Refactor archivers (#3820)

* Create archiver-common.inc

* add apparmor to archiver-common.inc

* refactor 7z.profile

* refactor ar.profile

* refactor atool.profile

* refactor bsdtar.profile

* refactor cpio.profile

* refactor gzip.profile

* refactor tar.profile

* refactor unrar.profile

* refactor unzip.profile

* refactor xzdec.profile

* refactor zstd.profile

* rewording

* blacklist ${RUNUSER} in archiver-common.inc

Thanks to @rusty-snake for suggesting this.

* drop non-sensical ${RUNUSER}/wayland-* blacklisting in archiver-common.inc

See discussion in https://github.com/netblue30/firejail/pull/3820#discussion_r543523343

1 files changed, 3 insertions, 36 deletions

diff --git a/etc/profile-a-l/bsdtar.profile b/etc/profile-a-l/bsdtar.profile
index 08e51f3c1..75e13e7e8 100644
--- a/etc/profile-a-l/bsdtar.profile
+++ b/etc/profile-a-l/bsdtar.profile
@@ -6,43 +6,10 @@ include bsdtar.local
 # Persistent global definitions
 include globals.local
 
-blacklist ${RUNUSER}/wayland-*
-
-include disable-common.inc
-# include disable-devel.inc
-include disable-exec.inc
-include disable-interpreters.inc
-include disable-passwdmgr.inc
-include disable-programs.inc
-
-apparmor
-caps.drop all
-hostname bsdtar
-ipc-namespace
-machine-id
-net none
-no3d
-nodvd
-nogroups
-nonewprivs
-# noroot
-nosound
-notv
-nou2f
-novideo
-protocol unix
-seccomp
-shell none
-tracelog
-x11 none
+ignore include disable-devel.inc
+ignore include disable-shell.inc
+include archiver-common.inc
 
 # support compressed archives
 private-bin bash,bsdcat,bsdcpio,bsdtar,bzip2,compress,gtar,gzip,lbzip2,libarchive,lz4,lzip,lzma,lzop,sh,xz
-private-cache
-private-dev
 private-etc alternatives,group,localtime,passwd
-
-dbus-user none
-dbus-system none
-
-memory-deny-write-execute