diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-11-17 11:42:37 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-17 11:42:37 +0000 |
commit | 164aebaa93d0b2ea4751394751133b69d1b2ba9d (patch) | |
tree | 3eb3f3f51087645beff06d145e96a997353bb4a5 /etc/profile-a-l | |
parent | document protocol=bluetooth (diff) | |
parent | from my overrides (diff) | |
download | firejail-164aebaa93d0b2ea4751394751133b69d1b2ba9d.tar.gz firejail-164aebaa93d0b2ea4751394751133b69d1b2ba9d.tar.zst firejail-164aebaa93d0b2ea4751394751133b69d1b2ba9d.zip |
Merge pull request #3757 from rusty-snake/overrides2upstream
from my overrides
Diffstat (limited to 'etc/profile-a-l')
35 files changed, 56 insertions, 5 deletions
diff --git a/etc/profile-a-l/0ad.profile b/etc/profile-a-l/0ad.profile index 6869ea631..c4e820078 100644 --- a/etc/profile-a-l/0ad.profile +++ b/etc/profile-a-l/0ad.profile | |||
@@ -16,6 +16,7 @@ include disable-exec.inc | |||
16 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-xdg.inc | ||
19 | 20 | ||
20 | mkdir ${HOME}/.cache/0ad | 21 | mkdir ${HOME}/.cache/0ad |
21 | mkdir ${HOME}/.config/0ad | 22 | mkdir ${HOME}/.config/0ad |
@@ -40,6 +41,7 @@ nou2f | |||
40 | novideo | 41 | novideo |
41 | protocol unix,inet,inet6 | 42 | protocol unix,inet,inet6 |
42 | seccomp | 43 | seccomp |
44 | seccomp.block-secondary | ||
43 | shell none | 45 | shell none |
44 | tracelog | 46 | tracelog |
45 | 47 | ||
diff --git a/etc/profile-a-l/baobab.profile b/etc/profile-a-l/baobab.profile index 3937e1966..4401c9dfd 100644 --- a/etc/profile-a-l/baobab.profile +++ b/etc/profile-a-l/baobab.profile | |||
@@ -30,6 +30,7 @@ nou2f | |||
30 | novideo | 30 | novideo |
31 | protocol unix | 31 | protocol unix |
32 | seccomp | 32 | seccomp |
33 | seccomp.block-secondary | ||
33 | shell none | 34 | shell none |
34 | tracelog | 35 | tracelog |
35 | 36 | ||
diff --git a/etc/profile-a-l/bijiben.profile b/etc/profile-a-l/bijiben.profile index c1c338536..dbde3e4de 100644 --- a/etc/profile-a-l/bijiben.profile +++ b/etc/profile-a-l/bijiben.profile | |||
@@ -41,6 +41,7 @@ nou2f | |||
41 | novideo | 41 | novideo |
42 | protocol unix | 42 | protocol unix |
43 | seccomp | 43 | seccomp |
44 | seccomp.block-secondary | ||
44 | shell none | 45 | shell none |
45 | tracelog | 46 | tracelog |
46 | 47 | ||
diff --git a/etc/profile-a-l/celluloid.profile b/etc/profile-a-l/celluloid.profile index 8bf086ab4..56709a466 100644 --- a/etc/profile-a-l/celluloid.profile +++ b/etc/profile-a-l/celluloid.profile | |||
@@ -46,6 +46,7 @@ noroot | |||
46 | nou2f | 46 | nou2f |
47 | protocol unix,inet,inet6 | 47 | protocol unix,inet,inet6 |
48 | seccomp | 48 | seccomp |
49 | seccomp.block-secondary | ||
49 | shell none | 50 | shell none |
50 | tracelog | 51 | tracelog |
51 | 52 | ||
diff --git a/etc/profile-a-l/dconf-editor.profile b/etc/profile-a-l/dconf-editor.profile index d6541850d..b41a73916 100644 --- a/etc/profile-a-l/dconf-editor.profile +++ b/etc/profile-a-l/dconf-editor.profile | |||
@@ -35,6 +35,7 @@ nou2f | |||
35 | novideo | 35 | novideo |
36 | protocol unix | 36 | protocol unix |
37 | seccomp | 37 | seccomp |
38 | seccomp.block-secondary | ||
38 | shell none | 39 | shell none |
39 | tracelog | 40 | tracelog |
40 | 41 | ||
diff --git a/etc/profile-a-l/dia.profile b/etc/profile-a-l/dia.profile index 52bf1c7f8..e409eb044 100644 --- a/etc/profile-a-l/dia.profile +++ b/etc/profile-a-l/dia.profile | |||
@@ -9,16 +9,24 @@ include globals.local | |||
9 | noblacklist ${HOME}/.dia | 9 | noblacklist ${HOME}/.dia |
10 | noblacklist ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | include allow-python2.inc | ||
13 | include allow-python3.inc | ||
14 | |||
12 | include disable-common.inc | 15 | include disable-common.inc |
13 | include disable-devel.inc | 16 | include disable-devel.inc |
14 | include disable-exec.inc | 17 | include disable-exec.inc |
15 | include allow-python2.inc | ||
16 | include allow-python3.inc | ||
17 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 20 | include disable-programs.inc |
20 | include disable-xdg.inc | 21 | include disable-xdg.inc |
21 | 22 | ||
23 | #mkdir ${HOME}/.dia | ||
24 | #whitelist ${HOME}/.dia | ||
25 | #whitelist ${DOCUMENTS} | ||
26 | #include whitelist-common.inc | ||
27 | whitelist /usr/share/dia | ||
28 | include whitelist-runuser-common.inc | ||
29 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
23 | 31 | ||
24 | apparmor | 32 | apparmor |
@@ -36,6 +44,7 @@ novideo | |||
36 | protocol unix | 44 | protocol unix |
37 | seccomp | 45 | seccomp |
38 | shell none | 46 | shell none |
47 | tracelog | ||
39 | 48 | ||
40 | disable-mnt | 49 | disable-mnt |
41 | #private-bin dia | 50 | #private-bin dia |
diff --git a/etc/profile-a-l/eo-common.profile b/etc/profile-a-l/eo-common.profile index e8b49a395..e059f3b74 100644 --- a/etc/profile-a-l/eo-common.profile +++ b/etc/profile-a-l/eo-common.profile | |||
@@ -27,6 +27,7 @@ apparmor | |||
27 | caps.drop all | 27 | caps.drop all |
28 | ipc-namespace | 28 | ipc-namespace |
29 | machine-id | 29 | machine-id |
30 | net none | ||
30 | no3d | 31 | no3d |
31 | nodvd | 32 | nodvd |
32 | nogroups | 33 | nogroups |
@@ -38,6 +39,7 @@ nou2f | |||
38 | novideo | 39 | novideo |
39 | protocol unix,netlink | 40 | protocol unix,netlink |
40 | seccomp | 41 | seccomp |
42 | seccomp.block-secondary | ||
41 | shell none | 43 | shell none |
42 | tracelog | 44 | tracelog |
43 | 45 | ||
diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index 77a48f0ba..c0c16e929 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile | |||
@@ -41,6 +41,7 @@ nou2f | |||
41 | novideo | 41 | novideo |
42 | protocol unix | 42 | protocol unix |
43 | seccomp | 43 | seccomp |
44 | seccomp.block-secondary | ||
44 | shell none | 45 | shell none |
45 | tracelog | 46 | tracelog |
46 | 47 | ||
diff --git a/etc/profile-a-l/ffmpeg.profile b/etc/profile-a-l/ffmpeg.profile index fb5c9ee57..c6e9ba095 100644 --- a/etc/profile-a-l/ffmpeg.profile +++ b/etc/profile-a-l/ffmpeg.profile | |||
@@ -41,6 +41,7 @@ novideo | |||
41 | protocol inet,inet6 | 41 | protocol inet,inet6 |
42 | # allow set_mempolicy, which is required to encode using libx265 | 42 | # allow set_mempolicy, which is required to encode using libx265 |
43 | seccomp !set_mempolicy | 43 | seccomp !set_mempolicy |
44 | seccomp.block-secondary | ||
44 | shell none | 45 | shell none |
45 | tracelog | 46 | tracelog |
46 | 47 | ||
diff --git a/etc/profile-a-l/file-roller.profile b/etc/profile-a-l/file-roller.profile index 745b8b8e9..2a1eb2001 100644 --- a/etc/profile-a-l/file-roller.profile +++ b/etc/profile-a-l/file-roller.profile | |||
@@ -34,6 +34,7 @@ nou2f | |||
34 | novideo | 34 | novideo |
35 | protocol unix | 35 | protocol unix |
36 | seccomp | 36 | seccomp |
37 | seccomp.block-secondary | ||
37 | shell none | 38 | shell none |
38 | tracelog | 39 | tracelog |
39 | 40 | ||
diff --git a/etc/profile-a-l/firefox-common.profile b/etc/profile-a-l/firefox-common.profile index 7c343c26d..fe0a27828 100644 --- a/etc/profile-a-l/firefox-common.profile +++ b/etc/profile-a-l/firefox-common.profile | |||
@@ -27,6 +27,7 @@ whitelist ${DOWNLOADS} | |||
27 | whitelist ${HOME}/.pki | 27 | whitelist ${HOME}/.pki |
28 | whitelist ${HOME}/.local/share/pki | 28 | whitelist ${HOME}/.local/share/pki |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | ||
30 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
31 | 32 | ||
32 | apparmor | 33 | apparmor |
diff --git a/etc/profile-a-l/flameshot.profile b/etc/profile-a-l/flameshot.profile index 357354e70..851a7c747 100644 --- a/etc/profile-a-l/flameshot.profile +++ b/etc/profile-a-l/flameshot.profile | |||
@@ -45,6 +45,7 @@ nou2f | |||
45 | novideo | 45 | novideo |
46 | protocol unix,inet,inet6 | 46 | protocol unix,inet,inet6 |
47 | seccomp | 47 | seccomp |
48 | seccomp.block-secondary | ||
48 | shell none | 49 | shell none |
49 | tracelog | 50 | tracelog |
50 | 51 | ||
diff --git a/etc/profile-a-l/frogatto.profile b/etc/profile-a-l/frogatto.profile index 653272499..23d259337 100644 --- a/etc/profile-a-l/frogatto.profile +++ b/etc/profile-a-l/frogatto.profile | |||
@@ -36,6 +36,7 @@ nou2f | |||
36 | novideo | 36 | novideo |
37 | protocol unix | 37 | protocol unix |
38 | seccomp | 38 | seccomp |
39 | seccomp.block-secondary | ||
39 | shell none | 40 | shell none |
40 | tracelog | 41 | tracelog |
41 | 42 | ||
diff --git a/etc/profile-a-l/gapplication.profile b/etc/profile-a-l/gapplication.profile index 74b468020..e339f6abb 100644 --- a/etc/profile-a-l/gapplication.profile +++ b/etc/profile-a-l/gapplication.profile | |||
@@ -38,6 +38,7 @@ nou2f | |||
38 | novideo | 38 | novideo |
39 | protocol unix | 39 | protocol unix |
40 | seccomp | 40 | seccomp |
41 | seccomp.block-secondary | ||
41 | shell none | 42 | shell none |
42 | tracelog | 43 | tracelog |
43 | x11 none | 44 | x11 none |
diff --git a/etc/profile-a-l/gedit.profile b/etc/profile-a-l/gedit.profile index 17b7ad563..30251fbe5 100644 --- a/etc/profile-a-l/gedit.profile +++ b/etc/profile-a-l/gedit.profile | |||
@@ -37,6 +37,7 @@ nou2f | |||
37 | novideo | 37 | novideo |
38 | protocol unix | 38 | protocol unix |
39 | seccomp | 39 | seccomp |
40 | seccomp.block-secondary | ||
40 | shell none | 41 | shell none |
41 | tracelog | 42 | tracelog |
42 | 43 | ||
diff --git a/etc/profile-a-l/gfeeds.profile b/etc/profile-a-l/gfeeds.profile index d97ab530b..b8d1b9608 100644 --- a/etc/profile-a-l/gfeeds.profile +++ b/etc/profile-a-l/gfeeds.profile | |||
@@ -49,6 +49,7 @@ nou2f | |||
49 | novideo | 49 | novideo |
50 | protocol unix,inet,inet6 | 50 | protocol unix,inet,inet6 |
51 | seccomp | 51 | seccomp |
52 | seccomp.block-secondary | ||
52 | shell none | 53 | shell none |
53 | tracelog | 54 | tracelog |
54 | 55 | ||
diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 5bb410278..c15174815 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile | |||
@@ -26,6 +26,7 @@ whitelist /usr/share/texlive | |||
26 | whitelist /usr/share/pandoc* | 26 | whitelist /usr/share/pandoc* |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | ||
29 | 30 | ||
30 | apparmor | 31 | apparmor |
31 | caps.drop all | 32 | caps.drop all |
@@ -41,6 +42,7 @@ nou2f | |||
41 | novideo | 42 | novideo |
42 | protocol unix,inet,inet6,netlink | 43 | protocol unix,inet,inet6,netlink |
43 | seccomp !chroot | 44 | seccomp !chroot |
45 | seccomp.block-secondary | ||
44 | shell none | 46 | shell none |
45 | #tracelog -- breaks | 47 | #tracelog -- breaks |
46 | 48 | ||
diff --git a/etc/profile-a-l/gitg.profile b/etc/profile-a-l/gitg.profile index 71b8e9b11..3d80c1ed2 100644 --- a/etc/profile-a-l/gitg.profile +++ b/etc/profile-a-l/gitg.profile | |||
@@ -45,6 +45,7 @@ nou2f | |||
45 | novideo | 45 | novideo |
46 | protocol unix,inet,inet6 | 46 | protocol unix,inet,inet6 |
47 | seccomp | 47 | seccomp |
48 | seccomp.block-secondary | ||
48 | shell none | 49 | shell none |
49 | tracelog | 50 | tracelog |
50 | 51 | ||
diff --git a/etc/profile-a-l/gnome-calculator.profile b/etc/profile-a-l/gnome-calculator.profile index ceb01f2a0..7780dfa65 100644 --- a/etc/profile-a-l/gnome-calculator.profile +++ b/etc/profile-a-l/gnome-calculator.profile | |||
@@ -38,6 +38,7 @@ nou2f | |||
38 | novideo | 38 | novideo |
39 | protocol unix,inet,inet6 | 39 | protocol unix,inet,inet6 |
40 | seccomp | 40 | seccomp |
41 | seccomp.block-secondary | ||
41 | shell none | 42 | shell none |
42 | tracelog | 43 | tracelog |
43 | 44 | ||
diff --git a/etc/profile-a-l/gnome-calendar.profile b/etc/profile-a-l/gnome-calendar.profile index 3e815234c..9927fb869 100644 --- a/etc/profile-a-l/gnome-calendar.profile +++ b/etc/profile-a-l/gnome-calendar.profile | |||
@@ -36,6 +36,7 @@ nou2f | |||
36 | novideo | 36 | novideo |
37 | protocol unix,inet,inet6 | 37 | protocol unix,inet,inet6 |
38 | seccomp | 38 | seccomp |
39 | seccomp.block-secondary | ||
39 | shell none | 40 | shell none |
40 | tracelog | 41 | tracelog |
41 | 42 | ||
diff --git a/etc/profile-a-l/gnome-characters.profile b/etc/profile-a-l/gnome-characters.profile index f4f3ae2d7..4d53a67dd 100644 --- a/etc/profile-a-l/gnome-characters.profile +++ b/etc/profile-a-l/gnome-characters.profile | |||
@@ -39,6 +39,7 @@ nou2f | |||
39 | novideo | 39 | novideo |
40 | protocol unix | 40 | protocol unix |
41 | seccomp | 41 | seccomp |
42 | seccomp.block-secondary | ||
42 | shell none | 43 | shell none |
43 | tracelog | 44 | tracelog |
44 | 45 | ||
diff --git a/etc/profile-a-l/gnome-contacts.profile b/etc/profile-a-l/gnome-contacts.profile index 7a38bdc8a..03b89e394 100644 --- a/etc/profile-a-l/gnome-contacts.profile +++ b/etc/profile-a-l/gnome-contacts.profile | |||
@@ -32,6 +32,7 @@ nou2f | |||
32 | novideo | 32 | novideo |
33 | protocol unix,inet,inet6,netlink | 33 | protocol unix,inet,inet6,netlink |
34 | seccomp | 34 | seccomp |
35 | seccomp.block-secondary | ||
35 | 36 | ||
36 | disable-mnt | 37 | disable-mnt |
37 | private-dev | 38 | private-dev |
diff --git a/etc/profile-a-l/gnome-hexgl.profile b/etc/profile-a-l/gnome-hexgl.profile index 5ae7bbe01..bb5ef0eab 100644 --- a/etc/profile-a-l/gnome-hexgl.profile +++ b/etc/profile-a-l/gnome-hexgl.profile | |||
@@ -33,6 +33,7 @@ nou2f | |||
33 | novideo | 33 | novideo |
34 | protocol unix | 34 | protocol unix |
35 | seccomp | 35 | seccomp |
36 | seccomp.block-secondary | ||
36 | shell none | 37 | shell none |
37 | tracelog | 38 | tracelog |
38 | 39 | ||
diff --git a/etc/profile-a-l/gnome-keyring.profile b/etc/profile-a-l/gnome-keyring.profile index ecbb74158..a0b9ef04e 100644 --- a/etc/profile-a-l/gnome-keyring.profile +++ b/etc/profile-a-l/gnome-keyring.profile | |||
@@ -9,8 +9,6 @@ include globals.local | |||
9 | 9 | ||
10 | noblacklist ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | 11 | ||
12 | whitelist ${HOME}/.gnupg | ||
13 | whitelist ${DOWNLOADS} | ||
14 | include disable-common.inc | 12 | include disable-common.inc |
15 | include disable-devel.inc | 13 | include disable-devel.inc |
16 | include disable-exec.inc | 14 | include disable-exec.inc |
@@ -19,9 +17,15 @@ include disable-interpreters.inc | |||
19 | include disable-programs.inc | 17 | include disable-programs.inc |
20 | include disable-xdg.inc | 18 | include disable-xdg.inc |
21 | 19 | ||
20 | mkdir ${HOME}/.gnupg | ||
21 | whitelist ${HOME}/.gnupg | ||
22 | whitelist ${DOWNLOADS} | ||
23 | whitelist ${RUNUSER}/gnupg | ||
24 | whitelist ${RUNUSER}/keyring | ||
22 | whitelist /usr/share/gnupg | 25 | whitelist /usr/share/gnupg |
23 | whitelist /usr/share/gnupg2 | 26 | whitelist /usr/share/gnupg2 |
24 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | ||
25 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
27 | 31 | ||
@@ -41,6 +45,7 @@ nou2f | |||
41 | novideo | 45 | novideo |
42 | protocol unix,inet,inet6 | 46 | protocol unix,inet,inet6 |
43 | seccomp | 47 | seccomp |
48 | seccomp.block-secondary | ||
44 | shell none | 49 | shell none |
45 | tracelog | 50 | tracelog |
46 | 51 | ||
@@ -52,6 +57,6 @@ private-dev | |||
52 | private-tmp | 57 | private-tmp |
53 | 58 | ||
54 | # dbus-user none | 59 | # dbus-user none |
55 | # dbus-system none | 60 | dbus-system none |
56 | 61 | ||
57 | memory-deny-write-execute | 62 | memory-deny-write-execute |
diff --git a/etc/profile-a-l/gnome-latex.profile b/etc/profile-a-l/gnome-latex.profile index 11d184bc6..87376da40 100644 --- a/etc/profile-a-l/gnome-latex.profile +++ b/etc/profile-a-l/gnome-latex.profile | |||
@@ -41,6 +41,7 @@ nou2f | |||
41 | novideo | 41 | novideo |
42 | protocol unix | 42 | protocol unix |
43 | seccomp | 43 | seccomp |
44 | seccomp.block-secondary | ||
44 | shell none | 45 | shell none |
45 | tracelog | 46 | tracelog |
46 | 47 | ||
diff --git a/etc/profile-a-l/gnome-maps.profile b/etc/profile-a-l/gnome-maps.profile index eb0030dda..23629df95 100644 --- a/etc/profile-a-l/gnome-maps.profile +++ b/etc/profile-a-l/gnome-maps.profile | |||
@@ -54,6 +54,7 @@ nou2f | |||
54 | novideo | 54 | novideo |
55 | protocol unix,inet,inet6 | 55 | protocol unix,inet,inet6 |
56 | seccomp | 56 | seccomp |
57 | seccomp.block-secondary | ||
57 | shell none | 58 | shell none |
58 | tracelog | 59 | tracelog |
59 | 60 | ||
diff --git a/etc/profile-a-l/gnome-passwordsafe.profile b/etc/profile-a-l/gnome-passwordsafe.profile index ed430b654..073de47b9 100644 --- a/etc/profile-a-l/gnome-passwordsafe.profile +++ b/etc/profile-a-l/gnome-passwordsafe.profile | |||
@@ -43,6 +43,7 @@ nou2f | |||
43 | novideo | 43 | novideo |
44 | protocol unix | 44 | protocol unix |
45 | seccomp | 45 | seccomp |
46 | seccomp.block-secondary | ||
46 | shell none | 47 | shell none |
47 | tracelog | 48 | tracelog |
48 | 49 | ||
diff --git a/etc/profile-a-l/gnome-photos.profile b/etc/profile-a-l/gnome-photos.profile index 2af406af9..65cc23b5f 100644 --- a/etc/profile-a-l/gnome-photos.profile +++ b/etc/profile-a-l/gnome-photos.profile | |||
@@ -33,6 +33,7 @@ nou2f | |||
33 | novideo | 33 | novideo |
34 | protocol unix | 34 | protocol unix |
35 | seccomp | 35 | seccomp |
36 | seccomp.block-secondary | ||
36 | shell none | 37 | shell none |
37 | tracelog | 38 | tracelog |
38 | 39 | ||
diff --git a/etc/profile-a-l/gnome-screenshot.profile b/etc/profile-a-l/gnome-screenshot.profile index 82fb1b658..2534eed5a 100644 --- a/etc/profile-a-l/gnome-screenshot.profile +++ b/etc/profile-a-l/gnome-screenshot.profile | |||
@@ -35,6 +35,7 @@ nou2f | |||
35 | novideo | 35 | novideo |
36 | protocol unix | 36 | protocol unix |
37 | seccomp | 37 | seccomp |
38 | seccomp.block-secondary | ||
38 | shell none | 39 | shell none |
39 | tracelog | 40 | tracelog |
40 | 41 | ||
diff --git a/etc/profile-a-l/gnome-sound-recorder.profile b/etc/profile-a-l/gnome-sound-recorder.profile index a64ec25a9..2e063ebfe 100644 --- a/etc/profile-a-l/gnome-sound-recorder.profile +++ b/etc/profile-a-l/gnome-sound-recorder.profile | |||
@@ -33,6 +33,7 @@ nou2f | |||
33 | novideo | 33 | novideo |
34 | protocol unix | 34 | protocol unix |
35 | seccomp | 35 | seccomp |
36 | seccomp.block-secondary | ||
36 | shell none | 37 | shell none |
37 | tracelog | 38 | tracelog |
38 | 39 | ||
diff --git a/etc/profile-a-l/gnome-weather.profile b/etc/profile-a-l/gnome-weather.profile index a181f1b9e..beed92a7d 100644 --- a/etc/profile-a-l/gnome-weather.profile +++ b/etc/profile-a-l/gnome-weather.profile | |||
@@ -37,6 +37,7 @@ nou2f | |||
37 | novideo | 37 | novideo |
38 | protocol unix,inet,inet6 | 38 | protocol unix,inet,inet6 |
39 | seccomp | 39 | seccomp |
40 | seccomp.block-secondary | ||
40 | shell none | 41 | shell none |
41 | tracelog | 42 | tracelog |
42 | 43 | ||
diff --git a/etc/profile-a-l/gnome_games-common.profile b/etc/profile-a-l/gnome_games-common.profile index c46fbc1d9..56ed7a436 100644 --- a/etc/profile-a-l/gnome_games-common.profile +++ b/etc/profile-a-l/gnome_games-common.profile | |||
@@ -34,6 +34,7 @@ nou2f | |||
34 | novideo | 34 | novideo |
35 | protocol unix | 35 | protocol unix |
36 | seccomp | 36 | seccomp |
37 | seccomp.block-secondary | ||
37 | shell none | 38 | shell none |
38 | tracelog | 39 | tracelog |
39 | 40 | ||
diff --git a/etc/profile-a-l/gucharmap.profile b/etc/profile-a-l/gucharmap.profile index c0254b5ec..3df42d209 100644 --- a/etc/profile-a-l/gucharmap.profile +++ b/etc/profile-a-l/gucharmap.profile | |||
@@ -35,6 +35,7 @@ nou2f | |||
35 | novideo | 35 | novideo |
36 | protocol unix | 36 | protocol unix |
37 | seccomp | 37 | seccomp |
38 | seccomp.block-secondary | ||
38 | shell none | 39 | shell none |
39 | tracelog | 40 | tracelog |
40 | 41 | ||
diff --git a/etc/profile-a-l/keepassxc.profile b/etc/profile-a-l/keepassxc.profile index 06447c3e6..58db056b2 100644 --- a/etc/profile-a-l/keepassxc.profile +++ b/etc/profile-a-l/keepassxc.profile | |||
@@ -55,6 +55,7 @@ nou2f | |||
55 | novideo | 55 | novideo |
56 | protocol unix,netlink | 56 | protocol unix,netlink |
57 | seccomp | 57 | seccomp |
58 | seccomp.block-secondary | ||
58 | shell none | 59 | shell none |
59 | tracelog | 60 | tracelog |
60 | 61 | ||
diff --git a/etc/profile-a-l/libreoffice.profile b/etc/profile-a-l/libreoffice.profile index f9c92f6f6..031f0e19f 100644 --- a/etc/profile-a-l/libreoffice.profile +++ b/etc/profile-a-l/libreoffice.profile | |||
@@ -43,6 +43,8 @@ shell none | |||
43 | # comment tracelog when using the ubuntu 18.04/debian 10 apparmor profile | 43 | # comment tracelog when using the ubuntu 18.04/debian 10 apparmor profile |
44 | tracelog | 44 | tracelog |
45 | 45 | ||
46 | #private-bin libreoffice,sh,uname,dirname,grep,sed,basename,ls | ||
47 | private-cache | ||
46 | private-dev | 48 | private-dev |
47 | private-tmp | 49 | private-tmp |
48 | 50 | ||