from my overrides

- add seccomp.block-secondary to a lot profiles - add wruc to firefox-common and ignore it in TB and firefox-common-addons - harden dia, gnome-keyring, libreoffice, megaglest, pngquant, ghostwriter, rhythmbox, sqlitebrowser
author: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-11-16 11:41:35 +0100
committer: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-11-16 11:41:35 +0100
commit: 096d0de5f8bb253d0c1035796464bc5982f06f81 (patch)
tree: d9634d1c26afca63ada52f66dd55eb09a46647dd /etc/profile-m-z
parent: Add XAUTHORITY file of sddm from openSUSE Tumblew… (diff)
download: firejail-096d0de5f8bb253d0c1035796464bc5982f06f81.tar.gz
firejail-096d0de5f8bb253d0c1035796464bc5982f06f81.tar.zst
firejail-096d0de5f8bb253d0c1035796464bc5982f06f81.zip
23 files changed, 31 insertions, 0 deletions
diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile
index 19f9edf05..37ac9e304 100644
--- a/etc/profile-m-z/megaglest.profile
+++ b/etc/profile-m-z/megaglest.profile
@@ -14,6 +14,7 @@ include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
+include disable-shell.inc
 include disable-xdg.inc
 mkdir ${HOME}/.megaglest
@@ -37,6 +38,7 @@ nou2f
 novideo
 protocol unix,inet,inet6,netlink
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile
index 385700648..6ceeb867f 100644
--- a/etc/profile-m-z/meld.profile
+++ b/etc/profile-m-z/meld.profile
@@ -62,6 +62,7 @@ nou2f
 novideo
 protocol unix,inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile
index 3468bc22d..c70090a25 100644
--- a/etc/profile-m-z/menulibre.profile
+++ b/etc/profile-m-z/menulibre.profile
@@ -44,6 +44,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile
index a22d2c2e3..5678a781c 100644
--- a/etc/profile-m-z/minetest.profile
+++ b/etc/profile-m-z/minetest.profile
@@ -47,6 +47,7 @@ nou2f
 novideo
 protocol unix,inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile
index 389b64535..ce3bfe421 100644
--- a/etc/profile-m-z/mpv.profile
+++ b/etc/profile-m-z/mpv.profile
@@ -67,6 +67,7 @@ noroot
 nou2f
 protocol unix,inet,inet6,netlink
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile
index 8663fb453..6cbaa66ad 100644
--- a/etc/profile-m-z/patch.profile
+++ b/etc/profile-m-z/patch.profile
@@ -37,6 +37,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
 x11 none
diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile
index eee42424f..2a7d0cec1 100644
--- a/etc/profile-m-z/pdftotext.profile
+++ b/etc/profile-m-z/pdftotext.profile
@@ -13,6 +13,7 @@ noblacklist ${DOCUMENTS}
 include disable-common.inc
 include disable-devel.inc
+include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
@@ -40,6 +41,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
 x11 none
diff --git a/etc/profile-m-z/peek.profile b/etc/profile-m-z/peek.profile
index 28a7da404..710a533a9 100644
--- a/etc/profile-m-z/peek.profile
+++ b/etc/profile-m-z/peek.profile
@@ -41,6 +41,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile
index 83905b108..3513e91cc 100644
--- a/etc/profile-m-z/pngquant.profile
+++ b/etc/profile-m-z/pngquant.profile
@@ -7,6 +7,8 @@ include pngquant.local
 # Persistent global definitions
 include globals.local
+noblacklist ${PICTURES}
 blacklist ${RUNUSER}/wayland-*
 include disable-common.inc
@@ -16,6 +18,7 @@ include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
 include disable-shell.inc
+include disable-xdg.inc
 include whitelist-runuser-common.inc
 include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile
index f906ec31d..e7f379509 100644
--- a/etc/profile-m-z/rhythmbox.profile
+++ b/etc/profile-m-z/rhythmbox.profile
@@ -45,10 +45,12 @@ nou2f
 novideo
 protocol unix,inet,inet6,netlink
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
 private-bin rhythmbox,rhythmbox-client
+private-cache
 private-dev
 private-tmp
diff --git a/etc/profile-m-z/shellcheck.profile b/etc/profile-m-z/shellcheck.profile
index 6cd70c2ea..c67a88161 100644
--- a/etc/profile-m-z/shellcheck.profile
+++ b/etc/profile-m-z/shellcheck.profile
@@ -40,6 +40,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
 x11 none
diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile
index cdb20b4e0..110434736 100644
--- a/etc/profile-m-z/sqlitebrowser.profile
+++ b/etc/profile-m-z/sqlitebrowser.profile
@@ -18,6 +18,7 @@ include disable-programs.inc
 include disable-shell.inc
 include disable-xdg.inc
+include whitelist-runuser-common.inc
 include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
@@ -35,6 +36,7 @@ nou2f
 novideo
 protocol unix,inet,inet6,netlink
 seccomp
+seccomp.block-secondary
 shell none
 private-bin sqlitebrowser
diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile
index 426b2dc1c..09ada1e25 100644
--- a/etc/profile-m-z/strings.profile
+++ b/etc/profile-m-z/strings.profile
@@ -38,6 +38,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
 x11 none
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile
index ceaae8fbf..9cc023765 100644
--- a/etc/profile-m-z/supertux2.profile
+++ b/etc/profile-m-z/supertux2.profile
@@ -36,6 +36,7 @@ nou2f
 novideo
 protocol unix,netlink
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile
index 40b996794..ff99c234e 100644
--- a/etc/profile-m-z/supertuxkart.profile
+++ b/etc/profile-m-z/supertuxkart.profile
@@ -43,6 +43,7 @@ nou2f
 novideo
 protocol unix,inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/thunderbird.profile b/etc/profile-m-z/thunderbird.profile
index e3eb73730..2e7b69cec 100644
--- a/etc/profile-m-z/thunderbird.profile
+++ b/etc/profile-m-z/thunderbird.profile
@@ -6,6 +6,8 @@ include thunderbird.local
 # Persistent global definitions
 include globals.local
+ignore whitelist-runuser-common.inc
 # writable-run-user and dbus are needed by enigmail
 ignore dbus-user none
 ignore dbus-system none
diff --git a/etc/profile-m-z/transmission-common.profile b/etc/profile-m-z/transmission-common.profile
index 9d2e8e990..d601f0f15 100644
--- a/etc/profile-m-z/transmission-common.profile
+++ b/etc/profile-m-z/transmission-common.profile
@@ -39,6 +39,7 @@ nou2f
 novideo
 protocol unix,inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/vivaldi.profile b/etc/profile-m-z/vivaldi.profile
index 541942453..cd06b7f4c 100644
--- a/etc/profile-m-z/vivaldi.profile
+++ b/etc/profile-m-z/vivaldi.profile
@@ -29,6 +29,8 @@ whitelist ${HOME}/.config/vivaldi
 whitelist ${HOME}/.config/vivaldi-snapshot
 whitelist ${HOME}/.local/lib/vivaldi
+#private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot
 # breaks vivaldi sync
 ignore dbus-user none
 ignore dbus-system none
diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile
index cdb8f0b93..8a64d2d73 100644
--- a/etc/profile-m-z/wget.profile
+++ b/etc/profile-m-z/wget.profile
@@ -44,6 +44,7 @@ nou2f
 novideo
 protocol unix,inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile
index 2af1379e0..a9cecb18d 100644
--- a/etc/profile-m-z/whois.profile
+++ b/etc/profile-m-z/whois.profile
@@ -39,6 +39,7 @@ nou2f
 novideo
 protocol inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile
index b842b5307..0c6969e09 100644
--- a/etc/profile-m-z/xournal.profile
+++ b/etc/profile-m-z/xournal.profile
@@ -36,6 +36,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile
index fd95ceb04..e198af8b2 100644
--- a/etc/profile-m-z/yelp.profile
+++ b/etc/profile-m-z/yelp.profile
@@ -41,6 +41,7 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile
index db3535f78..d9dee6891 100644
--- a/etc/profile-m-z/youtube-dl.profile
+++ b/etc/profile-m-z/youtube-dl.profile
@@ -52,6 +52,7 @@ nou2f
 novideo
 protocol unix,inet,inet6
 seccomp
+seccomp.block-secondary
 shell none
 tracelog
author	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-11-16 11:41:35 +0100
committer	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-11-16 11:41:35 +0100
commit	096d0de5f8bb253d0c1035796464bc5982f06f81 (patch)
tree	d9634d1c26afca63ada52f66dd55eb09a46647dd /etc/profile-m-z
parent	Add XAUTHORITY file of sddm from openSUSE Tumblew… (diff)
download	firejail-096d0de5f8bb253d0c1035796464bc5982f06f81.tar.gz firejail-096d0de5f8bb253d0c1035796464bc5982f06f81.tar.zst firejail-096d0de5f8bb253d0c1035796464bc5982f06f81.zip

diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile index 19f9edf05..37ac9e304 100644 --- a/etc/profile-m-z/megaglest.profile +++ b/etc/profile-m-z/megaglest.profile
@@ -14,6 +14,7 @@ include disable-exec.inc
14	include disable-interpreters.inc	14	include disable-interpreters.inc
15	include disable-passwdmgr.inc	15	include disable-passwdmgr.inc
16	include disable-programs.inc	16	include disable-programs.inc
		17	include disable-shell.inc
17	include disable-xdg.inc	18	include disable-xdg.inc
18		19
19	mkdir ${HOME}/.megaglest	20	mkdir ${HOME}/.megaglest
@@ -37,6 +38,7 @@ nou2f
37	novideo	38	novideo
38	protocol unix,inet,inet6,netlink	39	protocol unix,inet,inet6,netlink
39	seccomp	40	seccomp
		41	seccomp.block-secondary
40	shell none	42	shell none
41	tracelog	43	tracelog
42		44


diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile index 385700648..6ceeb867f 100644 --- a/etc/profile-m-z/meld.profile +++ b/etc/profile-m-z/meld.profile
@@ -62,6 +62,7 @@ nou2f
62	novideo	62	novideo
63	protocol unix,inet,inet6	63	protocol unix,inet,inet6
64	seccomp	64	seccomp
		65	seccomp.block-secondary
65	shell none	66	shell none
66	tracelog	67	tracelog
67		68


diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index 3468bc22d..c70090a25 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile
@@ -44,6 +44,7 @@ nou2f
44	novideo	44	novideo
45	protocol unix	45	protocol unix
46	seccomp	46	seccomp
		47	seccomp.block-secondary
47	shell none	48	shell none
48	tracelog	49	tracelog
49		50


diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index a22d2c2e3..5678a781c 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile
@@ -47,6 +47,7 @@ nou2f
47	novideo	47	novideo
48	protocol unix,inet,inet6	48	protocol unix,inet,inet6
49	seccomp	49	seccomp
		50	seccomp.block-secondary
50	shell none	51	shell none
51	tracelog	52	tracelog
52		53


diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index 389b64535..ce3bfe421 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile
@@ -67,6 +67,7 @@ noroot
67	nou2f	67	nou2f
68	protocol unix,inet,inet6,netlink	68	protocol unix,inet,inet6,netlink
69	seccomp	69	seccomp
		70	seccomp.block-secondary
70	shell none	71	shell none
71	tracelog	72	tracelog
72		73


diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile index 8663fb453..6cbaa66ad 100644 --- a/etc/profile-m-z/patch.profile +++ b/etc/profile-m-z/patch.profile
@@ -37,6 +37,7 @@ nou2f
37	novideo	37	novideo
38	protocol unix	38	protocol unix
39	seccomp	39	seccomp
		40	seccomp.block-secondary
40	shell none	41	shell none
41	tracelog	42	tracelog
42	x11 none	43	x11 none


diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile index eee42424f..2a7d0cec1 100644 --- a/etc/profile-m-z/pdftotext.profile +++ b/etc/profile-m-z/pdftotext.profile
@@ -13,6 +13,7 @@ noblacklist ${DOCUMENTS}
13		13
14	include disable-common.inc	14	include disable-common.inc
15	include disable-devel.inc	15	include disable-devel.inc
		16	include disable-exec.inc
16	include disable-interpreters.inc	17	include disable-interpreters.inc
17	include disable-passwdmgr.inc	18	include disable-passwdmgr.inc
18	include disable-programs.inc	19	include disable-programs.inc
@@ -40,6 +41,7 @@ nou2f
40	novideo	41	novideo
41	protocol unix	42	protocol unix
42	seccomp	43	seccomp
		44	seccomp.block-secondary
43	shell none	45	shell none
44	tracelog	46	tracelog
45	x11 none	47	x11 none


diff --git a/etc/profile-m-z/peek.profile b/etc/profile-m-z/peek.profile index 28a7da404..710a533a9 100644 --- a/etc/profile-m-z/peek.profile +++ b/etc/profile-m-z/peek.profile
@@ -41,6 +41,7 @@ nou2f
41	novideo	41	novideo
42	protocol unix	42	protocol unix
43	seccomp	43	seccomp
		44	seccomp.block-secondary
44	shell none	45	shell none
45	tracelog	46	tracelog
46		47


diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile index 83905b108..3513e91cc 100644 --- a/etc/profile-m-z/pngquant.profile +++ b/etc/profile-m-z/pngquant.profile
@@ -7,6 +7,8 @@ include pngquant.local
7	# Persistent global definitions	7	# Persistent global definitions
8	include globals.local	8	include globals.local
9		9
		10	noblacklist ${PICTURES}
		11
10	blacklist ${RUNUSER}/wayland-*	12	blacklist ${RUNUSER}/wayland-*
11		13
12	include disable-common.inc	14	include disable-common.inc
@@ -16,6 +18,7 @@ include disable-interpreters.inc
16	include disable-passwdmgr.inc	18	include disable-passwdmgr.inc
17	include disable-programs.inc	19	include disable-programs.inc
18	include disable-shell.inc	20	include disable-shell.inc
		21	include disable-xdg.inc
19		22
20	include whitelist-runuser-common.inc	23	include whitelist-runuser-common.inc
21	include whitelist-usr-share-common.inc	24	include whitelist-usr-share-common.inc


diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile index f906ec31d..e7f379509 100644 --- a/etc/profile-m-z/rhythmbox.profile +++ b/etc/profile-m-z/rhythmbox.profile
@@ -45,10 +45,12 @@ nou2f
45	novideo	45	novideo
46	protocol unix,inet,inet6,netlink	46	protocol unix,inet,inet6,netlink
47	seccomp	47	seccomp
		48	seccomp.block-secondary
48	shell none	49	shell none
49	tracelog	50	tracelog
50		51
51	private-bin rhythmbox,rhythmbox-client	52	private-bin rhythmbox,rhythmbox-client
		53	private-cache
52	private-dev	54	private-dev
53	private-tmp	55	private-tmp
54		56


diff --git a/etc/profile-m-z/shellcheck.profile b/etc/profile-m-z/shellcheck.profile index 6cd70c2ea..c67a88161 100644 --- a/etc/profile-m-z/shellcheck.profile +++ b/etc/profile-m-z/shellcheck.profile
@@ -40,6 +40,7 @@ nou2f
40	novideo	40	novideo
41	protocol unix	41	protocol unix
42	seccomp	42	seccomp
		43	seccomp.block-secondary
43	shell none	44	shell none
44	tracelog	45	tracelog
45	x11 none	46	x11 none


diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index cdb20b4e0..110434736 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile
@@ -18,6 +18,7 @@ include disable-programs.inc
18	include disable-shell.inc	18	include disable-shell.inc
19	include disable-xdg.inc	19	include disable-xdg.inc
20		20
		21	include whitelist-runuser-common.inc
21	include whitelist-usr-share-common.inc	22	include whitelist-usr-share-common.inc
22	include whitelist-var-common.inc	23	include whitelist-var-common.inc
23		24
@@ -35,6 +36,7 @@ nou2f
35	novideo	36	novideo
36	protocol unix,inet,inet6,netlink	37	protocol unix,inet,inet6,netlink
37	seccomp	38	seccomp
		39	seccomp.block-secondary
38	shell none	40	shell none
39		41
40	private-bin sqlitebrowser	42	private-bin sqlitebrowser


diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile index 426b2dc1c..09ada1e25 100644 --- a/etc/profile-m-z/strings.profile +++ b/etc/profile-m-z/strings.profile
@@ -38,6 +38,7 @@ nou2f
38	novideo	38	novideo
39	protocol unix	39	protocol unix
40	seccomp	40	seccomp
		41	seccomp.block-secondary
41	shell none	42	shell none
42	tracelog	43	tracelog
43	x11 none	44	x11 none


diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile index ceaae8fbf..9cc023765 100644 --- a/etc/profile-m-z/supertux2.profile +++ b/etc/profile-m-z/supertux2.profile
@@ -36,6 +36,7 @@ nou2f
36	novideo	36	novideo
37	protocol unix,netlink	37	protocol unix,netlink
38	seccomp	38	seccomp
		39	seccomp.block-secondary
39	shell none	40	shell none
40	tracelog	41	tracelog
41		42


diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index 40b996794..ff99c234e 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile
@@ -43,6 +43,7 @@ nou2f
43	novideo	43	novideo
44	protocol unix,inet,inet6	44	protocol unix,inet,inet6
45	seccomp	45	seccomp
		46	seccomp.block-secondary
46	shell none	47	shell none
47	tracelog	48	tracelog
48		49


diff --git a/etc/profile-m-z/thunderbird.profile b/etc/profile-m-z/thunderbird.profile index e3eb73730..2e7b69cec 100644 --- a/etc/profile-m-z/thunderbird.profile +++ b/etc/profile-m-z/thunderbird.profile
@@ -6,6 +6,8 @@ include thunderbird.local
6	# Persistent global definitions	6	# Persistent global definitions
7	include globals.local	7	include globals.local
8		8
		9	ignore whitelist-runuser-common.inc
		10
9	# writable-run-user and dbus are needed by enigmail	11	# writable-run-user and dbus are needed by enigmail
10	ignore dbus-user none	12	ignore dbus-user none
11	ignore dbus-system none	13	ignore dbus-system none


diff --git a/etc/profile-m-z/transmission-common.profile b/etc/profile-m-z/transmission-common.profile index 9d2e8e990..d601f0f15 100644 --- a/etc/profile-m-z/transmission-common.profile +++ b/etc/profile-m-z/transmission-common.profile
@@ -39,6 +39,7 @@ nou2f
39	novideo	39	novideo
40	protocol unix,inet,inet6	40	protocol unix,inet,inet6
41	seccomp	41	seccomp
		42	seccomp.block-secondary
42	shell none	43	shell none
43	tracelog	44	tracelog
44		45


diff --git a/etc/profile-m-z/vivaldi.profile b/etc/profile-m-z/vivaldi.profile index 541942453..cd06b7f4c 100644 --- a/etc/profile-m-z/vivaldi.profile +++ b/etc/profile-m-z/vivaldi.profile
@@ -29,6 +29,8 @@ whitelist ${HOME}/.config/vivaldi
29	whitelist ${HOME}/.config/vivaldi-snapshot	29	whitelist ${HOME}/.config/vivaldi-snapshot
30	whitelist ${HOME}/.local/lib/vivaldi	30	whitelist ${HOME}/.local/lib/vivaldi
31		31
		32	#private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot
		33
32	# breaks vivaldi sync	34	# breaks vivaldi sync
33	ignore dbus-user none	35	ignore dbus-user none
34	ignore dbus-system none	36	ignore dbus-system none


diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index cdb8f0b93..8a64d2d73 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile
@@ -44,6 +44,7 @@ nou2f
44	novideo	44	novideo
45	protocol unix,inet,inet6	45	protocol unix,inet,inet6
46	seccomp	46	seccomp
		47	seccomp.block-secondary
47	shell none	48	shell none
48	tracelog	49	tracelog
49		50


diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile index 2af1379e0..a9cecb18d 100644 --- a/etc/profile-m-z/whois.profile +++ b/etc/profile-m-z/whois.profile
@@ -39,6 +39,7 @@ nou2f
39	novideo	39	novideo
40	protocol inet,inet6	40	protocol inet,inet6
41	seccomp	41	seccomp
		42	seccomp.block-secondary
42	shell none	43	shell none
43	tracelog	44	tracelog
44		45


diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile index b842b5307..0c6969e09 100644 --- a/etc/profile-m-z/xournal.profile +++ b/etc/profile-m-z/xournal.profile
@@ -36,6 +36,7 @@ nou2f
36	novideo	36	novideo
37	protocol unix	37	protocol unix
38	seccomp	38	seccomp
		39	seccomp.block-secondary
39	shell none	40	shell none
40	tracelog	41	tracelog
41		42


diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index fd95ceb04..e198af8b2 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile
@@ -41,6 +41,7 @@ nou2f
41	novideo	41	novideo
42	protocol unix	42	protocol unix
43	seccomp	43	seccomp
		44	seccomp.block-secondary
44	shell none	45	shell none
45	tracelog	46	tracelog
46		47


diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile index db3535f78..d9dee6891 100644 --- a/etc/profile-m-z/youtube-dl.profile +++ b/etc/profile-m-z/youtube-dl.profile
@@ -52,6 +52,7 @@ nou2f
52	novideo	52	novideo
53	protocol unix,inet,inet6	53	protocol unix,inet,inet6
54	seccomp	54	seccomp
		55	seccomp.block-secondary
55	shell none	56	shell none
56	tracelog	57	tracelog
57		58