profiles: move read-only config entries to dc

Command used to search for entries:

    $ git grep '^read-only ${HOME}/' -- 'etc/profile*'

Note for gpg: ~/.gnupg/gpg.conf is apparently only managed by gpgconf(1)
rather than through gpg(1) itself, in which case it does not need to be
made read-write in gpg.profile.

1 files changed, 10 insertions, 0 deletions

diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 18e94bb80..cf712a07e 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -69,6 +69,9 @@ blacklist ${HOME}/.xsessionrc
 blacklist /etc/X11/Xsession.d
 blacklist /etc/xdg/autostart
 read-only ${HOME}/.Xauthority
+read-only ${HOME}/.config/awesome/autorun.sh
+read-only ${HOME}/.config/openbox/autostart
+read-only ${HOME}/.config/openbox/environment
 
 # Session manager
 # see #3358
@@ -338,6 +341,7 @@ read-only ${HOME}/.elinks
 read-only ${HOME}/.emacs
 read-only ${HOME}/.emacs.d
 read-only ${HOME}/.exrc
+read-only ${HOME}/.gnupg/gpg.conf
 read-only ${HOME}/.gvimrc
 read-only ${HOME}/.homesick
 read-only ${HOME}/.iscreenrc
@@ -370,6 +374,7 @@ read-only ${HOME}/dotfiles
 
 # System package managers and AUR helpers
 blacklist ${HOME}/.config/cower
+read-only ${HOME}/.config/cower/config
 
 # Make directories commonly found in $PATH read-only
 read-only ${HOME}/.bin
@@ -396,6 +401,11 @@ read-only ${HOME}/.config/user-dirs.dirs
 read-only ${HOME}/.config/user-dirs.locale
 read-only ${HOME}/.local/share/mime
 
+# Configuration files that do not allow arbitrary command execution but that
+# are intended to be modified manually (in a text editor and/or by a program
+# dedicated to managing them)
+read-only ${HOME}/.config/MangoHud
+
 # Write-protection for thumbnailer dir
 read-only ${HOME}/.local/share/thumbnailers