dbus-user.talk org.gnome.Shell |
diff --git a/etc/profile-a-l/firefox-common.profile b/etc/profile-a-l/firefox-common.profile index cb0fae5dc..8b74ed979 100644 --- a/etc/profile-a-l/firefox-common.profile +++ b/etc/profile-a-l/firefox-common.profile | |||
@@ -12,8 +12,8 @@ include firefox-common.local | |||
12 | # Add the next line to your firefox-common.local to allow access to common programs/addons/plugins. | 12 | # Add the next line to your firefox-common.local to allow access to common programs/addons/plugins. |
13 | #include firefox-common-addons.profile | 13 | #include firefox-common-addons.profile |
14 | 14 | ||
15 | nodeny ${HOME}/.pki | 15 | noblacklist ${HOME}/.pki |
16 | nodeny ${HOME}/.local/share/pki | 16 | noblacklist ${HOME}/.local/share/pki |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -23,9 +23,9 @@ include disable-programs.inc | |||
23 | 23 | ||
24 | mkdir ${HOME}/.pki | 24 | mkdir ${HOME}/.pki |
25 | mkdir ${HOME}/.local/share/pki | 25 | mkdir ${HOME}/.local/share/pki |
26 | allow ${DOWNLOADS} | 26 | whitelist ${DOWNLOADS} |
27 | allow ${HOME}/.pki | 27 | whitelist ${HOME}/.pki |
28 | allow ${HOME}/.local/share/pki | 28 | whitelist ${HOME}/.local/share/pki |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/firefox-esr.profile b/etc/profile-a-l/firefox-esr.profile index 4fd315fdf..5e69fdb51 100644 --- a/etc/profile-a-l/firefox-esr.profile +++ b/etc/profile-a-l/firefox-esr.profile | |||
@@ -6,7 +6,7 @@ include firefox-esr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | allow /usr/share/firefox-esr | 9 | whitelist /usr/share/firefox-esr |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include firefox.profile | 12 | include firefox.profile |
diff --git a/etc/profile-a-l/firefox.profile b/etc/profile-a-l/firefox.profile index 8acfe7c2a..3ad67734d 100644 --- a/etc/profile-a-l/firefox.profile +++ b/etc/profile-a-l/firefox.profile | |||
@@ -14,27 +14,27 @@ include globals.local | |||
14 | # https://github.com/netblue30/firejail/wiki/Frequently-Asked-Questions#how-do-i-run-two-instances-of-firefox | 14 | # https://github.com/netblue30/firejail/wiki/Frequently-Asked-Questions#how-do-i-run-two-instances-of-firefox |
15 | # https://github.com/netblue30/firejail/issues/4206#issuecomment-824806968 | 15 | # https://github.com/netblue30/firejail/issues/4206#issuecomment-824806968 |
16 | 16 | ||
17 | nodeny ${HOME}/.cache/mozilla | 17 | noblacklist ${HOME}/.cache/mozilla |
18 | nodeny ${HOME}/.mozilla | 18 | noblacklist ${HOME}/.mozilla |
19 | 19 | ||
20 | deny /usr/libexec | 20 | blacklist /usr/libexec |
21 | 21 | ||
22 | mkdir ${HOME}/.cache/mozilla/firefox | 22 | mkdir ${HOME}/.cache/mozilla/firefox |
23 | mkdir ${HOME}/.mozilla | 23 | mkdir ${HOME}/.mozilla |
24 | allow ${HOME}/.cache/mozilla/firefox | 24 | whitelist ${HOME}/.cache/mozilla/firefox |
25 | allow ${HOME}/.mozilla | 25 | whitelist ${HOME}/.mozilla |
26 | 26 | ||
27 | # Add one of the following whitelist options to your firefox.local to enable KeePassXC Plugin support. | 27 | # Add one of the following whitelist options to your firefox.local to enable KeePassXC Plugin support. |
28 | # NOTE: start KeePassXC before Firefox and keep it open to allow communication between them. | 28 | # NOTE: start KeePassXC before Firefox and keep it open to allow communication between them. |
29 | #whitelist ${RUNUSER}/kpxc_server | 29 | #whitelist ${RUNUSER}/kpxc_server |
30 | #whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer | 30 | #whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer |
31 | 31 | ||
32 | allow /usr/share/doc | 32 | whitelist /usr/share/doc |
33 | allow /usr/share/firefox | 33 | whitelist /usr/share/firefox |
34 | allow /usr/share/gnome-shell/search-providers/firefox-search-provider.ini | 34 | whitelist /usr/share/gnome-shell/search-providers/firefox-search-provider.ini |
35 | allow /usr/share/gtk-doc/html | 35 | whitelist /usr/share/gtk-doc/html |
36 | allow /usr/share/mozilla | 36 | whitelist /usr/share/mozilla |
37 | allow /usr/share/webext | 37 | whitelist /usr/share/webext |
38 | include whitelist-usr-share-common.inc | 38 | include whitelist-usr-share-common.inc |
39 | 39 | ||
40 | # firefox requires a shell to launch on Arch - add the next line to your firefox.local to enable private-bin. | 40 | # firefox requires a shell to launch on Arch - add the next line to your firefox.local to enable private-bin. |
diff --git a/etc/profile-a-l/five-or-more.profile b/etc/profile-a-l/five-or-more.profile index bd1becaf0..2c86d3ac7 100644 --- a/etc/profile-a-l/five-or-more.profile +++ b/etc/profile-a-l/five-or-more.profile | |||
@@ -6,12 +6,12 @@ include five-or-more.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/five-or-more | 9 | noblacklist ${HOME}/.local/share/five-or-more |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/five-or-more | 11 | mkdir ${HOME}/.local/share/five-or-more |
12 | allow ${HOME}/.local/share/five-or-more | 12 | whitelist ${HOME}/.local/share/five-or-more |
13 | 13 | ||
14 | allow /usr/share/five-or-more | 14 | whitelist /usr/share/five-or-more |
15 | 15 | ||
16 | private-bin five-or-more | 16 | private-bin five-or-more |
17 | 17 | ||
diff --git a/etc/profile-a-l/flameshot.profile b/etc/profile-a-l/flameshot.profile index f16a65536..55af96c84 100644 --- a/etc/profile-a-l/flameshot.profile +++ b/etc/profile-a-l/flameshot.profile | |||
@@ -7,9 +7,9 @@ include flameshot.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${PICTURES} | 10 | noblacklist ${PICTURES} |
11 | nodeny ${HOME}/.config/Dharkael | 11 | noblacklist ${HOME}/.config/Dharkael |
12 | nodeny ${HOME}/.config/flameshot | 12 | noblacklist ${HOME}/.config/flameshot |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -25,7 +25,7 @@ include disable-xdg.inc | |||
25 | #whitelist ${PICTURES} | 25 | #whitelist ${PICTURES} |
26 | #whitelist ${HOME}/.config/Dharkael | 26 | #whitelist ${HOME}/.config/Dharkael |
27 | #whitelist ${HOME}/.config/flameshot | 27 | #whitelist ${HOME}/.config/flameshot |
28 | allow /usr/share/flameshot | 28 | whitelist /usr/share/flameshot |
29 | #include whitelist-common.inc | 29 | #include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/flashpeak-slimjet.profile b/etc/profile-a-l/flashpeak-slimjet.profile index af114e129..310fb378f 100644 --- a/etc/profile-a-l/flashpeak-slimjet.profile +++ b/etc/profile-a-l/flashpeak-slimjet.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/slimjet | 13 | noblacklist ${HOME}/.cache/slimjet |
14 | nodeny ${HOME}/.config/slimjet | 14 | noblacklist ${HOME}/.config/slimjet |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/slimjet | 16 | mkdir ${HOME}/.cache/slimjet |
17 | mkdir ${HOME}/.config/slimjet | 17 | mkdir ${HOME}/.config/slimjet |
18 | allow ${HOME}/.cache/slimjet | 18 | whitelist ${HOME}/.cache/slimjet |
19 | allow ${HOME}/.config/slimjet | 19 | whitelist ${HOME}/.config/slimjet |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-a-l/flowblade.profile b/etc/profile-a-l/flowblade.profile index 505763fb9..a4421e3ce 100644 --- a/etc/profile-a-l/flowblade.profile +++ b/etc/profile-a-l/flowblade.profile | |||
@@ -6,8 +6,8 @@ include flowblade.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/flowblade | 9 | noblacklist ${HOME}/.config/flowblade |
10 | nodeny ${HOME}/.flowblade | 10 | noblacklist ${HOME}/.flowblade |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/fluxbox.profile b/etc/profile-a-l/fluxbox.profile index a22c0e103..1210f365c 100644 --- a/etc/profile-a-l/fluxbox.profile +++ b/etc/profile-a-l/fluxbox.profile | |||
@@ -7,7 +7,7 @@ include fluxbox.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in fluxbox will run in this profile | 9 | # all applications started in fluxbox will run in this profile |
10 | nodeny ${HOME}/.fluxbox | 10 | noblacklist ${HOME}/.fluxbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/profile-a-l/font-manager.profile b/etc/profile-a-l/font-manager.profile index ff9167c1a..cd0129436 100644 --- a/etc/profile-a-l/font-manager.profile +++ b/etc/profile-a-l/font-manager.profile | |||
@@ -6,8 +6,8 @@ include font-manager.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/font-manager | 9 | noblacklist ${HOME}/.cache/font-manager |
10 | nodeny ${HOME}/.config/font-manager | 10 | noblacklist ${HOME}/.config/font-manager |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
@@ -24,9 +24,9 @@ include disable-xdg.inc | |||
24 | 24 | ||
25 | mkdir ${HOME}/.cache/font-manager | 25 | mkdir ${HOME}/.cache/font-manager |
26 | mkdir ${HOME}/.config/font-manager | 26 | mkdir ${HOME}/.config/font-manager |
27 | allow ${HOME}/.cache/font-manager | 27 | whitelist ${HOME}/.cache/font-manager |
28 | allow ${HOME}/.config/font-manager | 28 | whitelist ${HOME}/.config/font-manager |
29 | allow /usr/share/font-manager | 29 | whitelist /usr/share/font-manager |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
32 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/fontforge.profile b/etc/profile-a-l/fontforge.profile index 64c7655e2..bd1495877 100644 --- a/etc/profile-a-l/fontforge.profile +++ b/etc/profile-a-l/fontforge.profile | |||
@@ -6,8 +6,8 @@ include fontforge.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.FontForge | 9 | noblacklist ${HOME}/.FontForge |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/fossamail.profile b/etc/profile-a-l/fossamail.profile index 5e5a12794..2d700d336 100644 --- a/etc/profile-a-l/fossamail.profile +++ b/etc/profile-a-l/fossamail.profile | |||
@@ -6,16 +6,16 @@ include fossamail.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/fossamail | 9 | noblacklist ${HOME}/.cache/fossamail |
10 | nodeny ${HOME}/.fossamail | 10 | noblacklist ${HOME}/.fossamail |
11 | nodeny ${HOME}/.gnupg | 11 | noblacklist ${HOME}/.gnupg |
12 | 12 | ||
13 | mkdir ${HOME}/.cache/fossamail | 13 | mkdir ${HOME}/.cache/fossamail |
14 | mkdir ${HOME}/.fossamail | 14 | mkdir ${HOME}/.fossamail |
15 | mkdir ${HOME}/.gnupg | 15 | mkdir ${HOME}/.gnupg |
16 | allow ${HOME}/.cache/fossamail | 16 | whitelist ${HOME}/.cache/fossamail |
17 | allow ${HOME}/.fossamail | 17 | whitelist ${HOME}/.fossamail |
18 | allow ${HOME}/.gnupg | 18 | whitelist ${HOME}/.gnupg |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | 20 | ||
21 | # allow browsers | 21 | # allow browsers |
diff --git a/etc/profile-a-l/four-in-a-row.profile b/etc/profile-a-l/four-in-a-row.profile index 97fd4a626..eb0c43ca5 100644 --- a/etc/profile-a-l/four-in-a-row.profile +++ b/etc/profile-a-l/four-in-a-row.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | ignore machine-id | 9 | ignore machine-id |
10 | ignore nosound | 10 | ignore nosound |
11 | 11 | ||
12 | allow /usr/share/four-in-a-row | 12 | whitelist /usr/share/four-in-a-row |
13 | 13 | ||
14 | private-bin four-in-a-row | 14 | private-bin four-in-a-row |
15 | 15 | ||
diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile index 8edc9b02d..1b1d031b4 100644 --- a/etc/profile-a-l/fractal.profile +++ b/etc/profile-a-l/fractal.profile | |||
@@ -6,7 +6,7 @@ include fractal.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/fractal | 9 | noblacklist ${HOME}/.cache/fractal |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,8 +22,8 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.cache/fractal | 24 | mkdir ${HOME}/.cache/fractal |
25 | allow ${HOME}/.cache/fractal | 25 | whitelist ${HOME}/.cache/fractal |
26 | allow ${DOWNLOADS} | 26 | whitelist ${DOWNLOADS} |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/franz.profile b/etc/profile-a-l/franz.profile index 1a8ec8f99..9b780a572 100644 --- a/etc/profile-a-l/franz.profile +++ b/etc/profile-a-l/franz.profile | |||
@@ -7,10 +7,10 @@ include globals.local | |||
7 | 7 | ||
8 | ignore noexec /tmp | 8 | ignore noexec /tmp |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/Franz | 10 | noblacklist ${HOME}/.cache/Franz |
11 | nodeny ${HOME}/.config/Franz | 11 | noblacklist ${HOME}/.config/Franz |
12 | nodeny ${HOME}/.pki | 12 | noblacklist ${HOME}/.pki |
13 | nodeny ${HOME}/.local/share/pki | 13 | noblacklist ${HOME}/.local/share/pki |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,11 +22,11 @@ mkdir ${HOME}/.cache/Franz | |||
22 | mkdir ${HOME}/.config/Franz | 22 | mkdir ${HOME}/.config/Franz |
23 | mkdir ${HOME}/.pki | 23 | mkdir ${HOME}/.pki |
24 | mkdir ${HOME}/.local/share/pki | 24 | mkdir ${HOME}/.local/share/pki |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | allow ${HOME}/.cache/Franz | 26 | whitelist ${HOME}/.cache/Franz |
27 | allow ${HOME}/.config/Franz | 27 | whitelist ${HOME}/.config/Franz |
28 | allow ${HOME}/.pki | 28 | whitelist ${HOME}/.pki |
29 | allow ${HOME}/.local/share/pki | 29 | whitelist ${HOME}/.local/share/pki |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | 31 | ||
32 | caps.drop all | 32 | caps.drop all |
diff --git a/etc/profile-a-l/freecad.profile b/etc/profile-a-l/freecad.profile index a45ad4c7a..8043d0530 100644 --- a/etc/profile-a-l/freecad.profile +++ b/etc/profile-a-l/freecad.profile | |||
@@ -6,8 +6,8 @@ include freecad.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/FreeCAD | 9 | noblacklist ${HOME}/.config/FreeCAD |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/freeciv.profile b/etc/profile-a-l/freeciv.profile index 20abd4056..23c19682c 100644 --- a/etc/profile-a-l/freeciv.profile +++ b/etc/profile-a-l/freeciv.profile | |||
@@ -6,7 +6,7 @@ include freeciv.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.freeciv | 9 | noblacklist ${HOME}/.freeciv |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.freeciv | 19 | mkdir ${HOME}/.freeciv |
20 | allow ${HOME}/.freeciv | 20 | whitelist ${HOME}/.freeciv |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-a-l/freecol.profile b/etc/profile-a-l/freecol.profile index 79ccf4101..93fa7da03 100644 --- a/etc/profile-a-l/freecol.profile +++ b/etc/profile-a-l/freecol.profile | |||
@@ -6,10 +6,10 @@ include freecol.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.freecol | 9 | noblacklist ${HOME}/.freecol |
10 | nodeny ${HOME}/.cache/freecol | 10 | noblacklist ${HOME}/.cache/freecol |
11 | nodeny ${HOME}/.config/freecol | 11 | noblacklist ${HOME}/.config/freecol |
12 | nodeny ${HOME}/.local/share/freecol | 12 | noblacklist ${HOME}/.local/share/freecol |
13 | 13 | ||
14 | # Allow java (blacklisted by disable-devel.inc) | 14 | # Allow java (blacklisted by disable-devel.inc) |
15 | include allow-java.inc | 15 | include allow-java.inc |
@@ -26,11 +26,11 @@ mkdir ${HOME}/.java | |||
26 | mkdir ${HOME}/.cache/freecol | 26 | mkdir ${HOME}/.cache/freecol |
27 | mkdir ${HOME}/.config/freecol | 27 | mkdir ${HOME}/.config/freecol |
28 | mkdir ${HOME}/.local/share/freecol | 28 | mkdir ${HOME}/.local/share/freecol |
29 | allow ${HOME}/.freecol | 29 | whitelist ${HOME}/.freecol |
30 | allow ${HOME}/.java | 30 | whitelist ${HOME}/.java |
31 | allow ${HOME}/.cache/freecol | 31 | whitelist ${HOME}/.cache/freecol |
32 | allow ${HOME}/.config/freecol | 32 | whitelist ${HOME}/.config/freecol |
33 | allow ${HOME}/.local/share/freecol | 33 | whitelist ${HOME}/.local/share/freecol |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
36 | 36 | ||
diff --git a/etc/profile-a-l/freemind.profile b/etc/profile-a-l/freemind.profile index ba52dd208..699177039 100644 --- a/etc/profile-a-l/freemind.profile +++ b/etc/profile-a-l/freemind.profile | |||
@@ -6,8 +6,8 @@ include freemind.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${HOME}/.freemind | 10 | noblacklist ${HOME}/.freemind |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
diff --git a/etc/profile-a-l/freetube.profile b/etc/profile-a-l/freetube.profile index 4c321322c..e6aff533d 100644 --- a/etc/profile-a-l/freetube.profile +++ b/etc/profile-a-l/freetube.profile | |||
@@ -6,12 +6,12 @@ include freetube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/FreeTube | 9 | noblacklist ${HOME}/.config/FreeTube |
10 | 10 | ||
11 | include disable-shell.inc | 11 | include disable-shell.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.config/FreeTube | 13 | mkdir ${HOME}/.config/FreeTube |
14 | allow ${HOME}/.config/FreeTube | 14 | whitelist ${HOME}/.config/FreeTube |
15 | 15 | ||
16 | private-bin freetube | 16 | private-bin freetube |
17 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,pki,pulse,resolv.conf,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,pki,pulse,resolv.conf,ssl,X11,xdg |
diff --git a/etc/profile-a-l/frogatto.profile b/etc/profile-a-l/frogatto.profile index 3a6dfcfd6..b4ad81046 100644 --- a/etc/profile-a-l/frogatto.profile +++ b/etc/profile-a-l/frogatto.profile | |||
@@ -6,7 +6,7 @@ include frogatto.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.frogatto | 9 | noblacklist ${HOME}/.frogatto |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.frogatto | 19 | mkdir ${HOME}/.frogatto |
20 | allow ${HOME}/.frogatto | 20 | whitelist ${HOME}/.frogatto |
21 | allow /usr/libexec/frogatto | 21 | whitelist /usr/libexec/frogatto |
22 | allow /usr/share/frogatto | 22 | whitelist /usr/share/frogatto |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/frozen-bubble.profile b/etc/profile-a-l/frozen-bubble.profile index 12eca8eb0..76352e41e 100644 --- a/etc/profile-a-l/frozen-bubble.profile +++ b/etc/profile-a-l/frozen-bubble.profile | |||
@@ -6,7 +6,7 @@ include frozen-bubble.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.frozen-bubble | 9 | noblacklist ${HOME}/.frozen-bubble |
10 | 10 | ||
11 | # Allow perl (blacklisted by disable-interpreters.inc) | 11 | # Allow perl (blacklisted by disable-interpreters.inc) |
12 | include allow-perl.inc | 12 | include allow-perl.inc |
@@ -20,7 +20,7 @@ include disable-programs.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.frozen-bubble | 22 | mkdir ${HOME}/.frozen-bubble |
23 | allow ${HOME}/.frozen-bubble | 23 | whitelist ${HOME}/.frozen-bubble |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/funnyboat.profile b/etc/profile-a-l/funnyboat.profile index 07030df4b..8852925b1 100644 --- a/etc/profile-a-l/funnyboat.profile +++ b/etc/profile-a-l/funnyboat.profile | |||
@@ -5,7 +5,7 @@ include funnyboat.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.funnyboat | 8 | noblacklist ${HOME}/.funnyboat |
9 | 9 | ||
10 | ignore noexec /dev/shm | 10 | ignore noexec /dev/shm |
11 | include allow-python2.inc | 11 | include allow-python2.inc |
@@ -21,12 +21,12 @@ include disable-programs.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.funnyboat | 23 | mkdir ${HOME}/.funnyboat |
24 | allow ${HOME}/.funnyboat | 24 | whitelist ${HOME}/.funnyboat |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | allow /usr/share/funnyboat | 27 | whitelist /usr/share/funnyboat |
28 | # Debian: | 28 | # Debian: |
29 | allow /usr/share/games/funnyboat | 29 | whitelist /usr/share/games/funnyboat |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
diff --git a/etc/profile-a-l/gajim.profile b/etc/profile-a-l/gajim.profile index 4cd2cb1e6..ed3f0357d 100644 --- a/etc/profile-a-l/gajim.profile +++ b/etc/profile-a-l/gajim.profile | |||
@@ -6,10 +6,10 @@ include gajim.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.gnupg | 9 | noblacklist ${HOME}/.gnupg |
10 | nodeny ${HOME}/.cache/gajim | 10 | noblacklist ${HOME}/.cache/gajim |
11 | nodeny ${HOME}/.config/gajim | 11 | noblacklist ${HOME}/.config/gajim |
12 | nodeny ${HOME}/.local/share/gajim | 12 | noblacklist ${HOME}/.local/share/gajim |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | #include allow-python2.inc | 15 | #include allow-python2.inc |
@@ -28,14 +28,14 @@ mkdir ${HOME}/.gnupg | |||
28 | mkdir ${HOME}/.cache/gajim | 28 | mkdir ${HOME}/.cache/gajim |
29 | mkdir ${HOME}/.config/gajim | 29 | mkdir ${HOME}/.config/gajim |
30 | mkdir ${HOME}/.local/share/gajim | 30 | mkdir ${HOME}/.local/share/gajim |
31 | allow ${HOME}/.gnupg | 31 | whitelist ${HOME}/.gnupg |
32 | allow ${HOME}/.cache/gajim | 32 | whitelist ${HOME}/.cache/gajim |
33 | allow ${HOME}/.config/gajim | 33 | whitelist ${HOME}/.config/gajim |
34 | allow ${HOME}/.local/share/gajim | 34 | whitelist ${HOME}/.local/share/gajim |
35 | allow ${DOWNLOADS} | 35 | whitelist ${DOWNLOADS} |
36 | allow ${RUNUSER}/gnupg | 36 | whitelist ${RUNUSER}/gnupg |
37 | allow /usr/share/gnupg | 37 | whitelist /usr/share/gnupg |
38 | allow /usr/share/gnupg2 | 38 | whitelist /usr/share/gnupg2 |
39 | include whitelist-common.inc | 39 | include whitelist-common.inc |
40 | include whitelist-runuser-common.inc | 40 | include whitelist-runuser-common.inc |
41 | include whitelist-usr-share-common.inc | 41 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/galculator.profile b/etc/profile-a-l/galculator.profile index 0b1b595a6..550b3808b 100644 --- a/etc/profile-a-l/galculator.profile +++ b/etc/profile-a-l/galculator.profile | |||
@@ -6,7 +6,7 @@ include galculator.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/galculator | 9 | noblacklist ${HOME}/.config/galculator |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/galculator | 20 | mkdir ${HOME}/.config/galculator |
21 | allow ${HOME}/.config/galculator | 21 | whitelist ${HOME}/.config/galculator |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/gapplication.profile b/etc/profile-a-l/gapplication.profile index 00b830234..3a8c055f2 100644 --- a/etc/profile-a-l/gapplication.profile +++ b/etc/profile-a-l/gapplication.profile | |||
@@ -6,8 +6,8 @@ include gapplication.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | deny /usr/libexec | 10 | blacklist /usr/libexec |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gcloud.profile b/etc/profile-a-l/gcloud.profile index 896a100fc..388f4c0df 100644 --- a/etc/profile-a-l/gcloud.profile +++ b/etc/profile-a-l/gcloud.profile | |||
@@ -8,9 +8,9 @@ include globals.local | |||
8 | # noexec ${HOME} will break user-local installs of gcloud tooling | 8 | # noexec ${HOME} will break user-local installs of gcloud tooling |
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.boto | 11 | noblacklist ${HOME}/.boto |
12 | nodeny ${HOME}/.config/gcloud | 12 | noblacklist ${HOME}/.config/gcloud |
13 | nodeny /var/run/docker.sock | 13 | noblacklist /var/run/docker.sock |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gconf-editor.profile b/etc/profile-a-l/gconf-editor.profile index 8f72f0b34..cb39174e5 100644 --- a/etc/profile-a-l/gconf-editor.profile +++ b/etc/profile-a-l/gconf-editor.profile | |||
@@ -7,9 +7,9 @@ include gconf-editor.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | 11 | ||
12 | allow /usr/share/gconf-editor | 12 | whitelist /usr/share/gconf-editor |
13 | 13 | ||
14 | ignore x11 none | 14 | ignore x11 none |
15 | 15 | ||
diff --git a/etc/profile-a-l/gconf.profile b/etc/profile-a-l/gconf.profile index 8c7013574..fec1a555a 100644 --- a/etc/profile-a-l/gconf.profile +++ b/etc/profile-a-l/gconf.profile | |||
@@ -6,9 +6,9 @@ include gconf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | nodeny ${HOME}/.config/gconf | 11 | noblacklist ${HOME}/.config/gconf |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
@@ -23,9 +23,9 @@ include disable-programs.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.config/gconf | 25 | mkdir ${HOME}/.config/gconf |
26 | allow ${HOME}/.config/gconf | 26 | whitelist ${HOME}/.config/gconf |
27 | allow /usr/share/GConf | 27 | whitelist /usr/share/GConf |
28 | allow /usr/share/gconf | 28 | whitelist /usr/share/gconf |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/geany.profile b/etc/profile-a-l/geany.profile index 706a85c75..6fdb9b37a 100644 --- a/etc/profile-a-l/geany.profile +++ b/etc/profile-a-l/geany.profile | |||
@@ -6,7 +6,7 @@ include geany.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/geany | 9 | noblacklist ${HOME}/.config/geany |
10 | 10 | ||
11 | # Allows files commonly used by IDEs | 11 | # Allows files commonly used by IDEs |
12 | include allow-common-devel.inc | 12 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/geary.profile b/etc/profile-a-l/geary.profile index 512fc1e59..74e135a7c 100644 --- a/etc/profile-a-l/geary.profile +++ b/etc/profile-a-l/geary.profile | |||
@@ -6,14 +6,14 @@ include geary.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/evolution | 9 | noblacklist ${HOME}/.cache/evolution |
10 | nodeny ${HOME}/.cache/folks | 10 | noblacklist ${HOME}/.cache/folks |
11 | nodeny ${HOME}/.cache/geary | 11 | noblacklist ${HOME}/.cache/geary |
12 | nodeny ${HOME}/.config/evolution | 12 | noblacklist ${HOME}/.config/evolution |
13 | nodeny ${HOME}/.config/geary | 13 | noblacklist ${HOME}/.config/geary |
14 | nodeny ${HOME}/.local/share/evolution | 14 | noblacklist ${HOME}/.local/share/evolution |
15 | nodeny ${HOME}/.local/share/geary | 15 | noblacklist ${HOME}/.local/share/geary |
16 | nodeny ${HOME}/.mozilla | 16 | noblacklist ${HOME}/.mozilla |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -31,16 +31,16 @@ mkdir ${HOME}/.config/evolution | |||
31 | mkdir ${HOME}/.config/geary | 31 | mkdir ${HOME}/.config/geary |
32 | mkdir ${HOME}/.local/share/evolution | 32 | mkdir ${HOME}/.local/share/evolution |
33 | mkdir ${HOME}/.local/share/geary | 33 | mkdir ${HOME}/.local/share/geary |
34 | allow ${DOWNLOADS} | 34 | whitelist ${DOWNLOADS} |
35 | allow ${HOME}/.cache/evolution | 35 | whitelist ${HOME}/.cache/evolution |
36 | allow ${HOME}/.cache/folks | 36 | whitelist ${HOME}/.cache/folks |
37 | allow ${HOME}/.cache/geary | 37 | whitelist ${HOME}/.cache/geary |
38 | allow ${HOME}/.config/evolution | 38 | whitelist ${HOME}/.config/evolution |
39 | allow ${HOME}/.config/geary | 39 | whitelist ${HOME}/.config/geary |
40 | allow ${HOME}/.local/share/evolution | 40 | whitelist ${HOME}/.local/share/evolution |
41 | allow ${HOME}/.local/share/geary | 41 | whitelist ${HOME}/.local/share/geary |
42 | allow ${HOME}/.mozilla/firefox/profiles.ini | 42 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
43 | allow /usr/share/geary | 43 | whitelist /usr/share/geary |
44 | include whitelist-common.inc | 44 | include whitelist-common.inc |
45 | include whitelist-runuser-common.inc | 45 | include whitelist-runuser-common.inc |
46 | include whitelist-usr-share-common.inc | 46 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gedit.profile b/etc/profile-a-l/gedit.profile index f11540374..108b7041d 100644 --- a/etc/profile-a-l/gedit.profile +++ b/etc/profile-a-l/gedit.profile | |||
@@ -6,8 +6,8 @@ include gedit.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/enchant | 9 | noblacklist ${HOME}/.config/enchant |
10 | nodeny ${HOME}/.config/gedit | 10 | noblacklist ${HOME}/.config/gedit |
11 | 11 | ||
12 | # Allows files commonly used by IDEs | 12 | # Allows files commonly used by IDEs |
13 | include allow-common-devel.inc | 13 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/geeqie.profile b/etc/profile-a-l/geeqie.profile index 8ec3bbaf9..dd33b3fb5 100644 --- a/etc/profile-a-l/geeqie.profile +++ b/etc/profile-a-l/geeqie.profile | |||
@@ -6,9 +6,9 @@ include geeqie.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/geeqie | 9 | noblacklist ${HOME}/.cache/geeqie |
10 | nodeny ${HOME}/.config/geeqie | 10 | noblacklist ${HOME}/.config/geeqie |
11 | nodeny ${HOME}/.local/share/geeqie | 11 | noblacklist ${HOME}/.local/share/geeqie |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gfeeds.profile b/etc/profile-a-l/gfeeds.profile index 1661da639..f894a42ca 100644 --- a/etc/profile-a-l/gfeeds.profile +++ b/etc/profile-a-l/gfeeds.profile | |||
@@ -6,10 +6,10 @@ include gfeeds.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/gfeeds | 9 | noblacklist ${HOME}/.cache/gfeeds |
10 | nodeny ${HOME}/.cache/org.gabmus.gfeeds | 10 | noblacklist ${HOME}/.cache/org.gabmus.gfeeds |
11 | nodeny ${HOME}/.config/org.gabmus.gfeeds.json | 11 | noblacklist ${HOME}/.config/org.gabmus.gfeeds.json |
12 | nodeny ${HOME}/.config/org.gabmus.gfeeds.saved_articles | 12 | noblacklist ${HOME}/.config/org.gabmus.gfeeds.saved_articles |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python3.inc | 15 | include allow-python3.inc |
@@ -27,12 +27,12 @@ mkdir ${HOME}/.cache/gfeeds | |||
27 | mkdir ${HOME}/.cache/org.gabmus.gfeeds | 27 | mkdir ${HOME}/.cache/org.gabmus.gfeeds |
28 | mkfile ${HOME}/.config/org.gabmus.gfeeds.json | 28 | mkfile ${HOME}/.config/org.gabmus.gfeeds.json |
29 | mkdir ${HOME}/.config/org.gabmus.gfeeds.saved_articles | 29 | mkdir ${HOME}/.config/org.gabmus.gfeeds.saved_articles |
30 | allow ${HOME}/.cache/gfeeds | 30 | whitelist ${HOME}/.cache/gfeeds |
31 | allow ${HOME}/.cache/org.gabmus.gfeeds | 31 | whitelist ${HOME}/.cache/org.gabmus.gfeeds |
32 | allow ${HOME}/.config/org.gabmus.gfeeds.json | 32 | whitelist ${HOME}/.config/org.gabmus.gfeeds.json |
33 | allow ${HOME}/.config/org.gabmus.gfeeds.saved_articles | 33 | whitelist ${HOME}/.config/org.gabmus.gfeeds.saved_articles |
34 | allow /usr/libexec/webkit2gtk-4.0 | 34 | whitelist /usr/libexec/webkit2gtk-4.0 |
35 | allow /usr/share/gfeeds | 35 | whitelist /usr/share/gfeeds |
36 | include whitelist-common.inc | 36 | include whitelist-common.inc |
37 | include whitelist-runuser-common.inc | 37 | include whitelist-runuser-common.inc |
38 | include whitelist-usr-share-common.inc | 38 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gget.profile b/etc/profile-a-l/gget.profile index 06929dbe3..d9c5a0d9a 100644 --- a/etc/profile-a-l/gget.profile +++ b/etc/profile-a-l/gget.profile | |||
@@ -7,8 +7,8 @@ include gget.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-programs.inc | |||
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 0577fe24f..276ab76df 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile | |||
@@ -6,10 +6,10 @@ include ghostwriter.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/ghostwriter | 9 | noblacklist ${HOME}/.config/ghostwriter |
10 | nodeny ${HOME}/.local/share/ghostwriter | 10 | noblacklist ${HOME}/.local/share/ghostwriter |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | nodeny ${PICTURES} | 12 | noblacklist ${PICTURES} |
13 | 13 | ||
14 | include allow-lua.inc | 14 | include allow-lua.inc |
15 | 15 | ||
@@ -22,10 +22,10 @@ include disable-programs.inc | |||
22 | include disable-shell.inc | 22 | include disable-shell.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | allow /usr/share/ghostwriter | 25 | whitelist /usr/share/ghostwriter |
26 | allow /usr/share/mozilla-dicts | 26 | whitelist /usr/share/mozilla-dicts |
27 | allow /usr/share/texlive | 27 | whitelist /usr/share/texlive |
28 | allow /usr/share/pandoc* | 28 | whitelist /usr/share/pandoc* |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gimp.profile b/etc/profile-a-l/gimp.profile index de9db8d0f..dfc1304d1 100644 --- a/etc/profile-a-l/gimp.profile +++ b/etc/profile-a-l/gimp.profile | |||
@@ -18,13 +18,13 @@ include globals.local | |||
18 | # If you are not using external plugins, you can add 'noexec ${HOME}' to your gimp.local. | 18 | # If you are not using external plugins, you can add 'noexec ${HOME}' to your gimp.local. |
19 | ignore noexec ${HOME} | 19 | ignore noexec ${HOME} |
20 | 20 | ||
21 | nodeny ${HOME}/.cache/babl | 21 | noblacklist ${HOME}/.cache/babl |
22 | nodeny ${HOME}/.cache/gegl-0.4 | 22 | noblacklist ${HOME}/.cache/gegl-0.4 |
23 | nodeny ${HOME}/.cache/gimp | 23 | noblacklist ${HOME}/.cache/gimp |
24 | nodeny ${HOME}/.config/GIMP | 24 | noblacklist ${HOME}/.config/GIMP |
25 | nodeny ${HOME}/.gimp* | 25 | noblacklist ${HOME}/.gimp* |
26 | nodeny ${DOCUMENTS} | 26 | noblacklist ${DOCUMENTS} |
27 | nodeny ${PICTURES} | 27 | noblacklist ${PICTURES} |
28 | 28 | ||
29 | include disable-common.inc | 29 | include disable-common.inc |
30 | include disable-exec.inc | 30 | include disable-exec.inc |
@@ -33,10 +33,10 @@ include disable-passwdmgr.inc | |||
33 | include disable-programs.inc | 33 | include disable-programs.inc |
34 | include disable-xdg.inc | 34 | include disable-xdg.inc |
35 | 35 | ||
36 | allow /usr/share/gegl-0.4 | 36 | whitelist /usr/share/gegl-0.4 |
37 | allow /usr/share/gimp | 37 | whitelist /usr/share/gimp |
38 | allow /usr/share/mypaint-data | 38 | whitelist /usr/share/mypaint-data |
39 | allow /usr/share/lensfun | 39 | whitelist /usr/share/lensfun |
40 | include whitelist-usr-share-common.inc | 40 | include whitelist-usr-share-common.inc |
41 | include whitelist-var-common.inc | 41 | include whitelist-var-common.inc |
42 | 42 | ||
diff --git a/etc/profile-a-l/gist.profile b/etc/profile-a-l/gist.profile index e601d3ab0..661c3a375 100644 --- a/etc/profile-a-l/gist.profile +++ b/etc/profile-a-l/gist.profile | |||
@@ -7,10 +7,10 @@ include gist.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | 12 | ||
13 | nodeny ${HOME}/.gist | 13 | noblacklist ${HOME}/.gist |
14 | 14 | ||
15 | # Allow ruby (blacklisted by disable-interpreters.inc) | 15 | # Allow ruby (blacklisted by disable-interpreters.inc) |
16 | include allow-ruby.inc | 16 | include allow-ruby.inc |
@@ -24,8 +24,8 @@ include disable-programs.inc | |||
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | mkdir ${HOME}/.gist | 26 | mkdir ${HOME}/.gist |
27 | allow ${HOME}/.gist | 27 | whitelist ${HOME}/.gist |
28 | allow ${DOWNLOADS} | 28 | whitelist ${DOWNLOADS} |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/git-cola.profile b/etc/profile-a-l/git-cola.profile index 74b7506cf..5e4249376 100644 --- a/etc/profile-a-l/git-cola.profile +++ b/etc/profile-a-l/git-cola.profile | |||
@@ -8,12 +8,12 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.gitconfig | 11 | noblacklist ${HOME}/.gitconfig |
12 | nodeny ${HOME}/.git-credentials | 12 | noblacklist ${HOME}/.git-credentials |
13 | nodeny ${HOME}/.gnupg | 13 | noblacklist ${HOME}/.gnupg |
14 | nodeny ${HOME}/.subversion | 14 | noblacklist ${HOME}/.subversion |
15 | nodeny ${HOME}/.config/git | 15 | noblacklist ${HOME}/.config/git |
16 | nodeny ${HOME}/.config/git-cola | 16 | noblacklist ${HOME}/.config/git-cola |
17 | # Add your editor/diff viewer config paths and the next line to your git-cola.local to load settings. | 17 | # Add your editor/diff viewer config paths and the next line to your git-cola.local to load settings. |
18 | #noblacklist ${HOME}/ | 18 | #noblacklist ${HOME}/ |
19 | 19 | ||
@@ -32,17 +32,17 @@ include disable-passwdmgr.inc | |||
32 | include disable-programs.inc | 32 | include disable-programs.inc |
33 | include disable-xdg.inc | 33 | include disable-xdg.inc |
34 | 34 | ||
35 | allow ${RUNUSER}/gnupg | 35 | whitelist ${RUNUSER}/gnupg |
36 | allow ${RUNUSER}/keyring | 36 | whitelist ${RUNUSER}/keyring |
37 | # Add additional whitelist paths below /usr/share to your git-cola.local to support your editor/diff viewer. | 37 | # Add additional whitelist paths below /usr/share to your git-cola.local to support your editor/diff viewer. |
38 | allow /usr/share/git | 38 | whitelist /usr/share/git |
39 | allow /usr/share/git-cola | 39 | whitelist /usr/share/git-cola |
40 | allow /usr/share/git-core | 40 | whitelist /usr/share/git-core |
41 | allow /usr/share/git-gui | 41 | whitelist /usr/share/git-gui |
42 | allow /usr/share/gitk | 42 | whitelist /usr/share/gitk |
43 | allow /usr/share/gitweb | 43 | whitelist /usr/share/gitweb |
44 | allow /usr/share/gnupg | 44 | whitelist /usr/share/gnupg |
45 | allow /usr/share/gnupg2 | 45 | whitelist /usr/share/gnupg2 |
46 | include whitelist-runuser-common.inc | 46 | include whitelist-runuser-common.inc |
47 | include whitelist-usr-share-common.inc | 47 | include whitelist-usr-share-common.inc |
48 | include whitelist-var-common.inc | 48 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/git.profile b/etc/profile-a-l/git.profile index 680e91085..bfa0081c6 100644 --- a/etc/profile-a-l/git.profile +++ b/etc/profile-a-l/git.profile | |||
@@ -7,33 +7,33 @@ include git.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/git | 10 | noblacklist ${HOME}/.config/git |
11 | nodeny ${HOME}/.config/nano | 11 | noblacklist ${HOME}/.config/nano |
12 | nodeny ${HOME}/.emacs | 12 | noblacklist ${HOME}/.emacs |
13 | nodeny ${HOME}/.emacs.d | 13 | noblacklist ${HOME}/.emacs.d |
14 | nodeny ${HOME}/.gitconfig | 14 | noblacklist ${HOME}/.gitconfig |
15 | nodeny ${HOME}/.git-credentials | 15 | noblacklist ${HOME}/.git-credentials |
16 | nodeny ${HOME}/.gnupg | 16 | noblacklist ${HOME}/.gnupg |
17 | nodeny ${HOME}/.nanorc | 17 | noblacklist ${HOME}/.nanorc |
18 | nodeny ${HOME}/.vim | 18 | noblacklist ${HOME}/.vim |
19 | nodeny ${HOME}/.viminfo | 19 | noblacklist ${HOME}/.viminfo |
20 | 20 | ||
21 | # Allow ssh (blacklisted by disable-common.inc) | 21 | # Allow ssh (blacklisted by disable-common.inc) |
22 | include allow-ssh.inc | 22 | include allow-ssh.inc |
23 | 23 | ||
24 | deny /tmp/.X11-unix | 24 | blacklist /tmp/.X11-unix |
25 | deny ${RUNUSER}/wayland-* | 25 | blacklist ${RUNUSER}/wayland-* |
26 | 26 | ||
27 | include disable-common.inc | 27 | include disable-common.inc |
28 | include disable-exec.inc | 28 | include disable-exec.inc |
29 | include disable-passwdmgr.inc | 29 | include disable-passwdmgr.inc |
30 | include disable-programs.inc | 30 | include disable-programs.inc |
31 | 31 | ||
32 | allow /usr/share/git | 32 | whitelist /usr/share/git |
33 | allow /usr/share/git-core | 33 | whitelist /usr/share/git-core |
34 | allow /usr/share/gitgui | 34 | whitelist /usr/share/gitgui |
35 | allow /usr/share/gitweb | 35 | whitelist /usr/share/gitweb |
36 | allow /usr/share/nano | 36 | whitelist /usr/share/nano |
37 | include whitelist-usr-share-common.inc | 37 | include whitelist-usr-share-common.inc |
38 | include whitelist-var-common.inc | 38 | include whitelist-var-common.inc |
39 | 39 | ||
diff --git a/etc/profile-a-l/gitg.profile b/etc/profile-a-l/gitg.profile index d313b5022..05d7dffa9 100644 --- a/etc/profile-a-l/gitg.profile +++ b/etc/profile-a-l/gitg.profile | |||
@@ -6,10 +6,10 @@ include gitg.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/git | 9 | noblacklist ${HOME}/.config/git |
10 | nodeny ${HOME}/.gitconfig | 10 | noblacklist ${HOME}/.gitconfig |
11 | nodeny ${HOME}/.git-credentials | 11 | noblacklist ${HOME}/.git-credentials |
12 | nodeny ${HOME}/.local/share/gitg | 12 | noblacklist ${HOME}/.local/share/gitg |
13 | 13 | ||
14 | # Allow ssh (blacklisted by disable-common.inc) | 14 | # Allow ssh (blacklisted by disable-common.inc) |
15 | include allow-ssh.inc | 15 | include allow-ssh.inc |
@@ -29,7 +29,7 @@ include disable-programs.inc | |||
29 | #whitelist ${HOME}/.ssh | 29 | #whitelist ${HOME}/.ssh |
30 | #include whitelist-common.inc | 30 | #include whitelist-common.inc |
31 | 31 | ||
32 | allow /usr/share/gitg | 32 | whitelist /usr/share/gitg |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/github-desktop.profile b/etc/profile-a-l/github-desktop.profile index 81b534a74..325c54ced 100644 --- a/etc/profile-a-l/github-desktop.profile +++ b/etc/profile-a-l/github-desktop.profile | |||
@@ -22,10 +22,10 @@ ignore apparmor | |||
22 | ignore dbus-user none | 22 | ignore dbus-user none |
23 | ignore dbus-system none | 23 | ignore dbus-system none |
24 | 24 | ||
25 | nodeny ${HOME}/.config/GitHub Desktop | 25 | noblacklist ${HOME}/.config/GitHub Desktop |
26 | nodeny ${HOME}/.config/git | 26 | noblacklist ${HOME}/.config/git |
27 | nodeny ${HOME}/.gitconfig | 27 | noblacklist ${HOME}/.gitconfig |
28 | nodeny ${HOME}/.git-credentials | 28 | noblacklist ${HOME}/.git-credentials |
29 | 29 | ||
30 | # no3d | 30 | # no3d |
31 | nosound | 31 | nosound |
diff --git a/etc/profile-a-l/gitter.profile b/etc/profile-a-l/gitter.profile index 2d1694ef7..460e2b990 100644 --- a/etc/profile-a-l/gitter.profile +++ b/etc/profile-a-l/gitter.profile | |||
@@ -5,8 +5,8 @@ include gitter.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/autostart | 8 | noblacklist ${HOME}/.config/autostart |
9 | nodeny ${HOME}/.config/Gitter | 9 | noblacklist ${HOME}/.config/Gitter |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/Gitter | 18 | mkdir ${HOME}/.config/Gitter |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.config/autostart | 20 | whitelist ${HOME}/.config/autostart |
21 | allow ${HOME}/.config/Gitter | 21 | whitelist ${HOME}/.config/Gitter |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-a-l/gjs.profile b/etc/profile-a-l/gjs.profile index e00bb1dbf..ed68b3c2d 100644 --- a/etc/profile-a-l/gjs.profile +++ b/etc/profile-a-l/gjs.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/libgweather | 11 | noblacklist ${HOME}/.cache/libgweather |
12 | nodeny ${HOME}/.cache/org.gnome.Books | 12 | noblacklist ${HOME}/.cache/org.gnome.Books |
13 | nodeny ${HOME}/.config/libreoffice | 13 | noblacklist ${HOME}/.config/libreoffice |
14 | nodeny ${HOME}/.local/share/gnome-photos | 14 | noblacklist ${HOME}/.local/share/gnome-photos |
15 | 15 | ||
16 | # Allow gjs (blacklisted by disable-interpreters.inc) | 16 | # Allow gjs (blacklisted by disable-interpreters.inc) |
17 | include allow-gjs.inc | 17 | include allow-gjs.inc |
diff --git a/etc/profile-a-l/gl-117.profile b/etc/profile-a-l/gl-117.profile index a3236c2be..c8cefc67e 100644 --- a/etc/profile-a-l/gl-117.profile +++ b/etc/profile-a-l/gl-117.profile | |||
@@ -6,7 +6,7 @@ include gl-117.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.gl-117 | 9 | noblacklist ${HOME}/.gl-117 |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.gl-117 | 20 | mkdir ${HOME}/.gl-117 |
21 | allow ${HOME}/.gl-117 | 21 | whitelist ${HOME}/.gl-117 |
22 | allow /usr/share/gl-117 | 22 | whitelist /usr/share/gl-117 |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/glaxium.profile b/etc/profile-a-l/glaxium.profile index ec894a5f3..ee7af0546 100644 --- a/etc/profile-a-l/glaxium.profile +++ b/etc/profile-a-l/glaxium.profile | |||
@@ -6,7 +6,7 @@ include glaxium.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.glaxiumrc | 9 | noblacklist ${HOME}/.glaxiumrc |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/.glaxiumrc | 20 | mkfile ${HOME}/.glaxiumrc |
21 | allow ${HOME}/.glaxiumrc | 21 | whitelist ${HOME}/.glaxiumrc |
22 | allow /usr/share/glaxium | 22 | whitelist /usr/share/glaxium |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/globaltime.profile b/etc/profile-a-l/globaltime.profile index e091b811f..14b3ef811 100644 --- a/etc/profile-a-l/globaltime.profile +++ b/etc/profile-a-l/globaltime.profile | |||
@@ -5,7 +5,7 @@ include globaltime.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/globaltime | 8 | noblacklist ${HOME}/.config/globaltime |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gmpc.profile b/etc/profile-a-l/gmpc.profile index 79397d28f..b3aad8b2c 100644 --- a/etc/profile-a-l/gmpc.profile +++ b/etc/profile-a-l/gmpc.profile | |||
@@ -6,8 +6,8 @@ include gmpc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gmpc | 9 | noblacklist ${HOME}/.config/gmpc |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-programs.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/gmpc | 20 | mkdir ${HOME}/.config/gmpc |
21 | allow ${HOME}/.config/gmpc | 21 | whitelist ${HOME}/.config/gmpc |
22 | allow ${MUSIC} | 22 | whitelist ${MUSIC} |
23 | allow /usr/share/gmpc | 23 | whitelist /usr/share/gmpc |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-2048.profile b/etc/profile-a-l/gnome-2048.profile index c723f6e46..777c81dbe 100644 --- a/etc/profile-a-l/gnome-2048.profile +++ b/etc/profile-a-l/gnome-2048.profile | |||
@@ -6,10 +6,10 @@ include gnome-2048.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/gnome-2048 | 9 | noblacklist ${HOME}/.local/share/gnome-2048 |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/gnome-2048 | 11 | mkdir ${HOME}/.local/share/gnome-2048 |
12 | allow ${HOME}/.local/share/gnome-2048 | 12 | whitelist ${HOME}/.local/share/gnome-2048 |
13 | 13 | ||
14 | private-bin gnome-2048 | 14 | private-bin gnome-2048 |
15 | 15 | ||
diff --git a/etc/profile-a-l/gnome-books.profile b/etc/profile-a-l/gnome-books.profile index 2ed5fa76b..34a7f557c 100644 --- a/etc/profile-a-l/gnome-books.profile +++ b/etc/profile-a-l/gnome-books.profile | |||
@@ -7,8 +7,8 @@ include globals.local | |||
7 | 7 | ||
8 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 8 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/org.gnome.Books | 10 | noblacklist ${HOME}/.cache/org.gnome.Books |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow gjs (blacklisted by disable-interpreters.inc) | 13 | # Allow gjs (blacklisted by disable-interpreters.inc) |
14 | include allow-gjs.inc | 14 | include allow-gjs.inc |
diff --git a/etc/profile-a-l/gnome-builder.profile b/etc/profile-a-l/gnome-builder.profile index 7dd1c6e22..37ca5aeff 100644 --- a/etc/profile-a-l/gnome-builder.profile +++ b/etc/profile-a-l/gnome-builder.profile | |||
@@ -6,11 +6,11 @@ include gnome-builder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.bash_history | 9 | noblacklist ${HOME}/.bash_history |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/gnome-builder | 11 | noblacklist ${HOME}/.cache/gnome-builder |
12 | nodeny ${HOME}/.config/gnome-builder | 12 | noblacklist ${HOME}/.config/gnome-builder |
13 | nodeny ${HOME}/.local/share/gnome-builder | 13 | noblacklist ${HOME}/.local/share/gnome-builder |
14 | 14 | ||
15 | # Allows files commonly used by IDEs | 15 | # Allows files commonly used by IDEs |
16 | include allow-common-devel.inc | 16 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/gnome-calendar.profile b/etc/profile-a-l/gnome-calendar.profile index d91fbaa4b..03acd66aa 100644 --- a/etc/profile-a-l/gnome-calendar.profile +++ b/etc/profile-a-l/gnome-calendar.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/libgweather | 18 | whitelist /usr/share/libgweather |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-characters.profile b/etc/profile-a-l/gnome-characters.profile index 806d7e571..741fe9bf7 100644 --- a/etc/profile-a-l/gnome-characters.profile +++ b/etc/profile-a-l/gnome-characters.profile | |||
@@ -18,7 +18,7 @@ include disable-programs.inc | |||
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | allow /usr/share/org.gnome.Characters | 21 | whitelist /usr/share/org.gnome.Characters |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | 23 | include whitelist-runuser-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-chess.profile b/etc/profile-a-l/gnome-chess.profile index 095210565..bd39f625c 100644 --- a/etc/profile-a-l/gnome-chess.profile +++ b/etc/profile-a-l/gnome-chess.profile | |||
@@ -6,8 +6,8 @@ include gnome-chess.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gnome-chess | 9 | noblacklist ${HOME}/.config/gnome-chess |
10 | nodeny ${HOME}/.local/share/gnome-chess | 10 | noblacklist ${HOME}/.local/share/gnome-chess |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -22,8 +22,8 @@ include disable-xdg.inc | |||
22 | #whitelist ${HOME}/.local/share/gnome-chess | 22 | #whitelist ${HOME}/.local/share/gnome-chess |
23 | #include whitelist-common.inc | 23 | #include whitelist-common.inc |
24 | 24 | ||
25 | allow /usr/share/gnuchess | 25 | whitelist /usr/share/gnuchess |
26 | allow /usr/share/gnome-chess | 26 | whitelist /usr/share/gnome-chess |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-clocks.profile b/etc/profile-a-l/gnome-clocks.profile index 7e2d458fd..1e7c70b84 100644 --- a/etc/profile-a-l/gnome-clocks.profile +++ b/etc/profile-a-l/gnome-clocks.profile | |||
@@ -15,8 +15,8 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/gnome-clocks | 18 | whitelist /usr/share/gnome-clocks |
19 | allow /usr/share/libgweather | 19 | whitelist /usr/share/libgweather |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-runuser-common.inc | 21 | include whitelist-runuser-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-contacts.profile b/etc/profile-a-l/gnome-contacts.profile index 7902fa169..dcc6163b6 100644 --- a/etc/profile-a-l/gnome-contacts.profile +++ b/etc/profile-a-l/gnome-contacts.profile | |||
@@ -6,7 +6,7 @@ include gnome-contacts.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gnome-documents.profile b/etc/profile-a-l/gnome-documents.profile index 0f601149f..29ad67af8 100644 --- a/etc/profile-a-l/gnome-documents.profile +++ b/etc/profile-a-l/gnome-documents.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
10 | 10 | ||
11 | nodeny ${HOME}/.config/libreoffice | 11 | noblacklist ${HOME}/.config/libreoffice |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow gjs (blacklisted by disable-interpreters.inc) | 14 | # Allow gjs (blacklisted by disable-interpreters.inc) |
15 | include allow-gjs.inc | 15 | include allow-gjs.inc |
diff --git a/etc/profile-a-l/gnome-hexgl.profile b/etc/profile-a-l/gnome-hexgl.profile index 50c3e2c6f..2db956faf 100644 --- a/etc/profile-a-l/gnome-hexgl.profile +++ b/etc/profile-a-l/gnome-hexgl.profile | |||
@@ -16,7 +16,7 @@ include disable-shell.inc | |||
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/mesa_shader_cache | 18 | mkdir ${HOME}/.cache/mesa_shader_cache |
19 | allow /usr/share/gnome-hexgl | 19 | whitelist /usr/share/gnome-hexgl |
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-keyring.profile b/etc/profile-a-l/gnome-keyring.profile index 62a5a34ea..25b4c47de 100644 --- a/etc/profile-a-l/gnome-keyring.profile +++ b/etc/profile-a-l/gnome-keyring.profile | |||
@@ -7,7 +7,7 @@ include gnome-keyring.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,12 +18,12 @@ include disable-programs.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.gnupg | 20 | mkdir ${HOME}/.gnupg |
21 | allow ${HOME}/.gnupg | 21 | whitelist ${HOME}/.gnupg |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow ${RUNUSER}/gnupg | 23 | whitelist ${RUNUSER}/gnupg |
24 | allow ${RUNUSER}/keyring | 24 | whitelist ${RUNUSER}/keyring |
25 | allow /usr/share/gnupg | 25 | whitelist /usr/share/gnupg |
26 | allow /usr/share/gnupg2 | 26 | whitelist /usr/share/gnupg2 |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-klotski.profile b/etc/profile-a-l/gnome-klotski.profile index ed074f944..c67a5c0da 100644 --- a/etc/profile-a-l/gnome-klotski.profile +++ b/etc/profile-a-l/gnome-klotski.profile | |||
@@ -6,10 +6,10 @@ include gnome-klotski.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/gnome-klotski | 9 | noblacklist ${HOME}/.local/share/gnome-klotski |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/gnome-klotski | 11 | mkdir ${HOME}/.local/share/gnome-klotski |
12 | allow ${HOME}/.local/share/gnome-klotski | 12 | whitelist ${HOME}/.local/share/gnome-klotski |
13 | 13 | ||
14 | private-bin gnome-klotski | 14 | private-bin gnome-klotski |
15 | 15 | ||
diff --git a/etc/profile-a-l/gnome-latex.profile b/etc/profile-a-l/gnome-latex.profile index 4a03a7ff5..1a7eafeca 100644 --- a/etc/profile-a-l/gnome-latex.profile +++ b/etc/profile-a-l/gnome-latex.profile | |||
@@ -6,8 +6,8 @@ include gnome-latex.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gnome-latex | 9 | noblacklist ${HOME}/.config/gnome-latex |
10 | nodeny ${HOME}/.local/share/gnome-latex | 10 | noblacklist ${HOME}/.local/share/gnome-latex |
11 | 11 | ||
12 | # Allow perl (blacklisted by disable-interpreters.inc) | 12 | # Allow perl (blacklisted by disable-interpreters.inc) |
13 | include allow-perl.inc | 13 | include allow-perl.inc |
@@ -19,8 +19,8 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | allow /usr/share/gnome-latex | 22 | whitelist /usr/share/gnome-latex |
23 | allow /usr/share/texlive | 23 | whitelist /usr/share/texlive |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | # May cause issues. | 26 | # May cause issues. |
diff --git a/etc/profile-a-l/gnome-logs.profile b/etc/profile-a-l/gnome-logs.profile index fcc02dc76..9d2ea7b7b 100644 --- a/etc/profile-a-l/gnome-logs.profile +++ b/etc/profile-a-l/gnome-logs.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /var/log/journal | 18 | whitelist /var/log/journal |
19 | include whitelist-runuser-common.inc | 19 | include whitelist-runuser-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-mahjongg.profile b/etc/profile-a-l/gnome-mahjongg.profile index e21f03efe..42409dce8 100644 --- a/etc/profile-a-l/gnome-mahjongg.profile +++ b/etc/profile-a-l/gnome-mahjongg.profile | |||
@@ -6,7 +6,7 @@ include gnome-mahjongg.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | allow /usr/share/gnome-mahjongg | 9 | whitelist /usr/share/gnome-mahjongg |
10 | 10 | ||
11 | private-bin gnome-mahjongg | 11 | private-bin gnome-mahjongg |
12 | 12 | ||
diff --git a/etc/profile-a-l/gnome-maps.profile b/etc/profile-a-l/gnome-maps.profile index cf4eceee3..23aab343f 100644 --- a/etc/profile-a-l/gnome-maps.profile +++ b/etc/profile-a-l/gnome-maps.profile | |||
@@ -11,14 +11,14 @@ include globals.local | |||
11 | 11 | ||
12 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 12 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
13 | 13 | ||
14 | nodeny ${HOME}/.cache/champlain | 14 | noblacklist ${HOME}/.cache/champlain |
15 | nodeny ${HOME}/.cache/org.gnome.Maps | 15 | noblacklist ${HOME}/.cache/org.gnome.Maps |
16 | nodeny ${HOME}/.local/share/maps-places.json | 16 | noblacklist ${HOME}/.local/share/maps-places.json |
17 | 17 | ||
18 | # Allow gjs (blacklisted by disable-interpreters.inc) | 18 | # Allow gjs (blacklisted by disable-interpreters.inc) |
19 | include allow-gjs.inc | 19 | include allow-gjs.inc |
20 | 20 | ||
21 | deny /usr/libexec | 21 | blacklist /usr/libexec |
22 | 22 | ||
23 | include disable-common.inc | 23 | include disable-common.inc |
24 | include disable-devel.inc | 24 | include disable-devel.inc |
@@ -31,12 +31,12 @@ include disable-xdg.inc | |||
31 | 31 | ||
32 | mkdir ${HOME}/.cache/champlain | 32 | mkdir ${HOME}/.cache/champlain |
33 | mkfile ${HOME}/.local/share/maps-places.json | 33 | mkfile ${HOME}/.local/share/maps-places.json |
34 | allow ${HOME}/.cache/champlain | 34 | whitelist ${HOME}/.cache/champlain |
35 | allow ${HOME}/.local/share/maps-places.json | 35 | whitelist ${HOME}/.local/share/maps-places.json |
36 | allow ${DOWNLOADS} | 36 | whitelist ${DOWNLOADS} |
37 | allow ${PICTURES} | 37 | whitelist ${PICTURES} |
38 | allow /usr/share/gnome-maps | 38 | whitelist /usr/share/gnome-maps |
39 | allow /usr/share/libgweather | 39 | whitelist /usr/share/libgweather |
40 | include whitelist-common.inc | 40 | include whitelist-common.inc |
41 | include whitelist-runuser-common.inc | 41 | include whitelist-runuser-common.inc |
42 | include whitelist-usr-share-common.inc | 42 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-mines.profile b/etc/profile-a-l/gnome-mines.profile index 1b2949bc5..4fe8986c2 100644 --- a/etc/profile-a-l/gnome-mines.profile +++ b/etc/profile-a-l/gnome-mines.profile | |||
@@ -6,11 +6,11 @@ include gnome-mines.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/gnome-mines | 9 | noblacklist ${HOME}/.local/share/gnome-mines |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/gnome-mines | 11 | mkdir ${HOME}/.local/share/gnome-mines |
12 | allow ${HOME}/.local/share/gnome-mines | 12 | whitelist ${HOME}/.local/share/gnome-mines |
13 | allow /usr/share/gnome-mines | 13 | whitelist /usr/share/gnome-mines |
14 | 14 | ||
15 | private-bin gnome-mines | 15 | private-bin gnome-mines |
16 | 16 | ||
diff --git a/etc/profile-a-l/gnome-mplayer.profile b/etc/profile-a-l/gnome-mplayer.profile index c1cbc796a..43fe71f5e 100644 --- a/etc/profile-a-l/gnome-mplayer.profile +++ b/etc/profile-a-l/gnome-mplayer.profile | |||
@@ -6,9 +6,9 @@ include gnome-mplayer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gnome-mplayer | 9 | noblacklist ${HOME}/.config/gnome-mplayer |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | nodeny ${VIDEOS} | 11 | noblacklist ${VIDEOS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gnome-music.profile b/etc/profile-a-l/gnome-music.profile index 8fd0826c4..2fcbe9910 100644 --- a/etc/profile-a-l/gnome-music.profile +++ b/etc/profile-a-l/gnome-music.profile | |||
@@ -6,8 +6,8 @@ include gnome-music.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/gnome-music | 9 | noblacklist ${HOME}/.local/share/gnome-music |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/gnome-nettool.profile b/etc/profile-a-l/gnome-nettool.profile index a929582f8..814751db3 100644 --- a/etc/profile-a-l/gnome-nettool.profile +++ b/etc/profile-a-l/gnome-nettool.profile | |||
@@ -14,7 +14,7 @@ include disable-passwdmgr.inc | |||
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | include disable-xdg.inc | 15 | include disable-xdg.inc |
16 | 16 | ||
17 | allow /usr/share/gnome-nettool | 17 | whitelist /usr/share/gnome-nettool |
18 | #include whitelist-common.inc -- see #903 | 18 | #include whitelist-common.inc -- see #903 |
19 | include whitelist-runuser-common.inc | 19 | include whitelist-runuser-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-nibbles.profile b/etc/profile-a-l/gnome-nibbles.profile index d4c037a41..b22810d34 100644 --- a/etc/profile-a-l/gnome-nibbles.profile +++ b/etc/profile-a-l/gnome-nibbles.profile | |||
@@ -9,11 +9,11 @@ include globals.local | |||
9 | ignore machine-id | 9 | ignore machine-id |
10 | ignore nosound | 10 | ignore nosound |
11 | 11 | ||
12 | nodeny ${HOME}/.local/share/gnome-nibbles | 12 | noblacklist ${HOME}/.local/share/gnome-nibbles |
13 | 13 | ||
14 | mkdir ${HOME}/.local/share/gnome-nibbles | 14 | mkdir ${HOME}/.local/share/gnome-nibbles |
15 | allow ${HOME}/.local/share/gnome-nibbles | 15 | whitelist ${HOME}/.local/share/gnome-nibbles |
16 | allow /usr/share/gnome-nibbles | 16 | whitelist /usr/share/gnome-nibbles |
17 | 17 | ||
18 | private-bin gnome-nibbles | 18 | private-bin gnome-nibbles |
19 | 19 | ||
diff --git a/etc/profile-a-l/gnome-passwordsafe.profile b/etc/profile-a-l/gnome-passwordsafe.profile index d2cf828cc..fee5f88b9 100644 --- a/etc/profile-a-l/gnome-passwordsafe.profile +++ b/etc/profile-a-l/gnome-passwordsafe.profile | |||
@@ -6,14 +6,14 @@ include gnome-passwordsafe.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${HOME}/*.kdb | 10 | noblacklist ${HOME}/*.kdb |
11 | nodeny ${HOME}/*.kdbx | 11 | noblacklist ${HOME}/*.kdbx |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python3.inc | 14 | include allow-python3.inc |
15 | 15 | ||
16 | deny /usr/libexec | 16 | blacklist /usr/libexec |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -24,8 +24,8 @@ include disable-programs.inc | |||
24 | include disable-shell.inc | 24 | include disable-shell.inc |
25 | include disable-xdg.inc | 25 | include disable-xdg.inc |
26 | 26 | ||
27 | allow /usr/share/cracklib | 27 | whitelist /usr/share/cracklib |
28 | allow /usr/share/passwordsafe | 28 | whitelist /usr/share/passwordsafe |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-photos.profile b/etc/profile-a-l/gnome-photos.profile index 3702da2c7..58bf3f349 100644 --- a/etc/profile-a-l/gnome-photos.profile +++ b/etc/profile-a-l/gnome-photos.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
10 | 10 | ||
11 | nodeny ${HOME}/.local/share/gnome-photos | 11 | noblacklist ${HOME}/.local/share/gnome-photos |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gnome-pie.profile b/etc/profile-a-l/gnome-pie.profile index e9ae2bcb0..41903b136 100644 --- a/etc/profile-a-l/gnome-pie.profile +++ b/etc/profile-a-l/gnome-pie.profile | |||
@@ -6,7 +6,7 @@ include gnome-pie.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gnome-pie | 9 | noblacklist ${HOME}/.config/gnome-pie |
10 | 10 | ||
11 | #include disable-common.inc | 11 | #include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gnome-pomodoro.profile b/etc/profile-a-l/gnome-pomodoro.profile index bec23910c..c2ba7556d 100644 --- a/etc/profile-a-l/gnome-pomodoro.profile +++ b/etc/profile-a-l/gnome-pomodoro.profile | |||
@@ -6,7 +6,7 @@ include gnome-pomodoro.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/gnome-pomodoro | 9 | noblacklist ${HOME}/.local/share/gnome-pomodoro |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.local/share/gnome-pomodoro | 19 | mkdir ${HOME}/.local/share/gnome-pomodoro |
20 | allow ${HOME}/.local/share/gnome-pomodoro | 20 | whitelist ${HOME}/.local/share/gnome-pomodoro |
21 | allow /usr/share/gnome-pomodoro | 21 | whitelist /usr/share/gnome-pomodoro |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/gnome-recipes.profile b/etc/profile-a-l/gnome-recipes.profile index 5ef33fdd8..48c98ebe0 100644 --- a/etc/profile-a-l/gnome-recipes.profile +++ b/etc/profile-a-l/gnome-recipes.profile | |||
@@ -7,8 +7,8 @@ include gnome-recipes.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | 9 | ||
10 | nodeny ${HOME}/.cache/gnome-recipes | 10 | noblacklist ${HOME}/.cache/gnome-recipes |
11 | nodeny ${HOME}/.local/share/gnome-recipes | 11 | noblacklist ${HOME}/.local/share/gnome-recipes |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-shell.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.cache/gnome-recipes | 21 | mkdir ${HOME}/.cache/gnome-recipes |
22 | mkdir ${HOME}/.local/share/gnome-recipes | 22 | mkdir ${HOME}/.local/share/gnome-recipes |
23 | allow ${HOME}/.cache/gnome-recipes | 23 | whitelist ${HOME}/.cache/gnome-recipes |
24 | allow ${HOME}/.local/share/gnome-recipes | 24 | whitelist ${HOME}/.local/share/gnome-recipes |
25 | allow /usr/share/gnome-recipes | 25 | whitelist /usr/share/gnome-recipes |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-ring.profile b/etc/profile-a-l/gnome-ring.profile index b34d264f4..78ceb9c4f 100644 --- a/etc/profile-a-l/gnome-ring.profile +++ b/etc/profile-a-l/gnome-ring.profile | |||
@@ -5,7 +5,7 @@ include gnome-ring.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.local/share/gnome-ring | 8 | noblacklist ${HOME}/.local/share/gnome-ring |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gnome-robots.profile b/etc/profile-a-l/gnome-robots.profile index 836d4e2b2..8835f2b93 100644 --- a/etc/profile-a-l/gnome-robots.profile +++ b/etc/profile-a-l/gnome-robots.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | ignore machine-id | 9 | ignore machine-id |
10 | ignore nosound | 10 | ignore nosound |
11 | 11 | ||
12 | allow /usr/share/gnome-robots | 12 | whitelist /usr/share/gnome-robots |
13 | 13 | ||
14 | private-bin gnome-robots | 14 | private-bin gnome-robots |
15 | 15 | ||
diff --git a/etc/profile-a-l/gnome-schedule.profile b/etc/profile-a-l/gnome-schedule.profile index 146f8bc4e..69c90b33d 100644 --- a/etc/profile-a-l/gnome-schedule.profile +++ b/etc/profile-a-l/gnome-schedule.profile | |||
@@ -6,17 +6,17 @@ include gnome-schedule.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.gnome/gnome-schedule | 9 | noblacklist ${HOME}/.gnome/gnome-schedule |
10 | 10 | ||
11 | # Needs at and crontab to read/write user cron | 11 | # Needs at and crontab to read/write user cron |
12 | nodeny ${PATH}/at | 12 | noblacklist ${PATH}/at |
13 | nodeny ${PATH}/crontab | 13 | noblacklist ${PATH}/crontab |
14 | 14 | ||
15 | # Needs access to these files/dirs | 15 | # Needs access to these files/dirs |
16 | nodeny /etc/cron.allow | 16 | noblacklist /etc/cron.allow |
17 | nodeny /etc/cron.deny | 17 | noblacklist /etc/cron.deny |
18 | nodeny /etc/shadow | 18 | noblacklist /etc/shadow |
19 | nodeny /var/spool/cron | 19 | noblacklist /var/spool/cron |
20 | 20 | ||
21 | # cron job testing needs a terminal, resulting in sandbox escape (see disable-common.inc) | 21 | # cron job testing needs a terminal, resulting in sandbox escape (see disable-common.inc) |
22 | # add 'noblacklist ${PATH}/your-terminal' to gnome-schedule.local if you need that functionality | 22 | # add 'noblacklist ${PATH}/your-terminal' to gnome-schedule.local if you need that functionality |
@@ -34,10 +34,10 @@ include disable-programs.inc | |||
34 | include disable-xdg.inc | 34 | include disable-xdg.inc |
35 | 35 | ||
36 | mkfile ${HOME}/.gnome/gnome-schedule | 36 | mkfile ${HOME}/.gnome/gnome-schedule |
37 | allow ${HOME}/.gnome/gnome-schedule | 37 | whitelist ${HOME}/.gnome/gnome-schedule |
38 | allow /usr/share/gnome-schedule | 38 | whitelist /usr/share/gnome-schedule |
39 | allow /var/spool/atd | 39 | whitelist /var/spool/atd |
40 | allow /var/spool/cron | 40 | whitelist /var/spool/cron |
41 | include whitelist-common.inc | 41 | include whitelist-common.inc |
42 | include whitelist-runuser-common.inc | 42 | include whitelist-runuser-common.inc |
43 | include whitelist-usr-share-common.inc | 43 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnome-screenshot.profile b/etc/profile-a-l/gnome-screenshot.profile index 175549e99..b683b6f6c 100644 --- a/etc/profile-a-l/gnome-screenshot.profile +++ b/etc/profile-a-l/gnome-screenshot.profile | |||
@@ -6,8 +6,8 @@ include gnome-screenshot.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | nodeny ${HOME}/.cache/gnome-screenshot | 10 | noblacklist ${HOME}/.cache/gnome-screenshot |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gnome-sound-recorder.profile b/etc/profile-a-l/gnome-sound-recorder.profile index c2fb14fa4..34f5fdeff 100644 --- a/etc/profile-a-l/gnome-sound-recorder.profile +++ b/etc/profile-a-l/gnome-sound-recorder.profile | |||
@@ -6,8 +6,8 @@ include gnome-sound-recorder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | nodeny ${HOME}/.local/share/Trash | 10 | noblacklist ${HOME}/.local/share/Trash |
11 | 11 | ||
12 | # Allow gjs (blacklisted by disable-interpreters.inc) | 12 | # Allow gjs (blacklisted by disable-interpreters.inc) |
13 | include allow-gjs.inc | 13 | include allow-gjs.inc |
diff --git a/etc/profile-a-l/gnome-sudoku.profile b/etc/profile-a-l/gnome-sudoku.profile index 3b7835e52..12fd48a86 100644 --- a/etc/profile-a-l/gnome-sudoku.profile +++ b/etc/profile-a-l/gnome-sudoku.profile | |||
@@ -6,10 +6,10 @@ include gnome-sudoku.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/gnome-sudoku | 9 | noblacklist ${HOME}/.local/share/gnome-sudoku |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/gnome-sudoku | 11 | mkdir ${HOME}/.local/share/gnome-sudoku |
12 | allow ${HOME}/.local/share/gnome-sudoku | 12 | whitelist ${HOME}/.local/share/gnome-sudoku |
13 | 13 | ||
14 | private-bin gnome-sudoku | 14 | private-bin gnome-sudoku |
15 | 15 | ||
diff --git a/etc/profile-a-l/gnome-system-log.profile b/etc/profile-a-l/gnome-system-log.profile index 6978f7cab..8a818695d 100644 --- a/etc/profile-a-l/gnome-system-log.profile +++ b/etc/profile-a-l/gnome-system-log.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /var/log | 18 | whitelist /var/log |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gnome-taquin.profile b/etc/profile-a-l/gnome-taquin.profile index ac87cf70f..2341334f7 100644 --- a/etc/profile-a-l/gnome-taquin.profile +++ b/etc/profile-a-l/gnome-taquin.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | ignore machine-id | 9 | ignore machine-id |
10 | ignore nosound | 10 | ignore nosound |
11 | 11 | ||
12 | allow /usr/share/gnome-taquin | 12 | whitelist /usr/share/gnome-taquin |
13 | 13 | ||
14 | private-bin gnome-taquin | 14 | private-bin gnome-taquin |
15 | 15 | ||
diff --git a/etc/profile-a-l/gnome-todo.profile b/etc/profile-a-l/gnome-todo.profile index 092fd58a3..3b147cd48 100644 --- a/etc/profile-a-l/gnome-todo.profile +++ b/etc/profile-a-l/gnome-todo.profile | |||
@@ -18,7 +18,7 @@ include disable-programs.inc | |||
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | allow /usr/share/gnome-todo | 21 | whitelist /usr/share/gnome-todo |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/gnome-twitch.profile b/etc/profile-a-l/gnome-twitch.profile index d76872ea6..b8ec195d3 100644 --- a/etc/profile-a-l/gnome-twitch.profile +++ b/etc/profile-a-l/gnome-twitch.profile | |||
@@ -6,8 +6,8 @@ include gnome-twitch.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/gnome-twitch | 9 | noblacklist ${HOME}/.cache/gnome-twitch |
10 | nodeny ${HOME}/.local/share/gnome-twitch | 10 | noblacklist ${HOME}/.local/share/gnome-twitch |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.cache/gnome-twitch | 19 | mkdir ${HOME}/.cache/gnome-twitch |
20 | mkdir ${HOME}/.local/share/gnome-twitch | 20 | mkdir ${HOME}/.local/share/gnome-twitch |
21 | allow ${HOME}/.cache/gnome-twitch | 21 | whitelist ${HOME}/.cache/gnome-twitch |
22 | allow ${HOME}/.local/share/gnome-twitch | 22 | whitelist ${HOME}/.local/share/gnome-twitch |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | 24 | ||
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-a-l/gnome-weather.profile b/etc/profile-a-l/gnome-weather.profile index 6f557ff8d..2e08fa41d 100644 --- a/etc/profile-a-l/gnome-weather.profile +++ b/etc/profile-a-l/gnome-weather.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them | 9 | # when gjs apps are started via gnome-shell, firejail is not applied because systemd will start them |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/libgweather | 11 | noblacklist ${HOME}/.cache/libgweather |
12 | 12 | ||
13 | # Allow gjs (blacklisted by disable-interpreters.inc) | 13 | # Allow gjs (blacklisted by disable-interpreters.inc) |
14 | include allow-gjs.inc | 14 | include allow-gjs.inc |
diff --git a/etc/profile-a-l/gnote.profile b/etc/profile-a-l/gnote.profile index 261efefac..c3014a288 100644 --- a/etc/profile-a-l/gnote.profile +++ b/etc/profile-a-l/gnote.profile | |||
@@ -6,8 +6,8 @@ include gnote.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gnote | 9 | noblacklist ${HOME}/.config/gnote |
10 | nodeny ${HOME}/.local/share/gnote | 10 | noblacklist ${HOME}/.local/share/gnote |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.config/gnote | 21 | mkdir ${HOME}/.config/gnote |
22 | mkdir ${HOME}/.local/share/gnote | 22 | mkdir ${HOME}/.local/share/gnote |
23 | allow ${HOME}/.config/gnote | 23 | whitelist ${HOME}/.config/gnote |
24 | allow ${HOME}/.local/share/gnote | 24 | whitelist ${HOME}/.local/share/gnote |
25 | allow /usr/share/gnote | 25 | whitelist /usr/share/gnote |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gnubik.profile b/etc/profile-a-l/gnubik.profile index e6fbca26f..22851ce9f 100644 --- a/etc/profile-a-l/gnubik.profile +++ b/etc/profile-a-l/gnubik.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/gnubik | 18 | whitelist /usr/share/gnubik |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/godot.profile b/etc/profile-a-l/godot.profile index f35a53ca4..09ca17caa 100644 --- a/etc/profile-a-l/godot.profile +++ b/etc/profile-a-l/godot.profile | |||
@@ -6,9 +6,9 @@ include godot.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/godot | 9 | noblacklist ${HOME}/.cache/godot |
10 | nodeny ${HOME}/.config/godot | 10 | noblacklist ${HOME}/.config/godot |
11 | nodeny ${HOME}/.local/share/godot | 11 | noblacklist ${HOME}/.local/share/godot |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/goobox.profile b/etc/profile-a-l/goobox.profile index 95dd41c2a..8399d77c4 100644 --- a/etc/profile-a-l/goobox.profile +++ b/etc/profile-a-l/goobox.profile | |||
@@ -6,7 +6,7 @@ include goobox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/google-chrome-beta.profile b/etc/profile-a-l/google-chrome-beta.profile index 07f0e587d..ebe5e870b 100644 --- a/etc/profile-a-l/google-chrome-beta.profile +++ b/etc/profile-a-l/google-chrome-beta.profile | |||
@@ -10,19 +10,19 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/google-chrome-beta | 13 | noblacklist ${HOME}/.cache/google-chrome-beta |
14 | nodeny ${HOME}/.config/google-chrome-beta | 14 | noblacklist ${HOME}/.config/google-chrome-beta |
15 | 15 | ||
16 | nodeny ${HOME}/.config/chrome-beta-flags.conf | 16 | noblacklist ${HOME}/.config/chrome-beta-flags.conf |
17 | nodeny ${HOME}/.config/chrome-beta-flags.config | 17 | noblacklist ${HOME}/.config/chrome-beta-flags.config |
18 | 18 | ||
19 | mkdir ${HOME}/.cache/google-chrome-beta | 19 | mkdir ${HOME}/.cache/google-chrome-beta |
20 | mkdir ${HOME}/.config/google-chrome-beta | 20 | mkdir ${HOME}/.config/google-chrome-beta |
21 | allow ${HOME}/.cache/google-chrome-beta | 21 | whitelist ${HOME}/.cache/google-chrome-beta |
22 | allow ${HOME}/.config/google-chrome-beta | 22 | whitelist ${HOME}/.config/google-chrome-beta |
23 | 23 | ||
24 | allow ${HOME}/.config/chrome-beta-flags.conf | 24 | whitelist ${HOME}/.config/chrome-beta-flags.conf |
25 | allow ${HOME}/.config/chrome-beta-flags.config | 25 | whitelist ${HOME}/.config/chrome-beta-flags.config |
26 | 26 | ||
27 | # Redirect | 27 | # Redirect |
28 | include chromium-common.profile | 28 | include chromium-common.profile |
diff --git a/etc/profile-a-l/google-chrome-unstable.profile b/etc/profile-a-l/google-chrome-unstable.profile index 229904411..4d303f71b 100644 --- a/etc/profile-a-l/google-chrome-unstable.profile +++ b/etc/profile-a-l/google-chrome-unstable.profile | |||
@@ -10,19 +10,19 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/google-chrome-unstable | 13 | noblacklist ${HOME}/.cache/google-chrome-unstable |
14 | nodeny ${HOME}/.config/google-chrome-unstable | 14 | noblacklist ${HOME}/.config/google-chrome-unstable |
15 | 15 | ||
16 | nodeny ${HOME}/.config/chrome-unstable-flags.conf | 16 | noblacklist ${HOME}/.config/chrome-unstable-flags.conf |
17 | nodeny ${HOME}/.config/chrome-unstable-flags.config | 17 | noblacklist ${HOME}/.config/chrome-unstable-flags.config |
18 | 18 | ||
19 | mkdir ${HOME}/.cache/google-chrome-unstable | 19 | mkdir ${HOME}/.cache/google-chrome-unstable |
20 | mkdir ${HOME}/.config/google-chrome-unstable | 20 | mkdir ${HOME}/.config/google-chrome-unstable |
21 | allow ${HOME}/.cache/google-chrome-unstable | 21 | whitelist ${HOME}/.cache/google-chrome-unstable |
22 | allow ${HOME}/.config/google-chrome-unstable | 22 | whitelist ${HOME}/.config/google-chrome-unstable |
23 | 23 | ||
24 | allow ${HOME}/.config/chrome-unstable-flags.conf | 24 | whitelist ${HOME}/.config/chrome-unstable-flags.conf |
25 | allow ${HOME}/.config/chrome-unstable-flags.config | 25 | whitelist ${HOME}/.config/chrome-unstable-flags.config |
26 | 26 | ||
27 | # Redirect | 27 | # Redirect |
28 | include chromium-common.profile | 28 | include chromium-common.profile |
diff --git a/etc/profile-a-l/google-chrome.profile b/etc/profile-a-l/google-chrome.profile index f61642f17..ed2595f72 100644 --- a/etc/profile-a-l/google-chrome.profile +++ b/etc/profile-a-l/google-chrome.profile | |||
@@ -10,19 +10,19 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/google-chrome | 13 | noblacklist ${HOME}/.cache/google-chrome |
14 | nodeny ${HOME}/.config/google-chrome | 14 | noblacklist ${HOME}/.config/google-chrome |
15 | 15 | ||
16 | nodeny ${HOME}/.config/chrome-flags.conf | 16 | noblacklist ${HOME}/.config/chrome-flags.conf |
17 | nodeny ${HOME}/.config/chrome-flags.config | 17 | noblacklist ${HOME}/.config/chrome-flags.config |
18 | 18 | ||
19 | mkdir ${HOME}/.cache/google-chrome | 19 | mkdir ${HOME}/.cache/google-chrome |
20 | mkdir ${HOME}/.config/google-chrome | 20 | mkdir ${HOME}/.config/google-chrome |
21 | allow ${HOME}/.cache/google-chrome | 21 | whitelist ${HOME}/.cache/google-chrome |
22 | allow ${HOME}/.config/google-chrome | 22 | whitelist ${HOME}/.config/google-chrome |
23 | 23 | ||
24 | allow ${HOME}/.config/chrome-flags.conf | 24 | whitelist ${HOME}/.config/chrome-flags.conf |
25 | allow ${HOME}/.config/chrome-flags.config | 25 | whitelist ${HOME}/.config/chrome-flags.config |
26 | 26 | ||
27 | # Redirect | 27 | # Redirect |
28 | include chromium-common.profile | 28 | include chromium-common.profile |
diff --git a/etc/profile-a-l/google-earth.profile b/etc/profile-a-l/google-earth.profile index 6039f7cbd..65ac04771 100644 --- a/etc/profile-a-l/google-earth.profile +++ b/etc/profile-a-l/google-earth.profile | |||
@@ -5,8 +5,8 @@ include google-earth.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/Google | 8 | noblacklist ${HOME}/.config/Google |
9 | nodeny ${HOME}/.googleearth | 9 | noblacklist ${HOME}/.googleearth |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | mkdir ${HOME}/.config/Google | 18 | mkdir ${HOME}/.config/Google |
19 | mkdir ${HOME}/.googleearth | 19 | mkdir ${HOME}/.googleearth |
20 | allow ${HOME}/.config/Google | 20 | whitelist ${HOME}/.config/Google |
21 | allow ${HOME}/.googleearth | 21 | whitelist ${HOME}/.googleearth |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-a-l/google-play-music-desktop-player.profile b/etc/profile-a-l/google-play-music-desktop-player.profile index fdb65b93c..a7aabe105 100644 --- a/etc/profile-a-l/google-play-music-desktop-player.profile +++ b/etc/profile-a-l/google-play-music-desktop-player.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | # noexec /tmp breaks mpris support | 8 | # noexec /tmp breaks mpris support |
9 | ignore noexec /tmp | 9 | ignore noexec /tmp |
10 | 10 | ||
11 | nodeny ${HOME}/.config/Google Play Music Desktop Player | 11 | noblacklist ${HOME}/.config/Google Play Music Desktop Player |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,7 +20,7 @@ include disable-programs.inc | |||
20 | mkdir ${HOME}/.config/Google Play Music Desktop Player | 20 | mkdir ${HOME}/.config/Google Play Music Desktop Player |
21 | # whitelist ${HOME}/.config/pulse | 21 | # whitelist ${HOME}/.config/pulse |
22 | # whitelist ${HOME}/.pulse | 22 | # whitelist ${HOME}/.pulse |
23 | allow ${HOME}/.config/Google Play Music Desktop Player | 23 | whitelist ${HOME}/.config/Google Play Music Desktop Player |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | 25 | ||
26 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/profile-a-l/googler-common.profile b/etc/profile-a-l/googler-common.profile index 952c9c1d4..2d0bce52b 100644 --- a/etc/profile-a-l/googler-common.profile +++ b/etc/profile-a-l/googler-common.profile | |||
@@ -7,10 +7,10 @@ include googler-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | nodeny ${HOME}/.w3m | 13 | noblacklist ${HOME}/.w3m |
14 | 14 | ||
15 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 15 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
16 | include allow-bin-sh.inc | 16 | include allow-bin-sh.inc |
@@ -26,7 +26,7 @@ include disable-programs.inc | |||
26 | include disable-shell.inc | 26 | include disable-shell.inc |
27 | include disable-xdg.inc | 27 | include disable-xdg.inc |
28 | 28 | ||
29 | allow ${HOME}/.w3m | 29 | whitelist ${HOME}/.w3m |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
diff --git a/etc/profile-a-l/gpa.profile b/etc/profile-a-l/gpa.profile index 9b8da361b..37b4f0b1c 100644 --- a/etc/profile-a-l/gpa.profile +++ b/etc/profile-a-l/gpa.profile | |||
@@ -6,7 +6,7 @@ include gpa.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.gnupg | 9 | noblacklist ${HOME}/.gnupg |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gpg-agent.profile b/etc/profile-a-l/gpg-agent.profile index 5fa66bb55..7f0b614b1 100644 --- a/etc/profile-a-l/gpg-agent.profile +++ b/etc/profile-a-l/gpg-agent.profile | |||
@@ -7,10 +7,10 @@ include gpg-agent.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | 11 | ||
12 | deny /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | deny ${RUNUSER}/wayland-* | 13 | blacklist ${RUNUSER}/wayland-* |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -20,11 +20,11 @@ include disable-programs.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.gnupg | 22 | mkdir ${HOME}/.gnupg |
23 | allow ${HOME}/.gnupg | 23 | whitelist ${HOME}/.gnupg |
24 | allow ${RUNUSER}/gnupg | 24 | whitelist ${RUNUSER}/gnupg |
25 | allow ${RUNUSER}/keyring | 25 | whitelist ${RUNUSER}/keyring |
26 | allow /usr/share/gnupg | 26 | whitelist /usr/share/gnupg |
27 | allow /usr/share/gnupg2 | 27 | whitelist /usr/share/gnupg2 |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gpg.profile b/etc/profile-a-l/gpg.profile index 2ad896abe..4a4d6527c 100644 --- a/etc/profile-a-l/gpg.profile +++ b/etc/profile-a-l/gpg.profile | |||
@@ -7,10 +7,10 @@ include gpg.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | 11 | ||
12 | deny /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | deny ${RUNUSER}/wayland-* | 13 | blacklist ${RUNUSER}/wayland-* |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -18,11 +18,11 @@ include disable-interpreters.inc | |||
18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | 20 | ||
21 | allow ${RUNUSER}/gnupg | 21 | whitelist ${RUNUSER}/gnupg |
22 | allow ${RUNUSER}/keyring | 22 | whitelist ${RUNUSER}/keyring |
23 | allow /usr/share/gnupg | 23 | whitelist /usr/share/gnupg |
24 | allow /usr/share/gnupg2 | 24 | whitelist /usr/share/gnupg2 |
25 | allow /usr/share/pacman/keyrings | 25 | whitelist /usr/share/pacman/keyrings |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gpicview.profile b/etc/profile-a-l/gpicview.profile index 0552dc3d7..fa53c26c8 100644 --- a/etc/profile-a-l/gpicview.profile +++ b/etc/profile-a-l/gpicview.profile | |||
@@ -6,7 +6,7 @@ include gpicview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gpicview | 9 | noblacklist ${HOME}/.config/gpicview |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | allow /usr/share/gpicview | 19 | whitelist /usr/share/gpicview |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-a-l/gpredict.profile b/etc/profile-a-l/gpredict.profile index c9e62a73f..253d644f1 100644 --- a/etc/profile-a-l/gpredict.profile +++ b/etc/profile-a-l/gpredict.profile | |||
@@ -6,7 +6,7 @@ include gpredict.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Gpredict | 9 | noblacklist ${HOME}/.config/Gpredict |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.config/Gpredict | 19 | mkdir ${HOME}/.config/Gpredict |
20 | allow ${HOME}/.config/Gpredict | 20 | whitelist ${HOME}/.config/Gpredict |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-a-l/gradio.profile b/etc/profile-a-l/gradio.profile index 2aebe2338..2b4c536d2 100644 --- a/etc/profile-a-l/gradio.profile +++ b/etc/profile-a-l/gradio.profile | |||
@@ -5,8 +5,8 @@ include gradio.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/gradio | 8 | noblacklist ${HOME}/.cache/gradio |
9 | nodeny ${HOME}/.local/share/gradio | 9 | noblacklist ${HOME}/.local/share/gradio |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.cache/gradio | 19 | mkdir ${HOME}/.cache/gradio |
20 | mkdir ${HOME}/.local/share/gradio | 20 | mkdir ${HOME}/.local/share/gradio |
21 | allow ${HOME}/.cache/gradio | 21 | whitelist ${HOME}/.cache/gradio |
22 | allow ${HOME}/.local/share/gradio | 22 | whitelist ${HOME}/.local/share/gradio |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gramps.profile b/etc/profile-a-l/gramps.profile index 53f0baccb..c7e0c2977 100644 --- a/etc/profile-a-l/gramps.profile +++ b/etc/profile-a-l/gramps.profile | |||
@@ -6,7 +6,7 @@ include gramps.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.gramps | 9 | noblacklist ${HOME}/.gramps |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | #include allow-python2.inc | 12 | #include allow-python2.inc |
@@ -21,7 +21,7 @@ include disable-programs.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.gramps | 23 | mkdir ${HOME}/.gramps |
24 | allow ${HOME}/.gramps | 24 | whitelist ${HOME}/.gramps |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile index ecc871c2e..890ba2560 100644 --- a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile +++ b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/gravity-beams-and-evaporating-stars | 18 | whitelist /usr/share/gravity-beams-and-evaporating-stars |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/gthumb.profile b/etc/profile-a-l/gthumb.profile index 9a4f7b4fb..5927e8c4d 100644 --- a/etc/profile-a-l/gthumb.profile +++ b/etc/profile-a-l/gthumb.profile | |||
@@ -6,9 +6,9 @@ include gthumb.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/gthumb | 9 | noblacklist ${HOME}/.config/gthumb |
10 | nodeny ${HOME}/.Steam | 10 | noblacklist ${HOME}/.Steam |
11 | nodeny ${HOME}/.steam | 11 | noblacklist ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gtk-update-icon-cache.profile b/etc/profile-a-l/gtk-update-icon-cache.profile index d6bb9902a..c8addae75 100644 --- a/etc/profile-a-l/gtk-update-icon-cache.profile +++ b/etc/profile-a-l/gtk-update-icon-cache.profile | |||
@@ -7,7 +7,7 @@ include gtk-update-icon-cache.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gtk2-youtube-viewer.profile b/etc/profile-a-l/gtk2-youtube-viewer.profile index 8241de43a..787c7bd90 100644 --- a/etc/profile-a-l/gtk2-youtube-viewer.profile +++ b/etc/profile-a-l/gtk2-youtube-viewer.profile | |||
@@ -8,8 +8,8 @@ include gtk2-youtube-viewer.local | |||
8 | 8 | ||
9 | ignore quiet | 9 | ignore quiet |
10 | 10 | ||
11 | nodeny /tmp/.X11-unix | 11 | noblacklist /tmp/.X11-unix |
12 | nodeny ${RUNUSER} | 12 | noblacklist ${RUNUSER} |
13 | 13 | ||
14 | include whitelist-runuser-common.inc | 14 | include whitelist-runuser-common.inc |
15 | 15 | ||
diff --git a/etc/profile-a-l/gtk3-youtube-viewer.profile b/etc/profile-a-l/gtk3-youtube-viewer.profile index 6ea4ebbdc..988882622 100644 --- a/etc/profile-a-l/gtk3-youtube-viewer.profile +++ b/etc/profile-a-l/gtk3-youtube-viewer.profile | |||
@@ -8,8 +8,8 @@ include gtk3-youtube-viewer.local | |||
8 | 8 | ||
9 | ignore quiet | 9 | ignore quiet |
10 | 10 | ||
11 | nodeny /tmp/.X11-unix | 11 | noblacklist /tmp/.X11-unix |
12 | nodeny ${RUNUSER} | 12 | noblacklist ${RUNUSER} |
13 | 13 | ||
14 | include whitelist-runuser-common.inc | 14 | include whitelist-runuser-common.inc |
15 | 15 | ||
diff --git a/etc/profile-a-l/guayadeque.profile b/etc/profile-a-l/guayadeque.profile index 731bcad1d..3d2b71e9d 100644 --- a/etc/profile-a-l/guayadeque.profile +++ b/etc/profile-a-l/guayadeque.profile | |||
@@ -5,8 +5,8 @@ include guayadeque.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.guayadeque | 8 | noblacklist ${HOME}/.guayadeque |
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gummi.profile b/etc/profile-a-l/gummi.profile index 5cdc2cc18..2223c37a1 100644 --- a/etc/profile-a-l/gummi.profile +++ b/etc/profile-a-l/gummi.profile | |||
@@ -5,8 +5,8 @@ include gummi.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/gummi | 8 | noblacklist ${HOME}/.cache/gummi |
9 | nodeny ${HOME}/.config/gummi | 9 | noblacklist ${HOME}/.config/gummi |
10 | 10 | ||
11 | # Allow lua (blacklisted by disable-interpreters.inc) | 11 | # Allow lua (blacklisted by disable-interpreters.inc) |
12 | include allow-lua.inc | 12 | include allow-lua.inc |
diff --git a/etc/profile-a-l/guvcview.profile b/etc/profile-a-l/guvcview.profile index 3404f5177..9221ca31c 100644 --- a/etc/profile-a-l/guvcview.profile +++ b/etc/profile-a-l/guvcview.profile | |||
@@ -6,10 +6,10 @@ include guvcview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/guvcview2 | 9 | noblacklist ${HOME}/.config/guvcview2 |
10 | 10 | ||
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | nodeny ${VIDEOS} | 12 | noblacklist ${VIDEOS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -21,9 +21,9 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.config/guvcview2 | 23 | mkdir ${HOME}/.config/guvcview2 |
24 | allow ${HOME}/.config/guvcview2 | 24 | whitelist ${HOME}/.config/guvcview2 |
25 | allow ${PICTURES} | 25 | whitelist ${PICTURES} |
26 | allow ${VIDEOS} | 26 | whitelist ${VIDEOS} |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/gwenview.profile b/etc/profile-a-l/gwenview.profile index 132b5a2e2..d33e2a673 100644 --- a/etc/profile-a-l/gwenview.profile +++ b/etc/profile-a-l/gwenview.profile | |||
@@ -6,17 +6,17 @@ include gwenview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/GIMP | 9 | noblacklist ${HOME}/.config/GIMP |
10 | nodeny ${HOME}/.config/gwenviewrc | 10 | noblacklist ${HOME}/.config/gwenviewrc |
11 | nodeny ${HOME}/.config/org.kde.gwenviewrc | 11 | noblacklist ${HOME}/.config/org.kde.gwenviewrc |
12 | nodeny ${HOME}/.gimp* | 12 | noblacklist ${HOME}/.gimp* |
13 | nodeny ${HOME}/.kde/share/apps/gwenview | 13 | noblacklist ${HOME}/.kde/share/apps/gwenview |
14 | nodeny ${HOME}/.kde/share/config/gwenviewrc | 14 | noblacklist ${HOME}/.kde/share/config/gwenviewrc |
15 | nodeny ${HOME}/.kde4/share/apps/gwenview | 15 | noblacklist ${HOME}/.kde4/share/apps/gwenview |
16 | nodeny ${HOME}/.kde4/share/config/gwenviewrc | 16 | noblacklist ${HOME}/.kde4/share/config/gwenviewrc |
17 | nodeny ${HOME}/.local/share/gwenview | 17 | noblacklist ${HOME}/.local/share/gwenview |
18 | nodeny ${HOME}/.local/share/kxmlgui5/gwenview | 18 | noblacklist ${HOME}/.local/share/kxmlgui5/gwenview |
19 | nodeny ${HOME}/.local/share/org.kde.gwenview | 19 | noblacklist ${HOME}/.local/share/org.kde.gwenview |
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
diff --git a/etc/profile-a-l/gzip.profile b/etc/profile-a-l/gzip.profile index 46c98bdc2..b261c16f4 100644 --- a/etc/profile-a-l/gzip.profile +++ b/etc/profile-a-l/gzip.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | 9 | ||
10 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop | 10 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop |
11 | # all capabilities this is automatically read-only. | 11 | # all capabilities this is automatically read-only. |
12 | nodeny /var/lib/pacman | 12 | noblacklist /var/lib/pacman |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include archiver-common.profile | 15 | include archiver-common.profile |
diff --git a/etc/profile-a-l/handbrake.profile b/etc/profile-a-l/handbrake.profile index c102ac4cb..847e1ec1e 100644 --- a/etc/profile-a-l/handbrake.profile +++ b/etc/profile-a-l/handbrake.profile | |||
@@ -6,9 +6,9 @@ include handbrake.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/ghb | 9 | noblacklist ${HOME}/.config/ghb |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | nodeny ${VIDEOS} | 11 | noblacklist ${VIDEOS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/hashcat.profile b/etc/profile-a-l/hashcat.profile index d98a1b554..aab4b0c21 100644 --- a/etc/profile-a-l/hashcat.profile +++ b/etc/profile-a-l/hashcat.profile | |||
@@ -7,11 +7,11 @@ include hashcat.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | nodeny ${HOME}/.hashcat | 12 | noblacklist ${HOME}/.hashcat |
13 | nodeny /usr/include | 13 | noblacklist /usr/include |
14 | nodeny ${DOCUMENTS} | 14 | noblacklist ${DOCUMENTS} |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/hasher-common.profile b/etc/profile-a-l/hasher-common.profile index 1c2a44e06..44584f26b 100644 --- a/etc/profile-a-l/hasher-common.profile +++ b/etc/profile-a-l/hasher-common.profile | |||
@@ -4,7 +4,7 @@ include hasher-common.local | |||
4 | 4 | ||
5 | # common profile for hasher/checksum tools | 5 | # common profile for hasher/checksum tools |
6 | 6 | ||
7 | deny ${RUNUSER} | 7 | blacklist ${RUNUSER} |
8 | 8 | ||
9 | # Comment/uncomment the relevant include file(s) in your hasher-common.local | 9 | # Comment/uncomment the relevant include file(s) in your hasher-common.local |
10 | # to (un)restrict file access for **all** hashers. Another option is to do this **per hasher** | 10 | # to (un)restrict file access for **all** hashers. Another option is to do this **per hasher** |
diff --git a/etc/profile-a-l/hedgewars.profile b/etc/profile-a-l/hedgewars.profile index 90833af91..c0675d8ec 100644 --- a/etc/profile-a-l/hedgewars.profile +++ b/etc/profile-a-l/hedgewars.profile | |||
@@ -6,7 +6,7 @@ include hedgewars.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.hedgewars | 9 | noblacklist ${HOME}/.hedgewars |
10 | 10 | ||
11 | include allow-lua.inc | 11 | include allow-lua.inc |
12 | 12 | ||
@@ -17,7 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.hedgewars | 19 | mkdir ${HOME}/.hedgewars |
20 | allow ${HOME}/.hedgewars | 20 | whitelist ${HOME}/.hedgewars |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-a-l/hexchat.profile b/etc/profile-a-l/hexchat.profile index 993efb591..b887de147 100644 --- a/etc/profile-a-l/hexchat.profile +++ b/etc/profile-a-l/hexchat.profile | |||
@@ -6,7 +6,7 @@ include hexchat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/hexchat | 9 | noblacklist ${HOME}/.config/hexchat |
10 | 10 | ||
11 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 11 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
12 | include allow-bin-sh.inc | 12 | include allow-bin-sh.inc |
@@ -28,7 +28,7 @@ include disable-shell.inc | |||
28 | include disable-xdg.inc | 28 | include disable-xdg.inc |
29 | 29 | ||
30 | mkdir ${HOME}/.config/hexchat | 30 | mkdir ${HOME}/.config/hexchat |
31 | allow ${HOME}/.config/hexchat | 31 | whitelist ${HOME}/.config/hexchat |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-a-l/highlight.profile b/etc/profile-a-l/highlight.profile index 53db642dc..643736ac7 100644 --- a/etc/profile-a-l/highlight.profile +++ b/etc/profile-a-l/highlight.profile | |||
@@ -6,7 +6,7 @@ include highlight.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER} | 9 | blacklist ${RUNUSER} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/homebank.profile b/etc/profile-a-l/homebank.profile index ef259cc00..199b1a5e5 100644 --- a/etc/profile-a-l/homebank.profile +++ b/etc/profile-a-l/homebank.profile | |||
@@ -6,7 +6,7 @@ include homebank.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/homebank | 9 | noblacklist ${HOME}/.config/homebank |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/homebank | 20 | mkdir ${HOME}/.config/homebank |
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | allow ${HOME}/.config/homebank | 22 | whitelist ${HOME}/.config/homebank |
23 | allow /usr/share/homebank | 23 | whitelist /usr/share/homebank |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/host.profile b/etc/profile-a-l/host.profile index 63e1be259..00d9f7a76 100644 --- a/etc/profile-a-l/host.profile +++ b/etc/profile-a-l/host.profile | |||
@@ -7,8 +7,8 @@ include host.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | nodeny ${PATH}/host | 11 | noblacklist ${PATH}/host |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/hugin.profile b/etc/profile-a-l/hugin.profile index db5cd29cc..267712c87 100644 --- a/etc/profile-a-l/hugin.profile +++ b/etc/profile-a-l/hugin.profile | |||
@@ -6,9 +6,9 @@ include hugin.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.hugin | 9 | noblacklist ${HOME}/.hugin |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/hyperrogue.profile b/etc/profile-a-l/hyperrogue.profile index 1fb33ceb8..e66ffd7e1 100644 --- a/etc/profile-a-l/hyperrogue.profile +++ b/etc/profile-a-l/hyperrogue.profile | |||
@@ -6,7 +6,7 @@ include hyperrogue.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/hyperrogue.ini | 9 | noblacklist ${HOME}/hyperrogue.ini |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/hyperrogue.ini | 20 | mkfile ${HOME}/hyperrogue.ini |
21 | allow ${HOME}/hyperrogue.ini | 21 | whitelist ${HOME}/hyperrogue.ini |
22 | allow /usr/share/hyperrogue | 22 | whitelist /usr/share/hyperrogue |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/i2prouter.profile b/etc/profile-a-l/i2prouter.profile index c8a2e8a04..47c984175 100644 --- a/etc/profile-a-l/i2prouter.profile +++ b/etc/profile-a-l/i2prouter.profile | |||
@@ -14,12 +14,12 @@ include globals.local | |||
14 | # Only needed when i2prouter binary resides in home directory (official I2P java installer does so). | 14 | # Only needed when i2prouter binary resides in home directory (official I2P java installer does so). |
15 | ignore noexec ${HOME} | 15 | ignore noexec ${HOME} |
16 | 16 | ||
17 | nodeny ${HOME}/.config/i2p | 17 | noblacklist ${HOME}/.config/i2p |
18 | nodeny ${HOME}/.i2p | 18 | noblacklist ${HOME}/.i2p |
19 | nodeny ${HOME}/.local/share/i2p | 19 | noblacklist ${HOME}/.local/share/i2p |
20 | nodeny ${HOME}/i2p | 20 | noblacklist ${HOME}/i2p |
21 | # Only needed when wrapper resides in /usr/sbin/ (Ubuntu official I2P PPA package does so). | 21 | # Only needed when wrapper resides in /usr/sbin/ (Ubuntu official I2P PPA package does so). |
22 | nodeny /usr/sbin | 22 | noblacklist /usr/sbin |
23 | 23 | ||
24 | # Allow java (blacklisted by disable-devel.inc) | 24 | # Allow java (blacklisted by disable-devel.inc) |
25 | include allow-java.inc | 25 | include allow-java.inc |
@@ -36,12 +36,12 @@ mkdir ${HOME}/.config/i2p | |||
36 | mkdir ${HOME}/.i2p | 36 | mkdir ${HOME}/.i2p |
37 | mkdir ${HOME}/.local/share/i2p | 37 | mkdir ${HOME}/.local/share/i2p |
38 | mkdir ${HOME}/i2p | 38 | mkdir ${HOME}/i2p |
39 | allow ${HOME}/.config/i2p | 39 | whitelist ${HOME}/.config/i2p |
40 | allow ${HOME}/.i2p | 40 | whitelist ${HOME}/.i2p |
41 | allow ${HOME}/.local/share/i2p | 41 | whitelist ${HOME}/.local/share/i2p |
42 | allow ${HOME}/i2p | 42 | whitelist ${HOME}/i2p |
43 | # Only needed when wrapper resides in /usr/sbin/ (Ubuntu official I2P PPA package does so). | 43 | # Only needed when wrapper resides in /usr/sbin/ (Ubuntu official I2P PPA package does so). |
44 | allow /usr/sbin/wrapper* | 44 | whitelist /usr/sbin/wrapper* |
45 | 45 | ||
46 | include whitelist-common.inc | 46 | include whitelist-common.inc |
47 | 47 | ||
diff --git a/etc/profile-a-l/i3.profile b/etc/profile-a-l/i3.profile index 95ddad221..e96b1843c 100644 --- a/etc/profile-a-l/i3.profile +++ b/etc/profile-a-l/i3.profile | |||
@@ -7,7 +7,7 @@ include i3.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in i3 will run in this profile | 9 | # all applications started in i3 will run in this profile |
10 | nodeny ${HOME}/.config/i3 | 10 | noblacklist ${HOME}/.config/i3 |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/profile-a-l/icecat.profile b/etc/profile-a-l/icecat.profile index 0de2f658b..660343a29 100644 --- a/etc/profile-a-l/icecat.profile +++ b/etc/profile-a-l/icecat.profile | |||
@@ -5,13 +5,13 @@ include icecat.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/mozilla | 8 | noblacklist ${HOME}/.cache/mozilla |
9 | nodeny ${HOME}/.mozilla | 9 | noblacklist ${HOME}/.mozilla |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/mozilla/icecat | 11 | mkdir ${HOME}/.cache/mozilla/icecat |
12 | mkdir ${HOME}/.mozilla | 12 | mkdir ${HOME}/.mozilla |
13 | allow ${HOME}/.cache/mozilla/icecat | 13 | whitelist ${HOME}/.cache/mozilla/icecat |
14 | allow ${HOME}/.mozilla | 14 | whitelist ${HOME}/.mozilla |
15 | 15 | ||
16 | # private-etc must first be enabled in firefox-common.profile | 16 | # private-etc must first be enabled in firefox-common.profile |
17 | #private-etc icecat | 17 | #private-etc icecat |
diff --git a/etc/profile-a-l/icedove.profile b/etc/profile-a-l/icedove.profile index 0c22d87d0..19690cd5a 100644 --- a/etc/profile-a-l/icedove.profile +++ b/etc/profile-a-l/icedove.profile | |||
@@ -9,16 +9,16 @@ include icedove.local | |||
9 | # Users have icedove set to open a browser by clicking a link in an email | 9 | # Users have icedove set to open a browser by clicking a link in an email |
10 | # We are not allowed to blacklist browser-specific directories | 10 | # We are not allowed to blacklist browser-specific directories |
11 | 11 | ||
12 | nodeny ${HOME}/.cache/icedove | 12 | noblacklist ${HOME}/.cache/icedove |
13 | nodeny ${HOME}/.gnupg | 13 | noblacklist ${HOME}/.gnupg |
14 | nodeny ${HOME}/.icedove | 14 | noblacklist ${HOME}/.icedove |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/icedove | 16 | mkdir ${HOME}/.cache/icedove |
17 | mkdir ${HOME}/.gnupg | 17 | mkdir ${HOME}/.gnupg |
18 | mkdir ${HOME}/.icedove | 18 | mkdir ${HOME}/.icedove |
19 | allow ${HOME}/.cache/icedove | 19 | whitelist ${HOME}/.cache/icedove |
20 | allow ${HOME}/.gnupg | 20 | whitelist ${HOME}/.gnupg |
21 | allow ${HOME}/.icedove | 21 | whitelist ${HOME}/.icedove |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | ignore private-tmp | 24 | ignore private-tmp |
diff --git a/etc/profile-a-l/idea.sh.profile b/etc/profile-a-l/idea.sh.profile index 180b62ec2..680b8e777 100644 --- a/etc/profile-a-l/idea.sh.profile +++ b/etc/profile-a-l/idea.sh.profile | |||
@@ -5,12 +5,12 @@ include idea.sh.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.IdeaIC* | 8 | noblacklist ${HOME}/.IdeaIC* |
9 | nodeny ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
10 | nodeny ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
11 | nodeny ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
12 | nodeny ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
13 | nodeny ${HOME}/.tooling | 13 | noblacklist ${HOME}/.tooling |
14 | 14 | ||
15 | # Allows files commonly used by IDEs | 15 | # Allows files commonly used by IDEs |
16 | include allow-common-devel.inc | 16 | include allow-common-devel.inc |
diff --git a/etc/profile-a-l/imagej.profile b/etc/profile-a-l/imagej.profile index 5d28e7aca..12ce7976b 100644 --- a/etc/profile-a-l/imagej.profile +++ b/etc/profile-a-l/imagej.profile | |||
@@ -6,7 +6,7 @@ include imagej.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.imagej | 9 | noblacklist ${HOME}/.imagej |
10 | 10 | ||
11 | # Allow java (blacklisted by disable-devel.inc) | 11 | # Allow java (blacklisted by disable-devel.inc) |
12 | include allow-java.inc | 12 | include allow-java.inc |
diff --git a/etc/profile-a-l/img2txt.profile b/etc/profile-a-l/img2txt.profile index 70d56a7dc..c26958d06 100644 --- a/etc/profile-a-l/img2txt.profile +++ b/etc/profile-a-l/img2txt.profile | |||
@@ -5,10 +5,10 @@ include img2txt.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | deny ${RUNUSER}/wayland-* | 8 | blacklist ${RUNUSER}/wayland-* |
9 | 9 | ||
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-passwdmgr.inc | |||
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | allow /usr/share/imlib2 | 21 | whitelist /usr/share/imlib2 |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/impressive.profile b/etc/profile-a-l/impressive.profile index 4914cd9d0..c152be01c 100644 --- a/etc/profile-a-l/impressive.profile +++ b/etc/profile-a-l/impressive.profile | |||
@@ -6,9 +6,9 @@ include impressive.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny /sbin | 10 | noblacklist /sbin |
11 | nodeny /usr/sbin | 11 | noblacklist /usr/sbin |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | #include allow-python2.inc | 14 | #include allow-python2.inc |
@@ -23,8 +23,8 @@ include disable-programs.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.cache/mesa_shader_cache | 25 | mkdir ${HOME}/.cache/mesa_shader_cache |
26 | allow /usr/share/opengl-games-utils | 26 | whitelist /usr/share/opengl-games-utils |
27 | allow /usr/share/zenity | 27 | whitelist /usr/share/zenity |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
diff --git a/etc/profile-a-l/inkscape.profile b/etc/profile-a-l/inkscape.profile index 1a949b300..35dd86b32 100644 --- a/etc/profile-a-l/inkscape.profile +++ b/etc/profile-a-l/inkscape.profile | |||
@@ -6,14 +6,14 @@ include inkscape.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/inkscape | 9 | noblacklist ${HOME}/.cache/inkscape |
10 | nodeny ${HOME}/.config/inkscape | 10 | noblacklist ${HOME}/.config/inkscape |
11 | nodeny ${HOME}/.inkscape | 11 | noblacklist ${HOME}/.inkscape |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | nodeny ${PICTURES} | 13 | noblacklist ${PICTURES} |
14 | # Allow exporting .xcf files | 14 | # Allow exporting .xcf files |
15 | nodeny ${HOME}/.config/GIMP | 15 | noblacklist ${HOME}/.config/GIMP |
16 | nodeny ${HOME}/.gimp* | 16 | noblacklist ${HOME}/.gimp* |
17 | 17 | ||
18 | 18 | ||
19 | # Allow python (blacklisted by disable-interpreters.inc) | 19 | # Allow python (blacklisted by disable-interpreters.inc) |
@@ -28,7 +28,7 @@ include disable-passwdmgr.inc | |||
28 | include disable-programs.inc | 28 | include disable-programs.inc |
29 | include disable-xdg.inc | 29 | include disable-xdg.inc |
30 | 30 | ||
31 | allow /usr/share/inkscape | 31 | whitelist /usr/share/inkscape |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-a-l/inox.profile b/etc/profile-a-l/inox.profile index 1591ed7ea..a5cac12f2 100644 --- a/etc/profile-a-l/inox.profile +++ b/etc/profile-a-l/inox.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/inox | 13 | noblacklist ${HOME}/.cache/inox |
14 | nodeny ${HOME}/.config/inox | 14 | noblacklist ${HOME}/.config/inox |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/inox | 16 | mkdir ${HOME}/.cache/inox |
17 | mkdir ${HOME}/.config/inox | 17 | mkdir ${HOME}/.config/inox |
18 | allow ${HOME}/.cache/inox | 18 | whitelist ${HOME}/.cache/inox |
19 | allow ${HOME}/.config/inox | 19 | whitelist ${HOME}/.config/inox |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-a-l/iridium.profile b/etc/profile-a-l/iridium.profile index f361fd663..3037d00e9 100644 --- a/etc/profile-a-l/iridium.profile +++ b/etc/profile-a-l/iridium.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/iridium | 13 | noblacklist ${HOME}/.cache/iridium |
14 | nodeny ${HOME}/.config/iridium | 14 | noblacklist ${HOME}/.config/iridium |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/iridium | 16 | mkdir ${HOME}/.cache/iridium |
17 | mkdir ${HOME}/.config/iridium | 17 | mkdir ${HOME}/.config/iridium |
18 | allow ${HOME}/.cache/iridium | 18 | whitelist ${HOME}/.cache/iridium |
19 | allow ${HOME}/.config/iridium | 19 | whitelist ${HOME}/.config/iridium |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-a-l/itch.profile b/etc/profile-a-l/itch.profile index fa0bcf986..e02dcbdb1 100644 --- a/etc/profile-a-l/itch.profile +++ b/etc/profile-a-l/itch.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | # itch.io has native firejail/sandboxing support bundled in | 8 | # itch.io has native firejail/sandboxing support bundled in |
9 | # See https://itch.io/docs/itch/using/sandbox/linux.html | 9 | # See https://itch.io/docs/itch/using/sandbox/linux.html |
10 | 10 | ||
11 | nodeny ${HOME}/.itch | 11 | noblacklist ${HOME}/.itch |
12 | nodeny ${HOME}/.config/itch | 12 | noblacklist ${HOME}/.config/itch |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-programs.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.itch | 20 | mkdir ${HOME}/.itch |
21 | mkdir ${HOME}/.config/itch | 21 | mkdir ${HOME}/.config/itch |
22 | allow ${HOME}/.itch | 22 | whitelist ${HOME}/.itch |
23 | allow ${HOME}/.config/itch | 23 | whitelist ${HOME}/.config/itch |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | 25 | ||
26 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/profile-a-l/jami-gnome.profile b/etc/profile-a-l/jami-gnome.profile index e4be574df..3e9abf369 100644 --- a/etc/profile-a-l/jami-gnome.profile +++ b/etc/profile-a-l/jami-gnome.profile | |||
@@ -6,8 +6,8 @@ include jami-gnome.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/jami | 9 | noblacklist ${HOME}/.config/jami |
10 | nodeny ${HOME}/.local/share/jami | 10 | noblacklist ${HOME}/.local/share/jami |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.config/jami | 19 | mkdir ${HOME}/.config/jami |
20 | mkdir ${HOME}/.local/share/jami | 20 | mkdir ${HOME}/.local/share/jami |
21 | allow ${HOME}/.config/jami | 21 | whitelist ${HOME}/.config/jami |
22 | allow ${HOME}/.local/share/jami | 22 | whitelist ${HOME}/.local/share/jami |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
diff --git a/etc/profile-a-l/jd-gui.profile b/etc/profile-a-l/jd-gui.profile index bfea84c69..7d29f1068 100644 --- a/etc/profile-a-l/jd-gui.profile +++ b/etc/profile-a-l/jd-gui.profile | |||
@@ -5,7 +5,7 @@ include jd-gui.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/jd-gui.cfg | 8 | noblacklist ${HOME}/.config/jd-gui.cfg |
9 | 9 | ||
10 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
11 | include allow-java.inc | 11 | include allow-java.inc |
diff --git a/etc/profile-a-l/jerry.profile b/etc/profile-a-l/jerry.profile index c41027618..85b1f2120 100644 --- a/etc/profile-a-l/jerry.profile +++ b/etc/profile-a-l/jerry.profile | |||
@@ -6,7 +6,7 @@ include jerry.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/dkl | 9 | noblacklist ${HOME}/.config/dkl |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/jitsi-meet-desktop.profile b/etc/profile-a-l/jitsi-meet-desktop.profile index 9ca30c36d..edb7ed840 100644 --- a/etc/profile-a-l/jitsi-meet-desktop.profile +++ b/etc/profile-a-l/jitsi-meet-desktop.profile | |||
@@ -13,12 +13,12 @@ ignore shell none | |||
13 | 13 | ||
14 | ignore noexec /tmp | 14 | ignore noexec /tmp |
15 | 15 | ||
16 | nodeny ${HOME}/.config/Jitsi Meet | 16 | noblacklist ${HOME}/.config/Jitsi Meet |
17 | 17 | ||
18 | noallow ${DOWNLOADS} | 18 | nowhitelist ${DOWNLOADS} |
19 | 19 | ||
20 | mkdir ${HOME}/.config/Jitsi Meet | 20 | mkdir ${HOME}/.config/Jitsi Meet |
21 | allow ${HOME}/.config/Jitsi Meet | 21 | whitelist ${HOME}/.config/Jitsi Meet |
22 | 22 | ||
23 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],jitsi-meet-desktop,sh | 23 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],jitsi-meet-desktop,sh |
24 | private-etc alsa,alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,drirc,fonts,glvnd,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,nvidia,pango,passwd,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg | 24 | private-etc alsa,alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,drirc,fonts,glvnd,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,nvidia,pango,passwd,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg |
diff --git a/etc/profile-a-l/jitsi.profile b/etc/profile-a-l/jitsi.profile index f53e6ca32..223c360b8 100644 --- a/etc/profile-a-l/jitsi.profile +++ b/etc/profile-a-l/jitsi.profile | |||
@@ -5,7 +5,7 @@ include jitsi.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.jitsi | 8 | noblacklist ${HOME}/.jitsi |
9 | 9 | ||
10 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
11 | include allow-java.inc | 11 | include allow-java.inc |
diff --git a/etc/profile-a-l/jumpnbump.profile b/etc/profile-a-l/jumpnbump.profile index c0a78ecc0..9954b8aea 100644 --- a/etc/profile-a-l/jumpnbump.profile +++ b/etc/profile-a-l/jumpnbump.profile | |||
@@ -6,7 +6,7 @@ include jumpnbump.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.jumpnbump | 9 | noblacklist ${HOME}/.jumpnbump |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.jumpnbump | 19 | mkdir ${HOME}/.jumpnbump |
20 | allow ${HOME}/.jumpnbump | 20 | whitelist ${HOME}/.jumpnbump |
21 | allow /usr/share/jumpnbump | 21 | whitelist /usr/share/jumpnbump |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/k3b.profile b/etc/profile-a-l/k3b.profile index 73ce8670f..5ae90dff6 100644 --- a/etc/profile-a-l/k3b.profile +++ b/etc/profile-a-l/k3b.profile | |||
@@ -6,11 +6,11 @@ include k3b.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/k3brc | 9 | noblacklist ${HOME}/.config/k3brc |
10 | nodeny ${HOME}/.kde/share/config/k3brc | 10 | noblacklist ${HOME}/.kde/share/config/k3brc |
11 | nodeny ${HOME}/.kde4/share/config/k3brc | 11 | noblacklist ${HOME}/.kde4/share/config/k3brc |
12 | nodeny ${HOME}/.local/share/kxmlgui5/k3b | 12 | noblacklist ${HOME}/.local/share/kxmlgui5/k3b |
13 | nodeny ${MUSIC} | 13 | noblacklist ${MUSIC} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kaffeine.profile b/etc/profile-a-l/kaffeine.profile index e6a00e350..d55fd22cb 100644 --- a/etc/profile-a-l/kaffeine.profile +++ b/etc/profile-a-l/kaffeine.profile | |||
@@ -6,14 +6,14 @@ include kaffeine.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/kaffeinerc | 9 | noblacklist ${HOME}/.config/kaffeinerc |
10 | nodeny ${HOME}/.kde/share/apps/kaffeine | 10 | noblacklist ${HOME}/.kde/share/apps/kaffeine |
11 | nodeny ${HOME}/.kde/share/config/kaffeinerc | 11 | noblacklist ${HOME}/.kde/share/config/kaffeinerc |
12 | nodeny ${HOME}/.kde4/share/apps/kaffeine | 12 | noblacklist ${HOME}/.kde4/share/apps/kaffeine |
13 | nodeny ${HOME}/.kde4/share/config/kaffeinerc | 13 | noblacklist ${HOME}/.kde4/share/config/kaffeinerc |
14 | nodeny ${HOME}/.local/share/kaffeine | 14 | noblacklist ${HOME}/.local/share/kaffeine |
15 | nodeny ${MUSIC} | 15 | noblacklist ${MUSIC} |
16 | nodeny ${VIDEOS} | 16 | noblacklist ${VIDEOS} |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kalgebra.profile b/etc/profile-a-l/kalgebra.profile index 98b04353e..503dac4b6 100644 --- a/etc/profile-a-l/kalgebra.profile +++ b/etc/profile-a-l/kalgebra.profile | |||
@@ -6,8 +6,8 @@ include kalgebra.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/kalgebrarc | 9 | noblacklist ${HOME}/.config/kalgebrarc |
10 | nodeny ${HOME}/.local/share/kalgebra | 10 | noblacklist ${HOME}/.local/share/kalgebra |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow /usr/share/kalgebramobile | 20 | whitelist /usr/share/kalgebramobile |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-a-l/karbon.profile b/etc/profile-a-l/karbon.profile index db5394550..231299a2f 100644 --- a/etc/profile-a-l/karbon.profile +++ b/etc/profile-a-l/karbon.profile | |||
@@ -6,7 +6,7 @@ include karbon.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/karbon | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/karbon |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include krita.profile | 12 | include krita.profile |
diff --git a/etc/profile-a-l/kate.profile b/etc/profile-a-l/kate.profile index d2b180492..27b87e7c3 100644 --- a/etc/profile-a-l/kate.profile +++ b/etc/profile-a-l/kate.profile | |||
@@ -8,20 +8,20 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.config/katemetainfos | 11 | noblacklist ${HOME}/.config/katemetainfos |
12 | nodeny ${HOME}/.config/katepartrc | 12 | noblacklist ${HOME}/.config/katepartrc |
13 | nodeny ${HOME}/.config/katerc | 13 | noblacklist ${HOME}/.config/katerc |
14 | nodeny ${HOME}/.config/kateschemarc | 14 | noblacklist ${HOME}/.config/kateschemarc |
15 | nodeny ${HOME}/.config/katesyntaxhighlightingrc | 15 | noblacklist ${HOME}/.config/katesyntaxhighlightingrc |
16 | nodeny ${HOME}/.config/katevirc | 16 | noblacklist ${HOME}/.config/katevirc |
17 | nodeny ${HOME}/.local/share/kate | 17 | noblacklist ${HOME}/.local/share/kate |
18 | nodeny ${HOME}/.local/share/kxmlgui5/kate | 18 | noblacklist ${HOME}/.local/share/kxmlgui5/kate |
19 | nodeny ${HOME}/.local/share/kxmlgui5/katefiletree | 19 | noblacklist ${HOME}/.local/share/kxmlgui5/katefiletree |
20 | nodeny ${HOME}/.local/share/kxmlgui5/katekonsole | 20 | noblacklist ${HOME}/.local/share/kxmlgui5/katekonsole |
21 | nodeny ${HOME}/.local/share/kxmlgui5/kateopenheaderplugin | 21 | noblacklist ${HOME}/.local/share/kxmlgui5/kateopenheaderplugin |
22 | nodeny ${HOME}/.local/share/kxmlgui5/katepart | 22 | noblacklist ${HOME}/.local/share/kxmlgui5/katepart |
23 | nodeny ${HOME}/.local/share/kxmlgui5/kateproject | 23 | noblacklist ${HOME}/.local/share/kxmlgui5/kateproject |
24 | nodeny ${HOME}/.local/share/kxmlgui5/katesearch | 24 | noblacklist ${HOME}/.local/share/kxmlgui5/katesearch |
25 | 25 | ||
26 | include disable-common.inc | 26 | include disable-common.inc |
27 | # include disable-devel.inc | 27 | # include disable-devel.inc |
diff --git a/etc/profile-a-l/kazam.profile b/etc/profile-a-l/kazam.profile index a4e2e64f4..9795cf168 100644 --- a/etc/profile-a-l/kazam.profile +++ b/etc/profile-a-l/kazam.profile | |||
@@ -8,9 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | nodeny ${VIDEOS} | 12 | noblacklist ${VIDEOS} |
13 | nodeny ${HOME}/.config/kazam | 13 | noblacklist ${HOME}/.config/kazam |
14 | 14 | ||
15 | # Allow python (blacklisted by disable-interpreters.inc) | 15 | # Allow python (blacklisted by disable-interpreters.inc) |
16 | include allow-python2.inc | 16 | include allow-python2.inc |
@@ -25,7 +25,7 @@ include disable-passwdmgr.inc | |||
25 | include disable-shell.inc | 25 | include disable-shell.inc |
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | allow /usr/share/kazam | 28 | whitelist /usr/share/kazam |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/kcalc.profile b/etc/profile-a-l/kcalc.profile index fcb168d4d..e36ee5ed2 100644 --- a/etc/profile-a-l/kcalc.profile +++ b/etc/profile-a-l/kcalc.profile | |||
@@ -6,7 +6,7 @@ include kcalc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kxmlgui5/kcalc | 9 | noblacklist ${HOME}/.local/share/kxmlgui5/kcalc |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -21,13 +21,13 @@ mkdir ${HOME}/.local/share/kxmlgui5/kcalc | |||
21 | mkfile ${HOME}/.config/kcalcrc | 21 | mkfile ${HOME}/.config/kcalcrc |
22 | mkfile ${HOME}/.kde/share/config/kcalcrc | 22 | mkfile ${HOME}/.kde/share/config/kcalcrc |
23 | mkfile ${HOME}/.kde4/share/config/kcalcrc | 23 | mkfile ${HOME}/.kde4/share/config/kcalcrc |
24 | allow ${HOME}/.config/kcalcrc | 24 | whitelist ${HOME}/.config/kcalcrc |
25 | allow ${HOME}/.kde/share/config/kcalcrc | 25 | whitelist ${HOME}/.kde/share/config/kcalcrc |
26 | allow ${HOME}/.kde4/share/config/kcalcrc | 26 | whitelist ${HOME}/.kde4/share/config/kcalcrc |
27 | allow ${HOME}/.local/share/kxmlgui5/kcalc | 27 | whitelist ${HOME}/.local/share/kxmlgui5/kcalc |
28 | allow /usr/share/config.kcfg/kcalc.kcfg | 28 | whitelist /usr/share/config.kcfg/kcalc.kcfg |
29 | allow /usr/share/kcalc | 29 | whitelist /usr/share/kcalc |
30 | allow /usr/share/kconf_update/kcalcrc.upd | 30 | whitelist /usr/share/kconf_update/kcalcrc.upd |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
33 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/kdenlive.profile b/etc/profile-a-l/kdenlive.profile index 4acafbf2a..d2a08a269 100644 --- a/etc/profile-a-l/kdenlive.profile +++ b/etc/profile-a-l/kdenlive.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/kdenlive | 11 | noblacklist ${HOME}/.cache/kdenlive |
12 | nodeny ${HOME}/.config/kdenliverc | 12 | noblacklist ${HOME}/.config/kdenliverc |
13 | nodeny ${HOME}/.local/share/kdenlive | 13 | noblacklist ${HOME}/.local/share/kdenlive |
14 | nodeny ${HOME}/.local/share/kxmlgui5/kdenlive | 14 | noblacklist ${HOME}/.local/share/kxmlgui5/kdenlive |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kdiff3.profile b/etc/profile-a-l/kdiff3.profile index 0c37f7968..7c1cb2294 100644 --- a/etc/profile-a-l/kdiff3.profile +++ b/etc/profile-a-l/kdiff3.profile | |||
@@ -6,14 +6,14 @@ include kdiff3.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/kdiff3fileitemactionrc | 9 | noblacklist ${HOME}/.config/kdiff3fileitemactionrc |
10 | nodeny ${HOME}/.config/kdiff3rc | 10 | noblacklist ${HOME}/.config/kdiff3rc |
11 | 11 | ||
12 | # Add the next line to your kdiff3.local if you don't need to compare files in disable-common.inc. | 12 | # Add the next line to your kdiff3.local if you don't need to compare files in disable-common.inc. |
13 | # By default we deny access only to .ssh and .gnupg. | 13 | # By default we deny access only to .ssh and .gnupg. |
14 | #include disable-common.inc | 14 | #include disable-common.inc |
15 | deny ${HOME}/.ssh | 15 | blacklist ${HOME}/.ssh |
16 | deny ${HOME}/.gnupg | 16 | blacklist ${HOME}/.gnupg |
17 | 17 | ||
18 | include disable-devel.inc | 18 | include disable-devel.inc |
19 | include disable-exec.inc | 19 | include disable-exec.inc |
diff --git a/etc/profile-a-l/keepass.profile b/etc/profile-a-l/keepass.profile index 9c06962bc..ae8971ab4 100644 --- a/etc/profile-a-l/keepass.profile +++ b/etc/profile-a-l/keepass.profile | |||
@@ -6,14 +6,14 @@ include keepass.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/*.kdb | 9 | noblacklist ${HOME}/*.kdb |
10 | nodeny ${HOME}/*.kdbx | 10 | noblacklist ${HOME}/*.kdbx |
11 | nodeny ${HOME}/.config/KeePass | 11 | noblacklist ${HOME}/.config/KeePass |
12 | nodeny ${HOME}/.config/keepass | 12 | noblacklist ${HOME}/.config/keepass |
13 | nodeny ${HOME}/.keepass | 13 | noblacklist ${HOME}/.keepass |
14 | nodeny ${HOME}/.local/share/KeePass | 14 | noblacklist ${HOME}/.local/share/KeePass |
15 | nodeny ${HOME}/.local/share/keepass | 15 | noblacklist ${HOME}/.local/share/keepass |
16 | nodeny ${DOCUMENTS} | 16 | noblacklist ${DOCUMENTS} |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
diff --git a/etc/profile-a-l/keepassx.profile b/etc/profile-a-l/keepassx.profile index 2772fa8bf..ac364986d 100644 --- a/etc/profile-a-l/keepassx.profile +++ b/etc/profile-a-l/keepassx.profile | |||
@@ -6,11 +6,11 @@ include keepassx.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/*.kdb | 9 | noblacklist ${HOME}/*.kdb |
10 | nodeny ${HOME}/*.kdbx | 10 | noblacklist ${HOME}/*.kdbx |
11 | nodeny ${HOME}/.config/keepassx | 11 | noblacklist ${HOME}/.config/keepassx |
12 | nodeny ${HOME}/.keepassx | 12 | noblacklist ${HOME}/.keepassx |
13 | nodeny ${DOCUMENTS} | 13 | noblacklist ${DOCUMENTS} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/keepassxc.profile b/etc/profile-a-l/keepassxc.profile index 9c530b20d..f71dcf82b 100644 --- a/etc/profile-a-l/keepassxc.profile +++ b/etc/profile-a-l/keepassxc.profile | |||
@@ -6,23 +6,23 @@ include keepassxc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/*.kdb | 9 | noblacklist ${HOME}/*.kdb |
10 | nodeny ${HOME}/*.kdbx | 10 | noblacklist ${HOME}/*.kdbx |
11 | nodeny ${HOME}/.cache/keepassxc | 11 | noblacklist ${HOME}/.cache/keepassxc |
12 | nodeny ${HOME}/.config/keepassxc | 12 | noblacklist ${HOME}/.config/keepassxc |
13 | nodeny ${HOME}/.config/KeePassXCrc | 13 | noblacklist ${HOME}/.config/KeePassXCrc |
14 | nodeny ${HOME}/.keepassxc | 14 | noblacklist ${HOME}/.keepassxc |
15 | nodeny ${DOCUMENTS} | 15 | noblacklist ${DOCUMENTS} |
16 | 16 | ||
17 | # Allow browser profiles, required for browser integration. | 17 | # Allow browser profiles, required for browser integration. |
18 | nodeny ${HOME}/.config/BraveSoftware | 18 | noblacklist ${HOME}/.config/BraveSoftware |
19 | nodeny ${HOME}/.config/chromium | 19 | noblacklist ${HOME}/.config/chromium |
20 | nodeny ${HOME}/.config/google-chrome | 20 | noblacklist ${HOME}/.config/google-chrome |
21 | nodeny ${HOME}/.config/vivaldi | 21 | noblacklist ${HOME}/.config/vivaldi |
22 | nodeny ${HOME}/.local/share/torbrowser | 22 | noblacklist ${HOME}/.local/share/torbrowser |
23 | nodeny ${HOME}/.mozilla | 23 | noblacklist ${HOME}/.mozilla |
24 | 24 | ||
25 | deny /usr/libexec | 25 | blacklist /usr/libexec |
26 | 26 | ||
27 | include disable-common.inc | 27 | include disable-common.inc |
28 | include disable-devel.inc | 28 | include disable-devel.inc |
@@ -57,7 +57,7 @@ include disable-xdg.inc | |||
57 | #whitelist ${HOME}/.config/KeePassXCrc | 57 | #whitelist ${HOME}/.config/KeePassXCrc |
58 | #include whitelist-common.inc | 58 | #include whitelist-common.inc |
59 | 59 | ||
60 | allow /usr/share/keepassxc | 60 | whitelist /usr/share/keepassxc |
61 | include whitelist-usr-share-common.inc | 61 | include whitelist-usr-share-common.inc |
62 | include whitelist-var-common.inc | 62 | include whitelist-var-common.inc |
63 | 63 | ||
diff --git a/etc/profile-a-l/kget.profile b/etc/profile-a-l/kget.profile index 30c041cbc..2c684504b 100644 --- a/etc/profile-a-l/kget.profile +++ b/etc/profile-a-l/kget.profile | |||
@@ -6,13 +6,13 @@ include kget.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/kgetrc | 9 | noblacklist ${HOME}/.config/kgetrc |
10 | nodeny ${HOME}/.kde/share/apps/kget | 10 | noblacklist ${HOME}/.kde/share/apps/kget |
11 | nodeny ${HOME}/.kde/share/config/kgetrc | 11 | noblacklist ${HOME}/.kde/share/config/kgetrc |
12 | nodeny ${HOME}/.kde4/share/apps/kget | 12 | noblacklist ${HOME}/.kde4/share/apps/kget |
13 | nodeny ${HOME}/.kde4/share/config/kgetrc | 13 | noblacklist ${HOME}/.kde4/share/config/kgetrc |
14 | nodeny ${HOME}/.local/share/kget | 14 | noblacklist ${HOME}/.local/share/kget |
15 | nodeny ${HOME}/.local/share/kxmlgui5/kget | 15 | noblacklist ${HOME}/.local/share/kxmlgui5/kget |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kid3-qt.profile b/etc/profile-a-l/kid3-qt.profile index 84d135fc3..9bcede077 100644 --- a/etc/profile-a-l/kid3-qt.profile +++ b/etc/profile-a-l/kid3-qt.profile | |||
@@ -2,7 +2,7 @@ | |||
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | include kid3-qt.local | 3 | include kid3-qt.local |
4 | 4 | ||
5 | nodeny ${HOME}/.config/Kid3 | 5 | noblacklist ${HOME}/.config/Kid3 |
6 | 6 | ||
7 | # Redirect | 7 | # Redirect |
8 | include kid3.profile | 8 | include kid3.profile |
diff --git a/etc/profile-a-l/kid3.profile b/etc/profile-a-l/kid3.profile index 0ef2a7845..e18292e99 100644 --- a/etc/profile-a-l/kid3.profile +++ b/etc/profile-a-l/kid3.profile | |||
@@ -6,9 +6,9 @@ include kid3.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | nodeny ${HOME}/.config/kid3rc | 10 | noblacklist ${HOME}/.config/kid3rc |
11 | nodeny ${HOME}/.local/share/kxmlgui5/kid3 | 11 | noblacklist ${HOME}/.local/share/kxmlgui5/kid3 |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kino.profile b/etc/profile-a-l/kino.profile index 833c1d22a..74014ffe6 100644 --- a/etc/profile-a-l/kino.profile +++ b/etc/profile-a-l/kino.profile | |||
@@ -6,8 +6,8 @@ include kino.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.kino-history | 9 | noblacklist ${HOME}/.kino-history |
10 | nodeny ${HOME}/.kinorc | 10 | noblacklist ${HOME}/.kinorc |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kiwix-desktop.profile b/etc/profile-a-l/kiwix-desktop.profile index b188ba0e3..40ee0bbc7 100644 --- a/etc/profile-a-l/kiwix-desktop.profile +++ b/etc/profile-a-l/kiwix-desktop.profile | |||
@@ -6,8 +6,8 @@ include kiwix-desktop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/kiwix | 9 | noblacklist ${HOME}/.local/share/kiwix |
10 | nodeny ${HOME}/.local/share/kiwix-desktop | 10 | noblacklist ${HOME}/.local/share/kiwix-desktop |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/kiwix | 20 | mkdir ${HOME}/.local/share/kiwix |
21 | mkdir ${HOME}/.local/share/kiwix-desktop | 21 | mkdir ${HOME}/.local/share/kiwix-desktop |
22 | allow ${HOME}/.local/share/kiwix | 22 | whitelist ${HOME}/.local/share/kiwix |
23 | allow ${HOME}/.local/share/kiwix-desktop | 23 | whitelist ${HOME}/.local/share/kiwix-desktop |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-a-l/klatexformula.profile b/etc/profile-a-l/klatexformula.profile index e087e4973..c6a9023f1 100644 --- a/etc/profile-a-l/klatexformula.profile +++ b/etc/profile-a-l/klatexformula.profile | |||
@@ -6,8 +6,8 @@ include klatexformula.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.kde/share/apps/klatexformula | 9 | noblacklist ${HOME}/.kde/share/apps/klatexformula |
10 | nodeny ${HOME}/.klatexformula | 10 | noblacklist ${HOME}/.klatexformula |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/klavaro.profile b/etc/profile-a-l/klavaro.profile index ec3912419..f5cd3a48c 100644 --- a/etc/profile-a-l/klavaro.profile +++ b/etc/profile-a-l/klavaro.profile | |||
@@ -6,8 +6,8 @@ include klavaro.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/klavaro | 9 | noblacklist ${HOME}/.config/klavaro |
10 | nodeny ${HOME}/.local/share/klavaro | 10 | noblacklist ${HOME}/.local/share/klavaro |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/klavaro | 20 | mkdir ${HOME}/.local/share/klavaro |
21 | mkdir ${HOME}/.config/klavaro | 21 | mkdir ${HOME}/.config/klavaro |
22 | allow ${HOME}/.local/share/klavaro | 22 | whitelist ${HOME}/.local/share/klavaro |
23 | allow ${HOME}/.config/klavaro | 23 | whitelist ${HOME}/.config/klavaro |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-a-l/kmail.profile b/etc/profile-a-l/kmail.profile index 3c582c08c..95ae98e53 100644 --- a/etc/profile-a-l/kmail.profile +++ b/etc/profile-a-l/kmail.profile | |||
@@ -9,27 +9,27 @@ include globals.local | |||
9 | # kmail has problems launching akonadi in debian and ubuntu. | 9 | # kmail has problems launching akonadi in debian and ubuntu. |
10 | # one solution is to have akonadi already running when kmail is started | 10 | # one solution is to have akonadi already running when kmail is started |
11 | 11 | ||
12 | nodeny ${HOME}/.cache/akonadi* | 12 | noblacklist ${HOME}/.cache/akonadi* |
13 | nodeny ${HOME}/.cache/kmail2 | 13 | noblacklist ${HOME}/.cache/kmail2 |
14 | nodeny ${HOME}/.config/akonadi* | 14 | noblacklist ${HOME}/.config/akonadi* |
15 | nodeny ${HOME}/.config/baloorc | 15 | noblacklist ${HOME}/.config/baloorc |
16 | nodeny ${HOME}/.config/emaildefaults | 16 | noblacklist ${HOME}/.config/emaildefaults |
17 | nodeny ${HOME}/.config/emailidentities | 17 | noblacklist ${HOME}/.config/emailidentities |
18 | nodeny ${HOME}/.config/kmail2rc | 18 | noblacklist ${HOME}/.config/kmail2rc |
19 | nodeny ${HOME}/.config/kmailsearchindexingrc | 19 | noblacklist ${HOME}/.config/kmailsearchindexingrc |
20 | nodeny ${HOME}/.config/mailtransports | 20 | noblacklist ${HOME}/.config/mailtransports |
21 | nodeny ${HOME}/.config/specialmailcollectionsrc | 21 | noblacklist ${HOME}/.config/specialmailcollectionsrc |
22 | nodeny ${HOME}/.gnupg | 22 | noblacklist ${HOME}/.gnupg |
23 | nodeny ${HOME}/.local/share/akonadi* | 23 | noblacklist ${HOME}/.local/share/akonadi* |
24 | nodeny ${HOME}/.local/share/apps/korganizer | 24 | noblacklist ${HOME}/.local/share/apps/korganizer |
25 | nodeny ${HOME}/.local/share/contacts | 25 | noblacklist ${HOME}/.local/share/contacts |
26 | nodeny ${HOME}/.local/share/emailidentities | 26 | noblacklist ${HOME}/.local/share/emailidentities |
27 | nodeny ${HOME}/.local/share/kmail2 | 27 | noblacklist ${HOME}/.local/share/kmail2 |
28 | nodeny ${HOME}/.local/share/kxmlgui5/kmail | 28 | noblacklist ${HOME}/.local/share/kxmlgui5/kmail |
29 | nodeny ${HOME}/.local/share/kxmlgui5/kmail2 | 29 | noblacklist ${HOME}/.local/share/kxmlgui5/kmail2 |
30 | nodeny ${HOME}/.local/share/local-mail | 30 | noblacklist ${HOME}/.local/share/local-mail |
31 | nodeny ${HOME}/.local/share/notes | 31 | noblacklist ${HOME}/.local/share/notes |
32 | nodeny /tmp/akonadi-* | 32 | noblacklist /tmp/akonadi-* |
33 | 33 | ||
34 | include disable-common.inc | 34 | include disable-common.inc |
35 | include disable-devel.inc | 35 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kmplayer.profile b/etc/profile-a-l/kmplayer.profile index d2ce14ab6..e88b53499 100644 --- a/etc/profile-a-l/kmplayer.profile +++ b/etc/profile-a-l/kmplayer.profile | |||
@@ -6,11 +6,11 @@ include kmplayer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/kmplayerrc | 9 | noblacklist ${HOME}/.config/kmplayerrc |
10 | nodeny ${HOME}/.kde/share/config/kmplayerrc | 10 | noblacklist ${HOME}/.kde/share/config/kmplayerrc |
11 | nodeny ${HOME}/.local/share/kmplayer | 11 | noblacklist ${HOME}/.local/share/kmplayer |
12 | nodeny ${MUSIC} | 12 | noblacklist ${MUSIC} |
13 | nodeny ${VIDEOS} | 13 | noblacklist ${VIDEOS} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/knotes.profile b/etc/profile-a-l/knotes.profile index 5a9ac34da..f155d0ad6 100644 --- a/etc/profile-a-l/knotes.profile +++ b/etc/profile-a-l/knotes.profile | |||
@@ -10,9 +10,9 @@ include knotes.local | |||
10 | # knotes has problems launching akonadi in debian and ubuntu. | 10 | # knotes has problems launching akonadi in debian and ubuntu. |
11 | # one solution is to have akonadi already running when knotes is started | 11 | # one solution is to have akonadi already running when knotes is started |
12 | 12 | ||
13 | nodeny ${HOME}/.config/knotesrc | 13 | noblacklist ${HOME}/.config/knotesrc |
14 | nodeny ${HOME}/.local/share/knotes | 14 | noblacklist ${HOME}/.local/share/knotes |
15 | nodeny ${HOME}/.local/share/kxmlgui5/knotes | 15 | noblacklist ${HOME}/.local/share/kxmlgui5/knotes |
16 | 16 | ||
17 | # Redirect | 17 | # Redirect |
18 | include kmail.profile | 18 | include kmail.profile |
diff --git a/etc/profile-a-l/kodi.profile b/etc/profile-a-l/kodi.profile index 2725c87be..b7091f1fc 100644 --- a/etc/profile-a-l/kodi.profile +++ b/etc/profile-a-l/kodi.profile | |||
@@ -13,10 +13,10 @@ ignore noexec ${HOME} | |||
13 | #ignore noroot | 13 | #ignore noroot |
14 | #ignore private-dev | 14 | #ignore private-dev |
15 | 15 | ||
16 | nodeny ${HOME}/.kodi | 16 | noblacklist ${HOME}/.kodi |
17 | nodeny ${MUSIC} | 17 | noblacklist ${MUSIC} |
18 | nodeny ${PICTURES} | 18 | noblacklist ${PICTURES} |
19 | nodeny ${VIDEOS} | 19 | noblacklist ${VIDEOS} |
20 | 20 | ||
21 | # Allow python (blacklisted by disable-interpreters.inc) | 21 | # Allow python (blacklisted by disable-interpreters.inc) |
22 | include allow-python2.inc | 22 | include allow-python2.inc |
diff --git a/etc/profile-a-l/konversation.profile b/etc/profile-a-l/konversation.profile index d8ce33838..5b5ed6e24 100644 --- a/etc/profile-a-l/konversation.profile +++ b/etc/profile-a-l/konversation.profile | |||
@@ -6,11 +6,11 @@ include konversation.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/konversationrc | 9 | noblacklist ${HOME}/.config/konversationrc |
10 | nodeny ${HOME}/.config/konversation.notifyrc | 10 | noblacklist ${HOME}/.config/konversation.notifyrc |
11 | nodeny ${HOME}/.kde/share/config/konversationrc | 11 | noblacklist ${HOME}/.kde/share/config/konversationrc |
12 | nodeny ${HOME}/.kde4/share/config/konversationrc | 12 | noblacklist ${HOME}/.kde4/share/config/konversationrc |
13 | nodeny ${HOME}/.local/share/kxmlgui5/konversation | 13 | noblacklist ${HOME}/.local/share/kxmlgui5/konversation |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kopete.profile b/etc/profile-a-l/kopete.profile index 749591f32..88f47d1bf 100644 --- a/etc/profile-a-l/kopete.profile +++ b/etc/profile-a-l/kopete.profile | |||
@@ -6,11 +6,11 @@ include kopete.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.kde/share/apps/kopete | 9 | noblacklist ${HOME}/.kde/share/apps/kopete |
10 | nodeny ${HOME}/.kde/share/config/kopeterc | 10 | noblacklist ${HOME}/.kde/share/config/kopeterc |
11 | nodeny ${HOME}/.kde4/share/apps/kopete | 11 | noblacklist ${HOME}/.kde4/share/apps/kopete |
12 | nodeny ${HOME}/.kde4/share/config/kopeterc | 12 | noblacklist ${HOME}/.kde4/share/config/kopeterc |
13 | nodeny ${HOME}/.local/share/kxmlgui5/kopete | 13 | noblacklist ${HOME}/.local/share/kxmlgui5/kopete |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | allow /var/lib/winpopup | 22 | whitelist /var/lib/winpopup |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-a-l/krita.profile b/etc/profile-a-l/krita.profile index 950341def..8604e63d0 100644 --- a/etc/profile-a-l/krita.profile +++ b/etc/profile-a-l/krita.profile | |||
@@ -9,10 +9,10 @@ include globals.local | |||
9 | # noexec ${HOME} may break krita, see issue #1953 | 9 | # noexec ${HOME} may break krita, see issue #1953 |
10 | ignore noexec ${HOME} | 10 | ignore noexec ${HOME} |
11 | 11 | ||
12 | nodeny ${HOME}/.config/kritarc | 12 | noblacklist ${HOME}/.config/kritarc |
13 | nodeny ${HOME}/.local/share/krita | 13 | noblacklist ${HOME}/.local/share/krita |
14 | nodeny ${DOCUMENTS} | 14 | noblacklist ${DOCUMENTS} |
15 | nodeny ${PICTURES} | 15 | noblacklist ${PICTURES} |
16 | 16 | ||
17 | # Allow python (blacklisted by disable-interpreters.inc) | 17 | # Allow python (blacklisted by disable-interpreters.inc) |
18 | include allow-python2.inc | 18 | include allow-python2.inc |
diff --git a/etc/profile-a-l/krunner.profile b/etc/profile-a-l/krunner.profile index 7b325d273..9cb5eff87 100644 --- a/etc/profile-a-l/krunner.profile +++ b/etc/profile-a-l/krunner.profile | |||
@@ -13,9 +13,9 @@ include globals.local | |||
13 | # noblacklist ${HOME}/.cache/krunner | 13 | # noblacklist ${HOME}/.cache/krunner |
14 | # noblacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite* | 14 | # noblacklist ${HOME}/.cache/krunnerbookmarkrunnerfirefoxdbfile.sqlite* |
15 | # noblacklist ${HOME}/.config/chromium | 15 | # noblacklist ${HOME}/.config/chromium |
16 | nodeny ${HOME}/.config/krunnerrc | 16 | noblacklist ${HOME}/.config/krunnerrc |
17 | nodeny ${HOME}/.kde/share/config/krunnerrc | 17 | noblacklist ${HOME}/.kde/share/config/krunnerrc |
18 | nodeny ${HOME}/.kde4/share/config/krunnerrc | 18 | noblacklist ${HOME}/.kde4/share/config/krunnerrc |
19 | # noblacklist ${HOME}/.local/share/baloo | 19 | # noblacklist ${HOME}/.local/share/baloo |
20 | # noblacklist ${HOME}/.mozilla | 20 | # noblacklist ${HOME}/.mozilla |
21 | 21 | ||
diff --git a/etc/profile-a-l/ktorrent.profile b/etc/profile-a-l/ktorrent.profile index ac9fee585..5a85194e0 100644 --- a/etc/profile-a-l/ktorrent.profile +++ b/etc/profile-a-l/ktorrent.profile | |||
@@ -6,13 +6,13 @@ include ktorrent.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/ktorrentrc | 9 | noblacklist ${HOME}/.config/ktorrentrc |
10 | nodeny ${HOME}/.kde/share/apps/ktorrent | 10 | noblacklist ${HOME}/.kde/share/apps/ktorrent |
11 | nodeny ${HOME}/.kde/share/config/ktorrentrc | 11 | noblacklist ${HOME}/.kde/share/config/ktorrentrc |
12 | nodeny ${HOME}/.kde4/share/apps/ktorrent | 12 | noblacklist ${HOME}/.kde4/share/apps/ktorrent |
13 | nodeny ${HOME}/.kde4/share/config/ktorrentrc | 13 | noblacklist ${HOME}/.kde4/share/config/ktorrentrc |
14 | nodeny ${HOME}/.local/share/ktorrent | 14 | noblacklist ${HOME}/.local/share/ktorrent |
15 | nodeny ${HOME}/.local/share/kxmlgui5/ktorrent | 15 | noblacklist ${HOME}/.local/share/kxmlgui5/ktorrent |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -29,14 +29,14 @@ mkdir ${HOME}/.local/share/kxmlgui5/ktorrent | |||
29 | mkfile ${HOME}/.config/ktorrentrc | 29 | mkfile ${HOME}/.config/ktorrentrc |
30 | mkfile ${HOME}/.kde/share/config/ktorrentrc | 30 | mkfile ${HOME}/.kde/share/config/ktorrentrc |
31 | mkfile ${HOME}/.kde4/share/config/ktorrentrc | 31 | mkfile ${HOME}/.kde4/share/config/ktorrentrc |
32 | allow ${DOWNLOADS} | 32 | whitelist ${DOWNLOADS} |
33 | allow ${HOME}/.config/ktorrentrc | 33 | whitelist ${HOME}/.config/ktorrentrc |
34 | allow ${HOME}/.kde/share/apps/ktorrent | 34 | whitelist ${HOME}/.kde/share/apps/ktorrent |
35 | allow ${HOME}/.kde/share/config/ktorrentrc | 35 | whitelist ${HOME}/.kde/share/config/ktorrentrc |
36 | allow ${HOME}/.kde4/share/apps/ktorrent | 36 | whitelist ${HOME}/.kde4/share/apps/ktorrent |
37 | allow ${HOME}/.kde4/share/config/ktorrentrc | 37 | whitelist ${HOME}/.kde4/share/config/ktorrentrc |
38 | allow ${HOME}/.local/share/ktorrent | 38 | whitelist ${HOME}/.local/share/ktorrent |
39 | allow ${HOME}/.local/share/kxmlgui5/ktorrent | 39 | whitelist ${HOME}/.local/share/kxmlgui5/ktorrent |
40 | include whitelist-common.inc | 40 | include whitelist-common.inc |
41 | include whitelist-var-common.inc | 41 | include whitelist-var-common.inc |
42 | 42 | ||
diff --git a/etc/profile-a-l/ktouch.profile b/etc/profile-a-l/ktouch.profile index 71f8e4977..4cf72b74c 100644 --- a/etc/profile-a-l/ktouch.profile +++ b/etc/profile-a-l/ktouch.profile | |||
@@ -6,8 +6,8 @@ include ktouch.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/ktouch2rc | 9 | noblacklist ${HOME}/.config/ktouch2rc |
10 | nodeny ${HOME}/.local/share/ktouch | 10 | noblacklist ${HOME}/.local/share/ktouch |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkfile ${HOME}/.config/ktouch2rc | 21 | mkfile ${HOME}/.config/ktouch2rc |
22 | mkdir ${HOME}/.local/share/ktouch | 22 | mkdir ${HOME}/.local/share/ktouch |
23 | allow ${HOME}/.config/ktouch2rc | 23 | whitelist ${HOME}/.config/ktouch2rc |
24 | allow ${HOME}/.local/share/ktouch | 24 | whitelist ${HOME}/.local/share/ktouch |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-a-l/kube.profile b/etc/profile-a-l/kube.profile index 74ffd1162..4e9a12e5f 100644 --- a/etc/profile-a-l/kube.profile +++ b/etc/profile-a-l/kube.profile | |||
@@ -6,13 +6,13 @@ include kube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.gnupg | 9 | noblacklist ${HOME}/.gnupg |
10 | nodeny ${HOME}/.mozilla | 10 | noblacklist ${HOME}/.mozilla |
11 | nodeny ${HOME}/.cache/kube | 11 | noblacklist ${HOME}/.cache/kube |
12 | nodeny ${HOME}/.config/kube | 12 | noblacklist ${HOME}/.config/kube |
13 | nodeny ${HOME}/.config/sink | 13 | noblacklist ${HOME}/.config/sink |
14 | nodeny ${HOME}/.local/share/kube | 14 | noblacklist ${HOME}/.local/share/kube |
15 | nodeny ${HOME}/.local/share/sink | 15 | noblacklist ${HOME}/.local/share/sink |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -29,17 +29,17 @@ mkdir ${HOME}/.config/kube | |||
29 | mkdir ${HOME}/.config/sink | 29 | mkdir ${HOME}/.config/sink |
30 | mkdir ${HOME}/.local/share/kube | 30 | mkdir ${HOME}/.local/share/kube |
31 | mkdir ${HOME}/.local/share/sink | 31 | mkdir ${HOME}/.local/share/sink |
32 | allow ${HOME}/.gnupg | 32 | whitelist ${HOME}/.gnupg |
33 | allow ${HOME}/.mozilla/firefox/profiles.ini | 33 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
34 | allow ${HOME}/.cache/kube | 34 | whitelist ${HOME}/.cache/kube |
35 | allow ${HOME}/.config/kube | 35 | whitelist ${HOME}/.config/kube |
36 | allow ${HOME}/.config/sink | 36 | whitelist ${HOME}/.config/sink |
37 | allow ${HOME}/.local/share/kube | 37 | whitelist ${HOME}/.local/share/kube |
38 | allow ${HOME}/.local/share/sink | 38 | whitelist ${HOME}/.local/share/sink |
39 | allow ${RUNUSER}/gnupg | 39 | whitelist ${RUNUSER}/gnupg |
40 | allow /usr/share/kube | 40 | whitelist /usr/share/kube |
41 | allow /usr/share/gnupg | 41 | whitelist /usr/share/gnupg |
42 | allow /usr/share/gnupg2 | 42 | whitelist /usr/share/gnupg2 |
43 | include whitelist-common.inc | 43 | include whitelist-common.inc |
44 | include whitelist-runuser-common.inc | 44 | include whitelist-runuser-common.inc |
45 | include whitelist-usr-share-common.inc | 45 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/kwin_x11.profile b/etc/profile-a-l/kwin_x11.profile index 580f93736..15e7ceb17 100644 --- a/etc/profile-a-l/kwin_x11.profile +++ b/etc/profile-a-l/kwin_x11.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | # fix automatical kwin_x11 sandboxing: | 8 | # fix automatical kwin_x11 sandboxing: |
9 | # echo KDEWM=kwin_x11 >> ~/.pam_environment | 9 | # echo KDEWM=kwin_x11 >> ~/.pam_environment |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/kwin | 11 | noblacklist ${HOME}/.cache/kwin |
12 | nodeny ${HOME}/.config/kwinrc | 12 | noblacklist ${HOME}/.config/kwinrc |
13 | nodeny ${HOME}/.config/kwinrulesrc | 13 | noblacklist ${HOME}/.config/kwinrulesrc |
14 | nodeny ${HOME}/.local/share/kwin | 14 | noblacklist ${HOME}/.local/share/kwin |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-a-l/kwrite.profile b/etc/profile-a-l/kwrite.profile index 08b0e0224..804ffafeb 100644 --- a/etc/profile-a-l/kwrite.profile +++ b/etc/profile-a-l/kwrite.profile | |||
@@ -6,15 +6,15 @@ include kwrite.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/katepartrc | 9 | noblacklist ${HOME}/.config/katepartrc |
10 | nodeny ${HOME}/.config/katerc | 10 | noblacklist ${HOME}/.config/katerc |
11 | nodeny ${HOME}/.config/kateschemarc | 11 | noblacklist ${HOME}/.config/kateschemarc |
12 | nodeny ${HOME}/.config/katesyntaxhighlightingrc | 12 | noblacklist ${HOME}/.config/katesyntaxhighlightingrc |
13 | nodeny ${HOME}/.config/katevirc | 13 | noblacklist ${HOME}/.config/katevirc |
14 | nodeny ${HOME}/.config/kwriterc | 14 | noblacklist ${HOME}/.config/kwriterc |
15 | nodeny ${HOME}/.local/share/kwrite | 15 | noblacklist ${HOME}/.local/share/kwrite |
16 | nodeny ${HOME}/.local/share/kxmlgui5/kwrite | 16 | noblacklist ${HOME}/.local/share/kxmlgui5/kwrite |
17 | nodeny ${DOCUMENTS} | 17 | noblacklist ${DOCUMENTS} |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
diff --git a/etc/profile-a-l/latex-common.profile b/etc/profile-a-l/latex-common.profile index 91693bfc1..ac1b8785d 100644 --- a/etc/profile-a-l/latex-common.profile +++ b/etc/profile-a-l/latex-common.profile | |||
@@ -13,7 +13,7 @@ include disable-interpreters.inc | |||
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | allow /var/lib | 16 | whitelist /var/lib |
17 | include whitelist-runuser-common.inc | 17 | include whitelist-runuser-common.inc |
18 | include whitelist-var-common.inc | 18 | include whitelist-var-common.inc |
19 | 19 | ||
diff --git a/etc/profile-a-l/leafpad.profile b/etc/profile-a-l/leafpad.profile index e154708eb..4bbb0a86d 100644 --- a/etc/profile-a-l/leafpad.profile +++ b/etc/profile-a-l/leafpad.profile | |||
@@ -6,7 +6,7 @@ include leafpad.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/leafpad | 9 | noblacklist ${HOME}/.config/leafpad |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/less.profile b/etc/profile-a-l/less.profile index abee392de..8eb5ad0c2 100644 --- a/etc/profile-a-l/less.profile +++ b/etc/profile-a-l/less.profile | |||
@@ -7,9 +7,9 @@ include less.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | nodeny ${HOME}/.lesshst | 12 | noblacklist ${HOME}/.lesshst |
13 | 13 | ||
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | 15 | include disable-exec.inc |
diff --git a/etc/profile-a-l/librecad.profile b/etc/profile-a-l/librecad.profile index 8ec41eee3..c57eae73d 100644 --- a/etc/profile-a-l/librecad.profile +++ b/etc/profile-a-l/librecad.profile | |||
@@ -4,8 +4,8 @@ include librecad.local | |||
4 | # Persistent global definitions | 4 | # Persistent global definitions |
5 | include globals.local | 5 | include globals.local |
6 | 6 | ||
7 | nodeny ${HOME}/.config/LibreCAD | 7 | noblacklist ${HOME}/.config/LibreCAD |
8 | nodeny ${HOME}/.local/share/LibreCAD | 8 | noblacklist ${HOME}/.local/share/LibreCAD |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | allow /usr/share/librecad | 19 | whitelist /usr/share/librecad |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-a-l/libreoffice.profile b/etc/profile-a-l/libreoffice.profile index ae01d39b8..b1a24888c 100644 --- a/etc/profile-a-l/libreoffice.profile +++ b/etc/profile-a-l/libreoffice.profile | |||
@@ -6,15 +6,15 @@ include libreoffice.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /usr/local/sbin | 9 | noblacklist /usr/local/sbin |
10 | nodeny ${HOME}/.config/libreoffice | 10 | noblacklist ${HOME}/.config/libreoffice |
11 | 11 | ||
12 | # libreoffice uses java for some functionality. | 12 | # libreoffice uses java for some functionality. |
13 | # Add 'ignore include allow-java.inc' to your libreoffice.local if you don't need that functionality. | 13 | # Add 'ignore include allow-java.inc' to your libreoffice.local if you don't need that functionality. |
14 | # Allow java (blacklisted by disable-devel.inc) | 14 | # Allow java (blacklisted by disable-devel.inc) |
15 | include allow-java.inc | 15 | include allow-java.inc |
16 | 16 | ||
17 | deny /usr/libexec | 17 | blacklist /usr/libexec |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
diff --git a/etc/profile-a-l/librewolf.profile b/etc/profile-a-l/librewolf.profile index 5c614ab8e..da047357a 100644 --- a/etc/profile-a-l/librewolf.profile +++ b/etc/profile-a-l/librewolf.profile | |||
@@ -6,13 +6,13 @@ include librewolf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/librewolf | 9 | noblacklist ${HOME}/.cache/librewolf |
10 | nodeny ${HOME}/.librewolf | 10 | noblacklist ${HOME}/.librewolf |
11 | 11 | ||
12 | mkdir ${HOME}/.cache/librewolf | 12 | mkdir ${HOME}/.cache/librewolf |
13 | mkdir ${HOME}/.librewolf | 13 | mkdir ${HOME}/.librewolf |
14 | allow ${HOME}/.cache/librewolf | 14 | whitelist ${HOME}/.cache/librewolf |
15 | allow ${HOME}/.librewolf | 15 | whitelist ${HOME}/.librewolf |
16 | 16 | ||
17 | # Add the next lines to your librewolf.local if you want to use the migration wizard. | 17 | # Add the next lines to your librewolf.local if you want to use the migration wizard. |
18 | #noblacklist ${HOME}/.mozilla | 18 | #noblacklist ${HOME}/.mozilla |
@@ -23,10 +23,10 @@ allow ${HOME}/.librewolf | |||
23 | #whitelist ${RUNUSER}/kpxc_server | 23 | #whitelist ${RUNUSER}/kpxc_server |
24 | #whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer | 24 | #whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer |
25 | 25 | ||
26 | allow /usr/share/doc | 26 | whitelist /usr/share/doc |
27 | allow /usr/share/gtk-doc/html | 27 | whitelist /usr/share/gtk-doc/html |
28 | allow /usr/share/mozilla | 28 | whitelist /usr/share/mozilla |
29 | allow /usr/share/webext | 29 | whitelist /usr/share/webext |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | 31 | ||
32 | # Add the next line to your librewolf.local to enable private-bin (Arch Linux). | 32 | # Add the next line to your librewolf.local to enable private-bin (Arch Linux). |
diff --git a/etc/profile-a-l/liferea.profile b/etc/profile-a-l/liferea.profile index 595ecc257..7afca1d5f 100644 --- a/etc/profile-a-l/liferea.profile +++ b/etc/profile-a-l/liferea.profile | |||
@@ -6,9 +6,9 @@ include liferea.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/liferea | 9 | noblacklist ${HOME}/.cache/liferea |
10 | nodeny ${HOME}/.config/liferea | 10 | noblacklist ${HOME}/.config/liferea |
11 | nodeny ${HOME}/.local/share/liferea | 11 | noblacklist ${HOME}/.local/share/liferea |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
@@ -24,10 +24,10 @@ include disable-programs.inc | |||
24 | mkdir ${HOME}/.cache/liferea | 24 | mkdir ${HOME}/.cache/liferea |
25 | mkdir ${HOME}/.config/liferea | 25 | mkdir ${HOME}/.config/liferea |
26 | mkdir ${HOME}/.local/share/liferea | 26 | mkdir ${HOME}/.local/share/liferea |
27 | allow ${HOME}/.cache/liferea | 27 | whitelist ${HOME}/.cache/liferea |
28 | allow ${HOME}/.config/liferea | 28 | whitelist ${HOME}/.config/liferea |
29 | allow ${HOME}/.local/share/liferea | 29 | whitelist ${HOME}/.local/share/liferea |
30 | allow /usr/share/liferea | 30 | whitelist /usr/share/liferea |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/lightsoff.profile b/etc/profile-a-l/lightsoff.profile index 58d5bcd6d..c065c44a9 100644 --- a/etc/profile-a-l/lightsoff.profile +++ b/etc/profile-a-l/lightsoff.profile | |||
@@ -6,7 +6,7 @@ include lightsoff.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | allow /usr/share/lightsoff | 9 | whitelist /usr/share/lightsoff |
10 | 10 | ||
11 | private-bin lightsoff | 11 | private-bin lightsoff |
12 | 12 | ||
diff --git a/etc/profile-a-l/lincity-ng.profile b/etc/profile-a-l/lincity-ng.profile index e14c50d77..4254b7f33 100644 --- a/etc/profile-a-l/lincity-ng.profile +++ b/etc/profile-a-l/lincity-ng.profile | |||
@@ -6,7 +6,7 @@ include lincity-ng.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.lincity-ng | 9 | noblacklist ${HOME}/.lincity-ng |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.lincity-ng | 20 | mkdir ${HOME}/.lincity-ng |
21 | allow ${HOME}/.lincity-ng | 21 | whitelist ${HOME}/.lincity-ng |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-a-l/links-common.profile b/etc/profile-a-l/links-common.profile index 51e3d5b94..cd885b1d4 100644 --- a/etc/profile-a-l/links-common.profile +++ b/etc/profile-a-l/links-common.profile | |||
@@ -4,8 +4,8 @@ include links-common.local | |||
4 | 4 | ||
5 | # common profile for links browsers | 5 | # common profile for links browsers |
6 | 6 | ||
7 | deny /tmp/.X11-unix | 7 | blacklist /tmp/.X11-unix |
8 | deny ${RUNUSER}/wayland-* | 8 | blacklist ${RUNUSER}/wayland-* |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow ${DOWNLOADS} | 20 | whitelist ${DOWNLOADS} |
21 | include whitelist-runuser-common.inc | 21 | include whitelist-runuser-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/links.profile b/etc/profile-a-l/links.profile index ae57601ca..8ce39cc7f 100644 --- a/etc/profile-a-l/links.profile +++ b/etc/profile-a-l/links.profile | |||
@@ -7,10 +7,10 @@ include links.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.links | 10 | noblacklist ${HOME}/.links |
11 | 11 | ||
12 | mkdir ${HOME}/.links | 12 | mkdir ${HOME}/.links |
13 | allow ${HOME}/.links | 13 | whitelist ${HOME}/.links |
14 | 14 | ||
15 | private-bin links | 15 | private-bin links |
16 | 16 | ||
diff --git a/etc/profile-a-l/links2.profile b/etc/profile-a-l/links2.profile index eb349c73a..5f91dfcd2 100644 --- a/etc/profile-a-l/links2.profile +++ b/etc/profile-a-l/links2.profile | |||
@@ -7,10 +7,10 @@ include links2.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.links2 | 10 | noblacklist ${HOME}/.links2 |
11 | 11 | ||
12 | mkdir ${HOME}/.links2 | 12 | mkdir ${HOME}/.links2 |
13 | allow ${HOME}/.links2 | 13 | whitelist ${HOME}/.links2 |
14 | 14 | ||
15 | private-bin links2 | 15 | private-bin links2 |
16 | 16 | ||
diff --git a/etc/profile-a-l/linphone.profile b/etc/profile-a-l/linphone.profile index dd1dac05b..7ebdbef4c 100644 --- a/etc/profile-a-l/linphone.profile +++ b/etc/profile-a-l/linphone.profile | |||
@@ -6,10 +6,10 @@ include linphone.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/linphone | 9 | noblacklist ${HOME}/.config/linphone |
10 | nodeny ${HOME}/.linphone-history.db | 10 | noblacklist ${HOME}/.linphone-history.db |
11 | nodeny ${HOME}/.linphonerc | 11 | noblacklist ${HOME}/.linphonerc |
12 | nodeny ${HOME}/.local/share/linphone | 12 | noblacklist ${HOME}/.local/share/linphone |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -23,11 +23,11 @@ include disable-programs.inc | |||
23 | # ${HOME}/.linphone-history.db and ${HOME}/.linphonerc but no longer mkfile. | 23 | # ${HOME}/.linphone-history.db and ${HOME}/.linphonerc but no longer mkfile. |
24 | mkdir ${HOME}/.config/linphone | 24 | mkdir ${HOME}/.config/linphone |
25 | mkdir ${HOME}/.local/share/linphone | 25 | mkdir ${HOME}/.local/share/linphone |
26 | allow ${HOME}/.config/linphone | 26 | whitelist ${HOME}/.config/linphone |
27 | allow ${HOME}/.linphone-history.db | 27 | whitelist ${HOME}/.linphone-history.db |
28 | allow ${HOME}/.linphonerc | 28 | whitelist ${HOME}/.linphonerc |
29 | allow ${HOME}/.local/share/linphone | 29 | whitelist ${HOME}/.local/share/linphone |
30 | allow ${DOWNLOADS} | 30 | whitelist ${DOWNLOADS} |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | 32 | ||
33 | caps.drop all | 33 | caps.drop all |
diff --git a/etc/profile-a-l/lmms.profile b/etc/profile-a-l/lmms.profile index b22110fdc..48b0e14dc 100644 --- a/etc/profile-a-l/lmms.profile +++ b/etc/profile-a-l/lmms.profile | |||
@@ -6,9 +6,9 @@ include lmms.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.lmmsrc.xml | 9 | noblacklist ${HOME}/.lmmsrc.xml |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/lollypop.profile b/etc/profile-a-l/lollypop.profile index 0a7ce86e8..f2676fec5 100644 --- a/etc/profile-a-l/lollypop.profile +++ b/etc/profile-a-l/lollypop.profile | |||
@@ -6,8 +6,8 @@ include lollypop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/lollypop | 9 | noblacklist ${HOME}/.local/share/lollypop |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-a-l/lugaru.profile b/etc/profile-a-l/lugaru.profile index 30802b3b7..174c65a65 100644 --- a/etc/profile-a-l/lugaru.profile +++ b/etc/profile-a-l/lugaru.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | # note: crashes after entering | 9 | # note: crashes after entering |
10 | 10 | ||
11 | nodeny ${HOME}/.config/lugaru | 11 | noblacklist ${HOME}/.config/lugaru |
12 | nodeny ${HOME}/.local/share/lugaru | 12 | noblacklist ${HOME}/.local/share/lugaru |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -22,8 +22,8 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.config/lugaru | 23 | mkdir ${HOME}/.config/lugaru |
24 | mkdir ${HOME}/.local/share/lugaru | 24 | mkdir ${HOME}/.local/share/lugaru |
25 | allow ${HOME}/.config/lugaru | 25 | whitelist ${HOME}/.config/lugaru |
26 | allow ${HOME}/.local/share/lugaru | 26 | whitelist ${HOME}/.local/share/lugaru |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-a-l/luminance-hdr.profile b/etc/profile-a-l/luminance-hdr.profile index 73400dbd6..31067034e 100644 --- a/etc/profile-a-l/luminance-hdr.profile +++ b/etc/profile-a-l/luminance-hdr.profile | |||
@@ -6,8 +6,8 @@ include luminance-hdr.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Luminance | 9 | noblacklist ${HOME}/.config/Luminance |
10 | nodeny ${PICTURES} | 10 | noblacklist ${PICTURES} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-a-l/lutris.profile b/etc/profile-a-l/lutris.profile index 9d5169b80..80a3aba86 100644 --- a/etc/profile-a-l/lutris.profile +++ b/etc/profile-a-l/lutris.profile | |||
@@ -6,18 +6,18 @@ include lutris.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PATH}/llvm* | 9 | noblacklist ${PATH}/llvm* |
10 | nodeny ${HOME}/Games | 10 | noblacklist ${HOME}/Games |
11 | nodeny ${HOME}/.cache/lutris | 11 | noblacklist ${HOME}/.cache/lutris |
12 | nodeny ${HOME}/.cache/winetricks | 12 | noblacklist ${HOME}/.cache/winetricks |
13 | nodeny ${HOME}/.config/lutris | 13 | noblacklist ${HOME}/.config/lutris |
14 | nodeny ${HOME}/.local/share/lutris | 14 | noblacklist ${HOME}/.local/share/lutris |
15 | # noblacklist ${HOME}/.wine | 15 | # noblacklist ${HOME}/.wine |
16 | nodeny /tmp/.wine-* | 16 | noblacklist /tmp/.wine-* |
17 | # Don't block access to /sbin and /usr/sbin to allow using ldconfig. Otherwise | 17 | # Don't block access to /sbin and /usr/sbin to allow using ldconfig. Otherwise |
18 | # Lutris won't even start. | 18 | # Lutris won't even start. |
19 | nodeny /sbin | 19 | noblacklist /sbin |
20 | nodeny /usr/sbin | 20 | noblacklist /usr/sbin |
21 | 21 | ||
22 | ignore noexec ${HOME} | 22 | ignore noexec ${HOME} |
23 | 23 | ||
@@ -39,15 +39,15 @@ mkdir ${HOME}/.cache/winetricks | |||
39 | mkdir ${HOME}/.config/lutris | 39 | mkdir ${HOME}/.config/lutris |
40 | mkdir ${HOME}/.local/share/lutris | 40 | mkdir ${HOME}/.local/share/lutris |
41 | # mkdir ${HOME}/.wine | 41 | # mkdir ${HOME}/.wine |
42 | allow ${DOWNLOADS} | 42 | whitelist ${DOWNLOADS} |
43 | allow ${HOME}/Games | 43 | whitelist ${HOME}/Games |
44 | allow ${HOME}/.cache/lutris | 44 | whitelist ${HOME}/.cache/lutris |
45 | allow ${HOME}/.cache/winetricks | 45 | whitelist ${HOME}/.cache/winetricks |
46 | allow ${HOME}/.config/lutris | 46 | whitelist ${HOME}/.config/lutris |
47 | allow ${HOME}/.local/share/lutris | 47 | whitelist ${HOME}/.local/share/lutris |
48 | # whitelist ${HOME}/.wine | 48 | # whitelist ${HOME}/.wine |
49 | allow /usr/share/lutris | 49 | whitelist /usr/share/lutris |
50 | allow /usr/share/wine | 50 | whitelist /usr/share/wine |
51 | include whitelist-common.inc | 51 | include whitelist-common.inc |
52 | include whitelist-usr-share-common.inc | 52 | include whitelist-usr-share-common.inc |
53 | include whitelist-runuser-common.inc | 53 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/lximage-qt.profile b/etc/profile-a-l/lximage-qt.profile index 43147211b..b2a56012e 100644 --- a/etc/profile-a-l/lximage-qt.profile +++ b/etc/profile-a-l/lximage-qt.profile | |||
@@ -6,7 +6,7 @@ include lximage-qt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/lximage-qt | 9 | noblacklist ${HOME}/.config/lximage-qt |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-a-l/lxmusic.profile b/etc/profile-a-l/lxmusic.profile index c849f2ad2..cc4b95551 100644 --- a/etc/profile-a-l/lxmusic.profile +++ b/etc/profile-a-l/lxmusic.profile | |||
@@ -6,9 +6,9 @@ include lxmusic.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/xmms2 | 9 | noblacklist ${HOME}/.cache/xmms2 |
10 | nodeny ${HOME}/.config/xmms2 | 10 | noblacklist ${HOME}/.config/xmms2 |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/lynx.profile b/etc/profile-a-l/lynx.profile index 15c8f1faa..a919e924b 100644 --- a/etc/profile-a-l/lynx.profile +++ b/etc/profile-a-l/lynx.profile | |||
@@ -7,8 +7,8 @@ include lynx.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-a-l/lyx.profile b/etc/profile-a-l/lyx.profile index 358dbf2f2..fa69463d1 100644 --- a/etc/profile-a-l/lyx.profile +++ b/etc/profile-a-l/lyx.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | ignore private-tmp | 9 | ignore private-tmp |
10 | 10 | ||
11 | nodeny ${HOME}/.config/LyX | 11 | noblacklist ${HOME}/.config/LyX |
12 | nodeny ${HOME}/.lyx | 12 | noblacklist ${HOME}/.lyx |
13 | 13 | ||
14 | # Allow lua (blacklisted by disable-interpreters.inc) | 14 | # Allow lua (blacklisted by disable-interpreters.inc) |
15 | include allow-lua.inc | 15 | include allow-lua.inc |
@@ -21,11 +21,11 @@ include allow-perl.inc | |||
21 | include allow-python2.inc | 21 | include allow-python2.inc |
22 | include allow-python3.inc | 22 | include allow-python3.inc |
23 | 23 | ||
24 | allow /usr/share/lyx | 24 | whitelist /usr/share/lyx |
25 | allow /usr/share/texinfo | 25 | whitelist /usr/share/texinfo |
26 | allow /usr/share/texlive | 26 | whitelist /usr/share/texlive |
27 | allow /usr/share/texmf-dist | 27 | whitelist /usr/share/texmf-dist |
28 | allow /usr/share/tlpkg | 28 | whitelist /usr/share/tlpkg |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | 30 | ||
31 | apparmor | 31 | apparmor |
diff --git a/etc/profile-a-l/sway.profile b/etc/profile-a-l/sway.profile index 3a4edcf69..4637419bf 100644 --- a/etc/profile-a-l/sway.profile +++ b/etc/profile-a-l/sway.profile | |||
@@ -7,9 +7,9 @@ include sway.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in sway will run in this profile | 9 | # all applications started in sway will run in this profile |
10 | nodeny ${HOME}/.config/sway | 10 | noblacklist ${HOME}/.config/sway |
11 | # sway uses ~/.config/i3 as fallback if there is no ~/.config/sway | 11 | # sway uses ~/.config/i3 as fallback if there is no ~/.config/sway |
12 | nodeny ${HOME}/.config/i3 | 12 | noblacklist ${HOME}/.config/i3 |
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | 14 | ||
15 | caps.drop all | 15 | caps.drop all |
diff --git a/etc/profile-m-z/Maelstrom.profile b/etc/profile-m-z/Maelstrom.profile index e6c43007d..62d0a8b3a 100644 --- a/etc/profile-m-z/Maelstrom.profile +++ b/etc/profile-m-z/Maelstrom.profile | |||
@@ -6,7 +6,7 @@ include Maelstrom.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /var/lib/games/Maelstrom-Scores | 9 | noblacklist /var/lib/games/Maelstrom-Scores |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow /var/lib/games | 20 | whitelist /var/lib/games |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/Mathematica.profile b/etc/profile-m-z/Mathematica.profile index bd929d21a..c2734b1c1 100644 --- a/etc/profile-m-z/Mathematica.profile +++ b/etc/profile-m-z/Mathematica.profile | |||
@@ -5,8 +5,8 @@ include Mathematica.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.Mathematica | 8 | noblacklist ${HOME}/.Mathematica |
9 | nodeny ${HOME}/.Wolfram Research | 9 | noblacklist ${HOME}/.Wolfram Research |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | mkdir ${HOME}/.Mathematica | 17 | mkdir ${HOME}/.Mathematica |
18 | mkdir ${HOME}/.Wolfram Research | 18 | mkdir ${HOME}/.Wolfram Research |
19 | mkdir ${HOME}/Documents/Wolfram Mathematica | 19 | mkdir ${HOME}/Documents/Wolfram Mathematica |
20 | allow ${HOME}/.Mathematica | 20 | whitelist ${HOME}/.Mathematica |
21 | allow ${HOME}/.Wolfram Research | 21 | whitelist ${HOME}/.Wolfram Research |
22 | allow ${HOME}/Documents/Wolfram Mathematica | 22 | whitelist ${HOME}/Documents/Wolfram Mathematica |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | 24 | ||
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-m-z/PCSX2.profile b/etc/profile-m-z/PCSX2.profile index f833b9446..e678b7204 100644 --- a/etc/profile-m-z/PCSX2.profile +++ b/etc/profile-m-z/PCSX2.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your PCSX2.local. | 9 | # Note: you must whitelist your games folder in your PCSX2.local. |
10 | 10 | ||
11 | nodeny ${HOME}/.config/PCSX2 | 11 | noblacklist ${HOME}/.config/PCSX2 |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,7 +21,7 @@ include disable-write-mnt.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.config/PCSX2 | 23 | mkdir ${HOME}/.config/PCSX2 |
24 | allow ${HOME}/.config/PCSX2 | 24 | whitelist ${HOME}/.config/PCSX2 |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/QMediathekView.profile b/etc/profile-m-z/QMediathekView.profile index d7b01fe06..86120587b 100644 --- a/etc/profile-m-z/QMediathekView.profile +++ b/etc/profile-m-z/QMediathekView.profile | |||
@@ -6,18 +6,18 @@ include QMediathekView.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/QMediathekView | 9 | noblacklist ${HOME}/.config/QMediathekView |
10 | nodeny ${HOME}/.local/share/QMediathekView | 10 | noblacklist ${HOME}/.local/share/QMediathekView |
11 | 11 | ||
12 | nodeny ${HOME}/.config/mpv | 12 | noblacklist ${HOME}/.config/mpv |
13 | nodeny ${HOME}/.config/smplayer | 13 | noblacklist ${HOME}/.config/smplayer |
14 | nodeny ${HOME}/.config/totem | 14 | noblacklist ${HOME}/.config/totem |
15 | nodeny ${HOME}/.config/vlc | 15 | noblacklist ${HOME}/.config/vlc |
16 | nodeny ${HOME}/.config/xplayer | 16 | noblacklist ${HOME}/.config/xplayer |
17 | nodeny ${HOME}/.local/share/totem | 17 | noblacklist ${HOME}/.local/share/totem |
18 | nodeny ${HOME}/.local/share/xplayer | 18 | noblacklist ${HOME}/.local/share/xplayer |
19 | nodeny ${HOME}/.mplayer | 19 | noblacklist ${HOME}/.mplayer |
20 | nodeny ${VIDEOS} | 20 | noblacklist ${VIDEOS} |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
@@ -28,7 +28,7 @@ include disable-programs.inc | |||
28 | include disable-shell.inc | 28 | include disable-shell.inc |
29 | include disable-xdg.inc | 29 | include disable-xdg.inc |
30 | 30 | ||
31 | allow /usr/share/qtchooser | 31 | whitelist /usr/share/qtchooser |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile index 4ca42730a..660378089 100644 --- a/etc/profile-m-z/QOwnNotes.profile +++ b/etc/profile-m-z/QOwnNotes.profile | |||
@@ -6,10 +6,10 @@ include QOwnNotes.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${HOME}/Nextcloud/Notes | 10 | noblacklist ${HOME}/Nextcloud/Notes |
11 | nodeny ${HOME}/.config/PBE | 11 | noblacklist ${HOME}/.config/PBE |
12 | nodeny ${HOME}/.local/share/PBE | 12 | noblacklist ${HOME}/.local/share/PBE |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-xdg.inc | |||
23 | mkdir ${HOME}/Nextcloud/Notes | 23 | mkdir ${HOME}/Nextcloud/Notes |
24 | mkdir ${HOME}/.config/PBE | 24 | mkdir ${HOME}/.config/PBE |
25 | mkdir ${HOME}/.local/share/PBE | 25 | mkdir ${HOME}/.local/share/PBE |
26 | allow ${DOCUMENTS} | 26 | whitelist ${DOCUMENTS} |
27 | allow ${HOME}/Nextcloud/Notes | 27 | whitelist ${HOME}/Nextcloud/Notes |
28 | allow ${HOME}/.config/PBE | 28 | whitelist ${HOME}/.config/PBE |
29 | allow ${HOME}/.local/share/PBE | 29 | whitelist ${HOME}/.local/share/PBE |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
diff --git a/etc/profile-m-z/Viber.profile b/etc/profile-m-z/Viber.profile index b98847d3a..3195e39fa 100644 --- a/etc/profile-m-z/Viber.profile +++ b/etc/profile-m-z/Viber.profile | |||
@@ -5,8 +5,8 @@ include Viber.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.ViberPC | 8 | noblacklist ${HOME}/.ViberPC |
9 | nodeny ${PATH}/dig | 9 | noblacklist ${PATH}/dig |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.ViberPC | 18 | mkdir ${HOME}/.ViberPC |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.ViberPC | 20 | whitelist ${HOME}/.ViberPC |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-m-z/XMind.profile b/etc/profile-m-z/XMind.profile index c9cf7adf7..d78e04595 100644 --- a/etc/profile-m-z/XMind.profile +++ b/etc/profile-m-z/XMind.profile | |||
@@ -5,7 +5,7 @@ include XMind.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.xmind | 8 | noblacklist ${HOME}/.xmind |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -15,8 +15,8 @@ include disable-passwdmgr.inc | |||
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.xmind | 17 | mkdir ${HOME}/.xmind |
18 | allow ${HOME}/.xmind | 18 | whitelist ${HOME}/.xmind |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | 21 | ||
22 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/profile-m-z/Xephyr.profile b/etc/profile-m-z/Xephyr.profile index 7ba1cdac9..5cf5161ce 100644 --- a/etc/profile-m-z/Xephyr.profile +++ b/etc/profile-m-z/Xephyr.profile | |||
@@ -15,7 +15,7 @@ include globals.local | |||
15 | # or run "sudo firecfg" | 15 | # or run "sudo firecfg" |
16 | # | 16 | # |
17 | 17 | ||
18 | allow /var/lib/xkb | 18 | whitelist /var/lib/xkb |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | 20 | ||
21 | caps.drop all | 21 | caps.drop all |
diff --git a/etc/profile-m-z/Xvfb.profile b/etc/profile-m-z/Xvfb.profile index a246ccb23..1acd43023 100644 --- a/etc/profile-m-z/Xvfb.profile +++ b/etc/profile-m-z/Xvfb.profile | |||
@@ -18,7 +18,7 @@ include globals.local | |||
18 | # some Linux distributions. Also, older versions of Xpra use Xvfb. | 18 | # some Linux distributions. Also, older versions of Xpra use Xvfb. |
19 | # | 19 | # |
20 | 20 | ||
21 | allow /var/lib/xkb | 21 | whitelist /var/lib/xkb |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/ZeGrapher.profile b/etc/profile-m-z/ZeGrapher.profile index 4f65ad7d1..7686c3442 100644 --- a/etc/profile-m-z/ZeGrapher.profile +++ b/etc/profile-m-z/ZeGrapher.profile | |||
@@ -6,7 +6,7 @@ include ZeGrapher.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/ZeGrapher Project | 9 | noblacklist ${HOME}/.config/ZeGrapher Project |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | allow /usr/share/ZeGrapher | 19 | whitelist /usr/share/ZeGrapher |
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/macrofusion.profile b/etc/profile-m-z/macrofusion.profile index 763d475bb..d1dcb6fe0 100644 --- a/etc/profile-m-z/macrofusion.profile +++ b/etc/profile-m-z/macrofusion.profile | |||
@@ -5,8 +5,8 @@ include macrofusion.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/mfusion | 8 | noblacklist ${HOME}/.config/mfusion |
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
diff --git a/etc/profile-m-z/magicor.profile b/etc/profile-m-z/magicor.profile index d561a5095..8a27b2626 100644 --- a/etc/profile-m-z/magicor.profile +++ b/etc/profile-m-z/magicor.profile | |||
@@ -6,7 +6,7 @@ include magicor.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.magicor | 9 | noblacklist ${HOME}/.magicor |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -21,8 +21,8 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.magicor | 23 | mkdir ${HOME}/.magicor |
24 | allow ${HOME}/.magicor | 24 | whitelist ${HOME}/.magicor |
25 | allow /usr/share/magicor | 25 | whitelist /usr/share/magicor |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/makepkg.profile b/etc/profile-m-z/makepkg.profile index a7c486c9f..513fcae55 100644 --- a/etc/profile-m-z/makepkg.profile +++ b/etc/profile-m-z/makepkg.profile | |||
@@ -6,8 +6,8 @@ include makepkg.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | # Note: see this Arch forum discussion https://bbs.archlinux.org/viewtopic.php?pid=1743138 | 12 | # Note: see this Arch forum discussion https://bbs.archlinux.org/viewtopic.php?pid=1743138 |
13 | # for potential issues and their solutions when Firejailing makepkg | 13 | # for potential issues and their solutions when Firejailing makepkg |
@@ -17,18 +17,18 @@ deny ${RUNUSER}/wayland-* | |||
17 | # whitelist ${HOME}/.gnupg | 17 | # whitelist ${HOME}/.gnupg |
18 | 18 | ||
19 | # Enable severely restricted access to ${HOME}/.gnupg | 19 | # Enable severely restricted access to ${HOME}/.gnupg |
20 | nodeny ${HOME}/.gnupg | 20 | noblacklist ${HOME}/.gnupg |
21 | read-only ${HOME}/.gnupg/gpg.conf | 21 | read-only ${HOME}/.gnupg/gpg.conf |
22 | read-only ${HOME}/.gnupg/trustdb.gpg | 22 | read-only ${HOME}/.gnupg/trustdb.gpg |
23 | read-only ${HOME}/.gnupg/pubring.kbx | 23 | read-only ${HOME}/.gnupg/pubring.kbx |
24 | deny ${HOME}/.gnupg/random_seed | 24 | blacklist ${HOME}/.gnupg/random_seed |
25 | deny ${HOME}/.gnupg/pubring.kbx~ | 25 | blacklist ${HOME}/.gnupg/pubring.kbx~ |
26 | deny ${HOME}/.gnupg/private-keys-v1.d | 26 | blacklist ${HOME}/.gnupg/private-keys-v1.d |
27 | deny ${HOME}/.gnupg/crls.d | 27 | blacklist ${HOME}/.gnupg/crls.d |
28 | deny ${HOME}/.gnupg/openpgp-revocs.d | 28 | blacklist ${HOME}/.gnupg/openpgp-revocs.d |
29 | 29 | ||
30 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. | 30 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. |
31 | nodeny /var/lib/pacman | 31 | noblacklist /var/lib/pacman |
32 | 32 | ||
33 | include disable-common.inc | 33 | include disable-common.inc |
34 | include disable-exec.inc | 34 | include disable-exec.inc |
diff --git a/etc/profile-m-z/man.profile b/etc/profile-m-z/man.profile index 383eeeeb7..bd510fcac 100644 --- a/etc/profile-m-z/man.profile +++ b/etc/profile-m-z/man.profile | |||
@@ -7,10 +7,10 @@ include man.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | nodeny ${HOME}/.local/share/man | 12 | noblacklist ${HOME}/.local/share/man |
13 | nodeny ${HOME}/.rustup | 13 | noblacklist ${HOME}/.rustup |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -23,12 +23,12 @@ include disable-xdg.inc | |||
23 | #mkdir ${HOME}/.local/share/man | 23 | #mkdir ${HOME}/.local/share/man |
24 | #whitelist ${HOME}/.local/share/man | 24 | #whitelist ${HOME}/.local/share/man |
25 | #whitelist ${HOME}/.manpath | 25 | #whitelist ${HOME}/.manpath |
26 | allow /usr/share/groff | 26 | whitelist /usr/share/groff |
27 | allow /usr/share/info | 27 | whitelist /usr/share/info |
28 | allow /usr/share/lintian | 28 | whitelist /usr/share/lintian |
29 | allow /usr/share/locale | 29 | whitelist /usr/share/locale |
30 | allow /usr/share/man | 30 | whitelist /usr/share/man |
31 | allow /var/cache/man | 31 | whitelist /var/cache/man |
32 | #include whitelist-common.inc | 32 | #include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/manaplus.profile b/etc/profile-m-z/manaplus.profile index 67ee783a6..f59a56ac6 100644 --- a/etc/profile-m-z/manaplus.profile +++ b/etc/profile-m-z/manaplus.profile | |||
@@ -6,8 +6,8 @@ include manaplus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mana | 9 | noblacklist ${HOME}/.config/mana |
10 | nodeny ${HOME}/.local/share/mana | 10 | noblacklist ${HOME}/.local/share/mana |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -21,8 +21,8 @@ include disable-xdg.inc | |||
21 | mkdir ${HOME}/.config/mana | 21 | mkdir ${HOME}/.config/mana |
22 | mkdir ${HOME}/.config/mana/mana | 22 | mkdir ${HOME}/.config/mana/mana |
23 | mkdir ${HOME}/.local/share/mana | 23 | mkdir ${HOME}/.local/share/mana |
24 | allow ${HOME}/.config/mana | 24 | whitelist ${HOME}/.config/mana |
25 | allow ${HOME}/.local/share/mana | 25 | whitelist ${HOME}/.local/share/mana |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/marker.profile b/etc/profile-m-z/marker.profile index 7645ad335..bd56a8221 100644 --- a/etc/profile-m-z/marker.profile +++ b/etc/profile-m-z/marker.profile | |||
@@ -11,8 +11,8 @@ include globals.local | |||
11 | #protocol unix,inet,inet6 | 11 | #protocol unix,inet,inet6 |
12 | #private-etc ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf | 12 | #private-etc ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf |
13 | 13 | ||
14 | nodeny ${HOME}/.cache/marker | 14 | noblacklist ${HOME}/.cache/marker |
15 | nodeny ${DOCUMENTS} | 15 | noblacklist ${DOCUMENTS} |
16 | 16 | ||
17 | include allow-python3.inc | 17 | include allow-python3.inc |
18 | 18 | ||
@@ -25,8 +25,8 @@ include disable-programs.inc | |||
25 | include disable-shell.inc | 25 | include disable-shell.inc |
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | allow /usr/libexec/webkit2gtk-4.0 | 28 | whitelist /usr/libexec/webkit2gtk-4.0 |
29 | allow /usr/share/com.github.fabiocolacio.marker | 29 | whitelist /usr/share/com.github.fabiocolacio.marker |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
32 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/masterpdfeditor.profile b/etc/profile-m-z/masterpdfeditor.profile index d8b215b7f..de1135071 100644 --- a/etc/profile-m-z/masterpdfeditor.profile +++ b/etc/profile-m-z/masterpdfeditor.profile | |||
@@ -6,8 +6,8 @@ include masterpdfeditor.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Code Industry | 9 | noblacklist ${HOME}/.config/Code Industry |
10 | nodeny ${HOME}/.masterpdfeditor | 10 | noblacklist ${HOME}/.masterpdfeditor |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mate-calc.profile b/etc/profile-m-z/mate-calc.profile index 92832783e..39ee7439d 100644 --- a/etc/profile-m-z/mate-calc.profile +++ b/etc/profile-m-z/mate-calc.profile | |||
@@ -6,7 +6,7 @@ include mate-calc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mate-calc | 9 | noblacklist ${HOME}/.config/mate-calc |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-programs.inc | |||
18 | mkdir ${HOME}/.cache/mate-calc | 18 | mkdir ${HOME}/.cache/mate-calc |
19 | mkdir ${HOME}/.config/caja | 19 | mkdir ${HOME}/.config/caja |
20 | mkdir ${HOME}/.config/mate-menu | 20 | mkdir ${HOME}/.config/mate-menu |
21 | allow ${HOME}/.cache/mate-calc | 21 | whitelist ${HOME}/.cache/mate-calc |
22 | allow ${HOME}/.config/caja | 22 | whitelist ${HOME}/.config/caja |
23 | allow ${HOME}/.config/mate-menu | 23 | whitelist ${HOME}/.config/mate-menu |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/mate-dictionary.profile b/etc/profile-m-z/mate-dictionary.profile index 90c9d0993..ae1fcbf62 100644 --- a/etc/profile-m-z/mate-dictionary.profile +++ b/etc/profile-m-z/mate-dictionary.profile | |||
@@ -5,7 +5,7 @@ include mate-dictionary.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/mate/mate-dictionary | 8 | noblacklist ${HOME}/.config/mate/mate-dictionary |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/mate/mate-dictionary | 18 | mkdir ${HOME}/.config/mate/mate-dictionary |
19 | allow ${HOME}/.config/mate/mate-dictionary | 19 | whitelist ${HOME}/.config/mate/mate-dictionary |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | 21 | ||
22 | apparmor | 22 | apparmor |
diff --git a/etc/profile-m-z/matrix-mirage.profile b/etc/profile-m-z/matrix-mirage.profile index 8ee470a50..b3080df88 100644 --- a/etc/profile-m-z/matrix-mirage.profile +++ b/etc/profile-m-z/matrix-mirage.profile | |||
@@ -7,16 +7,16 @@ include matrix-mirage.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/matrix-mirage | 10 | noblacklist ${HOME}/.cache/matrix-mirage |
11 | nodeny ${HOME}/.config/matrix-mirage | 11 | noblacklist ${HOME}/.config/matrix-mirage |
12 | nodeny ${HOME}/.local/share/matrix-mirage | 12 | noblacklist ${HOME}/.local/share/matrix-mirage |
13 | 13 | ||
14 | mkdir ${HOME}/.cache/matrix-mirage | 14 | mkdir ${HOME}/.cache/matrix-mirage |
15 | mkdir ${HOME}/.config/matrix-mirage | 15 | mkdir ${HOME}/.config/matrix-mirage |
16 | mkdir ${HOME}/.local/share/matrix-mirage | 16 | mkdir ${HOME}/.local/share/matrix-mirage |
17 | allow ${HOME}/.cache/matrix-mirage | 17 | whitelist ${HOME}/.cache/matrix-mirage |
18 | allow ${HOME}/.config/matrix-mirage | 18 | whitelist ${HOME}/.config/matrix-mirage |
19 | allow ${HOME}/.local/share/matrix-mirage | 19 | whitelist ${HOME}/.local/share/matrix-mirage |
20 | 20 | ||
21 | private-bin matrix-mirage | 21 | private-bin matrix-mirage |
22 | 22 | ||
diff --git a/etc/profile-m-z/mattermost-desktop.profile b/etc/profile-m-z/mattermost-desktop.profile index 01076a90a..3c2bf4fa3 100644 --- a/etc/profile-m-z/mattermost-desktop.profile +++ b/etc/profile-m-z/mattermost-desktop.profile | |||
@@ -10,12 +10,12 @@ ignore apparmor | |||
10 | ignore dbus-user none | 10 | ignore dbus-user none |
11 | ignore dbus-system none | 11 | ignore dbus-system none |
12 | 12 | ||
13 | nodeny ${HOME}/.config/Mattermost | 13 | noblacklist ${HOME}/.config/Mattermost |
14 | 14 | ||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/Mattermost | 17 | mkdir ${HOME}/.config/Mattermost |
18 | allow ${HOME}/.config/Mattermost | 18 | whitelist ${HOME}/.config/Mattermost |
19 | 19 | ||
20 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 20 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl |
21 | 21 | ||
diff --git a/etc/profile-m-z/mcabber.profile b/etc/profile-m-z/mcabber.profile index ae749114a..38d2d8d63 100644 --- a/etc/profile-m-z/mcabber.profile +++ b/etc/profile-m-z/mcabber.profile | |||
@@ -6,8 +6,8 @@ include mcabber.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.mcabber | 9 | noblacklist ${HOME}/.mcabber |
10 | nodeny ${HOME}/.mcabberrc | 10 | noblacklist ${HOME}/.mcabberrc |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mcomix.profile b/etc/profile-m-z/mcomix.profile index d9e12fb5d..fcd1e24e5 100644 --- a/etc/profile-m-z/mcomix.profile +++ b/etc/profile-m-z/mcomix.profile | |||
@@ -6,9 +6,9 @@ include mcomix.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mcomix | 9 | noblacklist ${HOME}/.config/mcomix |
10 | nodeny ${HOME}/.local/share/mcomix | 10 | noblacklist ${HOME}/.local/share/mcomix |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 13 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
14 | include allow-bin-sh.inc | 14 | include allow-bin-sh.inc |
@@ -30,7 +30,7 @@ include disable-xdg.inc | |||
30 | 30 | ||
31 | mkdir ${HOME}/.config/mcomix | 31 | mkdir ${HOME}/.config/mcomix |
32 | mkdir ${HOME}/.local/share/mcomix | 32 | mkdir ${HOME}/.local/share/mcomix |
33 | allow /usr/share/mcomix | 33 | whitelist /usr/share/mcomix |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
36 | include whitelist-runuser-common.inc | 36 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/mdr.profile b/etc/profile-m-z/mdr.profile index 9e8656290..5d3f8dc41 100644 --- a/etc/profile-m-z/mdr.profile +++ b/etc/profile-m-z/mdr.profile | |||
@@ -5,7 +5,7 @@ include mdr.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | deny ${RUNUSER}/wayland-* | 8 | blacklist ${RUNUSER}/wayland-* |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-m-z/mediainfo.profile b/etc/profile-m-z/mediainfo.profile index ae34ea321..17363624f 100644 --- a/etc/profile-m-z/mediainfo.profile +++ b/etc/profile-m-z/mediainfo.profile | |||
@@ -6,7 +6,7 @@ include mediainfo.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mediathekview.profile b/etc/profile-m-z/mediathekview.profile index 3459ad4cf..0063badd8 100644 --- a/etc/profile-m-z/mediathekview.profile +++ b/etc/profile-m-z/mediathekview.profile | |||
@@ -6,16 +6,16 @@ include mediathekview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mpv | 9 | noblacklist ${HOME}/.config/mpv |
10 | nodeny ${HOME}/.config/smplayer | 10 | noblacklist ${HOME}/.config/smplayer |
11 | nodeny ${HOME}/.config/totem | 11 | noblacklist ${HOME}/.config/totem |
12 | nodeny ${HOME}/.config/vlc | 12 | noblacklist ${HOME}/.config/vlc |
13 | nodeny ${HOME}/.config/xplayer | 13 | noblacklist ${HOME}/.config/xplayer |
14 | nodeny ${HOME}/.local/share/totem | 14 | noblacklist ${HOME}/.local/share/totem |
15 | nodeny ${HOME}/.local/share/xplayer | 15 | noblacklist ${HOME}/.local/share/xplayer |
16 | nodeny ${HOME}/.mediathek3 | 16 | noblacklist ${HOME}/.mediathek3 |
17 | nodeny ${HOME}/.mplayer | 17 | noblacklist ${HOME}/.mplayer |
18 | nodeny ${VIDEOS} | 18 | noblacklist ${VIDEOS} |
19 | 19 | ||
20 | # Allow java (blacklisted by disable-devel.inc) | 20 | # Allow java (blacklisted by disable-devel.inc) |
21 | include allow-java.inc | 21 | include allow-java.inc |
diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile index ad9094ddf..f07b9166a 100644 --- a/etc/profile-m-z/megaglest.profile +++ b/etc/profile-m-z/megaglest.profile | |||
@@ -6,7 +6,7 @@ include megaglest.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.megaglest | 9 | noblacklist ${HOME}/.megaglest |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.megaglest | 20 | mkdir ${HOME}/.megaglest |
21 | allow ${HOME}/.megaglest | 21 | whitelist ${HOME}/.megaglest |
22 | allow /usr/share/megaglest | 22 | whitelist /usr/share/megaglest |
23 | allow /usr/share/games/megaglest # Debian version | 23 | whitelist /usr/share/games/megaglest # Debian version |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile index 06ee572c9..2a8bb3acf 100644 --- a/etc/profile-m-z/meld.profile +++ b/etc/profile-m-z/meld.profile | |||
@@ -13,12 +13,12 @@ include globals.local | |||
13 | # Calling it by its absolute path (example for git mergetool): | 13 | # Calling it by its absolute path (example for git mergetool): |
14 | # $ git config --global mergetool.meld.cmd /usr/bin/meld | 14 | # $ git config --global mergetool.meld.cmd /usr/bin/meld |
15 | 15 | ||
16 | nodeny ${HOME}/.config/meld | 16 | noblacklist ${HOME}/.config/meld |
17 | nodeny ${HOME}/.config/git | 17 | noblacklist ${HOME}/.config/git |
18 | nodeny ${HOME}/.gitconfig | 18 | noblacklist ${HOME}/.gitconfig |
19 | nodeny ${HOME}/.git-credentials | 19 | noblacklist ${HOME}/.git-credentials |
20 | nodeny ${HOME}/.local/share/meld | 20 | noblacklist ${HOME}/.local/share/meld |
21 | nodeny ${HOME}/.subversion | 21 | noblacklist ${HOME}/.subversion |
22 | 22 | ||
23 | # Allow python (blacklisted by disable-interpreters.inc) | 23 | # Allow python (blacklisted by disable-interpreters.inc) |
24 | # Python 2 is EOL (see #3164). Add the next line to your meld.local if you understand the risks | 24 | # Python 2 is EOL (see #3164). Add the next line to your meld.local if you understand the risks |
@@ -29,7 +29,7 @@ include allow-python3.inc | |||
29 | # Allow ssh (blacklisted by disable-common.inc) | 29 | # Allow ssh (blacklisted by disable-common.inc) |
30 | include allow-ssh.inc | 30 | include allow-ssh.inc |
31 | 31 | ||
32 | deny /usr/libexec | 32 | blacklist /usr/libexec |
33 | 33 | ||
34 | # Add the next line to your meld.local if you don't need to compare files in disable-common.inc. | 34 | # Add the next line to your meld.local if you don't need to compare files in disable-common.inc. |
35 | #include disable-common.inc | 35 | #include disable-common.inc |
diff --git a/etc/profile-m-z/mendeleydesktop.profile b/etc/profile-m-z/mendeleydesktop.profile index e33d6c157..c0bdbb230 100644 --- a/etc/profile-m-z/mendeleydesktop.profile +++ b/etc/profile-m-z/mendeleydesktop.profile | |||
@@ -6,13 +6,13 @@ include mendeleydesktop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${HOME}/.cache/Mendeley Ltd. | 10 | noblacklist ${HOME}/.cache/Mendeley Ltd. |
11 | nodeny ${HOME}/.config/Mendeley Ltd. | 11 | noblacklist ${HOME}/.config/Mendeley Ltd. |
12 | nodeny ${HOME}/.local/share/Mendeley Ltd. | 12 | noblacklist ${HOME}/.local/share/Mendeley Ltd. |
13 | nodeny ${HOME}/.local/share/data/Mendeley Ltd. | 13 | noblacklist ${HOME}/.local/share/data/Mendeley Ltd. |
14 | nodeny ${HOME}/.pki | 14 | noblacklist ${HOME}/.pki |
15 | nodeny ${HOME}/.local/share/pki | 15 | noblacklist ${HOME}/.local/share/pki |
16 | 16 | ||
17 | # Allow python (blacklisted by disable-interpreters.inc) | 17 | # Allow python (blacklisted by disable-interpreters.inc) |
18 | include allow-python2.inc | 18 | include allow-python2.inc |
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index 52808a5b5..2081b8c96 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile | |||
@@ -19,13 +19,13 @@ include disable-passwdmgr.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | # Whitelist your system icon directory,varies by distro | 21 | # Whitelist your system icon directory,varies by distro |
22 | allow /usr/share/app-info | 22 | whitelist /usr/share/app-info |
23 | allow /usr/share/desktop-directories | 23 | whitelist /usr/share/desktop-directories |
24 | allow /usr/share/icons | 24 | whitelist /usr/share/icons |
25 | allow /usr/share/menulibre | 25 | whitelist /usr/share/menulibre |
26 | allow /var/lib/app-info/icons | 26 | whitelist /var/lib/app-info/icons |
27 | allow /var/lib/flatpak/exports/share/applications | 27 | whitelist /var/lib/flatpak/exports/share/applications |
28 | allow /var/lib/flatpak/exports/share/icons | 28 | whitelist /var/lib/flatpak/exports/share/icons |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/meteo-qt.profile b/etc/profile-m-z/meteo-qt.profile index 48f936632..85ed7bc74 100644 --- a/etc/profile-m-z/meteo-qt.profile +++ b/etc/profile-m-z/meteo-qt.profile | |||
@@ -6,8 +6,8 @@ include meteo-qt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/autostart | 9 | noblacklist ${HOME}/.config/autostart |
10 | nodeny ${HOME}/.config/meteo-qt | 10 | noblacklist ${HOME}/.config/meteo-qt |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
@@ -22,8 +22,8 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.config/meteo-qt | 24 | mkdir ${HOME}/.config/meteo-qt |
25 | allow ${HOME}/.config/autostart | 25 | whitelist ${HOME}/.config/autostart |
26 | allow ${HOME}/.config/meteo-qt | 26 | whitelist ${HOME}/.config/meteo-qt |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/microsoft-edge-beta.profile b/etc/profile-m-z/microsoft-edge-beta.profile index 259d39a5f..34d9f470a 100644 --- a/etc/profile-m-z/microsoft-edge-beta.profile +++ b/etc/profile-m-z/microsoft-edge-beta.profile | |||
@@ -6,13 +6,13 @@ include microsoft-edge-beta.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/microsoft-edge-beta | 9 | noblacklist ${HOME}/.cache/microsoft-edge-beta |
10 | nodeny ${HOME}/.config/microsoft-edge-beta | 10 | noblacklist ${HOME}/.config/microsoft-edge-beta |
11 | 11 | ||
12 | mkdir ${HOME}/.cache/microsoft-edge-beta | 12 | mkdir ${HOME}/.cache/microsoft-edge-beta |
13 | mkdir ${HOME}/.config/microsoft-edge-beta | 13 | mkdir ${HOME}/.config/microsoft-edge-beta |
14 | allow ${HOME}/.cache/microsoft-edge-beta | 14 | whitelist ${HOME}/.cache/microsoft-edge-beta |
15 | allow ${HOME}/.config/microsoft-edge-beta | 15 | whitelist ${HOME}/.config/microsoft-edge-beta |
16 | 16 | ||
17 | private-opt microsoft | 17 | private-opt microsoft |
18 | 18 | ||
diff --git a/etc/profile-m-z/microsoft-edge-dev.profile b/etc/profile-m-z/microsoft-edge-dev.profile index 96465866c..039cd36a8 100644 --- a/etc/profile-m-z/microsoft-edge-dev.profile +++ b/etc/profile-m-z/microsoft-edge-dev.profile | |||
@@ -6,13 +6,13 @@ include microsoft-edge-dev.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/microsoft-edge-dev | 9 | noblacklist ${HOME}/.cache/microsoft-edge-dev |
10 | nodeny ${HOME}/.config/microsoft-edge-dev | 10 | noblacklist ${HOME}/.config/microsoft-edge-dev |
11 | 11 | ||
12 | mkdir ${HOME}/.cache/microsoft-edge-dev | 12 | mkdir ${HOME}/.cache/microsoft-edge-dev |
13 | mkdir ${HOME}/.config/microsoft-edge-dev | 13 | mkdir ${HOME}/.config/microsoft-edge-dev |
14 | allow ${HOME}/.cache/microsoft-edge-dev | 14 | whitelist ${HOME}/.cache/microsoft-edge-dev |
15 | allow ${HOME}/.config/microsoft-edge-dev | 15 | whitelist ${HOME}/.config/microsoft-edge-dev |
16 | 16 | ||
17 | private-opt microsoft | 17 | private-opt microsoft |
18 | 18 | ||
diff --git a/etc/profile-m-z/midori.profile b/etc/profile-m-z/midori.profile index c4a444e0d..e15259608 100644 --- a/etc/profile-m-z/midori.profile +++ b/etc/profile-m-z/midori.profile | |||
@@ -9,17 +9,17 @@ include globals.local | |||
9 | # noexec ${HOME} breaks DRM binaries. | 9 | # noexec ${HOME} breaks DRM binaries. |
10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
11 | 11 | ||
12 | nodeny ${HOME}/.cache/midori | 12 | noblacklist ${HOME}/.cache/midori |
13 | nodeny ${HOME}/.config/midori | 13 | noblacklist ${HOME}/.config/midori |
14 | nodeny ${HOME}/.local/share/midori | 14 | noblacklist ${HOME}/.local/share/midori |
15 | # noblacklist ${HOME}/.local/share/webkit | 15 | # noblacklist ${HOME}/.local/share/webkit |
16 | # noblacklist ${HOME}/.local/share/webkitgtk | 16 | # noblacklist ${HOME}/.local/share/webkitgtk |
17 | nodeny ${HOME}/.pki | 17 | noblacklist ${HOME}/.pki |
18 | nodeny ${HOME}/.local/share/pki | 18 | noblacklist ${HOME}/.local/share/pki |
19 | 19 | ||
20 | nodeny ${HOME}/.cache/gnome-mplayer | 20 | noblacklist ${HOME}/.cache/gnome-mplayer |
21 | nodeny ${HOME}/.config/gnome-mplayer | 21 | noblacklist ${HOME}/.config/gnome-mplayer |
22 | nodeny ${HOME}/.lastpass | 22 | noblacklist ${HOME}/.lastpass |
23 | 23 | ||
24 | include disable-common.inc | 24 | include disable-common.inc |
25 | include disable-devel.inc | 25 | include disable-devel.inc |
@@ -36,17 +36,17 @@ mkdir ${HOME}/.local/share/webkit | |||
36 | mkdir ${HOME}/.local/share/webkitgtk | 36 | mkdir ${HOME}/.local/share/webkitgtk |
37 | mkdir ${HOME}/.pki | 37 | mkdir ${HOME}/.pki |
38 | mkdir ${HOME}/.local/share/pki | 38 | mkdir ${HOME}/.local/share/pki |
39 | allow ${DOWNLOADS} | 39 | whitelist ${DOWNLOADS} |
40 | allow ${HOME}/.cache/gnome-mplayer/plugin | 40 | whitelist ${HOME}/.cache/gnome-mplayer/plugin |
41 | allow ${HOME}/.cache/midori | 41 | whitelist ${HOME}/.cache/midori |
42 | allow ${HOME}/.config/gnome-mplayer | 42 | whitelist ${HOME}/.config/gnome-mplayer |
43 | allow ${HOME}/.config/midori | 43 | whitelist ${HOME}/.config/midori |
44 | allow ${HOME}/.lastpass | 44 | whitelist ${HOME}/.lastpass |
45 | allow ${HOME}/.local/share/midori | 45 | whitelist ${HOME}/.local/share/midori |
46 | allow ${HOME}/.local/share/webkit | 46 | whitelist ${HOME}/.local/share/webkit |
47 | allow ${HOME}/.local/share/webkitgtk | 47 | whitelist ${HOME}/.local/share/webkitgtk |
48 | allow ${HOME}/.pki | 48 | whitelist ${HOME}/.pki |
49 | allow ${HOME}/.local/share/pki | 49 | whitelist ${HOME}/.local/share/pki |
50 | include whitelist-common.inc | 50 | include whitelist-common.inc |
51 | include whitelist-var-common.inc | 51 | include whitelist-var-common.inc |
52 | 52 | ||
diff --git a/etc/profile-m-z/min.profile b/etc/profile-m-z/min.profile index 214332184..7f3aeab44 100644 --- a/etc/profile-m-z/min.profile +++ b/etc/profile-m-z/min.profile | |||
@@ -6,10 +6,10 @@ include min.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Min | 9 | noblacklist ${HOME}/.config/Min |
10 | 10 | ||
11 | mkdir ${HOME}/.config/Min | 11 | mkdir ${HOME}/.config/Min |
12 | allow ${HOME}/.config/Min | 12 | whitelist ${HOME}/.config/Min |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include chromium-common.profile | 15 | include chromium-common.profile |
diff --git a/etc/profile-m-z/mindless.profile b/etc/profile-m-z/mindless.profile index ee8402b87..fbf6b58e8 100644 --- a/etc/profile-m-z/mindless.profile +++ b/etc/profile-m-z/mindless.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/mindless | 18 | whitelist /usr/share/mindless |
19 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
20 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/minecraft-launcher.profile b/etc/profile-m-z/minecraft-launcher.profile index 595313851..1028e374a 100644 --- a/etc/profile-m-z/minecraft-launcher.profile +++ b/etc/profile-m-z/minecraft-launcher.profile | |||
@@ -11,7 +11,7 @@ include globals.local | |||
11 | 11 | ||
12 | ignore noexec ${HOME} | 12 | ignore noexec ${HOME} |
13 | 13 | ||
14 | nodeny ${HOME}/.minecraft | 14 | noblacklist ${HOME}/.minecraft |
15 | 15 | ||
16 | include allow-java.inc | 16 | include allow-java.inc |
17 | 17 | ||
@@ -25,7 +25,7 @@ include disable-shell.inc | |||
25 | include disable-xdg.inc | 25 | include disable-xdg.inc |
26 | 26 | ||
27 | mkdir ${HOME}/.minecraft | 27 | mkdir ${HOME}/.minecraft |
28 | allow ${HOME}/.minecraft | 28 | whitelist ${HOME}/.minecraft |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index 11d0859b7..cad1adbda 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile | |||
@@ -9,8 +9,8 @@ include globals.local | |||
9 | # In order to save in-game screenshots to a persistent location edit ~/.minetest/minetest.conf: | 9 | # In order to save in-game screenshots to a persistent location edit ~/.minetest/minetest.conf: |
10 | # screenshot_path = /home/<USER>/.minetest/screenshots | 10 | # screenshot_path = /home/<USER>/.minetest/screenshots |
11 | 11 | ||
12 | nodeny ${HOME}/.cache/minetest | 12 | noblacklist ${HOME}/.cache/minetest |
13 | nodeny ${HOME}/.minetest | 13 | noblacklist ${HOME}/.minetest |
14 | 14 | ||
15 | # Allow lua (blacklisted by disable-interpreters.inc) | 15 | # Allow lua (blacklisted by disable-interpreters.inc) |
16 | include allow-lua.inc | 16 | include allow-lua.inc |
@@ -26,10 +26,10 @@ include disable-xdg.inc | |||
26 | 26 | ||
27 | mkdir ${HOME}/.cache/minetest | 27 | mkdir ${HOME}/.cache/minetest |
28 | mkdir ${HOME}/.minetest | 28 | mkdir ${HOME}/.minetest |
29 | allow ${HOME}/.cache/minetest | 29 | whitelist ${HOME}/.cache/minetest |
30 | allow ${HOME}/.minetest | 30 | whitelist ${HOME}/.minetest |
31 | allow /usr/share/games/minetest | 31 | whitelist /usr/share/games/minetest |
32 | allow /usr/share/minetest | 32 | whitelist /usr/share/minetest |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/minitube.profile b/etc/profile-m-z/minitube.profile index 192913dbf..3fe3428d0 100644 --- a/etc/profile-m-z/minitube.profile +++ b/etc/profile-m-z/minitube.profile | |||
@@ -6,10 +6,10 @@ include minitube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | nodeny ${HOME}/.cache/Flavio Tordini | 10 | noblacklist ${HOME}/.cache/Flavio Tordini |
11 | nodeny ${HOME}/.config/Flavio Tordini | 11 | noblacklist ${HOME}/.config/Flavio Tordini |
12 | nodeny ${HOME}/.local/share/Flavio Tordini | 12 | noblacklist ${HOME}/.local/share/Flavio Tordini |
13 | 13 | ||
14 | include allow-lua.inc | 14 | include allow-lua.inc |
15 | 15 | ||
@@ -25,11 +25,11 @@ include disable-xdg.inc | |||
25 | mkdir ${HOME}/.cache/Flavio Tordini | 25 | mkdir ${HOME}/.cache/Flavio Tordini |
26 | mkdir ${HOME}/.config/Flavio Tordini | 26 | mkdir ${HOME}/.config/Flavio Tordini |
27 | mkdir ${HOME}/.local/share/Flavio Tordini | 27 | mkdir ${HOME}/.local/share/Flavio Tordini |
28 | allow ${PICTURES} | 28 | whitelist ${PICTURES} |
29 | allow ${HOME}/.cache/Flavio Tordini | 29 | whitelist ${HOME}/.cache/Flavio Tordini |
30 | allow ${HOME}/.config/Flavio Tordini | 30 | whitelist ${HOME}/.config/Flavio Tordini |
31 | allow ${HOME}/.local/share/Flavio Tordini | 31 | whitelist ${HOME}/.local/share/Flavio Tordini |
32 | allow /usr/share/minitube | 32 | whitelist /usr/share/minitube |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile index b2f2cc5b1..505009283 100644 --- a/etc/profile-m-z/mirage.profile +++ b/etc/profile-m-z/mirage.profile | |||
@@ -6,10 +6,10 @@ include mirage.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/mirage | 9 | noblacklist ${HOME}/.cache/mirage |
10 | nodeny ${HOME}/.config/mirage | 10 | noblacklist ${HOME}/.config/mirage |
11 | nodeny ${HOME}/.local/share/mirage | 11 | noblacklist ${HOME}/.local/share/mirage |
12 | nodeny /sbin | 12 | noblacklist /sbin |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
@@ -27,10 +27,10 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/.cache/mirage | 27 | mkdir ${HOME}/.cache/mirage |
28 | mkdir ${HOME}/.config/mirage | 28 | mkdir ${HOME}/.config/mirage |
29 | mkdir ${HOME}/.local/share/mirage | 29 | mkdir ${HOME}/.local/share/mirage |
30 | allow ${HOME}/.cache/mirage | 30 | whitelist ${HOME}/.cache/mirage |
31 | allow ${HOME}/.config/mirage | 31 | whitelist ${HOME}/.config/mirage |
32 | allow ${HOME}/.local/share/mirage | 32 | whitelist ${HOME}/.local/share/mirage |
33 | allow ${DOWNLOADS} | 33 | whitelist ${DOWNLOADS} |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
36 | include whitelist-usr-share-common.inc | 36 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mirrormagic.profile b/etc/profile-m-z/mirrormagic.profile index d5ebfd4b0..58dfd56f5 100644 --- a/etc/profile-m-z/mirrormagic.profile +++ b/etc/profile-m-z/mirrormagic.profile | |||
@@ -6,7 +6,7 @@ include mirrormagic.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.mirrormagic | 9 | noblacklist ${HOME}/.mirrormagic |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.mirrormagic | 20 | mkdir ${HOME}/.mirrormagic |
21 | allow ${HOME}/.mirrormagic | 21 | whitelist ${HOME}/.mirrormagic |
22 | allow /usr/share/mirrormagic | 22 | whitelist /usr/share/mirrormagic |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/mocp.profile b/etc/profile-m-z/mocp.profile index b734bd7c0..e71ba4569 100644 --- a/etc/profile-m-z/mocp.profile +++ b/etc/profile-m-z/mocp.profile | |||
@@ -7,8 +7,8 @@ include mocp.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.moc | 10 | noblacklist ${HOME}/.moc |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mousepad.profile b/etc/profile-m-z/mousepad.profile index a02b29b61..98063fa7c 100644 --- a/etc/profile-m-z/mousepad.profile +++ b/etc/profile-m-z/mousepad.profile | |||
@@ -6,7 +6,7 @@ include mousepad.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Mousepad | 9 | noblacklist ${HOME}/.config/Mousepad |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mp3splt-gtk.profile b/etc/profile-m-z/mp3splt-gtk.profile index f47384753..37ce60e04 100644 --- a/etc/profile-m-z/mp3splt-gtk.profile +++ b/etc/profile-m-z/mp3splt-gtk.profile | |||
@@ -6,7 +6,7 @@ include mp3splt-gtk.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.mp3splt-gtk | 9 | noblacklist ${HOME}/.mp3splt-gtk |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mp3splt.profile b/etc/profile-m-z/mp3splt.profile index 8a2ab15bd..070de8451 100644 --- a/etc/profile-m-z/mp3splt.profile +++ b/etc/profile-m-z/mp3splt.profile | |||
@@ -6,9 +6,9 @@ include mp3splt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile index 6994b0429..55a0b5897 100644 --- a/etc/profile-m-z/mpDris2.profile +++ b/etc/profile-m-z/mpDris2.profile | |||
@@ -6,13 +6,13 @@ include mpDris2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mpDris2 | 9 | noblacklist ${HOME}/.config/mpDris2 |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
14 | 14 | ||
15 | nodeny ${MUSIC} | 15 | noblacklist ${MUSIC} |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-programs.inc | |||
23 | include disable-shell.inc | 23 | include disable-shell.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | allow ${MUSIC} | 26 | whitelist ${MUSIC} |
27 | 27 | ||
28 | mkdir ${HOME}/.config/mpDris2 | 28 | mkdir ${HOME}/.config/mpDris2 |
29 | allow ${HOME}/.config/mpDris2 | 29 | whitelist ${HOME}/.config/mpDris2 |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
diff --git a/etc/profile-m-z/mpd.profile b/etc/profile-m-z/mpd.profile index 8b3350ac8..b517d4ab2 100644 --- a/etc/profile-m-z/mpd.profile +++ b/etc/profile-m-z/mpd.profile | |||
@@ -6,10 +6,10 @@ include mpd.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mpd | 9 | noblacklist ${HOME}/.config/mpd |
10 | nodeny ${HOME}/.mpd | 10 | noblacklist ${HOME}/.mpd |
11 | nodeny ${HOME}/.mpdconf | 11 | noblacklist ${HOME}/.mpdconf |
12 | nodeny ${MUSIC} | 12 | noblacklist ${MUSIC} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mpg123.profile b/etc/profile-m-z/mpg123.profile index 03bd44daa..25187e894 100644 --- a/etc/profile-m-z/mpg123.profile +++ b/etc/profile-m-z/mpg123.profile | |||
@@ -7,7 +7,7 @@ include mpg123.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mplayer.profile b/etc/profile-m-z/mplayer.profile index 84754aeb2..5d023b7f1 100644 --- a/etc/profile-m-z/mplayer.profile +++ b/etc/profile-m-z/mplayer.profile | |||
@@ -6,7 +6,7 @@ include mplayer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.mplayer | 9 | noblacklist ${HOME}/.mplayer |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | read-only ${DESKTOP} | 18 | read-only ${DESKTOP} |
19 | mkdir ${HOME}/.mplayer | 19 | mkdir ${HOME}/.mplayer |
20 | allow ${HOME}/.mplayer | 20 | whitelist ${HOME}/.mplayer |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-player-common.inc | 22 | include whitelist-player-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mpsyt.profile b/etc/profile-m-z/mpsyt.profile index d35519103..bfe57a132 100644 --- a/etc/profile-m-z/mpsyt.profile +++ b/etc/profile-m-z/mpsyt.profile | |||
@@ -6,12 +6,12 @@ include mpsyt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mps-youtube | 9 | noblacklist ${HOME}/.config/mps-youtube |
10 | nodeny ${HOME}/.config/mpv | 10 | noblacklist ${HOME}/.config/mpv |
11 | nodeny ${HOME}/.config/youtube-dl | 11 | noblacklist ${HOME}/.config/youtube-dl |
12 | nodeny ${HOME}/.mplayer | 12 | noblacklist ${HOME}/.mplayer |
13 | nodeny ${HOME}/.netrc | 13 | noblacklist ${HOME}/.netrc |
14 | nodeny ${HOME}/mps | 14 | noblacklist ${HOME}/mps |
15 | 15 | ||
16 | # Allow lua (blacklisted by disable-interpreters.inc) | 16 | # Allow lua (blacklisted by disable-interpreters.inc) |
17 | include allow-lua.inc | 17 | include allow-lua.inc |
@@ -20,8 +20,8 @@ include allow-lua.inc | |||
20 | include allow-python2.inc | 20 | include allow-python2.inc |
21 | include allow-python3.inc | 21 | include allow-python3.inc |
22 | 22 | ||
23 | nodeny ${MUSIC} | 23 | noblacklist ${MUSIC} |
24 | nodeny ${VIDEOS} | 24 | noblacklist ${VIDEOS} |
25 | 25 | ||
26 | include disable-common.inc | 26 | include disable-common.inc |
27 | include disable-devel.inc | 27 | include disable-devel.inc |
@@ -37,12 +37,12 @@ mkdir ${HOME}/.config/mpv | |||
37 | mkdir ${HOME}/.config/youtube-dl | 37 | mkdir ${HOME}/.config/youtube-dl |
38 | mkdir ${HOME}/.mplayer | 38 | mkdir ${HOME}/.mplayer |
39 | mkdir ${HOME}/mps | 39 | mkdir ${HOME}/mps |
40 | allow ${HOME}/.config/mps-youtube | 40 | whitelist ${HOME}/.config/mps-youtube |
41 | allow ${HOME}/.config/mpv | 41 | whitelist ${HOME}/.config/mpv |
42 | allow ${HOME}/.config/youtube-dl | 42 | whitelist ${HOME}/.config/youtube-dl |
43 | allow ${HOME}/.mplayer | 43 | whitelist ${HOME}/.mplayer |
44 | allow ${HOME}/.netrc | 44 | whitelist ${HOME}/.netrc |
45 | allow ${HOME}/mps | 45 | whitelist ${HOME}/mps |
46 | include whitelist-common.inc | 46 | include whitelist-common.inc |
47 | include whitelist-player-common.inc | 47 | include whitelist-player-common.inc |
48 | include whitelist-var-common.inc | 48 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index 4ea2dd348..af5c214f7 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile | |||
@@ -24,9 +24,9 @@ include globals.local | |||
24 | #include allow-bin-sh.inc | 24 | #include allow-bin-sh.inc |
25 | #private-bin sh | 25 | #private-bin sh |
26 | 26 | ||
27 | nodeny ${HOME}/.config/mpv | 27 | noblacklist ${HOME}/.config/mpv |
28 | nodeny ${HOME}/.config/youtube-dl | 28 | noblacklist ${HOME}/.config/youtube-dl |
29 | nodeny ${HOME}/.netrc | 29 | noblacklist ${HOME}/.netrc |
30 | 30 | ||
31 | # Allow lua (blacklisted by disable-interpreters.inc) | 31 | # Allow lua (blacklisted by disable-interpreters.inc) |
32 | include allow-lua.inc | 32 | include allow-lua.inc |
@@ -35,7 +35,7 @@ include allow-lua.inc | |||
35 | include allow-python2.inc | 35 | include allow-python2.inc |
36 | include allow-python3.inc | 36 | include allow-python3.inc |
37 | 37 | ||
38 | deny /usr/libexec | 38 | blacklist /usr/libexec |
39 | 39 | ||
40 | include disable-common.inc | 40 | include disable-common.inc |
41 | include disable-devel.inc | 41 | include disable-devel.inc |
@@ -49,14 +49,14 @@ read-only ${DESKTOP} | |||
49 | mkdir ${HOME}/.config/mpv | 49 | mkdir ${HOME}/.config/mpv |
50 | mkdir ${HOME}/.config/youtube-dl | 50 | mkdir ${HOME}/.config/youtube-dl |
51 | mkfile ${HOME}/.netrc | 51 | mkfile ${HOME}/.netrc |
52 | allow ${HOME}/.config/mpv | 52 | whitelist ${HOME}/.config/mpv |
53 | allow ${HOME}/.config/youtube-dl | 53 | whitelist ${HOME}/.config/youtube-dl |
54 | allow ${HOME}/.netrc | 54 | whitelist ${HOME}/.netrc |
55 | include whitelist-common.inc | 55 | include whitelist-common.inc |
56 | include whitelist-player-common.inc | 56 | include whitelist-player-common.inc |
57 | allow /usr/share/lua | 57 | whitelist /usr/share/lua |
58 | allow /usr/share/lua* | 58 | whitelist /usr/share/lua* |
59 | allow /usr/share/vulkan | 59 | whitelist /usr/share/vulkan |
60 | include whitelist-usr-share-common.inc | 60 | include whitelist-usr-share-common.inc |
61 | include whitelist-var-common.inc | 61 | include whitelist-var-common.inc |
62 | 62 | ||
diff --git a/etc/profile-m-z/mrrescue.profile b/etc/profile-m-z/mrrescue.profile index a8c49a690..e3ceb3bd4 100644 --- a/etc/profile-m-z/mrrescue.profile +++ b/etc/profile-m-z/mrrescue.profile | |||
@@ -6,7 +6,7 @@ include mrrescue.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/love | 9 | noblacklist ${HOME}/.local/share/love |
10 | 10 | ||
11 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 11 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
12 | include allow-bin-sh.inc | 12 | include allow-bin-sh.inc |
@@ -14,7 +14,7 @@ include allow-bin-sh.inc | |||
14 | # Allow lua (blacklisted by disable-interpreters.inc) | 14 | # Allow lua (blacklisted by disable-interpreters.inc) |
15 | include allow-lua.inc | 15 | include allow-lua.inc |
16 | 16 | ||
17 | deny /usr/libexec | 17 | blacklist /usr/libexec |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
@@ -26,8 +26,8 @@ include disable-shell.inc | |||
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | mkdir ${HOME}/.local/share/love | 28 | mkdir ${HOME}/.local/share/love |
29 | allow ${HOME}/.local/share/love | 29 | whitelist ${HOME}/.local/share/love |
30 | allow /usr/share/mrrescue | 30 | whitelist /usr/share/mrrescue |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
33 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/ms-excel.profile b/etc/profile-m-z/ms-excel.profile index 5fea86ae7..db24e8f9b 100644 --- a/etc/profile-m-z/ms-excel.profile +++ b/etc/profile-m-z/ms-excel.profile | |||
@@ -6,7 +6,7 @@ include ms-excel.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/ms-excel-online | 9 | noblacklist ${HOME}/.cache/ms-excel-online |
10 | private-bin ms-excel | 10 | private-bin ms-excel |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-office.profile b/etc/profile-m-z/ms-office.profile index 4033627f7..38fc84ecc 100644 --- a/etc/profile-m-z/ms-office.profile +++ b/etc/profile-m-z/ms-office.profile | |||
@@ -5,8 +5,8 @@ include ms-office.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/ms-office-online | 8 | noblacklist ${HOME}/.cache/ms-office-online |
9 | nodeny ${HOME}/.jak | 9 | noblacklist ${HOME}/.jak |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
diff --git a/etc/profile-m-z/ms-onenote.profile b/etc/profile-m-z/ms-onenote.profile index 805de5102..9ea0637bd 100644 --- a/etc/profile-m-z/ms-onenote.profile +++ b/etc/profile-m-z/ms-onenote.profile | |||
@@ -6,7 +6,7 @@ include ms-onenote.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/ms-onenote-online | 9 | noblacklist ${HOME}/.cache/ms-onenote-online |
10 | private-bin ms-onenote | 10 | private-bin ms-onenote |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-outlook.profile b/etc/profile-m-z/ms-outlook.profile index bd14fb7d3..fc3e7c009 100644 --- a/etc/profile-m-z/ms-outlook.profile +++ b/etc/profile-m-z/ms-outlook.profile | |||
@@ -6,7 +6,7 @@ include ms-outlook.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/ms-outlook-online | 9 | noblacklist ${HOME}/.cache/ms-outlook-online |
10 | private-bin ms-outlook | 10 | private-bin ms-outlook |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-powerpoint.profile b/etc/profile-m-z/ms-powerpoint.profile index 02a7424e2..dadcd5b1e 100644 --- a/etc/profile-m-z/ms-powerpoint.profile +++ b/etc/profile-m-z/ms-powerpoint.profile | |||
@@ -6,7 +6,7 @@ include ms-powerpoint.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/ms-powerpoint-online | 9 | noblacklist ${HOME}/.cache/ms-powerpoint-online |
10 | private-bin ms-powerpoint | 10 | private-bin ms-powerpoint |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-skype.profile b/etc/profile-m-z/ms-skype.profile index 01729f9a2..df1618361 100644 --- a/etc/profile-m-z/ms-skype.profile +++ b/etc/profile-m-z/ms-skype.profile | |||
@@ -8,7 +8,7 @@ include ms-skype.local | |||
8 | 8 | ||
9 | ignore novideo | 9 | ignore novideo |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/ms-skype-online | 11 | noblacklist ${HOME}/.cache/ms-skype-online |
12 | 12 | ||
13 | private-bin ms-skype | 13 | private-bin ms-skype |
14 | 14 | ||
diff --git a/etc/profile-m-z/ms-word.profile b/etc/profile-m-z/ms-word.profile index 34cf02128..5a617a893 100644 --- a/etc/profile-m-z/ms-word.profile +++ b/etc/profile-m-z/ms-word.profile | |||
@@ -6,7 +6,7 @@ include ms-word.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/ms-word-online | 9 | noblacklist ${HOME}/.cache/ms-word-online |
10 | private-bin ms-word | 10 | private-bin ms-word |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/mtpaint.profile b/etc/profile-m-z/mtpaint.profile index ec7cd5d04..85c3ee9f2 100644 --- a/etc/profile-m-z/mtpaint.profile +++ b/etc/profile-m-z/mtpaint.profile | |||
@@ -6,7 +6,7 @@ include mtpaint.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/multimc5.profile b/etc/profile-m-z/multimc5.profile index 447e7753f..6df681df1 100644 --- a/etc/profile-m-z/multimc5.profile +++ b/etc/profile-m-z/multimc5.profile | |||
@@ -5,9 +5,9 @@ include multimc5.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.local/share/multimc | 8 | noblacklist ${HOME}/.local/share/multimc |
9 | nodeny ${HOME}/.local/share/multimc5 | 9 | noblacklist ${HOME}/.local/share/multimc5 |
10 | nodeny ${HOME}/.multimc5 | 10 | noblacklist ${HOME}/.multimc5 |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
@@ -22,9 +22,9 @@ include disable-programs.inc | |||
22 | mkdir ${HOME}/.local/share/multimc | 22 | mkdir ${HOME}/.local/share/multimc |
23 | mkdir ${HOME}/.local/share/multimc5 | 23 | mkdir ${HOME}/.local/share/multimc5 |
24 | mkdir ${HOME}/.multimc5 | 24 | mkdir ${HOME}/.multimc5 |
25 | allow ${HOME}/.local/share/multimc | 25 | whitelist ${HOME}/.local/share/multimc |
26 | allow ${HOME}/.local/share/multimc5 | 26 | whitelist ${HOME}/.local/share/multimc5 |
27 | allow ${HOME}/.multimc5 | 27 | whitelist ${HOME}/.multimc5 |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | 29 | ||
30 | caps.drop all | 30 | caps.drop all |
diff --git a/etc/profile-m-z/mumble.profile b/etc/profile-m-z/mumble.profile index 1d72e07b8..c7f59c5ee 100644 --- a/etc/profile-m-z/mumble.profile +++ b/etc/profile-m-z/mumble.profile | |||
@@ -6,9 +6,9 @@ include mumble.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Mumble | 9 | noblacklist ${HOME}/.config/Mumble |
10 | nodeny ${HOME}/.local/share/data/Mumble | 10 | noblacklist ${HOME}/.local/share/data/Mumble |
11 | nodeny ${HOME}/.local/share/Mumble | 11 | noblacklist ${HOME}/.local/share/Mumble |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,9 +21,9 @@ include disable-shell.inc | |||
21 | mkdir ${HOME}/.config/Mumble | 21 | mkdir ${HOME}/.config/Mumble |
22 | mkdir ${HOME}/.local/share/data/Mumble | 22 | mkdir ${HOME}/.local/share/data/Mumble |
23 | mkdir ${HOME}/.local/share/Mumble | 23 | mkdir ${HOME}/.local/share/Mumble |
24 | allow ${HOME}/.config/Mumble | 24 | whitelist ${HOME}/.config/Mumble |
25 | allow ${HOME}/.local/share/data/Mumble | 25 | whitelist ${HOME}/.local/share/data/Mumble |
26 | allow ${HOME}/.local/share/Mumble | 26 | whitelist ${HOME}/.local/share/Mumble |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/mupdf-gl.profile b/etc/profile-m-z/mupdf-gl.profile index c208a5e54..be94a9083 100644 --- a/etc/profile-m-z/mupdf-gl.profile +++ b/etc/profile-m-z/mupdf-gl.profile | |||
@@ -7,7 +7,7 @@ include mupdf-gl.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.mupdf.history | 10 | noblacklist ${HOME}/.mupdf.history |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
13 | include mupdf.profile | 13 | include mupdf.profile |
diff --git a/etc/profile-m-z/mupdf.profile b/etc/profile-m-z/mupdf.profile index e602b1429..9e4609c48 100644 --- a/etc/profile-m-z/mupdf.profile +++ b/etc/profile-m-z/mupdf.profile | |||
@@ -6,7 +6,7 @@ include mupdf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mupen64plus.profile b/etc/profile-m-z/mupen64plus.profile index ecc7e2957..00983a8f3 100644 --- a/etc/profile-m-z/mupen64plus.profile +++ b/etc/profile-m-z/mupen64plus.profile | |||
@@ -6,8 +6,8 @@ include mupen64plus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/mupen64plus | 9 | noblacklist ${HOME}/.config/mupen64plus |
10 | nodeny ${HOME}/.local/share/mupen64plus | 10 | noblacklist ${HOME}/.local/share/mupen64plus |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | # you'll need to manually whitelist ROM files | 18 | # you'll need to manually whitelist ROM files |
19 | mkdir ${HOME}/.config/mupen64plus | 19 | mkdir ${HOME}/.config/mupen64plus |
20 | mkdir ${HOME}/.local/share/mupen64plus | 20 | mkdir ${HOME}/.local/share/mupen64plus |
21 | allow ${HOME}/.config/mupen64plus | 21 | whitelist ${HOME}/.config/mupen64plus |
22 | allow ${HOME}/.local/share/mupen64plus | 22 | whitelist ${HOME}/.local/share/mupen64plus |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | 24 | ||
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-m-z/musescore.profile b/etc/profile-m-z/musescore.profile index aa141f9c0..679e82ae8 100644 --- a/etc/profile-m-z/musescore.profile +++ b/etc/profile-m-z/musescore.profile | |||
@@ -6,12 +6,12 @@ include musescore.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/MusE | 9 | noblacklist ${HOME}/.config/MusE |
10 | nodeny ${HOME}/.config/MuseScore | 10 | noblacklist ${HOME}/.config/MuseScore |
11 | nodeny ${HOME}/.local/share/data/MusE | 11 | noblacklist ${HOME}/.local/share/data/MusE |
12 | nodeny ${HOME}/.local/share/data/MuseScore | 12 | noblacklist ${HOME}/.local/share/data/MuseScore |
13 | nodeny ${DOCUMENTS} | 13 | noblacklist ${DOCUMENTS} |
14 | nodeny ${MUSIC} | 14 | noblacklist ${MUSIC} |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-m-z/musictube.profile b/etc/profile-m-z/musictube.profile index 5ab1303a2..04500ac6a 100644 --- a/etc/profile-m-z/musictube.profile +++ b/etc/profile-m-z/musictube.profile | |||
@@ -6,9 +6,9 @@ include musictube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Flavio Tordini | 9 | noblacklist ${HOME}/.cache/Flavio Tordini |
10 | nodeny ${HOME}/.config/Flavio Tordini | 10 | noblacklist ${HOME}/.config/Flavio Tordini |
11 | nodeny ${HOME}/.local/share/Flavio Tordini | 11 | noblacklist ${HOME}/.local/share/Flavio Tordini |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,10 +22,10 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/Flavio Tordini | 22 | mkdir ${HOME}/.cache/Flavio Tordini |
23 | mkdir ${HOME}/.config/Flavio Tordini | 23 | mkdir ${HOME}/.config/Flavio Tordini |
24 | mkdir ${HOME}/.local/share/Flavio Tordini | 24 | mkdir ${HOME}/.local/share/Flavio Tordini |
25 | allow ${HOME}/.cache/Flavio Tordini | 25 | whitelist ${HOME}/.cache/Flavio Tordini |
26 | allow ${HOME}/.config/Flavio Tordini | 26 | whitelist ${HOME}/.config/Flavio Tordini |
27 | allow ${HOME}/.local/share/Flavio Tordini | 27 | whitelist ${HOME}/.local/share/Flavio Tordini |
28 | allow /usr/share/musictube | 28 | whitelist /usr/share/musictube |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/musixmatch.profile b/etc/profile-m-z/musixmatch.profile index 9390f9dcf..74b3e9a5f 100644 --- a/etc/profile-m-z/musixmatch.profile +++ b/etc/profile-m-z/musixmatch.profile | |||
@@ -5,7 +5,7 @@ include musixmatch.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${MUSIC} | 8 | noblacklist ${MUSIC} |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index 91606bdfa..debf81659 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile | |||
@@ -7,36 +7,36 @@ include mutt.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny /var/mail | 10 | noblacklist /var/mail |
11 | nodeny /var/spool/mail | 11 | noblacklist /var/spool/mail |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | nodeny ${HOME}/.Mail | 13 | noblacklist ${HOME}/.Mail |
14 | nodeny ${HOME}/.bogofilter | 14 | noblacklist ${HOME}/.bogofilter |
15 | nodeny ${HOME}/.cache/mutt | 15 | noblacklist ${HOME}/.cache/mutt |
16 | nodeny ${HOME}/.config/mutt | 16 | noblacklist ${HOME}/.config/mutt |
17 | nodeny ${HOME}/.config/nano | 17 | noblacklist ${HOME}/.config/nano |
18 | nodeny ${HOME}/.elinks | 18 | noblacklist ${HOME}/.elinks |
19 | nodeny ${HOME}/.emacs | 19 | noblacklist ${HOME}/.emacs |
20 | nodeny ${HOME}/.emacs.d | 20 | noblacklist ${HOME}/.emacs.d |
21 | nodeny ${HOME}/.gnupg | 21 | noblacklist ${HOME}/.gnupg |
22 | nodeny ${HOME}/.mail | 22 | noblacklist ${HOME}/.mail |
23 | nodeny ${HOME}/.mailcap | 23 | noblacklist ${HOME}/.mailcap |
24 | nodeny ${HOME}/.msmtprc | 24 | noblacklist ${HOME}/.msmtprc |
25 | nodeny ${HOME}/.mutt | 25 | noblacklist ${HOME}/.mutt |
26 | nodeny ${HOME}/.muttrc | 26 | noblacklist ${HOME}/.muttrc |
27 | nodeny ${HOME}/.nanorc | 27 | noblacklist ${HOME}/.nanorc |
28 | nodeny ${HOME}/.signature | 28 | noblacklist ${HOME}/.signature |
29 | nodeny ${HOME}/.vim | 29 | noblacklist ${HOME}/.vim |
30 | nodeny ${HOME}/.viminfo | 30 | noblacklist ${HOME}/.viminfo |
31 | nodeny ${HOME}/.vimrc | 31 | noblacklist ${HOME}/.vimrc |
32 | nodeny ${HOME}/.w3m | 32 | noblacklist ${HOME}/.w3m |
33 | nodeny ${HOME}/Mail | 33 | noblacklist ${HOME}/Mail |
34 | nodeny ${HOME}/mail | 34 | noblacklist ${HOME}/mail |
35 | nodeny ${HOME}/postponed | 35 | noblacklist ${HOME}/postponed |
36 | nodeny ${HOME}/sent | 36 | noblacklist ${HOME}/sent |
37 | 37 | ||
38 | deny /tmp/.X11-unix | 38 | blacklist /tmp/.X11-unix |
39 | deny ${RUNUSER}/wayland-* | 39 | blacklist ${RUNUSER}/wayland-* |
40 | 40 | ||
41 | # Add the next lines to your mutt.local for oauth.py,S/MIME support. | 41 | # Add the next lines to your mutt.local for oauth.py,S/MIME support. |
42 | #include allow-perl.inc | 42 | #include allow-perl.inc |
@@ -75,37 +75,37 @@ mkfile ${HOME}/.nanorc | |||
75 | mkfile ${HOME}/.signature | 75 | mkfile ${HOME}/.signature |
76 | mkfile ${HOME}/.viminfo | 76 | mkfile ${HOME}/.viminfo |
77 | mkfile ${HOME}/.vimrc | 77 | mkfile ${HOME}/.vimrc |
78 | allow ${DOCUMENTS} | 78 | whitelist ${DOCUMENTS} |
79 | allow ${DOWNLOADS} | 79 | whitelist ${DOWNLOADS} |
80 | allow ${HOME}/.Mail | 80 | whitelist ${HOME}/.Mail |
81 | allow ${HOME}/.bogofilter | 81 | whitelist ${HOME}/.bogofilter |
82 | allow ${HOME}/.cache/mutt | 82 | whitelist ${HOME}/.cache/mutt |
83 | allow ${HOME}/.config/mutt | 83 | whitelist ${HOME}/.config/mutt |
84 | allow ${HOME}/.config/nano | 84 | whitelist ${HOME}/.config/nano |
85 | allow ${HOME}/.elinks | 85 | whitelist ${HOME}/.elinks |
86 | allow ${HOME}/.emacs | 86 | whitelist ${HOME}/.emacs |
87 | allow ${HOME}/.emacs.d | 87 | whitelist ${HOME}/.emacs.d |
88 | allow ${HOME}/.gnupg | 88 | whitelist ${HOME}/.gnupg |
89 | allow ${HOME}/.mail | 89 | whitelist ${HOME}/.mail |
90 | allow ${HOME}/.mailcap | 90 | whitelist ${HOME}/.mailcap |
91 | allow ${HOME}/.msmtprc | 91 | whitelist ${HOME}/.msmtprc |
92 | allow ${HOME}/.mutt | 92 | whitelist ${HOME}/.mutt |
93 | allow ${HOME}/.muttrc | 93 | whitelist ${HOME}/.muttrc |
94 | allow ${HOME}/.nanorc | 94 | whitelist ${HOME}/.nanorc |
95 | allow ${HOME}/.signature | 95 | whitelist ${HOME}/.signature |
96 | allow ${HOME}/.vim | 96 | whitelist ${HOME}/.vim |
97 | allow ${HOME}/.viminfo | 97 | whitelist ${HOME}/.viminfo |
98 | allow ${HOME}/.vimrc | 98 | whitelist ${HOME}/.vimrc |
99 | allow ${HOME}/.w3m | 99 | whitelist ${HOME}/.w3m |
100 | allow ${HOME}/Mail | 100 | whitelist ${HOME}/Mail |
101 | allow ${HOME}/mail | 101 | whitelist ${HOME}/mail |
102 | allow ${HOME}/postponed | 102 | whitelist ${HOME}/postponed |
103 | allow ${HOME}/sent | 103 | whitelist ${HOME}/sent |
104 | allow /usr/share/gnupg | 104 | whitelist /usr/share/gnupg |
105 | allow /usr/share/gnupg2 | 105 | whitelist /usr/share/gnupg2 |
106 | allow /usr/share/mutt | 106 | whitelist /usr/share/mutt |
107 | allow /var/mail | 107 | whitelist /var/mail |
108 | allow /var/spool/mail | 108 | whitelist /var/spool/mail |
109 | include whitelist-common.inc | 109 | include whitelist-common.inc |
110 | include whitelist-runuser-common.inc | 110 | include whitelist-runuser-common.inc |
111 | include whitelist-usr-share-common.inc | 111 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mypaint.profile b/etc/profile-m-z/mypaint.profile index 19af47498..d8d487fe7 100644 --- a/etc/profile-m-z/mypaint.profile +++ b/etc/profile-m-z/mypaint.profile | |||
@@ -6,10 +6,10 @@ include mypaint.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/mypaint | 9 | noblacklist ${HOME}/.cache/mypaint |
10 | nodeny ${HOME}/.config/mypaint | 10 | noblacklist ${HOME}/.config/mypaint |
11 | nodeny ${HOME}/.local/share/mypaint | 11 | noblacklist ${HOME}/.local/share/mypaint |
12 | nodeny ${PICTURES} | 12 | noblacklist ${PICTURES} |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile index f0553bed5..4698c2287 100644 --- a/etc/profile-m-z/nano.profile +++ b/etc/profile-m-z/nano.profile | |||
@@ -7,10 +7,10 @@ include nano.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | nodeny ${HOME}/.config/nano | 12 | noblacklist ${HOME}/.config/nano |
13 | nodeny ${HOME}/.nanorc | 13 | noblacklist ${HOME}/.nanorc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | allow /usr/share/nano | 22 | whitelist /usr/share/nano |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | 24 | ||
25 | apparmor | 25 | apparmor |
diff --git a/etc/profile-m-z/natron.profile b/etc/profile-m-z/natron.profile index 35d152748..5bf152f84 100644 --- a/etc/profile-m-z/natron.profile +++ b/etc/profile-m-z/natron.profile | |||
@@ -5,9 +5,9 @@ include natron.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.Natron | 8 | noblacklist ${HOME}/.Natron |
9 | nodeny ${HOME}/.cache/INRIA/Natron | 9 | noblacklist ${HOME}/.cache/INRIA/Natron |
10 | nodeny ${HOME}/.config/INRIA | 10 | noblacklist ${HOME}/.config/INRIA |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/ncdu.profile b/etc/profile-m-z/ncdu.profile index 38646dc90..063e30366 100644 --- a/etc/profile-m-z/ncdu.profile +++ b/etc/profile-m-z/ncdu.profile | |||
@@ -6,7 +6,7 @@ include ncdu.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | include disable-exec.inc | 11 | include disable-exec.inc |
12 | 12 | ||
diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index ceb885908..9f00448c8 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile | |||
@@ -6,12 +6,12 @@ include neochat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/KDE/neochat | 9 | noblacklist ${HOME}/.cache/KDE/neochat |
10 | nodeny ${HOME}/.config/KDE | 10 | noblacklist ${HOME}/.config/KDE |
11 | nodeny ${HOME}/.config/KDE/neochat | 11 | noblacklist ${HOME}/.config/KDE/neochat |
12 | nodeny ${HOME}/.config/neochatrc | 12 | noblacklist ${HOME}/.config/neochatrc |
13 | nodeny ${HOME}/.config/neochat.notifyrc | 13 | noblacklist ${HOME}/.config/neochat.notifyrc |
14 | nodeny ${HOME}/.local/share/KDE/neochat | 14 | noblacklist ${HOME}/.local/share/KDE/neochat |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -24,9 +24,9 @@ include disable-xdg.inc | |||
24 | 24 | ||
25 | mkdir ${HOME}/.cache/KDE/neochat | 25 | mkdir ${HOME}/.cache/KDE/neochat |
26 | mkdir ${HOME}/.local/share/KDE/neochat | 26 | mkdir ${HOME}/.local/share/KDE/neochat |
27 | allow ${HOME}/.cache/KDE/neochat | 27 | whitelist ${HOME}/.cache/KDE/neochat |
28 | allow ${HOME}/.local/share/KDE/neochat | 28 | whitelist ${HOME}/.local/share/KDE/neochat |
29 | allow ${DOWNLOADS} | 29 | whitelist ${DOWNLOADS} |
30 | include whitelist-1793-workaround.inc | 30 | include whitelist-1793-workaround.inc |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index 939d6f111..fafa129e4 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile | |||
@@ -7,38 +7,38 @@ include neomutt.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${HOME}/.Mail | 11 | noblacklist ${HOME}/.Mail |
12 | nodeny ${HOME}/.bogofilter | 12 | noblacklist ${HOME}/.bogofilter |
13 | nodeny ${HOME}/.config/mutt | 13 | noblacklist ${HOME}/.config/mutt |
14 | nodeny ${HOME}/.config/nano | 14 | noblacklist ${HOME}/.config/nano |
15 | nodeny ${HOME}/.config/neomutt | 15 | noblacklist ${HOME}/.config/neomutt |
16 | nodeny ${HOME}/.elinks | 16 | noblacklist ${HOME}/.elinks |
17 | nodeny ${HOME}/.emacs | 17 | noblacklist ${HOME}/.emacs |
18 | nodeny ${HOME}/.emacs.d | 18 | noblacklist ${HOME}/.emacs.d |
19 | nodeny ${HOME}/.gnupg | 19 | noblacklist ${HOME}/.gnupg |
20 | nodeny ${HOME}/.mail | 20 | noblacklist ${HOME}/.mail |
21 | nodeny ${HOME}/.mailcap | 21 | noblacklist ${HOME}/.mailcap |
22 | nodeny ${HOME}/.msmtprc | 22 | noblacklist ${HOME}/.msmtprc |
23 | nodeny ${HOME}/.mutt | 23 | noblacklist ${HOME}/.mutt |
24 | nodeny ${HOME}/.muttrc | 24 | noblacklist ${HOME}/.muttrc |
25 | nodeny ${HOME}/.nanorc | 25 | noblacklist ${HOME}/.nanorc |
26 | nodeny ${HOME}/.neomutt | 26 | noblacklist ${HOME}/.neomutt |
27 | nodeny ${HOME}/.neomuttrc | 27 | noblacklist ${HOME}/.neomuttrc |
28 | nodeny ${HOME}/.signature | 28 | noblacklist ${HOME}/.signature |
29 | nodeny ${HOME}/.vim | 29 | noblacklist ${HOME}/.vim |
30 | nodeny ${HOME}/.viminfo | 30 | noblacklist ${HOME}/.viminfo |
31 | nodeny ${HOME}/.vimrc | 31 | noblacklist ${HOME}/.vimrc |
32 | nodeny ${HOME}/.w3m | 32 | noblacklist ${HOME}/.w3m |
33 | nodeny ${HOME}/Mail | 33 | noblacklist ${HOME}/Mail |
34 | nodeny ${HOME}/mail | 34 | noblacklist ${HOME}/mail |
35 | nodeny ${HOME}/postponed | 35 | noblacklist ${HOME}/postponed |
36 | nodeny ${HOME}/sent | 36 | noblacklist ${HOME}/sent |
37 | nodeny /var/mail | 37 | noblacklist /var/mail |
38 | nodeny /var/spool/mail | 38 | noblacklist /var/spool/mail |
39 | 39 | ||
40 | deny /tmp/.X11-unix | 40 | blacklist /tmp/.X11-unix |
41 | deny ${RUNUSER}/wayland-* | 41 | blacklist ${RUNUSER}/wayland-* |
42 | 42 | ||
43 | include allow-lua.inc | 43 | include allow-lua.inc |
44 | 44 | ||
@@ -76,39 +76,39 @@ mkfile ${HOME}/.neomuttrc | |||
76 | mkfile ${HOME}/.signature | 76 | mkfile ${HOME}/.signature |
77 | mkfile ${HOME}/.viminfo | 77 | mkfile ${HOME}/.viminfo |
78 | mkfile ${HOME}/.vimrc | 78 | mkfile ${HOME}/.vimrc |
79 | allow ${DOCUMENTS} | 79 | whitelist ${DOCUMENTS} |
80 | allow ${DOWNLOADS} | 80 | whitelist ${DOWNLOADS} |
81 | allow ${HOME}/.Mail | 81 | whitelist ${HOME}/.Mail |
82 | allow ${HOME}/.bogofilter | 82 | whitelist ${HOME}/.bogofilter |
83 | allow ${HOME}/.config/mutt | 83 | whitelist ${HOME}/.config/mutt |
84 | allow ${HOME}/.config/nano | 84 | whitelist ${HOME}/.config/nano |
85 | allow ${HOME}/.config/neomutt | 85 | whitelist ${HOME}/.config/neomutt |
86 | allow ${HOME}/.elinks | 86 | whitelist ${HOME}/.elinks |
87 | allow ${HOME}/.emacs | 87 | whitelist ${HOME}/.emacs |
88 | allow ${HOME}/.emacs.d | 88 | whitelist ${HOME}/.emacs.d |
89 | allow ${HOME}/.gnupg | 89 | whitelist ${HOME}/.gnupg |
90 | allow ${HOME}/.mail | 90 | whitelist ${HOME}/.mail |
91 | allow ${HOME}/.mailcap | 91 | whitelist ${HOME}/.mailcap |
92 | allow ${HOME}/.msmtprc | 92 | whitelist ${HOME}/.msmtprc |
93 | allow ${HOME}/.mutt | 93 | whitelist ${HOME}/.mutt |
94 | allow ${HOME}/.muttrc | 94 | whitelist ${HOME}/.muttrc |
95 | allow ${HOME}/.nanorc | 95 | whitelist ${HOME}/.nanorc |
96 | allow ${HOME}/.neomutt | 96 | whitelist ${HOME}/.neomutt |
97 | allow ${HOME}/.neomuttrc | 97 | whitelist ${HOME}/.neomuttrc |
98 | allow ${HOME}/.signature | 98 | whitelist ${HOME}/.signature |
99 | allow ${HOME}/.vim | 99 | whitelist ${HOME}/.vim |
100 | allow ${HOME}/.viminfo | 100 | whitelist ${HOME}/.viminfo |
101 | allow ${HOME}/.vimrc | 101 | whitelist ${HOME}/.vimrc |
102 | allow ${HOME}/.w3m | 102 | whitelist ${HOME}/.w3m |
103 | allow ${HOME}/Mail | 103 | whitelist ${HOME}/Mail |
104 | allow ${HOME}/mail | 104 | whitelist ${HOME}/mail |
105 | allow ${HOME}/postponed | 105 | whitelist ${HOME}/postponed |
106 | allow ${HOME}/sent | 106 | whitelist ${HOME}/sent |
107 | allow /usr/share/gnupg | 107 | whitelist /usr/share/gnupg |
108 | allow /usr/share/gnupg2 | 108 | whitelist /usr/share/gnupg2 |
109 | allow /usr/share/neomutt | 109 | whitelist /usr/share/neomutt |
110 | allow /var/mail | 110 | whitelist /var/mail |
111 | allow /var/spool/mail | 111 | whitelist /var/spool/mail |
112 | include whitelist-common.inc | 112 | include whitelist-common.inc |
113 | include whitelist-runuser-common.inc | 113 | include whitelist-runuser-common.inc |
114 | include whitelist-usr-share-common.inc | 114 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile index 68297c110..5d45dd7bc 100644 --- a/etc/profile-m-z/netactview.profile +++ b/etc/profile-m-z/netactview.profile | |||
@@ -6,7 +6,7 @@ include netactview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.netactview | 9 | noblacklist ${HOME}/.netactview |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/.netactview | 20 | mkfile ${HOME}/.netactview |
21 | allow ${HOME}/.netactview | 21 | whitelist ${HOME}/.netactview |
22 | allow /usr/share/netactview | 22 | whitelist /usr/share/netactview |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/nethack-vultures.profile b/etc/profile-m-z/nethack-vultures.profile index d5bf8a52a..c9a537370 100644 --- a/etc/profile-m-z/nethack-vultures.profile +++ b/etc/profile-m-z/nethack-vultures.profile | |||
@@ -6,7 +6,7 @@ include nethack.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.vultures | 9 | noblacklist ${HOME}/.vultures |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.vultures | 18 | mkdir ${HOME}/.vultures |
19 | allow ${HOME}/.vultures | 19 | whitelist ${HOME}/.vultures |
20 | allow /var/log/vultures | 20 | whitelist /var/log/vultures |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/nethack.profile b/etc/profile-m-z/nethack.profile index 23b57bb52..b57abe260 100644 --- a/etc/profile-m-z/nethack.profile +++ b/etc/profile-m-z/nethack.profile | |||
@@ -6,7 +6,7 @@ include nethack.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /var/games/nethack | 9 | noblacklist /var/games/nethack |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -15,7 +15,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | allow /var/games/nethack | 18 | whitelist /var/games/nethack |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/netsurf.profile b/etc/profile-m-z/netsurf.profile index b099d6f0c..0ddb7bbbe 100644 --- a/etc/profile-m-z/netsurf.profile +++ b/etc/profile-m-z/netsurf.profile | |||
@@ -6,8 +6,8 @@ include netsurf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/netsurf | 9 | noblacklist ${HOME}/.cache/netsurf |
10 | nodeny ${HOME}/.config/netsurf | 10 | noblacklist ${HOME}/.config/netsurf |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-programs.inc | |||
16 | 16 | ||
17 | mkdir ${HOME}/.cache/netsurf | 17 | mkdir ${HOME}/.cache/netsurf |
18 | mkdir ${HOME}/.config/netsurf | 18 | mkdir ${HOME}/.config/netsurf |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.cache/netsurf | 20 | whitelist ${HOME}/.cache/netsurf |
21 | allow ${HOME}/.config/netsurf | 21 | whitelist ${HOME}/.config/netsurf |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/neverball.profile b/etc/profile-m-z/neverball.profile index dad90a66c..ecfbb14e4 100644 --- a/etc/profile-m-z/neverball.profile +++ b/etc/profile-m-z/neverball.profile | |||
@@ -6,7 +6,7 @@ include neverball.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.neverball | 9 | noblacklist ${HOME}/.neverball |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.neverball | 20 | mkdir ${HOME}/.neverball |
21 | allow ${HOME}/.neverball | 21 | whitelist ${HOME}/.neverball |
22 | allow /usr/share/neverball | 22 | whitelist /usr/share/neverball |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/newsbeuter.profile b/etc/profile-m-z/newsbeuter.profile index c26ba4be0..6efb19502 100644 --- a/etc/profile-m-z/newsbeuter.profile +++ b/etc/profile-m-z/newsbeuter.profile | |||
@@ -11,15 +11,15 @@ ignore include newsboat.local | |||
11 | ignore mkdir ${HOME}/.config/newsboat | 11 | ignore mkdir ${HOME}/.config/newsboat |
12 | ignore mkdir ${HOME}/.local/share/newsboat | 12 | ignore mkdir ${HOME}/.local/share/newsboat |
13 | ignore mkdir ${HOME}/.newsboat | 13 | ignore mkdir ${HOME}/.newsboat |
14 | deny ${PATH}/newsboat | 14 | blacklist ${PATH}/newsboat |
15 | 15 | ||
16 | deny ${HOME}/.config/newsboat | 16 | blacklist ${HOME}/.config/newsboat |
17 | deny ${HOME}/.local/share/newsboat | 17 | blacklist ${HOME}/.local/share/newsboat |
18 | deny ${HOME}/.newsboat | 18 | blacklist ${HOME}/.newsboat |
19 | 19 | ||
20 | noallow ${HOME}/.config/newsboat | 20 | nowhitelist ${HOME}/.config/newsboat |
21 | noallow ${HOME}/.local/share/newsboat | 21 | nowhitelist ${HOME}/.local/share/newsboat |
22 | noallow ${HOME}/.newsboat | 22 | nowhitelist ${HOME}/.newsboat |
23 | 23 | ||
24 | mkdir ${HOME}/.config/newsbeuter | 24 | mkdir ${HOME}/.config/newsbeuter |
25 | mkdir ${HOME}/.local/share/newsbeuter | 25 | mkdir ${HOME}/.local/share/newsbeuter |
diff --git a/etc/profile-m-z/newsboat.profile b/etc/profile-m-z/newsboat.profile index e34752b55..13bc3a615 100644 --- a/etc/profile-m-z/newsboat.profile +++ b/etc/profile-m-z/newsboat.profile | |||
@@ -6,12 +6,12 @@ include newsboat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/newsbeuter | 9 | noblacklist ${HOME}/.config/newsbeuter |
10 | nodeny ${HOME}/.config/newsboat | 10 | noblacklist ${HOME}/.config/newsboat |
11 | nodeny ${HOME}/.local/share/newsbeuter | 11 | noblacklist ${HOME}/.local/share/newsbeuter |
12 | nodeny ${HOME}/.local/share/newsboat | 12 | noblacklist ${HOME}/.local/share/newsboat |
13 | nodeny ${HOME}/.newsbeuter | 13 | noblacklist ${HOME}/.newsbeuter |
14 | nodeny ${HOME}/.newsboat | 14 | noblacklist ${HOME}/.newsboat |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -24,12 +24,12 @@ include disable-xdg.inc | |||
24 | mkdir ${HOME}/.config/newsboat | 24 | mkdir ${HOME}/.config/newsboat |
25 | mkdir ${HOME}/.local/share/newsboat | 25 | mkdir ${HOME}/.local/share/newsboat |
26 | mkdir ${HOME}/.newsboat | 26 | mkdir ${HOME}/.newsboat |
27 | allow ${HOME}/.config/newsbeuter | 27 | whitelist ${HOME}/.config/newsbeuter |
28 | allow ${HOME}/.config/newsboat | 28 | whitelist ${HOME}/.config/newsboat |
29 | allow ${HOME}/.local/share/newsbeuter | 29 | whitelist ${HOME}/.local/share/newsbeuter |
30 | allow ${HOME}/.local/share/newsboat | 30 | whitelist ${HOME}/.local/share/newsboat |
31 | allow ${HOME}/.newsbeuter | 31 | whitelist ${HOME}/.newsbeuter |
32 | allow ${HOME}/.newsboat | 32 | whitelist ${HOME}/.newsboat |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/newsflash.profile b/etc/profile-m-z/newsflash.profile index 273628ea2..18d8c6ed4 100644 --- a/etc/profile-m-z/newsflash.profile +++ b/etc/profile-m-z/newsflash.profile | |||
@@ -6,9 +6,9 @@ include newsflash.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/NewsFlashGTK | 9 | noblacklist ${HOME}/.cache/NewsFlashGTK |
10 | nodeny ${HOME}/.config/news-flash | 10 | noblacklist ${HOME}/.config/news-flash |
11 | nodeny ${HOME}/.local/share/news-flash | 11 | noblacklist ${HOME}/.local/share/news-flash |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/NewsFlashGTK | 22 | mkdir ${HOME}/.cache/NewsFlashGTK |
23 | mkdir ${HOME}/.config/news-flash | 23 | mkdir ${HOME}/.config/news-flash |
24 | mkdir ${HOME}/.local/share/news-flash | 24 | mkdir ${HOME}/.local/share/news-flash |
25 | allow ${HOME}/.cache/NewsFlashGTK | 25 | whitelist ${HOME}/.cache/NewsFlashGTK |
26 | allow ${HOME}/.config/news-flash | 26 | whitelist ${HOME}/.config/news-flash |
27 | allow ${HOME}/.local/share/news-flash | 27 | whitelist ${HOME}/.local/share/news-flash |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile index 7ba46691d..9fd76fbe7 100644 --- a/etc/profile-m-z/nextcloud.profile +++ b/etc/profile-m-z/nextcloud.profile | |||
@@ -6,9 +6,9 @@ include nextcloud.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/Nextcloud | 9 | noblacklist ${HOME}/Nextcloud |
10 | nodeny ${HOME}/.config/Nextcloud | 10 | noblacklist ${HOME}/.config/Nextcloud |
11 | nodeny ${HOME}/.local/share/Nextcloud | 11 | noblacklist ${HOME}/.local/share/Nextcloud |
12 | # Add the next lines to your nextcloud.local to allow sync in more directories. | 12 | # Add the next lines to your nextcloud.local to allow sync in more directories. |
13 | #noblacklist ${DOCUMENTS} | 13 | #noblacklist ${DOCUMENTS} |
14 | #noblacklist ${MUSIC} | 14 | #noblacklist ${MUSIC} |
@@ -27,9 +27,9 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/Nextcloud | 27 | mkdir ${HOME}/Nextcloud |
28 | mkdir ${HOME}/.config/Nextcloud | 28 | mkdir ${HOME}/.config/Nextcloud |
29 | mkdir ${HOME}/.local/share/Nextcloud | 29 | mkdir ${HOME}/.local/share/Nextcloud |
30 | allow ${HOME}/Nextcloud | 30 | whitelist ${HOME}/Nextcloud |
31 | allow ${HOME}/.config/Nextcloud | 31 | whitelist ${HOME}/.config/Nextcloud |
32 | allow ${HOME}/.local/share/Nextcloud | 32 | whitelist ${HOME}/.local/share/Nextcloud |
33 | # Add the next lines to your nextcloud.local to allow sync in more directories. | 33 | # Add the next lines to your nextcloud.local to allow sync in more directories. |
34 | #whitelist ${DOCUMENTS} | 34 | #whitelist ${DOCUMENTS} |
35 | #whitelist ${MUSIC} | 35 | #whitelist ${MUSIC} |
diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile index 0149e0737..f8062891c 100644 --- a/etc/profile-m-z/nheko.profile +++ b/etc/profile-m-z/nheko.profile | |||
@@ -6,9 +6,9 @@ include nheko.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/nheko | 9 | noblacklist ${HOME}/.cache/nheko |
10 | nodeny ${HOME}/.config/nheko | 10 | noblacklist ${HOME}/.config/nheko |
11 | nodeny ${HOME}/.local/share/nheko | 11 | noblacklist ${HOME}/.local/share/nheko |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,10 +22,10 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/nheko | 22 | mkdir ${HOME}/.cache/nheko |
23 | mkdir ${HOME}/.config/nheko | 23 | mkdir ${HOME}/.config/nheko |
24 | mkdir ${HOME}/.local/share/nheko | 24 | mkdir ${HOME}/.local/share/nheko |
25 | allow ${HOME}/.cache/nheko | 25 | whitelist ${HOME}/.cache/nheko |
26 | allow ${HOME}/.config/nheko | 26 | whitelist ${HOME}/.config/nheko |
27 | allow ${HOME}/.local/share/nheko | 27 | whitelist ${HOME}/.local/share/nheko |
28 | allow ${DOWNLOADS} | 28 | whitelist ${DOWNLOADS} |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/nicotine.profile b/etc/profile-m-z/nicotine.profile index b31a7babf..1c7dbc009 100644 --- a/etc/profile-m-z/nicotine.profile +++ b/etc/profile-m-z/nicotine.profile | |||
@@ -6,7 +6,7 @@ include nicotine.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.nicotine | 9 | noblacklist ${HOME}/.nicotine |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -21,9 +21,9 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.nicotine | 23 | mkdir ${HOME}/.nicotine |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | allow ${HOME}/.nicotine | 25 | whitelist ${HOME}/.nicotine |
26 | allow /usr/share/GeoIP | 26 | whitelist /usr/share/GeoIP |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/nitroshare.profile b/etc/profile-m-z/nitroshare.profile index 70fffd5d4..8dba84f02 100644 --- a/etc/profile-m-z/nitroshare.profile +++ b/etc/profile-m-z/nitroshare.profile | |||
@@ -6,8 +6,8 @@ include nitroshare.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Nathan Osman | 9 | noblacklist ${HOME}/.config/Nathan Osman |
10 | nodeny ${HOME}/.config/NitroShare | 10 | noblacklist ${HOME}/.config/NitroShare |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile index 7981ba6ae..fa69f9214 100644 --- a/etc/profile-m-z/nodejs-common.profile +++ b/etc/profile-m-z/nodejs-common.profile | |||
@@ -7,22 +7,22 @@ include nodejs-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | ignore read-only ${HOME}/.npm-packages | 13 | ignore read-only ${HOME}/.npm-packages |
14 | ignore read-only ${HOME}/.npmrc | 14 | ignore read-only ${HOME}/.npmrc |
15 | ignore read-only ${HOME}/.nvm | 15 | ignore read-only ${HOME}/.nvm |
16 | ignore read-only ${HOME}/.yarnrc | 16 | ignore read-only ${HOME}/.yarnrc |
17 | 17 | ||
18 | nodeny ${HOME}/.node-gyp | 18 | noblacklist ${HOME}/.node-gyp |
19 | nodeny ${HOME}/.npm | 19 | noblacklist ${HOME}/.npm |
20 | nodeny ${HOME}/.npmrc | 20 | noblacklist ${HOME}/.npmrc |
21 | nodeny ${HOME}/.nvm | 21 | noblacklist ${HOME}/.nvm |
22 | nodeny ${HOME}/.yarn | 22 | noblacklist ${HOME}/.yarn |
23 | nodeny ${HOME}/.yarn-config | 23 | noblacklist ${HOME}/.yarn-config |
24 | nodeny ${HOME}/.yarncache | 24 | noblacklist ${HOME}/.yarncache |
25 | nodeny ${HOME}/.yarnrc | 25 | noblacklist ${HOME}/.yarnrc |
26 | 26 | ||
27 | ignore noexec ${HOME} | 27 | ignore noexec ${HOME} |
28 | 28 | ||
@@ -58,9 +58,9 @@ include disable-xdg.inc | |||
58 | #whitelist ${HOME}/Projects | 58 | #whitelist ${HOME}/Projects |
59 | #include whitelist-common.inc | 59 | #include whitelist-common.inc |
60 | 60 | ||
61 | allow /usr/share/doc/node | 61 | whitelist /usr/share/doc/node |
62 | allow /usr/share/nvm | 62 | whitelist /usr/share/nvm |
63 | allow /usr/share/systemtap/tapset/node.stp | 63 | whitelist /usr/share/systemtap/tapset/node.stp |
64 | include whitelist-runuser-common.inc | 64 | include whitelist-runuser-common.inc |
65 | include whitelist-usr-share-common.inc | 65 | include whitelist-usr-share-common.inc |
66 | include whitelist-var-common.inc | 66 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/nomacs.profile b/etc/profile-m-z/nomacs.profile index 80fbd0fcb..a36dee874 100644 --- a/etc/profile-m-z/nomacs.profile +++ b/etc/profile-m-z/nomacs.profile | |||
@@ -6,10 +6,10 @@ include nomacs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/nomacs | 9 | noblacklist ${HOME}/.config/nomacs |
10 | nodeny ${HOME}/.local/share/nomacs | 10 | noblacklist ${HOME}/.local/share/nomacs |
11 | nodeny ${HOME}/.local/share/data/nomacs | 11 | noblacklist ${HOME}/.local/share/data/nomacs |
12 | nodeny ${PICTURES} | 12 | noblacklist ${PICTURES} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/notify-send.profile b/etc/profile-m-z/notify-send.profile index a3bcc040c..650118c98 100644 --- a/etc/profile-m-z/notify-send.profile +++ b/etc/profile-m-z/notify-send.profile | |||
@@ -7,7 +7,7 @@ include notify-send.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/nslookup.profile b/etc/profile-m-z/nslookup.profile index b3002ad0e..c7a131a2c 100644 --- a/etc/profile-m-z/nslookup.profile +++ b/etc/profile-m-z/nslookup.profile | |||
@@ -7,10 +7,10 @@ include nslookup.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | nodeny ${PATH}/nslookup | 13 | noblacklist ${PATH}/nslookup |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -20,7 +20,7 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | allow ${HOME}/.nslookuprc | 23 | whitelist ${HOME}/.nslookuprc |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile index 67f54f9fc..886403b9e 100644 --- a/etc/profile-m-z/nuclear.profile +++ b/etc/profile-m-z/nuclear.profile | |||
@@ -8,12 +8,12 @@ include globals.local | |||
8 | 8 | ||
9 | ignore dbus-user | 9 | ignore dbus-user |
10 | 10 | ||
11 | nodeny ${HOME}/.config/nuclear | 11 | noblacklist ${HOME}/.config/nuclear |
12 | 12 | ||
13 | include disable-shell.inc | 13 | include disable-shell.inc |
14 | 14 | ||
15 | mkdir ${HOME}/.config/nuclear | 15 | mkdir ${HOME}/.config/nuclear |
16 | allow ${HOME}/.config/nuclear | 16 | whitelist ${HOME}/.config/nuclear |
17 | 17 | ||
18 | no3d | 18 | no3d |
19 | 19 | ||
diff --git a/etc/profile-m-z/nylas.profile b/etc/profile-m-z/nylas.profile index ee7710b9c..fe0c2116b 100644 --- a/etc/profile-m-z/nylas.profile +++ b/etc/profile-m-z/nylas.profile | |||
@@ -5,8 +5,8 @@ include nylas.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/Nylas Mail | 8 | noblacklist ${HOME}/.config/Nylas Mail |
9 | nodeny ${HOME}/.nylas-mail | 9 | noblacklist ${HOME}/.nylas-mail |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-programs.inc | |||
16 | 16 | ||
17 | mkdir ${HOME}/.config/Nylas Mail | 17 | mkdir ${HOME}/.config/Nylas Mail |
18 | mkdir ${HOME}/.nylas-mail | 18 | mkdir ${HOME}/.nylas-mail |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.config/Nylas Mail | 20 | whitelist ${HOME}/.config/Nylas Mail |
21 | allow ${HOME}/.nylas-mail | 21 | whitelist ${HOME}/.nylas-mail |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/nyx.profile b/etc/profile-m-z/nyx.profile index 1d606f70c..d040d42af 100644 --- a/etc/profile-m-z/nyx.profile +++ b/etc/profile-m-z/nyx.profile | |||
@@ -10,7 +10,7 @@ include globals.local | |||
10 | include allow-python2.inc | 10 | include allow-python2.inc |
11 | include allow-python3.inc | 11 | include allow-python3.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.nyx | 13 | noblacklist ${HOME}/.nyx |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,7 +22,7 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.nyx | 24 | mkdir ${HOME}/.nyx |
25 | allow ${HOME}/.nyx | 25 | whitelist ${HOME}/.nyx |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/obs.profile b/etc/profile-m-z/obs.profile index f70bdc55a..9345cee4f 100644 --- a/etc/profile-m-z/obs.profile +++ b/etc/profile-m-z/obs.profile | |||
@@ -5,10 +5,10 @@ include obs.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/obs-studio | 8 | noblacklist ${HOME}/.config/obs-studio |
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | nodeny ${PICTURES} | 10 | noblacklist ${PICTURES} |
11 | nodeny ${VIDEOS} | 11 | noblacklist ${VIDEOS} |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/ocenaudio.profile b/etc/profile-m-z/ocenaudio.profile index 792c2ffc6..7be68a201 100644 --- a/etc/profile-m-z/ocenaudio.profile +++ b/etc/profile-m-z/ocenaudio.profile | |||
@@ -6,9 +6,9 @@ include ocenaudio.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/ocenaudio | 9 | noblacklist ${HOME}/.local/share/ocenaudio |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/odt2txt.profile b/etc/profile-m-z/odt2txt.profile index 61b71ec10..6163d2e22 100644 --- a/etc/profile-m-z/odt2txt.profile +++ b/etc/profile-m-z/odt2txt.profile | |||
@@ -6,9 +6,9 @@ include odt2txt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile index feeed86cb..ab8ccf623 100644 --- a/etc/profile-m-z/okular.profile +++ b/etc/profile-m-z/okular.profile | |||
@@ -6,18 +6,18 @@ include okular.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/okular | 9 | noblacklist ${HOME}/.cache/okular |
10 | nodeny ${HOME}/.config/okularpartrc | 10 | noblacklist ${HOME}/.config/okularpartrc |
11 | nodeny ${HOME}/.config/okularrc | 11 | noblacklist ${HOME}/.config/okularrc |
12 | nodeny ${HOME}/.kde/share/apps/okular | 12 | noblacklist ${HOME}/.kde/share/apps/okular |
13 | nodeny ${HOME}/.kde/share/config/okularpartrc | 13 | noblacklist ${HOME}/.kde/share/config/okularpartrc |
14 | nodeny ${HOME}/.kde/share/config/okularrc | 14 | noblacklist ${HOME}/.kde/share/config/okularrc |
15 | nodeny ${HOME}/.kde4/share/apps/okular | 15 | noblacklist ${HOME}/.kde4/share/apps/okular |
16 | nodeny ${HOME}/.kde4/share/config/okularpartrc | 16 | noblacklist ${HOME}/.kde4/share/config/okularpartrc |
17 | nodeny ${HOME}/.kde4/share/config/okularrc | 17 | noblacklist ${HOME}/.kde4/share/config/okularrc |
18 | nodeny ${HOME}/.local/share/kxmlgui5/okular | 18 | noblacklist ${HOME}/.local/share/kxmlgui5/okular |
19 | nodeny ${HOME}/.local/share/okular | 19 | noblacklist ${HOME}/.local/share/okular |
20 | nodeny ${DOCUMENTS} | 20 | noblacklist ${DOCUMENTS} |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
@@ -28,15 +28,15 @@ include disable-programs.inc | |||
28 | include disable-shell.inc | 28 | include disable-shell.inc |
29 | include disable-xdg.inc | 29 | include disable-xdg.inc |
30 | 30 | ||
31 | allow /usr/share/config.kcfg/gssettings.kcfg | 31 | whitelist /usr/share/config.kcfg/gssettings.kcfg |
32 | allow /usr/share/config.kcfg/pdfsettings.kcfg | 32 | whitelist /usr/share/config.kcfg/pdfsettings.kcfg |
33 | allow /usr/share/config.kcfg/okular.kcfg | 33 | whitelist /usr/share/config.kcfg/okular.kcfg |
34 | allow /usr/share/config.kcfg/okular_core.kcfg | 34 | whitelist /usr/share/config.kcfg/okular_core.kcfg |
35 | allow /usr/share/ghostscript | 35 | whitelist /usr/share/ghostscript |
36 | allow /usr/share/kconf_update/okular.upd | 36 | whitelist /usr/share/kconf_update/okular.upd |
37 | allow /usr/share/kxmlgui5/okular | 37 | whitelist /usr/share/kxmlgui5/okular |
38 | allow /usr/share/okular | 38 | whitelist /usr/share/okular |
39 | allow /usr/share/poppler | 39 | whitelist /usr/share/poppler |
40 | include whitelist-runuser-common.inc | 40 | include whitelist-runuser-common.inc |
41 | include whitelist-usr-share-common.inc | 41 | include whitelist-usr-share-common.inc |
42 | include whitelist-var-common.inc | 42 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile index 748d17995..5b367b639 100644 --- a/etc/profile-m-z/onboard.profile +++ b/etc/profile-m-z/onboard.profile | |||
@@ -6,7 +6,7 @@ include onboard.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/onboard | 9 | noblacklist ${HOME}/.config/onboard |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,8 +22,8 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.config/onboard | 24 | mkdir ${HOME}/.config/onboard |
25 | allow ${HOME}/.config/onboard | 25 | whitelist ${HOME}/.config/onboard |
26 | allow /usr/share/onboard | 26 | whitelist /usr/share/onboard |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/onionshare-gui.profile b/etc/profile-m-z/onionshare-gui.profile index 188818a7f..960df9034 100644 --- a/etc/profile-m-z/onionshare-gui.profile +++ b/etc/profile-m-z/onionshare-gui.profile | |||
@@ -5,7 +5,7 @@ include onionshare-gui.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/onionshare | 8 | noblacklist ${HOME}/.config/onionshare |
9 | 9 | ||
10 | # Allow python (blacklisted by disable-interpreters.inc) | 10 | # Allow python (blacklisted by disable-interpreters.inc) |
11 | include allow-python3.inc | 11 | include allow-python3.inc |
diff --git a/etc/profile-m-z/open-invaders.profile b/etc/profile-m-z/open-invaders.profile index 6e2b31def..7a840d4a9 100644 --- a/etc/profile-m-z/open-invaders.profile +++ b/etc/profile-m-z/open-invaders.profile | |||
@@ -6,7 +6,7 @@ include open-invaders.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.openinvaders | 9 | noblacklist ${HOME}/.openinvaders |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.openinvaders | 19 | mkdir ${HOME}/.openinvaders |
20 | allow ${HOME}/.openinvaders | 20 | whitelist ${HOME}/.openinvaders |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/openarena.profile b/etc/profile-m-z/openarena.profile index dfc78e5a9..36ce0316f 100644 --- a/etc/profile-m-z/openarena.profile +++ b/etc/profile-m-z/openarena.profile | |||
@@ -6,7 +6,7 @@ include openarena.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.openarena | 9 | noblacklist ${HOME}/.openarena |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.openarena | 19 | mkdir ${HOME}/.openarena |
20 | allow ${HOME}/.openarena | 20 | whitelist ${HOME}/.openarena |
21 | allow /usr/share/openarena | 21 | whitelist /usr/share/openarena |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | 23 | include whitelist-runuser-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/openbox.profile b/etc/profile-m-z/openbox.profile index 5a6b378f0..b49fd9932 100644 --- a/etc/profile-m-z/openbox.profile +++ b/etc/profile-m-z/openbox.profile | |||
@@ -7,7 +7,7 @@ include openbox.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in openbox will run in this profile | 9 | # all applications started in openbox will run in this profile |
10 | nodeny ${HOME}/.config/openbox | 10 | noblacklist ${HOME}/.config/openbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/profile-m-z/opencity.profile b/etc/profile-m-z/opencity.profile index 268e7cee3..a3d371e15 100644 --- a/etc/profile-m-z/opencity.profile +++ b/etc/profile-m-z/opencity.profile | |||
@@ -6,7 +6,7 @@ include opencity.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.opencity | 9 | noblacklist ${HOME}/.opencity |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.opencity | 20 | mkdir ${HOME}/.opencity |
21 | allow ${HOME}/.opencity | 21 | whitelist ${HOME}/.opencity |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/openclonk.profile b/etc/profile-m-z/openclonk.profile index 588191cb3..32b40df42 100644 --- a/etc/profile-m-z/openclonk.profile +++ b/etc/profile-m-z/openclonk.profile | |||
@@ -6,7 +6,7 @@ include openclonk.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.clonk | 9 | noblacklist ${HOME}/.clonk |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.clonk | 20 | mkdir ${HOME}/.clonk |
21 | allow ${HOME}/.clonk | 21 | whitelist ${HOME}/.clonk |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile index 95d507c98..d1fe67aed 100644 --- a/etc/profile-m-z/openmw.profile +++ b/etc/profile-m-z/openmw.profile | |||
@@ -6,8 +6,8 @@ include openmw.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/openmw | 9 | noblacklist ${HOME}/.config/openmw |
10 | nodeny ${HOME}/.local/share/openmw | 10 | noblacklist ${HOME}/.local/share/openmw |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -21,11 +21,11 @@ include disable-xdg.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.config/openmw | 22 | mkdir ${HOME}/.config/openmw |
23 | mkdir ${HOME}/.local/share/openmw | 23 | mkdir ${HOME}/.local/share/openmw |
24 | allow ${HOME}/.config/openmw | 24 | whitelist ${HOME}/.config/openmw |
25 | # Copy Morrowind data files into ${HOME}/.local/share/openmw or load them from /mnt. | 25 | # Copy Morrowind data files into ${HOME}/.local/share/openmw or load them from /mnt. |
26 | # Alternatively you can whitelist custom paths in your openmw.local. | 26 | # Alternatively you can whitelist custom paths in your openmw.local. |
27 | allow ${HOME}/.local/share/openmw | 27 | whitelist ${HOME}/.local/share/openmw |
28 | allow /usr/share/openmw | 28 | whitelist /usr/share/openmw |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/openshot.profile b/etc/profile-m-z/openshot.profile index ebb536b3e..6118630c4 100644 --- a/etc/profile-m-z/openshot.profile +++ b/etc/profile-m-z/openshot.profile | |||
@@ -6,8 +6,8 @@ include openshot.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.openshot | 9 | noblacklist ${HOME}/.openshot |
10 | nodeny ${HOME}/.openshot_qt | 10 | noblacklist ${HOME}/.openshot_qt |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
@@ -19,8 +19,8 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | allow /usr/share/blender | 22 | whitelist /usr/share/blender |
23 | allow /usr/share/inkscape | 23 | whitelist /usr/share/inkscape |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/openttd.profile b/etc/profile-m-z/openttd.profile index 79c1f8ffa..546958bb7 100644 --- a/etc/profile-m-z/openttd.profile +++ b/etc/profile-m-z/openttd.profile | |||
@@ -6,7 +6,7 @@ include openttd.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.openttd | 9 | noblacklist ${HOME}/.openttd |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.openttd | 20 | mkdir ${HOME}/.openttd |
21 | allow ${HOME}/.openttd | 21 | whitelist ${HOME}/.openttd |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/opera-beta.profile b/etc/profile-m-z/opera-beta.profile index 548afc0b4..551f1aba4 100644 --- a/etc/profile-m-z/opera-beta.profile +++ b/etc/profile-m-z/opera-beta.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/opera | 13 | noblacklist ${HOME}/.cache/opera |
14 | nodeny ${HOME}/.config/opera-beta | 14 | noblacklist ${HOME}/.config/opera-beta |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/opera | 16 | mkdir ${HOME}/.cache/opera |
17 | mkdir ${HOME}/.config/opera-beta | 17 | mkdir ${HOME}/.config/opera-beta |
18 | allow ${HOME}/.cache/opera | 18 | whitelist ${HOME}/.cache/opera |
19 | allow ${HOME}/.config/opera-beta | 19 | whitelist ${HOME}/.config/opera-beta |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-m-z/opera.profile b/etc/profile-m-z/opera.profile index 5a3fe064e..2c7c5fc35 100644 --- a/etc/profile-m-z/opera.profile +++ b/etc/profile-m-z/opera.profile | |||
@@ -11,16 +11,16 @@ ignore whitelist /usr/share/chromium | |||
11 | ignore include whitelist-runuser-common.inc | 11 | ignore include whitelist-runuser-common.inc |
12 | ignore include whitelist-usr-share-common.inc | 12 | ignore include whitelist-usr-share-common.inc |
13 | 13 | ||
14 | nodeny ${HOME}/.cache/opera | 14 | noblacklist ${HOME}/.cache/opera |
15 | nodeny ${HOME}/.config/opera | 15 | noblacklist ${HOME}/.config/opera |
16 | nodeny ${HOME}/.opera | 16 | noblacklist ${HOME}/.opera |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/opera | 18 | mkdir ${HOME}/.cache/opera |
19 | mkdir ${HOME}/.config/opera | 19 | mkdir ${HOME}/.config/opera |
20 | mkdir ${HOME}/.opera | 20 | mkdir ${HOME}/.opera |
21 | allow ${HOME}/.cache/opera | 21 | whitelist ${HOME}/.cache/opera |
22 | allow ${HOME}/.config/opera | 22 | whitelist ${HOME}/.config/opera |
23 | allow ${HOME}/.opera | 23 | whitelist ${HOME}/.opera |
24 | 24 | ||
25 | # Redirect | 25 | # Redirect |
26 | include chromium-common.profile | 26 | include chromium-common.profile |
diff --git a/etc/profile-m-z/orage.profile b/etc/profile-m-z/orage.profile index a49cbdb91..4e4d8bea5 100644 --- a/etc/profile-m-z/orage.profile +++ b/etc/profile-m-z/orage.profile | |||
@@ -6,8 +6,8 @@ include orage.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/orage | 9 | noblacklist ${HOME}/.config/orage |
10 | nodeny ${HOME}/.local/share/orage | 10 | noblacklist ${HOME}/.local/share/orage |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index ed881816e..310b90919 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile | |||
@@ -6,7 +6,7 @@ include ostrichriders.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.ostrichriders | 9 | noblacklist ${HOME}/.ostrichriders |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.ostrichriders | 20 | mkdir ${HOME}/.ostrichriders |
21 | allow ${HOME}/.ostrichriders | 21 | whitelist ${HOME}/.ostrichriders |
22 | allow /usr/share/ostrichriders | 22 | whitelist /usr/share/ostrichriders |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/otter-browser.profile b/etc/profile-m-z/otter-browser.profile index bc9e730a1..20a4e25ed 100644 --- a/etc/profile-m-z/otter-browser.profile +++ b/etc/profile-m-z/otter-browser.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 9 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/Otter | 11 | noblacklist ${HOME}/.cache/Otter |
12 | nodeny ${HOME}/.config/otter | 12 | noblacklist ${HOME}/.config/otter |
13 | nodeny ${HOME}/.pki | 13 | noblacklist ${HOME}/.pki |
14 | nodeny ${HOME}/.local/share/pki | 14 | noblacklist ${HOME}/.local/share/pki |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -25,12 +25,12 @@ mkdir ${HOME}/.cache/Otter | |||
25 | mkdir ${HOME}/.config/otter | 25 | mkdir ${HOME}/.config/otter |
26 | mkdir ${HOME}/.pki | 26 | mkdir ${HOME}/.pki |
27 | mkdir ${HOME}/.local/share/pki | 27 | mkdir ${HOME}/.local/share/pki |
28 | allow ${DOWNLOADS} | 28 | whitelist ${DOWNLOADS} |
29 | allow ${HOME}/.cache/Otter | 29 | whitelist ${HOME}/.cache/Otter |
30 | allow ${HOME}/.config/otter | 30 | whitelist ${HOME}/.config/otter |
31 | allow ${HOME}/.pki | 31 | whitelist ${HOME}/.pki |
32 | allow ${HOME}/.local/share/pki | 32 | whitelist ${HOME}/.local/share/pki |
33 | allow /usr/share/otter-browser | 33 | whitelist /usr/share/otter-browser |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
36 | include whitelist-usr-share-common.inc | 36 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/palemoon.profile b/etc/profile-m-z/palemoon.profile index 503c141d8..acb2ce176 100644 --- a/etc/profile-m-z/palemoon.profile +++ b/etc/profile-m-z/palemoon.profile | |||
@@ -5,13 +5,13 @@ include palemoon.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/moonchild productions/pale moon | 8 | noblacklist ${HOME}/.cache/moonchild productions/pale moon |
9 | nodeny ${HOME}/.moonchild productions/pale moon | 9 | noblacklist ${HOME}/.moonchild productions/pale moon |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/moonchild productions/pale moon | 11 | mkdir ${HOME}/.cache/moonchild productions/pale moon |
12 | mkdir ${HOME}/.moonchild productions | 12 | mkdir ${HOME}/.moonchild productions |
13 | allow ${HOME}/.cache/moonchild productions/pale moon | 13 | whitelist ${HOME}/.cache/moonchild productions/pale moon |
14 | allow ${HOME}/.moonchild productions | 14 | whitelist ${HOME}/.moonchild productions |
15 | 15 | ||
16 | # Palemoon can use the full firejail seccomp filter (unlike firefox >= 60) | 16 | # Palemoon can use the full firejail seccomp filter (unlike firefox >= 60) |
17 | seccomp | 17 | seccomp |
diff --git a/etc/profile-m-z/pandoc.profile b/etc/profile-m-z/pandoc.profile index a59f53298..513b4119e 100644 --- a/etc/profile-m-z/pandoc.profile +++ b/etc/profile-m-z/pandoc.profile | |||
@@ -7,9 +7,9 @@ include pandoc.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/parole.profile b/etc/profile-m-z/parole.profile index a277d1cbc..0a4422a73 100644 --- a/etc/profile-m-z/parole.profile +++ b/etc/profile-m-z/parole.profile | |||
@@ -6,8 +6,8 @@ include parole.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | nodeny ${VIDEOS} | 10 | noblacklist ${VIDEOS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile index 156c3956d..0de968185 100644 --- a/etc/profile-m-z/patch.profile +++ b/etc/profile-m-z/patch.profile | |||
@@ -7,9 +7,9 @@ include patch.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pavucontrol-qt.profile b/etc/profile-m-z/pavucontrol-qt.profile index dcd69cdd0..f96ba14d2 100644 --- a/etc/profile-m-z/pavucontrol-qt.profile +++ b/etc/profile-m-z/pavucontrol-qt.profile | |||
@@ -7,10 +7,10 @@ include pavucontrol-qt.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/pavucontrol-qt | 10 | noblacklist ${HOME}/.config/pavucontrol-qt |
11 | 11 | ||
12 | mkdir ${HOME}/.config/pavucontrol-qt | 12 | mkdir ${HOME}/.config/pavucontrol-qt |
13 | allow ${HOME}/.config/pavucontrol-qt | 13 | whitelist ${HOME}/.config/pavucontrol-qt |
14 | 14 | ||
15 | private-bin pavucontrol-qt | 15 | private-bin pavucontrol-qt |
16 | ignore private-lib | 16 | ignore private-lib |
diff --git a/etc/profile-m-z/pavucontrol.profile b/etc/profile-m-z/pavucontrol.profile index f44730c33..b46fb3026 100644 --- a/etc/profile-m-z/pavucontrol.profile +++ b/etc/profile-m-z/pavucontrol.profile | |||
@@ -6,7 +6,7 @@ include pavucontrol.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/pavucontrol.ini | 9 | noblacklist ${HOME}/.config/pavucontrol.ini |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | # whitelisting in ${HOME} is broken, see #3112 | 19 | # whitelisting in ${HOME} is broken, see #3112 |
20 | #mkfile ${HOME}/.config/pavucontrol.ini | 20 | #mkfile ${HOME}/.config/pavucontrol.ini |
21 | #whitelist ${HOME}/.config/pavucontrol.ini | 21 | #whitelist ${HOME}/.config/pavucontrol.ini |
22 | allow /usr/share/pavucontrol | 22 | whitelist /usr/share/pavucontrol |
23 | allow /usr/share/pavucontrol-qt | 23 | whitelist /usr/share/pavucontrol-qt |
24 | #include whitelist-common.inc | 24 | #include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/pcsxr.profile b/etc/profile-m-z/pcsxr.profile index 3f920ced8..a6dab2a9a 100644 --- a/etc/profile-m-z/pcsxr.profile +++ b/etc/profile-m-z/pcsxr.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your pcsxr.local | 9 | # Note: you must whitelist your games folder in your pcsxr.local |
10 | 10 | ||
11 | nodeny ${HOME}/.pcsxr | 11 | noblacklist ${HOME}/.pcsxr |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,7 +21,7 @@ include disable-write-mnt.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.pcsxr | 23 | mkdir ${HOME}/.pcsxr |
24 | allow ${HOME}/.pcsxr | 24 | whitelist ${HOME}/.pcsxr |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/pdfchain.profile b/etc/profile-m-z/pdfchain.profile index 13a011072..d72417914 100644 --- a/etc/profile-m-z/pdfchain.profile +++ b/etc/profile-m-z/pdfchain.profile | |||
@@ -5,7 +5,7 @@ include pdfchain.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${DOCUMENTS} | 8 | noblacklist ${DOCUMENTS} |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pdfmod.profile b/etc/profile-m-z/pdfmod.profile index e49ce8073..a19826555 100644 --- a/etc/profile-m-z/pdfmod.profile +++ b/etc/profile-m-z/pdfmod.profile | |||
@@ -6,9 +6,9 @@ include pdfmod.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/pdfmod | 9 | noblacklist ${HOME}/.cache/pdfmod |
10 | nodeny ${HOME}/.config/pdfmod | 10 | noblacklist ${HOME}/.config/pdfmod |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pdfsam.profile b/etc/profile-m-z/pdfsam.profile index 67c14bbc3..e2808d4d2 100644 --- a/etc/profile-m-z/pdfsam.profile +++ b/etc/profile-m-z/pdfsam.profile | |||
@@ -6,7 +6,7 @@ include pdfsam.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | 10 | ||
11 | # Allow java (blacklisted by disable-devel.inc) | 11 | # Allow java (blacklisted by disable-devel.inc) |
12 | include allow-java.inc | 12 | include allow-java.inc |
diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile index 1c7ebfad5..d3902a51c 100644 --- a/etc/profile-m-z/pdftotext.profile +++ b/etc/profile-m-z/pdftotext.profile | |||
@@ -6,9 +6,9 @@ include pdftotext.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER} | 9 | blacklist ${RUNUSER} |
10 | 10 | ||
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | allow ${DOCUMENTS} | 22 | whitelist ${DOCUMENTS} |
23 | allow ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
24 | allow /usr/share/poppler | 24 | whitelist /usr/share/poppler |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-m-z/peek.profile b/etc/profile-m-z/peek.profile index e809625ad..c33953687 100644 --- a/etc/profile-m-z/peek.profile +++ b/etc/profile-m-z/peek.profile | |||
@@ -5,9 +5,9 @@ include peek.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/peek | 8 | noblacklist ${HOME}/.cache/peek |
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | nodeny ${VIDEOS} | 10 | noblacklist ${VIDEOS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/penguin-command.profile b/etc/profile-m-z/penguin-command.profile index 5ebd7b462..f5ad0321d 100644 --- a/etc/profile-m-z/penguin-command.profile +++ b/etc/profile-m-z/penguin-command.profile | |||
@@ -6,7 +6,7 @@ include penguin-command.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.penguin-command | 9 | noblacklist ${HOME}/.penguin-command |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | allow ${HOME}/.penguin-command | 19 | whitelist ${HOME}/.penguin-command |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-m-z/photoflare.profile b/etc/profile-m-z/photoflare.profile index 8dd506850..40068ff78 100644 --- a/etc/profile-m-z/photoflare.profile +++ b/etc/profile-m-z/photoflare.profile | |||
@@ -6,7 +6,7 @@ include photoflare.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include photoflare.local | 7 | include photoflare.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/picard.profile b/etc/profile-m-z/picard.profile index ac178ee6c..a5ea47088 100644 --- a/etc/profile-m-z/picard.profile +++ b/etc/profile-m-z/picard.profile | |||
@@ -6,9 +6,9 @@ include picard.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/MusicBrainz | 9 | noblacklist ${HOME}/.cache/MusicBrainz |
10 | nodeny ${HOME}/.config/MusicBrainz | 10 | noblacklist ${HOME}/.config/MusicBrainz |
11 | nodeny ${MUSIC} | 11 | noblacklist ${MUSIC} |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/pidgin.profile b/etc/profile-m-z/pidgin.profile index a65abeb2e..26872e9a1 100644 --- a/etc/profile-m-z/pidgin.profile +++ b/etc/profile-m-z/pidgin.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | ignore noexec ${RUNUSER} | 9 | ignore noexec ${RUNUSER} |
10 | ignore noexec /dev/shm | 10 | ignore noexec /dev/shm |
11 | 11 | ||
12 | nodeny ${HOME}/.purple | 12 | noblacklist ${HOME}/.purple |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-programs.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.purple | 22 | mkdir ${HOME}/.purple |
23 | allow ${HOME}/.purple | 23 | whitelist ${HOME}/.purple |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | allow ${PICTURES} | 25 | whitelist ${PICTURES} |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/pinball.profile b/etc/profile-m-z/pinball.profile index 41e4fb6c0..2e17be2ce 100644 --- a/etc/profile-m-z/pinball.profile +++ b/etc/profile-m-z/pinball.profile | |||
@@ -6,7 +6,7 @@ include pinball.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/emilia | 9 | noblacklist ${HOME}/.config/emilia |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,11 +18,11 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/emilia | 20 | mkdir ${HOME}/.config/emilia |
21 | allow ${HOME}/.config/emilia | 21 | whitelist ${HOME}/.config/emilia |
22 | 22 | ||
23 | allow /usr/share/pinball | 23 | whitelist /usr/share/pinball |
24 | # on debian games are stored under /usr/share/games | 24 | # on debian games are stored under /usr/share/games |
25 | allow /usr/share/games/pinball | 25 | whitelist /usr/share/games/pinball |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/ping.profile b/etc/profile-m-z/ping.profile index 65e77abfa..e914007c0 100644 --- a/etc/profile-m-z/ping.profile +++ b/etc/profile-m-z/ping.profile | |||
@@ -7,8 +7,8 @@ include ping.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile index aa2cfe203..f1fdfcbad 100644 --- a/etc/profile-m-z/pingus.profile +++ b/etc/profile-m-z/pingus.profile | |||
@@ -6,12 +6,12 @@ include pingus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.pingus | 9 | noblacklist ${HOME}/.pingus |
10 | 10 | ||
11 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 11 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
12 | include allow-bin-sh.inc | 12 | include allow-bin-sh.inc |
13 | 13 | ||
14 | deny /usr/libexec | 14 | blacklist /usr/libexec |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -23,8 +23,8 @@ include disable-shell.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.pingus | 25 | mkdir ${HOME}/.pingus |
26 | allow ${HOME}/.pingus | 26 | whitelist ${HOME}/.pingus |
27 | allow /usr/share/pingus | 27 | whitelist /usr/share/pingus |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/pinta.profile b/etc/profile-m-z/pinta.profile index d0d4f1fce..19406c399 100644 --- a/etc/profile-m-z/pinta.profile +++ b/etc/profile-m-z/pinta.profile | |||
@@ -6,9 +6,9 @@ include pinta.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Pinta | 9 | noblacklist ${HOME}/.config/Pinta |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | nodeny ${PICTURES} | 11 | noblacklist ${PICTURES} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pioneer.profile b/etc/profile-m-z/pioneer.profile index 6cfea28b6..721b3944a 100644 --- a/etc/profile-m-z/pioneer.profile +++ b/etc/profile-m-z/pioneer.profile | |||
@@ -6,7 +6,7 @@ include pioneer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.pioneer | 9 | noblacklist ${HOME}/.pioneer |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.pioneer | 20 | mkdir ${HOME}/.pioneer |
21 | allow ${HOME}/.pioneer | 21 | whitelist ${HOME}/.pioneer |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/pipe-viewer.profile b/etc/profile-m-z/pipe-viewer.profile index acd7eeaf2..3de064311 100644 --- a/etc/profile-m-z/pipe-viewer.profile +++ b/etc/profile-m-z/pipe-viewer.profile | |||
@@ -7,13 +7,13 @@ include pipe-viewer.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/pipe-viewer | 10 | noblacklist ${HOME}/.cache/pipe-viewer |
11 | nodeny ${HOME}/.config/pipe-viewer | 11 | noblacklist ${HOME}/.config/pipe-viewer |
12 | 12 | ||
13 | mkdir ${HOME}/.config/pipe-viewer | 13 | mkdir ${HOME}/.config/pipe-viewer |
14 | mkdir ${HOME}/.cache/pipe-viewer | 14 | mkdir ${HOME}/.cache/pipe-viewer |
15 | allow ${HOME}/.cache/pipe-viewer | 15 | whitelist ${HOME}/.cache/pipe-viewer |
16 | allow ${HOME}/.config/pipe-viewer | 16 | whitelist ${HOME}/.config/pipe-viewer |
17 | 17 | ||
18 | private-bin gtk-pipe-viewer,pipe-viewer | 18 | private-bin gtk-pipe-viewer,pipe-viewer |
19 | 19 | ||
diff --git a/etc/profile-m-z/pitivi.profile b/etc/profile-m-z/pitivi.profile index abce4c911..a2dd809c4 100644 --- a/etc/profile-m-z/pitivi.profile +++ b/etc/profile-m-z/pitivi.profile | |||
@@ -6,7 +6,7 @@ include pitivi.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/pitivi | 9 | noblacklist ${HOME}/.config/pitivi |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
diff --git a/etc/profile-m-z/pix.profile b/etc/profile-m-z/pix.profile index 63451d352..81d3e9370 100644 --- a/etc/profile-m-z/pix.profile +++ b/etc/profile-m-z/pix.profile | |||
@@ -5,10 +5,10 @@ include pix.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/pix | 8 | noblacklist ${HOME}/.config/pix |
9 | nodeny ${HOME}/.local/share/pix | 9 | noblacklist ${HOME}/.local/share/pix |
10 | nodeny ${HOME}/.Steam | 10 | noblacklist ${HOME}/.Steam |
11 | nodeny ${HOME}/.steam | 11 | noblacklist ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pkglog.profile b/etc/profile-m-z/pkglog.profile index 13d7db7f7..4eb41b3bd 100644 --- a/etc/profile-m-z/pkglog.profile +++ b/etc/profile-m-z/pkglog.profile | |||
@@ -17,9 +17,9 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow /var/log/apt/history.log | 20 | whitelist /var/log/apt/history.log |
21 | allow /var/log/dnf.rpm.log | 21 | whitelist /var/log/dnf.rpm.log |
22 | allow /var/log/pacman.log | 22 | whitelist /var/log/pacman.log |
23 | 23 | ||
24 | apparmor | 24 | apparmor |
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-m-z/playonlinux.profile b/etc/profile-m-z/playonlinux.profile index 9c23841e2..8e98905b5 100644 --- a/etc/profile-m-z/playonlinux.profile +++ b/etc/profile-m-z/playonlinux.profile | |||
@@ -7,10 +7,10 @@ include playonlinux.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.PlayOnLinux | 10 | noblacklist ${HOME}/.PlayOnLinux |
11 | 11 | ||
12 | # nc is needed to run playonlinux | 12 | # nc is needed to run playonlinux |
13 | nodeny ${PATH}/nc | 13 | noblacklist ${PATH}/nc |
14 | 14 | ||
15 | # Allow perl (blacklisted by disable-interpreters.inc) | 15 | # Allow perl (blacklisted by disable-interpreters.inc) |
16 | include allow-perl.inc | 16 | include allow-perl.inc |
diff --git a/etc/profile-m-z/pluma.profile b/etc/profile-m-z/pluma.profile index ab7e0c64b..10e12e5b1 100644 --- a/etc/profile-m-z/pluma.profile +++ b/etc/profile-m-z/pluma.profile | |||
@@ -6,8 +6,8 @@ include pluma.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/enchant | 9 | noblacklist ${HOME}/.config/enchant |
10 | nodeny ${HOME}/.config/pluma | 10 | noblacklist ${HOME}/.config/pluma |
11 | 11 | ||
12 | # Allows files commonly used by IDEs | 12 | # Allows files commonly used by IDEs |
13 | include allow-common-devel.inc | 13 | include allow-common-devel.inc |
diff --git a/etc/profile-m-z/plv.profile b/etc/profile-m-z/plv.profile index 02cb83ef6..5201fd853 100644 --- a/etc/profile-m-z/plv.profile +++ b/etc/profile-m-z/plv.profile | |||
@@ -6,7 +6,7 @@ include plv.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/PacmanLogViewer | 9 | noblacklist ${HOME}/.config/PacmanLogViewer |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.config/PacmanLogViewer | 19 | mkdir ${HOME}/.config/PacmanLogViewer |
20 | allow ${HOME}/.config/PacmanLogViewer | 20 | whitelist ${HOME}/.config/PacmanLogViewer |
21 | allow /var/log/pacman.log | 21 | whitelist /var/log/pacman.log |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile index 2c4dda43e..8a181d5a8 100644 --- a/etc/profile-m-z/pngquant.profile +++ b/etc/profile-m-z/pngquant.profile | |||
@@ -7,9 +7,9 @@ include pngquant.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${PICTURES} | 10 | noblacklist ${PICTURES} |
11 | 11 | ||
12 | deny ${RUNUSER}/wayland-* | 12 | blacklist ${RUNUSER}/wayland-* |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/polari.profile b/etc/profile-m-z/polari.profile index 115ac36ab..a3d4f9851 100644 --- a/etc/profile-m-z/polari.profile +++ b/etc/profile-m-z/polari.profile | |||
@@ -21,12 +21,12 @@ mkdir ${HOME}/.local/share/Empathy | |||
21 | mkdir ${HOME}/.local/share/TpLogger | 21 | mkdir ${HOME}/.local/share/TpLogger |
22 | mkdir ${HOME}/.local/share/telepathy | 22 | mkdir ${HOME}/.local/share/telepathy |
23 | mkdir ${HOME}/.purple | 23 | mkdir ${HOME}/.purple |
24 | allow ${HOME}/.cache/telepathy | 24 | whitelist ${HOME}/.cache/telepathy |
25 | allow ${HOME}/.config/telepathy-account-widgets | 25 | whitelist ${HOME}/.config/telepathy-account-widgets |
26 | allow ${HOME}/.local/share/Empathy | 26 | whitelist ${HOME}/.local/share/Empathy |
27 | allow ${HOME}/.local/share/TpLogger | 27 | whitelist ${HOME}/.local/share/TpLogger |
28 | allow ${HOME}/.local/share/telepathy | 28 | whitelist ${HOME}/.local/share/telepathy |
29 | allow ${HOME}/.purple | 29 | whitelist ${HOME}/.purple |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | 32 | ||
diff --git a/etc/profile-m-z/ppsspp.profile b/etc/profile-m-z/ppsspp.profile index 10c59ea32..1f73c1d89 100644 --- a/etc/profile-m-z/ppsspp.profile +++ b/etc/profile-m-z/ppsspp.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your ppsspp.local. | 9 | # Note: you must whitelist your games folder in your ppsspp.local. |
10 | 10 | ||
11 | nodeny ${HOME}/.config/ppsspp | 11 | noblacklist ${HOME}/.config/ppsspp |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-write-mnt.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/ppsspp | 22 | mkdir ${HOME}/.config/ppsspp |
23 | allow ${HOME}/.config/ppsspp | 23 | whitelist ${HOME}/.config/ppsspp |
24 | allow /usr/share/ppsspp | 24 | whitelist /usr/share/ppsspp |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/pragha.profile b/etc/profile-m-z/pragha.profile index 9b03bf632..f138d785e 100644 --- a/etc/profile-m-z/pragha.profile +++ b/etc/profile-m-z/pragha.profile | |||
@@ -6,8 +6,8 @@ include pragha.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/pragha | 9 | noblacklist ${HOME}/.config/pragha |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/profanity.profile b/etc/profile-m-z/profanity.profile index 137b4cb20..743458725 100644 --- a/etc/profile-m-z/profanity.profile +++ b/etc/profile-m-z/profanity.profile | |||
@@ -7,8 +7,8 @@ include profanity.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/profanity | 10 | noblacklist ${HOME}/.config/profanity |
11 | nodeny ${HOME}/.local/share/profanity | 11 | noblacklist ${HOME}/.local/share/profanity |
12 | 12 | ||
13 | # Allow Python | 13 | # Allow Python |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/psi-plus.profile b/etc/profile-m-z/psi-plus.profile index b0e28baf7..5ac58b0ac 100644 --- a/etc/profile-m-z/psi-plus.profile +++ b/etc/profile-m-z/psi-plus.profile | |||
@@ -6,8 +6,8 @@ include psi-plus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/psi+ | 9 | noblacklist ${HOME}/.config/psi+ |
10 | nodeny ${HOME}/.local/share/psi+ | 10 | noblacklist ${HOME}/.local/share/psi+ |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,10 +19,10 @@ include disable-programs.inc | |||
19 | mkdir ${HOME}/.cache/psi+ | 19 | mkdir ${HOME}/.cache/psi+ |
20 | mkdir ${HOME}/.config/psi+ | 20 | mkdir ${HOME}/.config/psi+ |
21 | mkdir ${HOME}/.local/share/psi+ | 21 | mkdir ${HOME}/.local/share/psi+ |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow ${HOME}/.cache/psi+ | 23 | whitelist ${HOME}/.cache/psi+ |
24 | allow ${HOME}/.config/psi+ | 24 | whitelist ${HOME}/.config/psi+ |
25 | allow ${HOME}/.local/share/psi+ | 25 | whitelist ${HOME}/.local/share/psi+ |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | 27 | ||
28 | caps.drop all | 28 | caps.drop all |
diff --git a/etc/profile-m-z/psi.profile b/etc/profile-m-z/psi.profile index 2588c3b75..7e0ef99fc 100644 --- a/etc/profile-m-z/psi.profile +++ b/etc/profile-m-z/psi.profile | |||
@@ -8,11 +8,11 @@ include globals.local | |||
8 | 8 | ||
9 | # Add the next line to your psi.local to enable GPG support. | 9 | # Add the next line to your psi.local to enable GPG support. |
10 | #noblacklist ${HOME}/.gnupg | 10 | #noblacklist ${HOME}/.gnupg |
11 | nodeny ${HOME}/.cache/psi | 11 | noblacklist ${HOME}/.cache/psi |
12 | nodeny ${HOME}/.cache/Psi | 12 | noblacklist ${HOME}/.cache/Psi |
13 | nodeny ${HOME}/.config/psi | 13 | noblacklist ${HOME}/.config/psi |
14 | nodeny ${HOME}/.local/share/psi | 14 | noblacklist ${HOME}/.local/share/psi |
15 | nodeny ${HOME}/.local/share/Psi | 15 | noblacklist ${HOME}/.local/share/Psi |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -32,16 +32,16 @@ mkdir ${HOME}/.local/share/psi | |||
32 | mkdir ${HOME}/.local/share/Psi | 32 | mkdir ${HOME}/.local/share/Psi |
33 | # Add the next line to your psi.local to enable GPG support. | 33 | # Add the next line to your psi.local to enable GPG support. |
34 | #whitelist ${HOME}/.gnupg | 34 | #whitelist ${HOME}/.gnupg |
35 | allow ${HOME}/.cache/psi | 35 | whitelist ${HOME}/.cache/psi |
36 | allow ${HOME}/.cache/Psi | 36 | whitelist ${HOME}/.cache/Psi |
37 | allow ${HOME}/.config/psi | 37 | whitelist ${HOME}/.config/psi |
38 | allow ${HOME}/.local/share/psi | 38 | whitelist ${HOME}/.local/share/psi |
39 | allow ${HOME}/.local/share/Psi | 39 | whitelist ${HOME}/.local/share/Psi |
40 | allow ${DOWNLOADS} | 40 | whitelist ${DOWNLOADS} |
41 | # Add the next lines to your psi.local to enable GPG support. | 41 | # Add the next lines to your psi.local to enable GPG support. |
42 | #whitelist /usr/share/gnupg | 42 | #whitelist /usr/share/gnupg |
43 | #whitelist /usr/share/gnupg2 | 43 | #whitelist /usr/share/gnupg2 |
44 | allow /usr/share/psi | 44 | whitelist /usr/share/psi |
45 | # Add the next lines to your psi.local to enable GPG support. | 45 | # Add the next lines to your psi.local to enable GPG support. |
46 | #whitelist ${RUNUSER}/gnupg | 46 | #whitelist ${RUNUSER}/gnupg |
47 | #whitelist ${RUNUSER}/keyring | 47 | #whitelist ${RUNUSER}/keyring |
diff --git a/etc/profile-m-z/pybitmessage.profile b/etc/profile-m-z/pybitmessage.profile index 1f0e83ab6..60ae37930 100644 --- a/etc/profile-m-z/pybitmessage.profile +++ b/etc/profile-m-z/pybitmessage.profile | |||
@@ -5,9 +5,9 @@ include pybitmessage.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny /sbin | 8 | noblacklist /sbin |
9 | nodeny /usr/local/sbin | 9 | noblacklist /usr/local/sbin |
10 | nodeny /usr/sbin | 10 | noblacklist /usr/sbin |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/pycharm-community.profile b/etc/profile-m-z/pycharm-community.profile index b6c08290e..00d7239ae 100644 --- a/etc/profile-m-z/pycharm-community.profile +++ b/etc/profile-m-z/pycharm-community.profile | |||
@@ -5,7 +5,7 @@ include pycharm-community.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.PyCharmCE* | 8 | noblacklist ${HOME}/.PyCharmCE* |
9 | 9 | ||
10 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
11 | include allow-java.inc | 11 | include allow-java.inc |
diff --git a/etc/profile-m-z/pycharm-professional.profile b/etc/profile-m-z/pycharm-professional.profile index fa0932cc0..b754a18c9 100644 --- a/etc/profile-m-z/pycharm-professional.profile +++ b/etc/profile-m-z/pycharm-professional.profile | |||
@@ -6,7 +6,7 @@ include pyucharm-professional.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.PyCharm* | 9 | noblacklist ${HOME}/.PyCharm* |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include pycharm-community.profile | 12 | include pycharm-community.profile |
diff --git a/etc/profile-m-z/qbittorrent.profile b/etc/profile-m-z/qbittorrent.profile index fb8e622b0..506b738cc 100644 --- a/etc/profile-m-z/qbittorrent.profile +++ b/etc/profile-m-z/qbittorrent.profile | |||
@@ -6,10 +6,10 @@ include qbittorrent.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/qBittorrent | 9 | noblacklist ${HOME}/.cache/qBittorrent |
10 | nodeny ${HOME}/.config/qBittorrent | 10 | noblacklist ${HOME}/.config/qBittorrent |
11 | nodeny ${HOME}/.config/qBittorrentrc | 11 | noblacklist ${HOME}/.config/qBittorrentrc |
12 | nodeny ${HOME}/.local/share/data/qBittorrent | 12 | noblacklist ${HOME}/.local/share/data/qBittorrent |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
@@ -27,11 +27,11 @@ mkdir ${HOME}/.cache/qBittorrent | |||
27 | mkdir ${HOME}/.config/qBittorrent | 27 | mkdir ${HOME}/.config/qBittorrent |
28 | mkfile ${HOME}/.config/qBittorrentrc | 28 | mkfile ${HOME}/.config/qBittorrentrc |
29 | mkdir ${HOME}/.local/share/data/qBittorrent | 29 | mkdir ${HOME}/.local/share/data/qBittorrent |
30 | allow ${DOWNLOADS} | 30 | whitelist ${DOWNLOADS} |
31 | allow ${HOME}/.cache/qBittorrent | 31 | whitelist ${HOME}/.cache/qBittorrent |
32 | allow ${HOME}/.config/qBittorrent | 32 | whitelist ${HOME}/.config/qBittorrent |
33 | allow ${HOME}/.config/qBittorrentrc | 33 | whitelist ${HOME}/.config/qBittorrentrc |
34 | allow ${HOME}/.local/share/data/qBittorrent | 34 | whitelist ${HOME}/.local/share/data/qBittorrent |
35 | include whitelist-common.inc | 35 | include whitelist-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | 37 | ||
diff --git a/etc/profile-m-z/qcomicbook.profile b/etc/profile-m-z/qcomicbook.profile index 7bcc4b065..0e52d7fc4 100644 --- a/etc/profile-m-z/qcomicbook.profile +++ b/etc/profile-m-z/qcomicbook.profile | |||
@@ -6,10 +6,10 @@ include qcomicbook.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/PawelStolowski | 9 | noblacklist ${HOME}/.cache/PawelStolowski |
10 | nodeny ${HOME}/.config/PawelStolowski | 10 | noblacklist ${HOME}/.config/PawelStolowski |
11 | nodeny ${HOME}/.local/share/PawelStolowski | 11 | noblacklist ${HOME}/.local/share/PawelStolowski |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 14 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
15 | include allow-bin-sh.inc | 15 | include allow-bin-sh.inc |
@@ -27,7 +27,7 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/.cache/PawelStolowski | 27 | mkdir ${HOME}/.cache/PawelStolowski |
28 | mkdir ${HOME}/.config/PawelStolowski | 28 | mkdir ${HOME}/.config/PawelStolowski |
29 | mkdir ${HOME}/.local/share/PawelStolowski | 29 | mkdir ${HOME}/.local/share/PawelStolowski |
30 | allow /usr/share/qcomicbook | 30 | whitelist /usr/share/qcomicbook |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/qemu-launcher.profile b/etc/profile-m-z/qemu-launcher.profile index d527a2b82..ac60384fd 100644 --- a/etc/profile-m-z/qemu-launcher.profile +++ b/etc/profile-m-z/qemu-launcher.profile | |||
@@ -5,7 +5,7 @@ include qemu-launcher.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.qemu-launcher | 8 | noblacklist ${HOME}/.qemu-launcher |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-passwdmgr.inc | 11 | include disable-passwdmgr.inc |
diff --git a/etc/profile-m-z/qgis.profile b/etc/profile-m-z/qgis.profile index e99140c22..2e97daea2 100644 --- a/etc/profile-m-z/qgis.profile +++ b/etc/profile-m-z/qgis.profile | |||
@@ -6,10 +6,10 @@ include qgis.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/QGIS | 9 | noblacklist ${HOME}/.config/QGIS |
10 | nodeny ${HOME}/.local/share/QGIS | 10 | noblacklist ${HOME}/.local/share/QGIS |
11 | nodeny ${HOME}/.qgis2 | 11 | noblacklist ${HOME}/.qgis2 |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python3.inc | 15 | include allow-python3.inc |
@@ -25,10 +25,10 @@ include disable-xdg.inc | |||
25 | mkdir ${HOME}/.local/share/QGIS | 25 | mkdir ${HOME}/.local/share/QGIS |
26 | mkdir ${HOME}/.qgis2 | 26 | mkdir ${HOME}/.qgis2 |
27 | mkdir ${HOME}/.config/QGIS | 27 | mkdir ${HOME}/.config/QGIS |
28 | allow ${HOME}/.local/share/QGIS | 28 | whitelist ${HOME}/.local/share/QGIS |
29 | allow ${HOME}/.qgis2 | 29 | whitelist ${HOME}/.qgis2 |
30 | allow ${HOME}/.config/QGIS | 30 | whitelist ${HOME}/.config/QGIS |
31 | allow ${DOCUMENTS} | 31 | whitelist ${DOCUMENTS} |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-m-z/qlipper.profile b/etc/profile-m-z/qlipper.profile index 75dc58ae4..6e94d5845 100644 --- a/etc/profile-m-z/qlipper.profile +++ b/etc/profile-m-z/qlipper.profile | |||
@@ -6,7 +6,7 @@ include qlipper.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Qlipper | 9 | noblacklist ${HOME}/.config/Qlipper |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qmmp.profile b/etc/profile-m-z/qmmp.profile index d37fce997..c3d982c17 100644 --- a/etc/profile-m-z/qmmp.profile +++ b/etc/profile-m-z/qmmp.profile | |||
@@ -6,8 +6,8 @@ include qmmp.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.qmmp | 9 | noblacklist ${HOME}/.qmmp |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qnapi.profile b/etc/profile-m-z/qnapi.profile index f12340052..ca11df5be 100644 --- a/etc/profile-m-z/qnapi.profile +++ b/etc/profile-m-z/qnapi.profile | |||
@@ -6,7 +6,7 @@ include qnapi.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/qnapi.ini | 9 | noblacklist ${HOME}/.config/qnapi.ini |
10 | 10 | ||
11 | ignore noexec /tmp | 11 | ignore noexec /tmp |
12 | 12 | ||
@@ -20,8 +20,8 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkfile ${HOME}/.config/qnapi.ini | 22 | mkfile ${HOME}/.config/qnapi.ini |
23 | allow ${HOME}/.config/qnapi.ini | 23 | whitelist ${HOME}/.config/qnapi.ini |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/qpdfview.profile b/etc/profile-m-z/qpdfview.profile index 62fae324c..be690ffa4 100644 --- a/etc/profile-m-z/qpdfview.profile +++ b/etc/profile-m-z/qpdfview.profile | |||
@@ -6,9 +6,9 @@ include qpdfview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/qpdfview | 9 | noblacklist ${HOME}/.config/qpdfview |
10 | nodeny ${HOME}/.local/share/qpdfview | 10 | noblacklist ${HOME}/.local/share/qpdfview |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qrencode.profile b/etc/profile-m-z/qrencode.profile index 5f0aec804..6cbf8519f 100644 --- a/etc/profile-m-z/qrencode.profile +++ b/etc/profile-m-z/qrencode.profile | |||
@@ -7,7 +7,7 @@ include qrencode.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qtox.profile b/etc/profile-m-z/qtox.profile index 1ad46814e..8ffe24d11 100644 --- a/etc/profile-m-z/qtox.profile +++ b/etc/profile-m-z/qtox.profile | |||
@@ -6,8 +6,8 @@ include qtox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Tox | 9 | noblacklist ${HOME}/.cache/Tox |
10 | nodeny ${HOME}/.config/tox | 10 | noblacklist ${HOME}/.config/tox |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/tox | 21 | mkdir ${HOME}/.config/tox |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow ${HOME}/.config/tox | 23 | whitelist ${HOME}/.config/tox |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/quadrapassel.profile b/etc/profile-m-z/quadrapassel.profile index aee24925c..91e0d9d0d 100644 --- a/etc/profile-m-z/quadrapassel.profile +++ b/etc/profile-m-z/quadrapassel.profile | |||
@@ -6,11 +6,11 @@ include quadrapassel.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/quadrapassel | 9 | noblacklist ${HOME}/.local/share/quadrapassel |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/quadrapassel | 11 | mkdir ${HOME}/.local/share/quadrapassel |
12 | allow ${HOME}/.local/share/quadrapassel | 12 | whitelist ${HOME}/.local/share/quadrapassel |
13 | allow /usr/share/quadrapassel | 13 | whitelist /usr/share/quadrapassel |
14 | 14 | ||
15 | private-bin quadrapassel | 15 | private-bin quadrapassel |
16 | 16 | ||
diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile index a319e1e12..1d146aa39 100644 --- a/etc/profile-m-z/quaternion.profile +++ b/etc/profile-m-z/quaternion.profile | |||
@@ -6,8 +6,8 @@ include quaternion.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Quotient/quaternion | 9 | noblacklist ${HOME}/.cache/Quotient/quaternion |
10 | nodeny ${HOME}/.config/Quotient | 10 | noblacklist ${HOME}/.config/Quotient |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,10 +20,10 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.cache/Quotient/quaternion | 21 | mkdir ${HOME}/.cache/Quotient/quaternion |
22 | mkdir ${HOME}/.config/Quotient | 22 | mkdir ${HOME}/.config/Quotient |
23 | allow ${HOME}/.cache/Quotient/quaternion | 23 | whitelist ${HOME}/.cache/Quotient/quaternion |
24 | allow ${HOME}/.config/Quotient | 24 | whitelist ${HOME}/.config/Quotient |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | allow /usr/share/Quotient/quaternion | 26 | whitelist /usr/share/Quotient/quaternion |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/quiterss.profile b/etc/profile-m-z/quiterss.profile index 2693f2ed5..9490089b2 100644 --- a/etc/profile-m-z/quiterss.profile +++ b/etc/profile-m-z/quiterss.profile | |||
@@ -6,10 +6,10 @@ include quiterss.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/QuiteRss | 9 | noblacklist ${HOME}/.cache/QuiteRss |
10 | nodeny ${HOME}/.config/QuiteRss | 10 | noblacklist ${HOME}/.config/QuiteRss |
11 | nodeny ${HOME}/.config/QuiteRssrc | 11 | noblacklist ${HOME}/.config/QuiteRssrc |
12 | nodeny ${HOME}/.local/share/QuiteRss | 12 | noblacklist ${HOME}/.local/share/QuiteRss |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -25,12 +25,12 @@ mkdir ${HOME}/.local/share/data | |||
25 | mkdir ${HOME}/.local/share/data/QuiteRss | 25 | mkdir ${HOME}/.local/share/data/QuiteRss |
26 | mkdir ${HOME}/.local/share/QuiteRss | 26 | mkdir ${HOME}/.local/share/QuiteRss |
27 | mkfile ${HOME}/quiterssfeeds.opml | 27 | mkfile ${HOME}/quiterssfeeds.opml |
28 | allow ${HOME}/.cache/QuiteRss | 28 | whitelist ${HOME}/.cache/QuiteRss |
29 | allow ${HOME}/.config/QuiteRss | 29 | whitelist ${HOME}/.config/QuiteRss |
30 | allow ${HOME}/.config/QuiteRssrc | 30 | whitelist ${HOME}/.config/QuiteRssrc |
31 | allow ${HOME}/.local/share/data/QuiteRss | 31 | whitelist ${HOME}/.local/share/data/QuiteRss |
32 | allow ${HOME}/.local/share/QuiteRss | 32 | whitelist ${HOME}/.local/share/QuiteRss |
33 | allow ${HOME}/quiterssfeeds.opml | 33 | whitelist ${HOME}/quiterssfeeds.opml |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | 35 | ||
36 | caps.drop all | 36 | caps.drop all |
diff --git a/etc/profile-m-z/quodlibet.profile b/etc/profile-m-z/quodlibet.profile index 52c120c08..92b02b2bf 100644 --- a/etc/profile-m-z/quodlibet.profile +++ b/etc/profile-m-z/quodlibet.profile | |||
@@ -6,10 +6,10 @@ include quodlibet.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/quodlibet | 9 | noblacklist ${HOME}/.cache/quodlibet |
10 | nodeny ${HOME}/.config/quodlibet | 10 | noblacklist ${HOME}/.config/quodlibet |
11 | nodeny ${HOME}/.quodlibet | 11 | noblacklist ${HOME}/.quodlibet |
12 | nodeny ${MUSIC} | 12 | noblacklist ${MUSIC} |
13 | 13 | ||
14 | include allow-bin-sh.inc | 14 | include allow-bin-sh.inc |
15 | 15 | ||
@@ -30,11 +30,11 @@ mkdir ${HOME}/.cache/quodlibet | |||
30 | mkdir ${HOME}/.config/quodlibet | 30 | mkdir ${HOME}/.config/quodlibet |
31 | mkdir ${HOME}/.quodlibet | 31 | mkdir ${HOME}/.quodlibet |
32 | 32 | ||
33 | allow ${HOME}/.cache/quodlibet | 33 | whitelist ${HOME}/.cache/quodlibet |
34 | allow ${HOME}/.config/quodlibet | 34 | whitelist ${HOME}/.config/quodlibet |
35 | allow ${HOME}/.quodlibet | 35 | whitelist ${HOME}/.quodlibet |
36 | allow ${DOWNLOADS} | 36 | whitelist ${DOWNLOADS} |
37 | allow ${MUSIC} | 37 | whitelist ${MUSIC} |
38 | include whitelist-common.inc | 38 | include whitelist-common.inc |
39 | include whitelist-runuser-common.inc | 39 | include whitelist-runuser-common.inc |
40 | include whitelist-usr-share-common.inc | 40 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/qupzilla.profile b/etc/profile-m-z/qupzilla.profile index 9bc91808b..7aa71c848 100644 --- a/etc/profile-m-z/qupzilla.profile +++ b/etc/profile-m-z/qupzilla.profile | |||
@@ -6,8 +6,8 @@ include qupzilla.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/qupzilla | 9 | noblacklist ${HOME}/.cache/qupzilla |
10 | nodeny ${HOME}/.config/qupzilla | 10 | noblacklist ${HOME}/.config/qupzilla |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.cache/qupzilla | 19 | mkdir ${HOME}/.cache/qupzilla |
20 | mkdir ${HOME}/.config/qupzilla | 20 | mkdir ${HOME}/.config/qupzilla |
21 | allow ${HOME}/.cache/qupzilla | 21 | whitelist ${HOME}/.cache/qupzilla |
22 | allow ${HOME}/.config/qupzilla | 22 | whitelist ${HOME}/.config/qupzilla |
23 | 23 | ||
24 | # Redirect | 24 | # Redirect |
25 | include falkon.profile | 25 | include falkon.profile |
diff --git a/etc/profile-m-z/qutebrowser.profile b/etc/profile-m-z/qutebrowser.profile index a342e2acd..fc910b589 100644 --- a/etc/profile-m-z/qutebrowser.profile +++ b/etc/profile-m-z/qutebrowser.profile | |||
@@ -6,9 +6,9 @@ include qutebrowser.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/qutebrowser | 9 | noblacklist ${HOME}/.cache/qutebrowser |
10 | nodeny ${HOME}/.config/qutebrowser | 10 | noblacklist ${HOME}/.config/qutebrowser |
11 | nodeny ${HOME}/.local/share/qutebrowser | 11 | noblacklist ${HOME}/.local/share/qutebrowser |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
@@ -22,10 +22,10 @@ include disable-programs.inc | |||
22 | mkdir ${HOME}/.cache/qutebrowser | 22 | mkdir ${HOME}/.cache/qutebrowser |
23 | mkdir ${HOME}/.config/qutebrowser | 23 | mkdir ${HOME}/.config/qutebrowser |
24 | mkdir ${HOME}/.local/share/qutebrowser | 24 | mkdir ${HOME}/.local/share/qutebrowser |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | allow ${HOME}/.cache/qutebrowser | 26 | whitelist ${HOME}/.cache/qutebrowser |
27 | allow ${HOME}/.config/qutebrowser | 27 | whitelist ${HOME}/.config/qutebrowser |
28 | allow ${HOME}/.local/share/qutebrowser | 28 | whitelist ${HOME}/.local/share/qutebrowser |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | 30 | ||
31 | caps.drop all | 31 | caps.drop all |
diff --git a/etc/profile-m-z/rambox.profile b/etc/profile-m-z/rambox.profile index b1059cee8..ffa2022ee 100644 --- a/etc/profile-m-z/rambox.profile +++ b/etc/profile-m-z/rambox.profile | |||
@@ -6,9 +6,9 @@ include rambox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Rambox | 9 | noblacklist ${HOME}/.config/Rambox |
10 | nodeny ${HOME}/.pki | 10 | noblacklist ${HOME}/.pki |
11 | nodeny ${HOME}/.local/share/pki | 11 | noblacklist ${HOME}/.local/share/pki |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -18,10 +18,10 @@ include disable-programs.inc | |||
18 | mkdir ${HOME}/.config/Rambox | 18 | mkdir ${HOME}/.config/Rambox |
19 | mkdir ${HOME}/.pki | 19 | mkdir ${HOME}/.pki |
20 | mkdir ${HOME}/.local/share/pki | 20 | mkdir ${HOME}/.local/share/pki |
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | allow ${HOME}/.config/Rambox | 22 | whitelist ${HOME}/.config/Rambox |
23 | allow ${HOME}/.pki | 23 | whitelist ${HOME}/.pki |
24 | allow ${HOME}/.local/share/pki | 24 | whitelist ${HOME}/.local/share/pki |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/redeclipse.profile b/etc/profile-m-z/redeclipse.profile index 3b56f651f..9bc196a16 100644 --- a/etc/profile-m-z/redeclipse.profile +++ b/etc/profile-m-z/redeclipse.profile | |||
@@ -6,7 +6,7 @@ include redeclipse.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.redeclipse | 9 | noblacklist ${HOME}/.redeclipse |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.redeclipse | 19 | mkdir ${HOME}/.redeclipse |
20 | allow ${HOME}/.redeclipse | 20 | whitelist ${HOME}/.redeclipse |
21 | allow /usr/share/redeclipse | 21 | whitelist /usr/share/redeclipse |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | 23 | include whitelist-runuser-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/redshift.profile b/etc/profile-m-z/redshift.profile index 3035e1d74..f87c5f67c 100644 --- a/etc/profile-m-z/redshift.profile +++ b/etc/profile-m-z/redshift.profile | |||
@@ -7,8 +7,8 @@ include redshift.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/redshift | 10 | noblacklist ${HOME}/.config/redshift |
11 | nodeny ${HOME}/.config/redshift.conf | 11 | noblacklist ${HOME}/.config/redshift.conf |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-programs.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/redshift | 21 | mkdir ${HOME}/.config/redshift |
22 | allow ${HOME}/.config/redshift | 22 | whitelist ${HOME}/.config/redshift |
23 | allow ${HOME}/.config/redshift.conf | 23 | whitelist ${HOME}/.config/redshift.conf |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
26 | apparmor | 26 | apparmor |
diff --git a/etc/profile-m-z/regextester.profile b/etc/profile-m-z/regextester.profile index 82feafab9..f5131c5d0 100644 --- a/etc/profile-m-z/regextester.profile +++ b/etc/profile-m-z/regextester.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/com.github.artemanufrij.regextester | 18 | whitelist /usr/share/com.github.artemanufrij.regextester |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/remmina.profile b/etc/profile-m-z/remmina.profile index 3f385f602..aca22f187 100644 --- a/etc/profile-m-z/remmina.profile +++ b/etc/profile-m-z/remmina.profile | |||
@@ -6,9 +6,9 @@ include remmina.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.remmina | 9 | noblacklist ${HOME}/.remmina |
10 | nodeny ${HOME}/.config/remmina | 10 | noblacklist ${HOME}/.config/remmina |
11 | nodeny ${HOME}/.local/share/remmina | 11 | noblacklist ${HOME}/.local/share/remmina |
12 | 12 | ||
13 | # Allow ssh (blacklisted by disable-common.inc) | 13 | # Allow ssh (blacklisted by disable-common.inc) |
14 | include allow-ssh.inc | 14 | include allow-ssh.inc |
diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile index c532d3dc1..970e8ffba 100644 --- a/etc/profile-m-z/rhythmbox.profile +++ b/etc/profile-m-z/rhythmbox.profile | |||
@@ -6,9 +6,9 @@ include rhythmbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | nodeny ${HOME}/.cache/rhythmbox | 10 | noblacklist ${HOME}/.cache/rhythmbox |
11 | nodeny ${HOME}/.local/share/rhythmbox | 11 | noblacklist ${HOME}/.local/share/rhythmbox |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
@@ -26,10 +26,10 @@ include disable-programs.inc | |||
26 | include disable-shell.inc | 26 | include disable-shell.inc |
27 | include disable-xdg.inc | 27 | include disable-xdg.inc |
28 | 28 | ||
29 | allow /usr/share/rhythmbox | 29 | whitelist /usr/share/rhythmbox |
30 | allow /usr/share/lua | 30 | whitelist /usr/share/lua |
31 | allow /usr/share/libquvi-scripts | 31 | whitelist /usr/share/libquvi-scripts |
32 | allow /usr/share/tracker | 32 | whitelist /usr/share/tracker |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/ricochet.profile b/etc/profile-m-z/ricochet.profile index c3ee57ef3..b664a2be3 100644 --- a/etc/profile-m-z/ricochet.profile +++ b/etc/profile-m-z/ricochet.profile | |||
@@ -5,7 +5,7 @@ include ricochet.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.local/share/Ricochet | 8 | noblacklist ${HOME}/.local/share/Ricochet |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.local/share/Ricochet | 18 | mkdir ${HOME}/.local/share/Ricochet |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | allow ${HOME}/.local/share/Ricochet | 20 | whitelist ${HOME}/.local/share/Ricochet |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-m-z/riot-web.profile b/etc/profile-m-z/riot-web.profile index 782396a50..687c943b0 100644 --- a/etc/profile-m-z/riot-web.profile +++ b/etc/profile-m-z/riot-web.profile | |||
@@ -8,11 +8,11 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec /tmp | 9 | ignore noexec /tmp |
10 | 10 | ||
11 | nodeny ${HOME}/.config/Riot | 11 | noblacklist ${HOME}/.config/Riot |
12 | 12 | ||
13 | mkdir ${HOME}/.config/Riot | 13 | mkdir ${HOME}/.config/Riot |
14 | allow ${HOME}/.config/Riot | 14 | whitelist ${HOME}/.config/Riot |
15 | allow /usr/share/webapps/element | 15 | whitelist /usr/share/webapps/element |
16 | 16 | ||
17 | # Redirect | 17 | # Redirect |
18 | include electron.profile | 18 | include electron.profile |
diff --git a/etc/profile-m-z/ripperx.profile b/etc/profile-m-z/ripperx.profile index c97ac8090..be815e714 100644 --- a/etc/profile-m-z/ripperx.profile +++ b/etc/profile-m-z/ripperx.profile | |||
@@ -6,8 +6,8 @@ include ripperx.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.ripperXrc | 9 | noblacklist ${HOME}/.ripperXrc |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ristretto.profile b/etc/profile-m-z/ristretto.profile index 109d2f8f1..5572cab5a 100644 --- a/etc/profile-m-z/ristretto.profile +++ b/etc/profile-m-z/ristretto.profile | |||
@@ -6,9 +6,9 @@ include ristretto.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/ristretto | 9 | noblacklist ${HOME}/.config/ristretto |
10 | nodeny ${HOME}/.Steam | 10 | noblacklist ${HOME}/.Steam |
11 | nodeny ${HOME}/.steam | 11 | noblacklist ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/rocketchat.profile b/etc/profile-m-z/rocketchat.profile index 1a76c4211..8d3607c75 100644 --- a/etc/profile-m-z/rocketchat.profile +++ b/etc/profile-m-z/rocketchat.profile | |||
@@ -21,10 +21,10 @@ ignore private-cache | |||
21 | ignore private-dev | 21 | ignore private-dev |
22 | ignore private-tmp | 22 | ignore private-tmp |
23 | 23 | ||
24 | nodeny ${HOME}/.config/Rocket.Chat | 24 | noblacklist ${HOME}/.config/Rocket.Chat |
25 | 25 | ||
26 | mkdir ${HOME}/.config/Rocket.Chat | 26 | mkdir ${HOME}/.config/Rocket.Chat |
27 | allow ${HOME}/.config/Rocket.Chat | 27 | whitelist ${HOME}/.config/Rocket.Chat |
28 | 28 | ||
29 | # Redirect | 29 | # Redirect |
30 | include electron.profile | 30 | include electron.profile |
diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index 4807b7d36..690b44bb1 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile | |||
@@ -11,8 +11,8 @@ include globals.local | |||
11 | # not as a daemon (rsync --daemon) nor to create backups. | 11 | # not as a daemon (rsync --daemon) nor to create backups. |
12 | # Usage: firejail --profile=rsync-download_only rsync | 12 | # Usage: firejail --profile=rsync-download_only rsync |
13 | 13 | ||
14 | deny /tmp/.X11-unix | 14 | blacklist /tmp/.X11-unix |
15 | deny ${RUNUSER} | 15 | blacklist ${RUNUSER} |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-m-z/rtv-addons.profile b/etc/profile-m-z/rtv-addons.profile index 6b7d6b155..cc6db5043 100644 --- a/etc/profile-m-z/rtv-addons.profile +++ b/etc/profile-m-z/rtv-addons.profile | |||
@@ -11,16 +11,16 @@ ignore nosound | |||
11 | ignore private-bin | 11 | ignore private-bin |
12 | ignore dbus-user none | 12 | ignore dbus-user none |
13 | 13 | ||
14 | nodeny ${HOME}/.config/mpv | 14 | noblacklist ${HOME}/.config/mpv |
15 | nodeny ${HOME}/.mailcap | 15 | noblacklist ${HOME}/.mailcap |
16 | nodeny ${HOME}/.netrc | 16 | noblacklist ${HOME}/.netrc |
17 | nodeny ${HOME}/.w3m | 17 | noblacklist ${HOME}/.w3m |
18 | 18 | ||
19 | allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs | 19 | whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs |
20 | allow ${HOME}/.config/mpv | 20 | whitelist ${HOME}/.config/mpv |
21 | allow ${HOME}/.mailcap | 21 | whitelist ${HOME}/.mailcap |
22 | allow ${HOME}/.netrc | 22 | whitelist ${HOME}/.netrc |
23 | allow ${HOME}/.w3m | 23 | whitelist ${HOME}/.w3m |
24 | 24 | ||
25 | #private-bin w3m,mpv,youtube-dl | 25 | #private-bin w3m,mpv,youtube-dl |
26 | 26 | ||
diff --git a/etc/profile-m-z/rtv.profile b/etc/profile-m-z/rtv.profile index 074050792..2f1fe0155 100644 --- a/etc/profile-m-z/rtv.profile +++ b/etc/profile-m-z/rtv.profile | |||
@@ -6,11 +6,11 @@ include rtv.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | nodeny ${HOME}/.config/rtv | 12 | noblacklist ${HOME}/.config/rtv |
13 | nodeny ${HOME}/.local/share/rtv | 13 | noblacklist ${HOME}/.local/share/rtv |
14 | 14 | ||
15 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 15 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
16 | include allow-bin-sh.inc | 16 | include allow-bin-sh.inc |
@@ -33,8 +33,8 @@ include disable-xdg.inc | |||
33 | 33 | ||
34 | mkdir ${HOME}/.config/rtv | 34 | mkdir ${HOME}/.config/rtv |
35 | mkdir ${HOME}/.local/share/rtv | 35 | mkdir ${HOME}/.local/share/rtv |
36 | allow ${HOME}/.config/rtv | 36 | whitelist ${HOME}/.config/rtv |
37 | allow ${HOME}/.local/share/rtv | 37 | whitelist ${HOME}/.local/share/rtv |
38 | include whitelist-var-common.inc | 38 | include whitelist-var-common.inc |
39 | 39 | ||
40 | apparmor | 40 | apparmor |
diff --git a/etc/profile-m-z/sayonara.profile b/etc/profile-m-z/sayonara.profile index 963f5da02..de79913cc 100644 --- a/etc/profile-m-z/sayonara.profile +++ b/etc/profile-m-z/sayonara.profile | |||
@@ -5,8 +5,8 @@ include sayonara.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.Sayonara | 8 | noblacklist ${HOME}/.Sayonara |
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/scallion.profile b/etc/profile-m-z/scallion.profile index 26550b5e0..eb8468c3b 100644 --- a/etc/profile-m-z/scallion.profile +++ b/etc/profile-m-z/scallion.profile | |||
@@ -6,10 +6,10 @@ include scallion.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PATH}/llvm* | 9 | noblacklist ${PATH}/llvm* |
10 | nodeny ${PATH}/openssl | 10 | noblacklist ${PATH}/openssl |
11 | nodeny ${PATH}/openssl-1.0 | 11 | noblacklist ${PATH}/openssl-1.0 |
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-exec.inc | 15 | include disable-exec.inc |
diff --git a/etc/profile-m-z/scorched3d.profile b/etc/profile-m-z/scorched3d.profile index 921efb49e..b1989e474 100644 --- a/etc/profile-m-z/scorched3d.profile +++ b/etc/profile-m-z/scorched3d.profile | |||
@@ -6,7 +6,7 @@ include scorched3d.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.scorched3d | 9 | noblacklist ${HOME}/.scorched3d |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.scorched3d | 19 | mkdir ${HOME}/.scorched3d |
20 | allow ${HOME}/.scorched3d | 20 | whitelist ${HOME}/.scorched3d |
21 | allow /usr/share/scorched3d | 21 | whitelist /usr/share/scorched3d |
22 | allow /usr/share/games/scorched3d | 22 | whitelist /usr/share/games/scorched3d |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/scorchwentbonkers.profile b/etc/profile-m-z/scorchwentbonkers.profile index 54a6c3a01..2cb1df6b5 100644 --- a/etc/profile-m-z/scorchwentbonkers.profile +++ b/etc/profile-m-z/scorchwentbonkers.profile | |||
@@ -6,7 +6,7 @@ include scorchwentbonkers.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.swb.ini | 9 | noblacklist ${HOME}/.swb.ini |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.swb.ini | 20 | mkdir ${HOME}/.swb.ini |
21 | allow ${HOME}/.swb.ini | 21 | whitelist ${HOME}/.swb.ini |
22 | allow /usr/share/scorchwentbonkers | 22 | whitelist /usr/share/scorchwentbonkers |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/scribus.profile b/etc/profile-m-z/scribus.profile index 6519f8e87..1fdeaa145 100644 --- a/etc/profile-m-z/scribus.profile +++ b/etc/profile-m-z/scribus.profile | |||
@@ -7,24 +7,24 @@ include scribus.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Support for PDF readers comes with Scribus 1.5 and higher | 9 | # Support for PDF readers comes with Scribus 1.5 and higher |
10 | nodeny ${HOME}/.cache/okular | 10 | noblacklist ${HOME}/.cache/okular |
11 | nodeny ${HOME}/.config/GIMP | 11 | noblacklist ${HOME}/.config/GIMP |
12 | nodeny ${HOME}/.config/okularpartrc | 12 | noblacklist ${HOME}/.config/okularpartrc |
13 | nodeny ${HOME}/.config/okularrc | 13 | noblacklist ${HOME}/.config/okularrc |
14 | nodeny ${HOME}/.config/scribus | 14 | noblacklist ${HOME}/.config/scribus |
15 | nodeny ${HOME}/.config/scribusrc | 15 | noblacklist ${HOME}/.config/scribusrc |
16 | nodeny ${HOME}/.gimp* | 16 | noblacklist ${HOME}/.gimp* |
17 | nodeny ${HOME}/.kde/share/apps/okular | 17 | noblacklist ${HOME}/.kde/share/apps/okular |
18 | nodeny ${HOME}/.kde/share/config/okularpartrc | 18 | noblacklist ${HOME}/.kde/share/config/okularpartrc |
19 | nodeny ${HOME}/.kde/share/config/okularrc | 19 | noblacklist ${HOME}/.kde/share/config/okularrc |
20 | nodeny ${HOME}/.kde4/share/apps/okular | 20 | noblacklist ${HOME}/.kde4/share/apps/okular |
21 | nodeny ${HOME}/.kde4/share/config/okularpartrc | 21 | noblacklist ${HOME}/.kde4/share/config/okularpartrc |
22 | nodeny ${HOME}/.kde4/share/config/okularrc | 22 | noblacklist ${HOME}/.kde4/share/config/okularrc |
23 | nodeny ${HOME}/.local/share/okular | 23 | noblacklist ${HOME}/.local/share/okular |
24 | nodeny ${HOME}/.local/share/scribus | 24 | noblacklist ${HOME}/.local/share/scribus |
25 | nodeny ${HOME}/.scribus | 25 | noblacklist ${HOME}/.scribus |
26 | nodeny ${DOCUMENTS} | 26 | noblacklist ${DOCUMENTS} |
27 | nodeny ${PICTURES} | 27 | noblacklist ${PICTURES} |
28 | 28 | ||
29 | # Allow python (blacklisted by disable-interpreters.inc) | 29 | # Allow python (blacklisted by disable-interpreters.inc) |
30 | include allow-python2.inc | 30 | include allow-python2.inc |
diff --git a/etc/profile-m-z/seahorse-adventures.profile b/etc/profile-m-z/seahorse-adventures.profile index 95cedac3f..7799ab7ed 100644 --- a/etc/profile-m-z/seahorse-adventures.profile +++ b/etc/profile-m-z/seahorse-adventures.profile | |||
@@ -22,8 +22,8 @@ include disable-programs.inc | |||
22 | include disable-shell.inc | 22 | include disable-shell.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | allow /usr/share/seahorse-adventures | 25 | whitelist /usr/share/seahorse-adventures |
26 | allow /usr/share/games/seahorse-adventures | 26 | whitelist /usr/share/games/seahorse-adventures |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/seahorse.profile b/etc/profile-m-z/seahorse.profile index 66605173b..d3d8e453f 100644 --- a/etc/profile-m-z/seahorse.profile +++ b/etc/profile-m-z/seahorse.profile | |||
@@ -6,9 +6,9 @@ include seahorse.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | 10 | ||
11 | nodeny ${HOME}/.gnupg | 11 | noblacklist ${HOME}/.gnupg |
12 | 12 | ||
13 | # Allow ssh (blacklisted by disable-common.inc) | 13 | # Allow ssh (blacklisted by disable-common.inc) |
14 | include allow-ssh.inc | 14 | include allow-ssh.inc |
@@ -27,13 +27,13 @@ include disable-xdg.inc | |||
27 | #mkdir ${HOME}/.ssh | 27 | #mkdir ${HOME}/.ssh |
28 | #whitelist ${HOME}/.gnupg | 28 | #whitelist ${HOME}/.gnupg |
29 | #whitelist ${HOME}/.ssh | 29 | #whitelist ${HOME}/.ssh |
30 | allow /tmp/ssh-* | 30 | whitelist /tmp/ssh-* |
31 | allow /usr/share/gnupg | 31 | whitelist /usr/share/gnupg |
32 | allow /usr/share/gnupg2 | 32 | whitelist /usr/share/gnupg2 |
33 | allow /usr/share/seahorse | 33 | whitelist /usr/share/seahorse |
34 | allow /usr/share/seahorse-nautilus | 34 | whitelist /usr/share/seahorse-nautilus |
35 | allow ${RUNUSER}/gnupg | 35 | whitelist ${RUNUSER}/gnupg |
36 | allow ${RUNUSER}/keyring | 36 | whitelist ${RUNUSER}/keyring |
37 | #include whitelist-common.inc | 37 | #include whitelist-common.inc |
38 | include whitelist-runuser-common.inc | 38 | include whitelist-runuser-common.inc |
39 | include whitelist-usr-share-common.inc | 39 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/seamonkey.profile b/etc/profile-m-z/seamonkey.profile index c9867719a..807effbeb 100644 --- a/etc/profile-m-z/seamonkey.profile +++ b/etc/profile-m-z/seamonkey.profile | |||
@@ -6,10 +6,10 @@ include seamonkey.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/mozilla | 9 | noblacklist ${HOME}/.cache/mozilla |
10 | nodeny ${HOME}/.mozilla | 10 | noblacklist ${HOME}/.mozilla |
11 | nodeny ${HOME}/.pki | 11 | noblacklist ${HOME}/.pki |
12 | nodeny ${HOME}/.local/share/pki | 12 | noblacklist ${HOME}/.local/share/pki |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -20,25 +20,25 @@ mkdir ${HOME}/.cache/mozilla | |||
20 | mkdir ${HOME}/.mozilla | 20 | mkdir ${HOME}/.mozilla |
21 | mkdir ${HOME}/.pki | 21 | mkdir ${HOME}/.pki |
22 | mkdir ${HOME}/.local/share/pki | 22 | mkdir ${HOME}/.local/share/pki |
23 | allow ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
24 | allow ${HOME}/.cache/gnome-mplayer/plugin | 24 | whitelist ${HOME}/.cache/gnome-mplayer/plugin |
25 | allow ${HOME}/.cache/mozilla | 25 | whitelist ${HOME}/.cache/mozilla |
26 | allow ${HOME}/.config/gnome-mplayer | 26 | whitelist ${HOME}/.config/gnome-mplayer |
27 | allow ${HOME}/.config/pipelight-silverlight5.1 | 27 | whitelist ${HOME}/.config/pipelight-silverlight5.1 |
28 | allow ${HOME}/.config/pipelight-widevine | 28 | whitelist ${HOME}/.config/pipelight-widevine |
29 | allow ${HOME}/.keysnail.js | 29 | whitelist ${HOME}/.keysnail.js |
30 | allow ${HOME}/.lastpass | 30 | whitelist ${HOME}/.lastpass |
31 | allow ${HOME}/.mozilla | 31 | whitelist ${HOME}/.mozilla |
32 | allow ${HOME}/.pentadactyl | 32 | whitelist ${HOME}/.pentadactyl |
33 | allow ${HOME}/.pentadactylrc | 33 | whitelist ${HOME}/.pentadactylrc |
34 | allow ${HOME}/.pki | 34 | whitelist ${HOME}/.pki |
35 | allow ${HOME}/.local/share/pki | 35 | whitelist ${HOME}/.local/share/pki |
36 | allow ${HOME}/.vimperator | 36 | whitelist ${HOME}/.vimperator |
37 | allow ${HOME}/.vimperatorrc | 37 | whitelist ${HOME}/.vimperatorrc |
38 | allow ${HOME}/.wine-pipelight | 38 | whitelist ${HOME}/.wine-pipelight |
39 | allow ${HOME}/.wine-pipelight64 | 39 | whitelist ${HOME}/.wine-pipelight64 |
40 | allow ${HOME}/.zotero | 40 | whitelist ${HOME}/.zotero |
41 | allow ${HOME}/dwhelper | 41 | whitelist ${HOME}/dwhelper |
42 | include whitelist-common.inc | 42 | include whitelist-common.inc |
43 | 43 | ||
44 | caps.drop all | 44 | caps.drop all |
diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile index 23f464637..7d56684db 100644 --- a/etc/profile-m-z/server.profile +++ b/etc/profile-m-z/server.profile | |||
@@ -32,12 +32,12 @@ include globals.local | |||
32 | # it allows /sbin and /usr/sbin directories - this is where servers are installed | 32 | # it allows /sbin and /usr/sbin directories - this is where servers are installed |
33 | # depending on your usage, you can enable some of the commands below: | 33 | # depending on your usage, you can enable some of the commands below: |
34 | 34 | ||
35 | nodeny /sbin | 35 | noblacklist /sbin |
36 | nodeny /usr/sbin | 36 | noblacklist /usr/sbin |
37 | # noblacklist /var/opt | 37 | # noblacklist /var/opt |
38 | 38 | ||
39 | deny /tmp/.X11-unix | 39 | blacklist /tmp/.X11-unix |
40 | deny ${RUNUSER}/wayland-* | 40 | blacklist ${RUNUSER}/wayland-* |
41 | 41 | ||
42 | include disable-common.inc | 42 | include disable-common.inc |
43 | # include disable-devel.inc | 43 | # include disable-devel.inc |
diff --git a/etc/profile-m-z/shellcheck.profile b/etc/profile-m-z/shellcheck.profile index 0cb9de45a..b7f398f45 100644 --- a/etc/profile-m-z/shellcheck.profile +++ b/etc/profile-m-z/shellcheck.profile | |||
@@ -7,9 +7,9 @@ include shellcheck.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | nodeny ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-passwdmgr.inc | |||
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | allow /usr/share/shellcheck | 22 | whitelist /usr/share/shellcheck |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
diff --git a/etc/profile-m-z/shortwave.profile b/etc/profile-m-z/shortwave.profile index a8e5f6b18..d629240ec 100644 --- a/etc/profile-m-z/shortwave.profile +++ b/etc/profile-m-z/shortwave.profile | |||
@@ -6,8 +6,8 @@ include shortwave.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Shortwave | 9 | noblacklist ${HOME}/.cache/Shortwave |
10 | nodeny ${HOME}/.local/share/Shortwave | 10 | noblacklist ${HOME}/.local/share/Shortwave |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/Shortwave | 20 | mkdir ${HOME}/.cache/Shortwave |
21 | mkdir ${HOME}/.local/share/Shortwave | 21 | mkdir ${HOME}/.local/share/Shortwave |
22 | allow ${HOME}/.cache/Shortwave | 22 | whitelist ${HOME}/.cache/Shortwave |
23 | allow ${HOME}/.local/share/Shortwave | 23 | whitelist ${HOME}/.local/share/Shortwave |
24 | allow /usr/share/shortwave | 24 | whitelist /usr/share/shortwave |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/shotcut.profile b/etc/profile-m-z/shotcut.profile index 1f3c39c46..63af4d367 100644 --- a/etc/profile-m-z/shotcut.profile +++ b/etc/profile-m-z/shotcut.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.config/Meltytech | 11 | noblacklist ${HOME}/.config/Meltytech |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/shotwell.profile b/etc/profile-m-z/shotwell.profile index b653930c3..ddc8a7743 100644 --- a/etc/profile-m-z/shotwell.profile +++ b/etc/profile-m-z/shotwell.profile | |||
@@ -6,10 +6,10 @@ include shotwell.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/shotwell | 9 | noblacklist ${HOME}/.cache/shotwell |
10 | nodeny ${HOME}/.local/share/shotwell | 10 | noblacklist ${HOME}/.local/share/shotwell |
11 | 11 | ||
12 | nodeny ${PICTURES} | 12 | noblacklist ${PICTURES} |
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | 15 | include disable-exec.inc |
@@ -21,9 +21,9 @@ include disable-xdg.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.cache/shotwell | 22 | mkdir ${HOME}/.cache/shotwell |
23 | mkdir ${HOME}/.local/share/shotwell | 23 | mkdir ${HOME}/.local/share/shotwell |
24 | allow ${HOME}/.cache/shotwell | 24 | whitelist ${HOME}/.cache/shotwell |
25 | allow ${HOME}/.local/share/shotwell | 25 | whitelist ${HOME}/.local/share/shotwell |
26 | allow ${PICTURES} | 26 | whitelist ${PICTURES} |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/signal-cli.profile b/etc/profile-m-z/signal-cli.profile index 8a46899f1..478377344 100644 --- a/etc/profile-m-z/signal-cli.profile +++ b/etc/profile-m-z/signal-cli.profile | |||
@@ -6,10 +6,10 @@ include signal-cli.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | nodeny ${HOME}/.local/share/signal-cli | 12 | noblacklist ${HOME}/.local/share/signal-cli |
13 | 13 | ||
14 | include allow-java.inc | 14 | include allow-java.inc |
15 | 15 | ||
@@ -22,7 +22,7 @@ include disable-programs.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.local/share/signal-cli | 24 | mkdir ${HOME}/.local/share/signal-cli |
25 | allow ${HOME}/.local/share/signal-cli | 25 | whitelist ${HOME}/.local/share/signal-cli |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/signal-desktop.profile b/etc/profile-m-z/signal-desktop.profile index a12080748..77a7f5b38 100644 --- a/etc/profile-m-z/signal-desktop.profile +++ b/etc/profile-m-z/signal-desktop.profile | |||
@@ -9,15 +9,15 @@ ignore novideo | |||
9 | 9 | ||
10 | ignore noexec /tmp | 10 | ignore noexec /tmp |
11 | 11 | ||
12 | nodeny ${HOME}/.config/Signal | 12 | noblacklist ${HOME}/.config/Signal |
13 | 13 | ||
14 | # These lines are needed to allow Firefox to open links | 14 | # These lines are needed to allow Firefox to open links |
15 | nodeny ${HOME}/.mozilla | 15 | noblacklist ${HOME}/.mozilla |
16 | allow ${HOME}/.mozilla/firefox/profiles.ini | 16 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
17 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 17 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
18 | 18 | ||
19 | mkdir ${HOME}/.config/Signal | 19 | mkdir ${HOME}/.config/Signal |
20 | allow ${HOME}/.config/Signal | 20 | whitelist ${HOME}/.config/Signal |
21 | 21 | ||
22 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 22 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl |
23 | 23 | ||
diff --git a/etc/profile-m-z/simple-scan.profile b/etc/profile-m-z/simple-scan.profile index 589a44ffc..17920677b 100644 --- a/etc/profile-m-z/simple-scan.profile +++ b/etc/profile-m-z/simple-scan.profile | |||
@@ -6,8 +6,8 @@ include simple-scan.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/simple-scan | 9 | noblacklist ${HOME}/.cache/simple-scan |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | allow /usr/share/hplip | 19 | whitelist /usr/share/hplip |
20 | allow /usr/share/simple-scan | 20 | whitelist /usr/share/simple-scan |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/simplescreenrecorder.profile b/etc/profile-m-z/simplescreenrecorder.profile index 83f833508..d664f8bf5 100644 --- a/etc/profile-m-z/simplescreenrecorder.profile +++ b/etc/profile-m-z/simplescreenrecorder.profile | |||
@@ -6,8 +6,8 @@ include simplescreenrecorder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${VIDEOS} | 9 | noblacklist ${VIDEOS} |
10 | nodeny ${HOME}/.ssr | 10 | noblacklist ${HOME}/.ssr |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow /usr/share/simplescreenrecorder | 20 | whitelist /usr/share/simplescreenrecorder |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/simutrans.profile b/etc/profile-m-z/simutrans.profile index 1d7f41579..afaa0f6d8 100644 --- a/etc/profile-m-z/simutrans.profile +++ b/etc/profile-m-z/simutrans.profile | |||
@@ -6,7 +6,7 @@ include simutrans.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.simutrans | 9 | noblacklist ${HOME}/.simutrans |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.simutrans | 18 | mkdir ${HOME}/.simutrans |
19 | allow ${HOME}/.simutrans | 19 | whitelist ${HOME}/.simutrans |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-m-z/skanlite.profile b/etc/profile-m-z/skanlite.profile index 98ed624f9..093a61398 100644 --- a/etc/profile-m-z/skanlite.profile +++ b/etc/profile-m-z/skanlite.profile | |||
@@ -6,7 +6,7 @@ include skanlite.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/skypeforlinux.profile b/etc/profile-m-z/skypeforlinux.profile index e7f70eebe..ed04eda8e 100644 --- a/etc/profile-m-z/skypeforlinux.profile +++ b/etc/profile-m-z/skypeforlinux.profile | |||
@@ -21,7 +21,7 @@ ignore dbus-system none | |||
21 | ignore apparmor | 21 | ignore apparmor |
22 | ignore noexec /tmp | 22 | ignore noexec /tmp |
23 | 23 | ||
24 | nodeny ${HOME}/.config/skypeforlinux | 24 | noblacklist ${HOME}/.config/skypeforlinux |
25 | 25 | ||
26 | # private-dev - needs /dev/disk | 26 | # private-dev - needs /dev/disk |
27 | 27 | ||
diff --git a/etc/profile-m-z/slack.profile b/etc/profile-m-z/slack.profile index b8299add3..51f6c8b00 100644 --- a/etc/profile-m-z/slack.profile +++ b/etc/profile-m-z/slack.profile | |||
@@ -16,14 +16,14 @@ ignore private-tmp | |||
16 | ignore dbus-user none | 16 | ignore dbus-user none |
17 | ignore dbus-system none | 17 | ignore dbus-system none |
18 | 18 | ||
19 | nodeny ${HOME}/.config/Slack | 19 | noblacklist ${HOME}/.config/Slack |
20 | 20 | ||
21 | include allow-bin-sh.inc | 21 | include allow-bin-sh.inc |
22 | 22 | ||
23 | include disable-shell.inc | 23 | include disable-shell.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.config/Slack | 25 | mkdir ${HOME}/.config/Slack |
26 | allow ${HOME}/.config/Slack | 26 | whitelist ${HOME}/.config/Slack |
27 | 27 | ||
28 | private-bin electron,electron[0-9],electron[0-9][0-9],locale,sh,slack | 28 | private-bin electron,electron[0-9],electron[0-9][0-9],locale,sh,slack |
29 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,debian_version,fedora-release,fonts,group,ld.so.cache,ld.so.conf,localtime,machine-id,os-release,passwd,pki,pulse,redhat-release,resolv.conf,ssl,system-release,system-release-cpe | 29 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,debian_version,fedora-release,fonts,group,ld.so.cache,ld.so.conf,localtime,machine-id,os-release,passwd,pki,pulse,redhat-release,resolv.conf,ssl,system-release,system-release-cpe |
diff --git a/etc/profile-m-z/slashem.profile b/etc/profile-m-z/slashem.profile index 36a0044dc..c5a31c237 100644 --- a/etc/profile-m-z/slashem.profile +++ b/etc/profile-m-z/slashem.profile | |||
@@ -6,7 +6,7 @@ include slashem.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /var/games/slashem | 9 | noblacklist /var/games/slashem |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -15,7 +15,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | allow /var/games/slashem | 18 | whitelist /var/games/slashem |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/smplayer.profile b/etc/profile-m-z/smplayer.profile index 4e4334dc0..01547e5c1 100644 --- a/etc/profile-m-z/smplayer.profile +++ b/etc/profile-m-z/smplayer.profile | |||
@@ -6,9 +6,9 @@ include smplayer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/smplayer | 9 | noblacklist ${HOME}/.config/smplayer |
10 | nodeny ${HOME}/.config/youtube-dl | 10 | noblacklist ${HOME}/.config/youtube-dl |
11 | nodeny ${HOME}/.mplayer | 11 | noblacklist ${HOME}/.mplayer |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | 13 | # Allow lua (blacklisted by disable-interpreters.inc) |
14 | include allow-lua.inc | 14 | include allow-lua.inc |
@@ -17,8 +17,8 @@ include allow-lua.inc | |||
17 | include allow-python2.inc | 17 | include allow-python2.inc |
18 | include allow-python3.inc | 18 | include allow-python3.inc |
19 | 19 | ||
20 | nodeny ${MUSIC} | 20 | noblacklist ${MUSIC} |
21 | nodeny ${VIDEOS} | 21 | noblacklist ${VIDEOS} |
22 | 22 | ||
23 | include disable-common.inc | 23 | include disable-common.inc |
24 | include disable-devel.inc | 24 | include disable-devel.inc |
@@ -29,9 +29,9 @@ include disable-programs.inc | |||
29 | include disable-shell.inc | 29 | include disable-shell.inc |
30 | include disable-xdg.inc | 30 | include disable-xdg.inc |
31 | 31 | ||
32 | allow /usr/share/lua* | 32 | whitelist /usr/share/lua* |
33 | allow /usr/share/smplayer | 33 | whitelist /usr/share/smplayer |
34 | allow /usr/share/vulkan | 34 | whitelist /usr/share/vulkan |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | 37 | ||
diff --git a/etc/profile-m-z/smtube.profile b/etc/profile-m-z/smtube.profile index 99d02ffdf..196950eaf 100644 --- a/etc/profile-m-z/smtube.profile +++ b/etc/profile-m-z/smtube.profile | |||
@@ -6,14 +6,14 @@ include smtube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/smplayer | 9 | noblacklist ${HOME}/.config/smplayer |
10 | nodeny ${HOME}/.config/smtube | 10 | noblacklist ${HOME}/.config/smtube |
11 | nodeny ${HOME}/.config/mpv | 11 | noblacklist ${HOME}/.config/mpv |
12 | nodeny ${HOME}/.mplayer | 12 | noblacklist ${HOME}/.mplayer |
13 | nodeny ${HOME}/.config/vlc | 13 | noblacklist ${HOME}/.config/vlc |
14 | nodeny ${HOME}/.local/share/vlc | 14 | noblacklist ${HOME}/.local/share/vlc |
15 | nodeny ${MUSIC} | 15 | noblacklist ${MUSIC} |
16 | nodeny ${VIDEOS} | 16 | noblacklist ${VIDEOS} |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -23,8 +23,8 @@ include disable-passwdmgr.inc | |||
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | allow /usr/share/smplayer | 26 | whitelist /usr/share/smplayer |
27 | allow /usr/share/smtube | 27 | whitelist /usr/share/smtube |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
diff --git a/etc/profile-m-z/smuxi-frontend-gnome.profile b/etc/profile-m-z/smuxi-frontend-gnome.profile index 3a79890cc..c3a9bb858 100644 --- a/etc/profile-m-z/smuxi-frontend-gnome.profile +++ b/etc/profile-m-z/smuxi-frontend-gnome.profile | |||
@@ -6,9 +6,9 @@ include smuxi-frontend-gnome.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/smuxi | 9 | noblacklist ${HOME}/.cache/smuxi |
10 | nodeny ${HOME}/.config/smuxi | 10 | noblacklist ${HOME}/.config/smuxi |
11 | nodeny ${HOME}/.local/share/smuxi | 11 | noblacklist ${HOME}/.local/share/smuxi |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,10 +21,10 @@ include disable-xdg.inc | |||
21 | mkdir ${HOME}/.cache/smuxi | 21 | mkdir ${HOME}/.cache/smuxi |
22 | mkdir ${HOME}/.config/smuxi | 22 | mkdir ${HOME}/.config/smuxi |
23 | mkdir ${HOME}/.local/share/smuxi | 23 | mkdir ${HOME}/.local/share/smuxi |
24 | allow ${HOME}/.cache/smuxi | 24 | whitelist ${HOME}/.cache/smuxi |
25 | allow ${HOME}/.config/smuxi | 25 | whitelist ${HOME}/.config/smuxi |
26 | allow ${HOME}/.local/share/smuxi | 26 | whitelist ${HOME}/.local/share/smuxi |
27 | allow ${DOWNLOADS} | 27 | whitelist ${DOWNLOADS} |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/snox.profile b/etc/profile-m-z/snox.profile index 1d315404e..83493652c 100644 --- a/etc/profile-m-z/snox.profile +++ b/etc/profile-m-z/snox.profile | |||
@@ -10,15 +10,15 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/snox | 13 | noblacklist ${HOME}/.cache/snox |
14 | nodeny ${HOME}/.config/snox | 14 | noblacklist ${HOME}/.config/snox |
15 | 15 | ||
16 | #mkdir ${HOME}/.cache/dnox | 16 | #mkdir ${HOME}/.cache/dnox |
17 | #mkdir ${HOME}/.config/dnox | 17 | #mkdir ${HOME}/.config/dnox |
18 | mkdir ${HOME}/.cache/snox | 18 | mkdir ${HOME}/.cache/snox |
19 | mkdir ${HOME}/.config/snox | 19 | mkdir ${HOME}/.config/snox |
20 | allow ${HOME}/.cache/snox | 20 | whitelist ${HOME}/.cache/snox |
21 | allow ${HOME}/.config/snox | 21 | whitelist ${HOME}/.config/snox |
22 | 22 | ||
23 | # Redirect | 23 | # Redirect |
24 | include chromium-common.profile | 24 | include chromium-common.profile |
diff --git a/etc/profile-m-z/softmaker-common.profile b/etc/profile-m-z/softmaker-common.profile index bd4991e81..83315231f 100644 --- a/etc/profile-m-z/softmaker-common.profile +++ b/etc/profile-m-z/softmaker-common.profile | |||
@@ -10,7 +10,7 @@ include softmaker-common.local | |||
10 | # with an absolute Exec line. These files are NOT handelt by firecfg, | 10 | # with an absolute Exec line. These files are NOT handelt by firecfg, |
11 | # therefore you must manualy copy them in you home and remove '/usr/bin/'. | 11 | # therefore you must manualy copy them in you home and remove '/usr/bin/'. |
12 | 12 | ||
13 | nodeny ${HOME}/SoftMaker | 13 | noblacklist ${HOME}/SoftMaker |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | allow /usr/share/office2018 | 22 | whitelist /usr/share/office2018 |
23 | allow /usr/share/freeoffice2018 | 23 | whitelist /usr/share/freeoffice2018 |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/sound-juicer.profile b/etc/profile-m-z/sound-juicer.profile index 16ee39e09..ef00fdfff 100644 --- a/etc/profile-m-z/sound-juicer.profile +++ b/etc/profile-m-z/sound-juicer.profile | |||
@@ -6,8 +6,8 @@ include sound-juicer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/sound-juicer | 9 | noblacklist ${HOME}/.config/sound-juicer |
10 | nodeny ${MUSIC} | 10 | noblacklist ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/soundconverter.profile b/etc/profile-m-z/soundconverter.profile index 46da7a453..4dbf34100 100644 --- a/etc/profile-m-z/soundconverter.profile +++ b/etc/profile-m-z/soundconverter.profile | |||
@@ -10,7 +10,7 @@ include globals.local | |||
10 | include allow-python2.inc | 10 | include allow-python2.inc |
11 | include allow-python3.inc | 11 | include allow-python3.inc |
12 | 12 | ||
13 | nodeny ${MUSIC} | 13 | noblacklist ${MUSIC} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | allow ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
24 | allow ${MUSIC} | 24 | whitelist ${MUSIC} |
25 | allow /usr/share/soundconverter | 25 | whitelist /usr/share/soundconverter |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/spectacle.profile b/etc/profile-m-z/spectacle.profile index 08adb5861..4468f21e7 100644 --- a/etc/profile-m-z/spectacle.profile +++ b/etc/profile-m-z/spectacle.profile | |||
@@ -12,8 +12,8 @@ include globals.local | |||
12 | #private-etc ca-certificates,crypto-policies,pki,resolv.conf,ssl | 12 | #private-etc ca-certificates,crypto-policies,pki,resolv.conf,ssl |
13 | #protocol unix,inet,inet6 | 13 | #protocol unix,inet,inet6 |
14 | 14 | ||
15 | nodeny ${HOME}/.config/spectaclerc | 15 | noblacklist ${HOME}/.config/spectaclerc |
16 | nodeny ${PICTURES} | 16 | noblacklist ${PICTURES} |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -24,10 +24,10 @@ include disable-programs.inc | |||
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | mkfile ${HOME}/.config/spectaclerc | 26 | mkfile ${HOME}/.config/spectaclerc |
27 | allow ${HOME}/.config/spectaclerc | 27 | whitelist ${HOME}/.config/spectaclerc |
28 | allow ${PICTURES} | 28 | whitelist ${PICTURES} |
29 | allow /usr/share/kconf_update/spectacle_newConfig.upd | 29 | whitelist /usr/share/kconf_update/spectacle_newConfig.upd |
30 | allow /usr/share/kconf_update/spectacle_shortcuts.upd | 30 | whitelist /usr/share/kconf_update/spectacle_shortcuts.upd |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
33 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile index 4c1b2d3e1..283674517 100644 --- a/etc/profile-m-z/spectral.profile +++ b/etc/profile-m-z/spectral.profile | |||
@@ -6,8 +6,8 @@ include spectral.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/ENCOM/Spectral | 9 | noblacklist ${HOME}/.cache/ENCOM/Spectral |
10 | nodeny ${HOME}/.config/ENCOM | 10 | noblacklist ${HOME}/.config/ENCOM |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.cache/ENCOM/Spectral | 21 | mkdir ${HOME}/.cache/ENCOM/Spectral |
22 | mkdir ${HOME}/.config/ENCOM | 22 | mkdir ${HOME}/.config/ENCOM |
23 | allow ${HOME}/.cache/ENCOM/Spectral | 23 | whitelist ${HOME}/.cache/ENCOM/Spectral |
24 | allow ${HOME}/.config/ENCOM | 24 | whitelist ${HOME}/.config/ENCOM |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/spectre-meltdown-checker.profile b/etc/profile-m-z/spectre-meltdown-checker.profile index 3a3fd838d..984461f90 100644 --- a/etc/profile-m-z/spectre-meltdown-checker.profile +++ b/etc/profile-m-z/spectre-meltdown-checker.profile | |||
@@ -6,10 +6,10 @@ include spectre-meltdown-checker.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | deny ${RUNUSER}/wayland-* | 9 | blacklist ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | nodeny ${PATH}/mount | 11 | noblacklist ${PATH}/mount |
12 | nodeny ${PATH}/umount | 12 | noblacklist ${PATH}/umount |
13 | 13 | ||
14 | # Allow perl (blacklisted by disable-interpreters.inc) | 14 | # Allow perl (blacklisted by disable-interpreters.inc) |
15 | include allow-perl.inc | 15 | include allow-perl.inc |
diff --git a/etc/profile-m-z/spotify.profile b/etc/profile-m-z/spotify.profile index e1c830268..01bc2bc05 100644 --- a/etc/profile-m-z/spotify.profile +++ b/etc/profile-m-z/spotify.profile | |||
@@ -5,11 +5,11 @@ include spotify.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/spotify | 8 | noblacklist ${HOME}/.cache/spotify |
9 | nodeny ${HOME}/.config/spotify | 9 | noblacklist ${HOME}/.config/spotify |
10 | nodeny ${HOME}/.local/share/spotify | 10 | noblacklist ${HOME}/.local/share/spotify |
11 | 11 | ||
12 | deny ${HOME}/.bashrc | 12 | blacklist ${HOME}/.bashrc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -21,9 +21,9 @@ include disable-programs.inc | |||
21 | mkdir ${HOME}/.cache/spotify | 21 | mkdir ${HOME}/.cache/spotify |
22 | mkdir ${HOME}/.config/spotify | 22 | mkdir ${HOME}/.config/spotify |
23 | mkdir ${HOME}/.local/share/spotify | 23 | mkdir ${HOME}/.local/share/spotify |
24 | allow ${HOME}/.cache/spotify | 24 | whitelist ${HOME}/.cache/spotify |
25 | allow ${HOME}/.config/spotify | 25 | whitelist ${HOME}/.config/spotify |
26 | allow ${HOME}/.local/share/spotify | 26 | whitelist ${HOME}/.local/share/spotify |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index aa577b63a..4dd2c7262 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile | |||
@@ -6,8 +6,8 @@ include sqlitebrowser.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/sqlitebrowser | 9 | noblacklist ${HOME}/.config/sqlitebrowser |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile index e456ebe07..5802299a3 100644 --- a/etc/profile-m-z/ssh-agent.profile +++ b/etc/profile-m-z/ssh-agent.profile | |||
@@ -9,8 +9,8 @@ include globals.local | |||
9 | # Allow ssh (blacklisted by disable-common.inc) | 9 | # Allow ssh (blacklisted by disable-common.inc) |
10 | include allow-ssh.inc | 10 | include allow-ssh.inc |
11 | 11 | ||
12 | deny /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | deny ${RUNUSER}/wayland-* | 13 | blacklist ${RUNUSER}/wayland-* |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index 8a0d86150..a58642192 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -8,8 +8,8 @@ include ssh.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | # nc can be used as ProxyCommand, e.g. when using tor | 10 | # nc can be used as ProxyCommand, e.g. when using tor |
11 | nodeny ${PATH}/nc | 11 | noblacklist ${PATH}/nc |
12 | nodeny ${PATH}/ncat | 12 | noblacklist ${PATH}/ncat |
13 | 13 | ||
14 | # Allow ssh (blacklisted by disable-common.inc) | 14 | # Allow ssh (blacklisted by disable-common.inc) |
15 | include allow-ssh.inc | 15 | include allow-ssh.inc |
@@ -19,8 +19,8 @@ include disable-exec.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | allow ${RUNUSER}/gnupg/S.gpg-agent.ssh | 22 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh |
23 | allow ${RUNUSER}/keyring/ssh | 23 | whitelist ${RUNUSER}/keyring/ssh |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/standardnotes-desktop.profile b/etc/profile-m-z/standardnotes-desktop.profile index 75de118ab..48a532876 100644 --- a/etc/profile-m-z/standardnotes-desktop.profile +++ b/etc/profile-m-z/standardnotes-desktop.profile | |||
@@ -5,8 +5,8 @@ include standardnotes-desktop.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/Standard Notes Backups | 8 | noblacklist ${HOME}/Standard Notes Backups |
9 | nodeny ${HOME}/.config/Standard Notes | 9 | noblacklist ${HOME}/.config/Standard Notes |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | mkdir ${HOME}/Standard Notes Backups | 18 | mkdir ${HOME}/Standard Notes Backups |
19 | mkdir ${HOME}/.config/Standard Notes | 19 | mkdir ${HOME}/.config/Standard Notes |
20 | allow ${HOME}/Standard Notes Backups | 20 | whitelist ${HOME}/Standard Notes Backups |
21 | allow ${HOME}/.config/Standard Notes | 21 | whitelist ${HOME}/.config/Standard Notes |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
24 | apparmor | 24 | apparmor |
diff --git a/etc/profile-m-z/start-tor-browser.desktop.profile b/etc/profile-m-z/start-tor-browser.desktop.profile index 8f75365e8..2f73c9fee 100644 --- a/etc/profile-m-z/start-tor-browser.desktop.profile +++ b/etc/profile-m-z/start-tor-browser.desktop.profile | |||
@@ -6,71 +6,71 @@ include start-tor-browser.desktop.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser* | 9 | noblacklist ${HOME}/.tor-browser* |
10 | 10 | ||
11 | allow ${HOME}/.tor-browser-ar | 11 | whitelist ${HOME}/.tor-browser-ar |
12 | allow ${HOME}/.tor-browser-ca | 12 | whitelist ${HOME}/.tor-browser-ca |
13 | allow ${HOME}/.tor-browser-cs | 13 | whitelist ${HOME}/.tor-browser-cs |
14 | allow ${HOME}/.tor-browser-da | 14 | whitelist ${HOME}/.tor-browser-da |
15 | allow ${HOME}/.tor-browser-de | 15 | whitelist ${HOME}/.tor-browser-de |
16 | allow ${HOME}/.tor-browser-el | 16 | whitelist ${HOME}/.tor-browser-el |
17 | allow ${HOME}/.tor-browser-en | 17 | whitelist ${HOME}/.tor-browser-en |
18 | allow ${HOME}/.tor-browser-en-us | 18 | whitelist ${HOME}/.tor-browser-en-us |
19 | allow ${HOME}/.tor-browser-es | 19 | whitelist ${HOME}/.tor-browser-es |
20 | allow ${HOME}/.tor-browser-es-es | 20 | whitelist ${HOME}/.tor-browser-es-es |
21 | allow ${HOME}/.tor-browser-fa | 21 | whitelist ${HOME}/.tor-browser-fa |
22 | allow ${HOME}/.tor-browser-fr | 22 | whitelist ${HOME}/.tor-browser-fr |
23 | allow ${HOME}/.tor-browser-ga-ie | 23 | whitelist ${HOME}/.tor-browser-ga-ie |
24 | allow ${HOME}/.tor-browser-he | 24 | whitelist ${HOME}/.tor-browser-he |
25 | allow ${HOME}/.tor-browser-hu | 25 | whitelist ${HOME}/.tor-browser-hu |
26 | allow ${HOME}/.tor-browser-id | 26 | whitelist ${HOME}/.tor-browser-id |
27 | allow ${HOME}/.tor-browser-is | 27 | whitelist ${HOME}/.tor-browser-is |
28 | allow ${HOME}/.tor-browser-it | 28 | whitelist ${HOME}/.tor-browser-it |
29 | allow ${HOME}/.tor-browser-ja | 29 | whitelist ${HOME}/.tor-browser-ja |
30 | allow ${HOME}/.tor-browser-ka | 30 | whitelist ${HOME}/.tor-browser-ka |
31 | allow ${HOME}/.tor-browser-ko | 31 | whitelist ${HOME}/.tor-browser-ko |
32 | allow ${HOME}/.tor-browser-nb | 32 | whitelist ${HOME}/.tor-browser-nb |
33 | allow ${HOME}/.tor-browser-nl | 33 | whitelist ${HOME}/.tor-browser-nl |
34 | allow ${HOME}/.tor-browser-pl | 34 | whitelist ${HOME}/.tor-browser-pl |
35 | allow ${HOME}/.tor-browser-pt-br | 35 | whitelist ${HOME}/.tor-browser-pt-br |
36 | allow ${HOME}/.tor-browser-ru | 36 | whitelist ${HOME}/.tor-browser-ru |
37 | allow ${HOME}/.tor-browser-sv-se | 37 | whitelist ${HOME}/.tor-browser-sv-se |
38 | allow ${HOME}/.tor-browser-tr | 38 | whitelist ${HOME}/.tor-browser-tr |
39 | allow ${HOME}/.tor-browser-vi | 39 | whitelist ${HOME}/.tor-browser-vi |
40 | allow ${HOME}/.tor-browser-zh-cn | 40 | whitelist ${HOME}/.tor-browser-zh-cn |
41 | allow ${HOME}/.tor-browser-zh-tw | 41 | whitelist ${HOME}/.tor-browser-zh-tw |
42 | 42 | ||
43 | allow ${HOME}/.tor-browser_ar | 43 | whitelist ${HOME}/.tor-browser_ar |
44 | allow ${HOME}/.tor-browser_ca | 44 | whitelist ${HOME}/.tor-browser_ca |
45 | allow ${HOME}/.tor-browser_cs | 45 | whitelist ${HOME}/.tor-browser_cs |
46 | allow ${HOME}/.tor-browser_da | 46 | whitelist ${HOME}/.tor-browser_da |
47 | allow ${HOME}/.tor-browser_de | 47 | whitelist ${HOME}/.tor-browser_de |
48 | allow ${HOME}/.tor-browser_el | 48 | whitelist ${HOME}/.tor-browser_el |
49 | allow ${HOME}/.tor-browser_en | 49 | whitelist ${HOME}/.tor-browser_en |
50 | allow ${HOME}/.tor-browser_en_US | 50 | whitelist ${HOME}/.tor-browser_en_US |
51 | allow ${HOME}/.tor-browser_es | 51 | whitelist ${HOME}/.tor-browser_es |
52 | allow ${HOME}/.tor-browser_es-ES | 52 | whitelist ${HOME}/.tor-browser_es-ES |
53 | allow ${HOME}/.tor-browser_fa | 53 | whitelist ${HOME}/.tor-browser_fa |
54 | allow ${HOME}/.tor-browser_fr | 54 | whitelist ${HOME}/.tor-browser_fr |
55 | allow ${HOME}/.tor-browser_ga-IE | 55 | whitelist ${HOME}/.tor-browser_ga-IE |
56 | allow ${HOME}/.tor-browser_he | 56 | whitelist ${HOME}/.tor-browser_he |
57 | allow ${HOME}/.tor-browser_hu | 57 | whitelist ${HOME}/.tor-browser_hu |
58 | allow ${HOME}/.tor-browser_id | 58 | whitelist ${HOME}/.tor-browser_id |
59 | allow ${HOME}/.tor-browser_is | 59 | whitelist ${HOME}/.tor-browser_is |
60 | allow ${HOME}/.tor-browser_it | 60 | whitelist ${HOME}/.tor-browser_it |
61 | allow ${HOME}/.tor-browser_ja | 61 | whitelist ${HOME}/.tor-browser_ja |
62 | allow ${HOME}/.tor-browser_ka | 62 | whitelist ${HOME}/.tor-browser_ka |
63 | allow ${HOME}/.tor-browser_ko | 63 | whitelist ${HOME}/.tor-browser_ko |
64 | allow ${HOME}/.tor-browser_nb | 64 | whitelist ${HOME}/.tor-browser_nb |
65 | allow ${HOME}/.tor-browser_nl | 65 | whitelist ${HOME}/.tor-browser_nl |
66 | allow ${HOME}/.tor-browser_pl | 66 | whitelist ${HOME}/.tor-browser_pl |
67 | allow ${HOME}/.tor-browser_pt-BR | 67 | whitelist ${HOME}/.tor-browser_pt-BR |
68 | allow ${HOME}/.tor-browser_ru | 68 | whitelist ${HOME}/.tor-browser_ru |
69 | allow ${HOME}/.tor-browser_sv-SE | 69 | whitelist ${HOME}/.tor-browser_sv-SE |
70 | allow ${HOME}/.tor-browser_tr | 70 | whitelist ${HOME}/.tor-browser_tr |
71 | allow ${HOME}/.tor-browser_vi | 71 | whitelist ${HOME}/.tor-browser_vi |
72 | allow ${HOME}/.tor-browser_zh-CN | 72 | whitelist ${HOME}/.tor-browser_zh-CN |
73 | allow ${HOME}/.tor-browser_zh-TW | 73 | whitelist ${HOME}/.tor-browser_zh-TW |
74 | 74 | ||
75 | # Redirect | 75 | # Redirect |
76 | include torbrowser-launcher.profile | 76 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/steam.profile b/etc/profile-m-z/steam.profile index 09e29373d..06d08f3a2 100644 --- a/etc/profile-m-z/steam.profile +++ b/etc/profile-m-z/steam.profile | |||
@@ -6,40 +6,40 @@ include steam.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Epic | 9 | noblacklist ${HOME}/.config/Epic |
10 | nodeny ${HOME}/.config/Loop_Hero | 10 | noblacklist ${HOME}/.config/Loop_Hero |
11 | nodeny ${HOME}/.config/ModTheSpire | 11 | noblacklist ${HOME}/.config/ModTheSpire |
12 | nodeny ${HOME}/.config/RogueLegacy | 12 | noblacklist ${HOME}/.config/RogueLegacy |
13 | nodeny ${HOME}/.config/RogueLegacyStorageContainer | 13 | noblacklist ${HOME}/.config/RogueLegacyStorageContainer |
14 | nodeny ${HOME}/.killingfloor | 14 | noblacklist ${HOME}/.killingfloor |
15 | nodeny ${HOME}/.klei | 15 | noblacklist ${HOME}/.klei |
16 | nodeny ${HOME}/.local/share/3909/PapersPlease | 16 | noblacklist ${HOME}/.local/share/3909/PapersPlease |
17 | nodeny ${HOME}/.local/share/aspyr-media | 17 | noblacklist ${HOME}/.local/share/aspyr-media |
18 | nodeny ${HOME}/.local/share/bohemiainteractive | 18 | noblacklist ${HOME}/.local/share/bohemiainteractive |
19 | nodeny ${HOME}/.local/share/cdprojektred | 19 | noblacklist ${HOME}/.local/share/cdprojektred |
20 | nodeny ${HOME}/.local/share/Dredmor | 20 | noblacklist ${HOME}/.local/share/Dredmor |
21 | nodeny ${HOME}/.local/share/FasterThanLight | 21 | noblacklist ${HOME}/.local/share/FasterThanLight |
22 | nodeny ${HOME}/.local/share/feral-interactive | 22 | noblacklist ${HOME}/.local/share/feral-interactive |
23 | nodeny ${HOME}/.local/share/IntoTheBreach | 23 | noblacklist ${HOME}/.local/share/IntoTheBreach |
24 | nodeny ${HOME}/.local/share/Paradox Interactive | 24 | noblacklist ${HOME}/.local/share/Paradox Interactive |
25 | nodeny ${HOME}/.local/share/PillarsOfEternity | 25 | noblacklist ${HOME}/.local/share/PillarsOfEternity |
26 | nodeny ${HOME}/.local/share/RogueLegacy | 26 | noblacklist ${HOME}/.local/share/RogueLegacy |
27 | nodeny ${HOME}/.local/share/RogueLegacyStorageContainer | 27 | noblacklist ${HOME}/.local/share/RogueLegacyStorageContainer |
28 | nodeny ${HOME}/.local/share/Steam | 28 | noblacklist ${HOME}/.local/share/Steam |
29 | nodeny ${HOME}/.local/share/SteamWorldDig | 29 | noblacklist ${HOME}/.local/share/SteamWorldDig |
30 | nodeny ${HOME}/.local/share/SteamWorld Dig 2 | 30 | noblacklist ${HOME}/.local/share/SteamWorld Dig 2 |
31 | nodeny ${HOME}/.local/share/SuperHexagon | 31 | noblacklist ${HOME}/.local/share/SuperHexagon |
32 | nodeny ${HOME}/.local/share/Terraria | 32 | noblacklist ${HOME}/.local/share/Terraria |
33 | nodeny ${HOME}/.local/share/vpltd | 33 | noblacklist ${HOME}/.local/share/vpltd |
34 | nodeny ${HOME}/.local/share/vulkan | 34 | noblacklist ${HOME}/.local/share/vulkan |
35 | nodeny ${HOME}/.mbwarband | 35 | noblacklist ${HOME}/.mbwarband |
36 | nodeny ${HOME}/.paradoxinteractive | 36 | noblacklist ${HOME}/.paradoxinteractive |
37 | nodeny ${HOME}/.steam | 37 | noblacklist ${HOME}/.steam |
38 | nodeny ${HOME}/.steampath | 38 | noblacklist ${HOME}/.steampath |
39 | nodeny ${HOME}/.steampid | 39 | noblacklist ${HOME}/.steampid |
40 | # needed for STEAM_RUNTIME_PREFER_HOST_LIBRARIES=1 to work | 40 | # needed for STEAM_RUNTIME_PREFER_HOST_LIBRARIES=1 to work |
41 | nodeny /sbin | 41 | noblacklist /sbin |
42 | nodeny /usr/sbin | 42 | noblacklist /usr/sbin |
43 | 43 | ||
44 | # Allow java (blacklisted by disable-devel.inc) | 44 | # Allow java (blacklisted by disable-devel.inc) |
45 | include allow-java.inc | 45 | include allow-java.inc |
@@ -84,38 +84,38 @@ mkdir ${HOME}/.paradoxinteractive | |||
84 | mkdir ${HOME}/.steam | 84 | mkdir ${HOME}/.steam |
85 | mkfile ${HOME}/.steampath | 85 | mkfile ${HOME}/.steampath |
86 | mkfile ${HOME}/.steampid | 86 | mkfile ${HOME}/.steampid |
87 | allow ${HOME}/.config/Epic | 87 | whitelist ${HOME}/.config/Epic |
88 | allow ${HOME}/.config/Loop_Hero | 88 | whitelist ${HOME}/.config/Loop_Hero |
89 | allow ${HOME}/.config/ModTheSpire | 89 | whitelist ${HOME}/.config/ModTheSpire |
90 | allow ${HOME}/.config/RogueLegacy | 90 | whitelist ${HOME}/.config/RogueLegacy |
91 | allow ${HOME}/.config/RogueLegacyStorageContainer | 91 | whitelist ${HOME}/.config/RogueLegacyStorageContainer |
92 | allow ${HOME}/.config/unity3d | 92 | whitelist ${HOME}/.config/unity3d |
93 | allow ${HOME}/.killingfloor | 93 | whitelist ${HOME}/.killingfloor |
94 | allow ${HOME}/.klei | 94 | whitelist ${HOME}/.klei |
95 | allow ${HOME}/.local/share/3909/PapersPlease | 95 | whitelist ${HOME}/.local/share/3909/PapersPlease |
96 | allow ${HOME}/.local/share/aspyr-media | 96 | whitelist ${HOME}/.local/share/aspyr-media |
97 | allow ${HOME}/.local/share/bohemiainteractive | 97 | whitelist ${HOME}/.local/share/bohemiainteractive |
98 | allow ${HOME}/.local/share/cdprojektred | 98 | whitelist ${HOME}/.local/share/cdprojektred |
99 | allow ${HOME}/.local/share/Dredmor | 99 | whitelist ${HOME}/.local/share/Dredmor |
100 | allow ${HOME}/.local/share/FasterThanLight | 100 | whitelist ${HOME}/.local/share/FasterThanLight |
101 | allow ${HOME}/.local/share/feral-interactive | 101 | whitelist ${HOME}/.local/share/feral-interactive |
102 | allow ${HOME}/.local/share/IntoTheBreach | 102 | whitelist ${HOME}/.local/share/IntoTheBreach |
103 | allow ${HOME}/.local/share/Paradox Interactive | 103 | whitelist ${HOME}/.local/share/Paradox Interactive |
104 | allow ${HOME}/.local/share/PillarsOfEternity | 104 | whitelist ${HOME}/.local/share/PillarsOfEternity |
105 | allow ${HOME}/.local/share/RogueLegacy | 105 | whitelist ${HOME}/.local/share/RogueLegacy |
106 | allow ${HOME}/.local/share/RogueLegacyStorageContainer | 106 | whitelist ${HOME}/.local/share/RogueLegacyStorageContainer |
107 | allow ${HOME}/.local/share/Steam | 107 | whitelist ${HOME}/.local/share/Steam |
108 | allow ${HOME}/.local/share/SteamWorldDig | 108 | whitelist ${HOME}/.local/share/SteamWorldDig |
109 | allow ${HOME}/.local/share/SteamWorld Dig 2 | 109 | whitelist ${HOME}/.local/share/SteamWorld Dig 2 |
110 | allow ${HOME}/.local/share/SuperHexagon | 110 | whitelist ${HOME}/.local/share/SuperHexagon |
111 | allow ${HOME}/.local/share/Terraria | 111 | whitelist ${HOME}/.local/share/Terraria |
112 | allow ${HOME}/.local/share/vpltd | 112 | whitelist ${HOME}/.local/share/vpltd |
113 | allow ${HOME}/.local/share/vulkan | 113 | whitelist ${HOME}/.local/share/vulkan |
114 | allow ${HOME}/.mbwarband | 114 | whitelist ${HOME}/.mbwarband |
115 | allow ${HOME}/.paradoxinteractive | 115 | whitelist ${HOME}/.paradoxinteractive |
116 | allow ${HOME}/.steam | 116 | whitelist ${HOME}/.steam |
117 | allow ${HOME}/.steampath | 117 | whitelist ${HOME}/.steampath |
118 | allow ${HOME}/.steampid | 118 | whitelist ${HOME}/.steampid |
119 | include whitelist-common.inc | 119 | include whitelist-common.inc |
120 | include whitelist-var-common.inc | 120 | include whitelist-var-common.inc |
121 | 121 | ||
diff --git a/etc/profile-m-z/stellarium.profile b/etc/profile-m-z/stellarium.profile index 003d3a079..a752ab53c 100644 --- a/etc/profile-m-z/stellarium.profile +++ b/etc/profile-m-z/stellarium.profile | |||
@@ -6,8 +6,8 @@ include stellarium.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/stellarium | 9 | noblacklist ${HOME}/.config/stellarium |
10 | nodeny ${HOME}/.stellarium | 10 | noblacklist ${HOME}/.stellarium |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.config/stellarium | 20 | mkdir ${HOME}/.config/stellarium |
21 | mkdir ${HOME}/.stellarium | 21 | mkdir ${HOME}/.stellarium |
22 | allow ${HOME}/.config/stellarium | 22 | whitelist ${HOME}/.config/stellarium |
23 | allow ${HOME}/.stellarium | 23 | whitelist ${HOME}/.stellarium |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/straw-viewer.profile b/etc/profile-m-z/straw-viewer.profile index dd643bc20..d73927f2a 100644 --- a/etc/profile-m-z/straw-viewer.profile +++ b/etc/profile-m-z/straw-viewer.profile | |||
@@ -7,13 +7,13 @@ include straw-viewer.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/straw-viewer | 10 | noblacklist ${HOME}/.cache/straw-viewer |
11 | nodeny ${HOME}/.config/straw-viewer | 11 | noblacklist ${HOME}/.config/straw-viewer |
12 | 12 | ||
13 | mkdir ${HOME}/.config/straw-viewer | 13 | mkdir ${HOME}/.config/straw-viewer |
14 | mkdir ${HOME}/.cache/straw-viewer | 14 | mkdir ${HOME}/.cache/straw-viewer |
15 | allow ${HOME}/.cache/straw-viewer | 15 | whitelist ${HOME}/.cache/straw-viewer |
16 | allow ${HOME}/.config/straw-viewer | 16 | whitelist ${HOME}/.config/straw-viewer |
17 | 17 | ||
18 | private-bin gtk-straw-viewer,straw-viewer | 18 | private-bin gtk-straw-viewer,straw-viewer |
19 | 19 | ||
diff --git a/etc/profile-m-z/strawberry.profile b/etc/profile-m-z/strawberry.profile index aed0b7910..b87906f55 100644 --- a/etc/profile-m-z/strawberry.profile +++ b/etc/profile-m-z/strawberry.profile | |||
@@ -6,10 +6,10 @@ include strawberry.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/strawberry | 9 | noblacklist ${HOME}/.cache/strawberry |
10 | nodeny ${HOME}/.config/strawberry | 10 | noblacklist ${HOME}/.config/strawberry |
11 | nodeny ${HOME}/.local/share/strawberry | 11 | noblacklist ${HOME}/.local/share/strawberry |
12 | nodeny ${MUSIC} | 12 | noblacklist ${MUSIC} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile index 5c820ef81..1ebcded7f 100644 --- a/etc/profile-m-z/strings.profile +++ b/etc/profile-m-z/strings.profile | |||
@@ -7,7 +7,7 @@ include strings.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | #include disable-common.inc | 12 | #include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/subdownloader.profile b/etc/profile-m-z/subdownloader.profile index 0d07b5ea7..bbe92fd38 100644 --- a/etc/profile-m-z/subdownloader.profile +++ b/etc/profile-m-z/subdownloader.profile | |||
@@ -6,8 +6,8 @@ include subdownloader.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/SubDownloader | 9 | noblacklist ${HOME}/.config/SubDownloader |
10 | nodeny ${VIDEOS} | 10 | noblacklist ${VIDEOS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile index 8cc547805..cfd7a63ea 100644 --- a/etc/profile-m-z/supertux2.profile +++ b/etc/profile-m-z/supertux2.profile | |||
@@ -6,7 +6,7 @@ include supertux2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/supertux2 | 9 | noblacklist ${HOME}/.local/share/supertux2 |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/supertux2 | 20 | mkdir ${HOME}/.local/share/supertux2 |
21 | allow ${HOME}/.local/share/supertux2 | 21 | whitelist ${HOME}/.local/share/supertux2 |
22 | allow /usr/share/supertux2 | 22 | whitelist /usr/share/supertux2 |
23 | allow /usr/share/games/supertux2 # Debian version | 23 | whitelist /usr/share/games/supertux2 # Debian version |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index 44dc1524f..4eb8f921c 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile | |||
@@ -6,11 +6,11 @@ include supertuxkart.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/supertuxkart | 9 | noblacklist ${HOME}/.config/supertuxkart |
10 | nodeny ${HOME}/.cache/supertuxkart | 10 | noblacklist ${HOME}/.cache/supertuxkart |
11 | nodeny ${HOME}/.local/share/supertuxkart | 11 | noblacklist ${HOME}/.local/share/supertuxkart |
12 | 12 | ||
13 | deny /usr/libexec | 13 | blacklist /usr/libexec |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -24,11 +24,11 @@ include disable-xdg.inc | |||
24 | mkdir ${HOME}/.config/supertuxkart | 24 | mkdir ${HOME}/.config/supertuxkart |
25 | mkdir ${HOME}/.cache/supertuxkart | 25 | mkdir ${HOME}/.cache/supertuxkart |
26 | mkdir ${HOME}/.local/share/supertuxkart | 26 | mkdir ${HOME}/.local/share/supertuxkart |
27 | allow ${HOME}/.config/supertuxkart | 27 | whitelist ${HOME}/.config/supertuxkart |
28 | allow ${HOME}/.cache/supertuxkart | 28 | whitelist ${HOME}/.cache/supertuxkart |
29 | allow ${HOME}/.local/share/supertuxkart | 29 | whitelist ${HOME}/.local/share/supertuxkart |
30 | allow /usr/share/supertuxkart | 30 | whitelist /usr/share/supertuxkart |
31 | allow /usr/share/games/supertuxkart # Debian version | 31 | whitelist /usr/share/games/supertuxkart # Debian version |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/surf.profile b/etc/profile-m-z/surf.profile index fd1e7f9e9..8db7d2433 100644 --- a/etc/profile-m-z/surf.profile +++ b/etc/profile-m-z/surf.profile | |||
@@ -6,7 +6,7 @@ include surf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.surf | 9 | noblacklist ${HOME}/.surf |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -15,8 +15,8 @@ include disable-passwdmgr.inc | |||
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.surf | 17 | mkdir ${HOME}/.surf |
18 | allow ${HOME}/.surf | 18 | whitelist ${HOME}/.surf |
19 | allow ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | 21 | ||
22 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/profile-m-z/swell-foop.profile b/etc/profile-m-z/swell-foop.profile index 55cd0965a..9efae815d 100644 --- a/etc/profile-m-z/swell-foop.profile +++ b/etc/profile-m-z/swell-foop.profile | |||
@@ -6,12 +6,12 @@ include swell-foop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.local/share/swell-foop | 9 | noblacklist ${HOME}/.local/share/swell-foop |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/swell-foop | 11 | mkdir ${HOME}/.local/share/swell-foop |
12 | allow ${HOME}/.local/share/swell-foop | 12 | whitelist ${HOME}/.local/share/swell-foop |
13 | 13 | ||
14 | allow /usr/share/swell-foop | 14 | whitelist /usr/share/swell-foop |
15 | 15 | ||
16 | private-bin swell-foop | 16 | private-bin swell-foop |
17 | 17 | ||
diff --git a/etc/profile-m-z/sylpheed.profile b/etc/profile-m-z/sylpheed.profile index 447cdc99e..328812b04 100644 --- a/etc/profile-m-z/sylpheed.profile +++ b/etc/profile-m-z/sylpheed.profile | |||
@@ -6,12 +6,12 @@ include sylpheed.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.sylpheed-2.0 | 9 | noblacklist ${HOME}/.sylpheed-2.0 |
10 | 10 | ||
11 | mkdir ${HOME}/.sylpheed-2.0 | 11 | mkdir ${HOME}/.sylpheed-2.0 |
12 | allow ${HOME}/.sylpheed-2.0 | 12 | whitelist ${HOME}/.sylpheed-2.0 |
13 | 13 | ||
14 | allow /usr/share/sylpheed | 14 | whitelist /usr/share/sylpheed |
15 | 15 | ||
16 | # private-bin curl,gpg,gpg2,gpg-agent,gpgsm,pinentry,pinentry-gtk-2,sylpheed | 16 | # private-bin curl,gpg,gpg2,gpg-agent,gpgsm,pinentry,pinentry-gtk-2,sylpheed |
17 | 17 | ||
diff --git a/etc/profile-m-z/synfigstudio.profile b/etc/profile-m-z/synfigstudio.profile index 7cbbafd54..c60186c42 100644 --- a/etc/profile-m-z/synfigstudio.profile +++ b/etc/profile-m-z/synfigstudio.profile | |||
@@ -6,8 +6,8 @@ include synfigstudio.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/synfig | 9 | noblacklist ${HOME}/.config/synfig |
10 | nodeny ${HOME}/.synfig | 10 | noblacklist ${HOME}/.synfig |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/sysprof.profile b/etc/profile-m-z/sysprof.profile index f20f88791..b52b25b96 100644 --- a/etc/profile-m-z/sysprof.profile +++ b/etc/profile-m-z/sysprof.profile | |||
@@ -6,7 +6,7 @@ include sysprof.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -24,15 +24,15 @@ include disable-xdg.inc | |||
24 | #nowhitelist /usr/share/yelp-tools | 24 | #nowhitelist /usr/share/yelp-tools |
25 | #nowhitelist /usr/share/yelp-xsl | 25 | #nowhitelist /usr/share/yelp-xsl |
26 | 26 | ||
27 | nodeny ${HOME}/.config/yelp | 27 | noblacklist ${HOME}/.config/yelp |
28 | mkdir ${HOME}/.config/yelp | 28 | mkdir ${HOME}/.config/yelp |
29 | allow ${HOME}/.config/yelp | 29 | whitelist ${HOME}/.config/yelp |
30 | allow /usr/share/help/C/sysprof | 30 | whitelist /usr/share/help/C/sysprof |
31 | allow /usr/share/yelp | 31 | whitelist /usr/share/yelp |
32 | allow /usr/share/yelp-tools | 32 | whitelist /usr/share/yelp-tools |
33 | allow /usr/share/yelp-xsl | 33 | whitelist /usr/share/yelp-xsl |
34 | 34 | ||
35 | allow ${DOCUMENTS} | 35 | whitelist ${DOCUMENTS} |
36 | include whitelist-common.inc | 36 | include whitelist-common.inc |
37 | include whitelist-runuser-common.inc | 37 | include whitelist-runuser-common.inc |
38 | include whitelist-usr-share-common.inc | 38 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/tar.profile b/etc/profile-m-z/tar.profile index 74c8a0849..0d3a900e9 100644 --- a/etc/profile-m-z/tar.profile +++ b/etc/profile-m-z/tar.profile | |||
@@ -12,7 +12,7 @@ ignore include disable-shell.inc | |||
12 | 12 | ||
13 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop | 13 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop |
14 | # all capabilities this is automatically read-only. | 14 | # all capabilities this is automatically read-only. |
15 | nodeny /var/lib/pacman | 15 | noblacklist /var/lib/pacman |
16 | 16 | ||
17 | private-etc alternatives,group,localtime,login.defs,passwd | 17 | private-etc alternatives,group,localtime,login.defs,passwd |
18 | #private-lib libfakeroot,liblzma.so.*,libreadline.so.* | 18 | #private-lib libfakeroot,liblzma.so.*,libreadline.so.* |
diff --git a/etc/profile-m-z/tb-starter-wrapper.profile b/etc/profile-m-z/tb-starter-wrapper.profile index 691c33191..ffe9605b6 100644 --- a/etc/profile-m-z/tb-starter-wrapper.profile +++ b/etc/profile-m-z/tb-starter-wrapper.profile | |||
@@ -8,10 +8,10 @@ include tb-starter-wrapper.local | |||
8 | # added by included profile | 8 | # added by included profile |
9 | #include globals.local | 9 | #include globals.local |
10 | 10 | ||
11 | nodeny ${HOME}/.tb | 11 | noblacklist ${HOME}/.tb |
12 | 12 | ||
13 | mkdir ${HOME}/.tb | 13 | mkdir ${HOME}/.tb |
14 | allow ${HOME}/.tb | 14 | whitelist ${HOME}/.tb |
15 | 15 | ||
16 | private-bin tb-starter-wrapper | 16 | private-bin tb-starter-wrapper |
17 | 17 | ||
diff --git a/etc/profile-m-z/tcpdump.profile b/etc/profile-m-z/tcpdump.profile index b4c4873b3..e2ba5893c 100644 --- a/etc/profile-m-z/tcpdump.profile +++ b/etc/profile-m-z/tcpdump.profile | |||
@@ -6,9 +6,9 @@ include tcpdump.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /sbin | 9 | noblacklist /sbin |
10 | nodeny /usr/sbin | 10 | noblacklist /usr/sbin |
11 | nodeny ${PATH}/tcpdump | 11 | noblacklist ${PATH}/tcpdump |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/teams-for-linux.profile b/etc/profile-m-z/teams-for-linux.profile index 24cbb42da..eee083332 100644 --- a/etc/profile-m-z/teams-for-linux.profile +++ b/etc/profile-m-z/teams-for-linux.profile | |||
@@ -14,10 +14,10 @@ ignore include whitelist-usr-share-common.inc | |||
14 | ignore dbus-user none | 14 | ignore dbus-user none |
15 | ignore dbus-system none | 15 | ignore dbus-system none |
16 | 16 | ||
17 | nodeny ${HOME}/.config/teams-for-linux | 17 | noblacklist ${HOME}/.config/teams-for-linux |
18 | 18 | ||
19 | mkdir ${HOME}/.config/teams-for-linux | 19 | mkdir ${HOME}/.config/teams-for-linux |
20 | allow ${HOME}/.config/teams-for-linux | 20 | whitelist ${HOME}/.config/teams-for-linux |
21 | 21 | ||
22 | private-bin bash,cut,echo,egrep,grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh | 22 | private-bin bash,cut,echo,egrep,grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh |
23 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl | 23 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl |
diff --git a/etc/profile-m-z/teams.profile b/etc/profile-m-z/teams.profile index 8639edbc8..c8d98cbaa 100644 --- a/etc/profile-m-z/teams.profile +++ b/etc/profile-m-z/teams.profile | |||
@@ -18,13 +18,13 @@ ignore apparmor | |||
18 | ignore dbus-user none | 18 | ignore dbus-user none |
19 | ignore dbus-system none | 19 | ignore dbus-system none |
20 | 20 | ||
21 | nodeny ${HOME}/.config/teams | 21 | noblacklist ${HOME}/.config/teams |
22 | nodeny ${HOME}/.config/Microsoft | 22 | noblacklist ${HOME}/.config/Microsoft |
23 | 23 | ||
24 | mkdir ${HOME}/.config/teams | 24 | mkdir ${HOME}/.config/teams |
25 | mkdir ${HOME}/.config/Microsoft | 25 | mkdir ${HOME}/.config/Microsoft |
26 | allow ${HOME}/.config/teams | 26 | whitelist ${HOME}/.config/teams |
27 | allow ${HOME}/.config/Microsoft | 27 | whitelist ${HOME}/.config/Microsoft |
28 | 28 | ||
29 | # Redirect | 29 | # Redirect |
30 | include electron.profile | 30 | include electron.profile |
diff --git a/etc/profile-m-z/teamspeak3.profile b/etc/profile-m-z/teamspeak3.profile index 781a5f4eb..02a2c8ae4 100644 --- a/etc/profile-m-z/teamspeak3.profile +++ b/etc/profile-m-z/teamspeak3.profile | |||
@@ -6,8 +6,8 @@ include teamspeak3.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.ts3client | 9 | noblacklist ${HOME}/.ts3client |
10 | nodeny ${PATH}/openssl | 10 | noblacklist ${PATH}/openssl |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.ts3client | 19 | mkdir ${HOME}/.ts3client |
20 | allow ${DOWNLOADS} | 20 | whitelist ${DOWNLOADS} |
21 | allow ${HOME}/.ts3client | 21 | whitelist ${HOME}/.ts3client |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/teeworlds.profile b/etc/profile-m-z/teeworlds.profile index c9c444ffc..be01aee12 100644 --- a/etc/profile-m-z/teeworlds.profile +++ b/etc/profile-m-z/teeworlds.profile | |||
@@ -6,7 +6,7 @@ include teeworlds.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.teeworlds | 9 | noblacklist ${HOME}/.teeworlds |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.teeworlds | 20 | mkdir ${HOME}/.teeworlds |
21 | allow ${HOME}/.teeworlds | 21 | whitelist ${HOME}/.teeworlds |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/telegram.profile b/etc/profile-m-z/telegram.profile index 92689a461..e7580938d 100644 --- a/etc/profile-m-z/telegram.profile +++ b/etc/profile-m-z/telegram.profile | |||
@@ -5,8 +5,8 @@ include telegram.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.TelegramDesktop | 8 | noblacklist ${HOME}/.TelegramDesktop |
9 | nodeny ${HOME}/.local/share/TelegramDesktop | 9 | noblacklist ${HOME}/.local/share/TelegramDesktop |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.TelegramDesktop | 20 | mkdir ${HOME}/.TelegramDesktop |
21 | mkdir ${HOME}/.local/share/TelegramDesktop | 21 | mkdir ${HOME}/.local/share/TelegramDesktop |
22 | allow ${HOME}/.TelegramDesktop | 22 | whitelist ${HOME}/.TelegramDesktop |
23 | allow ${HOME}/.local/share/TelegramDesktop | 23 | whitelist ${HOME}/.local/share/TelegramDesktop |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/terasology.profile b/etc/profile-m-z/terasology.profile index b2f98fbac..ce2ca1d17 100644 --- a/etc/profile-m-z/terasology.profile +++ b/etc/profile-m-z/terasology.profile | |||
@@ -7,7 +7,7 @@ include globals.local | |||
7 | 7 | ||
8 | ignore noexec /tmp | 8 | ignore noexec /tmp |
9 | 9 | ||
10 | nodeny ${HOME}/.local/share/terasology | 10 | noblacklist ${HOME}/.local/share/terasology |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
@@ -21,8 +21,8 @@ include disable-programs.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.java | 22 | mkdir ${HOME}/.java |
23 | mkdir ${HOME}/.local/share/terasology | 23 | mkdir ${HOME}/.local/share/terasology |
24 | allow ${HOME}/.java | 24 | whitelist ${HOME}/.java |
25 | allow ${HOME}/.local/share/terasology | 25 | whitelist ${HOME}/.local/share/terasology |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | 27 | ||
28 | caps.drop all | 28 | caps.drop all |
diff --git a/etc/profile-m-z/thunderbird.profile b/etc/profile-m-z/thunderbird.profile index a539cadf8..b478fbe1e 100644 --- a/etc/profile-m-z/thunderbird.profile +++ b/etc/profile-m-z/thunderbird.profile | |||
@@ -22,14 +22,14 @@ writable-run-user | |||
22 | #writable-var | 22 | #writable-var |
23 | 23 | ||
24 | # These lines are needed to allow Firefox to load your profile when clicking a link in an email | 24 | # These lines are needed to allow Firefox to load your profile when clicking a link in an email |
25 | nodeny ${HOME}/.mozilla | 25 | noblacklist ${HOME}/.mozilla |
26 | allow ${HOME}/.mozilla/firefox/profiles.ini | 26 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
27 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 27 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
28 | 28 | ||
29 | nodeny ${HOME}/.cache/thunderbird | 29 | noblacklist ${HOME}/.cache/thunderbird |
30 | nodeny ${HOME}/.gnupg | 30 | noblacklist ${HOME}/.gnupg |
31 | # noblacklist ${HOME}/.icedove | 31 | # noblacklist ${HOME}/.icedove |
32 | nodeny ${HOME}/.thunderbird | 32 | noblacklist ${HOME}/.thunderbird |
33 | 33 | ||
34 | include disable-passwdmgr.inc | 34 | include disable-passwdmgr.inc |
35 | include disable-xdg.inc | 35 | include disable-xdg.inc |
@@ -42,15 +42,15 @@ mkdir ${HOME}/.cache/thunderbird | |||
42 | mkdir ${HOME}/.gnupg | 42 | mkdir ${HOME}/.gnupg |
43 | # mkdir ${HOME}/.icedove | 43 | # mkdir ${HOME}/.icedove |
44 | mkdir ${HOME}/.thunderbird | 44 | mkdir ${HOME}/.thunderbird |
45 | allow ${HOME}/.cache/thunderbird | 45 | whitelist ${HOME}/.cache/thunderbird |
46 | allow ${HOME}/.gnupg | 46 | whitelist ${HOME}/.gnupg |
47 | # whitelist ${HOME}/.icedove | 47 | # whitelist ${HOME}/.icedove |
48 | allow ${HOME}/.thunderbird | 48 | whitelist ${HOME}/.thunderbird |
49 | 49 | ||
50 | allow /usr/share/gnupg | 50 | whitelist /usr/share/gnupg |
51 | allow /usr/share/mozilla | 51 | whitelist /usr/share/mozilla |
52 | allow /usr/share/thunderbird | 52 | whitelist /usr/share/thunderbird |
53 | allow /usr/share/webext | 53 | whitelist /usr/share/webext |
54 | include whitelist-usr-share-common.inc | 54 | include whitelist-usr-share-common.inc |
55 | 55 | ||
56 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required | 56 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required |
diff --git a/etc/profile-m-z/tilp.profile b/etc/profile-m-z/tilp.profile index b0fa54f08..dd4a372c4 100644 --- a/etc/profile-m-z/tilp.profile +++ b/etc/profile-m-z/tilp.profile | |||
@@ -5,7 +5,7 @@ include tilp.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.tilp | 8 | noblacklist ${HOME}/.tilp |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/tin.profile b/etc/profile-m-z/tin.profile index 3ee696b8b..e0ed3090a 100644 --- a/etc/profile-m-z/tin.profile +++ b/etc/profile-m-z/tin.profile | |||
@@ -6,12 +6,12 @@ include tin.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.newsrc | 9 | noblacklist ${HOME}/.newsrc |
10 | nodeny ${HOME}/.tin | 10 | noblacklist ${HOME}/.tin |
11 | 11 | ||
12 | deny /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | deny ${RUNUSER} | 13 | blacklist ${RUNUSER} |
14 | deny /usr/libexec | 14 | blacklist /usr/libexec |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-m-z/tmux.profile b/etc/profile-m-z/tmux.profile index d2e90e356..0139d7515 100644 --- a/etc/profile-m-z/tmux.profile +++ b/etc/profile-m-z/tmux.profile | |||
@@ -7,10 +7,10 @@ include tmux.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | nodeny /tmp/tmux-* | 13 | noblacklist /tmp/tmux-* |
14 | 14 | ||
15 | # include disable-common.inc | 15 | # include disable-common.inc |
16 | # include disable-devel.inc | 16 | # include disable-devel.inc |
diff --git a/etc/profile-m-z/tor-browser-ar.profile b/etc/profile-m-z/tor-browser-ar.profile index 49158b93e..59f1bc3b1 100644 --- a/etc/profile-m-z/tor-browser-ar.profile +++ b/etc/profile-m-z/tor-browser-ar.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ar.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ar | 9 | noblacklist ${HOME}/.tor-browser-ar |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ar | 11 | mkdir ${HOME}/.tor-browser-ar |
12 | allow ${HOME}/.tor-browser-ar | 12 | whitelist ${HOME}/.tor-browser-ar |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ca.profile b/etc/profile-m-z/tor-browser-ca.profile index 612f8bd7c..68577e352 100644 --- a/etc/profile-m-z/tor-browser-ca.profile +++ b/etc/profile-m-z/tor-browser-ca.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ca.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ca | 9 | noblacklist ${HOME}/.tor-browser-ca |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ca | 11 | mkdir ${HOME}/.tor-browser-ca |
12 | allow ${HOME}/.tor-browser-ca | 12 | whitelist ${HOME}/.tor-browser-ca |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-cs.profile b/etc/profile-m-z/tor-browser-cs.profile index a400fde05..33e51fcd0 100644 --- a/etc/profile-m-z/tor-browser-cs.profile +++ b/etc/profile-m-z/tor-browser-cs.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-cs.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-cs | 9 | noblacklist ${HOME}/.tor-browser-cs |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-cs | 11 | mkdir ${HOME}/.tor-browser-cs |
12 | allow ${HOME}/.tor-browser-cs | 12 | whitelist ${HOME}/.tor-browser-cs |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-da.profile b/etc/profile-m-z/tor-browser-da.profile index 9010025e3..440bb7fc3 100644 --- a/etc/profile-m-z/tor-browser-da.profile +++ b/etc/profile-m-z/tor-browser-da.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-da.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-da | 9 | noblacklist ${HOME}/.tor-browser-da |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-da | 11 | mkdir ${HOME}/.tor-browser-da |
12 | allow ${HOME}/.tor-browser-da | 12 | whitelist ${HOME}/.tor-browser-da |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-de.profile b/etc/profile-m-z/tor-browser-de.profile index cd556c32b..b2b98cf82 100644 --- a/etc/profile-m-z/tor-browser-de.profile +++ b/etc/profile-m-z/tor-browser-de.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-de.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-de | 9 | noblacklist ${HOME}/.tor-browser-de |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-de | 11 | mkdir ${HOME}/.tor-browser-de |
12 | allow ${HOME}/.tor-browser-de | 12 | whitelist ${HOME}/.tor-browser-de |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-el.profile b/etc/profile-m-z/tor-browser-el.profile index ee2b0fea7..626757dd5 100644 --- a/etc/profile-m-z/tor-browser-el.profile +++ b/etc/profile-m-z/tor-browser-el.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-el.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-el | 9 | noblacklist ${HOME}/.tor-browser-el |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-el | 11 | mkdir ${HOME}/.tor-browser-el |
12 | allow ${HOME}/.tor-browser-el | 12 | whitelist ${HOME}/.tor-browser-el |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-en-us.profile b/etc/profile-m-z/tor-browser-en-us.profile index 2be71a5aa..15e690748 100644 --- a/etc/profile-m-z/tor-browser-en-us.profile +++ b/etc/profile-m-z/tor-browser-en-us.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-en-us.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-en-us | 9 | noblacklist ${HOME}/.tor-browser-en-us |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-en-us | 11 | mkdir ${HOME}/.tor-browser-en-us |
12 | allow ${HOME}/.tor-browser-en-us | 12 | whitelist ${HOME}/.tor-browser-en-us |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-en.profile b/etc/profile-m-z/tor-browser-en.profile index 633c2f4f9..ef8c1eb8b 100644 --- a/etc/profile-m-z/tor-browser-en.profile +++ b/etc/profile-m-z/tor-browser-en.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-en.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-en | 9 | noblacklist ${HOME}/.tor-browser-en |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-en | 11 | mkdir ${HOME}/.tor-browser-en |
12 | allow ${HOME}/.tor-browser-en | 12 | whitelist ${HOME}/.tor-browser-en |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-es-es.profile b/etc/profile-m-z/tor-browser-es-es.profile index f7c2302a7..ad734662e 100644 --- a/etc/profile-m-z/tor-browser-es-es.profile +++ b/etc/profile-m-z/tor-browser-es-es.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-es-es.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-es-es | 9 | noblacklist ${HOME}/.tor-browser-es-es |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-es-es | 11 | mkdir ${HOME}/.tor-browser-es-es |
12 | allow ${HOME}/.tor-browser-es-es | 12 | whitelist ${HOME}/.tor-browser-es-es |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-es.profile b/etc/profile-m-z/tor-browser-es.profile index d88dcdec1..97d8d8577 100644 --- a/etc/profile-m-z/tor-browser-es.profile +++ b/etc/profile-m-z/tor-browser-es.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-es.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-es | 9 | noblacklist ${HOME}/.tor-browser-es |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-es | 11 | mkdir ${HOME}/.tor-browser-es |
12 | allow ${HOME}/.tor-browser-es | 12 | whitelist ${HOME}/.tor-browser-es |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-fa.profile b/etc/profile-m-z/tor-browser-fa.profile index 3f7074fdb..095be69e4 100644 --- a/etc/profile-m-z/tor-browser-fa.profile +++ b/etc/profile-m-z/tor-browser-fa.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-fa.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-fa | 9 | noblacklist ${HOME}/.tor-browser-fa |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-fa | 11 | mkdir ${HOME}/.tor-browser-fa |
12 | allow ${HOME}/.tor-browser-fa | 12 | whitelist ${HOME}/.tor-browser-fa |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-fr.profile b/etc/profile-m-z/tor-browser-fr.profile index ef14f44a2..37f61fc3a 100644 --- a/etc/profile-m-z/tor-browser-fr.profile +++ b/etc/profile-m-z/tor-browser-fr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-fr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-fr | 9 | noblacklist ${HOME}/.tor-browser-fr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-fr | 11 | mkdir ${HOME}/.tor-browser-fr |
12 | allow ${HOME}/.tor-browser-fr | 12 | whitelist ${HOME}/.tor-browser-fr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ga-ie.profile b/etc/profile-m-z/tor-browser-ga-ie.profile index 06baaf34f..ab7141fc4 100644 --- a/etc/profile-m-z/tor-browser-ga-ie.profile +++ b/etc/profile-m-z/tor-browser-ga-ie.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ga-ie.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ga-ie | 9 | noblacklist ${HOME}/.tor-browser-ga-ie |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ga-ie | 11 | mkdir ${HOME}/.tor-browser-ga-ie |
12 | allow ${HOME}/.tor-browser-ga-ie | 12 | whitelist ${HOME}/.tor-browser-ga-ie |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-he.profile b/etc/profile-m-z/tor-browser-he.profile index 57588ffc7..ae56f3b7f 100644 --- a/etc/profile-m-z/tor-browser-he.profile +++ b/etc/profile-m-z/tor-browser-he.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-he.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-he | 9 | noblacklist ${HOME}/.tor-browser-he |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-he | 11 | mkdir ${HOME}/.tor-browser-he |
12 | allow ${HOME}/.tor-browser-he | 12 | whitelist ${HOME}/.tor-browser-he |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-hu.profile b/etc/profile-m-z/tor-browser-hu.profile index a10b66a24..65cd18ac8 100644 --- a/etc/profile-m-z/tor-browser-hu.profile +++ b/etc/profile-m-z/tor-browser-hu.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-hu.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-hu | 9 | noblacklist ${HOME}/.tor-browser-hu |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-hu | 11 | mkdir ${HOME}/.tor-browser-hu |
12 | allow ${HOME}/.tor-browser-hu | 12 | whitelist ${HOME}/.tor-browser-hu |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-id.profile b/etc/profile-m-z/tor-browser-id.profile index fcdb822cd..57fe09f47 100644 --- a/etc/profile-m-z/tor-browser-id.profile +++ b/etc/profile-m-z/tor-browser-id.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-id.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-id | 9 | noblacklist ${HOME}/.tor-browser-id |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-id | 11 | mkdir ${HOME}/.tor-browser-id |
12 | allow ${HOME}/.tor-browser-id | 12 | whitelist ${HOME}/.tor-browser-id |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-is.profile b/etc/profile-m-z/tor-browser-is.profile index 45b47c108..54f1df42d 100644 --- a/etc/profile-m-z/tor-browser-is.profile +++ b/etc/profile-m-z/tor-browser-is.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-is.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-is | 9 | noblacklist ${HOME}/.tor-browser-is |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-is | 11 | mkdir ${HOME}/.tor-browser-is |
12 | allow ${HOME}/.tor-browser-is | 12 | whitelist ${HOME}/.tor-browser-is |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-it.profile b/etc/profile-m-z/tor-browser-it.profile index b5a2f7c13..a7d46e875 100644 --- a/etc/profile-m-z/tor-browser-it.profile +++ b/etc/profile-m-z/tor-browser-it.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-it.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-it | 9 | noblacklist ${HOME}/.tor-browser-it |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-it | 11 | mkdir ${HOME}/.tor-browser-it |
12 | allow ${HOME}/.tor-browser-it | 12 | whitelist ${HOME}/.tor-browser-it |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ja.profile b/etc/profile-m-z/tor-browser-ja.profile index e1f023bd4..b89016141 100644 --- a/etc/profile-m-z/tor-browser-ja.profile +++ b/etc/profile-m-z/tor-browser-ja.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ja.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ja | 9 | noblacklist ${HOME}/.tor-browser-ja |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ja | 11 | mkdir ${HOME}/.tor-browser-ja |
12 | allow ${HOME}/.tor-browser-ja | 12 | whitelist ${HOME}/.tor-browser-ja |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ka.profile b/etc/profile-m-z/tor-browser-ka.profile index 17930b58e..b57cf10de 100644 --- a/etc/profile-m-z/tor-browser-ka.profile +++ b/etc/profile-m-z/tor-browser-ka.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ka.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ka | 9 | noblacklist ${HOME}/.tor-browser-ka |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ka | 11 | mkdir ${HOME}/.tor-browser-ka |
12 | allow ${HOME}/.tor-browser-ka | 12 | whitelist ${HOME}/.tor-browser-ka |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ko.profile b/etc/profile-m-z/tor-browser-ko.profile index b33d1edb4..a9bedb6fd 100644 --- a/etc/profile-m-z/tor-browser-ko.profile +++ b/etc/profile-m-z/tor-browser-ko.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ko.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ko | 9 | noblacklist ${HOME}/.tor-browser-ko |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ko | 11 | mkdir ${HOME}/.tor-browser-ko |
12 | allow ${HOME}/.tor-browser-ko | 12 | whitelist ${HOME}/.tor-browser-ko |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-nb.profile b/etc/profile-m-z/tor-browser-nb.profile index b462eb9ac..fbe9f92bd 100644 --- a/etc/profile-m-z/tor-browser-nb.profile +++ b/etc/profile-m-z/tor-browser-nb.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-nb.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-nb | 9 | noblacklist ${HOME}/.tor-browser-nb |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-nb | 11 | mkdir ${HOME}/.tor-browser-nb |
12 | allow ${HOME}/.tor-browser-nb | 12 | whitelist ${HOME}/.tor-browser-nb |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-nl.profile b/etc/profile-m-z/tor-browser-nl.profile index 0225eb6fd..678ac1713 100644 --- a/etc/profile-m-z/tor-browser-nl.profile +++ b/etc/profile-m-z/tor-browser-nl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-nl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-nl | 9 | noblacklist ${HOME}/.tor-browser-nl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-nl | 11 | mkdir ${HOME}/.tor-browser-nl |
12 | allow ${HOME}/.tor-browser-nl | 12 | whitelist ${HOME}/.tor-browser-nl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-pl.profile b/etc/profile-m-z/tor-browser-pl.profile index 75604b458..25d473b1a 100644 --- a/etc/profile-m-z/tor-browser-pl.profile +++ b/etc/profile-m-z/tor-browser-pl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-pl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-pl | 9 | noblacklist ${HOME}/.tor-browser-pl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-pl | 11 | mkdir ${HOME}/.tor-browser-pl |
12 | allow ${HOME}/.tor-browser-pl | 12 | whitelist ${HOME}/.tor-browser-pl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-pt-br.profile b/etc/profile-m-z/tor-browser-pt-br.profile index 4d50d8034..55adbd5ea 100644 --- a/etc/profile-m-z/tor-browser-pt-br.profile +++ b/etc/profile-m-z/tor-browser-pt-br.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-pt-br.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-pt-br | 9 | noblacklist ${HOME}/.tor-browser-pt-br |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-pt-br | 11 | mkdir ${HOME}/.tor-browser-pt-br |
12 | allow ${HOME}/.tor-browser-pt-br | 12 | whitelist ${HOME}/.tor-browser-pt-br |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ru.profile b/etc/profile-m-z/tor-browser-ru.profile index 4bca3c46f..aea13be9d 100644 --- a/etc/profile-m-z/tor-browser-ru.profile +++ b/etc/profile-m-z/tor-browser-ru.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ru.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-ru | 9 | noblacklist ${HOME}/.tor-browser-ru |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ru | 11 | mkdir ${HOME}/.tor-browser-ru |
12 | allow ${HOME}/.tor-browser-ru | 12 | whitelist ${HOME}/.tor-browser-ru |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-sv-se.profile b/etc/profile-m-z/tor-browser-sv-se.profile index 1b319dc43..b7882bd04 100644 --- a/etc/profile-m-z/tor-browser-sv-se.profile +++ b/etc/profile-m-z/tor-browser-sv-se.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-sv-se.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-sv-se | 9 | noblacklist ${HOME}/.tor-browser-sv-se |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-sv-se | 11 | mkdir ${HOME}/.tor-browser-sv-se |
12 | allow ${HOME}/.tor-browser-sv-se | 12 | whitelist ${HOME}/.tor-browser-sv-se |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-tr.profile b/etc/profile-m-z/tor-browser-tr.profile index 0775a0c08..c52e8c4c4 100644 --- a/etc/profile-m-z/tor-browser-tr.profile +++ b/etc/profile-m-z/tor-browser-tr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-tr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-tr | 9 | noblacklist ${HOME}/.tor-browser-tr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-tr | 11 | mkdir ${HOME}/.tor-browser-tr |
12 | allow ${HOME}/.tor-browser-tr | 12 | whitelist ${HOME}/.tor-browser-tr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-vi.profile b/etc/profile-m-z/tor-browser-vi.profile index c4d5a7a76..d5bf76655 100644 --- a/etc/profile-m-z/tor-browser-vi.profile +++ b/etc/profile-m-z/tor-browser-vi.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-vi.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-vi | 9 | noblacklist ${HOME}/.tor-browser-vi |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-vi | 11 | mkdir ${HOME}/.tor-browser-vi |
12 | allow ${HOME}/.tor-browser-vi | 12 | whitelist ${HOME}/.tor-browser-vi |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-zh-cn.profile b/etc/profile-m-z/tor-browser-zh-cn.profile index 4cd287e5d..6c8925a4a 100644 --- a/etc/profile-m-z/tor-browser-zh-cn.profile +++ b/etc/profile-m-z/tor-browser-zh-cn.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-zh-cn.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-zh-cn | 9 | noblacklist ${HOME}/.tor-browser-zh-cn |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-zh-cn | 11 | mkdir ${HOME}/.tor-browser-zh-cn |
12 | allow ${HOME}/.tor-browser-zh-cn | 12 | whitelist ${HOME}/.tor-browser-zh-cn |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-zh-tw.profile b/etc/profile-m-z/tor-browser-zh-tw.profile index c75baf522..141a6701e 100644 --- a/etc/profile-m-z/tor-browser-zh-tw.profile +++ b/etc/profile-m-z/tor-browser-zh-tw.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-zh-tw.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser-zh-tw | 9 | noblacklist ${HOME}/.tor-browser-zh-tw |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-zh-tw | 11 | mkdir ${HOME}/.tor-browser-zh-tw |
12 | allow ${HOME}/.tor-browser-zh-tw | 12 | whitelist ${HOME}/.tor-browser-zh-tw |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser.profile b/etc/profile-m-z/tor-browser.profile index 8a2dbda53..76a0e1fa5 100644 --- a/etc/profile-m-z/tor-browser.profile +++ b/etc/profile-m-z/tor-browser.profile | |||
@@ -6,10 +6,10 @@ include tor-browser.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser | 9 | noblacklist ${HOME}/.tor-browser |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser | 11 | mkdir ${HOME}/.tor-browser |
12 | allow ${HOME}/.tor-browser | 12 | whitelist ${HOME}/.tor-browser |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ar.profile b/etc/profile-m-z/tor-browser_ar.profile index 90b5a0960..d811b7549 100644 --- a/etc/profile-m-z/tor-browser_ar.profile +++ b/etc/profile-m-z/tor-browser_ar.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ar.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ar | 9 | noblacklist ${HOME}/.tor-browser_ar |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ar | 11 | mkdir ${HOME}/.tor-browser_ar |
12 | allow ${HOME}/.tor-browser_ar | 12 | whitelist ${HOME}/.tor-browser_ar |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ca.profile b/etc/profile-m-z/tor-browser_ca.profile index a04207ccd..8bf1f7cd4 100644 --- a/etc/profile-m-z/tor-browser_ca.profile +++ b/etc/profile-m-z/tor-browser_ca.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ca.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ca | 9 | noblacklist ${HOME}/.tor-browser_ca |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ca | 11 | mkdir ${HOME}/.tor-browser_ca |
12 | allow ${HOME}/.tor-browser_ca | 12 | whitelist ${HOME}/.tor-browser_ca |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_cs.profile b/etc/profile-m-z/tor-browser_cs.profile index b99ad14a8..b41107bf1 100644 --- a/etc/profile-m-z/tor-browser_cs.profile +++ b/etc/profile-m-z/tor-browser_cs.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_cs.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_cs | 9 | noblacklist ${HOME}/.tor-browser_cs |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_cs | 11 | mkdir ${HOME}/.tor-browser_cs |
12 | allow ${HOME}/.tor-browser_cs | 12 | whitelist ${HOME}/.tor-browser_cs |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_da.profile b/etc/profile-m-z/tor-browser_da.profile index 545e53b7e..cbec4ee2e 100644 --- a/etc/profile-m-z/tor-browser_da.profile +++ b/etc/profile-m-z/tor-browser_da.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_da.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_da | 9 | noblacklist ${HOME}/.tor-browser_da |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_da | 11 | mkdir ${HOME}/.tor-browser_da |
12 | allow ${HOME}/.tor-browser_da | 12 | whitelist ${HOME}/.tor-browser_da |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_de.profile b/etc/profile-m-z/tor-browser_de.profile index 545f82f72..ea26765d3 100644 --- a/etc/profile-m-z/tor-browser_de.profile +++ b/etc/profile-m-z/tor-browser_de.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_de.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_de | 9 | noblacklist ${HOME}/.tor-browser_de |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_de | 11 | mkdir ${HOME}/.tor-browser_de |
12 | allow ${HOME}/.tor-browser_de | 12 | whitelist ${HOME}/.tor-browser_de |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_el.profile b/etc/profile-m-z/tor-browser_el.profile index 3120b1701..ff57a8722 100644 --- a/etc/profile-m-z/tor-browser_el.profile +++ b/etc/profile-m-z/tor-browser_el.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_el.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_el | 9 | noblacklist ${HOME}/.tor-browser_el |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_el | 11 | mkdir ${HOME}/.tor-browser_el |
12 | allow ${HOME}/.tor-browser_el | 12 | whitelist ${HOME}/.tor-browser_el |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_en-US.profile b/etc/profile-m-z/tor-browser_en-US.profile index 6719ac057..18c92b638 100644 --- a/etc/profile-m-z/tor-browser_en-US.profile +++ b/etc/profile-m-z/tor-browser_en-US.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_en-US.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_en-US | 9 | noblacklist ${HOME}/.tor-browser_en-US |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_en-US | 11 | mkdir ${HOME}/.tor-browser_en-US |
12 | allow ${HOME}/.tor-browser_en-US | 12 | whitelist ${HOME}/.tor-browser_en-US |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_en.profile b/etc/profile-m-z/tor-browser_en.profile index 4cbd37109..ebba83cc4 100644 --- a/etc/profile-m-z/tor-browser_en.profile +++ b/etc/profile-m-z/tor-browser_en.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_en.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_en | 9 | noblacklist ${HOME}/.tor-browser_en |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_en | 11 | mkdir ${HOME}/.tor-browser_en |
12 | allow ${HOME}/.tor-browser_en | 12 | whitelist ${HOME}/.tor-browser_en |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_es-ES.profile b/etc/profile-m-z/tor-browser_es-ES.profile index 6c8a5987c..aecab38d5 100644 --- a/etc/profile-m-z/tor-browser_es-ES.profile +++ b/etc/profile-m-z/tor-browser_es-ES.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_es-ES.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_es-ES | 9 | noblacklist ${HOME}/.tor-browser_es-ES |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_es-ES | 11 | mkdir ${HOME}/.tor-browser_es-ES |
12 | allow ${HOME}/.tor-browser_es-ES | 12 | whitelist ${HOME}/.tor-browser_es-ES |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_es.profile b/etc/profile-m-z/tor-browser_es.profile index 7d358b7ca..e19e9b5e6 100644 --- a/etc/profile-m-z/tor-browser_es.profile +++ b/etc/profile-m-z/tor-browser_es.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_es.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_es | 9 | noblacklist ${HOME}/.tor-browser_es |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_es | 11 | mkdir ${HOME}/.tor-browser_es |
12 | allow ${HOME}/.tor-browser_es | 12 | whitelist ${HOME}/.tor-browser_es |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_fa.profile b/etc/profile-m-z/tor-browser_fa.profile index fc4285c5d..68414c277 100644 --- a/etc/profile-m-z/tor-browser_fa.profile +++ b/etc/profile-m-z/tor-browser_fa.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_fa.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_fa | 9 | noblacklist ${HOME}/.tor-browser_fa |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_fa | 11 | mkdir ${HOME}/.tor-browser_fa |
12 | allow ${HOME}/.tor-browser_fa | 12 | whitelist ${HOME}/.tor-browser_fa |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_fr.profile b/etc/profile-m-z/tor-browser_fr.profile index 2d0c0ff1f..0a8bb30b7 100644 --- a/etc/profile-m-z/tor-browser_fr.profile +++ b/etc/profile-m-z/tor-browser_fr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_fr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_fr | 9 | noblacklist ${HOME}/.tor-browser_fr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_fr | 11 | mkdir ${HOME}/.tor-browser_fr |
12 | allow ${HOME}/.tor-browser_fr | 12 | whitelist ${HOME}/.tor-browser_fr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ga-IE.profile b/etc/profile-m-z/tor-browser_ga-IE.profile index 2880e1e2a..12354b900 100644 --- a/etc/profile-m-z/tor-browser_ga-IE.profile +++ b/etc/profile-m-z/tor-browser_ga-IE.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ga-IE.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ga-IE | 9 | noblacklist ${HOME}/.tor-browser_ga-IE |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ga-IE | 11 | mkdir ${HOME}/.tor-browser_ga-IE |
12 | allow ${HOME}/.tor-browser_ga-IE | 12 | whitelist ${HOME}/.tor-browser_ga-IE |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_he.profile b/etc/profile-m-z/tor-browser_he.profile index ac6993019..19cbb0809 100644 --- a/etc/profile-m-z/tor-browser_he.profile +++ b/etc/profile-m-z/tor-browser_he.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_he.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_he | 9 | noblacklist ${HOME}/.tor-browser_he |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_he | 11 | mkdir ${HOME}/.tor-browser_he |
12 | allow ${HOME}/.tor-browser_he | 12 | whitelist ${HOME}/.tor-browser_he |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_hu.profile b/etc/profile-m-z/tor-browser_hu.profile index 6877a6be4..62b55e170 100644 --- a/etc/profile-m-z/tor-browser_hu.profile +++ b/etc/profile-m-z/tor-browser_hu.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_hu.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_hu | 9 | noblacklist ${HOME}/.tor-browser_hu |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_hu | 11 | mkdir ${HOME}/.tor-browser_hu |
12 | allow ${HOME}/.tor-browser_hu | 12 | whitelist ${HOME}/.tor-browser_hu |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_id.profile b/etc/profile-m-z/tor-browser_id.profile index 5f5601f74..2970a7747 100644 --- a/etc/profile-m-z/tor-browser_id.profile +++ b/etc/profile-m-z/tor-browser_id.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_id.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_id | 9 | noblacklist ${HOME}/.tor-browser_id |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_id | 11 | mkdir ${HOME}/.tor-browser_id |
12 | allow ${HOME}/.tor-browser_id | 12 | whitelist ${HOME}/.tor-browser_id |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_is.profile b/etc/profile-m-z/tor-browser_is.profile index f0814d16e..f922c7644 100644 --- a/etc/profile-m-z/tor-browser_is.profile +++ b/etc/profile-m-z/tor-browser_is.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_is.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_is | 9 | noblacklist ${HOME}/.tor-browser_is |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_is | 11 | mkdir ${HOME}/.tor-browser_is |
12 | allow ${HOME}/.tor-browser_is | 12 | whitelist ${HOME}/.tor-browser_is |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_it.profile b/etc/profile-m-z/tor-browser_it.profile index fa01f6bca..406901759 100644 --- a/etc/profile-m-z/tor-browser_it.profile +++ b/etc/profile-m-z/tor-browser_it.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_it.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_it | 9 | noblacklist ${HOME}/.tor-browser_it |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_it | 11 | mkdir ${HOME}/.tor-browser_it |
12 | allow ${HOME}/.tor-browser_it | 12 | whitelist ${HOME}/.tor-browser_it |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ja.profile b/etc/profile-m-z/tor-browser_ja.profile index dde107dd3..8f9d8d751 100644 --- a/etc/profile-m-z/tor-browser_ja.profile +++ b/etc/profile-m-z/tor-browser_ja.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ja.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ja | 9 | noblacklist ${HOME}/.tor-browser_ja |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ja | 11 | mkdir ${HOME}/.tor-browser_ja |
12 | allow ${HOME}/.tor-browser_ja | 12 | whitelist ${HOME}/.tor-browser_ja |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ka.profile b/etc/profile-m-z/tor-browser_ka.profile index 7de4dff65..4de4135e1 100644 --- a/etc/profile-m-z/tor-browser_ka.profile +++ b/etc/profile-m-z/tor-browser_ka.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ka.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ka | 9 | noblacklist ${HOME}/.tor-browser_ka |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ka | 11 | mkdir ${HOME}/.tor-browser_ka |
12 | allow ${HOME}/.tor-browser_ka | 12 | whitelist ${HOME}/.tor-browser_ka |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ko.profile b/etc/profile-m-z/tor-browser_ko.profile index 7e3ceb4d9..125c733ce 100644 --- a/etc/profile-m-z/tor-browser_ko.profile +++ b/etc/profile-m-z/tor-browser_ko.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ko.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ko | 9 | noblacklist ${HOME}/.tor-browser_ko |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ko | 11 | mkdir ${HOME}/.tor-browser_ko |
12 | allow ${HOME}/.tor-browser_ko | 12 | whitelist ${HOME}/.tor-browser_ko |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_nb.profile b/etc/profile-m-z/tor-browser_nb.profile index c11001960..dc6ac876b 100644 --- a/etc/profile-m-z/tor-browser_nb.profile +++ b/etc/profile-m-z/tor-browser_nb.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_nb.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_nb | 9 | noblacklist ${HOME}/.tor-browser_nb |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_nb | 11 | mkdir ${HOME}/.tor-browser_nb |
12 | allow ${HOME}/.tor-browser_nb | 12 | whitelist ${HOME}/.tor-browser_nb |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_nl.profile b/etc/profile-m-z/tor-browser_nl.profile index 2d1044f9d..2a3a5b519 100644 --- a/etc/profile-m-z/tor-browser_nl.profile +++ b/etc/profile-m-z/tor-browser_nl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_nl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_nl | 9 | noblacklist ${HOME}/.tor-browser_nl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_nl | 11 | mkdir ${HOME}/.tor-browser_nl |
12 | allow ${HOME}/.tor-browser_nl | 12 | whitelist ${HOME}/.tor-browser_nl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_pl.profile b/etc/profile-m-z/tor-browser_pl.profile index 2818320a0..b7dec32db 100644 --- a/etc/profile-m-z/tor-browser_pl.profile +++ b/etc/profile-m-z/tor-browser_pl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_pl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_pl | 9 | noblacklist ${HOME}/.tor-browser_pl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_pl | 11 | mkdir ${HOME}/.tor-browser_pl |
12 | allow ${HOME}/.tor-browser_pl | 12 | whitelist ${HOME}/.tor-browser_pl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_pt-BR.profile b/etc/profile-m-z/tor-browser_pt-BR.profile index 8c33e2545..7a7d4726c 100644 --- a/etc/profile-m-z/tor-browser_pt-BR.profile +++ b/etc/profile-m-z/tor-browser_pt-BR.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_pt-BR.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_pt-BR | 9 | noblacklist ${HOME}/.tor-browser_pt-BR |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_pt-BR | 11 | mkdir ${HOME}/.tor-browser_pt-BR |
12 | allow ${HOME}/.tor-browser_pt-BR | 12 | whitelist ${HOME}/.tor-browser_pt-BR |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ru.profile b/etc/profile-m-z/tor-browser_ru.profile index 2553bb031..7d2e6bc97 100644 --- a/etc/profile-m-z/tor-browser_ru.profile +++ b/etc/profile-m-z/tor-browser_ru.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ru.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_ru | 9 | noblacklist ${HOME}/.tor-browser_ru |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ru | 11 | mkdir ${HOME}/.tor-browser_ru |
12 | allow ${HOME}/.tor-browser_ru | 12 | whitelist ${HOME}/.tor-browser_ru |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_sv-SE.profile b/etc/profile-m-z/tor-browser_sv-SE.profile index 3152cb658..585925e81 100644 --- a/etc/profile-m-z/tor-browser_sv-SE.profile +++ b/etc/profile-m-z/tor-browser_sv-SE.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_sv-SE.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_sv-SE | 9 | noblacklist ${HOME}/.tor-browser_sv-SE |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_sv-SE | 11 | mkdir ${HOME}/.tor-browser_sv-SE |
12 | allow ${HOME}/.tor-browser_sv-SE | 12 | whitelist ${HOME}/.tor-browser_sv-SE |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_tr.profile b/etc/profile-m-z/tor-browser_tr.profile index 9808d4725..4b0cc3821 100644 --- a/etc/profile-m-z/tor-browser_tr.profile +++ b/etc/profile-m-z/tor-browser_tr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_tr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_tr | 9 | noblacklist ${HOME}/.tor-browser_tr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_tr | 11 | mkdir ${HOME}/.tor-browser_tr |
12 | allow ${HOME}/.tor-browser_tr | 12 | whitelist ${HOME}/.tor-browser_tr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_vi.profile b/etc/profile-m-z/tor-browser_vi.profile index 364fca40b..4dcfbf56d 100644 --- a/etc/profile-m-z/tor-browser_vi.profile +++ b/etc/profile-m-z/tor-browser_vi.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_vi.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_vi | 9 | noblacklist ${HOME}/.tor-browser_vi |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_vi | 11 | mkdir ${HOME}/.tor-browser_vi |
12 | allow ${HOME}/.tor-browser_vi | 12 | whitelist ${HOME}/.tor-browser_vi |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_zh-CN.profile b/etc/profile-m-z/tor-browser_zh-CN.profile index 193e8a399..1e03b8d6b 100644 --- a/etc/profile-m-z/tor-browser_zh-CN.profile +++ b/etc/profile-m-z/tor-browser_zh-CN.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_zh-CN.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_zh-CN | 9 | noblacklist ${HOME}/.tor-browser_zh-CN |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_zh-CN | 11 | mkdir ${HOME}/.tor-browser_zh-CN |
12 | allow ${HOME}/.tor-browser_zh-CN | 12 | whitelist ${HOME}/.tor-browser_zh-CN |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_zh-TW.profile b/etc/profile-m-z/tor-browser_zh-TW.profile index 047be9b8e..a2dcf5cf1 100644 --- a/etc/profile-m-z/tor-browser_zh-TW.profile +++ b/etc/profile-m-z/tor-browser_zh-TW.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_zh-TW.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tor-browser_zh-TW | 9 | noblacklist ${HOME}/.tor-browser_zh-TW |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_zh-TW | 11 | mkdir ${HOME}/.tor-browser_zh-TW |
12 | allow ${HOME}/.tor-browser_zh-TW | 12 | whitelist ${HOME}/.tor-browser_zh-TW |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/torbrowser-launcher.profile b/etc/profile-m-z/torbrowser-launcher.profile index 65a37db5f..7659ed1e9 100644 --- a/etc/profile-m-z/torbrowser-launcher.profile +++ b/etc/profile-m-z/torbrowser-launcher.profile | |||
@@ -8,15 +8,15 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.config/torbrowser | 11 | noblacklist ${HOME}/.config/torbrowser |
12 | nodeny ${HOME}/.local/share/torbrowser | 12 | noblacklist ${HOME}/.local/share/torbrowser |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
16 | include allow-python3.inc | 16 | include allow-python3.inc |
17 | 17 | ||
18 | deny /opt | 18 | blacklist /opt |
19 | deny /srv | 19 | blacklist /srv |
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
@@ -28,10 +28,10 @@ include disable-xdg.inc | |||
28 | 28 | ||
29 | mkdir ${HOME}/.config/torbrowser | 29 | mkdir ${HOME}/.config/torbrowser |
30 | mkdir ${HOME}/.local/share/torbrowser | 30 | mkdir ${HOME}/.local/share/torbrowser |
31 | allow ${DOWNLOADS} | 31 | whitelist ${DOWNLOADS} |
32 | allow ${HOME}/.config/torbrowser | 32 | whitelist ${HOME}/.config/torbrowser |
33 | allow ${HOME}/.local/share/torbrowser | 33 | whitelist ${HOME}/.local/share/torbrowser |
34 | allow /usr/share/torbrowser-launcher | 34 | whitelist /usr/share/torbrowser-launcher |
35 | include whitelist-common.inc | 35 | include whitelist-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | include whitelist-runuser-common.inc | 37 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/torcs.profile b/etc/profile-m-z/torcs.profile index c5d89c3e3..0f98a8f64 100644 --- a/etc/profile-m-z/torcs.profile +++ b/etc/profile-m-z/torcs.profile | |||
@@ -6,7 +6,7 @@ include torcs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.torcs | 9 | noblacklist ${HOME}/.torcs |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.torcs | 19 | mkdir ${HOME}/.torcs |
20 | allow ${HOME}/.torcs | 20 | whitelist ${HOME}/.torcs |
21 | allow /usr/share/games/torcs | 21 | whitelist /usr/share/games/torcs |
22 | allow /var/games/torcs | 22 | whitelist /var/games/torcs |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/totem.profile b/etc/profile-m-z/totem.profile index 77d3c55f8..70d9e0aee 100644 --- a/etc/profile-m-z/totem.profile +++ b/etc/profile-m-z/totem.profile | |||
@@ -13,8 +13,8 @@ include allow-lua.inc | |||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python3.inc | 14 | include allow-python3.inc |
15 | 15 | ||
16 | nodeny ${HOME}/.config/totem | 16 | noblacklist ${HOME}/.config/totem |
17 | nodeny ${HOME}/.local/share/totem | 17 | noblacklist ${HOME}/.local/share/totem |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
@@ -27,9 +27,9 @@ include disable-shell.inc | |||
27 | read-only ${DESKTOP} | 27 | read-only ${DESKTOP} |
28 | mkdir ${HOME}/.config/totem | 28 | mkdir ${HOME}/.config/totem |
29 | mkdir ${HOME}/.local/share/totem | 29 | mkdir ${HOME}/.local/share/totem |
30 | allow ${HOME}/.config/totem | 30 | whitelist ${HOME}/.config/totem |
31 | allow ${HOME}/.local/share/totem | 31 | whitelist ${HOME}/.local/share/totem |
32 | allow /usr/share/totem | 32 | whitelist /usr/share/totem |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-player-common.inc | 34 | include whitelist-player-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile index 26f4abd0b..87c5de076 100644 --- a/etc/profile-m-z/tracker.profile +++ b/etc/profile-m-z/tracker.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | # Tracker is started by systemd on most systems. Therefore it is not firejailed by default | 9 | # Tracker is started by systemd on most systems. Therefore it is not firejailed by default |
10 | 10 | ||
11 | deny /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | deny ${RUNUSER}/wayland-* | 12 | blacklist ${RUNUSER}/wayland-* |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile index d5920e2a2..ea118a9f0 100644 --- a/etc/profile-m-z/transgui.profile +++ b/etc/profile-m-z/transgui.profile | |||
@@ -6,7 +6,7 @@ include transgui.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/transgui | 9 | noblacklist ${HOME}/.config/transgui |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/transgui | 20 | mkdir ${HOME}/.config/transgui |
21 | allow ${HOME}/.config/transgui | 21 | whitelist ${HOME}/.config/transgui |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/transmission-common.profile b/etc/profile-m-z/transmission-common.profile index 5c2cf9d9a..82671b709 100644 --- a/etc/profile-m-z/transmission-common.profile +++ b/etc/profile-m-z/transmission-common.profile | |||
@@ -7,8 +7,8 @@ include transmission-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/transmission | 10 | noblacklist ${HOME}/.cache/transmission |
11 | nodeny ${HOME}/.config/transmission | 11 | noblacklist ${HOME}/.config/transmission |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/transmission | 20 | mkdir ${HOME}/.cache/transmission |
21 | mkdir ${HOME}/.config/transmission | 21 | mkdir ${HOME}/.config/transmission |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow ${HOME}/.cache/transmission | 23 | whitelist ${HOME}/.cache/transmission |
24 | allow ${HOME}/.config/transmission | 24 | whitelist ${HOME}/.config/transmission |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/transmission-daemon.profile b/etc/profile-m-z/transmission-daemon.profile index 9f0c464fc..348d3cb80 100644 --- a/etc/profile-m-z/transmission-daemon.profile +++ b/etc/profile-m-z/transmission-daemon.profile | |||
@@ -10,8 +10,8 @@ include globals.local | |||
10 | ignore caps.drop all | 10 | ignore caps.drop all |
11 | 11 | ||
12 | mkdir ${HOME}/.config/transmission-daemon | 12 | mkdir ${HOME}/.config/transmission-daemon |
13 | allow ${HOME}/.config/transmission-daemon | 13 | whitelist ${HOME}/.config/transmission-daemon |
14 | allow /var/lib/transmission | 14 | whitelist /var/lib/transmission |
15 | 15 | ||
16 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot | 16 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot |
17 | protocol packet | 17 | protocol packet |
diff --git a/etc/profile-m-z/transmission-remote-gtk.profile b/etc/profile-m-z/transmission-remote-gtk.profile index 7c8eddcbc..a6400e2c0 100644 --- a/etc/profile-m-z/transmission-remote-gtk.profile +++ b/etc/profile-m-z/transmission-remote-gtk.profile | |||
@@ -7,10 +7,10 @@ include transmission-remote-gtk.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.config/transmission-remote-gtk | 10 | noblacklist ${HOME}/.config/transmission-remote-gtk |
11 | 11 | ||
12 | mkdir ${HOME}/.config/transmission-remote-gtk | 12 | mkdir ${HOME}/.config/transmission-remote-gtk |
13 | allow ${HOME}/.config/transmission-remote-gtk | 13 | whitelist ${HOME}/.config/transmission-remote-gtk |
14 | 14 | ||
15 | private-etc fonts,hostname,hosts,resolv.conf | 15 | private-etc fonts,hostname,hosts,resolv.conf |
16 | # Problems with private-lib (see issue #2889) | 16 | # Problems with private-lib (see issue #2889) |
diff --git a/etc/profile-m-z/tremulous.profile b/etc/profile-m-z/tremulous.profile index c2797ddaa..aba563fac 100644 --- a/etc/profile-m-z/tremulous.profile +++ b/etc/profile-m-z/tremulous.profile | |||
@@ -6,7 +6,7 @@ include tremulous.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.tremulous | 9 | noblacklist ${HOME}/.tremulous |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.tremulous | 20 | mkdir ${HOME}/.tremulous |
21 | allow ${HOME}/.tremulous | 21 | whitelist ${HOME}/.tremulous |
22 | allow /usr/share/tremulous | 22 | whitelist /usr/share/tremulous |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile index 95f39b35d..2d95081f6 100644 --- a/etc/profile-m-z/trojita.profile +++ b/etc/profile-m-z/trojita.profile | |||
@@ -6,10 +6,10 @@ include trojita.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.abook | 9 | noblacklist ${HOME}/.abook |
10 | nodeny ${HOME}/.mozilla | 10 | noblacklist ${HOME}/.mozilla |
11 | nodeny ${HOME}/.cache/flaska.net/trojita | 11 | noblacklist ${HOME}/.cache/flaska.net/trojita |
12 | nodeny ${HOME}/.config/flaska.net | 12 | noblacklist ${HOME}/.config/flaska.net |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-xdg.inc | |||
23 | mkdir ${HOME}/.abook | 23 | mkdir ${HOME}/.abook |
24 | mkdir ${HOME}/.cache/flaska.net/trojita | 24 | mkdir ${HOME}/.cache/flaska.net/trojita |
25 | mkdir ${HOME}/.config/flaska.net | 25 | mkdir ${HOME}/.config/flaska.net |
26 | allow ${HOME}/.abook | 26 | whitelist ${HOME}/.abook |
27 | allow ${HOME}/.mozilla/firefox/profiles.ini | 27 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
28 | allow ${HOME}/.cache/flaska.net/trojita | 28 | whitelist ${HOME}/.cache/flaska.net/trojita |
29 | allow ${HOME}/.config/flaska.net | 29 | whitelist ${HOME}/.config/flaska.net |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/truecraft.profile b/etc/profile-m-z/truecraft.profile index 76f289a27..749626475 100644 --- a/etc/profile-m-z/truecraft.profile +++ b/etc/profile-m-z/truecraft.profile | |||
@@ -5,8 +5,8 @@ include truecraft.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/mono | 8 | noblacklist ${HOME}/.config/mono |
9 | nodeny ${HOME}/.config/truecraft | 9 | noblacklist ${HOME}/.config/truecraft |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | mkdir ${HOME}/.config/mono | 18 | mkdir ${HOME}/.config/mono |
19 | mkdir ${HOME}/.config/truecraft | 19 | mkdir ${HOME}/.config/truecraft |
20 | allow ${HOME}/.config/mono | 20 | whitelist ${HOME}/.config/mono |
21 | allow ${HOME}/.config/truecraft | 21 | whitelist ${HOME}/.config/truecraft |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/ts3client_runscript.sh.profile b/etc/profile-m-z/ts3client_runscript.sh.profile index cd6ae96df..8d4675454 100644 --- a/etc/profile-m-z/ts3client_runscript.sh.profile +++ b/etc/profile-m-z/ts3client_runscript.sh.profile | |||
@@ -9,11 +9,11 @@ include ts3client_runscript.sh.local | |||
9 | 9 | ||
10 | ignore noexec ${HOME} | 10 | ignore noexec ${HOME} |
11 | 11 | ||
12 | nodeny ${HOME}/TeamSpeak3-Client-linux_x86 | 12 | noblacklist ${HOME}/TeamSpeak3-Client-linux_x86 |
13 | nodeny ${HOME}/TeamSpeak3-Client-linux_amd64 | 13 | noblacklist ${HOME}/TeamSpeak3-Client-linux_amd64 |
14 | 14 | ||
15 | allow ${HOME}/TeamSpeak3-Client-linux_x86 | 15 | whitelist ${HOME}/TeamSpeak3-Client-linux_x86 |
16 | allow ${HOME}/TeamSpeak3-Client-linux_amd64 | 16 | whitelist ${HOME}/TeamSpeak3-Client-linux_amd64 |
17 | 17 | ||
18 | # Redirect | 18 | # Redirect |
19 | include teamspeak3.profile | 19 | include teamspeak3.profile |
diff --git a/etc/profile-m-z/tutanota-desktop.profile b/etc/profile-m-z/tutanota-desktop.profile index e59a86ce6..d2cb0cc8a 100644 --- a/etc/profile-m-z/tutanota-desktop.profile +++ b/etc/profile-m-z/tutanota-desktop.profile | |||
@@ -6,8 +6,8 @@ include tutanota-desktop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/tuta_integration | 9 | noblacklist ${HOME}/.config/tuta_integration |
10 | nodeny ${HOME}/.config/tutanota-desktop | 10 | noblacklist ${HOME}/.config/tutanota-desktop |
11 | 11 | ||
12 | ignore noexec /tmp | 12 | ignore noexec /tmp |
13 | 13 | ||
@@ -15,12 +15,12 @@ include disable-shell.inc | |||
15 | 15 | ||
16 | mkdir ${HOME}/.config/tuta_integration | 16 | mkdir ${HOME}/.config/tuta_integration |
17 | mkdir ${HOME}/.config/tutanota-desktop | 17 | mkdir ${HOME}/.config/tutanota-desktop |
18 | allow ${HOME}/.config/tuta_integration | 18 | whitelist ${HOME}/.config/tuta_integration |
19 | allow ${HOME}/.config/tutanota-desktop | 19 | whitelist ${HOME}/.config/tutanota-desktop |
20 | 20 | ||
21 | # These lines are needed to allow Firefox to open links | 21 | # These lines are needed to allow Firefox to open links |
22 | nodeny ${HOME}/.mozilla | 22 | noblacklist ${HOME}/.mozilla |
23 | allow ${HOME}/.mozilla/firefox/profiles.ini | 23 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
24 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 24 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
25 | 25 | ||
26 | ?HAS_APPIMAGE: ignore private-dev | 26 | ?HAS_APPIMAGE: ignore private-dev |
diff --git a/etc/profile-m-z/tuxguitar.profile b/etc/profile-m-z/tuxguitar.profile index 5bb97e161..3cd496412 100644 --- a/etc/profile-m-z/tuxguitar.profile +++ b/etc/profile-m-z/tuxguitar.profile | |||
@@ -9,9 +9,9 @@ include globals.local | |||
9 | # tuxguitar fails to launch | 9 | # tuxguitar fails to launch |
10 | ignore noexec ${HOME} | 10 | ignore noexec ${HOME} |
11 | 11 | ||
12 | nodeny ${HOME}/.tuxguitar* | 12 | noblacklist ${HOME}/.tuxguitar* |
13 | nodeny ${DOCUMENTS} | 13 | noblacklist ${DOCUMENTS} |
14 | nodeny ${MUSIC} | 14 | noblacklist ${MUSIC} |
15 | 15 | ||
16 | # Allow java (blacklisted by disable-devel.inc) | 16 | # Allow java (blacklisted by disable-devel.inc) |
17 | include allow-java.inc | 17 | include allow-java.inc |
diff --git a/etc/profile-m-z/tvbrowser.profile b/etc/profile-m-z/tvbrowser.profile index 8febcd337..dae7d86da 100644 --- a/etc/profile-m-z/tvbrowser.profile +++ b/etc/profile-m-z/tvbrowser.profile | |||
@@ -6,8 +6,8 @@ include tvbrowser.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/tvbrowser | 9 | noblacklist ${HOME}/.config/tvbrowser |
10 | nodeny ${HOME}/.tvbrowser | 10 | noblacklist ${HOME}/.tvbrowser |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.config/tvbrowser | 23 | mkdir ${HOME}/.config/tvbrowser |
24 | mkdir ${HOME}/.tvbrowser | 24 | mkdir ${HOME}/.tvbrowser |
25 | allow ${HOME}/.config/tvbrowser | 25 | whitelist ${HOME}/.config/tvbrowser |
26 | allow ${HOME}/.tvbrowser | 26 | whitelist ${HOME}/.tvbrowser |
27 | allow /usr/share/tvbrowser | 27 | whitelist /usr/share/tvbrowser |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile index abcc885e6..2f573c872 100644 --- a/etc/profile-m-z/twitch.profile +++ b/etc/profile-m-z/twitch.profile | |||
@@ -10,12 +10,12 @@ include globals.local | |||
10 | ignore nou2f | 10 | ignore nou2f |
11 | ignore novideo | 11 | ignore novideo |
12 | 12 | ||
13 | nodeny ${HOME}/.config/Twitch | 13 | noblacklist ${HOME}/.config/Twitch |
14 | 14 | ||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/Twitch | 17 | mkdir ${HOME}/.config/Twitch |
18 | allow ${HOME}/.config/Twitch | 18 | whitelist ${HOME}/.config/Twitch |
19 | 19 | ||
20 | private-bin twitch | 20 | private-bin twitch |
21 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 21 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/uefitool.profile b/etc/profile-m-z/uefitool.profile index 8c705c95f..3e4fdbb03 100644 --- a/etc/profile-m-z/uefitool.profile +++ b/etc/profile-m-z/uefitool.profile | |||
@@ -5,7 +5,7 @@ include uefitool.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${DOCUMENTS} | 8 | noblacklist ${DOCUMENTS} |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/uget-gtk.profile b/etc/profile-m-z/uget-gtk.profile index eed2db541..4420099ff 100644 --- a/etc/profile-m-z/uget-gtk.profile +++ b/etc/profile-m-z/uget-gtk.profile | |||
@@ -5,7 +5,7 @@ include uget-gtk.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/uGet | 8 | noblacklist ${HOME}/.config/uGet |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -14,8 +14,8 @@ include disable-programs.inc | |||
14 | include disable-shell.inc | 14 | include disable-shell.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.config/uGet | 16 | mkdir ${HOME}/.config/uGet |
17 | allow ${DOWNLOADS} | 17 | whitelist ${DOWNLOADS} |
18 | allow ${HOME}/.config/uGet | 18 | whitelist ${HOME}/.config/uGet |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/unbound.profile b/etc/profile-m-z/unbound.profile index 7e7b3fbec..0c077babf 100644 --- a/etc/profile-m-z/unbound.profile +++ b/etc/profile-m-z/unbound.profile | |||
@@ -6,11 +6,11 @@ include unbound.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny /sbin | 9 | noblacklist /sbin |
10 | nodeny /usr/sbin | 10 | noblacklist /usr/sbin |
11 | 11 | ||
12 | deny /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | deny ${RUNUSER}/wayland-* | 13 | blacklist ${RUNUSER}/wayland-* |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,8 +22,8 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | 24 | ||
25 | allow /var/lib/unbound | 25 | whitelist /var/lib/unbound |
26 | allow /var/run | 26 | whitelist /var/run |
27 | 27 | ||
28 | caps.keep net_admin,net_bind_service,setgid,setuid,sys_chroot,sys_resource | 28 | caps.keep net_admin,net_bind_service,setgid,setuid,sys_chroot,sys_resource |
29 | ipc-namespace | 29 | ipc-namespace |
diff --git a/etc/profile-m-z/unf.profile b/etc/profile-m-z/unf.profile index 846271971..6db7ba362 100644 --- a/etc/profile-m-z/unf.profile +++ b/etc/profile-m-z/unf.profile | |||
@@ -7,7 +7,7 @@ include unf.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-programs.inc | |||
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | allow ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/unknown-horizons.profile b/etc/profile-m-z/unknown-horizons.profile index 3e1c6264d..956492f52 100644 --- a/etc/profile-m-z/unknown-horizons.profile +++ b/etc/profile-m-z/unknown-horizons.profile | |||
@@ -6,7 +6,7 @@ include unknown-horizons.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.unknown-horizons | 9 | noblacklist ${HOME}/.unknown-horizons |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -14,10 +14,10 @@ include disable-passwdmgr.inc | |||
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.unknown-horizons | 16 | mkdir ${HOME}/.unknown-horizons |
17 | allow ${HOME}/.unknown-horizons | 17 | whitelist ${HOME}/.unknown-horizons |
18 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-runuser-common.inc | 19 | include whitelist-runuser-common.inc |
20 | allow /usr/share/unknown-horizons | 20 | whitelist /usr/share/unknown-horizons |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index 99d2415ca..0231e3dba 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile | |||
@@ -8,7 +8,7 @@ include unzip.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | # GNOME Shell integration (chrome-gnome-shell) | 10 | # GNOME Shell integration (chrome-gnome-shell) |
11 | nodeny ${HOME}/.local/share/gnome-shell | 11 | noblacklist ${HOME}/.local/share/gnome-shell |
12 | 12 | ||
13 | private-etc alternatives,group,localtime,passwd | 13 | private-etc alternatives,group,localtime,passwd |
14 | 14 | ||
diff --git a/etc/profile-m-z/utox.profile b/etc/profile-m-z/utox.profile index 3b0f7c646..dd881f091 100644 --- a/etc/profile-m-z/utox.profile +++ b/etc/profile-m-z/utox.profile | |||
@@ -6,8 +6,8 @@ include utox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/Tox | 9 | noblacklist ${HOME}/.cache/Tox |
10 | nodeny ${HOME}/.config/tox | 10 | noblacklist ${HOME}/.config/tox |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/tox | 21 | mkdir ${HOME}/.config/tox |
22 | allow ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | allow ${HOME}/.config/tox | 23 | whitelist ${HOME}/.config/tox |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/uudeview.profile b/etc/profile-m-z/uudeview.profile index 3bda71666..2adc044e5 100644 --- a/etc/profile-m-z/uudeview.profile +++ b/etc/profile-m-z/uudeview.profile | |||
@@ -7,7 +7,7 @@ include uudeview.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny ${RUNUSER}/wayland-* | 10 | blacklist ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/uzbl-browser.profile b/etc/profile-m-z/uzbl-browser.profile index 6899f4bf7..41487a8f2 100644 --- a/etc/profile-m-z/uzbl-browser.profile +++ b/etc/profile-m-z/uzbl-browser.profile | |||
@@ -5,9 +5,9 @@ include uzbl-browser.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/uzbl | 8 | noblacklist ${HOME}/.config/uzbl |
9 | nodeny ${HOME}/.gnupg | 9 | noblacklist ${HOME}/.gnupg |
10 | nodeny ${HOME}/.local/share/uzbl | 10 | noblacklist ${HOME}/.local/share/uzbl |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
@@ -22,11 +22,11 @@ mkdir ${HOME}/.config/uzbl | |||
22 | mkdir ${HOME}/.gnupg | 22 | mkdir ${HOME}/.gnupg |
23 | mkdir ${HOME}/.local/share/uzbl | 23 | mkdir ${HOME}/.local/share/uzbl |
24 | mkdir ${HOME}/.password-store | 24 | mkdir ${HOME}/.password-store |
25 | allow ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | allow ${HOME}/.config/uzbl | 26 | whitelist ${HOME}/.config/uzbl |
27 | allow ${HOME}/.gnupg | 27 | whitelist ${HOME}/.gnupg |
28 | allow ${HOME}/.local/share/uzbl | 28 | whitelist ${HOME}/.local/share/uzbl |
29 | allow ${HOME}/.password-store | 29 | whitelist ${HOME}/.password-store |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | 31 | ||
32 | caps.drop all | 32 | caps.drop all |
diff --git a/etc/profile-m-z/viewnior.profile b/etc/profile-m-z/viewnior.profile index e0bf02706..a9ba344dd 100644 --- a/etc/profile-m-z/viewnior.profile +++ b/etc/profile-m-z/viewnior.profile | |||
@@ -6,11 +6,11 @@ include viewnior.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.Steam | 9 | noblacklist ${HOME}/.Steam |
10 | nodeny ${HOME}/.config/viewnior | 10 | noblacklist ${HOME}/.config/viewnior |
11 | nodeny ${HOME}/.steam | 11 | noblacklist ${HOME}/.steam |
12 | 12 | ||
13 | deny ${HOME}/.bashrc | 13 | blacklist ${HOME}/.bashrc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-m-z/viking.profile b/etc/profile-m-z/viking.profile index b16f691d6..8f8ef5939 100644 --- a/etc/profile-m-z/viking.profile +++ b/etc/profile-m-z/viking.profile | |||
@@ -6,9 +6,9 @@ include viking.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.viking | 9 | noblacklist ${HOME}/.viking |
10 | nodeny ${HOME}/.viking-maps | 10 | noblacklist ${HOME}/.viking-maps |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/vim.profile b/etc/profile-m-z/vim.profile index b535225dd..c3cfe5980 100644 --- a/etc/profile-m-z/vim.profile +++ b/etc/profile-m-z/vim.profile | |||
@@ -6,9 +6,9 @@ include vim.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.vim | 9 | noblacklist ${HOME}/.vim |
10 | nodeny ${HOME}/.viminfo | 10 | noblacklist ${HOME}/.viminfo |
11 | nodeny ${HOME}/.vimrc | 11 | noblacklist ${HOME}/.vimrc |
12 | 12 | ||
13 | # Allows files commonly used by IDEs | 13 | # Allows files commonly used by IDEs |
14 | include allow-common-devel.inc | 14 | include allow-common-devel.inc |
diff --git a/etc/profile-m-z/virtualbox.profile b/etc/profile-m-z/virtualbox.profile index f28828338..c22fb0ff9 100644 --- a/etc/profile-m-z/virtualbox.profile +++ b/etc/profile-m-z/virtualbox.profile | |||
@@ -6,12 +6,12 @@ include virtualbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.VirtualBox | 9 | noblacklist ${HOME}/.VirtualBox |
10 | nodeny ${HOME}/.config/VirtualBox | 10 | noblacklist ${HOME}/.config/VirtualBox |
11 | nodeny ${HOME}/VirtualBox VMs | 11 | noblacklist ${HOME}/VirtualBox VMs |
12 | # noblacklist /usr/bin/virtualbox | 12 | # noblacklist /usr/bin/virtualbox |
13 | nodeny /usr/lib/virtualbox | 13 | noblacklist /usr/lib/virtualbox |
14 | nodeny /usr/lib64/virtualbox | 14 | noblacklist /usr/lib64/virtualbox |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-xdg.inc | |||
23 | 23 | ||
24 | mkdir ${HOME}/.config/VirtualBox | 24 | mkdir ${HOME}/.config/VirtualBox |
25 | mkdir ${HOME}/VirtualBox VMs | 25 | mkdir ${HOME}/VirtualBox VMs |
26 | allow ${HOME}/.config/VirtualBox | 26 | whitelist ${HOME}/.config/VirtualBox |
27 | allow ${HOME}/VirtualBox VMs | 27 | whitelist ${HOME}/VirtualBox VMs |
28 | allow ${DOWNLOADS} | 28 | whitelist ${DOWNLOADS} |
29 | allow /usr/share/virtualbox | 29 | whitelist /usr/share/virtualbox |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/vivaldi.profile b/etc/profile-m-z/vivaldi.profile index 3858405db..fdeb0307f 100644 --- a/etc/profile-m-z/vivaldi.profile +++ b/etc/profile-m-z/vivaldi.profile | |||
@@ -8,26 +8,26 @@ include globals.local | |||
8 | # Allow HTML5 Proprietary Media & DRM/EME (Widevine) | 8 | # Allow HTML5 Proprietary Media & DRM/EME (Widevine) |
9 | ignore apparmor | 9 | ignore apparmor |
10 | ignore noexec /var | 10 | ignore noexec /var |
11 | nodeny /var/opt | 11 | noblacklist /var/opt |
12 | allow /var/opt/vivaldi | 12 | whitelist /var/opt/vivaldi |
13 | writable-var | 13 | writable-var |
14 | 14 | ||
15 | nodeny ${HOME}/.cache/vivaldi | 15 | noblacklist ${HOME}/.cache/vivaldi |
16 | nodeny ${HOME}/.cache/vivaldi-snapshot | 16 | noblacklist ${HOME}/.cache/vivaldi-snapshot |
17 | nodeny ${HOME}/.config/vivaldi | 17 | noblacklist ${HOME}/.config/vivaldi |
18 | nodeny ${HOME}/.config/vivaldi-snapshot | 18 | noblacklist ${HOME}/.config/vivaldi-snapshot |
19 | nodeny ${HOME}/.local/lib/vivaldi | 19 | noblacklist ${HOME}/.local/lib/vivaldi |
20 | 20 | ||
21 | mkdir ${HOME}/.cache/vivaldi | 21 | mkdir ${HOME}/.cache/vivaldi |
22 | mkdir ${HOME}/.cache/vivaldi-snapshot | 22 | mkdir ${HOME}/.cache/vivaldi-snapshot |
23 | mkdir ${HOME}/.config/vivaldi | 23 | mkdir ${HOME}/.config/vivaldi |
24 | mkdir ${HOME}/.config/vivaldi-snapshot | 24 | mkdir ${HOME}/.config/vivaldi-snapshot |
25 | mkdir ${HOME}/.local/lib/vivaldi | 25 | mkdir ${HOME}/.local/lib/vivaldi |
26 | allow ${HOME}/.cache/vivaldi | 26 | whitelist ${HOME}/.cache/vivaldi |
27 | allow ${HOME}/.cache/vivaldi-snapshot | 27 | whitelist ${HOME}/.cache/vivaldi-snapshot |
28 | allow ${HOME}/.config/vivaldi | 28 | whitelist ${HOME}/.config/vivaldi |
29 | allow ${HOME}/.config/vivaldi-snapshot | 29 | whitelist ${HOME}/.config/vivaldi-snapshot |
30 | allow ${HOME}/.local/lib/vivaldi | 30 | whitelist ${HOME}/.local/lib/vivaldi |
31 | 31 | ||
32 | #private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot | 32 | #private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot |
33 | 33 | ||
diff --git a/etc/profile-m-z/vlc.profile b/etc/profile-m-z/vlc.profile index ede2d4525..cd7dccd8a 100644 --- a/etc/profile-m-z/vlc.profile +++ b/etc/profile-m-z/vlc.profile | |||
@@ -6,10 +6,10 @@ include vlc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/vlc | 9 | noblacklist ${HOME}/.cache/vlc |
10 | nodeny ${HOME}/.config/vlc | 10 | noblacklist ${HOME}/.config/vlc |
11 | nodeny ${HOME}/.config/aacs | 11 | noblacklist ${HOME}/.config/aacs |
12 | nodeny ${HOME}/.local/share/vlc | 12 | noblacklist ${HOME}/.local/share/vlc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -22,10 +22,10 @@ read-only ${DESKTOP} | |||
22 | mkdir ${HOME}/.cache/vlc | 22 | mkdir ${HOME}/.cache/vlc |
23 | mkdir ${HOME}/.config/vlc | 23 | mkdir ${HOME}/.config/vlc |
24 | mkdir ${HOME}/.local/share/vlc | 24 | mkdir ${HOME}/.local/share/vlc |
25 | allow ${HOME}/.cache/vlc | 25 | whitelist ${HOME}/.cache/vlc |
26 | allow ${HOME}/.config/vlc | 26 | whitelist ${HOME}/.config/vlc |
27 | allow ${HOME}/.config/aacs | 27 | whitelist ${HOME}/.config/aacs |
28 | allow ${HOME}/.local/share/vlc | 28 | whitelist ${HOME}/.local/share/vlc |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-player-common.inc | 30 | include whitelist-player-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/vmware-view.profile b/etc/profile-m-z/vmware-view.profile index f23e90e84..f07c31b68 100644 --- a/etc/profile-m-z/vmware-view.profile +++ b/etc/profile-m-z/vmware-view.profile | |||
@@ -6,10 +6,10 @@ include vmware-view.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.vmware | 9 | noblacklist ${HOME}/.vmware |
10 | 10 | ||
11 | nodeny /sbin | 11 | noblacklist /sbin |
12 | nodeny /usr/sbin | 12 | noblacklist /usr/sbin |
13 | 13 | ||
14 | include allow-bin-sh.inc | 14 | include allow-bin-sh.inc |
15 | 15 | ||
@@ -23,7 +23,7 @@ include disable-shell.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.vmware | 25 | mkdir ${HOME}/.vmware |
26 | allow ${HOME}/.vmware | 26 | whitelist ${HOME}/.vmware |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile index 3a535588f..5241e27b3 100644 --- a/etc/profile-m-z/vmware.profile +++ b/etc/profile-m-z/vmware.profile | |||
@@ -6,8 +6,8 @@ include vmware.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/vmware | 9 | noblacklist ${HOME}/.cache/vmware |
10 | nodeny ${HOME}/.vmware | 10 | noblacklist ${HOME}/.vmware |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/vmware | 20 | mkdir ${HOME}/.cache/vmware |
21 | mkdir ${HOME}/.vmware | 21 | mkdir ${HOME}/.vmware |
22 | allow ${HOME}/.cache/vmware | 22 | whitelist ${HOME}/.cache/vmware |
23 | allow ${HOME}/.vmware | 23 | whitelist ${HOME}/.vmware |
24 | # Add the next lines to your vmware.local if you need to use "shared VM". | 24 | # Add the next lines to your vmware.local if you need to use "shared VM". |
25 | #whitelist /var/lib/vmware | 25 | #whitelist /var/lib/vmware |
26 | #writable-var | 26 | #writable-var |
diff --git a/etc/profile-m-z/vscodium.profile b/etc/profile-m-z/vscodium.profile index 7996113f5..a4a4fb7d8 100644 --- a/etc/profile-m-z/vscodium.profile +++ b/etc/profile-m-z/vscodium.profile | |||
@@ -6,7 +6,7 @@ include vscodium.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.VSCodium | 9 | noblacklist ${HOME}/.VSCodium |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include code.profile | 12 | include code.profile |
diff --git a/etc/profile-m-z/vulturesclaw.profile b/etc/profile-m-z/vulturesclaw.profile index a6c38c1f1..fa6ddf1fb 100644 --- a/etc/profile-m-z/vulturesclaw.profile +++ b/etc/profile-m-z/vulturesclaw.profile | |||
@@ -6,8 +6,8 @@ include vulturesclaw.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny /var/games/vulturesclaw | 9 | noblacklist /var/games/vulturesclaw |
10 | allow /var/games/vulturesclaw | 10 | whitelist /var/games/vulturesclaw |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
13 | include nethack-vultures.profile | 13 | include nethack-vultures.profile |
diff --git a/etc/profile-m-z/vultureseye.profile b/etc/profile-m-z/vultureseye.profile index 763c50bf6..49d3fa94f 100644 --- a/etc/profile-m-z/vultureseye.profile +++ b/etc/profile-m-z/vultureseye.profile | |||
@@ -6,8 +6,8 @@ include vultureseye.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | nodeny /var/games/vultureseye | 9 | noblacklist /var/games/vultureseye |
10 | allow /var/games/vultureseye | 10 | whitelist /var/games/vultureseye |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
13 | include nethack-vultures.profile | 13 | include nethack-vultures.profile |
diff --git a/etc/profile-m-z/vym.profile b/etc/profile-m-z/vym.profile index 1f2462c32..5421c4e4b 100644 --- a/etc/profile-m-z/vym.profile +++ b/etc/profile-m-z/vym.profile | |||
@@ -6,7 +6,7 @@ include vym.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/InSilmaril | 9 | noblacklist ${HOME}/.config/InSilmaril |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index 6b38bbf13..69b2c6c59 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile | |||
@@ -12,10 +12,10 @@ include globals.local | |||
12 | #ignore private-dev | 12 | #ignore private-dev |
13 | #ignore private-etc | 13 | #ignore private-etc |
14 | 14 | ||
15 | nodeny ${HOME}/.w3m | 15 | noblacklist ${HOME}/.w3m |
16 | 16 | ||
17 | deny /tmp/.X11-unix | 17 | blacklist /tmp/.X11-unix |
18 | deny ${RUNUSER}/wayland-* | 18 | blacklist ${RUNUSER}/wayland-* |
19 | 19 | ||
20 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 20 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
21 | include allow-bin-sh.inc | 21 | include allow-bin-sh.inc |
@@ -33,9 +33,9 @@ include disable-shell.inc | |||
33 | include disable-xdg.inc | 33 | include disable-xdg.inc |
34 | 34 | ||
35 | mkdir ${HOME}/.w3m | 35 | mkdir ${HOME}/.w3m |
36 | allow /usr/share/w3m | 36 | whitelist /usr/share/w3m |
37 | allow ${DOWNLOADS} | 37 | whitelist ${DOWNLOADS} |
38 | allow ${HOME}/.w3m | 38 | whitelist ${HOME}/.w3m |
39 | include whitelist-runuser-common.inc | 39 | include whitelist-runuser-common.inc |
40 | include whitelist-usr-share-common.inc | 40 | include whitelist-usr-share-common.inc |
41 | include whitelist-var-common.inc | 41 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/warmux.profile b/etc/profile-m-z/warmux.profile index 6658ac5db..1227a202c 100644 --- a/etc/profile-m-z/warmux.profile +++ b/etc/profile-m-z/warmux.profile | |||
@@ -6,9 +6,9 @@ include warmux.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/wormux | 9 | noblacklist ${HOME}/.config/wormux |
10 | nodeny ${HOME}/.local/share/wormux | 10 | noblacklist ${HOME}/.local/share/wormux |
11 | nodeny ${HOME}/.wormux | 11 | noblacklist ${HOME}/.wormux |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,10 +22,10 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.config/wormux | 22 | mkdir ${HOME}/.config/wormux |
23 | mkdir ${HOME}/.local/share/wormux | 23 | mkdir ${HOME}/.local/share/wormux |
24 | mkdir ${HOME}/.wormux | 24 | mkdir ${HOME}/.wormux |
25 | allow ${HOME}/.config/wormux | 25 | whitelist ${HOME}/.config/wormux |
26 | allow ${HOME}/.local/share/wormux | 26 | whitelist ${HOME}/.local/share/wormux |
27 | allow ${HOME}/.wormux | 27 | whitelist ${HOME}/.wormux |
28 | allow /usr/share/warmux | 28 | whitelist /usr/share/warmux |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/warsow.profile b/etc/profile-m-z/warsow.profile index fac4d0555..e0cd3daad 100644 --- a/etc/profile-m-z/warsow.profile +++ b/etc/profile-m-z/warsow.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | nodeny ${HOME}/.cache/warsow-2.1 | 11 | noblacklist ${HOME}/.cache/warsow-2.1 |
12 | nodeny ${HOME}/.local/share/warsow-2.1 | 12 | noblacklist ${HOME}/.local/share/warsow-2.1 |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.cache/warsow-2.1 | 23 | mkdir ${HOME}/.cache/warsow-2.1 |
24 | mkdir ${HOME}/.local/share/warsow-2.1 | 24 | mkdir ${HOME}/.local/share/warsow-2.1 |
25 | allow ${HOME}/.cache/warsow-2.1 | 25 | whitelist ${HOME}/.cache/warsow-2.1 |
26 | allow ${HOME}/.local/share/warsow-2.1 | 26 | whitelist ${HOME}/.local/share/warsow-2.1 |
27 | allow /usr/share/warsow | 27 | whitelist /usr/share/warsow |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/warzone2100.profile b/etc/profile-m-z/warzone2100.profile index 081ae349b..420e8927e 100644 --- a/etc/profile-m-z/warzone2100.profile +++ b/etc/profile-m-z/warzone2100.profile | |||
@@ -6,7 +6,7 @@ include warzone2100.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.warzone2100-3.* | 9 | noblacklist ${HOME}/.warzone2100-3.* |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.warzone2100-3.1 | 19 | mkdir ${HOME}/.warzone2100-3.1 |
20 | mkdir ${HOME}/.warzone2100-3.2 | 20 | mkdir ${HOME}/.warzone2100-3.2 |
21 | allow ${HOME}/.warzone2100-3.1 | 21 | whitelist ${HOME}/.warzone2100-3.1 |
22 | allow ${HOME}/.warzone2100-3.2 | 22 | whitelist ${HOME}/.warzone2100-3.2 |
23 | allow /usr/share/games | 23 | whitelist /usr/share/games |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/waterfox.profile b/etc/profile-m-z/waterfox.profile index 4081b29b9..18f1ca79a 100644 --- a/etc/profile-m-z/waterfox.profile +++ b/etc/profile-m-z/waterfox.profile | |||
@@ -5,13 +5,13 @@ include waterfox.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.cache/waterfox | 8 | noblacklist ${HOME}/.cache/waterfox |
9 | nodeny ${HOME}/.waterfox | 9 | noblacklist ${HOME}/.waterfox |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/waterfox | 11 | mkdir ${HOME}/.cache/waterfox |
12 | mkdir ${HOME}/.waterfox | 12 | mkdir ${HOME}/.waterfox |
13 | allow ${HOME}/.cache/waterfox | 13 | whitelist ${HOME}/.cache/waterfox |
14 | allow ${HOME}/.waterfox | 14 | whitelist ${HOME}/.waterfox |
15 | 15 | ||
16 | # Add the next lines to your watefox.local if you want to use the migration wizard. | 16 | # Add the next lines to your watefox.local if you want to use the migration wizard. |
17 | #noblacklist ${HOME}/.mozilla | 17 | #noblacklist ${HOME}/.mozilla |
diff --git a/etc/profile-m-z/webstorm.profile b/etc/profile-m-z/webstorm.profile index 1f42dae2c..69e96d0cd 100644 --- a/etc/profile-m-z/webstorm.profile +++ b/etc/profile-m-z/webstorm.profile | |||
@@ -5,12 +5,12 @@ include webstorm.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.WebStorm* | 8 | noblacklist ${HOME}/.WebStorm* |
9 | nodeny ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
10 | nodeny ${HOME}/.local/share/JetBrains | 10 | noblacklist ${HOME}/.local/share/JetBrains |
11 | nodeny ${HOME}/.tooling | 11 | noblacklist ${HOME}/.tooling |
12 | # Allow KDE file manager to open with log directories (blacklisted by disable-programs.inc) | 12 | # Allow KDE file manager to open with log directories (blacklisted by disable-programs.inc) |
13 | nodeny ${HOME}/.config/dolphinrc | 13 | noblacklist ${HOME}/.config/dolphinrc |
14 | 14 | ||
15 | # Allows files commonly used by IDEs | 15 | # Allows files commonly used by IDEs |
16 | include allow-common-devel.inc | 16 | include allow-common-devel.inc |
@@ -18,8 +18,8 @@ include allow-common-devel.inc | |||
18 | # Allow ssh (blacklisted by disable-common.inc) | 18 | # Allow ssh (blacklisted by disable-common.inc) |
19 | include allow-ssh.inc | 19 | include allow-ssh.inc |
20 | 20 | ||
21 | nodeny ${PATH}/node | 21 | noblacklist ${PATH}/node |
22 | nodeny ${HOME}/.nvm | 22 | noblacklist ${HOME}/.nvm |
23 | 23 | ||
24 | include disable-common.inc | 24 | include disable-common.inc |
25 | include disable-devel.inc | 25 | include disable-devel.inc |
diff --git a/etc/profile-m-z/webui-aria2.profile b/etc/profile-m-z/webui-aria2.profile index d1bbcfb67..d5a998f35 100644 --- a/etc/profile-m-z/webui-aria2.profile +++ b/etc/profile-m-z/webui-aria2.profile | |||
@@ -6,7 +6,7 @@ include webui-aria2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PATH}/node | 9 | noblacklist ${PATH}/node |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/weechat.profile b/etc/profile-m-z/weechat.profile index 99941a590..76935212f 100644 --- a/etc/profile-m-z/weechat.profile +++ b/etc/profile-m-z/weechat.profile | |||
@@ -6,12 +6,12 @@ include weechat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.weechat | 9 | noblacklist ${HOME}/.weechat |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-programs.inc | 12 | include disable-programs.inc |
13 | 13 | ||
14 | allow /usr/share/weechat | 14 | whitelist /usr/share/weechat |
15 | include whitelist-usr-share-common.inc | 15 | include whitelist-usr-share-common.inc |
16 | include whitelist-var-common.inc | 16 | include whitelist-var-common.inc |
17 | 17 | ||
diff --git a/etc/profile-m-z/wesnoth.profile b/etc/profile-m-z/wesnoth.profile index 47b923e6a..199b3c6f0 100644 --- a/etc/profile-m-z/wesnoth.profile +++ b/etc/profile-m-z/wesnoth.profile | |||
@@ -6,9 +6,9 @@ include wesnoth.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/wesnoth | 9 | noblacklist ${HOME}/.cache/wesnoth |
10 | nodeny ${HOME}/.config/wesnoth | 10 | noblacklist ${HOME}/.config/wesnoth |
11 | nodeny ${HOME}/.local/share/wesnoth | 11 | noblacklist ${HOME}/.local/share/wesnoth |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | mkdir ${HOME}/.cache/wesnoth | 19 | mkdir ${HOME}/.cache/wesnoth |
20 | mkdir ${HOME}/.config/wesnoth | 20 | mkdir ${HOME}/.config/wesnoth |
21 | mkdir ${HOME}/.local/share/wesnoth | 21 | mkdir ${HOME}/.local/share/wesnoth |
22 | allow ${HOME}/.cache/wesnoth | 22 | whitelist ${HOME}/.cache/wesnoth |
23 | allow ${HOME}/.config/wesnoth | 23 | whitelist ${HOME}/.config/wesnoth |
24 | allow ${HOME}/.local/share/wesnoth | 24 | whitelist ${HOME}/.local/share/wesnoth |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index 3c4a4eb63..53c4711bd 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile | |||
@@ -7,12 +7,12 @@ include wget.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.netrc | 10 | noblacklist ${HOME}/.netrc |
11 | nodeny ${HOME}/.wget-hsts | 11 | noblacklist ${HOME}/.wget-hsts |
12 | nodeny ${HOME}/.wgetrc | 12 | noblacklist ${HOME}/.wgetrc |
13 | 13 | ||
14 | deny /tmp/.X11-unix | 14 | blacklist /tmp/.X11-unix |
15 | deny ${RUNUSER} | 15 | blacklist ${RUNUSER} |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-m-z/whalebird.profile b/etc/profile-m-z/whalebird.profile index fdbd406c2..22a84274d 100644 --- a/etc/profile-m-z/whalebird.profile +++ b/etc/profile-m-z/whalebird.profile | |||
@@ -13,10 +13,10 @@ ignore include whitelist-usr-share-common.inc | |||
13 | ignore dbus-user none | 13 | ignore dbus-user none |
14 | ignore dbus-system none | 14 | ignore dbus-system none |
15 | 15 | ||
16 | nodeny ${HOME}/.config/Whalebird | 16 | noblacklist ${HOME}/.config/Whalebird |
17 | 17 | ||
18 | mkdir ${HOME}/.config/Whalebird | 18 | mkdir ${HOME}/.config/Whalebird |
19 | allow ${HOME}/.config/Whalebird | 19 | whitelist ${HOME}/.config/Whalebird |
20 | 20 | ||
21 | no3d | 21 | no3d |
22 | 22 | ||
diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile index 35d7fe9cb..93871a5a4 100644 --- a/etc/profile-m-z/whois.profile +++ b/etc/profile-m-z/whois.profile | |||
@@ -7,8 +7,8 @@ include whois.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | deny /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | deny ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/widelands.profile b/etc/profile-m-z/widelands.profile index 8f5adb0fc..0dc26b11d 100644 --- a/etc/profile-m-z/widelands.profile +++ b/etc/profile-m-z/widelands.profile | |||
@@ -6,7 +6,7 @@ include widelands.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.widelands | 9 | noblacklist ${HOME}/.widelands |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.widelands | 20 | mkdir ${HOME}/.widelands |
21 | allow ${HOME}/.widelands | 21 | whitelist ${HOME}/.widelands |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/wine.profile b/etc/profile-m-z/wine.profile index 6bc68c829..0ea24aafd 100644 --- a/etc/profile-m-z/wine.profile +++ b/etc/profile-m-z/wine.profile | |||
@@ -6,13 +6,13 @@ include wine.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/winetricks | 9 | noblacklist ${HOME}/.cache/winetricks |
10 | nodeny ${HOME}/.Steam | 10 | noblacklist ${HOME}/.Steam |
11 | nodeny ${HOME}/.local/share/Steam | 11 | noblacklist ${HOME}/.local/share/Steam |
12 | nodeny ${HOME}/.local/share/steam | 12 | noblacklist ${HOME}/.local/share/steam |
13 | nodeny ${HOME}/.steam | 13 | noblacklist ${HOME}/.steam |
14 | nodeny ${HOME}/.wine | 14 | noblacklist ${HOME}/.wine |
15 | nodeny /tmp/.wine-* | 15 | noblacklist /tmp/.wine-* |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-m-z/wire-desktop.profile b/etc/profile-m-z/wire-desktop.profile index 5f40bbd48..151cd2adb 100644 --- a/etc/profile-m-z/wire-desktop.profile +++ b/etc/profile-m-z/wire-desktop.profile | |||
@@ -20,10 +20,10 @@ ignore private-cache | |||
20 | ignore dbus-user none | 20 | ignore dbus-user none |
21 | ignore dbus-system none | 21 | ignore dbus-system none |
22 | 22 | ||
23 | nodeny ${HOME}/.config/Wire | 23 | noblacklist ${HOME}/.config/Wire |
24 | 24 | ||
25 | mkdir ${HOME}/.config/Wire | 25 | mkdir ${HOME}/.config/Wire |
26 | allow ${HOME}/.config/Wire | 26 | whitelist ${HOME}/.config/Wire |
27 | 27 | ||
28 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop | 28 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop |
29 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl | 29 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl |
diff --git a/etc/profile-m-z/wireshark.profile b/etc/profile-m-z/wireshark.profile index f3f347283..1824026a8 100644 --- a/etc/profile-m-z/wireshark.profile +++ b/etc/profile-m-z/wireshark.profile | |||
@@ -6,9 +6,9 @@ include wireshark.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/wireshark | 9 | noblacklist ${HOME}/.config/wireshark |
10 | nodeny ${HOME}/.wireshark | 10 | noblacklist ${HOME}/.wireshark |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | 13 | # Allow lua (blacklisted by disable-interpreters.inc) |
14 | include allow-lua.inc | 14 | include allow-lua.inc |
@@ -21,7 +21,7 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | allow /usr/share/wireshark | 24 | whitelist /usr/share/wireshark |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-m-z/wordwarvi.profile b/etc/profile-m-z/wordwarvi.profile index 1f1541a20..9c724a5d2 100644 --- a/etc/profile-m-z/wordwarvi.profile +++ b/etc/profile-m-z/wordwarvi.profile | |||
@@ -6,7 +6,7 @@ include wordwarvi.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.wordwarvi | 9 | noblacklist ${HOME}/.wordwarvi |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.wordwarvi | 20 | mkdir ${HOME}/.wordwarvi |
21 | allow ${HOME}/.wordwarvi | 21 | whitelist ${HOME}/.wordwarvi |
22 | allow /usr/share/wordwarvi | 22 | whitelist /usr/share/wordwarvi |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/wps.profile b/etc/profile-m-z/wps.profile index 6d16dfb04..a44b6490e 100644 --- a/etc/profile-m-z/wps.profile +++ b/etc/profile-m-z/wps.profile | |||
@@ -6,9 +6,9 @@ include wps.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.kingsoft | 9 | noblacklist ${HOME}/.kingsoft |
10 | nodeny ${HOME}/.config/Kingsoft | 10 | noblacklist ${HOME}/.config/Kingsoft |
11 | nodeny ${HOME}/.local/share/Kingsoft | 11 | noblacklist ${HOME}/.local/share/Kingsoft |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/x2goclient.profile b/etc/profile-m-z/x2goclient.profile index 311746cd9..557f07cd9 100644 --- a/etc/profile-m-z/x2goclient.profile +++ b/etc/profile-m-z/x2goclient.profile | |||
@@ -6,8 +6,8 @@ include x2goclient.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.x2go | 9 | noblacklist ${HOME}/.x2go |
10 | nodeny ${HOME}/.x2goclient | 10 | noblacklist ${HOME}/.x2goclient |
11 | 11 | ||
12 | # Allow ssh (blacklisted by disable-common.inc) | 12 | # Allow ssh (blacklisted by disable-common.inc) |
13 | include allow-ssh.inc | 13 | include allow-ssh.inc |
diff --git a/etc/profile-m-z/xbill.profile b/etc/profile-m-z/xbill.profile index e545aa3a0..384f76acc 100644 --- a/etc/profile-m-z/xbill.profile +++ b/etc/profile-m-z/xbill.profile | |||
@@ -15,8 +15,8 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | allow /usr/share/xbill | 18 | whitelist /usr/share/xbill |
19 | allow /var/games/xbill/scores | 19 | whitelist /var/games/xbill/scores |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xchat.profile b/etc/profile-m-z/xchat.profile index 7d0adbcc2..a94444aab 100644 --- a/etc/profile-m-z/xchat.profile +++ b/etc/profile-m-z/xchat.profile | |||
@@ -6,7 +6,7 @@ include xchat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/xchat | 9 | noblacklist ${HOME}/.config/xchat |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xed.profile b/etc/profile-m-z/xed.profile index 5db709bd1..4a3022e83 100644 --- a/etc/profile-m-z/xed.profile +++ b/etc/profile-m-z/xed.profile | |||
@@ -5,10 +5,10 @@ include xed.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/xed | 8 | noblacklist ${HOME}/.config/xed |
9 | nodeny ${HOME}/.python-history | 9 | noblacklist ${HOME}/.python-history |
10 | nodeny ${HOME}/.python_history | 10 | noblacklist ${HOME}/.python_history |
11 | nodeny ${HOME}/.pythonhist | 11 | noblacklist ${HOME}/.pythonhist |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/xfburn.profile b/etc/profile-m-z/xfburn.profile index 297ff6164..cd9561e74 100644 --- a/etc/profile-m-z/xfburn.profile +++ b/etc/profile-m-z/xfburn.profile | |||
@@ -6,7 +6,7 @@ include xfburn.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/xfburn | 9 | noblacklist ${HOME}/.config/xfburn |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xfce4-dict.profile b/etc/profile-m-z/xfce4-dict.profile index 8ecd84116..ecd321c7e 100644 --- a/etc/profile-m-z/xfce4-dict.profile +++ b/etc/profile-m-z/xfce4-dict.profile | |||
@@ -6,7 +6,7 @@ include xfce4-dict.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/xfce4-dict | 9 | noblacklist ${HOME}/.config/xfce4-dict |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile index 8a6f9e921..bb38dbebd 100644 --- a/etc/profile-m-z/xfce4-mixer.profile +++ b/etc/profile-m-z/xfce4-mixer.profile | |||
@@ -6,7 +6,7 @@ include xfce4-mixer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 9 | noblacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,10 +18,10 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 20 | mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
21 | allow ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 21 | whitelist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
22 | allow /usr/share/gstreamer-* | 22 | whitelist /usr/share/gstreamer-* |
23 | allow /usr/share/xfce4 | 23 | whitelist /usr/share/xfce4 |
24 | allow /usr/share/xfce4-mixer | 24 | whitelist /usr/share/xfce4-mixer |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xfce4-notes.profile b/etc/profile-m-z/xfce4-notes.profile index fe88f9b27..ebfb4333c 100644 --- a/etc/profile-m-z/xfce4-notes.profile +++ b/etc/profile-m-z/xfce4-notes.profile | |||
@@ -6,9 +6,9 @@ include xfce4-notes.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/xfce4/xfce4-notes.gtkrc | 9 | noblacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc |
10 | nodeny ${HOME}/.config/xfce4/xfce4-notes.rc | 10 | noblacklist ${HOME}/.config/xfce4/xfce4-notes.rc |
11 | nodeny ${HOME}/.local/share/notes | 11 | noblacklist ${HOME}/.local/share/notes |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xfce4-screenshooter.profile b/etc/profile-m-z/xfce4-screenshooter.profile index baf222354..b1e5bafbf 100644 --- a/etc/profile-m-z/xfce4-screenshooter.profile +++ b/etc/profile-m-z/xfce4-screenshooter.profile | |||
@@ -6,7 +6,7 @@ include xfce4-screenshooter.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow /usr/share/xfce4 | 20 | whitelist /usr/share/xfce4 |
21 | include whitelist-runuser-common.inc | 21 | include whitelist-runuser-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xiphos.profile b/etc/profile-m-z/xiphos.profile index 5c11cbd66..81d98db7a 100644 --- a/etc/profile-m-z/xiphos.profile +++ b/etc/profile-m-z/xiphos.profile | |||
@@ -6,10 +6,10 @@ include xiphos.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.sword | 9 | noblacklist ${HOME}/.sword |
10 | nodeny ${HOME}/.xiphos | 10 | noblacklist ${HOME}/.xiphos |
11 | 11 | ||
12 | deny ${HOME}/.bashrc | 12 | blacklist ${HOME}/.bashrc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -21,8 +21,8 @@ include disable-shell.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.sword | 22 | mkdir ${HOME}/.sword |
23 | mkdir ${HOME}/.xiphos | 23 | mkdir ${HOME}/.xiphos |
24 | allow ${HOME}/.sword | 24 | whitelist ${HOME}/.sword |
25 | allow ${HOME}/.xiphos | 25 | whitelist ${HOME}/.xiphos |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/xlinks.profile b/etc/profile-m-z/xlinks.profile index da4801101..d5e25cfe7 100644 --- a/etc/profile-m-z/xlinks.profile +++ b/etc/profile-m-z/xlinks.profile | |||
@@ -7,7 +7,7 @@ include xlinks.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny /tmp/.X11-unix | 10 | noblacklist /tmp/.X11-unix |
11 | 11 | ||
12 | include whitelist-common.inc | 12 | include whitelist-common.inc |
13 | 13 | ||
diff --git a/etc/profile-m-z/xlinks2 b/etc/profile-m-z/xlinks2 index a7612cb2a..1ae6a60ca 100644 --- a/etc/profile-m-z/xlinks2 +++ b/etc/profile-m-z/xlinks2 | |||
@@ -7,7 +7,7 @@ include xlinks2.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny /tmp/.X11-unix | 10 | noblacklist /tmp/.X11-unix |
11 | 11 | ||
12 | include whitelist-common.inc | 12 | include whitelist-common.inc |
13 | 13 | ||
diff --git a/etc/profile-m-z/xmms.profile b/etc/profile-m-z/xmms.profile index 1ed35f29a..25261d925 100644 --- a/etc/profile-m-z/xmms.profile +++ b/etc/profile-m-z/xmms.profile | |||
@@ -5,8 +5,8 @@ include xmms.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.xmms | 8 | noblacklist ${HOME}/.xmms |
9 | nodeny ${MUSIC} | 9 | noblacklist ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xmr-stak.profile b/etc/profile-m-z/xmr-stak.profile index c97c12f56..e7020f36b 100644 --- a/etc/profile-m-z/xmr-stak.profile +++ b/etc/profile-m-z/xmr-stak.profile | |||
@@ -5,7 +5,7 @@ include xmr-stak.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.xmr-stak | 8 | noblacklist ${HOME}/.xmr-stak |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xonotic.profile b/etc/profile-m-z/xonotic.profile index 94a09198c..53c9a0a08 100644 --- a/etc/profile-m-z/xonotic.profile +++ b/etc/profile-m-z/xonotic.profile | |||
@@ -6,7 +6,7 @@ include xonotic.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.xonotic | 9 | noblacklist ${HOME}/.xonotic |
10 | 10 | ||
11 | include allow-bin-sh.inc | 11 | include allow-bin-sh.inc |
12 | include allow-opengl-game.inc | 12 | include allow-opengl-game.inc |
@@ -21,8 +21,8 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.xonotic | 23 | mkdir ${HOME}/.xonotic |
24 | allow ${HOME}/.xonotic | 24 | whitelist ${HOME}/.xonotic |
25 | allow /usr/share/xonotic | 25 | whitelist /usr/share/xonotic |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile index 34a188a4e..c4f092d50 100644 --- a/etc/profile-m-z/xournal.profile +++ b/etc/profile-m-z/xournal.profile | |||
@@ -6,7 +6,7 @@ include xournal.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | allow /usr/share/xournal | 20 | whitelist /usr/share/xournal |
21 | allow /usr/share/poppler | 21 | whitelist /usr/share/poppler |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/xournalpp.profile b/etc/profile-m-z/xournalpp.profile index f82d2a5d3..988b878b9 100644 --- a/etc/profile-m-z/xournalpp.profile +++ b/etc/profile-m-z/xournalpp.profile | |||
@@ -7,13 +7,13 @@ include xournalpp.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.xournalpp | 10 | noblacklist ${HOME}/.xournalpp |
11 | 11 | ||
12 | include allow-lua.inc | 12 | include allow-lua.inc |
13 | 13 | ||
14 | allow /usr/share/texlive | 14 | whitelist /usr/share/texlive |
15 | allow /usr/share/xournalpp | 15 | whitelist /usr/share/xournalpp |
16 | allow /var/lib/texmf | 16 | whitelist /var/lib/texmf |
17 | include whitelist-runuser-common.inc | 17 | include whitelist-runuser-common.inc |
18 | 18 | ||
19 | #mkdir ${HOME}/.xournalpp | 19 | #mkdir ${HOME}/.xournalpp |
diff --git a/etc/profile-m-z/xpdf.profile b/etc/profile-m-z/xpdf.profile index 9da63b52a..1447ec9a7 100644 --- a/etc/profile-m-z/xpdf.profile +++ b/etc/profile-m-z/xpdf.profile | |||
@@ -6,8 +6,8 @@ include xpdf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.xpdfrc | 9 | noblacklist ${HOME}/.xpdfrc |
10 | nodeny ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xplayer.profile b/etc/profile-m-z/xplayer.profile index 4af4586e3..c3bb3292c 100644 --- a/etc/profile-m-z/xplayer.profile +++ b/etc/profile-m-z/xplayer.profile | |||
@@ -5,8 +5,8 @@ include xplayer.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.config/xplayer | 8 | noblacklist ${HOME}/.config/xplayer |
9 | nodeny ${HOME}/.local/share/xplayer | 9 | noblacklist ${HOME}/.local/share/xplayer |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,8 +22,8 @@ include disable-programs.inc | |||
22 | read-only ${DESKTOP} | 22 | read-only ${DESKTOP} |
23 | mkdir ${HOME}/.config/xplayer | 23 | mkdir ${HOME}/.config/xplayer |
24 | mkdir ${HOME}/.local/share/xplayer | 24 | mkdir ${HOME}/.local/share/xplayer |
25 | allow ${HOME}/.config/xplayer | 25 | whitelist ${HOME}/.config/xplayer |
26 | allow ${HOME}/.local/share/xplayer | 26 | whitelist ${HOME}/.local/share/xplayer |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-player-common.inc | 28 | include whitelist-player-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xpra.profile b/etc/profile-m-z/xpra.profile index 28fbc94dd..6e409e1aa 100644 --- a/etc/profile-m-z/xpra.profile +++ b/etc/profile-m-z/xpra.profile | |||
@@ -25,7 +25,7 @@ include disable-interpreters.inc | |||
25 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
26 | include disable-programs.inc | 26 | include disable-programs.inc |
27 | 27 | ||
28 | allow /var/lib/xkb | 28 | whitelist /var/lib/xkb |
29 | # whitelisting home directory, or including whitelist-common.inc | 29 | # whitelisting home directory, or including whitelist-common.inc |
30 | # will crash xpra on some platforms | 30 | # will crash xpra on some platforms |
31 | 31 | ||
diff --git a/etc/profile-m-z/xreader.profile b/etc/profile-m-z/xreader.profile index 440f26af2..3ab35edfc 100644 --- a/etc/profile-m-z/xreader.profile +++ b/etc/profile-m-z/xreader.profile | |||
@@ -6,9 +6,9 @@ include xreader.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.cache/xreader | 9 | noblacklist ${HOME}/.cache/xreader |
10 | nodeny ${HOME}/.config/xreader | 10 | noblacklist ${HOME}/.config/xreader |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xviewer.profile b/etc/profile-m-z/xviewer.profile index 671e0cf5b..4d454f81c 100644 --- a/etc/profile-m-z/xviewer.profile +++ b/etc/profile-m-z/xviewer.profile | |||
@@ -5,10 +5,10 @@ include xviewer.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | nodeny ${HOME}/.Steam | 8 | noblacklist ${HOME}/.Steam |
9 | nodeny ${HOME}/.config/xviewer | 9 | noblacklist ${HOME}/.config/xviewer |
10 | nodeny ${HOME}/.local/share/Trash | 10 | noblacklist ${HOME}/.local/share/Trash |
11 | nodeny ${HOME}/.steam | 11 | noblacklist ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/yandex-browser.profile b/etc/profile-m-z/yandex-browser.profile index 27d0eb411..81cd021f7 100644 --- a/etc/profile-m-z/yandex-browser.profile +++ b/etc/profile-m-z/yandex-browser.profile | |||
@@ -10,19 +10,19 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/yandex-browser | 13 | noblacklist ${HOME}/.cache/yandex-browser |
14 | nodeny ${HOME}/.cache/yandex-browser-beta | 14 | noblacklist ${HOME}/.cache/yandex-browser-beta |
15 | nodeny ${HOME}/.config/yandex-browser | 15 | noblacklist ${HOME}/.config/yandex-browser |
16 | nodeny ${HOME}/.config/yandex-browser-beta | 16 | noblacklist ${HOME}/.config/yandex-browser-beta |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/yandex-browser | 18 | mkdir ${HOME}/.cache/yandex-browser |
19 | mkdir ${HOME}/.cache/yandex-browser-beta | 19 | mkdir ${HOME}/.cache/yandex-browser-beta |
20 | mkdir ${HOME}/.config/yandex-browser | 20 | mkdir ${HOME}/.config/yandex-browser |
21 | mkdir ${HOME}/.config/yandex-browser-beta | 21 | mkdir ${HOME}/.config/yandex-browser-beta |
22 | allow ${HOME}/.cache/yandex-browser | 22 | whitelist ${HOME}/.cache/yandex-browser |
23 | allow ${HOME}/.cache/yandex-browser-beta | 23 | whitelist ${HOME}/.cache/yandex-browser-beta |
24 | allow ${HOME}/.config/yandex-browser | 24 | whitelist ${HOME}/.config/yandex-browser |
25 | allow ${HOME}/.config/yandex-browser-beta | 25 | whitelist ${HOME}/.config/yandex-browser-beta |
26 | 26 | ||
27 | # Redirect | 27 | # Redirect |
28 | include chromium-common.profile | 28 | include chromium-common.profile |
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index b288993f2..dee154409 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile | |||
@@ -6,7 +6,7 @@ include yelp.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/yelp | 9 | noblacklist ${HOME}/.config/yelp |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,15 +18,15 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/yelp | 20 | mkdir ${HOME}/.config/yelp |
21 | allow ${HOME}/.config/yelp | 21 | whitelist ${HOME}/.config/yelp |
22 | allow /usr/libexec/webkit2gtk-4.0 | 22 | whitelist /usr/libexec/webkit2gtk-4.0 |
23 | allow /usr/share/doc | 23 | whitelist /usr/share/doc |
24 | allow /usr/share/groff | 24 | whitelist /usr/share/groff |
25 | allow /usr/share/help | 25 | whitelist /usr/share/help |
26 | allow /usr/share/man | 26 | whitelist /usr/share/man |
27 | allow /usr/share/yelp | 27 | whitelist /usr/share/yelp |
28 | allow /usr/share/yelp-tools | 28 | whitelist /usr/share/yelp-tools |
29 | allow /usr/share/yelp-xsl | 29 | whitelist /usr/share/yelp-xsl |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/youtube-dl-gui.profile b/etc/profile-m-z/youtube-dl-gui.profile index 26ea3acaa..b52271a2c 100644 --- a/etc/profile-m-z/youtube-dl-gui.profile +++ b/etc/profile-m-z/youtube-dl-gui.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | include allow-python2.inc | 8 | include allow-python2.inc |
9 | include allow-python3.inc | 9 | include allow-python3.inc |
10 | 10 | ||
11 | nodeny ${HOME}/.config/youtube-dlg | 11 | noblacklist ${HOME}/.config/youtube-dlg |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/youtube-dlg | 22 | mkdir ${HOME}/.config/youtube-dlg |
23 | allow ${HOME}/.config/youtube-dlg | 23 | whitelist ${HOME}/.config/youtube-dlg |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile index 37f87d0b5..24c4d6db3 100644 --- a/etc/profile-m-z/youtube-dl.profile +++ b/etc/profile-m-z/youtube-dl.profile | |||
@@ -10,18 +10,18 @@ include globals.local | |||
10 | # breaks when installed under ${HOME} via `pip install --user` (see #2833) | 10 | # breaks when installed under ${HOME} via `pip install --user` (see #2833) |
11 | ignore noexec ${HOME} | 11 | ignore noexec ${HOME} |
12 | 12 | ||
13 | nodeny ${HOME}/.cache/youtube-dl | 13 | noblacklist ${HOME}/.cache/youtube-dl |
14 | nodeny ${HOME}/.config/youtube-dl | 14 | noblacklist ${HOME}/.config/youtube-dl |
15 | nodeny ${HOME}/.netrc | 15 | noblacklist ${HOME}/.netrc |
16 | nodeny ${MUSIC} | 16 | noblacklist ${MUSIC} |
17 | nodeny ${VIDEOS} | 17 | noblacklist ${VIDEOS} |
18 | 18 | ||
19 | # Allow python (blacklisted by disable-interpreters.inc) | 19 | # Allow python (blacklisted by disable-interpreters.inc) |
20 | include allow-python2.inc | 20 | include allow-python2.inc |
21 | include allow-python3.inc | 21 | include allow-python3.inc |
22 | 22 | ||
23 | deny /tmp/.X11-unix | 23 | blacklist /tmp/.X11-unix |
24 | deny ${RUNUSER} | 24 | blacklist ${RUNUSER} |
25 | 25 | ||
26 | include disable-common.inc | 26 | include disable-common.inc |
27 | include disable-devel.inc | 27 | include disable-devel.inc |
diff --git a/etc/profile-m-z/youtube-viewer.profile b/etc/profile-m-z/youtube-viewer.profile index 84b8bbc6a..b54dd37ad 100644 --- a/etc/profile-m-z/youtube-viewer.profile +++ b/etc/profile-m-z/youtube-viewer.profile | |||
@@ -7,13 +7,13 @@ include youtube-viewer.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/youtube-viewer | 10 | noblacklist ${HOME}/.cache/youtube-viewer |
11 | nodeny ${HOME}/.config/youtube-viewer | 11 | noblacklist ${HOME}/.config/youtube-viewer |
12 | 12 | ||
13 | mkdir ${HOME}/.cache/youtube-viewer | 13 | mkdir ${HOME}/.cache/youtube-viewer |
14 | mkdir ${HOME}/.config/youtube-viewer | 14 | mkdir ${HOME}/.config/youtube-viewer |
15 | allow ${HOME}/.cache/youtube-viewer | 15 | whitelist ${HOME}/.cache/youtube-viewer |
16 | allow ${HOME}/.config/youtube-viewer | 16 | whitelist ${HOME}/.config/youtube-viewer |
17 | 17 | ||
18 | private-bin gtk-youtube-viewer,gtk2-youtube-viewer,gtk3-youtube-viewer,youtube-viewer | 18 | private-bin gtk-youtube-viewer,gtk2-youtube-viewer,gtk3-youtube-viewer,youtube-viewer |
19 | 19 | ||
diff --git a/etc/profile-m-z/youtube-viewers-common.profile b/etc/profile-m-z/youtube-viewers-common.profile index f531f815e..25a073d4a 100644 --- a/etc/profile-m-z/youtube-viewers-common.profile +++ b/etc/profile-m-z/youtube-viewers-common.profile | |||
@@ -7,7 +7,7 @@ include youtube-viewers-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | nodeny ${HOME}/.cache/youtube-dl | 10 | noblacklist ${HOME}/.cache/youtube-dl |
11 | 11 | ||
12 | # Allow lua (blacklisted by disable-interpreters.inc) | 12 | # Allow lua (blacklisted by disable-interpreters.inc) |
13 | include allow-lua.inc | 13 | include allow-lua.inc |
@@ -27,8 +27,8 @@ include disable-passwdmgr.inc | |||
27 | include disable-programs.inc | 27 | include disable-programs.inc |
28 | include disable-xdg.inc | 28 | include disable-xdg.inc |
29 | 29 | ||
30 | allow ${DOWNLOADS} | 30 | whitelist ${DOWNLOADS} |
31 | allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs | 31 | whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile index b015fb013..ad7ceaee4 100644 --- a/etc/profile-m-z/youtube.profile +++ b/etc/profile-m-z/youtube.profile | |||
@@ -9,12 +9,12 @@ include globals.local | |||
9 | # Disabled until someone reported positive feedback | 9 | # Disabled until someone reported positive feedback |
10 | ignore nou2f | 10 | ignore nou2f |
11 | 11 | ||
12 | nodeny ${HOME}/.config/Youtube | 12 | noblacklist ${HOME}/.config/Youtube |
13 | 13 | ||
14 | include disable-shell.inc | 14 | include disable-shell.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.config/Youtube | 16 | mkdir ${HOME}/.config/Youtube |
17 | allow ${HOME}/.config/Youtube | 17 | whitelist ${HOME}/.config/Youtube |
18 | 18 | ||
19 | private-bin youtube | 19 | private-bin youtube |
20 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 20 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile index d594a3d0f..74b0e38b9 100644 --- a/etc/profile-m-z/youtubemusic-nativefier.profile +++ b/etc/profile-m-z/youtubemusic-nativefier.profile | |||
@@ -6,12 +6,12 @@ include youtube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/youtubemusic-nativefier-040164 | 9 | noblacklist ${HOME}/.config/youtubemusic-nativefier-040164 |
10 | 10 | ||
11 | include disable-shell.inc | 11 | include disable-shell.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.config/youtubemusic-nativefier-040164 | 13 | mkdir ${HOME}/.config/youtubemusic-nativefier-040164 |
14 | allow ${HOME}/.config/youtubemusic-nativefier-040164 | 14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 |
15 | 15 | ||
16 | private-bin youtubemusic-nativefier | 16 | private-bin youtubemusic-nativefier |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile index 9987c953e..ab46fccc2 100644 --- a/etc/profile-m-z/ytmdesktop.profile +++ b/etc/profile-m-z/ytmdesktop.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | ignore dbus-user none | 9 | ignore dbus-user none |
10 | 10 | ||
11 | nodeny ${HOME}/.config/youtube-music-desktop-app | 11 | noblacklist ${HOME}/.config/youtube-music-desktop-app |
12 | 12 | ||
13 | mkdir ${HOME}/.config/youtube-music-desktop-app | 13 | mkdir ${HOME}/.config/youtube-music-desktop-app |
14 | allow ${HOME}/.config/youtube-music-desktop-app | 14 | whitelist ${HOME}/.config/youtube-music-desktop-app |
15 | 15 | ||
16 | # private-bin env,ytmdesktop | 16 | # private-bin env,ytmdesktop |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/zaproxy.profile b/etc/profile-m-z/zaproxy.profile index 2f18a8c45..5a168feb6 100644 --- a/etc/profile-m-z/zaproxy.profile +++ b/etc/profile-m-z/zaproxy.profile | |||
@@ -6,7 +6,7 @@ include zaproxy.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.ZAP | 9 | noblacklist ${HOME}/.ZAP |
10 | 10 | ||
11 | # Allow java (blacklisted by disable-devel.inc) | 11 | # Allow java (blacklisted by disable-devel.inc) |
12 | include allow-java.inc | 12 | include allow-java.inc |
@@ -20,8 +20,8 @@ include disable-programs.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.java | 21 | mkdir ${HOME}/.java |
22 | mkdir ${HOME}/.ZAP | 22 | mkdir ${HOME}/.ZAP |
23 | allow ${HOME}/.java | 23 | whitelist ${HOME}/.java |
24 | allow ${HOME}/.ZAP | 24 | whitelist ${HOME}/.ZAP |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-m-z/zart.profile b/etc/profile-m-z/zart.profile index 32ff4f8ed..10f83aa30 100644 --- a/etc/profile-m-z/zart.profile +++ b/etc/profile-m-z/zart.profile | |||
@@ -6,8 +6,8 @@ include zart.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${DOCUMENTS} | 9 | noblacklist ${DOCUMENTS} |
10 | nodeny ${PICTURES} | 10 | noblacklist ${PICTURES} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile index 4bc841f63..d0e68c980 100644 --- a/etc/profile-m-z/zathura.profile +++ b/etc/profile-m-z/zathura.profile | |||
@@ -6,9 +6,9 @@ include zathura.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/zathura | 9 | noblacklist ${HOME}/.config/zathura |
10 | nodeny ${HOME}/.local/share/zathura | 10 | noblacklist ${HOME}/.local/share/zathura |
11 | nodeny ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,8 +22,8 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.config/zathura | 23 | mkdir ${HOME}/.config/zathura |
24 | mkdir ${HOME}/.local/share/zathura | 24 | mkdir ${HOME}/.local/share/zathura |
25 | allow /usr/share/doc | 25 | whitelist /usr/share/doc |
26 | allow /usr/share/zathura | 26 | whitelist /usr/share/zathura |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/zcat.profile b/etc/profile-m-z/zcat.profile index 904ea9f05..5de13ab90 100644 --- a/etc/profile-m-z/zcat.profile +++ b/etc/profile-m-z/zcat.profile | |||
@@ -9,7 +9,7 @@ include zcat.local | |||
9 | 9 | ||
10 | # Allow running kernel config check | 10 | # Allow running kernel config check |
11 | ignore include disable-shell.inc | 11 | ignore include disable-shell.inc |
12 | nodeny /proc/config.gz | 12 | noblacklist /proc/config.gz |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include gzip.profile | 15 | include gzip.profile |
diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile index 458df2a46..2c6f6910f 100644 --- a/etc/profile-m-z/zeal.profile +++ b/etc/profile-m-z/zeal.profile | |||
@@ -6,9 +6,9 @@ include zeal.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | nodeny ${HOME}/.config/Zeal | 9 | noblacklist ${HOME}/.config/Zeal |
10 | nodeny ${HOME}/.cache/Zeal | 10 | noblacklist ${HOME}/.cache/Zeal |
11 | nodeny ${HOME}/.local/share/Zeal | 11 | noblacklist ${HOME}/.local/share/Zeal |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -23,9 +23,9 @@ mkdir ${HOME}/.cache/Zeal | |||
23 | mkdir ${HOME}/.config/qt5ct | 23 | mkdir ${HOME}/.config/qt5ct |
24 | mkdir ${HOME}/.config/Zeal | 24 | mkdir ${HOME}/.config/Zeal |
25 | mkdir ${HOME}/.local/share/Zeal | 25 | mkdir ${HOME}/.local/share/Zeal |
26 | allow ${HOME}/.cache/Zeal | 26 | whitelist ${HOME}/.cache/Zeal |
27 | allow ${HOME}/.config/Zeal | 27 | whitelist ${HOME}/.config/Zeal |
28 | allow ${HOME}/.local/share/Zeal | 28 | whitelist ${HOME}/.local/share/Zeal |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
31 | 31 | ||
diff --git a/etc/profile-m-z/zgrep.profile b/etc/profile-m-z/zgrep.profile index e2dfbd105..f63dc871f 100644 --- a/etc/profile-m-z/zgrep.profile +++ b/etc/profile-m-z/zgrep.profile | |||
@@ -9,7 +9,7 @@ include zgrep.local | |||
9 | 9 | ||
10 | # Allow running kernel config check | 10 | # Allow running kernel config check |
11 | ignore include disable-shell.inc | 11 | ignore include disable-shell.inc |
12 | nodeny /proc/config.gz | 12 | noblacklist /proc/config.gz |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include gzip.profile | 15 | include gzip.profile |
diff --git a/etc/profile-m-z/zoom.profile b/etc/profile-m-z/zoom.profile index 6b0417b56..ac615d861 100644 --- a/etc/profile-m-z/zoom.profile +++ b/etc/profile-m-z/zoom.profile | |||
@@ -16,17 +16,17 @@ ignore dbus-system none | |||
16 | # If you use such a system, add 'ignore nogroups' to your zoom.local. | 16 | # If you use such a system, add 'ignore nogroups' to your zoom.local. |
17 | #ignore nogroups | 17 | #ignore nogroups |
18 | 18 | ||
19 | nodeny ${HOME}/.config/zoomus.conf | 19 | noblacklist ${HOME}/.config/zoomus.conf |
20 | nodeny ${HOME}/.zoom | 20 | noblacklist ${HOME}/.zoom |
21 | 21 | ||
22 | noallow ${DOWNLOADS} | 22 | nowhitelist ${DOWNLOADS} |
23 | 23 | ||
24 | mkdir ${HOME}/.cache/zoom | 24 | mkdir ${HOME}/.cache/zoom |
25 | mkfile ${HOME}/.config/zoomus.conf | 25 | mkfile ${HOME}/.config/zoomus.conf |
26 | mkdir ${HOME}/.zoom | 26 | mkdir ${HOME}/.zoom |
27 | allow ${HOME}/.cache/zoom | 27 | whitelist ${HOME}/.cache/zoom |
28 | allow ${HOME}/.config/zoomus.conf | 28 | whitelist ${HOME}/.config/zoomus.conf |
29 | allow ${HOME}/.zoom | 29 | whitelist ${HOME}/.zoom |
30 | 30 | ||
31 | # Disable for now, see https://github.com/netblue30/firejail/issues/3726 | 31 | # Disable for now, see https://github.com/netblue30/firejail/issues/3726 |
32 | #private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 32 | #private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl |
diff --git a/etc/profile-m-z/zulip.profile b/etc/profile-m-z/zulip.profile index cdbbdccf1..093da5212 100644 --- a/etc/profile-m-z/zulip.profile +++ b/etc/profile-m-z/zulip.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec /tmp | 9 | ignore noexec /tmp |
10 | 10 | ||
11 | nodeny ${HOME}/.config/Zulip | 11 | noblacklist ${HOME}/.config/Zulip |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/Zulip | 22 | mkdir ${HOME}/.config/Zulip |
23 | allow ${HOME}/.config/Zulip | 23 | whitelist ${HOME}/.config/Zulip |
24 | allow ${DOWNLOADS} | 24 | whitelist ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||