aboutsummaryrefslogtreecommitdiffstats
path: root/etc/profile-m-z
diff options
context:
space:
mode:
authorLibravatar Kelvin M. Klann <kmk3.code@protonmail.com>2021-07-18 20:39:14 -0300
committerLibravatar Kelvin M. Klann <kmk3.code@protonmail.com>2021-07-18 20:39:14 -0300
commitf43382f1e9707b4fd5e63c7bfe881912aa4ee994 (patch)
tree499639bb962c8b071b153dcdad1b42af8286521d /etc/profile-m-z
parentAdd MS Edge Beta profile (diff)
downloadfirejail-f43382f1e9707b4fd5e63c7bfe881912aa4ee994.tar.gz
firejail-f43382f1e9707b4fd5e63c7bfe881912aa4ee994.tar.zst
firejail-f43382f1e9707b4fd5e63c7bfe881912aa4ee994.zip
Revert "move whitelist/blacklist to allow/deny"
This reverts commit fe0f975f447d59977d90c3226cc8c623b31b20b3. Note: This only reverts the changes from etc. The 4 aliases introduced on commit 45f2ba544 are mere, well, aliases. That is, they fail to address the different usability problems discussed on [#3447][3447] and in fact only make things more confusing (as has already been mentioned on [this][4379] and later comments). The main reason is that the aliases do not meaningfully map to the original commands. For example, the commands from each pair below seem like they would do the exact same thing: * `allow` and `nodeny` * `deny` and `noallow` Additionally, if these aliases are not the final commands, but only a test/work-in-progress, then keeping the wide-scale search/replace changes made on commit fe0f975f4 would only serve to cause confusion, as users of firejail-git, contributors and downstream projects might start changing the commands used on their profiles, only to later have to change them again, potentially to completely different commands. The sooner this is undone the better, as (besides the above reasons) the more profile changes there are between the original commit and the revert, the harder it is to e.g.: `git diff` versions of files across the following revision ranges: before the commit, after the commit but before the revert and after the revert. Note: This is still the case even if a commit is [ignored by `git blame`][4390]. So let us revert fe0f975f4 and only reapply similar large-scale changes once we have discussed and settled on better commands. How the revert was applied: Despite using the auto-generated message from `git revert`, to ensure correctness and to avoid conflicts the changes were reverted in different steps: Firstly, revert the files which can be safely reverted directly ("filestorevert"): # Find out which files have been changed on fe0f975f44, but have not # been changed afterwards and list them on "filestorevert" git show --pretty='' --name-only fe0f975f44 -- etc | LC_ALL=C sort >allfiles git diff --name-only fe0f975f44..master -- etc | LC_ALL=C sort >filestoignore comm -2 -3 allfiles filestoignore >filestorevert # Note: There are 3 extra files on filestoignore because they were # added after commit fe0f975f44 wc -l allfiles filestoignore filestorevert | head -n 3 # 797 allfiles # 8 filestoignore # 792 filestorevert # Automatically revert files in "filestorevert" # See https://stackoverflow.com/a/23401018/10095231 tr '\n' '\000' <filestorevert | xargs -0 git show fe0f975f44 -- | git apply --reverse printf 'Total files reverted:\n' git diff --name-only | wc -l # 792 Secondly, do some search/replace on the rest: tr '\n' '\000' <filestoignore | xargs -0 sed -i.bak \ -e 's/allow /whitelist /' -e 's/noallow /nowhitelist /' \ -e 's/deny /blacklist /' -e 's/nodeny /noblacklist /' \ -e 's/deny-nolog /blacklist-nolog /' find etc -name '*.bak' -print0 | xargs -0 rm Thirdly, verify the result. The following command shows the difference between all the changes in etc from before fe0f975f44 and this commit (inclusive): git diff fe0f975f44~1 -- etc From the output, it looks like all alias changes are fully reverted and that the other changes to etc (from after fe0f975f44) remain, so the revert seems to be done correctly. [3447]: https://github.com/netblue30/firejail/issues/3447 [4379]: https://github.com/netblue30/firejail/issues/4379#issuecomment-876460222 [4390]: https://github.com/netblue30/firejail/issues/4390
Diffstat (limited to 'etc/profile-m-z')
-rw-r--r--etc/profile-m-z/Maelstrom.profile4
-rw-r--r--etc/profile-m-z/Mathematica.profile10
-rw-r--r--etc/profile-m-z/PCSX2.profile4
-rw-r--r--etc/profile-m-z/QMediathekView.profile26
-rw-r--r--etc/profile-m-z/QOwnNotes.profile16
-rw-r--r--etc/profile-m-z/Viber.profile8
-rw-r--r--etc/profile-m-z/XMind.profile6
-rw-r--r--etc/profile-m-z/Xephyr.profile2
-rw-r--r--etc/profile-m-z/Xvfb.profile2
-rw-r--r--etc/profile-m-z/ZeGrapher.profile4
-rw-r--r--etc/profile-m-z/macrofusion.profile4
-rw-r--r--etc/profile-m-z/magicor.profile6
-rw-r--r--etc/profile-m-z/makepkg.profile18
-rw-r--r--etc/profile-m-z/man.profile18
-rw-r--r--etc/profile-m-z/manaplus.profile8
-rw-r--r--etc/profile-m-z/marker.profile8
-rw-r--r--etc/profile-m-z/masterpdfeditor.profile4
-rw-r--r--etc/profile-m-z/mate-calc.profile8
-rw-r--r--etc/profile-m-z/mate-dictionary.profile4
-rw-r--r--etc/profile-m-z/matrix-mirage.profile12
-rw-r--r--etc/profile-m-z/mattermost-desktop.profile4
-rw-r--r--etc/profile-m-z/mcabber.profile4
-rw-r--r--etc/profile-m-z/mcomix.profile8
-rw-r--r--etc/profile-m-z/mdr.profile4
-rw-r--r--etc/profile-m-z/mediainfo.profile2
-rw-r--r--etc/profile-m-z/mediathekview.profile20
-rw-r--r--etc/profile-m-z/megaglest.profile8
-rw-r--r--etc/profile-m-z/meld.profile14
-rw-r--r--etc/profile-m-z/mendeleydesktop.profile14
-rw-r--r--etc/profile-m-z/menulibre.profile14
-rw-r--r--etc/profile-m-z/meteo-qt.profile8
-rw-r--r--etc/profile-m-z/microsoft-edge-beta.profile8
-rw-r--r--etc/profile-m-z/microsoft-edge-dev.profile8
-rw-r--r--etc/profile-m-z/midori.profile38
-rw-r--r--etc/profile-m-z/min.profile4
-rw-r--r--etc/profile-m-z/mindless.profile2
-rw-r--r--etc/profile-m-z/minecraft-launcher.profile4
-rw-r--r--etc/profile-m-z/minetest.profile12
-rw-r--r--etc/profile-m-z/minitube.profile18
-rw-r--r--etc/profile-m-z/mirage.profile16
-rw-r--r--etc/profile-m-z/mirrormagic.profile6
-rw-r--r--etc/profile-m-z/mocp.profile4
-rw-r--r--etc/profile-m-z/mousepad.profile2
-rw-r--r--etc/profile-m-z/mp3splt-gtk.profile2
-rw-r--r--etc/profile-m-z/mp3splt.profile4
-rw-r--r--etc/profile-m-z/mpDris2.profile8
-rw-r--r--etc/profile-m-z/mpd.profile8
-rw-r--r--etc/profile-m-z/mpg123.profile2
-rw-r--r--etc/profile-m-z/mplayer.profile4
-rw-r--r--etc/profile-m-z/mpsyt.profile28
-rw-r--r--etc/profile-m-z/mpv.profile20
-rw-r--r--etc/profile-m-z/mrrescue.profile8
-rw-r--r--etc/profile-m-z/ms-excel.profile2
-rw-r--r--etc/profile-m-z/ms-office.profile4
-rw-r--r--etc/profile-m-z/ms-onenote.profile2
-rw-r--r--etc/profile-m-z/ms-outlook.profile2
-rw-r--r--etc/profile-m-z/ms-powerpoint.profile2
-rw-r--r--etc/profile-m-z/ms-skype.profile2
-rw-r--r--etc/profile-m-z/ms-word.profile2
-rw-r--r--etc/profile-m-z/mtpaint.profile2
-rw-r--r--etc/profile-m-z/multimc5.profile12
-rw-r--r--etc/profile-m-z/mumble.profile12
-rw-r--r--etc/profile-m-z/mupdf-gl.profile2
-rw-r--r--etc/profile-m-z/mupdf.profile2
-rw-r--r--etc/profile-m-z/mupen64plus.profile8
-rw-r--r--etc/profile-m-z/musescore.profile12
-rw-r--r--etc/profile-m-z/musictube.profile14
-rw-r--r--etc/profile-m-z/musixmatch.profile2
-rw-r--r--etc/profile-m-z/mutt.profile120
-rw-r--r--etc/profile-m-z/mypaint.profile8
-rw-r--r--etc/profile-m-z/nano.profile8
-rw-r--r--etc/profile-m-z/natron.profile6
-rw-r--r--etc/profile-m-z/ncdu.profile2
-rw-r--r--etc/profile-m-z/neochat.profile18
-rw-r--r--etc/profile-m-z/neomutt.profile128
-rw-r--r--etc/profile-m-z/netactview.profile6
-rw-r--r--etc/profile-m-z/nethack-vultures.profile6
-rw-r--r--etc/profile-m-z/nethack.profile4
-rw-r--r--etc/profile-m-z/netsurf.profile10
-rw-r--r--etc/profile-m-z/neverball.profile6
-rw-r--r--etc/profile-m-z/newsbeuter.profile14
-rw-r--r--etc/profile-m-z/newsboat.profile24
-rw-r--r--etc/profile-m-z/newsflash.profile12
-rw-r--r--etc/profile-m-z/nextcloud.profile12
-rw-r--r--etc/profile-m-z/nheko.profile14
-rw-r--r--etc/profile-m-z/nicotine.profile8
-rw-r--r--etc/profile-m-z/nitroshare.profile4
-rw-r--r--etc/profile-m-z/nodejs-common.profile26
-rw-r--r--etc/profile-m-z/nomacs.profile8
-rw-r--r--etc/profile-m-z/notify-send.profile2
-rw-r--r--etc/profile-m-z/nslookup.profile8
-rw-r--r--etc/profile-m-z/nuclear.profile4
-rw-r--r--etc/profile-m-z/nylas.profile10
-rw-r--r--etc/profile-m-z/nyx.profile4
-rw-r--r--etc/profile-m-z/obs.profile8
-rw-r--r--etc/profile-m-z/ocenaudio.profile6
-rw-r--r--etc/profile-m-z/odt2txt.profile4
-rw-r--r--etc/profile-m-z/okular.profile42
-rw-r--r--etc/profile-m-z/onboard.profile6
-rw-r--r--etc/profile-m-z/onionshare-gui.profile2
-rw-r--r--etc/profile-m-z/open-invaders.profile4
-rw-r--r--etc/profile-m-z/openarena.profile6
-rw-r--r--etc/profile-m-z/openbox.profile2
-rw-r--r--etc/profile-m-z/opencity.profile4
-rw-r--r--etc/profile-m-z/openclonk.profile4
-rw-r--r--etc/profile-m-z/openmw.profile10
-rw-r--r--etc/profile-m-z/openshot.profile8
-rw-r--r--etc/profile-m-z/openttd.profile4
-rw-r--r--etc/profile-m-z/opera-beta.profile8
-rw-r--r--etc/profile-m-z/opera.profile12
-rw-r--r--etc/profile-m-z/orage.profile4
-rw-r--r--etc/profile-m-z/ostrichriders.profile6
-rw-r--r--etc/profile-m-z/otter-browser.profile20
-rw-r--r--etc/profile-m-z/palemoon.profile8
-rw-r--r--etc/profile-m-z/pandoc.profile4
-rw-r--r--etc/profile-m-z/parole.profile4
-rw-r--r--etc/profile-m-z/patch.profile4
-rw-r--r--etc/profile-m-z/pavucontrol-qt.profile4
-rw-r--r--etc/profile-m-z/pavucontrol.profile6
-rw-r--r--etc/profile-m-z/pcsxr.profile4
-rw-r--r--etc/profile-m-z/pdfchain.profile2
-rw-r--r--etc/profile-m-z/pdfmod.profile6
-rw-r--r--etc/profile-m-z/pdfsam.profile2
-rw-r--r--etc/profile-m-z/pdftotext.profile10
-rw-r--r--etc/profile-m-z/peek.profile6
-rw-r--r--etc/profile-m-z/penguin-command.profile4
-rw-r--r--etc/profile-m-z/photoflare.profile2
-rw-r--r--etc/profile-m-z/picard.profile6
-rw-r--r--etc/profile-m-z/pidgin.profile8
-rw-r--r--etc/profile-m-z/pinball.profile8
-rw-r--r--etc/profile-m-z/ping.profile4
-rw-r--r--etc/profile-m-z/pingus.profile8
-rw-r--r--etc/profile-m-z/pinta.profile6
-rw-r--r--etc/profile-m-z/pioneer.profile4
-rw-r--r--etc/profile-m-z/pipe-viewer.profile8
-rw-r--r--etc/profile-m-z/pitivi.profile2
-rw-r--r--etc/profile-m-z/pix.profile8
-rw-r--r--etc/profile-m-z/pkglog.profile6
-rw-r--r--etc/profile-m-z/playonlinux.profile4
-rw-r--r--etc/profile-m-z/pluma.profile4
-rw-r--r--etc/profile-m-z/plv.profile6
-rw-r--r--etc/profile-m-z/pngquant.profile4
-rw-r--r--etc/profile-m-z/polari.profile12
-rw-r--r--etc/profile-m-z/ppsspp.profile6
-rw-r--r--etc/profile-m-z/pragha.profile4
-rw-r--r--etc/profile-m-z/profanity.profile4
-rw-r--r--etc/profile-m-z/psi-plus.profile12
-rw-r--r--etc/profile-m-z/psi.profile24
-rw-r--r--etc/profile-m-z/pybitmessage.profile6
-rw-r--r--etc/profile-m-z/pycharm-community.profile2
-rw-r--r--etc/profile-m-z/pycharm-professional.profile2
-rw-r--r--etc/profile-m-z/qbittorrent.profile18
-rw-r--r--etc/profile-m-z/qcomicbook.profile10
-rw-r--r--etc/profile-m-z/qemu-launcher.profile2
-rw-r--r--etc/profile-m-z/qgis.profile16
-rw-r--r--etc/profile-m-z/qlipper.profile2
-rw-r--r--etc/profile-m-z/qmmp.profile4
-rw-r--r--etc/profile-m-z/qnapi.profile6
-rw-r--r--etc/profile-m-z/qpdfview.profile6
-rw-r--r--etc/profile-m-z/qrencode.profile2
-rw-r--r--etc/profile-m-z/qtox.profile8
-rw-r--r--etc/profile-m-z/quadrapassel.profile6
-rw-r--r--etc/profile-m-z/quaternion.profile12
-rw-r--r--etc/profile-m-z/quiterss.profile20
-rw-r--r--etc/profile-m-z/quodlibet.profile18
-rw-r--r--etc/profile-m-z/qupzilla.profile8
-rw-r--r--etc/profile-m-z/qutebrowser.profile14
-rw-r--r--etc/profile-m-z/rambox.profile14
-rw-r--r--etc/profile-m-z/redeclipse.profile6
-rw-r--r--etc/profile-m-z/redshift.profile8
-rw-r--r--etc/profile-m-z/regextester.profile2
-rw-r--r--etc/profile-m-z/remmina.profile6
-rw-r--r--etc/profile-m-z/rhythmbox.profile14
-rw-r--r--etc/profile-m-z/ricochet.profile6
-rw-r--r--etc/profile-m-z/riot-web.profile6
-rw-r--r--etc/profile-m-z/ripperx.profile4
-rw-r--r--etc/profile-m-z/ristretto.profile6
-rw-r--r--etc/profile-m-z/rocketchat.profile4
-rw-r--r--etc/profile-m-z/rsync-download_only.profile4
-rw-r--r--etc/profile-m-z/rtv-addons.profile18
-rw-r--r--etc/profile-m-z/rtv.profile12
-rw-r--r--etc/profile-m-z/sayonara.profile4
-rw-r--r--etc/profile-m-z/scallion.profile8
-rw-r--r--etc/profile-m-z/scorched3d.profile8
-rw-r--r--etc/profile-m-z/scorchwentbonkers.profile6
-rw-r--r--etc/profile-m-z/scribus.profile36
-rw-r--r--etc/profile-m-z/seahorse-adventures.profile4
-rw-r--r--etc/profile-m-z/seahorse.profile18
-rw-r--r--etc/profile-m-z/seamonkey.profile46
-rw-r--r--etc/profile-m-z/server.profile8
-rw-r--r--etc/profile-m-z/shellcheck.profile6
-rw-r--r--etc/profile-m-z/shortwave.profile10
-rw-r--r--etc/profile-m-z/shotcut.profile2
-rw-r--r--etc/profile-m-z/shotwell.profile12
-rw-r--r--etc/profile-m-z/signal-cli.profile8
-rw-r--r--etc/profile-m-z/signal-desktop.profile8
-rw-r--r--etc/profile-m-z/simple-scan.profile8
-rw-r--r--etc/profile-m-z/simplescreenrecorder.profile6
-rw-r--r--etc/profile-m-z/simutrans.profile4
-rw-r--r--etc/profile-m-z/skanlite.profile2
-rw-r--r--etc/profile-m-z/skypeforlinux.profile2
-rw-r--r--etc/profile-m-z/slack.profile4
-rw-r--r--etc/profile-m-z/slashem.profile4
-rw-r--r--etc/profile-m-z/smplayer.profile16
-rw-r--r--etc/profile-m-z/smtube.profile20
-rw-r--r--etc/profile-m-z/smuxi-frontend-gnome.profile14
-rw-r--r--etc/profile-m-z/snox.profile8
-rw-r--r--etc/profile-m-z/softmaker-common.profile6
-rw-r--r--etc/profile-m-z/sound-juicer.profile4
-rw-r--r--etc/profile-m-z/soundconverter.profile8
-rw-r--r--etc/profile-m-z/spectacle.profile12
-rw-r--r--etc/profile-m-z/spectral.profile10
-rw-r--r--etc/profile-m-z/spectre-meltdown-checker.profile6
-rw-r--r--etc/profile-m-z/spotify.profile14
-rw-r--r--etc/profile-m-z/sqlitebrowser.profile4
-rw-r--r--etc/profile-m-z/ssh-agent.profile4
-rw-r--r--etc/profile-m-z/ssh.profile8
-rw-r--r--etc/profile-m-z/standardnotes-desktop.profile8
-rw-r--r--etc/profile-m-z/start-tor-browser.desktop.profile126
-rw-r--r--etc/profile-m-z/steam.profile130
-rw-r--r--etc/profile-m-z/stellarium.profile8
-rw-r--r--etc/profile-m-z/straw-viewer.profile8
-rw-r--r--etc/profile-m-z/strawberry.profile8
-rw-r--r--etc/profile-m-z/strings.profile2
-rw-r--r--etc/profile-m-z/subdownloader.profile4
-rw-r--r--etc/profile-m-z/supertux2.profile8
-rw-r--r--etc/profile-m-z/supertuxkart.profile18
-rw-r--r--etc/profile-m-z/surf.profile6
-rw-r--r--etc/profile-m-z/swell-foop.profile6
-rw-r--r--etc/profile-m-z/sylpheed.profile6
-rw-r--r--etc/profile-m-z/synfigstudio.profile4
-rw-r--r--etc/profile-m-z/sysprof.profile16
-rw-r--r--etc/profile-m-z/tar.profile2
-rw-r--r--etc/profile-m-z/tb-starter-wrapper.profile4
-rw-r--r--etc/profile-m-z/tcpdump.profile6
-rw-r--r--etc/profile-m-z/teams-for-linux.profile4
-rw-r--r--etc/profile-m-z/teams.profile8
-rw-r--r--etc/profile-m-z/teamspeak3.profile8
-rw-r--r--etc/profile-m-z/teeworlds.profile4
-rw-r--r--etc/profile-m-z/telegram.profile10
-rw-r--r--etc/profile-m-z/terasology.profile6
-rw-r--r--etc/profile-m-z/thunderbird.profile24
-rw-r--r--etc/profile-m-z/tilp.profile2
-rw-r--r--etc/profile-m-z/tin.profile10
-rw-r--r--etc/profile-m-z/tmux.profile6
-rw-r--r--etc/profile-m-z/tor-browser-ar.profile4
-rw-r--r--etc/profile-m-z/tor-browser-ca.profile4
-rw-r--r--etc/profile-m-z/tor-browser-cs.profile4
-rw-r--r--etc/profile-m-z/tor-browser-da.profile4
-rw-r--r--etc/profile-m-z/tor-browser-de.profile4
-rw-r--r--etc/profile-m-z/tor-browser-el.profile4
-rw-r--r--etc/profile-m-z/tor-browser-en-us.profile4
-rw-r--r--etc/profile-m-z/tor-browser-en.profile4
-rw-r--r--etc/profile-m-z/tor-browser-es-es.profile4
-rw-r--r--etc/profile-m-z/tor-browser-es.profile4
-rw-r--r--etc/profile-m-z/tor-browser-fa.profile4
-rw-r--r--etc/profile-m-z/tor-browser-fr.profile4
-rw-r--r--etc/profile-m-z/tor-browser-ga-ie.profile4
-rw-r--r--etc/profile-m-z/tor-browser-he.profile4
-rw-r--r--etc/profile-m-z/tor-browser-hu.profile4
-rw-r--r--etc/profile-m-z/tor-browser-id.profile4
-rw-r--r--etc/profile-m-z/tor-browser-is.profile4
-rw-r--r--etc/profile-m-z/tor-browser-it.profile4
-rw-r--r--etc/profile-m-z/tor-browser-ja.profile4
-rw-r--r--etc/profile-m-z/tor-browser-ka.profile4
-rw-r--r--etc/profile-m-z/tor-browser-ko.profile4
-rw-r--r--etc/profile-m-z/tor-browser-nb.profile4
-rw-r--r--etc/profile-m-z/tor-browser-nl.profile4
-rw-r--r--etc/profile-m-z/tor-browser-pl.profile4
-rw-r--r--etc/profile-m-z/tor-browser-pt-br.profile4
-rw-r--r--etc/profile-m-z/tor-browser-ru.profile4
-rw-r--r--etc/profile-m-z/tor-browser-sv-se.profile4
-rw-r--r--etc/profile-m-z/tor-browser-tr.profile4
-rw-r--r--etc/profile-m-z/tor-browser-vi.profile4
-rw-r--r--etc/profile-m-z/tor-browser-zh-cn.profile4
-rw-r--r--etc/profile-m-z/tor-browser-zh-tw.profile4
-rw-r--r--etc/profile-m-z/tor-browser.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ar.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ca.profile4
-rw-r--r--etc/profile-m-z/tor-browser_cs.profile4
-rw-r--r--etc/profile-m-z/tor-browser_da.profile4
-rw-r--r--etc/profile-m-z/tor-browser_de.profile4
-rw-r--r--etc/profile-m-z/tor-browser_el.profile4
-rw-r--r--etc/profile-m-z/tor-browser_en-US.profile4
-rw-r--r--etc/profile-m-z/tor-browser_en.profile4
-rw-r--r--etc/profile-m-z/tor-browser_es-ES.profile4
-rw-r--r--etc/profile-m-z/tor-browser_es.profile4
-rw-r--r--etc/profile-m-z/tor-browser_fa.profile4
-rw-r--r--etc/profile-m-z/tor-browser_fr.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ga-IE.profile4
-rw-r--r--etc/profile-m-z/tor-browser_he.profile4
-rw-r--r--etc/profile-m-z/tor-browser_hu.profile4
-rw-r--r--etc/profile-m-z/tor-browser_id.profile4
-rw-r--r--etc/profile-m-z/tor-browser_is.profile4
-rw-r--r--etc/profile-m-z/tor-browser_it.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ja.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ka.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ko.profile4
-rw-r--r--etc/profile-m-z/tor-browser_nb.profile4
-rw-r--r--etc/profile-m-z/tor-browser_nl.profile4
-rw-r--r--etc/profile-m-z/tor-browser_pl.profile4
-rw-r--r--etc/profile-m-z/tor-browser_pt-BR.profile4
-rw-r--r--etc/profile-m-z/tor-browser_ru.profile4
-rw-r--r--etc/profile-m-z/tor-browser_sv-SE.profile4
-rw-r--r--etc/profile-m-z/tor-browser_tr.profile4
-rw-r--r--etc/profile-m-z/tor-browser_vi.profile4
-rw-r--r--etc/profile-m-z/tor-browser_zh-CN.profile4
-rw-r--r--etc/profile-m-z/tor-browser_zh-TW.profile4
-rw-r--r--etc/profile-m-z/torbrowser-launcher.profile16
-rw-r--r--etc/profile-m-z/torcs.profile8
-rw-r--r--etc/profile-m-z/totem.profile10
-rw-r--r--etc/profile-m-z/tracker.profile4
-rw-r--r--etc/profile-m-z/transgui.profile6
-rw-r--r--etc/profile-m-z/transmission-common.profile10
-rw-r--r--etc/profile-m-z/transmission-daemon.profile4
-rw-r--r--etc/profile-m-z/transmission-remote-gtk.profile4
-rw-r--r--etc/profile-m-z/tremulous.profile6
-rw-r--r--etc/profile-m-z/trojita.profile16
-rw-r--r--etc/profile-m-z/truecraft.profile8
-rw-r--r--etc/profile-m-z/ts3client_runscript.sh.profile8
-rw-r--r--etc/profile-m-z/tutanota-desktop.profile12
-rw-r--r--etc/profile-m-z/tuxguitar.profile6
-rw-r--r--etc/profile-m-z/tvbrowser.profile10
-rw-r--r--etc/profile-m-z/twitch.profile4
-rw-r--r--etc/profile-m-z/uefitool.profile2
-rw-r--r--etc/profile-m-z/uget-gtk.profile6
-rw-r--r--etc/profile-m-z/unbound.profile12
-rw-r--r--etc/profile-m-z/unf.profile4
-rw-r--r--etc/profile-m-z/unknown-horizons.profile6
-rw-r--r--etc/profile-m-z/unzip.profile2
-rw-r--r--etc/profile-m-z/utox.profile8
-rw-r--r--etc/profile-m-z/uudeview.profile2
-rw-r--r--etc/profile-m-z/uzbl-browser.profile16
-rw-r--r--etc/profile-m-z/viewnior.profile8
-rw-r--r--etc/profile-m-z/viking.profile6
-rw-r--r--etc/profile-m-z/vim.profile6
-rw-r--r--etc/profile-m-z/virtualbox.profile18
-rw-r--r--etc/profile-m-z/vivaldi.profile24
-rw-r--r--etc/profile-m-z/vlc.profile16
-rw-r--r--etc/profile-m-z/vmware-view.profile8
-rw-r--r--etc/profile-m-z/vmware.profile8
-rw-r--r--etc/profile-m-z/vscodium.profile2
-rw-r--r--etc/profile-m-z/vulturesclaw.profile4
-rw-r--r--etc/profile-m-z/vultureseye.profile4
-rw-r--r--etc/profile-m-z/vym.profile2
-rw-r--r--etc/profile-m-z/w3m.profile12
-rw-r--r--etc/profile-m-z/warmux.profile14
-rw-r--r--etc/profile-m-z/warsow.profile10
-rw-r--r--etc/profile-m-z/warzone2100.profile8
-rw-r--r--etc/profile-m-z/waterfox.profile8
-rw-r--r--etc/profile-m-z/webstorm.profile14
-rw-r--r--etc/profile-m-z/webui-aria2.profile2
-rw-r--r--etc/profile-m-z/weechat.profile4
-rw-r--r--etc/profile-m-z/wesnoth.profile12
-rw-r--r--etc/profile-m-z/wget.profile10
-rw-r--r--etc/profile-m-z/whalebird.profile4
-rw-r--r--etc/profile-m-z/whois.profile4
-rw-r--r--etc/profile-m-z/widelands.profile4
-rw-r--r--etc/profile-m-z/wine.profile14
-rw-r--r--etc/profile-m-z/wire-desktop.profile4
-rw-r--r--etc/profile-m-z/wireshark.profile8
-rw-r--r--etc/profile-m-z/wordwarvi.profile6
-rw-r--r--etc/profile-m-z/wps.profile6
-rw-r--r--etc/profile-m-z/x2goclient.profile4
-rw-r--r--etc/profile-m-z/xbill.profile4
-rw-r--r--etc/profile-m-z/xchat.profile2
-rw-r--r--etc/profile-m-z/xed.profile8
-rw-r--r--etc/profile-m-z/xfburn.profile2
-rw-r--r--etc/profile-m-z/xfce4-dict.profile2
-rw-r--r--etc/profile-m-z/xfce4-mixer.profile10
-rw-r--r--etc/profile-m-z/xfce4-notes.profile6
-rw-r--r--etc/profile-m-z/xfce4-screenshooter.profile4
-rw-r--r--etc/profile-m-z/xiphos.profile10
-rw-r--r--etc/profile-m-z/xlinks.profile2
-rw-r--r--etc/profile-m-z/xlinks22
-rw-r--r--etc/profile-m-z/xmms.profile4
-rw-r--r--etc/profile-m-z/xmr-stak.profile2
-rw-r--r--etc/profile-m-z/xonotic.profile6
-rw-r--r--etc/profile-m-z/xournal.profile6
-rw-r--r--etc/profile-m-z/xournalpp.profile8
-rw-r--r--etc/profile-m-z/xpdf.profile4
-rw-r--r--etc/profile-m-z/xplayer.profile8
-rw-r--r--etc/profile-m-z/xpra.profile2
-rw-r--r--etc/profile-m-z/xreader.profile6
-rw-r--r--etc/profile-m-z/xviewer.profile8
-rw-r--r--etc/profile-m-z/yandex-browser.profile16
-rw-r--r--etc/profile-m-z/yelp.profile20
-rw-r--r--etc/profile-m-z/youtube-dl-gui.profile6
-rw-r--r--etc/profile-m-z/youtube-dl.profile14
-rw-r--r--etc/profile-m-z/youtube-viewer.profile8
-rw-r--r--etc/profile-m-z/youtube-viewers-common.profile6
-rw-r--r--etc/profile-m-z/youtube.profile4
-rw-r--r--etc/profile-m-z/youtubemusic-nativefier.profile4
-rw-r--r--etc/profile-m-z/ytmdesktop.profile4
-rw-r--r--etc/profile-m-z/zaproxy.profile6
-rw-r--r--etc/profile-m-z/zart.profile4
-rw-r--r--etc/profile-m-z/zathura.profile10
-rw-r--r--etc/profile-m-z/zcat.profile2
-rw-r--r--etc/profile-m-z/zeal.profile12
-rw-r--r--etc/profile-m-z/zgrep.profile2
-rw-r--r--etc/profile-m-z/zoom.profile12
-rw-r--r--etc/profile-m-z/zulip.profile6
402 files changed, 1708 insertions, 1708 deletions
diff --git a/etc/profile-m-z/Maelstrom.profile b/etc/profile-m-z/Maelstrom.profile
index e6c43007d..62d0a8b3a 100644
--- a/etc/profile-m-z/Maelstrom.profile
+++ b/etc/profile-m-z/Maelstrom.profile
@@ -6,7 +6,7 @@ include Maelstrom.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny /var/lib/games/Maelstrom-Scores 9noblacklist /var/lib/games/Maelstrom-Scores
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,7 +17,7 @@ include disable-programs.inc
17include disable-shell.inc 17include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20allow /var/lib/games 20whitelist /var/lib/games
21include whitelist-common.inc 21include whitelist-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
diff --git a/etc/profile-m-z/Mathematica.profile b/etc/profile-m-z/Mathematica.profile
index bd929d21a..c2734b1c1 100644
--- a/etc/profile-m-z/Mathematica.profile
+++ b/etc/profile-m-z/Mathematica.profile
@@ -5,8 +5,8 @@ include Mathematica.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.Mathematica 8noblacklist ${HOME}/.Mathematica
9nodeny ${HOME}/.Wolfram Research 9noblacklist ${HOME}/.Wolfram Research
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,9 +17,9 @@ include disable-programs.inc
17mkdir ${HOME}/.Mathematica 17mkdir ${HOME}/.Mathematica
18mkdir ${HOME}/.Wolfram Research 18mkdir ${HOME}/.Wolfram Research
19mkdir ${HOME}/Documents/Wolfram Mathematica 19mkdir ${HOME}/Documents/Wolfram Mathematica
20allow ${HOME}/.Mathematica 20whitelist ${HOME}/.Mathematica
21allow ${HOME}/.Wolfram Research 21whitelist ${HOME}/.Wolfram Research
22allow ${HOME}/Documents/Wolfram Mathematica 22whitelist ${HOME}/Documents/Wolfram Mathematica
23include whitelist-common.inc 23include whitelist-common.inc
24 24
25caps.drop all 25caps.drop all
diff --git a/etc/profile-m-z/PCSX2.profile b/etc/profile-m-z/PCSX2.profile
index f833b9446..e678b7204 100644
--- a/etc/profile-m-z/PCSX2.profile
+++ b/etc/profile-m-z/PCSX2.profile
@@ -8,7 +8,7 @@ include globals.local
8 8
9# Note: you must whitelist your games folder in your PCSX2.local. 9# Note: you must whitelist your games folder in your PCSX2.local.
10 10
11nodeny ${HOME}/.config/PCSX2 11noblacklist ${HOME}/.config/PCSX2
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -21,7 +21,7 @@ include disable-write-mnt.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23mkdir ${HOME}/.config/PCSX2 23mkdir ${HOME}/.config/PCSX2
24allow ${HOME}/.config/PCSX2 24whitelist ${HOME}/.config/PCSX2
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-runuser-common.inc 26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/QMediathekView.profile b/etc/profile-m-z/QMediathekView.profile
index d7b01fe06..86120587b 100644
--- a/etc/profile-m-z/QMediathekView.profile
+++ b/etc/profile-m-z/QMediathekView.profile
@@ -6,18 +6,18 @@ include QMediathekView.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/QMediathekView 9noblacklist ${HOME}/.config/QMediathekView
10nodeny ${HOME}/.local/share/QMediathekView 10noblacklist ${HOME}/.local/share/QMediathekView
11 11
12nodeny ${HOME}/.config/mpv 12noblacklist ${HOME}/.config/mpv
13nodeny ${HOME}/.config/smplayer 13noblacklist ${HOME}/.config/smplayer
14nodeny ${HOME}/.config/totem 14noblacklist ${HOME}/.config/totem
15nodeny ${HOME}/.config/vlc 15noblacklist ${HOME}/.config/vlc
16nodeny ${HOME}/.config/xplayer 16noblacklist ${HOME}/.config/xplayer
17nodeny ${HOME}/.local/share/totem 17noblacklist ${HOME}/.local/share/totem
18nodeny ${HOME}/.local/share/xplayer 18noblacklist ${HOME}/.local/share/xplayer
19nodeny ${HOME}/.mplayer 19noblacklist ${HOME}/.mplayer
20nodeny ${VIDEOS} 20noblacklist ${VIDEOS}
21 21
22include disable-common.inc 22include disable-common.inc
23include disable-devel.inc 23include disable-devel.inc
@@ -28,7 +28,7 @@ include disable-programs.inc
28include disable-shell.inc 28include disable-shell.inc
29include disable-xdg.inc 29include disable-xdg.inc
30 30
31allow /usr/share/qtchooser 31whitelist /usr/share/qtchooser
32include whitelist-usr-share-common.inc 32include whitelist-usr-share-common.inc
33include whitelist-var-common.inc 33include whitelist-var-common.inc
34 34
diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile
index 4ca42730a..660378089 100644
--- a/etc/profile-m-z/QOwnNotes.profile
+++ b/etc/profile-m-z/QOwnNotes.profile
@@ -6,10 +6,10 @@ include QOwnNotes.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10nodeny ${HOME}/Nextcloud/Notes 10noblacklist ${HOME}/Nextcloud/Notes
11nodeny ${HOME}/.config/PBE 11noblacklist ${HOME}/.config/PBE
12nodeny ${HOME}/.local/share/PBE 12noblacklist ${HOME}/.local/share/PBE
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -23,10 +23,10 @@ include disable-xdg.inc
23mkdir ${HOME}/Nextcloud/Notes 23mkdir ${HOME}/Nextcloud/Notes
24mkdir ${HOME}/.config/PBE 24mkdir ${HOME}/.config/PBE
25mkdir ${HOME}/.local/share/PBE 25mkdir ${HOME}/.local/share/PBE
26allow ${DOCUMENTS} 26whitelist ${DOCUMENTS}
27allow ${HOME}/Nextcloud/Notes 27whitelist ${HOME}/Nextcloud/Notes
28allow ${HOME}/.config/PBE 28whitelist ${HOME}/.config/PBE
29allow ${HOME}/.local/share/PBE 29whitelist ${HOME}/.local/share/PBE
30include whitelist-common.inc 30include whitelist-common.inc
31include whitelist-var-common.inc 31include whitelist-var-common.inc
32 32
diff --git a/etc/profile-m-z/Viber.profile b/etc/profile-m-z/Viber.profile
index b98847d3a..3195e39fa 100644
--- a/etc/profile-m-z/Viber.profile
+++ b/etc/profile-m-z/Viber.profile
@@ -5,8 +5,8 @@ include Viber.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.ViberPC 8noblacklist ${HOME}/.ViberPC
9nodeny ${PATH}/dig 9noblacklist ${PATH}/dig
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18mkdir ${HOME}/.ViberPC 18mkdir ${HOME}/.ViberPC
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20allow ${HOME}/.ViberPC 20whitelist ${HOME}/.ViberPC
21include whitelist-common.inc 21include whitelist-common.inc
22 22
23caps.drop all 23caps.drop all
diff --git a/etc/profile-m-z/XMind.profile b/etc/profile-m-z/XMind.profile
index c9cf7adf7..d78e04595 100644
--- a/etc/profile-m-z/XMind.profile
+++ b/etc/profile-m-z/XMind.profile
@@ -5,7 +5,7 @@ include XMind.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.xmind 8noblacklist ${HOME}/.xmind
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
@@ -15,8 +15,8 @@ include disable-passwdmgr.inc
15include disable-programs.inc 15include disable-programs.inc
16 16
17mkdir ${HOME}/.xmind 17mkdir ${HOME}/.xmind
18allow ${HOME}/.xmind 18whitelist ${HOME}/.xmind
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20include whitelist-common.inc 20include whitelist-common.inc
21 21
22caps.drop all 22caps.drop all
diff --git a/etc/profile-m-z/Xephyr.profile b/etc/profile-m-z/Xephyr.profile
index 7ba1cdac9..5cf5161ce 100644
--- a/etc/profile-m-z/Xephyr.profile
+++ b/etc/profile-m-z/Xephyr.profile
@@ -15,7 +15,7 @@ include globals.local
15# or run "sudo firecfg" 15# or run "sudo firecfg"
16# 16#
17 17
18allow /var/lib/xkb 18whitelist /var/lib/xkb
19include whitelist-common.inc 19include whitelist-common.inc
20 20
21caps.drop all 21caps.drop all
diff --git a/etc/profile-m-z/Xvfb.profile b/etc/profile-m-z/Xvfb.profile
index a246ccb23..1acd43023 100644
--- a/etc/profile-m-z/Xvfb.profile
+++ b/etc/profile-m-z/Xvfb.profile
@@ -18,7 +18,7 @@ include globals.local
18# some Linux distributions. Also, older versions of Xpra use Xvfb. 18# some Linux distributions. Also, older versions of Xpra use Xvfb.
19# 19#
20 20
21allow /var/lib/xkb 21whitelist /var/lib/xkb
22include whitelist-common.inc 22include whitelist-common.inc
23 23
24caps.drop all 24caps.drop all
diff --git a/etc/profile-m-z/ZeGrapher.profile b/etc/profile-m-z/ZeGrapher.profile
index 4f65ad7d1..7686c3442 100644
--- a/etc/profile-m-z/ZeGrapher.profile
+++ b/etc/profile-m-z/ZeGrapher.profile
@@ -6,7 +6,7 @@ include ZeGrapher.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/ZeGrapher Project 9noblacklist ${HOME}/.config/ZeGrapher Project
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17include disable-shell.inc 17include disable-shell.inc
18 18
19allow /usr/share/ZeGrapher 19whitelist /usr/share/ZeGrapher
20include whitelist-runuser-common.inc 20include whitelist-runuser-common.inc
21include whitelist-usr-share-common.inc 21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
diff --git a/etc/profile-m-z/macrofusion.profile b/etc/profile-m-z/macrofusion.profile
index 763d475bb..d1dcb6fe0 100644
--- a/etc/profile-m-z/macrofusion.profile
+++ b/etc/profile-m-z/macrofusion.profile
@@ -5,8 +5,8 @@ include macrofusion.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/mfusion 8noblacklist ${HOME}/.config/mfusion
9nodeny ${PICTURES} 9noblacklist ${PICTURES}
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
diff --git a/etc/profile-m-z/magicor.profile b/etc/profile-m-z/magicor.profile
index d561a5095..8a27b2626 100644
--- a/etc/profile-m-z/magicor.profile
+++ b/etc/profile-m-z/magicor.profile
@@ -6,7 +6,7 @@ include magicor.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.magicor 9noblacklist ${HOME}/.magicor
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
@@ -21,8 +21,8 @@ include disable-shell.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23mkdir ${HOME}/.magicor 23mkdir ${HOME}/.magicor
24allow ${HOME}/.magicor 24whitelist ${HOME}/.magicor
25allow /usr/share/magicor 25whitelist /usr/share/magicor
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
28include whitelist-var-common.inc 28include whitelist-var-common.inc
diff --git a/etc/profile-m-z/makepkg.profile b/etc/profile-m-z/makepkg.profile
index a7c486c9f..513fcae55 100644
--- a/etc/profile-m-z/makepkg.profile
+++ b/etc/profile-m-z/makepkg.profile
@@ -6,8 +6,8 @@ include makepkg.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny /tmp/.X11-unix 9blacklist /tmp/.X11-unix
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12# Note: see this Arch forum discussion https://bbs.archlinux.org/viewtopic.php?pid=1743138 12# Note: see this Arch forum discussion https://bbs.archlinux.org/viewtopic.php?pid=1743138
13# for potential issues and their solutions when Firejailing makepkg 13# for potential issues and their solutions when Firejailing makepkg
@@ -17,18 +17,18 @@ deny ${RUNUSER}/wayland-*
17# whitelist ${HOME}/.gnupg 17# whitelist ${HOME}/.gnupg
18 18
19# Enable severely restricted access to ${HOME}/.gnupg 19# Enable severely restricted access to ${HOME}/.gnupg
20nodeny ${HOME}/.gnupg 20noblacklist ${HOME}/.gnupg
21read-only ${HOME}/.gnupg/gpg.conf 21read-only ${HOME}/.gnupg/gpg.conf
22read-only ${HOME}/.gnupg/trustdb.gpg 22read-only ${HOME}/.gnupg/trustdb.gpg
23read-only ${HOME}/.gnupg/pubring.kbx 23read-only ${HOME}/.gnupg/pubring.kbx
24deny ${HOME}/.gnupg/random_seed 24blacklist ${HOME}/.gnupg/random_seed
25deny ${HOME}/.gnupg/pubring.kbx~ 25blacklist ${HOME}/.gnupg/pubring.kbx~
26deny ${HOME}/.gnupg/private-keys-v1.d 26blacklist ${HOME}/.gnupg/private-keys-v1.d
27deny ${HOME}/.gnupg/crls.d 27blacklist ${HOME}/.gnupg/crls.d
28deny ${HOME}/.gnupg/openpgp-revocs.d 28blacklist ${HOME}/.gnupg/openpgp-revocs.d
29 29
30# Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. 30# Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only.
31nodeny /var/lib/pacman 31noblacklist /var/lib/pacman
32 32
33include disable-common.inc 33include disable-common.inc
34include disable-exec.inc 34include disable-exec.inc
diff --git a/etc/profile-m-z/man.profile b/etc/profile-m-z/man.profile
index 383eeeeb7..bd510fcac 100644
--- a/etc/profile-m-z/man.profile
+++ b/etc/profile-m-z/man.profile
@@ -7,10 +7,10 @@ include man.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER} 10blacklist ${RUNUSER}
11 11
12nodeny ${HOME}/.local/share/man 12noblacklist ${HOME}/.local/share/man
13nodeny ${HOME}/.rustup 13noblacklist ${HOME}/.rustup
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -23,12 +23,12 @@ include disable-xdg.inc
23#mkdir ${HOME}/.local/share/man 23#mkdir ${HOME}/.local/share/man
24#whitelist ${HOME}/.local/share/man 24#whitelist ${HOME}/.local/share/man
25#whitelist ${HOME}/.manpath 25#whitelist ${HOME}/.manpath
26allow /usr/share/groff 26whitelist /usr/share/groff
27allow /usr/share/info 27whitelist /usr/share/info
28allow /usr/share/lintian 28whitelist /usr/share/lintian
29allow /usr/share/locale 29whitelist /usr/share/locale
30allow /usr/share/man 30whitelist /usr/share/man
31allow /var/cache/man 31whitelist /var/cache/man
32#include whitelist-common.inc 32#include whitelist-common.inc
33include whitelist-runuser-common.inc 33include whitelist-runuser-common.inc
34include whitelist-usr-share-common.inc 34include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/manaplus.profile b/etc/profile-m-z/manaplus.profile
index 67ee783a6..f59a56ac6 100644
--- a/etc/profile-m-z/manaplus.profile
+++ b/etc/profile-m-z/manaplus.profile
@@ -6,8 +6,8 @@ include manaplus.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mana 9noblacklist ${HOME}/.config/mana
10nodeny ${HOME}/.local/share/mana 10noblacklist ${HOME}/.local/share/mana
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -21,8 +21,8 @@ include disable-xdg.inc
21mkdir ${HOME}/.config/mana 21mkdir ${HOME}/.config/mana
22mkdir ${HOME}/.config/mana/mana 22mkdir ${HOME}/.config/mana/mana
23mkdir ${HOME}/.local/share/mana 23mkdir ${HOME}/.local/share/mana
24allow ${HOME}/.config/mana 24whitelist ${HOME}/.config/mana
25allow ${HOME}/.local/share/mana 25whitelist ${HOME}/.local/share/mana
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
28 28
diff --git a/etc/profile-m-z/marker.profile b/etc/profile-m-z/marker.profile
index 7645ad335..bd56a8221 100644
--- a/etc/profile-m-z/marker.profile
+++ b/etc/profile-m-z/marker.profile
@@ -11,8 +11,8 @@ include globals.local
11#protocol unix,inet,inet6 11#protocol unix,inet,inet6
12#private-etc ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf 12#private-etc ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf
13 13
14nodeny ${HOME}/.cache/marker 14noblacklist ${HOME}/.cache/marker
15nodeny ${DOCUMENTS} 15noblacklist ${DOCUMENTS}
16 16
17include allow-python3.inc 17include allow-python3.inc
18 18
@@ -25,8 +25,8 @@ include disable-programs.inc
25include disable-shell.inc 25include disable-shell.inc
26include disable-xdg.inc 26include disable-xdg.inc
27 27
28allow /usr/libexec/webkit2gtk-4.0 28whitelist /usr/libexec/webkit2gtk-4.0
29allow /usr/share/com.github.fabiocolacio.marker 29whitelist /usr/share/com.github.fabiocolacio.marker
30include whitelist-runuser-common.inc 30include whitelist-runuser-common.inc
31include whitelist-usr-share-common.inc 31include whitelist-usr-share-common.inc
32include whitelist-var-common.inc 32include whitelist-var-common.inc
diff --git a/etc/profile-m-z/masterpdfeditor.profile b/etc/profile-m-z/masterpdfeditor.profile
index d8b215b7f..de1135071 100644
--- a/etc/profile-m-z/masterpdfeditor.profile
+++ b/etc/profile-m-z/masterpdfeditor.profile
@@ -6,8 +6,8 @@ include masterpdfeditor.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Code Industry 9noblacklist ${HOME}/.config/Code Industry
10nodeny ${HOME}/.masterpdfeditor 10noblacklist ${HOME}/.masterpdfeditor
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/mate-calc.profile b/etc/profile-m-z/mate-calc.profile
index 92832783e..39ee7439d 100644
--- a/etc/profile-m-z/mate-calc.profile
+++ b/etc/profile-m-z/mate-calc.profile
@@ -6,7 +6,7 @@ include mate-calc.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mate-calc 9noblacklist ${HOME}/.config/mate-calc
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,9 +18,9 @@ include disable-programs.inc
18mkdir ${HOME}/.cache/mate-calc 18mkdir ${HOME}/.cache/mate-calc
19mkdir ${HOME}/.config/caja 19mkdir ${HOME}/.config/caja
20mkdir ${HOME}/.config/mate-menu 20mkdir ${HOME}/.config/mate-menu
21allow ${HOME}/.cache/mate-calc 21whitelist ${HOME}/.cache/mate-calc
22allow ${HOME}/.config/caja 22whitelist ${HOME}/.config/caja
23allow ${HOME}/.config/mate-menu 23whitelist ${HOME}/.config/mate-menu
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
26 26
diff --git a/etc/profile-m-z/mate-dictionary.profile b/etc/profile-m-z/mate-dictionary.profile
index 90c9d0993..ae1fcbf62 100644
--- a/etc/profile-m-z/mate-dictionary.profile
+++ b/etc/profile-m-z/mate-dictionary.profile
@@ -5,7 +5,7 @@ include mate-dictionary.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/mate/mate-dictionary 8noblacklist ${HOME}/.config/mate/mate-dictionary
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
@@ -16,7 +16,7 @@ include disable-programs.inc
16include disable-shell.inc 16include disable-shell.inc
17 17
18mkdir ${HOME}/.config/mate/mate-dictionary 18mkdir ${HOME}/.config/mate/mate-dictionary
19allow ${HOME}/.config/mate/mate-dictionary 19whitelist ${HOME}/.config/mate/mate-dictionary
20include whitelist-common.inc 20include whitelist-common.inc
21 21
22apparmor 22apparmor
diff --git a/etc/profile-m-z/matrix-mirage.profile b/etc/profile-m-z/matrix-mirage.profile
index 8ee470a50..b3080df88 100644
--- a/etc/profile-m-z/matrix-mirage.profile
+++ b/etc/profile-m-z/matrix-mirage.profile
@@ -7,16 +7,16 @@ include matrix-mirage.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.cache/matrix-mirage 10noblacklist ${HOME}/.cache/matrix-mirage
11nodeny ${HOME}/.config/matrix-mirage 11noblacklist ${HOME}/.config/matrix-mirage
12nodeny ${HOME}/.local/share/matrix-mirage 12noblacklist ${HOME}/.local/share/matrix-mirage
13 13
14mkdir ${HOME}/.cache/matrix-mirage 14mkdir ${HOME}/.cache/matrix-mirage
15mkdir ${HOME}/.config/matrix-mirage 15mkdir ${HOME}/.config/matrix-mirage
16mkdir ${HOME}/.local/share/matrix-mirage 16mkdir ${HOME}/.local/share/matrix-mirage
17allow ${HOME}/.cache/matrix-mirage 17whitelist ${HOME}/.cache/matrix-mirage
18allow ${HOME}/.config/matrix-mirage 18whitelist ${HOME}/.config/matrix-mirage
19allow ${HOME}/.local/share/matrix-mirage 19whitelist ${HOME}/.local/share/matrix-mirage
20 20
21private-bin matrix-mirage 21private-bin matrix-mirage
22 22
diff --git a/etc/profile-m-z/mattermost-desktop.profile b/etc/profile-m-z/mattermost-desktop.profile
index 01076a90a..3c2bf4fa3 100644
--- a/etc/profile-m-z/mattermost-desktop.profile
+++ b/etc/profile-m-z/mattermost-desktop.profile
@@ -10,12 +10,12 @@ ignore apparmor
10ignore dbus-user none 10ignore dbus-user none
11ignore dbus-system none 11ignore dbus-system none
12 12
13nodeny ${HOME}/.config/Mattermost 13noblacklist ${HOME}/.config/Mattermost
14 14
15include disable-shell.inc 15include disable-shell.inc
16 16
17mkdir ${HOME}/.config/Mattermost 17mkdir ${HOME}/.config/Mattermost
18allow ${HOME}/.config/Mattermost 18whitelist ${HOME}/.config/Mattermost
19 19
20private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl 20private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl
21 21
diff --git a/etc/profile-m-z/mcabber.profile b/etc/profile-m-z/mcabber.profile
index ae749114a..38d2d8d63 100644
--- a/etc/profile-m-z/mcabber.profile
+++ b/etc/profile-m-z/mcabber.profile
@@ -6,8 +6,8 @@ include mcabber.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.mcabber 9noblacklist ${HOME}/.mcabber
10nodeny ${HOME}/.mcabberrc 10noblacklist ${HOME}/.mcabberrc
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/mcomix.profile b/etc/profile-m-z/mcomix.profile
index d9e12fb5d..fcd1e24e5 100644
--- a/etc/profile-m-z/mcomix.profile
+++ b/etc/profile-m-z/mcomix.profile
@@ -6,9 +6,9 @@ include mcomix.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mcomix 9noblacklist ${HOME}/.config/mcomix
10nodeny ${HOME}/.local/share/mcomix 10noblacklist ${HOME}/.local/share/mcomix
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13# Allow /bin/sh (blacklisted by disable-shell.inc) 13# Allow /bin/sh (blacklisted by disable-shell.inc)
14include allow-bin-sh.inc 14include allow-bin-sh.inc
@@ -30,7 +30,7 @@ include disable-xdg.inc
30 30
31mkdir ${HOME}/.config/mcomix 31mkdir ${HOME}/.config/mcomix
32mkdir ${HOME}/.local/share/mcomix 32mkdir ${HOME}/.local/share/mcomix
33allow /usr/share/mcomix 33whitelist /usr/share/mcomix
34include whitelist-usr-share-common.inc 34include whitelist-usr-share-common.inc
35include whitelist-var-common.inc 35include whitelist-var-common.inc
36include whitelist-runuser-common.inc 36include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/mdr.profile b/etc/profile-m-z/mdr.profile
index 9e8656290..5d3f8dc41 100644
--- a/etc/profile-m-z/mdr.profile
+++ b/etc/profile-m-z/mdr.profile
@@ -5,7 +5,7 @@ include mdr.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8deny ${RUNUSER}/wayland-* 8blacklist ${RUNUSER}/wayland-*
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
@@ -16,7 +16,7 @@ include disable-programs.inc
16include disable-shell.inc 16include disable-shell.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20include whitelist-usr-share-common.inc 20include whitelist-usr-share-common.inc
21include whitelist-var-common.inc 21include whitelist-var-common.inc
22 22
diff --git a/etc/profile-m-z/mediainfo.profile b/etc/profile-m-z/mediainfo.profile
index ae34ea321..17363624f 100644
--- a/etc/profile-m-z/mediainfo.profile
+++ b/etc/profile-m-z/mediainfo.profile
@@ -6,7 +6,7 @@ include mediainfo.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny ${RUNUSER}/wayland-* 9blacklist ${RUNUSER}/wayland-*
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/mediathekview.profile b/etc/profile-m-z/mediathekview.profile
index 3459ad4cf..0063badd8 100644
--- a/etc/profile-m-z/mediathekview.profile
+++ b/etc/profile-m-z/mediathekview.profile
@@ -6,16 +6,16 @@ include mediathekview.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mpv 9noblacklist ${HOME}/.config/mpv
10nodeny ${HOME}/.config/smplayer 10noblacklist ${HOME}/.config/smplayer
11nodeny ${HOME}/.config/totem 11noblacklist ${HOME}/.config/totem
12nodeny ${HOME}/.config/vlc 12noblacklist ${HOME}/.config/vlc
13nodeny ${HOME}/.config/xplayer 13noblacklist ${HOME}/.config/xplayer
14nodeny ${HOME}/.local/share/totem 14noblacklist ${HOME}/.local/share/totem
15nodeny ${HOME}/.local/share/xplayer 15noblacklist ${HOME}/.local/share/xplayer
16nodeny ${HOME}/.mediathek3 16noblacklist ${HOME}/.mediathek3
17nodeny ${HOME}/.mplayer 17noblacklist ${HOME}/.mplayer
18nodeny ${VIDEOS} 18noblacklist ${VIDEOS}
19 19
20# Allow java (blacklisted by disable-devel.inc) 20# Allow java (blacklisted by disable-devel.inc)
21include allow-java.inc 21include allow-java.inc
diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile
index ad9094ddf..f07b9166a 100644
--- a/etc/profile-m-z/megaglest.profile
+++ b/etc/profile-m-z/megaglest.profile
@@ -6,7 +6,7 @@ include megaglest.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.megaglest 9noblacklist ${HOME}/.megaglest
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,9 +18,9 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.megaglest 20mkdir ${HOME}/.megaglest
21allow ${HOME}/.megaglest 21whitelist ${HOME}/.megaglest
22allow /usr/share/megaglest 22whitelist /usr/share/megaglest
23allow /usr/share/games/megaglest # Debian version 23whitelist /usr/share/games/megaglest # Debian version
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-runuser-common.inc 25include whitelist-runuser-common.inc
26include whitelist-usr-share-common.inc 26include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile
index 06ee572c9..2a8bb3acf 100644
--- a/etc/profile-m-z/meld.profile
+++ b/etc/profile-m-z/meld.profile
@@ -13,12 +13,12 @@ include globals.local
13# Calling it by its absolute path (example for git mergetool): 13# Calling it by its absolute path (example for git mergetool):
14# $ git config --global mergetool.meld.cmd /usr/bin/meld 14# $ git config --global mergetool.meld.cmd /usr/bin/meld
15 15
16nodeny ${HOME}/.config/meld 16noblacklist ${HOME}/.config/meld
17nodeny ${HOME}/.config/git 17noblacklist ${HOME}/.config/git
18nodeny ${HOME}/.gitconfig 18noblacklist ${HOME}/.gitconfig
19nodeny ${HOME}/.git-credentials 19noblacklist ${HOME}/.git-credentials
20nodeny ${HOME}/.local/share/meld 20noblacklist ${HOME}/.local/share/meld
21nodeny ${HOME}/.subversion 21noblacklist ${HOME}/.subversion
22 22
23# Allow python (blacklisted by disable-interpreters.inc) 23# Allow python (blacklisted by disable-interpreters.inc)
24# Python 2 is EOL (see #3164). Add the next line to your meld.local if you understand the risks 24# Python 2 is EOL (see #3164). Add the next line to your meld.local if you understand the risks
@@ -29,7 +29,7 @@ include allow-python3.inc
29# Allow ssh (blacklisted by disable-common.inc) 29# Allow ssh (blacklisted by disable-common.inc)
30include allow-ssh.inc 30include allow-ssh.inc
31 31
32deny /usr/libexec 32blacklist /usr/libexec
33 33
34# Add the next line to your meld.local if you don't need to compare files in disable-common.inc. 34# Add the next line to your meld.local if you don't need to compare files in disable-common.inc.
35#include disable-common.inc 35#include disable-common.inc
diff --git a/etc/profile-m-z/mendeleydesktop.profile b/etc/profile-m-z/mendeleydesktop.profile
index e33d6c157..c0bdbb230 100644
--- a/etc/profile-m-z/mendeleydesktop.profile
+++ b/etc/profile-m-z/mendeleydesktop.profile
@@ -6,13 +6,13 @@ include mendeleydesktop.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10nodeny ${HOME}/.cache/Mendeley Ltd. 10noblacklist ${HOME}/.cache/Mendeley Ltd.
11nodeny ${HOME}/.config/Mendeley Ltd. 11noblacklist ${HOME}/.config/Mendeley Ltd.
12nodeny ${HOME}/.local/share/Mendeley Ltd. 12noblacklist ${HOME}/.local/share/Mendeley Ltd.
13nodeny ${HOME}/.local/share/data/Mendeley Ltd. 13noblacklist ${HOME}/.local/share/data/Mendeley Ltd.
14nodeny ${HOME}/.pki 14noblacklist ${HOME}/.pki
15nodeny ${HOME}/.local/share/pki 15noblacklist ${HOME}/.local/share/pki
16 16
17# Allow python (blacklisted by disable-interpreters.inc) 17# Allow python (blacklisted by disable-interpreters.inc)
18include allow-python2.inc 18include allow-python2.inc
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile
index 52808a5b5..2081b8c96 100644
--- a/etc/profile-m-z/menulibre.profile
+++ b/etc/profile-m-z/menulibre.profile
@@ -19,13 +19,13 @@ include disable-passwdmgr.inc
19include disable-xdg.inc 19include disable-xdg.inc
20 20
21# Whitelist your system icon directory,varies by distro 21# Whitelist your system icon directory,varies by distro
22allow /usr/share/app-info 22whitelist /usr/share/app-info
23allow /usr/share/desktop-directories 23whitelist /usr/share/desktop-directories
24allow /usr/share/icons 24whitelist /usr/share/icons
25allow /usr/share/menulibre 25whitelist /usr/share/menulibre
26allow /var/lib/app-info/icons 26whitelist /var/lib/app-info/icons
27allow /var/lib/flatpak/exports/share/applications 27whitelist /var/lib/flatpak/exports/share/applications
28allow /var/lib/flatpak/exports/share/icons 28whitelist /var/lib/flatpak/exports/share/icons
29include whitelist-runuser-common.inc 29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
31include whitelist-var-common.inc 31include whitelist-var-common.inc
diff --git a/etc/profile-m-z/meteo-qt.profile b/etc/profile-m-z/meteo-qt.profile
index 48f936632..85ed7bc74 100644
--- a/etc/profile-m-z/meteo-qt.profile
+++ b/etc/profile-m-z/meteo-qt.profile
@@ -6,8 +6,8 @@ include meteo-qt.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/autostart 9noblacklist ${HOME}/.config/autostart
10nodeny ${HOME}/.config/meteo-qt 10noblacklist ${HOME}/.config/meteo-qt
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python3.inc 13include allow-python3.inc
@@ -22,8 +22,8 @@ include disable-shell.inc
22include disable-xdg.inc 22include disable-xdg.inc
23 23
24mkdir ${HOME}/.config/meteo-qt 24mkdir ${HOME}/.config/meteo-qt
25allow ${HOME}/.config/autostart 25whitelist ${HOME}/.config/autostart
26allow ${HOME}/.config/meteo-qt 26whitelist ${HOME}/.config/meteo-qt
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-var-common.inc 28include whitelist-var-common.inc
29 29
diff --git a/etc/profile-m-z/microsoft-edge-beta.profile b/etc/profile-m-z/microsoft-edge-beta.profile
index 259d39a5f..34d9f470a 100644
--- a/etc/profile-m-z/microsoft-edge-beta.profile
+++ b/etc/profile-m-z/microsoft-edge-beta.profile
@@ -6,13 +6,13 @@ include microsoft-edge-beta.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/microsoft-edge-beta 9noblacklist ${HOME}/.cache/microsoft-edge-beta
10nodeny ${HOME}/.config/microsoft-edge-beta 10noblacklist ${HOME}/.config/microsoft-edge-beta
11 11
12mkdir ${HOME}/.cache/microsoft-edge-beta 12mkdir ${HOME}/.cache/microsoft-edge-beta
13mkdir ${HOME}/.config/microsoft-edge-beta 13mkdir ${HOME}/.config/microsoft-edge-beta
14allow ${HOME}/.cache/microsoft-edge-beta 14whitelist ${HOME}/.cache/microsoft-edge-beta
15allow ${HOME}/.config/microsoft-edge-beta 15whitelist ${HOME}/.config/microsoft-edge-beta
16 16
17private-opt microsoft 17private-opt microsoft
18 18
diff --git a/etc/profile-m-z/microsoft-edge-dev.profile b/etc/profile-m-z/microsoft-edge-dev.profile
index 96465866c..039cd36a8 100644
--- a/etc/profile-m-z/microsoft-edge-dev.profile
+++ b/etc/profile-m-z/microsoft-edge-dev.profile
@@ -6,13 +6,13 @@ include microsoft-edge-dev.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/microsoft-edge-dev 9noblacklist ${HOME}/.cache/microsoft-edge-dev
10nodeny ${HOME}/.config/microsoft-edge-dev 10noblacklist ${HOME}/.config/microsoft-edge-dev
11 11
12mkdir ${HOME}/.cache/microsoft-edge-dev 12mkdir ${HOME}/.cache/microsoft-edge-dev
13mkdir ${HOME}/.config/microsoft-edge-dev 13mkdir ${HOME}/.config/microsoft-edge-dev
14allow ${HOME}/.cache/microsoft-edge-dev 14whitelist ${HOME}/.cache/microsoft-edge-dev
15allow ${HOME}/.config/microsoft-edge-dev 15whitelist ${HOME}/.config/microsoft-edge-dev
16 16
17private-opt microsoft 17private-opt microsoft
18 18
diff --git a/etc/profile-m-z/midori.profile b/etc/profile-m-z/midori.profile
index c4a444e0d..e15259608 100644
--- a/etc/profile-m-z/midori.profile
+++ b/etc/profile-m-z/midori.profile
@@ -9,17 +9,17 @@ include globals.local
9# noexec ${HOME} breaks DRM binaries. 9# noexec ${HOME} breaks DRM binaries.
10?BROWSER_ALLOW_DRM: ignore noexec ${HOME} 10?BROWSER_ALLOW_DRM: ignore noexec ${HOME}
11 11
12nodeny ${HOME}/.cache/midori 12noblacklist ${HOME}/.cache/midori
13nodeny ${HOME}/.config/midori 13noblacklist ${HOME}/.config/midori
14nodeny ${HOME}/.local/share/midori 14noblacklist ${HOME}/.local/share/midori
15# noblacklist ${HOME}/.local/share/webkit 15# noblacklist ${HOME}/.local/share/webkit
16# noblacklist ${HOME}/.local/share/webkitgtk 16# noblacklist ${HOME}/.local/share/webkitgtk
17nodeny ${HOME}/.pki 17noblacklist ${HOME}/.pki
18nodeny ${HOME}/.local/share/pki 18noblacklist ${HOME}/.local/share/pki
19 19
20nodeny ${HOME}/.cache/gnome-mplayer 20noblacklist ${HOME}/.cache/gnome-mplayer
21nodeny ${HOME}/.config/gnome-mplayer 21noblacklist ${HOME}/.config/gnome-mplayer
22nodeny ${HOME}/.lastpass 22noblacklist ${HOME}/.lastpass
23 23
24include disable-common.inc 24include disable-common.inc
25include disable-devel.inc 25include disable-devel.inc
@@ -36,17 +36,17 @@ mkdir ${HOME}/.local/share/webkit
36mkdir ${HOME}/.local/share/webkitgtk 36mkdir ${HOME}/.local/share/webkitgtk
37mkdir ${HOME}/.pki 37mkdir ${HOME}/.pki
38mkdir ${HOME}/.local/share/pki 38mkdir ${HOME}/.local/share/pki
39allow ${DOWNLOADS} 39whitelist ${DOWNLOADS}
40allow ${HOME}/.cache/gnome-mplayer/plugin 40whitelist ${HOME}/.cache/gnome-mplayer/plugin
41allow ${HOME}/.cache/midori 41whitelist ${HOME}/.cache/midori
42allow ${HOME}/.config/gnome-mplayer 42whitelist ${HOME}/.config/gnome-mplayer
43allow ${HOME}/.config/midori 43whitelist ${HOME}/.config/midori
44allow ${HOME}/.lastpass 44whitelist ${HOME}/.lastpass
45allow ${HOME}/.local/share/midori 45whitelist ${HOME}/.local/share/midori
46allow ${HOME}/.local/share/webkit 46whitelist ${HOME}/.local/share/webkit
47allow ${HOME}/.local/share/webkitgtk 47whitelist ${HOME}/.local/share/webkitgtk
48allow ${HOME}/.pki 48whitelist ${HOME}/.pki
49allow ${HOME}/.local/share/pki 49whitelist ${HOME}/.local/share/pki
50include whitelist-common.inc 50include whitelist-common.inc
51include whitelist-var-common.inc 51include whitelist-var-common.inc
52 52
diff --git a/etc/profile-m-z/min.profile b/etc/profile-m-z/min.profile
index 214332184..7f3aeab44 100644
--- a/etc/profile-m-z/min.profile
+++ b/etc/profile-m-z/min.profile
@@ -6,10 +6,10 @@ include min.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Min 9noblacklist ${HOME}/.config/Min
10 10
11mkdir ${HOME}/.config/Min 11mkdir ${HOME}/.config/Min
12allow ${HOME}/.config/Min 12whitelist ${HOME}/.config/Min
13 13
14# Redirect 14# Redirect
15include chromium-common.profile 15include chromium-common.profile
diff --git a/etc/profile-m-z/mindless.profile b/etc/profile-m-z/mindless.profile
index ee8402b87..fbf6b58e8 100644
--- a/etc/profile-m-z/mindless.profile
+++ b/etc/profile-m-z/mindless.profile
@@ -15,7 +15,7 @@ include disable-programs.inc
15include disable-shell.inc 15include disable-shell.inc
16include disable-xdg.inc 16include disable-xdg.inc
17 17
18allow /usr/share/mindless 18whitelist /usr/share/mindless
19include whitelist-usr-share-common.inc 19include whitelist-usr-share-common.inc
20include whitelist-var-common.inc 20include whitelist-var-common.inc
21 21
diff --git a/etc/profile-m-z/minecraft-launcher.profile b/etc/profile-m-z/minecraft-launcher.profile
index 595313851..1028e374a 100644
--- a/etc/profile-m-z/minecraft-launcher.profile
+++ b/etc/profile-m-z/minecraft-launcher.profile
@@ -11,7 +11,7 @@ include globals.local
11 11
12ignore noexec ${HOME} 12ignore noexec ${HOME}
13 13
14nodeny ${HOME}/.minecraft 14noblacklist ${HOME}/.minecraft
15 15
16include allow-java.inc 16include allow-java.inc
17 17
@@ -25,7 +25,7 @@ include disable-shell.inc
25include disable-xdg.inc 25include disable-xdg.inc
26 26
27mkdir ${HOME}/.minecraft 27mkdir ${HOME}/.minecraft
28allow ${HOME}/.minecraft 28whitelist ${HOME}/.minecraft
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-runuser-common.inc 30include whitelist-runuser-common.inc
31include whitelist-usr-share-common.inc 31include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile
index 11d0859b7..cad1adbda 100644
--- a/etc/profile-m-z/minetest.profile
+++ b/etc/profile-m-z/minetest.profile
@@ -9,8 +9,8 @@ include globals.local
9# In order to save in-game screenshots to a persistent location edit ~/.minetest/minetest.conf: 9# In order to save in-game screenshots to a persistent location edit ~/.minetest/minetest.conf:
10# screenshot_path = /home/<USER>/.minetest/screenshots 10# screenshot_path = /home/<USER>/.minetest/screenshots
11 11
12nodeny ${HOME}/.cache/minetest 12noblacklist ${HOME}/.cache/minetest
13nodeny ${HOME}/.minetest 13noblacklist ${HOME}/.minetest
14 14
15# Allow lua (blacklisted by disable-interpreters.inc) 15# Allow lua (blacklisted by disable-interpreters.inc)
16include allow-lua.inc 16include allow-lua.inc
@@ -26,10 +26,10 @@ include disable-xdg.inc
26 26
27mkdir ${HOME}/.cache/minetest 27mkdir ${HOME}/.cache/minetest
28mkdir ${HOME}/.minetest 28mkdir ${HOME}/.minetest
29allow ${HOME}/.cache/minetest 29whitelist ${HOME}/.cache/minetest
30allow ${HOME}/.minetest 30whitelist ${HOME}/.minetest
31allow /usr/share/games/minetest 31whitelist /usr/share/games/minetest
32allow /usr/share/minetest 32whitelist /usr/share/minetest
33include whitelist-common.inc 33include whitelist-common.inc
34include whitelist-runuser-common.inc 34include whitelist-runuser-common.inc
35include whitelist-usr-share-common.inc 35include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/minitube.profile b/etc/profile-m-z/minitube.profile
index 192913dbf..3fe3428d0 100644
--- a/etc/profile-m-z/minitube.profile
+++ b/etc/profile-m-z/minitube.profile
@@ -6,10 +6,10 @@ include minitube.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${PICTURES} 9noblacklist ${PICTURES}
10nodeny ${HOME}/.cache/Flavio Tordini 10noblacklist ${HOME}/.cache/Flavio Tordini
11nodeny ${HOME}/.config/Flavio Tordini 11noblacklist ${HOME}/.config/Flavio Tordini
12nodeny ${HOME}/.local/share/Flavio Tordini 12noblacklist ${HOME}/.local/share/Flavio Tordini
13 13
14include allow-lua.inc 14include allow-lua.inc
15 15
@@ -25,11 +25,11 @@ include disable-xdg.inc
25mkdir ${HOME}/.cache/Flavio Tordini 25mkdir ${HOME}/.cache/Flavio Tordini
26mkdir ${HOME}/.config/Flavio Tordini 26mkdir ${HOME}/.config/Flavio Tordini
27mkdir ${HOME}/.local/share/Flavio Tordini 27mkdir ${HOME}/.local/share/Flavio Tordini
28allow ${PICTURES} 28whitelist ${PICTURES}
29allow ${HOME}/.cache/Flavio Tordini 29whitelist ${HOME}/.cache/Flavio Tordini
30allow ${HOME}/.config/Flavio Tordini 30whitelist ${HOME}/.config/Flavio Tordini
31allow ${HOME}/.local/share/Flavio Tordini 31whitelist ${HOME}/.local/share/Flavio Tordini
32allow /usr/share/minitube 32whitelist /usr/share/minitube
33include whitelist-common.inc 33include whitelist-common.inc
34include whitelist-runuser-common.inc 34include whitelist-runuser-common.inc
35include whitelist-usr-share-common.inc 35include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile
index b2f2cc5b1..505009283 100644
--- a/etc/profile-m-z/mirage.profile
+++ b/etc/profile-m-z/mirage.profile
@@ -6,10 +6,10 @@ include mirage.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/mirage 9noblacklist ${HOME}/.cache/mirage
10nodeny ${HOME}/.config/mirage 10noblacklist ${HOME}/.config/mirage
11nodeny ${HOME}/.local/share/mirage 11noblacklist ${HOME}/.local/share/mirage
12nodeny /sbin 12noblacklist /sbin
13 13
14# Allow python (blacklisted by disable-interpreters.inc) 14# Allow python (blacklisted by disable-interpreters.inc)
15include allow-python2.inc 15include allow-python2.inc
@@ -27,10 +27,10 @@ include disable-xdg.inc
27mkdir ${HOME}/.cache/mirage 27mkdir ${HOME}/.cache/mirage
28mkdir ${HOME}/.config/mirage 28mkdir ${HOME}/.config/mirage
29mkdir ${HOME}/.local/share/mirage 29mkdir ${HOME}/.local/share/mirage
30allow ${HOME}/.cache/mirage 30whitelist ${HOME}/.cache/mirage
31allow ${HOME}/.config/mirage 31whitelist ${HOME}/.config/mirage
32allow ${HOME}/.local/share/mirage 32whitelist ${HOME}/.local/share/mirage
33allow ${DOWNLOADS} 33whitelist ${DOWNLOADS}
34include whitelist-common.inc 34include whitelist-common.inc
35include whitelist-runuser-common.inc 35include whitelist-runuser-common.inc
36include whitelist-usr-share-common.inc 36include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/mirrormagic.profile b/etc/profile-m-z/mirrormagic.profile
index d5ebfd4b0..58dfd56f5 100644
--- a/etc/profile-m-z/mirrormagic.profile
+++ b/etc/profile-m-z/mirrormagic.profile
@@ -6,7 +6,7 @@ include mirrormagic.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.mirrormagic 9noblacklist ${HOME}/.mirrormagic
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.mirrormagic 20mkdir ${HOME}/.mirrormagic
21allow ${HOME}/.mirrormagic 21whitelist ${HOME}/.mirrormagic
22allow /usr/share/mirrormagic 22whitelist /usr/share/mirrormagic
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/mocp.profile b/etc/profile-m-z/mocp.profile
index b734bd7c0..e71ba4569 100644
--- a/etc/profile-m-z/mocp.profile
+++ b/etc/profile-m-z/mocp.profile
@@ -7,8 +7,8 @@ include mocp.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.moc 10noblacklist ${HOME}/.moc
11nodeny ${MUSIC} 11noblacklist ${MUSIC}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/mousepad.profile b/etc/profile-m-z/mousepad.profile
index a02b29b61..98063fa7c 100644
--- a/etc/profile-m-z/mousepad.profile
+++ b/etc/profile-m-z/mousepad.profile
@@ -6,7 +6,7 @@ include mousepad.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Mousepad 9noblacklist ${HOME}/.config/Mousepad
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/mp3splt-gtk.profile b/etc/profile-m-z/mp3splt-gtk.profile
index f47384753..37ce60e04 100644
--- a/etc/profile-m-z/mp3splt-gtk.profile
+++ b/etc/profile-m-z/mp3splt-gtk.profile
@@ -6,7 +6,7 @@ include mp3splt-gtk.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.mp3splt-gtk 9noblacklist ${HOME}/.mp3splt-gtk
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/mp3splt.profile b/etc/profile-m-z/mp3splt.profile
index 8a2ab15bd..070de8451 100644
--- a/etc/profile-m-z/mp3splt.profile
+++ b/etc/profile-m-z/mp3splt.profile
@@ -6,9 +6,9 @@ include mp3splt.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny ${RUNUSER}/wayland-* 9blacklist ${RUNUSER}/wayland-*
10 10
11nodeny ${MUSIC} 11noblacklist ${MUSIC}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile
index 6994b0429..55a0b5897 100644
--- a/etc/profile-m-z/mpDris2.profile
+++ b/etc/profile-m-z/mpDris2.profile
@@ -6,13 +6,13 @@ include mpDris2.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mpDris2 9noblacklist ${HOME}/.config/mpDris2
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
13include allow-python3.inc 13include allow-python3.inc
14 14
15nodeny ${MUSIC} 15noblacklist ${MUSIC}
16 16
17include disable-common.inc 17include disable-common.inc
18include disable-devel.inc 18include disable-devel.inc
@@ -23,10 +23,10 @@ include disable-programs.inc
23include disable-shell.inc 23include disable-shell.inc
24include disable-xdg.inc 24include disable-xdg.inc
25 25
26allow ${MUSIC} 26whitelist ${MUSIC}
27 27
28mkdir ${HOME}/.config/mpDris2 28mkdir ${HOME}/.config/mpDris2
29allow ${HOME}/.config/mpDris2 29whitelist ${HOME}/.config/mpDris2
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
31include whitelist-var-common.inc 31include whitelist-var-common.inc
32 32
diff --git a/etc/profile-m-z/mpd.profile b/etc/profile-m-z/mpd.profile
index 8b3350ac8..b517d4ab2 100644
--- a/etc/profile-m-z/mpd.profile
+++ b/etc/profile-m-z/mpd.profile
@@ -6,10 +6,10 @@ include mpd.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mpd 9noblacklist ${HOME}/.config/mpd
10nodeny ${HOME}/.mpd 10noblacklist ${HOME}/.mpd
11nodeny ${HOME}/.mpdconf 11noblacklist ${HOME}/.mpdconf
12nodeny ${MUSIC} 12noblacklist ${MUSIC}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/mpg123.profile b/etc/profile-m-z/mpg123.profile
index 03bd44daa..25187e894 100644
--- a/etc/profile-m-z/mpg123.profile
+++ b/etc/profile-m-z/mpg123.profile
@@ -7,7 +7,7 @@ include mpg123.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${MUSIC} 10noblacklist ${MUSIC}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/mplayer.profile b/etc/profile-m-z/mplayer.profile
index 84754aeb2..5d023b7f1 100644
--- a/etc/profile-m-z/mplayer.profile
+++ b/etc/profile-m-z/mplayer.profile
@@ -6,7 +6,7 @@ include mplayer.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.mplayer 9noblacklist ${HOME}/.mplayer
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,7 +17,7 @@ include disable-programs.inc
17 17
18read-only ${DESKTOP} 18read-only ${DESKTOP}
19mkdir ${HOME}/.mplayer 19mkdir ${HOME}/.mplayer
20allow ${HOME}/.mplayer 20whitelist ${HOME}/.mplayer
21include whitelist-common.inc 21include whitelist-common.inc
22include whitelist-player-common.inc 22include whitelist-player-common.inc
23include whitelist-usr-share-common.inc 23include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/mpsyt.profile b/etc/profile-m-z/mpsyt.profile
index d35519103..bfe57a132 100644
--- a/etc/profile-m-z/mpsyt.profile
+++ b/etc/profile-m-z/mpsyt.profile
@@ -6,12 +6,12 @@ include mpsyt.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mps-youtube 9noblacklist ${HOME}/.config/mps-youtube
10nodeny ${HOME}/.config/mpv 10noblacklist ${HOME}/.config/mpv
11nodeny ${HOME}/.config/youtube-dl 11noblacklist ${HOME}/.config/youtube-dl
12nodeny ${HOME}/.mplayer 12noblacklist ${HOME}/.mplayer
13nodeny ${HOME}/.netrc 13noblacklist ${HOME}/.netrc
14nodeny ${HOME}/mps 14noblacklist ${HOME}/mps
15 15
16# Allow lua (blacklisted by disable-interpreters.inc) 16# Allow lua (blacklisted by disable-interpreters.inc)
17include allow-lua.inc 17include allow-lua.inc
@@ -20,8 +20,8 @@ include allow-lua.inc
20include allow-python2.inc 20include allow-python2.inc
21include allow-python3.inc 21include allow-python3.inc
22 22
23nodeny ${MUSIC} 23noblacklist ${MUSIC}
24nodeny ${VIDEOS} 24noblacklist ${VIDEOS}
25 25
26include disable-common.inc 26include disable-common.inc
27include disable-devel.inc 27include disable-devel.inc
@@ -37,12 +37,12 @@ mkdir ${HOME}/.config/mpv
37mkdir ${HOME}/.config/youtube-dl 37mkdir ${HOME}/.config/youtube-dl
38mkdir ${HOME}/.mplayer 38mkdir ${HOME}/.mplayer
39mkdir ${HOME}/mps 39mkdir ${HOME}/mps
40allow ${HOME}/.config/mps-youtube 40whitelist ${HOME}/.config/mps-youtube
41allow ${HOME}/.config/mpv 41whitelist ${HOME}/.config/mpv
42allow ${HOME}/.config/youtube-dl 42whitelist ${HOME}/.config/youtube-dl
43allow ${HOME}/.mplayer 43whitelist ${HOME}/.mplayer
44allow ${HOME}/.netrc 44whitelist ${HOME}/.netrc
45allow ${HOME}/mps 45whitelist ${HOME}/mps
46include whitelist-common.inc 46include whitelist-common.inc
47include whitelist-player-common.inc 47include whitelist-player-common.inc
48include whitelist-var-common.inc 48include whitelist-var-common.inc
diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile
index 4ea2dd348..af5c214f7 100644
--- a/etc/profile-m-z/mpv.profile
+++ b/etc/profile-m-z/mpv.profile
@@ -24,9 +24,9 @@ include globals.local
24#include allow-bin-sh.inc 24#include allow-bin-sh.inc
25#private-bin sh 25#private-bin sh
26 26
27nodeny ${HOME}/.config/mpv 27noblacklist ${HOME}/.config/mpv
28nodeny ${HOME}/.config/youtube-dl 28noblacklist ${HOME}/.config/youtube-dl
29nodeny ${HOME}/.netrc 29noblacklist ${HOME}/.netrc
30 30
31# Allow lua (blacklisted by disable-interpreters.inc) 31# Allow lua (blacklisted by disable-interpreters.inc)
32include allow-lua.inc 32include allow-lua.inc
@@ -35,7 +35,7 @@ include allow-lua.inc
35include allow-python2.inc 35include allow-python2.inc
36include allow-python3.inc 36include allow-python3.inc
37 37
38deny /usr/libexec 38blacklist /usr/libexec
39 39
40include disable-common.inc 40include disable-common.inc
41include disable-devel.inc 41include disable-devel.inc
@@ -49,14 +49,14 @@ read-only ${DESKTOP}
49mkdir ${HOME}/.config/mpv 49mkdir ${HOME}/.config/mpv
50mkdir ${HOME}/.config/youtube-dl 50mkdir ${HOME}/.config/youtube-dl
51mkfile ${HOME}/.netrc 51mkfile ${HOME}/.netrc
52allow ${HOME}/.config/mpv 52whitelist ${HOME}/.config/mpv
53allow ${HOME}/.config/youtube-dl 53whitelist ${HOME}/.config/youtube-dl
54allow ${HOME}/.netrc 54whitelist ${HOME}/.netrc
55include whitelist-common.inc 55include whitelist-common.inc
56include whitelist-player-common.inc 56include whitelist-player-common.inc
57allow /usr/share/lua 57whitelist /usr/share/lua
58allow /usr/share/lua* 58whitelist /usr/share/lua*
59allow /usr/share/vulkan 59whitelist /usr/share/vulkan
60include whitelist-usr-share-common.inc 60include whitelist-usr-share-common.inc
61include whitelist-var-common.inc 61include whitelist-var-common.inc
62 62
diff --git a/etc/profile-m-z/mrrescue.profile b/etc/profile-m-z/mrrescue.profile
index a8c49a690..e3ceb3bd4 100644
--- a/etc/profile-m-z/mrrescue.profile
+++ b/etc/profile-m-z/mrrescue.profile
@@ -6,7 +6,7 @@ include mrrescue.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.local/share/love 9noblacklist ${HOME}/.local/share/love
10 10
11# Allow /bin/sh (blacklisted by disable-shell.inc) 11# Allow /bin/sh (blacklisted by disable-shell.inc)
12include allow-bin-sh.inc 12include allow-bin-sh.inc
@@ -14,7 +14,7 @@ include allow-bin-sh.inc
14# Allow lua (blacklisted by disable-interpreters.inc) 14# Allow lua (blacklisted by disable-interpreters.inc)
15include allow-lua.inc 15include allow-lua.inc
16 16
17deny /usr/libexec 17blacklist /usr/libexec
18 18
19include disable-common.inc 19include disable-common.inc
20include disable-devel.inc 20include disable-devel.inc
@@ -26,8 +26,8 @@ include disable-shell.inc
26include disable-xdg.inc 26include disable-xdg.inc
27 27
28mkdir ${HOME}/.local/share/love 28mkdir ${HOME}/.local/share/love
29allow ${HOME}/.local/share/love 29whitelist ${HOME}/.local/share/love
30allow /usr/share/mrrescue 30whitelist /usr/share/mrrescue
31include whitelist-common.inc 31include whitelist-common.inc
32include whitelist-runuser-common.inc 32include whitelist-runuser-common.inc
33include whitelist-usr-share-common.inc 33include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/ms-excel.profile b/etc/profile-m-z/ms-excel.profile
index 5fea86ae7..db24e8f9b 100644
--- a/etc/profile-m-z/ms-excel.profile
+++ b/etc/profile-m-z/ms-excel.profile
@@ -6,7 +6,7 @@ include ms-excel.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.cache/ms-excel-online 9noblacklist ${HOME}/.cache/ms-excel-online
10private-bin ms-excel 10private-bin ms-excel
11 11
12# Redirect 12# Redirect
diff --git a/etc/profile-m-z/ms-office.profile b/etc/profile-m-z/ms-office.profile
index 4033627f7..38fc84ecc 100644
--- a/etc/profile-m-z/ms-office.profile
+++ b/etc/profile-m-z/ms-office.profile
@@ -5,8 +5,8 @@ include ms-office.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.cache/ms-office-online 8noblacklist ${HOME}/.cache/ms-office-online
9nodeny ${HOME}/.jak 9noblacklist ${HOME}/.jak
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
diff --git a/etc/profile-m-z/ms-onenote.profile b/etc/profile-m-z/ms-onenote.profile
index 805de5102..9ea0637bd 100644
--- a/etc/profile-m-z/ms-onenote.profile
+++ b/etc/profile-m-z/ms-onenote.profile
@@ -6,7 +6,7 @@ include ms-onenote.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.cache/ms-onenote-online 9noblacklist ${HOME}/.cache/ms-onenote-online
10private-bin ms-onenote 10private-bin ms-onenote
11 11
12# Redirect 12# Redirect
diff --git a/etc/profile-m-z/ms-outlook.profile b/etc/profile-m-z/ms-outlook.profile
index bd14fb7d3..fc3e7c009 100644
--- a/etc/profile-m-z/ms-outlook.profile
+++ b/etc/profile-m-z/ms-outlook.profile
@@ -6,7 +6,7 @@ include ms-outlook.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.cache/ms-outlook-online 9noblacklist ${HOME}/.cache/ms-outlook-online
10private-bin ms-outlook 10private-bin ms-outlook
11 11
12# Redirect 12# Redirect
diff --git a/etc/profile-m-z/ms-powerpoint.profile b/etc/profile-m-z/ms-powerpoint.profile
index 02a7424e2..dadcd5b1e 100644
--- a/etc/profile-m-z/ms-powerpoint.profile
+++ b/etc/profile-m-z/ms-powerpoint.profile
@@ -6,7 +6,7 @@ include ms-powerpoint.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.cache/ms-powerpoint-online 9noblacklist ${HOME}/.cache/ms-powerpoint-online
10private-bin ms-powerpoint 10private-bin ms-powerpoint
11 11
12# Redirect 12# Redirect
diff --git a/etc/profile-m-z/ms-skype.profile b/etc/profile-m-z/ms-skype.profile
index 01729f9a2..df1618361 100644
--- a/etc/profile-m-z/ms-skype.profile
+++ b/etc/profile-m-z/ms-skype.profile
@@ -8,7 +8,7 @@ include ms-skype.local
8 8
9ignore novideo 9ignore novideo
10 10
11nodeny ${HOME}/.cache/ms-skype-online 11noblacklist ${HOME}/.cache/ms-skype-online
12 12
13private-bin ms-skype 13private-bin ms-skype
14 14
diff --git a/etc/profile-m-z/ms-word.profile b/etc/profile-m-z/ms-word.profile
index 34cf02128..5a617a893 100644
--- a/etc/profile-m-z/ms-word.profile
+++ b/etc/profile-m-z/ms-word.profile
@@ -6,7 +6,7 @@ include ms-word.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.cache/ms-word-online 9noblacklist ${HOME}/.cache/ms-word-online
10private-bin ms-word 10private-bin ms-word
11 11
12# Redirect 12# Redirect
diff --git a/etc/profile-m-z/mtpaint.profile b/etc/profile-m-z/mtpaint.profile
index ec7cd5d04..85c3ee9f2 100644
--- a/etc/profile-m-z/mtpaint.profile
+++ b/etc/profile-m-z/mtpaint.profile
@@ -6,7 +6,7 @@ include mtpaint.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${PICTURES} 9noblacklist ${PICTURES}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/multimc5.profile b/etc/profile-m-z/multimc5.profile
index 447e7753f..6df681df1 100644
--- a/etc/profile-m-z/multimc5.profile
+++ b/etc/profile-m-z/multimc5.profile
@@ -5,9 +5,9 @@ include multimc5.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.local/share/multimc 8noblacklist ${HOME}/.local/share/multimc
9nodeny ${HOME}/.local/share/multimc5 9noblacklist ${HOME}/.local/share/multimc5
10nodeny ${HOME}/.multimc5 10noblacklist ${HOME}/.multimc5
11 11
12# Allow java (blacklisted by disable-devel.inc) 12# Allow java (blacklisted by disable-devel.inc)
13include allow-java.inc 13include allow-java.inc
@@ -22,9 +22,9 @@ include disable-programs.inc
22mkdir ${HOME}/.local/share/multimc 22mkdir ${HOME}/.local/share/multimc
23mkdir ${HOME}/.local/share/multimc5 23mkdir ${HOME}/.local/share/multimc5
24mkdir ${HOME}/.multimc5 24mkdir ${HOME}/.multimc5
25allow ${HOME}/.local/share/multimc 25whitelist ${HOME}/.local/share/multimc
26allow ${HOME}/.local/share/multimc5 26whitelist ${HOME}/.local/share/multimc5
27allow ${HOME}/.multimc5 27whitelist ${HOME}/.multimc5
28include whitelist-common.inc 28include whitelist-common.inc
29 29
30caps.drop all 30caps.drop all
diff --git a/etc/profile-m-z/mumble.profile b/etc/profile-m-z/mumble.profile
index 1d72e07b8..c7f59c5ee 100644
--- a/etc/profile-m-z/mumble.profile
+++ b/etc/profile-m-z/mumble.profile
@@ -6,9 +6,9 @@ include mumble.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Mumble 9noblacklist ${HOME}/.config/Mumble
10nodeny ${HOME}/.local/share/data/Mumble 10noblacklist ${HOME}/.local/share/data/Mumble
11nodeny ${HOME}/.local/share/Mumble 11noblacklist ${HOME}/.local/share/Mumble
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -21,9 +21,9 @@ include disable-shell.inc
21mkdir ${HOME}/.config/Mumble 21mkdir ${HOME}/.config/Mumble
22mkdir ${HOME}/.local/share/data/Mumble 22mkdir ${HOME}/.local/share/data/Mumble
23mkdir ${HOME}/.local/share/Mumble 23mkdir ${HOME}/.local/share/Mumble
24allow ${HOME}/.config/Mumble 24whitelist ${HOME}/.config/Mumble
25allow ${HOME}/.local/share/data/Mumble 25whitelist ${HOME}/.local/share/data/Mumble
26allow ${HOME}/.local/share/Mumble 26whitelist ${HOME}/.local/share/Mumble
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-var-common.inc 28include whitelist-var-common.inc
29 29
diff --git a/etc/profile-m-z/mupdf-gl.profile b/etc/profile-m-z/mupdf-gl.profile
index c208a5e54..be94a9083 100644
--- a/etc/profile-m-z/mupdf-gl.profile
+++ b/etc/profile-m-z/mupdf-gl.profile
@@ -7,7 +7,7 @@ include mupdf-gl.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.mupdf.history 10noblacklist ${HOME}/.mupdf.history
11 11
12# Redirect 12# Redirect
13include mupdf.profile 13include mupdf.profile
diff --git a/etc/profile-m-z/mupdf.profile b/etc/profile-m-z/mupdf.profile
index e602b1429..9e4609c48 100644
--- a/etc/profile-m-z/mupdf.profile
+++ b/etc/profile-m-z/mupdf.profile
@@ -6,7 +6,7 @@ include mupdf.local
6# Persistent global definitions 6# Persistent global definitions
7#include globals.local 7#include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/mupen64plus.profile b/etc/profile-m-z/mupen64plus.profile
index ecc7e2957..00983a8f3 100644
--- a/etc/profile-m-z/mupen64plus.profile
+++ b/etc/profile-m-z/mupen64plus.profile
@@ -6,8 +6,8 @@ include mupen64plus.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/mupen64plus 9noblacklist ${HOME}/.config/mupen64plus
10nodeny ${HOME}/.local/share/mupen64plus 10noblacklist ${HOME}/.local/share/mupen64plus
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-programs.inc
18# you'll need to manually whitelist ROM files 18# you'll need to manually whitelist ROM files
19mkdir ${HOME}/.config/mupen64plus 19mkdir ${HOME}/.config/mupen64plus
20mkdir ${HOME}/.local/share/mupen64plus 20mkdir ${HOME}/.local/share/mupen64plus
21allow ${HOME}/.config/mupen64plus 21whitelist ${HOME}/.config/mupen64plus
22allow ${HOME}/.local/share/mupen64plus 22whitelist ${HOME}/.local/share/mupen64plus
23include whitelist-common.inc 23include whitelist-common.inc
24 24
25caps.drop all 25caps.drop all
diff --git a/etc/profile-m-z/musescore.profile b/etc/profile-m-z/musescore.profile
index aa141f9c0..679e82ae8 100644
--- a/etc/profile-m-z/musescore.profile
+++ b/etc/profile-m-z/musescore.profile
@@ -6,12 +6,12 @@ include musescore.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/MusE 9noblacklist ${HOME}/.config/MusE
10nodeny ${HOME}/.config/MuseScore 10noblacklist ${HOME}/.config/MuseScore
11nodeny ${HOME}/.local/share/data/MusE 11noblacklist ${HOME}/.local/share/data/MusE
12nodeny ${HOME}/.local/share/data/MuseScore 12noblacklist ${HOME}/.local/share/data/MuseScore
13nodeny ${DOCUMENTS} 13noblacklist ${DOCUMENTS}
14nodeny ${MUSIC} 14noblacklist ${MUSIC}
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
diff --git a/etc/profile-m-z/musictube.profile b/etc/profile-m-z/musictube.profile
index 5ab1303a2..04500ac6a 100644
--- a/etc/profile-m-z/musictube.profile
+++ b/etc/profile-m-z/musictube.profile
@@ -6,9 +6,9 @@ include musictube.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/Flavio Tordini 9noblacklist ${HOME}/.cache/Flavio Tordini
10nodeny ${HOME}/.config/Flavio Tordini 10noblacklist ${HOME}/.config/Flavio Tordini
11nodeny ${HOME}/.local/share/Flavio Tordini 11noblacklist ${HOME}/.local/share/Flavio Tordini
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -22,10 +22,10 @@ include disable-xdg.inc
22mkdir ${HOME}/.cache/Flavio Tordini 22mkdir ${HOME}/.cache/Flavio Tordini
23mkdir ${HOME}/.config/Flavio Tordini 23mkdir ${HOME}/.config/Flavio Tordini
24mkdir ${HOME}/.local/share/Flavio Tordini 24mkdir ${HOME}/.local/share/Flavio Tordini
25allow ${HOME}/.cache/Flavio Tordini 25whitelist ${HOME}/.cache/Flavio Tordini
26allow ${HOME}/.config/Flavio Tordini 26whitelist ${HOME}/.config/Flavio Tordini
27allow ${HOME}/.local/share/Flavio Tordini 27whitelist ${HOME}/.local/share/Flavio Tordini
28allow /usr/share/musictube 28whitelist /usr/share/musictube
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-runuser-common.inc 30include whitelist-runuser-common.inc
31include whitelist-usr-share-common.inc 31include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/musixmatch.profile b/etc/profile-m-z/musixmatch.profile
index 9390f9dcf..74b3e9a5f 100644
--- a/etc/profile-m-z/musixmatch.profile
+++ b/etc/profile-m-z/musixmatch.profile
@@ -5,7 +5,7 @@ include musixmatch.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${MUSIC} 8noblacklist ${MUSIC}
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile
index 91606bdfa..debf81659 100644
--- a/etc/profile-m-z/mutt.profile
+++ b/etc/profile-m-z/mutt.profile
@@ -7,36 +7,36 @@ include mutt.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny /var/mail 10noblacklist /var/mail
11nodeny /var/spool/mail 11noblacklist /var/spool/mail
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13nodeny ${HOME}/.Mail 13noblacklist ${HOME}/.Mail
14nodeny ${HOME}/.bogofilter 14noblacklist ${HOME}/.bogofilter
15nodeny ${HOME}/.cache/mutt 15noblacklist ${HOME}/.cache/mutt
16nodeny ${HOME}/.config/mutt 16noblacklist ${HOME}/.config/mutt
17nodeny ${HOME}/.config/nano 17noblacklist ${HOME}/.config/nano
18nodeny ${HOME}/.elinks 18noblacklist ${HOME}/.elinks
19nodeny ${HOME}/.emacs 19noblacklist ${HOME}/.emacs
20nodeny ${HOME}/.emacs.d 20noblacklist ${HOME}/.emacs.d
21nodeny ${HOME}/.gnupg 21noblacklist ${HOME}/.gnupg
22nodeny ${HOME}/.mail 22noblacklist ${HOME}/.mail
23nodeny ${HOME}/.mailcap 23noblacklist ${HOME}/.mailcap
24nodeny ${HOME}/.msmtprc 24noblacklist ${HOME}/.msmtprc
25nodeny ${HOME}/.mutt 25noblacklist ${HOME}/.mutt
26nodeny ${HOME}/.muttrc 26noblacklist ${HOME}/.muttrc
27nodeny ${HOME}/.nanorc 27noblacklist ${HOME}/.nanorc
28nodeny ${HOME}/.signature 28noblacklist ${HOME}/.signature
29nodeny ${HOME}/.vim 29noblacklist ${HOME}/.vim
30nodeny ${HOME}/.viminfo 30noblacklist ${HOME}/.viminfo
31nodeny ${HOME}/.vimrc 31noblacklist ${HOME}/.vimrc
32nodeny ${HOME}/.w3m 32noblacklist ${HOME}/.w3m
33nodeny ${HOME}/Mail 33noblacklist ${HOME}/Mail
34nodeny ${HOME}/mail 34noblacklist ${HOME}/mail
35nodeny ${HOME}/postponed 35noblacklist ${HOME}/postponed
36nodeny ${HOME}/sent 36noblacklist ${HOME}/sent
37 37
38deny /tmp/.X11-unix 38blacklist /tmp/.X11-unix
39deny ${RUNUSER}/wayland-* 39blacklist ${RUNUSER}/wayland-*
40 40
41# Add the next lines to your mutt.local for oauth.py,S/MIME support. 41# Add the next lines to your mutt.local for oauth.py,S/MIME support.
42#include allow-perl.inc 42#include allow-perl.inc
@@ -75,37 +75,37 @@ mkfile ${HOME}/.nanorc
75mkfile ${HOME}/.signature 75mkfile ${HOME}/.signature
76mkfile ${HOME}/.viminfo 76mkfile ${HOME}/.viminfo
77mkfile ${HOME}/.vimrc 77mkfile ${HOME}/.vimrc
78allow ${DOCUMENTS} 78whitelist ${DOCUMENTS}
79allow ${DOWNLOADS} 79whitelist ${DOWNLOADS}
80allow ${HOME}/.Mail 80whitelist ${HOME}/.Mail
81allow ${HOME}/.bogofilter 81whitelist ${HOME}/.bogofilter
82allow ${HOME}/.cache/mutt 82whitelist ${HOME}/.cache/mutt
83allow ${HOME}/.config/mutt 83whitelist ${HOME}/.config/mutt
84allow ${HOME}/.config/nano 84whitelist ${HOME}/.config/nano
85allow ${HOME}/.elinks 85whitelist ${HOME}/.elinks
86allow ${HOME}/.emacs 86whitelist ${HOME}/.emacs
87allow ${HOME}/.emacs.d 87whitelist ${HOME}/.emacs.d
88allow ${HOME}/.gnupg 88whitelist ${HOME}/.gnupg
89allow ${HOME}/.mail 89whitelist ${HOME}/.mail
90allow ${HOME}/.mailcap 90whitelist ${HOME}/.mailcap
91allow ${HOME}/.msmtprc 91whitelist ${HOME}/.msmtprc
92allow ${HOME}/.mutt 92whitelist ${HOME}/.mutt
93allow ${HOME}/.muttrc 93whitelist ${HOME}/.muttrc
94allow ${HOME}/.nanorc 94whitelist ${HOME}/.nanorc
95allow ${HOME}/.signature 95whitelist ${HOME}/.signature
96allow ${HOME}/.vim 96whitelist ${HOME}/.vim
97allow ${HOME}/.viminfo 97whitelist ${HOME}/.viminfo
98allow ${HOME}/.vimrc 98whitelist ${HOME}/.vimrc
99allow ${HOME}/.w3m 99whitelist ${HOME}/.w3m
100allow ${HOME}/Mail 100whitelist ${HOME}/Mail
101allow ${HOME}/mail 101whitelist ${HOME}/mail
102allow ${HOME}/postponed 102whitelist ${HOME}/postponed
103allow ${HOME}/sent 103whitelist ${HOME}/sent
104allow /usr/share/gnupg 104whitelist /usr/share/gnupg
105allow /usr/share/gnupg2 105whitelist /usr/share/gnupg2
106allow /usr/share/mutt 106whitelist /usr/share/mutt
107allow /var/mail 107whitelist /var/mail
108allow /var/spool/mail 108whitelist /var/spool/mail
109include whitelist-common.inc 109include whitelist-common.inc
110include whitelist-runuser-common.inc 110include whitelist-runuser-common.inc
111include whitelist-usr-share-common.inc 111include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/mypaint.profile b/etc/profile-m-z/mypaint.profile
index 19af47498..d8d487fe7 100644
--- a/etc/profile-m-z/mypaint.profile
+++ b/etc/profile-m-z/mypaint.profile
@@ -6,10 +6,10 @@ include mypaint.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/mypaint 9noblacklist ${HOME}/.cache/mypaint
10nodeny ${HOME}/.config/mypaint 10noblacklist ${HOME}/.config/mypaint
11nodeny ${HOME}/.local/share/mypaint 11noblacklist ${HOME}/.local/share/mypaint
12nodeny ${PICTURES} 12noblacklist ${PICTURES}
13 13
14# Allow python (blacklisted by disable-interpreters.inc) 14# Allow python (blacklisted by disable-interpreters.inc)
15include allow-python2.inc 15include allow-python2.inc
diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile
index f0553bed5..4698c2287 100644
--- a/etc/profile-m-z/nano.profile
+++ b/etc/profile-m-z/nano.profile
@@ -7,10 +7,10 @@ include nano.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12nodeny ${HOME}/.config/nano 12noblacklist ${HOME}/.config/nano
13nodeny ${HOME}/.nanorc 13noblacklist ${HOME}/.nanorc
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -19,7 +19,7 @@ include disable-interpreters.inc
19include disable-passwdmgr.inc 19include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21 21
22allow /usr/share/nano 22whitelist /usr/share/nano
23include whitelist-usr-share-common.inc 23include whitelist-usr-share-common.inc
24 24
25apparmor 25apparmor
diff --git a/etc/profile-m-z/natron.profile b/etc/profile-m-z/natron.profile
index 35d152748..5bf152f84 100644
--- a/etc/profile-m-z/natron.profile
+++ b/etc/profile-m-z/natron.profile
@@ -5,9 +5,9 @@ include natron.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.Natron 8noblacklist ${HOME}/.Natron
9nodeny ${HOME}/.cache/INRIA/Natron 9noblacklist ${HOME}/.cache/INRIA/Natron
10nodeny ${HOME}/.config/INRIA 10noblacklist ${HOME}/.config/INRIA
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python2.inc 13include allow-python2.inc
diff --git a/etc/profile-m-z/ncdu.profile b/etc/profile-m-z/ncdu.profile
index 38646dc90..063e30366 100644
--- a/etc/profile-m-z/ncdu.profile
+++ b/etc/profile-m-z/ncdu.profile
@@ -6,7 +6,7 @@ include ncdu.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny ${RUNUSER}/wayland-* 9blacklist ${RUNUSER}/wayland-*
10 10
11include disable-exec.inc 11include disable-exec.inc
12 12
diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile
index ceb885908..9f00448c8 100644
--- a/etc/profile-m-z/neochat.profile
+++ b/etc/profile-m-z/neochat.profile
@@ -6,12 +6,12 @@ include neochat.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/KDE/neochat 9noblacklist ${HOME}/.cache/KDE/neochat
10nodeny ${HOME}/.config/KDE 10noblacklist ${HOME}/.config/KDE
11nodeny ${HOME}/.config/KDE/neochat 11noblacklist ${HOME}/.config/KDE/neochat
12nodeny ${HOME}/.config/neochatrc 12noblacklist ${HOME}/.config/neochatrc
13nodeny ${HOME}/.config/neochat.notifyrc 13noblacklist ${HOME}/.config/neochat.notifyrc
14nodeny ${HOME}/.local/share/KDE/neochat 14noblacklist ${HOME}/.local/share/KDE/neochat
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
@@ -24,9 +24,9 @@ include disable-xdg.inc
24 24
25mkdir ${HOME}/.cache/KDE/neochat 25mkdir ${HOME}/.cache/KDE/neochat
26mkdir ${HOME}/.local/share/KDE/neochat 26mkdir ${HOME}/.local/share/KDE/neochat
27allow ${HOME}/.cache/KDE/neochat 27whitelist ${HOME}/.cache/KDE/neochat
28allow ${HOME}/.local/share/KDE/neochat 28whitelist ${HOME}/.local/share/KDE/neochat
29allow ${DOWNLOADS} 29whitelist ${DOWNLOADS}
30include whitelist-1793-workaround.inc 30include whitelist-1793-workaround.inc
31include whitelist-common.inc 31include whitelist-common.inc
32include whitelist-runuser-common.inc 32include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile
index 939d6f111..fafa129e4 100644
--- a/etc/profile-m-z/neomutt.profile
+++ b/etc/profile-m-z/neomutt.profile
@@ -7,38 +7,38 @@ include neomutt.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${DOCUMENTS} 10noblacklist ${DOCUMENTS}
11nodeny ${HOME}/.Mail 11noblacklist ${HOME}/.Mail
12nodeny ${HOME}/.bogofilter 12noblacklist ${HOME}/.bogofilter
13nodeny ${HOME}/.config/mutt 13noblacklist ${HOME}/.config/mutt
14nodeny ${HOME}/.config/nano 14noblacklist ${HOME}/.config/nano
15nodeny ${HOME}/.config/neomutt 15noblacklist ${HOME}/.config/neomutt
16nodeny ${HOME}/.elinks 16noblacklist ${HOME}/.elinks
17nodeny ${HOME}/.emacs 17noblacklist ${HOME}/.emacs
18nodeny ${HOME}/.emacs.d 18noblacklist ${HOME}/.emacs.d
19nodeny ${HOME}/.gnupg 19noblacklist ${HOME}/.gnupg
20nodeny ${HOME}/.mail 20noblacklist ${HOME}/.mail
21nodeny ${HOME}/.mailcap 21noblacklist ${HOME}/.mailcap
22nodeny ${HOME}/.msmtprc 22noblacklist ${HOME}/.msmtprc
23nodeny ${HOME}/.mutt 23noblacklist ${HOME}/.mutt
24nodeny ${HOME}/.muttrc 24noblacklist ${HOME}/.muttrc
25nodeny ${HOME}/.nanorc 25noblacklist ${HOME}/.nanorc
26nodeny ${HOME}/.neomutt 26noblacklist ${HOME}/.neomutt
27nodeny ${HOME}/.neomuttrc 27noblacklist ${HOME}/.neomuttrc
28nodeny ${HOME}/.signature 28noblacklist ${HOME}/.signature
29nodeny ${HOME}/.vim 29noblacklist ${HOME}/.vim
30nodeny ${HOME}/.viminfo 30noblacklist ${HOME}/.viminfo
31nodeny ${HOME}/.vimrc 31noblacklist ${HOME}/.vimrc
32nodeny ${HOME}/.w3m 32noblacklist ${HOME}/.w3m
33nodeny ${HOME}/Mail 33noblacklist ${HOME}/Mail
34nodeny ${HOME}/mail 34noblacklist ${HOME}/mail
35nodeny ${HOME}/postponed 35noblacklist ${HOME}/postponed
36nodeny ${HOME}/sent 36noblacklist ${HOME}/sent
37nodeny /var/mail 37noblacklist /var/mail
38nodeny /var/spool/mail 38noblacklist /var/spool/mail
39 39
40deny /tmp/.X11-unix 40blacklist /tmp/.X11-unix
41deny ${RUNUSER}/wayland-* 41blacklist ${RUNUSER}/wayland-*
42 42
43include allow-lua.inc 43include allow-lua.inc
44 44
@@ -76,39 +76,39 @@ mkfile ${HOME}/.neomuttrc
76mkfile ${HOME}/.signature 76mkfile ${HOME}/.signature
77mkfile ${HOME}/.viminfo 77mkfile ${HOME}/.viminfo
78mkfile ${HOME}/.vimrc 78mkfile ${HOME}/.vimrc
79allow ${DOCUMENTS} 79whitelist ${DOCUMENTS}
80allow ${DOWNLOADS} 80whitelist ${DOWNLOADS}
81allow ${HOME}/.Mail 81whitelist ${HOME}/.Mail
82allow ${HOME}/.bogofilter 82whitelist ${HOME}/.bogofilter
83allow ${HOME}/.config/mutt 83whitelist ${HOME}/.config/mutt
84allow ${HOME}/.config/nano 84whitelist ${HOME}/.config/nano
85allow ${HOME}/.config/neomutt 85whitelist ${HOME}/.config/neomutt
86allow ${HOME}/.elinks 86whitelist ${HOME}/.elinks
87allow ${HOME}/.emacs 87whitelist ${HOME}/.emacs
88allow ${HOME}/.emacs.d 88whitelist ${HOME}/.emacs.d
89allow ${HOME}/.gnupg 89whitelist ${HOME}/.gnupg
90allow ${HOME}/.mail 90whitelist ${HOME}/.mail
91allow ${HOME}/.mailcap 91whitelist ${HOME}/.mailcap
92allow ${HOME}/.msmtprc 92whitelist ${HOME}/.msmtprc
93allow ${HOME}/.mutt 93whitelist ${HOME}/.mutt
94allow ${HOME}/.muttrc 94whitelist ${HOME}/.muttrc
95allow ${HOME}/.nanorc 95whitelist ${HOME}/.nanorc
96allow ${HOME}/.neomutt 96whitelist ${HOME}/.neomutt
97allow ${HOME}/.neomuttrc 97whitelist ${HOME}/.neomuttrc
98allow ${HOME}/.signature 98whitelist ${HOME}/.signature
99allow ${HOME}/.vim 99whitelist ${HOME}/.vim
100allow ${HOME}/.viminfo 100whitelist ${HOME}/.viminfo
101allow ${HOME}/.vimrc 101whitelist ${HOME}/.vimrc
102allow ${HOME}/.w3m 102whitelist ${HOME}/.w3m
103allow ${HOME}/Mail 103whitelist ${HOME}/Mail
104allow ${HOME}/mail 104whitelist ${HOME}/mail
105allow ${HOME}/postponed 105whitelist ${HOME}/postponed
106allow ${HOME}/sent 106whitelist ${HOME}/sent
107allow /usr/share/gnupg 107whitelist /usr/share/gnupg
108allow /usr/share/gnupg2 108whitelist /usr/share/gnupg2
109allow /usr/share/neomutt 109whitelist /usr/share/neomutt
110allow /var/mail 110whitelist /var/mail
111allow /var/spool/mail 111whitelist /var/spool/mail
112include whitelist-common.inc 112include whitelist-common.inc
113include whitelist-runuser-common.inc 113include whitelist-runuser-common.inc
114include whitelist-usr-share-common.inc 114include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile
index 68297c110..5d45dd7bc 100644
--- a/etc/profile-m-z/netactview.profile
+++ b/etc/profile-m-z/netactview.profile
@@ -6,7 +6,7 @@ include netactview.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.netactview 9noblacklist ${HOME}/.netactview
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkfile ${HOME}/.netactview 20mkfile ${HOME}/.netactview
21allow ${HOME}/.netactview 21whitelist ${HOME}/.netactview
22allow /usr/share/netactview 22whitelist /usr/share/netactview
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/nethack-vultures.profile b/etc/profile-m-z/nethack-vultures.profile
index d5bf8a52a..c9a537370 100644
--- a/etc/profile-m-z/nethack-vultures.profile
+++ b/etc/profile-m-z/nethack-vultures.profile
@@ -6,7 +6,7 @@ include nethack.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.vultures 9noblacklist ${HOME}/.vultures
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18mkdir ${HOME}/.vultures 18mkdir ${HOME}/.vultures
19allow ${HOME}/.vultures 19whitelist ${HOME}/.vultures
20allow /var/log/vultures 20whitelist /var/log/vultures
21include whitelist-common.inc 21include whitelist-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
diff --git a/etc/profile-m-z/nethack.profile b/etc/profile-m-z/nethack.profile
index 23b57bb52..b57abe260 100644
--- a/etc/profile-m-z/nethack.profile
+++ b/etc/profile-m-z/nethack.profile
@@ -6,7 +6,7 @@ include nethack.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny /var/games/nethack 9noblacklist /var/games/nethack
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -15,7 +15,7 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 15include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18allow /var/games/nethack 18whitelist /var/games/nethack
19include whitelist-common.inc 19include whitelist-common.inc
20include whitelist-var-common.inc 20include whitelist-var-common.inc
21 21
diff --git a/etc/profile-m-z/netsurf.profile b/etc/profile-m-z/netsurf.profile
index b099d6f0c..0ddb7bbbe 100644
--- a/etc/profile-m-z/netsurf.profile
+++ b/etc/profile-m-z/netsurf.profile
@@ -6,8 +6,8 @@ include netsurf.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/netsurf 9noblacklist ${HOME}/.cache/netsurf
10nodeny ${HOME}/.config/netsurf 10noblacklist ${HOME}/.config/netsurf
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -16,9 +16,9 @@ include disable-programs.inc
16 16
17mkdir ${HOME}/.cache/netsurf 17mkdir ${HOME}/.cache/netsurf
18mkdir ${HOME}/.config/netsurf 18mkdir ${HOME}/.config/netsurf
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20allow ${HOME}/.cache/netsurf 20whitelist ${HOME}/.cache/netsurf
21allow ${HOME}/.config/netsurf 21whitelist ${HOME}/.config/netsurf
22include whitelist-common.inc 22include whitelist-common.inc
23 23
24caps.drop all 24caps.drop all
diff --git a/etc/profile-m-z/neverball.profile b/etc/profile-m-z/neverball.profile
index dad90a66c..ecfbb14e4 100644
--- a/etc/profile-m-z/neverball.profile
+++ b/etc/profile-m-z/neverball.profile
@@ -6,7 +6,7 @@ include neverball.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.neverball 9noblacklist ${HOME}/.neverball
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.neverball 20mkdir ${HOME}/.neverball
21allow ${HOME}/.neverball 21whitelist ${HOME}/.neverball
22allow /usr/share/neverball 22whitelist /usr/share/neverball
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-runuser-common.inc 24include whitelist-runuser-common.inc
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/newsbeuter.profile b/etc/profile-m-z/newsbeuter.profile
index c26ba4be0..6efb19502 100644
--- a/etc/profile-m-z/newsbeuter.profile
+++ b/etc/profile-m-z/newsbeuter.profile
@@ -11,15 +11,15 @@ ignore include newsboat.local
11ignore mkdir ${HOME}/.config/newsboat 11ignore mkdir ${HOME}/.config/newsboat
12ignore mkdir ${HOME}/.local/share/newsboat 12ignore mkdir ${HOME}/.local/share/newsboat
13ignore mkdir ${HOME}/.newsboat 13ignore mkdir ${HOME}/.newsboat
14deny ${PATH}/newsboat 14blacklist ${PATH}/newsboat
15 15
16deny ${HOME}/.config/newsboat 16blacklist ${HOME}/.config/newsboat
17deny ${HOME}/.local/share/newsboat 17blacklist ${HOME}/.local/share/newsboat
18deny ${HOME}/.newsboat 18blacklist ${HOME}/.newsboat
19 19
20noallow ${HOME}/.config/newsboat 20nowhitelist ${HOME}/.config/newsboat
21noallow ${HOME}/.local/share/newsboat 21nowhitelist ${HOME}/.local/share/newsboat
22noallow ${HOME}/.newsboat 22nowhitelist ${HOME}/.newsboat
23 23
24mkdir ${HOME}/.config/newsbeuter 24mkdir ${HOME}/.config/newsbeuter
25mkdir ${HOME}/.local/share/newsbeuter 25mkdir ${HOME}/.local/share/newsbeuter
diff --git a/etc/profile-m-z/newsboat.profile b/etc/profile-m-z/newsboat.profile
index e34752b55..13bc3a615 100644
--- a/etc/profile-m-z/newsboat.profile
+++ b/etc/profile-m-z/newsboat.profile
@@ -6,12 +6,12 @@ include newsboat.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/newsbeuter 9noblacklist ${HOME}/.config/newsbeuter
10nodeny ${HOME}/.config/newsboat 10noblacklist ${HOME}/.config/newsboat
11nodeny ${HOME}/.local/share/newsbeuter 11noblacklist ${HOME}/.local/share/newsbeuter
12nodeny ${HOME}/.local/share/newsboat 12noblacklist ${HOME}/.local/share/newsboat
13nodeny ${HOME}/.newsbeuter 13noblacklist ${HOME}/.newsbeuter
14nodeny ${HOME}/.newsboat 14noblacklist ${HOME}/.newsboat
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
@@ -24,12 +24,12 @@ include disable-xdg.inc
24mkdir ${HOME}/.config/newsboat 24mkdir ${HOME}/.config/newsboat
25mkdir ${HOME}/.local/share/newsboat 25mkdir ${HOME}/.local/share/newsboat
26mkdir ${HOME}/.newsboat 26mkdir ${HOME}/.newsboat
27allow ${HOME}/.config/newsbeuter 27whitelist ${HOME}/.config/newsbeuter
28allow ${HOME}/.config/newsboat 28whitelist ${HOME}/.config/newsboat
29allow ${HOME}/.local/share/newsbeuter 29whitelist ${HOME}/.local/share/newsbeuter
30allow ${HOME}/.local/share/newsboat 30whitelist ${HOME}/.local/share/newsboat
31allow ${HOME}/.newsbeuter 31whitelist ${HOME}/.newsbeuter
32allow ${HOME}/.newsboat 32whitelist ${HOME}/.newsboat
33include whitelist-common.inc 33include whitelist-common.inc
34include whitelist-runuser-common.inc 34include whitelist-runuser-common.inc
35include whitelist-var-common.inc 35include whitelist-var-common.inc
diff --git a/etc/profile-m-z/newsflash.profile b/etc/profile-m-z/newsflash.profile
index 273628ea2..18d8c6ed4 100644
--- a/etc/profile-m-z/newsflash.profile
+++ b/etc/profile-m-z/newsflash.profile
@@ -6,9 +6,9 @@ include newsflash.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/NewsFlashGTK 9noblacklist ${HOME}/.cache/NewsFlashGTK
10nodeny ${HOME}/.config/news-flash 10noblacklist ${HOME}/.config/news-flash
11nodeny ${HOME}/.local/share/news-flash 11noblacklist ${HOME}/.local/share/news-flash
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -22,9 +22,9 @@ include disable-xdg.inc
22mkdir ${HOME}/.cache/NewsFlashGTK 22mkdir ${HOME}/.cache/NewsFlashGTK
23mkdir ${HOME}/.config/news-flash 23mkdir ${HOME}/.config/news-flash
24mkdir ${HOME}/.local/share/news-flash 24mkdir ${HOME}/.local/share/news-flash
25allow ${HOME}/.cache/NewsFlashGTK 25whitelist ${HOME}/.cache/NewsFlashGTK
26allow ${HOME}/.config/news-flash 26whitelist ${HOME}/.config/news-flash
27allow ${HOME}/.local/share/news-flash 27whitelist ${HOME}/.local/share/news-flash
28include whitelist-common.inc 28include whitelist-common.inc
29include whitelist-runuser-common.inc 29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile
index 7ba46691d..9fd76fbe7 100644
--- a/etc/profile-m-z/nextcloud.profile
+++ b/etc/profile-m-z/nextcloud.profile
@@ -6,9 +6,9 @@ include nextcloud.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/Nextcloud 9noblacklist ${HOME}/Nextcloud
10nodeny ${HOME}/.config/Nextcloud 10noblacklist ${HOME}/.config/Nextcloud
11nodeny ${HOME}/.local/share/Nextcloud 11noblacklist ${HOME}/.local/share/Nextcloud
12# Add the next lines to your nextcloud.local to allow sync in more directories. 12# Add the next lines to your nextcloud.local to allow sync in more directories.
13#noblacklist ${DOCUMENTS} 13#noblacklist ${DOCUMENTS}
14#noblacklist ${MUSIC} 14#noblacklist ${MUSIC}
@@ -27,9 +27,9 @@ include disable-xdg.inc
27mkdir ${HOME}/Nextcloud 27mkdir ${HOME}/Nextcloud
28mkdir ${HOME}/.config/Nextcloud 28mkdir ${HOME}/.config/Nextcloud
29mkdir ${HOME}/.local/share/Nextcloud 29mkdir ${HOME}/.local/share/Nextcloud
30allow ${HOME}/Nextcloud 30whitelist ${HOME}/Nextcloud
31allow ${HOME}/.config/Nextcloud 31whitelist ${HOME}/.config/Nextcloud
32allow ${HOME}/.local/share/Nextcloud 32whitelist ${HOME}/.local/share/Nextcloud
33# Add the next lines to your nextcloud.local to allow sync in more directories. 33# Add the next lines to your nextcloud.local to allow sync in more directories.
34#whitelist ${DOCUMENTS} 34#whitelist ${DOCUMENTS}
35#whitelist ${MUSIC} 35#whitelist ${MUSIC}
diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile
index 0149e0737..f8062891c 100644
--- a/etc/profile-m-z/nheko.profile
+++ b/etc/profile-m-z/nheko.profile
@@ -6,9 +6,9 @@ include nheko.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/nheko 9noblacklist ${HOME}/.cache/nheko
10nodeny ${HOME}/.config/nheko 10noblacklist ${HOME}/.config/nheko
11nodeny ${HOME}/.local/share/nheko 11noblacklist ${HOME}/.local/share/nheko
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -22,10 +22,10 @@ include disable-xdg.inc
22mkdir ${HOME}/.cache/nheko 22mkdir ${HOME}/.cache/nheko
23mkdir ${HOME}/.config/nheko 23mkdir ${HOME}/.config/nheko
24mkdir ${HOME}/.local/share/nheko 24mkdir ${HOME}/.local/share/nheko
25allow ${HOME}/.cache/nheko 25whitelist ${HOME}/.cache/nheko
26allow ${HOME}/.config/nheko 26whitelist ${HOME}/.config/nheko
27allow ${HOME}/.local/share/nheko 27whitelist ${HOME}/.local/share/nheko
28allow ${DOWNLOADS} 28whitelist ${DOWNLOADS}
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-runuser-common.inc 30include whitelist-runuser-common.inc
31include whitelist-usr-share-common.inc 31include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/nicotine.profile b/etc/profile-m-z/nicotine.profile
index b31a7babf..1c7dbc009 100644
--- a/etc/profile-m-z/nicotine.profile
+++ b/etc/profile-m-z/nicotine.profile
@@ -6,7 +6,7 @@ include nicotine.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.nicotine 9noblacklist ${HOME}/.nicotine
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
@@ -21,9 +21,9 @@ include disable-shell.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23mkdir ${HOME}/.nicotine 23mkdir ${HOME}/.nicotine
24allow ${DOWNLOADS} 24whitelist ${DOWNLOADS}
25allow ${HOME}/.nicotine 25whitelist ${HOME}/.nicotine
26allow /usr/share/GeoIP 26whitelist /usr/share/GeoIP
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-runuser-common.inc 28include whitelist-runuser-common.inc
29include whitelist-usr-share-common.inc 29include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/nitroshare.profile b/etc/profile-m-z/nitroshare.profile
index 70fffd5d4..8dba84f02 100644
--- a/etc/profile-m-z/nitroshare.profile
+++ b/etc/profile-m-z/nitroshare.profile
@@ -6,8 +6,8 @@ include nitroshare.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Nathan Osman 9noblacklist ${HOME}/.config/Nathan Osman
10nodeny ${HOME}/.config/NitroShare 10noblacklist ${HOME}/.config/NitroShare
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python2.inc 13include allow-python2.inc
diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile
index 7981ba6ae..fa69f9214 100644
--- a/etc/profile-m-z/nodejs-common.profile
+++ b/etc/profile-m-z/nodejs-common.profile
@@ -7,22 +7,22 @@ include nodejs-common.local
7# added by caller profile 7# added by caller profile
8#include globals.local 8#include globals.local
9 9
10deny /tmp/.X11-unix 10blacklist /tmp/.X11-unix
11deny ${RUNUSER} 11blacklist ${RUNUSER}
12 12
13ignore read-only ${HOME}/.npm-packages 13ignore read-only ${HOME}/.npm-packages
14ignore read-only ${HOME}/.npmrc 14ignore read-only ${HOME}/.npmrc
15ignore read-only ${HOME}/.nvm 15ignore read-only ${HOME}/.nvm
16ignore read-only ${HOME}/.yarnrc 16ignore read-only ${HOME}/.yarnrc
17 17
18nodeny ${HOME}/.node-gyp 18noblacklist ${HOME}/.node-gyp
19nodeny ${HOME}/.npm 19noblacklist ${HOME}/.npm
20nodeny ${HOME}/.npmrc 20noblacklist ${HOME}/.npmrc
21nodeny ${HOME}/.nvm 21noblacklist ${HOME}/.nvm
22nodeny ${HOME}/.yarn 22noblacklist ${HOME}/.yarn
23nodeny ${HOME}/.yarn-config 23noblacklist ${HOME}/.yarn-config
24nodeny ${HOME}/.yarncache 24noblacklist ${HOME}/.yarncache
25nodeny ${HOME}/.yarnrc 25noblacklist ${HOME}/.yarnrc
26 26
27ignore noexec ${HOME} 27ignore noexec ${HOME}
28 28
@@ -58,9 +58,9 @@ include disable-xdg.inc
58#whitelist ${HOME}/Projects 58#whitelist ${HOME}/Projects
59#include whitelist-common.inc 59#include whitelist-common.inc
60 60
61allow /usr/share/doc/node 61whitelist /usr/share/doc/node
62allow /usr/share/nvm 62whitelist /usr/share/nvm
63allow /usr/share/systemtap/tapset/node.stp 63whitelist /usr/share/systemtap/tapset/node.stp
64include whitelist-runuser-common.inc 64include whitelist-runuser-common.inc
65include whitelist-usr-share-common.inc 65include whitelist-usr-share-common.inc
66include whitelist-var-common.inc 66include whitelist-var-common.inc
diff --git a/etc/profile-m-z/nomacs.profile b/etc/profile-m-z/nomacs.profile
index 80fbd0fcb..a36dee874 100644
--- a/etc/profile-m-z/nomacs.profile
+++ b/etc/profile-m-z/nomacs.profile
@@ -6,10 +6,10 @@ include nomacs.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/nomacs 9noblacklist ${HOME}/.config/nomacs
10nodeny ${HOME}/.local/share/nomacs 10noblacklist ${HOME}/.local/share/nomacs
11nodeny ${HOME}/.local/share/data/nomacs 11noblacklist ${HOME}/.local/share/data/nomacs
12nodeny ${PICTURES} 12noblacklist ${PICTURES}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/notify-send.profile b/etc/profile-m-z/notify-send.profile
index a3bcc040c..650118c98 100644
--- a/etc/profile-m-z/notify-send.profile
+++ b/etc/profile-m-z/notify-send.profile
@@ -7,7 +7,7 @@ include notify-send.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/nslookup.profile b/etc/profile-m-z/nslookup.profile
index b3002ad0e..c7a131a2c 100644
--- a/etc/profile-m-z/nslookup.profile
+++ b/etc/profile-m-z/nslookup.profile
@@ -7,10 +7,10 @@ include nslookup.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny /tmp/.X11-unix 10blacklist /tmp/.X11-unix
11deny ${RUNUSER} 11blacklist ${RUNUSER}
12 12
13nodeny ${PATH}/nslookup 13noblacklist ${PATH}/nslookup
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -20,7 +20,7 @@ include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23allow ${HOME}/.nslookuprc 23whitelist ${HOME}/.nslookuprc
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile
index 67f54f9fc..886403b9e 100644
--- a/etc/profile-m-z/nuclear.profile
+++ b/etc/profile-m-z/nuclear.profile
@@ -8,12 +8,12 @@ include globals.local
8 8
9ignore dbus-user 9ignore dbus-user
10 10
11nodeny ${HOME}/.config/nuclear 11noblacklist ${HOME}/.config/nuclear
12 12
13include disable-shell.inc 13include disable-shell.inc
14 14
15mkdir ${HOME}/.config/nuclear 15mkdir ${HOME}/.config/nuclear
16allow ${HOME}/.config/nuclear 16whitelist ${HOME}/.config/nuclear
17 17
18no3d 18no3d
19 19
diff --git a/etc/profile-m-z/nylas.profile b/etc/profile-m-z/nylas.profile
index ee7710b9c..fe0c2116b 100644
--- a/etc/profile-m-z/nylas.profile
+++ b/etc/profile-m-z/nylas.profile
@@ -5,8 +5,8 @@ include nylas.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/Nylas Mail 8noblacklist ${HOME}/.config/Nylas Mail
9nodeny ${HOME}/.nylas-mail 9noblacklist ${HOME}/.nylas-mail
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -16,9 +16,9 @@ include disable-programs.inc
16 16
17mkdir ${HOME}/.config/Nylas Mail 17mkdir ${HOME}/.config/Nylas Mail
18mkdir ${HOME}/.nylas-mail 18mkdir ${HOME}/.nylas-mail
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20allow ${HOME}/.config/Nylas Mail 20whitelist ${HOME}/.config/Nylas Mail
21allow ${HOME}/.nylas-mail 21whitelist ${HOME}/.nylas-mail
22include whitelist-common.inc 22include whitelist-common.inc
23 23
24caps.drop all 24caps.drop all
diff --git a/etc/profile-m-z/nyx.profile b/etc/profile-m-z/nyx.profile
index 1d606f70c..d040d42af 100644
--- a/etc/profile-m-z/nyx.profile
+++ b/etc/profile-m-z/nyx.profile
@@ -10,7 +10,7 @@ include globals.local
10include allow-python2.inc 10include allow-python2.inc
11include allow-python3.inc 11include allow-python3.inc
12 12
13nodeny ${HOME}/.nyx 13noblacklist ${HOME}/.nyx
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -22,7 +22,7 @@ include disable-shell.inc
22include disable-xdg.inc 22include disable-xdg.inc
23 23
24mkdir ${HOME}/.nyx 24mkdir ${HOME}/.nyx
25allow ${HOME}/.nyx 25whitelist ${HOME}/.nyx
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
28 28
diff --git a/etc/profile-m-z/obs.profile b/etc/profile-m-z/obs.profile
index f70bdc55a..9345cee4f 100644
--- a/etc/profile-m-z/obs.profile
+++ b/etc/profile-m-z/obs.profile
@@ -5,10 +5,10 @@ include obs.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/obs-studio 8noblacklist ${HOME}/.config/obs-studio
9nodeny ${MUSIC} 9noblacklist ${MUSIC}
10nodeny ${PICTURES} 10noblacklist ${PICTURES}
11nodeny ${VIDEOS} 11noblacklist ${VIDEOS}
12 12
13# Allow python (blacklisted by disable-interpreters.inc) 13# Allow python (blacklisted by disable-interpreters.inc)
14include allow-python2.inc 14include allow-python2.inc
diff --git a/etc/profile-m-z/ocenaudio.profile b/etc/profile-m-z/ocenaudio.profile
index 792c2ffc6..7be68a201 100644
--- a/etc/profile-m-z/ocenaudio.profile
+++ b/etc/profile-m-z/ocenaudio.profile
@@ -6,9 +6,9 @@ include ocenaudio.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.local/share/ocenaudio 9noblacklist ${HOME}/.local/share/ocenaudio
10nodeny ${DOCUMENTS} 10noblacklist ${DOCUMENTS}
11nodeny ${MUSIC} 11noblacklist ${MUSIC}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/odt2txt.profile b/etc/profile-m-z/odt2txt.profile
index 61b71ec10..6163d2e22 100644
--- a/etc/profile-m-z/odt2txt.profile
+++ b/etc/profile-m-z/odt2txt.profile
@@ -6,9 +6,9 @@ include odt2txt.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny ${RUNUSER}/wayland-* 9blacklist ${RUNUSER}/wayland-*
10 10
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile
index feeed86cb..ab8ccf623 100644
--- a/etc/profile-m-z/okular.profile
+++ b/etc/profile-m-z/okular.profile
@@ -6,18 +6,18 @@ include okular.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/okular 9noblacklist ${HOME}/.cache/okular
10nodeny ${HOME}/.config/okularpartrc 10noblacklist ${HOME}/.config/okularpartrc
11nodeny ${HOME}/.config/okularrc 11noblacklist ${HOME}/.config/okularrc
12nodeny ${HOME}/.kde/share/apps/okular 12noblacklist ${HOME}/.kde/share/apps/okular
13nodeny ${HOME}/.kde/share/config/okularpartrc 13noblacklist ${HOME}/.kde/share/config/okularpartrc
14nodeny ${HOME}/.kde/share/config/okularrc 14noblacklist ${HOME}/.kde/share/config/okularrc
15nodeny ${HOME}/.kde4/share/apps/okular 15noblacklist ${HOME}/.kde4/share/apps/okular
16nodeny ${HOME}/.kde4/share/config/okularpartrc 16noblacklist ${HOME}/.kde4/share/config/okularpartrc
17nodeny ${HOME}/.kde4/share/config/okularrc 17noblacklist ${HOME}/.kde4/share/config/okularrc
18nodeny ${HOME}/.local/share/kxmlgui5/okular 18noblacklist ${HOME}/.local/share/kxmlgui5/okular
19nodeny ${HOME}/.local/share/okular 19noblacklist ${HOME}/.local/share/okular
20nodeny ${DOCUMENTS} 20noblacklist ${DOCUMENTS}
21 21
22include disable-common.inc 22include disable-common.inc
23include disable-devel.inc 23include disable-devel.inc
@@ -28,15 +28,15 @@ include disable-programs.inc
28include disable-shell.inc 28include disable-shell.inc
29include disable-xdg.inc 29include disable-xdg.inc
30 30
31allow /usr/share/config.kcfg/gssettings.kcfg 31whitelist /usr/share/config.kcfg/gssettings.kcfg
32allow /usr/share/config.kcfg/pdfsettings.kcfg 32whitelist /usr/share/config.kcfg/pdfsettings.kcfg
33allow /usr/share/config.kcfg/okular.kcfg 33whitelist /usr/share/config.kcfg/okular.kcfg
34allow /usr/share/config.kcfg/okular_core.kcfg 34whitelist /usr/share/config.kcfg/okular_core.kcfg
35allow /usr/share/ghostscript 35whitelist /usr/share/ghostscript
36allow /usr/share/kconf_update/okular.upd 36whitelist /usr/share/kconf_update/okular.upd
37allow /usr/share/kxmlgui5/okular 37whitelist /usr/share/kxmlgui5/okular
38allow /usr/share/okular 38whitelist /usr/share/okular
39allow /usr/share/poppler 39whitelist /usr/share/poppler
40include whitelist-runuser-common.inc 40include whitelist-runuser-common.inc
41include whitelist-usr-share-common.inc 41include whitelist-usr-share-common.inc
42include whitelist-var-common.inc 42include whitelist-var-common.inc
diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile
index 748d17995..5b367b639 100644
--- a/etc/profile-m-z/onboard.profile
+++ b/etc/profile-m-z/onboard.profile
@@ -6,7 +6,7 @@ include onboard.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/onboard 9noblacklist ${HOME}/.config/onboard
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
@@ -22,8 +22,8 @@ include disable-shell.inc
22include disable-xdg.inc 22include disable-xdg.inc
23 23
24mkdir ${HOME}/.config/onboard 24mkdir ${HOME}/.config/onboard
25allow ${HOME}/.config/onboard 25whitelist ${HOME}/.config/onboard
26allow /usr/share/onboard 26whitelist /usr/share/onboard
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
29include whitelist-runuser-common.inc 29include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/onionshare-gui.profile b/etc/profile-m-z/onionshare-gui.profile
index 188818a7f..960df9034 100644
--- a/etc/profile-m-z/onionshare-gui.profile
+++ b/etc/profile-m-z/onionshare-gui.profile
@@ -5,7 +5,7 @@ include onionshare-gui.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/onionshare 8noblacklist ${HOME}/.config/onionshare
9 9
10# Allow python (blacklisted by disable-interpreters.inc) 10# Allow python (blacklisted by disable-interpreters.inc)
11include allow-python3.inc 11include allow-python3.inc
diff --git a/etc/profile-m-z/open-invaders.profile b/etc/profile-m-z/open-invaders.profile
index 6e2b31def..7a840d4a9 100644
--- a/etc/profile-m-z/open-invaders.profile
+++ b/etc/profile-m-z/open-invaders.profile
@@ -6,7 +6,7 @@ include open-invaders.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.openinvaders 9noblacklist ${HOME}/.openinvaders
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,7 +17,7 @@ include disable-programs.inc
17include disable-shell.inc 17include disable-shell.inc
18 18
19mkdir ${HOME}/.openinvaders 19mkdir ${HOME}/.openinvaders
20allow ${HOME}/.openinvaders 20whitelist ${HOME}/.openinvaders
21include whitelist-common.inc 21include whitelist-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
diff --git a/etc/profile-m-z/openarena.profile b/etc/profile-m-z/openarena.profile
index dfc78e5a9..36ce0316f 100644
--- a/etc/profile-m-z/openarena.profile
+++ b/etc/profile-m-z/openarena.profile
@@ -6,7 +6,7 @@ include openarena.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.openarena 9noblacklist ${HOME}/.openarena
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-programs.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19mkdir ${HOME}/.openarena 19mkdir ${HOME}/.openarena
20allow ${HOME}/.openarena 20whitelist ${HOME}/.openarena
21allow /usr/share/openarena 21whitelist /usr/share/openarena
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-runuser-common.inc 23include whitelist-runuser-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/openbox.profile b/etc/profile-m-z/openbox.profile
index 5a6b378f0..b49fd9932 100644
--- a/etc/profile-m-z/openbox.profile
+++ b/etc/profile-m-z/openbox.profile
@@ -7,7 +7,7 @@ include openbox.local
7include globals.local 7include globals.local
8 8
9# all applications started in openbox will run in this profile 9# all applications started in openbox will run in this profile
10nodeny ${HOME}/.config/openbox 10noblacklist ${HOME}/.config/openbox
11include disable-common.inc 11include disable-common.inc
12 12
13caps.drop all 13caps.drop all
diff --git a/etc/profile-m-z/opencity.profile b/etc/profile-m-z/opencity.profile
index 268e7cee3..a3d371e15 100644
--- a/etc/profile-m-z/opencity.profile
+++ b/etc/profile-m-z/opencity.profile
@@ -6,7 +6,7 @@ include opencity.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.opencity 9noblacklist ${HOME}/.opencity
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.opencity 20mkdir ${HOME}/.opencity
21allow ${HOME}/.opencity 21whitelist ${HOME}/.opencity
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/openclonk.profile b/etc/profile-m-z/openclonk.profile
index 588191cb3..32b40df42 100644
--- a/etc/profile-m-z/openclonk.profile
+++ b/etc/profile-m-z/openclonk.profile
@@ -6,7 +6,7 @@ include openclonk.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.clonk 9noblacklist ${HOME}/.clonk
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.clonk 20mkdir ${HOME}/.clonk
21allow ${HOME}/.clonk 21whitelist ${HOME}/.clonk
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile
index 95d507c98..d1fe67aed 100644
--- a/etc/profile-m-z/openmw.profile
+++ b/etc/profile-m-z/openmw.profile
@@ -6,8 +6,8 @@ include openmw.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/openmw 9noblacklist ${HOME}/.config/openmw
10nodeny ${HOME}/.local/share/openmw 10noblacklist ${HOME}/.local/share/openmw
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -21,11 +21,11 @@ include disable-xdg.inc
21 21
22mkdir ${HOME}/.config/openmw 22mkdir ${HOME}/.config/openmw
23mkdir ${HOME}/.local/share/openmw 23mkdir ${HOME}/.local/share/openmw
24allow ${HOME}/.config/openmw 24whitelist ${HOME}/.config/openmw
25# Copy Morrowind data files into ${HOME}/.local/share/openmw or load them from /mnt. 25# Copy Morrowind data files into ${HOME}/.local/share/openmw or load them from /mnt.
26# Alternatively you can whitelist custom paths in your openmw.local. 26# Alternatively you can whitelist custom paths in your openmw.local.
27allow ${HOME}/.local/share/openmw 27whitelist ${HOME}/.local/share/openmw
28allow /usr/share/openmw 28whitelist /usr/share/openmw
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-runuser-common.inc 30include whitelist-runuser-common.inc
31include whitelist-usr-share-common.inc 31include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/openshot.profile b/etc/profile-m-z/openshot.profile
index ebb536b3e..6118630c4 100644
--- a/etc/profile-m-z/openshot.profile
+++ b/etc/profile-m-z/openshot.profile
@@ -6,8 +6,8 @@ include openshot.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.openshot 9noblacklist ${HOME}/.openshot
10nodeny ${HOME}/.openshot_qt 10noblacklist ${HOME}/.openshot_qt
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python3.inc 13include allow-python3.inc
@@ -19,8 +19,8 @@ include disable-interpreters.inc
19include disable-passwdmgr.inc 19include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21 21
22allow /usr/share/blender 22whitelist /usr/share/blender
23allow /usr/share/inkscape 23whitelist /usr/share/inkscape
24include whitelist-runuser-common.inc 24include whitelist-runuser-common.inc
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
diff --git a/etc/profile-m-z/openttd.profile b/etc/profile-m-z/openttd.profile
index 79c1f8ffa..546958bb7 100644
--- a/etc/profile-m-z/openttd.profile
+++ b/etc/profile-m-z/openttd.profile
@@ -6,7 +6,7 @@ include openttd.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.openttd 9noblacklist ${HOME}/.openttd
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.openttd 20mkdir ${HOME}/.openttd
21allow ${HOME}/.openttd 21whitelist ${HOME}/.openttd
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/opera-beta.profile b/etc/profile-m-z/opera-beta.profile
index 548afc0b4..551f1aba4 100644
--- a/etc/profile-m-z/opera-beta.profile
+++ b/etc/profile-m-z/opera-beta.profile
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium
10ignore include whitelist-runuser-common.inc 10ignore include whitelist-runuser-common.inc
11ignore include whitelist-usr-share-common.inc 11ignore include whitelist-usr-share-common.inc
12 12
13nodeny ${HOME}/.cache/opera 13noblacklist ${HOME}/.cache/opera
14nodeny ${HOME}/.config/opera-beta 14noblacklist ${HOME}/.config/opera-beta
15 15
16mkdir ${HOME}/.cache/opera 16mkdir ${HOME}/.cache/opera
17mkdir ${HOME}/.config/opera-beta 17mkdir ${HOME}/.config/opera-beta
18allow ${HOME}/.cache/opera 18whitelist ${HOME}/.cache/opera
19allow ${HOME}/.config/opera-beta 19whitelist ${HOME}/.config/opera-beta
20 20
21# Redirect 21# Redirect
22include chromium-common.profile 22include chromium-common.profile
diff --git a/etc/profile-m-z/opera.profile b/etc/profile-m-z/opera.profile
index 5a3fe064e..2c7c5fc35 100644
--- a/etc/profile-m-z/opera.profile
+++ b/etc/profile-m-z/opera.profile
@@ -11,16 +11,16 @@ ignore whitelist /usr/share/chromium
11ignore include whitelist-runuser-common.inc 11ignore include whitelist-runuser-common.inc
12ignore include whitelist-usr-share-common.inc 12ignore include whitelist-usr-share-common.inc
13 13
14nodeny ${HOME}/.cache/opera 14noblacklist ${HOME}/.cache/opera
15nodeny ${HOME}/.config/opera 15noblacklist ${HOME}/.config/opera
16nodeny ${HOME}/.opera 16noblacklist ${HOME}/.opera
17 17
18mkdir ${HOME}/.cache/opera 18mkdir ${HOME}/.cache/opera
19mkdir ${HOME}/.config/opera 19mkdir ${HOME}/.config/opera
20mkdir ${HOME}/.opera 20mkdir ${HOME}/.opera
21allow ${HOME}/.cache/opera 21whitelist ${HOME}/.cache/opera
22allow ${HOME}/.config/opera 22whitelist ${HOME}/.config/opera
23allow ${HOME}/.opera 23whitelist ${HOME}/.opera
24 24
25# Redirect 25# Redirect
26include chromium-common.profile 26include chromium-common.profile
diff --git a/etc/profile-m-z/orage.profile b/etc/profile-m-z/orage.profile
index a49cbdb91..4e4d8bea5 100644
--- a/etc/profile-m-z/orage.profile
+++ b/etc/profile-m-z/orage.profile
@@ -6,8 +6,8 @@ include orage.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/orage 9noblacklist ${HOME}/.config/orage
10nodeny ${HOME}/.local/share/orage 10noblacklist ${HOME}/.local/share/orage
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile
index ed881816e..310b90919 100644
--- a/etc/profile-m-z/ostrichriders.profile
+++ b/etc/profile-m-z/ostrichriders.profile
@@ -6,7 +6,7 @@ include ostrichriders.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.ostrichriders 9noblacklist ${HOME}/.ostrichriders
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.ostrichriders 20mkdir ${HOME}/.ostrichriders
21allow ${HOME}/.ostrichriders 21whitelist ${HOME}/.ostrichriders
22allow /usr/share/ostrichriders 22whitelist /usr/share/ostrichriders
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/otter-browser.profile b/etc/profile-m-z/otter-browser.profile
index bc9e730a1..20a4e25ed 100644
--- a/etc/profile-m-z/otter-browser.profile
+++ b/etc/profile-m-z/otter-browser.profile
@@ -8,10 +8,10 @@ include globals.local
8 8
9?BROWSER_ALLOW_DRM: ignore noexec ${HOME} 9?BROWSER_ALLOW_DRM: ignore noexec ${HOME}
10 10
11nodeny ${HOME}/.cache/Otter 11noblacklist ${HOME}/.cache/Otter
12nodeny ${HOME}/.config/otter 12noblacklist ${HOME}/.config/otter
13nodeny ${HOME}/.pki 13noblacklist ${HOME}/.pki
14nodeny ${HOME}/.local/share/pki 14noblacklist ${HOME}/.local/share/pki
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
@@ -25,12 +25,12 @@ mkdir ${HOME}/.cache/Otter
25mkdir ${HOME}/.config/otter 25mkdir ${HOME}/.config/otter
26mkdir ${HOME}/.pki 26mkdir ${HOME}/.pki
27mkdir ${HOME}/.local/share/pki 27mkdir ${HOME}/.local/share/pki
28allow ${DOWNLOADS} 28whitelist ${DOWNLOADS}
29allow ${HOME}/.cache/Otter 29whitelist ${HOME}/.cache/Otter
30allow ${HOME}/.config/otter 30whitelist ${HOME}/.config/otter
31allow ${HOME}/.pki 31whitelist ${HOME}/.pki
32allow ${HOME}/.local/share/pki 32whitelist ${HOME}/.local/share/pki
33allow /usr/share/otter-browser 33whitelist /usr/share/otter-browser
34include whitelist-common.inc 34include whitelist-common.inc
35include whitelist-runuser-common.inc 35include whitelist-runuser-common.inc
36include whitelist-usr-share-common.inc 36include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/palemoon.profile b/etc/profile-m-z/palemoon.profile
index 503c141d8..acb2ce176 100644
--- a/etc/profile-m-z/palemoon.profile
+++ b/etc/profile-m-z/palemoon.profile
@@ -5,13 +5,13 @@ include palemoon.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.cache/moonchild productions/pale moon 8noblacklist ${HOME}/.cache/moonchild productions/pale moon
9nodeny ${HOME}/.moonchild productions/pale moon 9noblacklist ${HOME}/.moonchild productions/pale moon
10 10
11mkdir ${HOME}/.cache/moonchild productions/pale moon 11mkdir ${HOME}/.cache/moonchild productions/pale moon
12mkdir ${HOME}/.moonchild productions 12mkdir ${HOME}/.moonchild productions
13allow ${HOME}/.cache/moonchild productions/pale moon 13whitelist ${HOME}/.cache/moonchild productions/pale moon
14allow ${HOME}/.moonchild productions 14whitelist ${HOME}/.moonchild productions
15 15
16# Palemoon can use the full firejail seccomp filter (unlike firefox >= 60) 16# Palemoon can use the full firejail seccomp filter (unlike firefox >= 60)
17seccomp 17seccomp
diff --git a/etc/profile-m-z/pandoc.profile b/etc/profile-m-z/pandoc.profile
index a59f53298..513b4119e 100644
--- a/etc/profile-m-z/pandoc.profile
+++ b/etc/profile-m-z/pandoc.profile
@@ -7,9 +7,9 @@ include pandoc.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER} 10blacklist ${RUNUSER}
11 11
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/parole.profile b/etc/profile-m-z/parole.profile
index a277d1cbc..0a4422a73 100644
--- a/etc/profile-m-z/parole.profile
+++ b/etc/profile-m-z/parole.profile
@@ -6,8 +6,8 @@ include parole.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${MUSIC} 9noblacklist ${MUSIC}
10nodeny ${VIDEOS} 10noblacklist ${VIDEOS}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile
index 156c3956d..0de968185 100644
--- a/etc/profile-m-z/patch.profile
+++ b/etc/profile-m-z/patch.profile
@@ -7,9 +7,9 @@ include patch.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER} 10blacklist ${RUNUSER}
11 11
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/pavucontrol-qt.profile b/etc/profile-m-z/pavucontrol-qt.profile
index dcd69cdd0..f96ba14d2 100644
--- a/etc/profile-m-z/pavucontrol-qt.profile
+++ b/etc/profile-m-z/pavucontrol-qt.profile
@@ -7,10 +7,10 @@ include pavucontrol-qt.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.config/pavucontrol-qt 10noblacklist ${HOME}/.config/pavucontrol-qt
11 11
12mkdir ${HOME}/.config/pavucontrol-qt 12mkdir ${HOME}/.config/pavucontrol-qt
13allow ${HOME}/.config/pavucontrol-qt 13whitelist ${HOME}/.config/pavucontrol-qt
14 14
15private-bin pavucontrol-qt 15private-bin pavucontrol-qt
16ignore private-lib 16ignore private-lib
diff --git a/etc/profile-m-z/pavucontrol.profile b/etc/profile-m-z/pavucontrol.profile
index f44730c33..b46fb3026 100644
--- a/etc/profile-m-z/pavucontrol.profile
+++ b/etc/profile-m-z/pavucontrol.profile
@@ -6,7 +6,7 @@ include pavucontrol.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/pavucontrol.ini 9noblacklist ${HOME}/.config/pavucontrol.ini
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-xdg.inc
19# whitelisting in ${HOME} is broken, see #3112 19# whitelisting in ${HOME} is broken, see #3112
20#mkfile ${HOME}/.config/pavucontrol.ini 20#mkfile ${HOME}/.config/pavucontrol.ini
21#whitelist ${HOME}/.config/pavucontrol.ini 21#whitelist ${HOME}/.config/pavucontrol.ini
22allow /usr/share/pavucontrol 22whitelist /usr/share/pavucontrol
23allow /usr/share/pavucontrol-qt 23whitelist /usr/share/pavucontrol-qt
24#include whitelist-common.inc 24#include whitelist-common.inc
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
diff --git a/etc/profile-m-z/pcsxr.profile b/etc/profile-m-z/pcsxr.profile
index 3f920ced8..a6dab2a9a 100644
--- a/etc/profile-m-z/pcsxr.profile
+++ b/etc/profile-m-z/pcsxr.profile
@@ -8,7 +8,7 @@ include globals.local
8 8
9# Note: you must whitelist your games folder in your pcsxr.local 9# Note: you must whitelist your games folder in your pcsxr.local
10 10
11nodeny ${HOME}/.pcsxr 11noblacklist ${HOME}/.pcsxr
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -21,7 +21,7 @@ include disable-write-mnt.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23mkdir ${HOME}/.pcsxr 23mkdir ${HOME}/.pcsxr
24allow ${HOME}/.pcsxr 24whitelist ${HOME}/.pcsxr
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-runuser-common.inc 26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/pdfchain.profile b/etc/profile-m-z/pdfchain.profile
index 13a011072..d72417914 100644
--- a/etc/profile-m-z/pdfchain.profile
+++ b/etc/profile-m-z/pdfchain.profile
@@ -5,7 +5,7 @@ include pdfchain.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${DOCUMENTS} 8noblacklist ${DOCUMENTS}
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
diff --git a/etc/profile-m-z/pdfmod.profile b/etc/profile-m-z/pdfmod.profile
index e49ce8073..a19826555 100644
--- a/etc/profile-m-z/pdfmod.profile
+++ b/etc/profile-m-z/pdfmod.profile
@@ -6,9 +6,9 @@ include pdfmod.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/pdfmod 9noblacklist ${HOME}/.cache/pdfmod
10nodeny ${HOME}/.config/pdfmod 10noblacklist ${HOME}/.config/pdfmod
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/pdfsam.profile b/etc/profile-m-z/pdfsam.profile
index 67c14bbc3..e2808d4d2 100644
--- a/etc/profile-m-z/pdfsam.profile
+++ b/etc/profile-m-z/pdfsam.profile
@@ -6,7 +6,7 @@ include pdfsam.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10 10
11# Allow java (blacklisted by disable-devel.inc) 11# Allow java (blacklisted by disable-devel.inc)
12include allow-java.inc 12include allow-java.inc
diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile
index 1c7ebfad5..d3902a51c 100644
--- a/etc/profile-m-z/pdftotext.profile
+++ b/etc/profile-m-z/pdftotext.profile
@@ -6,9 +6,9 @@ include pdftotext.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny ${RUNUSER} 9blacklist ${RUNUSER}
10 10
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -19,9 +19,9 @@ include disable-programs.inc
19include disable-shell.inc 19include disable-shell.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22allow ${DOCUMENTS} 22whitelist ${DOCUMENTS}
23allow ${DOWNLOADS} 23whitelist ${DOWNLOADS}
24allow /usr/share/poppler 24whitelist /usr/share/poppler
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
27 27
diff --git a/etc/profile-m-z/peek.profile b/etc/profile-m-z/peek.profile
index e809625ad..c33953687 100644
--- a/etc/profile-m-z/peek.profile
+++ b/etc/profile-m-z/peek.profile
@@ -5,9 +5,9 @@ include peek.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.cache/peek 8noblacklist ${HOME}/.cache/peek
9nodeny ${PICTURES} 9noblacklist ${PICTURES}
10nodeny ${VIDEOS} 10noblacklist ${VIDEOS}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/penguin-command.profile b/etc/profile-m-z/penguin-command.profile
index 5ebd7b462..f5ad0321d 100644
--- a/etc/profile-m-z/penguin-command.profile
+++ b/etc/profile-m-z/penguin-command.profile
@@ -6,7 +6,7 @@ include penguin-command.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.penguin-command 9noblacklist ${HOME}/.penguin-command
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17include disable-shell.inc 17include disable-shell.inc
18 18
19allow ${HOME}/.penguin-command 19whitelist ${HOME}/.penguin-command
20include whitelist-common.inc 20include whitelist-common.inc
21include whitelist-var-common.inc 21include whitelist-var-common.inc
22 22
diff --git a/etc/profile-m-z/photoflare.profile b/etc/profile-m-z/photoflare.profile
index 8dd506850..40068ff78 100644
--- a/etc/profile-m-z/photoflare.profile
+++ b/etc/profile-m-z/photoflare.profile
@@ -6,7 +6,7 @@ include photoflare.local
6# Persistent global definitions 6# Persistent global definitions
7include photoflare.local 7include photoflare.local
8 8
9nodeny ${PICTURES} 9noblacklist ${PICTURES}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/picard.profile b/etc/profile-m-z/picard.profile
index ac178ee6c..a5ea47088 100644
--- a/etc/profile-m-z/picard.profile
+++ b/etc/profile-m-z/picard.profile
@@ -6,9 +6,9 @@ include picard.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/MusicBrainz 9noblacklist ${HOME}/.cache/MusicBrainz
10nodeny ${HOME}/.config/MusicBrainz 10noblacklist ${HOME}/.config/MusicBrainz
11nodeny ${MUSIC} 11noblacklist ${MUSIC}
12 12
13# Allow python (blacklisted by disable-interpreters.inc) 13# Allow python (blacklisted by disable-interpreters.inc)
14include allow-python2.inc 14include allow-python2.inc
diff --git a/etc/profile-m-z/pidgin.profile b/etc/profile-m-z/pidgin.profile
index a65abeb2e..26872e9a1 100644
--- a/etc/profile-m-z/pidgin.profile
+++ b/etc/profile-m-z/pidgin.profile
@@ -9,7 +9,7 @@ include globals.local
9ignore noexec ${RUNUSER} 9ignore noexec ${RUNUSER}
10ignore noexec /dev/shm 10ignore noexec /dev/shm
11 11
12nodeny ${HOME}/.purple 12noblacklist ${HOME}/.purple
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -20,9 +20,9 @@ include disable-programs.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22mkdir ${HOME}/.purple 22mkdir ${HOME}/.purple
23allow ${HOME}/.purple 23whitelist ${HOME}/.purple
24allow ${DOWNLOADS} 24whitelist ${DOWNLOADS}
25allow ${PICTURES} 25whitelist ${PICTURES}
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
28include whitelist-var-common.inc 28include whitelist-var-common.inc
diff --git a/etc/profile-m-z/pinball.profile b/etc/profile-m-z/pinball.profile
index 41e4fb6c0..2e17be2ce 100644
--- a/etc/profile-m-z/pinball.profile
+++ b/etc/profile-m-z/pinball.profile
@@ -6,7 +6,7 @@ include pinball.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/emilia 9noblacklist ${HOME}/.config/emilia
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,11 +18,11 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.config/emilia 20mkdir ${HOME}/.config/emilia
21allow ${HOME}/.config/emilia 21whitelist ${HOME}/.config/emilia
22 22
23allow /usr/share/pinball 23whitelist /usr/share/pinball
24# on debian games are stored under /usr/share/games 24# on debian games are stored under /usr/share/games
25allow /usr/share/games/pinball 25whitelist /usr/share/games/pinball
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-runuser-common.inc 27include whitelist-runuser-common.inc
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/ping.profile b/etc/profile-m-z/ping.profile
index 65e77abfa..e914007c0 100644
--- a/etc/profile-m-z/ping.profile
+++ b/etc/profile-m-z/ping.profile
@@ -7,8 +7,8 @@ include ping.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny /tmp/.X11-unix 10blacklist /tmp/.X11-unix
11deny ${RUNUSER} 11blacklist ${RUNUSER}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile
index aa2cfe203..f1fdfcbad 100644
--- a/etc/profile-m-z/pingus.profile
+++ b/etc/profile-m-z/pingus.profile
@@ -6,12 +6,12 @@ include pingus.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.pingus 9noblacklist ${HOME}/.pingus
10 10
11# Allow /bin/sh (blacklisted by disable-shell.inc) 11# Allow /bin/sh (blacklisted by disable-shell.inc)
12include allow-bin-sh.inc 12include allow-bin-sh.inc
13 13
14deny /usr/libexec 14blacklist /usr/libexec
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
@@ -23,8 +23,8 @@ include disable-shell.inc
23include disable-xdg.inc 23include disable-xdg.inc
24 24
25mkdir ${HOME}/.pingus 25mkdir ${HOME}/.pingus
26allow ${HOME}/.pingus 26whitelist ${HOME}/.pingus
27allow /usr/share/pingus 27whitelist /usr/share/pingus
28include whitelist-common.inc 28include whitelist-common.inc
29include whitelist-runuser-common.inc 29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/pinta.profile b/etc/profile-m-z/pinta.profile
index d0d4f1fce..19406c399 100644
--- a/etc/profile-m-z/pinta.profile
+++ b/etc/profile-m-z/pinta.profile
@@ -6,9 +6,9 @@ include pinta.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Pinta 9noblacklist ${HOME}/.config/Pinta
10nodeny ${DOCUMENTS} 10noblacklist ${DOCUMENTS}
11nodeny ${PICTURES} 11noblacklist ${PICTURES}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/pioneer.profile b/etc/profile-m-z/pioneer.profile
index 6cfea28b6..721b3944a 100644
--- a/etc/profile-m-z/pioneer.profile
+++ b/etc/profile-m-z/pioneer.profile
@@ -6,7 +6,7 @@ include pioneer.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.pioneer 9noblacklist ${HOME}/.pioneer
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.pioneer 20mkdir ${HOME}/.pioneer
21allow ${HOME}/.pioneer 21whitelist ${HOME}/.pioneer
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/pipe-viewer.profile b/etc/profile-m-z/pipe-viewer.profile
index acd7eeaf2..3de064311 100644
--- a/etc/profile-m-z/pipe-viewer.profile
+++ b/etc/profile-m-z/pipe-viewer.profile
@@ -7,13 +7,13 @@ include pipe-viewer.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.cache/pipe-viewer 10noblacklist ${HOME}/.cache/pipe-viewer
11nodeny ${HOME}/.config/pipe-viewer 11noblacklist ${HOME}/.config/pipe-viewer
12 12
13mkdir ${HOME}/.config/pipe-viewer 13mkdir ${HOME}/.config/pipe-viewer
14mkdir ${HOME}/.cache/pipe-viewer 14mkdir ${HOME}/.cache/pipe-viewer
15allow ${HOME}/.cache/pipe-viewer 15whitelist ${HOME}/.cache/pipe-viewer
16allow ${HOME}/.config/pipe-viewer 16whitelist ${HOME}/.config/pipe-viewer
17 17
18private-bin gtk-pipe-viewer,pipe-viewer 18private-bin gtk-pipe-viewer,pipe-viewer
19 19
diff --git a/etc/profile-m-z/pitivi.profile b/etc/profile-m-z/pitivi.profile
index abce4c911..a2dd809c4 100644
--- a/etc/profile-m-z/pitivi.profile
+++ b/etc/profile-m-z/pitivi.profile
@@ -6,7 +6,7 @@ include pitivi.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/pitivi 9noblacklist ${HOME}/.config/pitivi
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
diff --git a/etc/profile-m-z/pix.profile b/etc/profile-m-z/pix.profile
index 63451d352..81d3e9370 100644
--- a/etc/profile-m-z/pix.profile
+++ b/etc/profile-m-z/pix.profile
@@ -5,10 +5,10 @@ include pix.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/pix 8noblacklist ${HOME}/.config/pix
9nodeny ${HOME}/.local/share/pix 9noblacklist ${HOME}/.local/share/pix
10nodeny ${HOME}/.Steam 10noblacklist ${HOME}/.Steam
11nodeny ${HOME}/.steam 11noblacklist ${HOME}/.steam
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/pkglog.profile b/etc/profile-m-z/pkglog.profile
index 13d7db7f7..4eb41b3bd 100644
--- a/etc/profile-m-z/pkglog.profile
+++ b/etc/profile-m-z/pkglog.profile
@@ -17,9 +17,9 @@ include disable-passwdmgr.inc
17include disable-programs.inc 17include disable-programs.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20allow /var/log/apt/history.log 20whitelist /var/log/apt/history.log
21allow /var/log/dnf.rpm.log 21whitelist /var/log/dnf.rpm.log
22allow /var/log/pacman.log 22whitelist /var/log/pacman.log
23 23
24apparmor 24apparmor
25caps.drop all 25caps.drop all
diff --git a/etc/profile-m-z/playonlinux.profile b/etc/profile-m-z/playonlinux.profile
index 9c23841e2..8e98905b5 100644
--- a/etc/profile-m-z/playonlinux.profile
+++ b/etc/profile-m-z/playonlinux.profile
@@ -7,10 +7,10 @@ include playonlinux.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.PlayOnLinux 10noblacklist ${HOME}/.PlayOnLinux
11 11
12# nc is needed to run playonlinux 12# nc is needed to run playonlinux
13nodeny ${PATH}/nc 13noblacklist ${PATH}/nc
14 14
15# Allow perl (blacklisted by disable-interpreters.inc) 15# Allow perl (blacklisted by disable-interpreters.inc)
16include allow-perl.inc 16include allow-perl.inc
diff --git a/etc/profile-m-z/pluma.profile b/etc/profile-m-z/pluma.profile
index ab7e0c64b..10e12e5b1 100644
--- a/etc/profile-m-z/pluma.profile
+++ b/etc/profile-m-z/pluma.profile
@@ -6,8 +6,8 @@ include pluma.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/enchant 9noblacklist ${HOME}/.config/enchant
10nodeny ${HOME}/.config/pluma 10noblacklist ${HOME}/.config/pluma
11 11
12# Allows files commonly used by IDEs 12# Allows files commonly used by IDEs
13include allow-common-devel.inc 13include allow-common-devel.inc
diff --git a/etc/profile-m-z/plv.profile b/etc/profile-m-z/plv.profile
index 02cb83ef6..5201fd853 100644
--- a/etc/profile-m-z/plv.profile
+++ b/etc/profile-m-z/plv.profile
@@ -6,7 +6,7 @@ include plv.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/PacmanLogViewer 9noblacklist ${HOME}/.config/PacmanLogViewer
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-programs.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19mkdir ${HOME}/.config/PacmanLogViewer 19mkdir ${HOME}/.config/PacmanLogViewer
20allow ${HOME}/.config/PacmanLogViewer 20whitelist ${HOME}/.config/PacmanLogViewer
21allow /var/log/pacman.log 21whitelist /var/log/pacman.log
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-usr-share-common.inc 23include whitelist-usr-share-common.inc
24include whitelist-runuser-common.inc 24include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile
index 2c4dda43e..8a181d5a8 100644
--- a/etc/profile-m-z/pngquant.profile
+++ b/etc/profile-m-z/pngquant.profile
@@ -7,9 +7,9 @@ include pngquant.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${PICTURES} 10noblacklist ${PICTURES}
11 11
12deny ${RUNUSER}/wayland-* 12blacklist ${RUNUSER}/wayland-*
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/polari.profile b/etc/profile-m-z/polari.profile
index 115ac36ab..a3d4f9851 100644
--- a/etc/profile-m-z/polari.profile
+++ b/etc/profile-m-z/polari.profile
@@ -21,12 +21,12 @@ mkdir ${HOME}/.local/share/Empathy
21mkdir ${HOME}/.local/share/TpLogger 21mkdir ${HOME}/.local/share/TpLogger
22mkdir ${HOME}/.local/share/telepathy 22mkdir ${HOME}/.local/share/telepathy
23mkdir ${HOME}/.purple 23mkdir ${HOME}/.purple
24allow ${HOME}/.cache/telepathy 24whitelist ${HOME}/.cache/telepathy
25allow ${HOME}/.config/telepathy-account-widgets 25whitelist ${HOME}/.config/telepathy-account-widgets
26allow ${HOME}/.local/share/Empathy 26whitelist ${HOME}/.local/share/Empathy
27allow ${HOME}/.local/share/TpLogger 27whitelist ${HOME}/.local/share/TpLogger
28allow ${HOME}/.local/share/telepathy 28whitelist ${HOME}/.local/share/telepathy
29allow ${HOME}/.purple 29whitelist ${HOME}/.purple
30include whitelist-common.inc 30include whitelist-common.inc
31include whitelist-runuser-common.inc 31include whitelist-runuser-common.inc
32 32
diff --git a/etc/profile-m-z/ppsspp.profile b/etc/profile-m-z/ppsspp.profile
index 10c59ea32..1f73c1d89 100644
--- a/etc/profile-m-z/ppsspp.profile
+++ b/etc/profile-m-z/ppsspp.profile
@@ -8,7 +8,7 @@ include globals.local
8 8
9# Note: you must whitelist your games folder in your ppsspp.local. 9# Note: you must whitelist your games folder in your ppsspp.local.
10 10
11nodeny ${HOME}/.config/ppsspp 11noblacklist ${HOME}/.config/ppsspp
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -20,8 +20,8 @@ include disable-write-mnt.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22mkdir ${HOME}/.config/ppsspp 22mkdir ${HOME}/.config/ppsspp
23allow ${HOME}/.config/ppsspp 23whitelist ${HOME}/.config/ppsspp
24allow /usr/share/ppsspp 24whitelist /usr/share/ppsspp
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-runuser-common.inc 26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/pragha.profile b/etc/profile-m-z/pragha.profile
index 9b03bf632..f138d785e 100644
--- a/etc/profile-m-z/pragha.profile
+++ b/etc/profile-m-z/pragha.profile
@@ -6,8 +6,8 @@ include pragha.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/pragha 9noblacklist ${HOME}/.config/pragha
10nodeny ${MUSIC} 10noblacklist ${MUSIC}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/profanity.profile b/etc/profile-m-z/profanity.profile
index 137b4cb20..743458725 100644
--- a/etc/profile-m-z/profanity.profile
+++ b/etc/profile-m-z/profanity.profile
@@ -7,8 +7,8 @@ include profanity.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.config/profanity 10noblacklist ${HOME}/.config/profanity
11nodeny ${HOME}/.local/share/profanity 11noblacklist ${HOME}/.local/share/profanity
12 12
13# Allow Python 13# Allow Python
14include allow-python2.inc 14include allow-python2.inc
diff --git a/etc/profile-m-z/psi-plus.profile b/etc/profile-m-z/psi-plus.profile
index b0e28baf7..5ac58b0ac 100644
--- a/etc/profile-m-z/psi-plus.profile
+++ b/etc/profile-m-z/psi-plus.profile
@@ -6,8 +6,8 @@ include psi-plus.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/psi+ 9noblacklist ${HOME}/.config/psi+
10nodeny ${HOME}/.local/share/psi+ 10noblacklist ${HOME}/.local/share/psi+
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -19,10 +19,10 @@ include disable-programs.inc
19mkdir ${HOME}/.cache/psi+ 19mkdir ${HOME}/.cache/psi+
20mkdir ${HOME}/.config/psi+ 20mkdir ${HOME}/.config/psi+
21mkdir ${HOME}/.local/share/psi+ 21mkdir ${HOME}/.local/share/psi+
22allow ${DOWNLOADS} 22whitelist ${DOWNLOADS}
23allow ${HOME}/.cache/psi+ 23whitelist ${HOME}/.cache/psi+
24allow ${HOME}/.config/psi+ 24whitelist ${HOME}/.config/psi+
25allow ${HOME}/.local/share/psi+ 25whitelist ${HOME}/.local/share/psi+
26include whitelist-common.inc 26include whitelist-common.inc
27 27
28caps.drop all 28caps.drop all
diff --git a/etc/profile-m-z/psi.profile b/etc/profile-m-z/psi.profile
index 2588c3b75..7e0ef99fc 100644
--- a/etc/profile-m-z/psi.profile
+++ b/etc/profile-m-z/psi.profile
@@ -8,11 +8,11 @@ include globals.local
8 8
9# Add the next line to your psi.local to enable GPG support. 9# Add the next line to your psi.local to enable GPG support.
10#noblacklist ${HOME}/.gnupg 10#noblacklist ${HOME}/.gnupg
11nodeny ${HOME}/.cache/psi 11noblacklist ${HOME}/.cache/psi
12nodeny ${HOME}/.cache/Psi 12noblacklist ${HOME}/.cache/Psi
13nodeny ${HOME}/.config/psi 13noblacklist ${HOME}/.config/psi
14nodeny ${HOME}/.local/share/psi 14noblacklist ${HOME}/.local/share/psi
15nodeny ${HOME}/.local/share/Psi 15noblacklist ${HOME}/.local/share/Psi
16 16
17include disable-common.inc 17include disable-common.inc
18include disable-devel.inc 18include disable-devel.inc
@@ -32,16 +32,16 @@ mkdir ${HOME}/.local/share/psi
32mkdir ${HOME}/.local/share/Psi 32mkdir ${HOME}/.local/share/Psi
33# Add the next line to your psi.local to enable GPG support. 33# Add the next line to your psi.local to enable GPG support.
34#whitelist ${HOME}/.gnupg 34#whitelist ${HOME}/.gnupg
35allow ${HOME}/.cache/psi 35whitelist ${HOME}/.cache/psi
36allow ${HOME}/.cache/Psi 36whitelist ${HOME}/.cache/Psi
37allow ${HOME}/.config/psi 37whitelist ${HOME}/.config/psi
38allow ${HOME}/.local/share/psi 38whitelist ${HOME}/.local/share/psi
39allow ${HOME}/.local/share/Psi 39whitelist ${HOME}/.local/share/Psi
40allow ${DOWNLOADS} 40whitelist ${DOWNLOADS}
41# Add the next lines to your psi.local to enable GPG support. 41# Add the next lines to your psi.local to enable GPG support.
42#whitelist /usr/share/gnupg 42#whitelist /usr/share/gnupg
43#whitelist /usr/share/gnupg2 43#whitelist /usr/share/gnupg2
44allow /usr/share/psi 44whitelist /usr/share/psi
45# Add the next lines to your psi.local to enable GPG support. 45# Add the next lines to your psi.local to enable GPG support.
46#whitelist ${RUNUSER}/gnupg 46#whitelist ${RUNUSER}/gnupg
47#whitelist ${RUNUSER}/keyring 47#whitelist ${RUNUSER}/keyring
diff --git a/etc/profile-m-z/pybitmessage.profile b/etc/profile-m-z/pybitmessage.profile
index 1f0e83ab6..60ae37930 100644
--- a/etc/profile-m-z/pybitmessage.profile
+++ b/etc/profile-m-z/pybitmessage.profile
@@ -5,9 +5,9 @@ include pybitmessage.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny /sbin 8noblacklist /sbin
9nodeny /usr/local/sbin 9noblacklist /usr/local/sbin
10nodeny /usr/sbin 10noblacklist /usr/sbin
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python2.inc 13include allow-python2.inc
diff --git a/etc/profile-m-z/pycharm-community.profile b/etc/profile-m-z/pycharm-community.profile
index b6c08290e..00d7239ae 100644
--- a/etc/profile-m-z/pycharm-community.profile
+++ b/etc/profile-m-z/pycharm-community.profile
@@ -5,7 +5,7 @@ include pycharm-community.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.PyCharmCE* 8noblacklist ${HOME}/.PyCharmCE*
9 9
10# Allow java (blacklisted by disable-devel.inc) 10# Allow java (blacklisted by disable-devel.inc)
11include allow-java.inc 11include allow-java.inc
diff --git a/etc/profile-m-z/pycharm-professional.profile b/etc/profile-m-z/pycharm-professional.profile
index fa0932cc0..b754a18c9 100644
--- a/etc/profile-m-z/pycharm-professional.profile
+++ b/etc/profile-m-z/pycharm-professional.profile
@@ -6,7 +6,7 @@ include pyucharm-professional.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.PyCharm* 9noblacklist ${HOME}/.PyCharm*
10 10
11# Redirect 11# Redirect
12include pycharm-community.profile 12include pycharm-community.profile
diff --git a/etc/profile-m-z/qbittorrent.profile b/etc/profile-m-z/qbittorrent.profile
index fb8e622b0..506b738cc 100644
--- a/etc/profile-m-z/qbittorrent.profile
+++ b/etc/profile-m-z/qbittorrent.profile
@@ -6,10 +6,10 @@ include qbittorrent.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/qBittorrent 9noblacklist ${HOME}/.cache/qBittorrent
10nodeny ${HOME}/.config/qBittorrent 10noblacklist ${HOME}/.config/qBittorrent
11nodeny ${HOME}/.config/qBittorrentrc 11noblacklist ${HOME}/.config/qBittorrentrc
12nodeny ${HOME}/.local/share/data/qBittorrent 12noblacklist ${HOME}/.local/share/data/qBittorrent
13 13
14# Allow python (blacklisted by disable-interpreters.inc) 14# Allow python (blacklisted by disable-interpreters.inc)
15include allow-python2.inc 15include allow-python2.inc
@@ -27,11 +27,11 @@ mkdir ${HOME}/.cache/qBittorrent
27mkdir ${HOME}/.config/qBittorrent 27mkdir ${HOME}/.config/qBittorrent
28mkfile ${HOME}/.config/qBittorrentrc 28mkfile ${HOME}/.config/qBittorrentrc
29mkdir ${HOME}/.local/share/data/qBittorrent 29mkdir ${HOME}/.local/share/data/qBittorrent
30allow ${DOWNLOADS} 30whitelist ${DOWNLOADS}
31allow ${HOME}/.cache/qBittorrent 31whitelist ${HOME}/.cache/qBittorrent
32allow ${HOME}/.config/qBittorrent 32whitelist ${HOME}/.config/qBittorrent
33allow ${HOME}/.config/qBittorrentrc 33whitelist ${HOME}/.config/qBittorrentrc
34allow ${HOME}/.local/share/data/qBittorrent 34whitelist ${HOME}/.local/share/data/qBittorrent
35include whitelist-common.inc 35include whitelist-common.inc
36include whitelist-var-common.inc 36include whitelist-var-common.inc
37 37
diff --git a/etc/profile-m-z/qcomicbook.profile b/etc/profile-m-z/qcomicbook.profile
index 7bcc4b065..0e52d7fc4 100644
--- a/etc/profile-m-z/qcomicbook.profile
+++ b/etc/profile-m-z/qcomicbook.profile
@@ -6,10 +6,10 @@ include qcomicbook.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/PawelStolowski 9noblacklist ${HOME}/.cache/PawelStolowski
10nodeny ${HOME}/.config/PawelStolowski 10noblacklist ${HOME}/.config/PawelStolowski
11nodeny ${HOME}/.local/share/PawelStolowski 11noblacklist ${HOME}/.local/share/PawelStolowski
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13 13
14# Allow /bin/sh (blacklisted by disable-shell.inc) 14# Allow /bin/sh (blacklisted by disable-shell.inc)
15include allow-bin-sh.inc 15include allow-bin-sh.inc
@@ -27,7 +27,7 @@ include disable-xdg.inc
27mkdir ${HOME}/.cache/PawelStolowski 27mkdir ${HOME}/.cache/PawelStolowski
28mkdir ${HOME}/.config/PawelStolowski 28mkdir ${HOME}/.config/PawelStolowski
29mkdir ${HOME}/.local/share/PawelStolowski 29mkdir ${HOME}/.local/share/PawelStolowski
30allow /usr/share/qcomicbook 30whitelist /usr/share/qcomicbook
31include whitelist-runuser-common.inc 31include whitelist-runuser-common.inc
32include whitelist-usr-share-common.inc 32include whitelist-usr-share-common.inc
33include whitelist-var-common.inc 33include whitelist-var-common.inc
diff --git a/etc/profile-m-z/qemu-launcher.profile b/etc/profile-m-z/qemu-launcher.profile
index d527a2b82..ac60384fd 100644
--- a/etc/profile-m-z/qemu-launcher.profile
+++ b/etc/profile-m-z/qemu-launcher.profile
@@ -5,7 +5,7 @@ include qemu-launcher.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.qemu-launcher 8noblacklist ${HOME}/.qemu-launcher
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-passwdmgr.inc 11include disable-passwdmgr.inc
diff --git a/etc/profile-m-z/qgis.profile b/etc/profile-m-z/qgis.profile
index e99140c22..2e97daea2 100644
--- a/etc/profile-m-z/qgis.profile
+++ b/etc/profile-m-z/qgis.profile
@@ -6,10 +6,10 @@ include qgis.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/QGIS 9noblacklist ${HOME}/.config/QGIS
10nodeny ${HOME}/.local/share/QGIS 10noblacklist ${HOME}/.local/share/QGIS
11nodeny ${HOME}/.qgis2 11noblacklist ${HOME}/.qgis2
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13 13
14# Allow python (blacklisted by disable-interpreters.inc) 14# Allow python (blacklisted by disable-interpreters.inc)
15include allow-python3.inc 15include allow-python3.inc
@@ -25,10 +25,10 @@ include disable-xdg.inc
25mkdir ${HOME}/.local/share/QGIS 25mkdir ${HOME}/.local/share/QGIS
26mkdir ${HOME}/.qgis2 26mkdir ${HOME}/.qgis2
27mkdir ${HOME}/.config/QGIS 27mkdir ${HOME}/.config/QGIS
28allow ${HOME}/.local/share/QGIS 28whitelist ${HOME}/.local/share/QGIS
29allow ${HOME}/.qgis2 29whitelist ${HOME}/.qgis2
30allow ${HOME}/.config/QGIS 30whitelist ${HOME}/.config/QGIS
31allow ${DOCUMENTS} 31whitelist ${DOCUMENTS}
32include whitelist-common.inc 32include whitelist-common.inc
33include whitelist-var-common.inc 33include whitelist-var-common.inc
34 34
diff --git a/etc/profile-m-z/qlipper.profile b/etc/profile-m-z/qlipper.profile
index 75dc58ae4..6e94d5845 100644
--- a/etc/profile-m-z/qlipper.profile
+++ b/etc/profile-m-z/qlipper.profile
@@ -6,7 +6,7 @@ include qlipper.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Qlipper 9noblacklist ${HOME}/.config/Qlipper
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/qmmp.profile b/etc/profile-m-z/qmmp.profile
index d37fce997..c3d982c17 100644
--- a/etc/profile-m-z/qmmp.profile
+++ b/etc/profile-m-z/qmmp.profile
@@ -6,8 +6,8 @@ include qmmp.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.qmmp 9noblacklist ${HOME}/.qmmp
10nodeny ${MUSIC} 10noblacklist ${MUSIC}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/qnapi.profile b/etc/profile-m-z/qnapi.profile
index f12340052..ca11df5be 100644
--- a/etc/profile-m-z/qnapi.profile
+++ b/etc/profile-m-z/qnapi.profile
@@ -6,7 +6,7 @@ include qnapi.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/qnapi.ini 9noblacklist ${HOME}/.config/qnapi.ini
10 10
11ignore noexec /tmp 11ignore noexec /tmp
12 12
@@ -20,8 +20,8 @@ include disable-shell.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22mkfile ${HOME}/.config/qnapi.ini 22mkfile ${HOME}/.config/qnapi.ini
23allow ${HOME}/.config/qnapi.ini 23whitelist ${HOME}/.config/qnapi.ini
24allow ${DOWNLOADS} 24whitelist ${DOWNLOADS}
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-usr-share-common.inc 26include whitelist-usr-share-common.inc
27include whitelist-runuser-common.inc 27include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/qpdfview.profile b/etc/profile-m-z/qpdfview.profile
index 62fae324c..be690ffa4 100644
--- a/etc/profile-m-z/qpdfview.profile
+++ b/etc/profile-m-z/qpdfview.profile
@@ -6,9 +6,9 @@ include qpdfview.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/qpdfview 9noblacklist ${HOME}/.config/qpdfview
10nodeny ${HOME}/.local/share/qpdfview 10noblacklist ${HOME}/.local/share/qpdfview
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/qrencode.profile b/etc/profile-m-z/qrencode.profile
index 5f0aec804..6cbf8519f 100644
--- a/etc/profile-m-z/qrencode.profile
+++ b/etc/profile-m-z/qrencode.profile
@@ -7,7 +7,7 @@ include qrencode.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER} 10blacklist ${RUNUSER}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/qtox.profile b/etc/profile-m-z/qtox.profile
index 1ad46814e..8ffe24d11 100644
--- a/etc/profile-m-z/qtox.profile
+++ b/etc/profile-m-z/qtox.profile
@@ -6,8 +6,8 @@ include qtox.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/Tox 9noblacklist ${HOME}/.cache/Tox
10nodeny ${HOME}/.config/tox 10noblacklist ${HOME}/.config/tox
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-shell.inc
19include disable-xdg.inc 19include disable-xdg.inc
20 20
21mkdir ${HOME}/.config/tox 21mkdir ${HOME}/.config/tox
22allow ${DOWNLOADS} 22whitelist ${DOWNLOADS}
23allow ${HOME}/.config/tox 23whitelist ${HOME}/.config/tox
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
26 26
diff --git a/etc/profile-m-z/quadrapassel.profile b/etc/profile-m-z/quadrapassel.profile
index aee24925c..91e0d9d0d 100644
--- a/etc/profile-m-z/quadrapassel.profile
+++ b/etc/profile-m-z/quadrapassel.profile
@@ -6,11 +6,11 @@ include quadrapassel.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.local/share/quadrapassel 9noblacklist ${HOME}/.local/share/quadrapassel
10 10
11mkdir ${HOME}/.local/share/quadrapassel 11mkdir ${HOME}/.local/share/quadrapassel
12allow ${HOME}/.local/share/quadrapassel 12whitelist ${HOME}/.local/share/quadrapassel
13allow /usr/share/quadrapassel 13whitelist /usr/share/quadrapassel
14 14
15private-bin quadrapassel 15private-bin quadrapassel
16 16
diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile
index a319e1e12..1d146aa39 100644
--- a/etc/profile-m-z/quaternion.profile
+++ b/etc/profile-m-z/quaternion.profile
@@ -6,8 +6,8 @@ include quaternion.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/Quotient/quaternion 9noblacklist ${HOME}/.cache/Quotient/quaternion
10nodeny ${HOME}/.config/Quotient 10noblacklist ${HOME}/.config/Quotient
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -20,10 +20,10 @@ include disable-xdg.inc
20 20
21mkdir ${HOME}/.cache/Quotient/quaternion 21mkdir ${HOME}/.cache/Quotient/quaternion
22mkdir ${HOME}/.config/Quotient 22mkdir ${HOME}/.config/Quotient
23allow ${HOME}/.cache/Quotient/quaternion 23whitelist ${HOME}/.cache/Quotient/quaternion
24allow ${HOME}/.config/Quotient 24whitelist ${HOME}/.config/Quotient
25allow ${DOWNLOADS} 25whitelist ${DOWNLOADS}
26allow /usr/share/Quotient/quaternion 26whitelist /usr/share/Quotient/quaternion
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-runuser-common.inc 28include whitelist-runuser-common.inc
29include whitelist-usr-share-common.inc 29include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/quiterss.profile b/etc/profile-m-z/quiterss.profile
index 2693f2ed5..9490089b2 100644
--- a/etc/profile-m-z/quiterss.profile
+++ b/etc/profile-m-z/quiterss.profile
@@ -6,10 +6,10 @@ include quiterss.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/QuiteRss 9noblacklist ${HOME}/.cache/QuiteRss
10nodeny ${HOME}/.config/QuiteRss 10noblacklist ${HOME}/.config/QuiteRss
11nodeny ${HOME}/.config/QuiteRssrc 11noblacklist ${HOME}/.config/QuiteRssrc
12nodeny ${HOME}/.local/share/QuiteRss 12noblacklist ${HOME}/.local/share/QuiteRss
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -25,12 +25,12 @@ mkdir ${HOME}/.local/share/data
25mkdir ${HOME}/.local/share/data/QuiteRss 25mkdir ${HOME}/.local/share/data/QuiteRss
26mkdir ${HOME}/.local/share/QuiteRss 26mkdir ${HOME}/.local/share/QuiteRss
27mkfile ${HOME}/quiterssfeeds.opml 27mkfile ${HOME}/quiterssfeeds.opml
28allow ${HOME}/.cache/QuiteRss 28whitelist ${HOME}/.cache/QuiteRss
29allow ${HOME}/.config/QuiteRss 29whitelist ${HOME}/.config/QuiteRss
30allow ${HOME}/.config/QuiteRssrc 30whitelist ${HOME}/.config/QuiteRssrc
31allow ${HOME}/.local/share/data/QuiteRss 31whitelist ${HOME}/.local/share/data/QuiteRss
32allow ${HOME}/.local/share/QuiteRss 32whitelist ${HOME}/.local/share/QuiteRss
33allow ${HOME}/quiterssfeeds.opml 33whitelist ${HOME}/quiterssfeeds.opml
34include whitelist-common.inc 34include whitelist-common.inc
35 35
36caps.drop all 36caps.drop all
diff --git a/etc/profile-m-z/quodlibet.profile b/etc/profile-m-z/quodlibet.profile
index 52c120c08..92b02b2bf 100644
--- a/etc/profile-m-z/quodlibet.profile
+++ b/etc/profile-m-z/quodlibet.profile
@@ -6,10 +6,10 @@ include quodlibet.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/quodlibet 9noblacklist ${HOME}/.cache/quodlibet
10nodeny ${HOME}/.config/quodlibet 10noblacklist ${HOME}/.config/quodlibet
11nodeny ${HOME}/.quodlibet 11noblacklist ${HOME}/.quodlibet
12nodeny ${MUSIC} 12noblacklist ${MUSIC}
13 13
14include allow-bin-sh.inc 14include allow-bin-sh.inc
15 15
@@ -30,11 +30,11 @@ mkdir ${HOME}/.cache/quodlibet
30mkdir ${HOME}/.config/quodlibet 30mkdir ${HOME}/.config/quodlibet
31mkdir ${HOME}/.quodlibet 31mkdir ${HOME}/.quodlibet
32 32
33allow ${HOME}/.cache/quodlibet 33whitelist ${HOME}/.cache/quodlibet
34allow ${HOME}/.config/quodlibet 34whitelist ${HOME}/.config/quodlibet
35allow ${HOME}/.quodlibet 35whitelist ${HOME}/.quodlibet
36allow ${DOWNLOADS} 36whitelist ${DOWNLOADS}
37allow ${MUSIC} 37whitelist ${MUSIC}
38include whitelist-common.inc 38include whitelist-common.inc
39include whitelist-runuser-common.inc 39include whitelist-runuser-common.inc
40include whitelist-usr-share-common.inc 40include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/qupzilla.profile b/etc/profile-m-z/qupzilla.profile
index 9bc91808b..7aa71c848 100644
--- a/etc/profile-m-z/qupzilla.profile
+++ b/etc/profile-m-z/qupzilla.profile
@@ -6,8 +6,8 @@ include qupzilla.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.cache/qupzilla 9noblacklist ${HOME}/.cache/qupzilla
10nodeny ${HOME}/.config/qupzilla 10noblacklist ${HOME}/.config/qupzilla
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-programs.inc
18 18
19mkdir ${HOME}/.cache/qupzilla 19mkdir ${HOME}/.cache/qupzilla
20mkdir ${HOME}/.config/qupzilla 20mkdir ${HOME}/.config/qupzilla
21allow ${HOME}/.cache/qupzilla 21whitelist ${HOME}/.cache/qupzilla
22allow ${HOME}/.config/qupzilla 22whitelist ${HOME}/.config/qupzilla
23 23
24# Redirect 24# Redirect
25include falkon.profile 25include falkon.profile
diff --git a/etc/profile-m-z/qutebrowser.profile b/etc/profile-m-z/qutebrowser.profile
index a342e2acd..fc910b589 100644
--- a/etc/profile-m-z/qutebrowser.profile
+++ b/etc/profile-m-z/qutebrowser.profile
@@ -6,9 +6,9 @@ include qutebrowser.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/qutebrowser 9noblacklist ${HOME}/.cache/qutebrowser
10nodeny ${HOME}/.config/qutebrowser 10noblacklist ${HOME}/.config/qutebrowser
11nodeny ${HOME}/.local/share/qutebrowser 11noblacklist ${HOME}/.local/share/qutebrowser
12 12
13# Allow python (blacklisted by disable-interpreters.inc) 13# Allow python (blacklisted by disable-interpreters.inc)
14include allow-python2.inc 14include allow-python2.inc
@@ -22,10 +22,10 @@ include disable-programs.inc
22mkdir ${HOME}/.cache/qutebrowser 22mkdir ${HOME}/.cache/qutebrowser
23mkdir ${HOME}/.config/qutebrowser 23mkdir ${HOME}/.config/qutebrowser
24mkdir ${HOME}/.local/share/qutebrowser 24mkdir ${HOME}/.local/share/qutebrowser
25allow ${DOWNLOADS} 25whitelist ${DOWNLOADS}
26allow ${HOME}/.cache/qutebrowser 26whitelist ${HOME}/.cache/qutebrowser
27allow ${HOME}/.config/qutebrowser 27whitelist ${HOME}/.config/qutebrowser
28allow ${HOME}/.local/share/qutebrowser 28whitelist ${HOME}/.local/share/qutebrowser
29include whitelist-common.inc 29include whitelist-common.inc
30 30
31caps.drop all 31caps.drop all
diff --git a/etc/profile-m-z/rambox.profile b/etc/profile-m-z/rambox.profile
index b1059cee8..ffa2022ee 100644
--- a/etc/profile-m-z/rambox.profile
+++ b/etc/profile-m-z/rambox.profile
@@ -6,9 +6,9 @@ include rambox.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Rambox 9noblacklist ${HOME}/.config/Rambox
10nodeny ${HOME}/.pki 10noblacklist ${HOME}/.pki
11nodeny ${HOME}/.local/share/pki 11noblacklist ${HOME}/.local/share/pki
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -18,10 +18,10 @@ include disable-programs.inc
18mkdir ${HOME}/.config/Rambox 18mkdir ${HOME}/.config/Rambox
19mkdir ${HOME}/.pki 19mkdir ${HOME}/.pki
20mkdir ${HOME}/.local/share/pki 20mkdir ${HOME}/.local/share/pki
21allow ${DOWNLOADS} 21whitelist ${DOWNLOADS}
22allow ${HOME}/.config/Rambox 22whitelist ${HOME}/.config/Rambox
23allow ${HOME}/.pki 23whitelist ${HOME}/.pki
24allow ${HOME}/.local/share/pki 24whitelist ${HOME}/.local/share/pki
25include whitelist-common.inc 25include whitelist-common.inc
26 26
27caps.drop all 27caps.drop all
diff --git a/etc/profile-m-z/redeclipse.profile b/etc/profile-m-z/redeclipse.profile
index 3b56f651f..9bc196a16 100644
--- a/etc/profile-m-z/redeclipse.profile
+++ b/etc/profile-m-z/redeclipse.profile
@@ -6,7 +6,7 @@ include redeclipse.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.redeclipse 9noblacklist ${HOME}/.redeclipse
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-programs.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19mkdir ${HOME}/.redeclipse 19mkdir ${HOME}/.redeclipse
20allow ${HOME}/.redeclipse 20whitelist ${HOME}/.redeclipse
21allow /usr/share/redeclipse 21whitelist /usr/share/redeclipse
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-runuser-common.inc 23include whitelist-runuser-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/redshift.profile b/etc/profile-m-z/redshift.profile
index 3035e1d74..f87c5f67c 100644
--- a/etc/profile-m-z/redshift.profile
+++ b/etc/profile-m-z/redshift.profile
@@ -7,8 +7,8 @@ include redshift.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.config/redshift 10noblacklist ${HOME}/.config/redshift
11nodeny ${HOME}/.config/redshift.conf 11noblacklist ${HOME}/.config/redshift.conf
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-programs.inc
19include disable-xdg.inc 19include disable-xdg.inc
20 20
21mkdir ${HOME}/.config/redshift 21mkdir ${HOME}/.config/redshift
22allow ${HOME}/.config/redshift 22whitelist ${HOME}/.config/redshift
23allow ${HOME}/.config/redshift.conf 23whitelist ${HOME}/.config/redshift.conf
24include whitelist-var-common.inc 24include whitelist-var-common.inc
25 25
26apparmor 26apparmor
diff --git a/etc/profile-m-z/regextester.profile b/etc/profile-m-z/regextester.profile
index 82feafab9..f5131c5d0 100644
--- a/etc/profile-m-z/regextester.profile
+++ b/etc/profile-m-z/regextester.profile
@@ -15,7 +15,7 @@ include disable-programs.inc
15include disable-shell.inc 15include disable-shell.inc
16include disable-xdg.inc 16include disable-xdg.inc
17 17
18allow /usr/share/com.github.artemanufrij.regextester 18whitelist /usr/share/com.github.artemanufrij.regextester
19include whitelist-common.inc 19include whitelist-common.inc
20include whitelist-usr-share-common.inc 20include whitelist-usr-share-common.inc
21include whitelist-var-common.inc 21include whitelist-var-common.inc
diff --git a/etc/profile-m-z/remmina.profile b/etc/profile-m-z/remmina.profile
index 3f385f602..aca22f187 100644
--- a/etc/profile-m-z/remmina.profile
+++ b/etc/profile-m-z/remmina.profile
@@ -6,9 +6,9 @@ include remmina.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.remmina 9noblacklist ${HOME}/.remmina
10nodeny ${HOME}/.config/remmina 10noblacklist ${HOME}/.config/remmina
11nodeny ${HOME}/.local/share/remmina 11noblacklist ${HOME}/.local/share/remmina
12 12
13# Allow ssh (blacklisted by disable-common.inc) 13# Allow ssh (blacklisted by disable-common.inc)
14include allow-ssh.inc 14include allow-ssh.inc
diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile
index c532d3dc1..970e8ffba 100644
--- a/etc/profile-m-z/rhythmbox.profile
+++ b/etc/profile-m-z/rhythmbox.profile
@@ -6,9 +6,9 @@ include rhythmbox.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${MUSIC} 9noblacklist ${MUSIC}
10nodeny ${HOME}/.cache/rhythmbox 10noblacklist ${HOME}/.cache/rhythmbox
11nodeny ${HOME}/.local/share/rhythmbox 11noblacklist ${HOME}/.local/share/rhythmbox
12 12
13# Allow python (blacklisted by disable-interpreters.inc) 13# Allow python (blacklisted by disable-interpreters.inc)
14include allow-python2.inc 14include allow-python2.inc
@@ -26,10 +26,10 @@ include disable-programs.inc
26include disable-shell.inc 26include disable-shell.inc
27include disable-xdg.inc 27include disable-xdg.inc
28 28
29allow /usr/share/rhythmbox 29whitelist /usr/share/rhythmbox
30allow /usr/share/lua 30whitelist /usr/share/lua
31allow /usr/share/libquvi-scripts 31whitelist /usr/share/libquvi-scripts
32allow /usr/share/tracker 32whitelist /usr/share/tracker
33include whitelist-runuser-common.inc 33include whitelist-runuser-common.inc
34include whitelist-usr-share-common.inc 34include whitelist-usr-share-common.inc
35include whitelist-var-common.inc 35include whitelist-var-common.inc
diff --git a/etc/profile-m-z/ricochet.profile b/etc/profile-m-z/ricochet.profile
index c3ee57ef3..b664a2be3 100644
--- a/etc/profile-m-z/ricochet.profile
+++ b/etc/profile-m-z/ricochet.profile
@@ -5,7 +5,7 @@ include ricochet.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.local/share/Ricochet 8noblacklist ${HOME}/.local/share/Ricochet
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
@@ -16,8 +16,8 @@ include disable-programs.inc
16include disable-shell.inc 16include disable-shell.inc
17 17
18mkdir ${HOME}/.local/share/Ricochet 18mkdir ${HOME}/.local/share/Ricochet
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20allow ${HOME}/.local/share/Ricochet 20whitelist ${HOME}/.local/share/Ricochet
21include whitelist-common.inc 21include whitelist-common.inc
22 22
23caps.drop all 23caps.drop all
diff --git a/etc/profile-m-z/riot-web.profile b/etc/profile-m-z/riot-web.profile
index 782396a50..687c943b0 100644
--- a/etc/profile-m-z/riot-web.profile
+++ b/etc/profile-m-z/riot-web.profile
@@ -8,11 +8,11 @@ include globals.local
8 8
9ignore noexec /tmp 9ignore noexec /tmp
10 10
11nodeny ${HOME}/.config/Riot 11noblacklist ${HOME}/.config/Riot
12 12
13mkdir ${HOME}/.config/Riot 13mkdir ${HOME}/.config/Riot
14allow ${HOME}/.config/Riot 14whitelist ${HOME}/.config/Riot
15allow /usr/share/webapps/element 15whitelist /usr/share/webapps/element
16 16
17# Redirect 17# Redirect
18include electron.profile 18include electron.profile
diff --git a/etc/profile-m-z/ripperx.profile b/etc/profile-m-z/ripperx.profile
index c97ac8090..be815e714 100644
--- a/etc/profile-m-z/ripperx.profile
+++ b/etc/profile-m-z/ripperx.profile
@@ -6,8 +6,8 @@ include ripperx.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.ripperXrc 9noblacklist ${HOME}/.ripperXrc
10nodeny ${MUSIC} 10noblacklist ${MUSIC}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/ristretto.profile b/etc/profile-m-z/ristretto.profile
index 109d2f8f1..5572cab5a 100644
--- a/etc/profile-m-z/ristretto.profile
+++ b/etc/profile-m-z/ristretto.profile
@@ -6,9 +6,9 @@ include ristretto.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/ristretto 9noblacklist ${HOME}/.config/ristretto
10nodeny ${HOME}/.Steam 10noblacklist ${HOME}/.Steam
11nodeny ${HOME}/.steam 11noblacklist ${HOME}/.steam
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/rocketchat.profile b/etc/profile-m-z/rocketchat.profile
index 1a76c4211..8d3607c75 100644
--- a/etc/profile-m-z/rocketchat.profile
+++ b/etc/profile-m-z/rocketchat.profile
@@ -21,10 +21,10 @@ ignore private-cache
21ignore private-dev 21ignore private-dev
22ignore private-tmp 22ignore private-tmp
23 23
24nodeny ${HOME}/.config/Rocket.Chat 24noblacklist ${HOME}/.config/Rocket.Chat
25 25
26mkdir ${HOME}/.config/Rocket.Chat 26mkdir ${HOME}/.config/Rocket.Chat
27allow ${HOME}/.config/Rocket.Chat 27whitelist ${HOME}/.config/Rocket.Chat
28 28
29# Redirect 29# Redirect
30include electron.profile 30include electron.profile
diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile
index 4807b7d36..690b44bb1 100644
--- a/etc/profile-m-z/rsync-download_only.profile
+++ b/etc/profile-m-z/rsync-download_only.profile
@@ -11,8 +11,8 @@ include globals.local
11# not as a daemon (rsync --daemon) nor to create backups. 11# not as a daemon (rsync --daemon) nor to create backups.
12# Usage: firejail --profile=rsync-download_only rsync 12# Usage: firejail --profile=rsync-download_only rsync
13 13
14deny /tmp/.X11-unix 14blacklist /tmp/.X11-unix
15deny ${RUNUSER} 15blacklist ${RUNUSER}
16 16
17include disable-common.inc 17include disable-common.inc
18include disable-devel.inc 18include disable-devel.inc
diff --git a/etc/profile-m-z/rtv-addons.profile b/etc/profile-m-z/rtv-addons.profile
index 6b7d6b155..cc6db5043 100644
--- a/etc/profile-m-z/rtv-addons.profile
+++ b/etc/profile-m-z/rtv-addons.profile
@@ -11,16 +11,16 @@ ignore nosound
11ignore private-bin 11ignore private-bin
12ignore dbus-user none 12ignore dbus-user none
13 13
14nodeny ${HOME}/.config/mpv 14noblacklist ${HOME}/.config/mpv
15nodeny ${HOME}/.mailcap 15noblacklist ${HOME}/.mailcap
16nodeny ${HOME}/.netrc 16noblacklist ${HOME}/.netrc
17nodeny ${HOME}/.w3m 17noblacklist ${HOME}/.w3m
18 18
19allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs 19whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs
20allow ${HOME}/.config/mpv 20whitelist ${HOME}/.config/mpv
21allow ${HOME}/.mailcap 21whitelist ${HOME}/.mailcap
22allow ${HOME}/.netrc 22whitelist ${HOME}/.netrc
23allow ${HOME}/.w3m 23whitelist ${HOME}/.w3m
24 24
25#private-bin w3m,mpv,youtube-dl 25#private-bin w3m,mpv,youtube-dl
26 26
diff --git a/etc/profile-m-z/rtv.profile b/etc/profile-m-z/rtv.profile
index 074050792..2f1fe0155 100644
--- a/etc/profile-m-z/rtv.profile
+++ b/etc/profile-m-z/rtv.profile
@@ -6,11 +6,11 @@ include rtv.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny /tmp/.X11-unix 9blacklist /tmp/.X11-unix
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12nodeny ${HOME}/.config/rtv 12noblacklist ${HOME}/.config/rtv
13nodeny ${HOME}/.local/share/rtv 13noblacklist ${HOME}/.local/share/rtv
14 14
15# Allow /bin/sh (blacklisted by disable-shell.inc) 15# Allow /bin/sh (blacklisted by disable-shell.inc)
16include allow-bin-sh.inc 16include allow-bin-sh.inc
@@ -33,8 +33,8 @@ include disable-xdg.inc
33 33
34mkdir ${HOME}/.config/rtv 34mkdir ${HOME}/.config/rtv
35mkdir ${HOME}/.local/share/rtv 35mkdir ${HOME}/.local/share/rtv
36allow ${HOME}/.config/rtv 36whitelist ${HOME}/.config/rtv
37allow ${HOME}/.local/share/rtv 37whitelist ${HOME}/.local/share/rtv
38include whitelist-var-common.inc 38include whitelist-var-common.inc
39 39
40apparmor 40apparmor
diff --git a/etc/profile-m-z/sayonara.profile b/etc/profile-m-z/sayonara.profile
index 963f5da02..de79913cc 100644
--- a/etc/profile-m-z/sayonara.profile
+++ b/etc/profile-m-z/sayonara.profile
@@ -5,8 +5,8 @@ include sayonara.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.Sayonara 8noblacklist ${HOME}/.Sayonara
9nodeny ${MUSIC} 9noblacklist ${MUSIC}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/scallion.profile b/etc/profile-m-z/scallion.profile
index 26550b5e0..eb8468c3b 100644
--- a/etc/profile-m-z/scallion.profile
+++ b/etc/profile-m-z/scallion.profile
@@ -6,10 +6,10 @@ include scallion.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${PATH}/llvm* 9noblacklist ${PATH}/llvm*
10nodeny ${PATH}/openssl 10noblacklist ${PATH}/openssl
11nodeny ${PATH}/openssl-1.0 11noblacklist ${PATH}/openssl-1.0
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-exec.inc 15include disable-exec.inc
diff --git a/etc/profile-m-z/scorched3d.profile b/etc/profile-m-z/scorched3d.profile
index 921efb49e..b1989e474 100644
--- a/etc/profile-m-z/scorched3d.profile
+++ b/etc/profile-m-z/scorched3d.profile
@@ -6,7 +6,7 @@ include scorched3d.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.scorched3d 9noblacklist ${HOME}/.scorched3d
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,9 +17,9 @@ include disable-programs.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19mkdir ${HOME}/.scorched3d 19mkdir ${HOME}/.scorched3d
20allow ${HOME}/.scorched3d 20whitelist ${HOME}/.scorched3d
21allow /usr/share/scorched3d 21whitelist /usr/share/scorched3d
22allow /usr/share/games/scorched3d 22whitelist /usr/share/games/scorched3d
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-runuser-common.inc 24include whitelist-runuser-common.inc
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/scorchwentbonkers.profile b/etc/profile-m-z/scorchwentbonkers.profile
index 54a6c3a01..2cb1df6b5 100644
--- a/etc/profile-m-z/scorchwentbonkers.profile
+++ b/etc/profile-m-z/scorchwentbonkers.profile
@@ -6,7 +6,7 @@ include scorchwentbonkers.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.swb.ini 9noblacklist ${HOME}/.swb.ini
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.swb.ini 20mkdir ${HOME}/.swb.ini
21allow ${HOME}/.swb.ini 21whitelist ${HOME}/.swb.ini
22allow /usr/share/scorchwentbonkers 22whitelist /usr/share/scorchwentbonkers
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/scribus.profile b/etc/profile-m-z/scribus.profile
index 6519f8e87..1fdeaa145 100644
--- a/etc/profile-m-z/scribus.profile
+++ b/etc/profile-m-z/scribus.profile
@@ -7,24 +7,24 @@ include scribus.local
7include globals.local 7include globals.local
8 8
9# Support for PDF readers comes with Scribus 1.5 and higher 9# Support for PDF readers comes with Scribus 1.5 and higher
10nodeny ${HOME}/.cache/okular 10noblacklist ${HOME}/.cache/okular
11nodeny ${HOME}/.config/GIMP 11noblacklist ${HOME}/.config/GIMP
12nodeny ${HOME}/.config/okularpartrc 12noblacklist ${HOME}/.config/okularpartrc
13nodeny ${HOME}/.config/okularrc 13noblacklist ${HOME}/.config/okularrc
14nodeny ${HOME}/.config/scribus 14noblacklist ${HOME}/.config/scribus
15nodeny ${HOME}/.config/scribusrc 15noblacklist ${HOME}/.config/scribusrc
16nodeny ${HOME}/.gimp* 16noblacklist ${HOME}/.gimp*
17nodeny ${HOME}/.kde/share/apps/okular 17noblacklist ${HOME}/.kde/share/apps/okular
18nodeny ${HOME}/.kde/share/config/okularpartrc 18noblacklist ${HOME}/.kde/share/config/okularpartrc
19nodeny ${HOME}/.kde/share/config/okularrc 19noblacklist ${HOME}/.kde/share/config/okularrc
20nodeny ${HOME}/.kde4/share/apps/okular 20noblacklist ${HOME}/.kde4/share/apps/okular
21nodeny ${HOME}/.kde4/share/config/okularpartrc 21noblacklist ${HOME}/.kde4/share/config/okularpartrc
22nodeny ${HOME}/.kde4/share/config/okularrc 22noblacklist ${HOME}/.kde4/share/config/okularrc
23nodeny ${HOME}/.local/share/okular 23noblacklist ${HOME}/.local/share/okular
24nodeny ${HOME}/.local/share/scribus 24noblacklist ${HOME}/.local/share/scribus
25nodeny ${HOME}/.scribus 25noblacklist ${HOME}/.scribus
26nodeny ${DOCUMENTS} 26noblacklist ${DOCUMENTS}
27nodeny ${PICTURES} 27noblacklist ${PICTURES}
28 28
29# Allow python (blacklisted by disable-interpreters.inc) 29# Allow python (blacklisted by disable-interpreters.inc)
30include allow-python2.inc 30include allow-python2.inc
diff --git a/etc/profile-m-z/seahorse-adventures.profile b/etc/profile-m-z/seahorse-adventures.profile
index 95cedac3f..7799ab7ed 100644
--- a/etc/profile-m-z/seahorse-adventures.profile
+++ b/etc/profile-m-z/seahorse-adventures.profile
@@ -22,8 +22,8 @@ include disable-programs.inc
22include disable-shell.inc 22include disable-shell.inc
23include disable-xdg.inc 23include disable-xdg.inc
24 24
25allow /usr/share/seahorse-adventures 25whitelist /usr/share/seahorse-adventures
26allow /usr/share/games/seahorse-adventures 26whitelist /usr/share/games/seahorse-adventures
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
29include whitelist-var-common.inc 29include whitelist-var-common.inc
diff --git a/etc/profile-m-z/seahorse.profile b/etc/profile-m-z/seahorse.profile
index 66605173b..d3d8e453f 100644
--- a/etc/profile-m-z/seahorse.profile
+++ b/etc/profile-m-z/seahorse.profile
@@ -6,9 +6,9 @@ include seahorse.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny /tmp/.X11-unix 9blacklist /tmp/.X11-unix
10 10
11nodeny ${HOME}/.gnupg 11noblacklist ${HOME}/.gnupg
12 12
13# Allow ssh (blacklisted by disable-common.inc) 13# Allow ssh (blacklisted by disable-common.inc)
14include allow-ssh.inc 14include allow-ssh.inc
@@ -27,13 +27,13 @@ include disable-xdg.inc
27#mkdir ${HOME}/.ssh 27#mkdir ${HOME}/.ssh
28#whitelist ${HOME}/.gnupg 28#whitelist ${HOME}/.gnupg
29#whitelist ${HOME}/.ssh 29#whitelist ${HOME}/.ssh
30allow /tmp/ssh-* 30whitelist /tmp/ssh-*
31allow /usr/share/gnupg 31whitelist /usr/share/gnupg
32allow /usr/share/gnupg2 32whitelist /usr/share/gnupg2
33allow /usr/share/seahorse 33whitelist /usr/share/seahorse
34allow /usr/share/seahorse-nautilus 34whitelist /usr/share/seahorse-nautilus
35allow ${RUNUSER}/gnupg 35whitelist ${RUNUSER}/gnupg
36allow ${RUNUSER}/keyring 36whitelist ${RUNUSER}/keyring
37#include whitelist-common.inc 37#include whitelist-common.inc
38include whitelist-runuser-common.inc 38include whitelist-runuser-common.inc
39include whitelist-usr-share-common.inc 39include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/seamonkey.profile b/etc/profile-m-z/seamonkey.profile
index c9867719a..807effbeb 100644
--- a/etc/profile-m-z/seamonkey.profile
+++ b/etc/profile-m-z/seamonkey.profile
@@ -6,10 +6,10 @@ include seamonkey.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/mozilla 9noblacklist ${HOME}/.cache/mozilla
10nodeny ${HOME}/.mozilla 10noblacklist ${HOME}/.mozilla
11nodeny ${HOME}/.pki 11noblacklist ${HOME}/.pki
12nodeny ${HOME}/.local/share/pki 12noblacklist ${HOME}/.local/share/pki
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -20,25 +20,25 @@ mkdir ${HOME}/.cache/mozilla
20mkdir ${HOME}/.mozilla 20mkdir ${HOME}/.mozilla
21mkdir ${HOME}/.pki 21mkdir ${HOME}/.pki
22mkdir ${HOME}/.local/share/pki 22mkdir ${HOME}/.local/share/pki
23allow ${DOWNLOADS} 23whitelist ${DOWNLOADS}
24allow ${HOME}/.cache/gnome-mplayer/plugin 24whitelist ${HOME}/.cache/gnome-mplayer/plugin
25allow ${HOME}/.cache/mozilla 25whitelist ${HOME}/.cache/mozilla
26allow ${HOME}/.config/gnome-mplayer 26whitelist ${HOME}/.config/gnome-mplayer
27allow ${HOME}/.config/pipelight-silverlight5.1 27whitelist ${HOME}/.config/pipelight-silverlight5.1
28allow ${HOME}/.config/pipelight-widevine 28whitelist ${HOME}/.config/pipelight-widevine
29allow ${HOME}/.keysnail.js 29whitelist ${HOME}/.keysnail.js
30allow ${HOME}/.lastpass 30whitelist ${HOME}/.lastpass
31allow ${HOME}/.mozilla 31whitelist ${HOME}/.mozilla
32allow ${HOME}/.pentadactyl 32whitelist ${HOME}/.pentadactyl
33allow ${HOME}/.pentadactylrc 33whitelist ${HOME}/.pentadactylrc
34allow ${HOME}/.pki 34whitelist ${HOME}/.pki
35allow ${HOME}/.local/share/pki 35whitelist ${HOME}/.local/share/pki
36allow ${HOME}/.vimperator 36whitelist ${HOME}/.vimperator
37allow ${HOME}/.vimperatorrc 37whitelist ${HOME}/.vimperatorrc
38allow ${HOME}/.wine-pipelight 38whitelist ${HOME}/.wine-pipelight
39allow ${HOME}/.wine-pipelight64 39whitelist ${HOME}/.wine-pipelight64
40allow ${HOME}/.zotero 40whitelist ${HOME}/.zotero
41allow ${HOME}/dwhelper 41whitelist ${HOME}/dwhelper
42include whitelist-common.inc 42include whitelist-common.inc
43 43
44caps.drop all 44caps.drop all
diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile
index 23f464637..7d56684db 100644
--- a/etc/profile-m-z/server.profile
+++ b/etc/profile-m-z/server.profile
@@ -32,12 +32,12 @@ include globals.local
32# it allows /sbin and /usr/sbin directories - this is where servers are installed 32# it allows /sbin and /usr/sbin directories - this is where servers are installed
33# depending on your usage, you can enable some of the commands below: 33# depending on your usage, you can enable some of the commands below:
34 34
35nodeny /sbin 35noblacklist /sbin
36nodeny /usr/sbin 36noblacklist /usr/sbin
37# noblacklist /var/opt 37# noblacklist /var/opt
38 38
39deny /tmp/.X11-unix 39blacklist /tmp/.X11-unix
40deny ${RUNUSER}/wayland-* 40blacklist ${RUNUSER}/wayland-*
41 41
42include disable-common.inc 42include disable-common.inc
43# include disable-devel.inc 43# include disable-devel.inc
diff --git a/etc/profile-m-z/shellcheck.profile b/etc/profile-m-z/shellcheck.profile
index 0cb9de45a..b7f398f45 100644
--- a/etc/profile-m-z/shellcheck.profile
+++ b/etc/profile-m-z/shellcheck.profile
@@ -7,9 +7,9 @@ include shellcheck.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER} 10blacklist ${RUNUSER}
11 11
12nodeny ${DOCUMENTS} 12noblacklist ${DOCUMENTS}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -19,7 +19,7 @@ include disable-passwdmgr.inc
19include disable-programs.inc 19include disable-programs.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22allow /usr/share/shellcheck 22whitelist /usr/share/shellcheck
23include whitelist-usr-share-common.inc 23include whitelist-usr-share-common.inc
24include whitelist-var-common.inc 24include whitelist-var-common.inc
25 25
diff --git a/etc/profile-m-z/shortwave.profile b/etc/profile-m-z/shortwave.profile
index a8e5f6b18..d629240ec 100644
--- a/etc/profile-m-z/shortwave.profile
+++ b/etc/profile-m-z/shortwave.profile
@@ -6,8 +6,8 @@ include shortwave.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/Shortwave 9noblacklist ${HOME}/.cache/Shortwave
10nodeny ${HOME}/.local/share/Shortwave 10noblacklist ${HOME}/.local/share/Shortwave
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -19,9 +19,9 @@ include disable-xdg.inc
19 19
20mkdir ${HOME}/.cache/Shortwave 20mkdir ${HOME}/.cache/Shortwave
21mkdir ${HOME}/.local/share/Shortwave 21mkdir ${HOME}/.local/share/Shortwave
22allow ${HOME}/.cache/Shortwave 22whitelist ${HOME}/.cache/Shortwave
23allow ${HOME}/.local/share/Shortwave 23whitelist ${HOME}/.local/share/Shortwave
24allow /usr/share/shortwave 24whitelist /usr/share/shortwave
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-runuser-common.inc 26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/shotcut.profile b/etc/profile-m-z/shotcut.profile
index 1f3c39c46..63af4d367 100644
--- a/etc/profile-m-z/shotcut.profile
+++ b/etc/profile-m-z/shotcut.profile
@@ -8,7 +8,7 @@ include globals.local
8 8
9ignore noexec ${HOME} 9ignore noexec ${HOME}
10 10
11nodeny ${HOME}/.config/Meltytech 11noblacklist ${HOME}/.config/Meltytech
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/shotwell.profile b/etc/profile-m-z/shotwell.profile
index b653930c3..ddc8a7743 100644
--- a/etc/profile-m-z/shotwell.profile
+++ b/etc/profile-m-z/shotwell.profile
@@ -6,10 +6,10 @@ include shotwell.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/shotwell 9noblacklist ${HOME}/.cache/shotwell
10nodeny ${HOME}/.local/share/shotwell 10noblacklist ${HOME}/.local/share/shotwell
11 11
12nodeny ${PICTURES} 12noblacklist ${PICTURES}
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
15include disable-exec.inc 15include disable-exec.inc
@@ -21,9 +21,9 @@ include disable-xdg.inc
21 21
22mkdir ${HOME}/.cache/shotwell 22mkdir ${HOME}/.cache/shotwell
23mkdir ${HOME}/.local/share/shotwell 23mkdir ${HOME}/.local/share/shotwell
24allow ${HOME}/.cache/shotwell 24whitelist ${HOME}/.cache/shotwell
25allow ${HOME}/.local/share/shotwell 25whitelist ${HOME}/.local/share/shotwell
26allow ${PICTURES} 26whitelist ${PICTURES}
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-runuser-common.inc 28include whitelist-runuser-common.inc
29include whitelist-usr-share-common.inc 29include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/signal-cli.profile b/etc/profile-m-z/signal-cli.profile
index 8a46899f1..478377344 100644
--- a/etc/profile-m-z/signal-cli.profile
+++ b/etc/profile-m-z/signal-cli.profile
@@ -6,10 +6,10 @@ include signal-cli.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny /tmp/.X11-unix 9blacklist /tmp/.X11-unix
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12nodeny ${HOME}/.local/share/signal-cli 12noblacklist ${HOME}/.local/share/signal-cli
13 13
14include allow-java.inc 14include allow-java.inc
15 15
@@ -22,7 +22,7 @@ include disable-programs.inc
22include disable-xdg.inc 22include disable-xdg.inc
23 23
24mkdir ${HOME}/.local/share/signal-cli 24mkdir ${HOME}/.local/share/signal-cli
25allow ${HOME}/.local/share/signal-cli 25whitelist ${HOME}/.local/share/signal-cli
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
28 28
diff --git a/etc/profile-m-z/signal-desktop.profile b/etc/profile-m-z/signal-desktop.profile
index a12080748..77a7f5b38 100644
--- a/etc/profile-m-z/signal-desktop.profile
+++ b/etc/profile-m-z/signal-desktop.profile
@@ -9,15 +9,15 @@ ignore novideo
9 9
10ignore noexec /tmp 10ignore noexec /tmp
11 11
12nodeny ${HOME}/.config/Signal 12noblacklist ${HOME}/.config/Signal
13 13
14# These lines are needed to allow Firefox to open links 14# These lines are needed to allow Firefox to open links
15nodeny ${HOME}/.mozilla 15noblacklist ${HOME}/.mozilla
16allow ${HOME}/.mozilla/firefox/profiles.ini 16whitelist ${HOME}/.mozilla/firefox/profiles.ini
17read-only ${HOME}/.mozilla/firefox/profiles.ini 17read-only ${HOME}/.mozilla/firefox/profiles.ini
18 18
19mkdir ${HOME}/.config/Signal 19mkdir ${HOME}/.config/Signal
20allow ${HOME}/.config/Signal 20whitelist ${HOME}/.config/Signal
21 21
22private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl 22private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl
23 23
diff --git a/etc/profile-m-z/simple-scan.profile b/etc/profile-m-z/simple-scan.profile
index 589a44ffc..17920677b 100644
--- a/etc/profile-m-z/simple-scan.profile
+++ b/etc/profile-m-z/simple-scan.profile
@@ -6,8 +6,8 @@ include simple-scan.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/simple-scan 9noblacklist ${HOME}/.cache/simple-scan
10nodeny ${DOCUMENTS} 10noblacklist ${DOCUMENTS}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19allow /usr/share/hplip 19whitelist /usr/share/hplip
20allow /usr/share/simple-scan 20whitelist /usr/share/simple-scan
21include whitelist-usr-share-common.inc 21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
diff --git a/etc/profile-m-z/simplescreenrecorder.profile b/etc/profile-m-z/simplescreenrecorder.profile
index 83f833508..d664f8bf5 100644
--- a/etc/profile-m-z/simplescreenrecorder.profile
+++ b/etc/profile-m-z/simplescreenrecorder.profile
@@ -6,8 +6,8 @@ include simplescreenrecorder.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${VIDEOS} 9noblacklist ${VIDEOS}
10nodeny ${HOME}/.ssr 10noblacklist ${HOME}/.ssr
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -17,7 +17,7 @@ include disable-passwdmgr.inc
17include disable-programs.inc 17include disable-programs.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20allow /usr/share/simplescreenrecorder 20whitelist /usr/share/simplescreenrecorder
21include whitelist-usr-share-common.inc 21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
diff --git a/etc/profile-m-z/simutrans.profile b/etc/profile-m-z/simutrans.profile
index 1d7f41579..afaa0f6d8 100644
--- a/etc/profile-m-z/simutrans.profile
+++ b/etc/profile-m-z/simutrans.profile
@@ -6,7 +6,7 @@ include simutrans.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.simutrans 9noblacklist ${HOME}/.simutrans
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18mkdir ${HOME}/.simutrans 18mkdir ${HOME}/.simutrans
19allow ${HOME}/.simutrans 19whitelist ${HOME}/.simutrans
20include whitelist-common.inc 20include whitelist-common.inc
21include whitelist-var-common.inc 21include whitelist-var-common.inc
22 22
diff --git a/etc/profile-m-z/skanlite.profile b/etc/profile-m-z/skanlite.profile
index 98ed624f9..093a61398 100644
--- a/etc/profile-m-z/skanlite.profile
+++ b/etc/profile-m-z/skanlite.profile
@@ -6,7 +6,7 @@ include skanlite.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/skypeforlinux.profile b/etc/profile-m-z/skypeforlinux.profile
index e7f70eebe..ed04eda8e 100644
--- a/etc/profile-m-z/skypeforlinux.profile
+++ b/etc/profile-m-z/skypeforlinux.profile
@@ -21,7 +21,7 @@ ignore dbus-system none
21ignore apparmor 21ignore apparmor
22ignore noexec /tmp 22ignore noexec /tmp
23 23
24nodeny ${HOME}/.config/skypeforlinux 24noblacklist ${HOME}/.config/skypeforlinux
25 25
26# private-dev - needs /dev/disk 26# private-dev - needs /dev/disk
27 27
diff --git a/etc/profile-m-z/slack.profile b/etc/profile-m-z/slack.profile
index b8299add3..51f6c8b00 100644
--- a/etc/profile-m-z/slack.profile
+++ b/etc/profile-m-z/slack.profile
@@ -16,14 +16,14 @@ ignore private-tmp
16ignore dbus-user none 16ignore dbus-user none
17ignore dbus-system none 17ignore dbus-system none
18 18
19nodeny ${HOME}/.config/Slack 19noblacklist ${HOME}/.config/Slack
20 20
21include allow-bin-sh.inc 21include allow-bin-sh.inc
22 22
23include disable-shell.inc 23include disable-shell.inc
24 24
25mkdir ${HOME}/.config/Slack 25mkdir ${HOME}/.config/Slack
26allow ${HOME}/.config/Slack 26whitelist ${HOME}/.config/Slack
27 27
28private-bin electron,electron[0-9],electron[0-9][0-9],locale,sh,slack 28private-bin electron,electron[0-9],electron[0-9][0-9],locale,sh,slack
29private-etc alternatives,asound.conf,ca-certificates,crypto-policies,debian_version,fedora-release,fonts,group,ld.so.cache,ld.so.conf,localtime,machine-id,os-release,passwd,pki,pulse,redhat-release,resolv.conf,ssl,system-release,system-release-cpe 29private-etc alternatives,asound.conf,ca-certificates,crypto-policies,debian_version,fedora-release,fonts,group,ld.so.cache,ld.so.conf,localtime,machine-id,os-release,passwd,pki,pulse,redhat-release,resolv.conf,ssl,system-release,system-release-cpe
diff --git a/etc/profile-m-z/slashem.profile b/etc/profile-m-z/slashem.profile
index 36a0044dc..c5a31c237 100644
--- a/etc/profile-m-z/slashem.profile
+++ b/etc/profile-m-z/slashem.profile
@@ -6,7 +6,7 @@ include slashem.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny /var/games/slashem 9noblacklist /var/games/slashem
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -15,7 +15,7 @@ include disable-interpreters.inc
15include disable-passwdmgr.inc 15include disable-passwdmgr.inc
16include disable-programs.inc 16include disable-programs.inc
17 17
18allow /var/games/slashem 18whitelist /var/games/slashem
19include whitelist-common.inc 19include whitelist-common.inc
20include whitelist-var-common.inc 20include whitelist-var-common.inc
21 21
diff --git a/etc/profile-m-z/smplayer.profile b/etc/profile-m-z/smplayer.profile
index 4e4334dc0..01547e5c1 100644
--- a/etc/profile-m-z/smplayer.profile
+++ b/etc/profile-m-z/smplayer.profile
@@ -6,9 +6,9 @@ include smplayer.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/smplayer 9noblacklist ${HOME}/.config/smplayer
10nodeny ${HOME}/.config/youtube-dl 10noblacklist ${HOME}/.config/youtube-dl
11nodeny ${HOME}/.mplayer 11noblacklist ${HOME}/.mplayer
12 12
13# Allow lua (blacklisted by disable-interpreters.inc) 13# Allow lua (blacklisted by disable-interpreters.inc)
14include allow-lua.inc 14include allow-lua.inc
@@ -17,8 +17,8 @@ include allow-lua.inc
17include allow-python2.inc 17include allow-python2.inc
18include allow-python3.inc 18include allow-python3.inc
19 19
20nodeny ${MUSIC} 20noblacklist ${MUSIC}
21nodeny ${VIDEOS} 21noblacklist ${VIDEOS}
22 22
23include disable-common.inc 23include disable-common.inc
24include disable-devel.inc 24include disable-devel.inc
@@ -29,9 +29,9 @@ include disable-programs.inc
29include disable-shell.inc 29include disable-shell.inc
30include disable-xdg.inc 30include disable-xdg.inc
31 31
32allow /usr/share/lua* 32whitelist /usr/share/lua*
33allow /usr/share/smplayer 33whitelist /usr/share/smplayer
34allow /usr/share/vulkan 34whitelist /usr/share/vulkan
35include whitelist-usr-share-common.inc 35include whitelist-usr-share-common.inc
36include whitelist-var-common.inc 36include whitelist-var-common.inc
37 37
diff --git a/etc/profile-m-z/smtube.profile b/etc/profile-m-z/smtube.profile
index 99d02ffdf..196950eaf 100644
--- a/etc/profile-m-z/smtube.profile
+++ b/etc/profile-m-z/smtube.profile
@@ -6,14 +6,14 @@ include smtube.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/smplayer 9noblacklist ${HOME}/.config/smplayer
10nodeny ${HOME}/.config/smtube 10noblacklist ${HOME}/.config/smtube
11nodeny ${HOME}/.config/mpv 11noblacklist ${HOME}/.config/mpv
12nodeny ${HOME}/.mplayer 12noblacklist ${HOME}/.mplayer
13nodeny ${HOME}/.config/vlc 13noblacklist ${HOME}/.config/vlc
14nodeny ${HOME}/.local/share/vlc 14noblacklist ${HOME}/.local/share/vlc
15nodeny ${MUSIC} 15noblacklist ${MUSIC}
16nodeny ${VIDEOS} 16noblacklist ${VIDEOS}
17 17
18include disable-common.inc 18include disable-common.inc
19include disable-devel.inc 19include disable-devel.inc
@@ -23,8 +23,8 @@ include disable-passwdmgr.inc
23include disable-programs.inc 23include disable-programs.inc
24include disable-xdg.inc 24include disable-xdg.inc
25 25
26allow /usr/share/smplayer 26whitelist /usr/share/smplayer
27allow /usr/share/smtube 27whitelist /usr/share/smtube
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
29include whitelist-var-common.inc 29include whitelist-var-common.inc
30 30
diff --git a/etc/profile-m-z/smuxi-frontend-gnome.profile b/etc/profile-m-z/smuxi-frontend-gnome.profile
index 3a79890cc..c3a9bb858 100644
--- a/etc/profile-m-z/smuxi-frontend-gnome.profile
+++ b/etc/profile-m-z/smuxi-frontend-gnome.profile
@@ -6,9 +6,9 @@ include smuxi-frontend-gnome.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/smuxi 9noblacklist ${HOME}/.cache/smuxi
10nodeny ${HOME}/.config/smuxi 10noblacklist ${HOME}/.config/smuxi
11nodeny ${HOME}/.local/share/smuxi 11noblacklist ${HOME}/.local/share/smuxi
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -21,10 +21,10 @@ include disable-xdg.inc
21mkdir ${HOME}/.cache/smuxi 21mkdir ${HOME}/.cache/smuxi
22mkdir ${HOME}/.config/smuxi 22mkdir ${HOME}/.config/smuxi
23mkdir ${HOME}/.local/share/smuxi 23mkdir ${HOME}/.local/share/smuxi
24allow ${HOME}/.cache/smuxi 24whitelist ${HOME}/.cache/smuxi
25allow ${HOME}/.config/smuxi 25whitelist ${HOME}/.config/smuxi
26allow ${HOME}/.local/share/smuxi 26whitelist ${HOME}/.local/share/smuxi
27allow ${DOWNLOADS} 27whitelist ${DOWNLOADS}
28include whitelist-common.inc 28include whitelist-common.inc
29include whitelist-runuser-common.inc 29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/snox.profile b/etc/profile-m-z/snox.profile
index 1d315404e..83493652c 100644
--- a/etc/profile-m-z/snox.profile
+++ b/etc/profile-m-z/snox.profile
@@ -10,15 +10,15 @@ ignore whitelist /usr/share/chromium
10ignore include whitelist-runuser-common.inc 10ignore include whitelist-runuser-common.inc
11ignore include whitelist-usr-share-common.inc 11ignore include whitelist-usr-share-common.inc
12 12
13nodeny ${HOME}/.cache/snox 13noblacklist ${HOME}/.cache/snox
14nodeny ${HOME}/.config/snox 14noblacklist ${HOME}/.config/snox
15 15
16#mkdir ${HOME}/.cache/dnox 16#mkdir ${HOME}/.cache/dnox
17#mkdir ${HOME}/.config/dnox 17#mkdir ${HOME}/.config/dnox
18mkdir ${HOME}/.cache/snox 18mkdir ${HOME}/.cache/snox
19mkdir ${HOME}/.config/snox 19mkdir ${HOME}/.config/snox
20allow ${HOME}/.cache/snox 20whitelist ${HOME}/.cache/snox
21allow ${HOME}/.config/snox 21whitelist ${HOME}/.config/snox
22 22
23# Redirect 23# Redirect
24include chromium-common.profile 24include chromium-common.profile
diff --git a/etc/profile-m-z/softmaker-common.profile b/etc/profile-m-z/softmaker-common.profile
index bd4991e81..83315231f 100644
--- a/etc/profile-m-z/softmaker-common.profile
+++ b/etc/profile-m-z/softmaker-common.profile
@@ -10,7 +10,7 @@ include softmaker-common.local
10# with an absolute Exec line. These files are NOT handelt by firecfg, 10# with an absolute Exec line. These files are NOT handelt by firecfg,
11# therefore you must manualy copy them in you home and remove '/usr/bin/'. 11# therefore you must manualy copy them in you home and remove '/usr/bin/'.
12 12
13nodeny ${HOME}/SoftMaker 13noblacklist ${HOME}/SoftMaker
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-interpreters.inc
19include disable-passwdmgr.inc 19include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21 21
22allow /usr/share/office2018 22whitelist /usr/share/office2018
23allow /usr/share/freeoffice2018 23whitelist /usr/share/freeoffice2018
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
26 26
diff --git a/etc/profile-m-z/sound-juicer.profile b/etc/profile-m-z/sound-juicer.profile
index 16ee39e09..ef00fdfff 100644
--- a/etc/profile-m-z/sound-juicer.profile
+++ b/etc/profile-m-z/sound-juicer.profile
@@ -6,8 +6,8 @@ include sound-juicer.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/sound-juicer 9noblacklist ${HOME}/.config/sound-juicer
10nodeny ${MUSIC} 10noblacklist ${MUSIC}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/soundconverter.profile b/etc/profile-m-z/soundconverter.profile
index 46da7a453..4dbf34100 100644
--- a/etc/profile-m-z/soundconverter.profile
+++ b/etc/profile-m-z/soundconverter.profile
@@ -10,7 +10,7 @@ include globals.local
10include allow-python2.inc 10include allow-python2.inc
11include allow-python3.inc 11include allow-python3.inc
12 12
13nodeny ${MUSIC} 13noblacklist ${MUSIC}
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -20,9 +20,9 @@ include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23allow ${DOWNLOADS} 23whitelist ${DOWNLOADS}
24allow ${MUSIC} 24whitelist ${MUSIC}
25allow /usr/share/soundconverter 25whitelist /usr/share/soundconverter
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
28include whitelist-var-common.inc 28include whitelist-var-common.inc
diff --git a/etc/profile-m-z/spectacle.profile b/etc/profile-m-z/spectacle.profile
index 08adb5861..4468f21e7 100644
--- a/etc/profile-m-z/spectacle.profile
+++ b/etc/profile-m-z/spectacle.profile
@@ -12,8 +12,8 @@ include globals.local
12#private-etc ca-certificates,crypto-policies,pki,resolv.conf,ssl 12#private-etc ca-certificates,crypto-policies,pki,resolv.conf,ssl
13#protocol unix,inet,inet6 13#protocol unix,inet,inet6
14 14
15nodeny ${HOME}/.config/spectaclerc 15noblacklist ${HOME}/.config/spectaclerc
16nodeny ${PICTURES} 16noblacklist ${PICTURES}
17 17
18include disable-common.inc 18include disable-common.inc
19include disable-devel.inc 19include disable-devel.inc
@@ -24,10 +24,10 @@ include disable-programs.inc
24include disable-xdg.inc 24include disable-xdg.inc
25 25
26mkfile ${HOME}/.config/spectaclerc 26mkfile ${HOME}/.config/spectaclerc
27allow ${HOME}/.config/spectaclerc 27whitelist ${HOME}/.config/spectaclerc
28allow ${PICTURES} 28whitelist ${PICTURES}
29allow /usr/share/kconf_update/spectacle_newConfig.upd 29whitelist /usr/share/kconf_update/spectacle_newConfig.upd
30allow /usr/share/kconf_update/spectacle_shortcuts.upd 30whitelist /usr/share/kconf_update/spectacle_shortcuts.upd
31include whitelist-common.inc 31include whitelist-common.inc
32include whitelist-runuser-common.inc 32include whitelist-runuser-common.inc
33include whitelist-usr-share-common.inc 33include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile
index 4c1b2d3e1..283674517 100644
--- a/etc/profile-m-z/spectral.profile
+++ b/etc/profile-m-z/spectral.profile
@@ -6,8 +6,8 @@ include spectral.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/ENCOM/Spectral 9noblacklist ${HOME}/.cache/ENCOM/Spectral
10nodeny ${HOME}/.config/ENCOM 10noblacklist ${HOME}/.config/ENCOM
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -20,9 +20,9 @@ include disable-xdg.inc
20 20
21mkdir ${HOME}/.cache/ENCOM/Spectral 21mkdir ${HOME}/.cache/ENCOM/Spectral
22mkdir ${HOME}/.config/ENCOM 22mkdir ${HOME}/.config/ENCOM
23allow ${HOME}/.cache/ENCOM/Spectral 23whitelist ${HOME}/.cache/ENCOM/Spectral
24allow ${HOME}/.config/ENCOM 24whitelist ${HOME}/.config/ENCOM
25allow ${DOWNLOADS} 25whitelist ${DOWNLOADS}
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-runuser-common.inc 27include whitelist-runuser-common.inc
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/spectre-meltdown-checker.profile b/etc/profile-m-z/spectre-meltdown-checker.profile
index 3a3fd838d..984461f90 100644
--- a/etc/profile-m-z/spectre-meltdown-checker.profile
+++ b/etc/profile-m-z/spectre-meltdown-checker.profile
@@ -6,10 +6,10 @@ include spectre-meltdown-checker.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9deny ${RUNUSER}/wayland-* 9blacklist ${RUNUSER}/wayland-*
10 10
11nodeny ${PATH}/mount 11noblacklist ${PATH}/mount
12nodeny ${PATH}/umount 12noblacklist ${PATH}/umount
13 13
14# Allow perl (blacklisted by disable-interpreters.inc) 14# Allow perl (blacklisted by disable-interpreters.inc)
15include allow-perl.inc 15include allow-perl.inc
diff --git a/etc/profile-m-z/spotify.profile b/etc/profile-m-z/spotify.profile
index e1c830268..01bc2bc05 100644
--- a/etc/profile-m-z/spotify.profile
+++ b/etc/profile-m-z/spotify.profile
@@ -5,11 +5,11 @@ include spotify.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.cache/spotify 8noblacklist ${HOME}/.cache/spotify
9nodeny ${HOME}/.config/spotify 9noblacklist ${HOME}/.config/spotify
10nodeny ${HOME}/.local/share/spotify 10noblacklist ${HOME}/.local/share/spotify
11 11
12deny ${HOME}/.bashrc 12blacklist ${HOME}/.bashrc
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -21,9 +21,9 @@ include disable-programs.inc
21mkdir ${HOME}/.cache/spotify 21mkdir ${HOME}/.cache/spotify
22mkdir ${HOME}/.config/spotify 22mkdir ${HOME}/.config/spotify
23mkdir ${HOME}/.local/share/spotify 23mkdir ${HOME}/.local/share/spotify
24allow ${HOME}/.cache/spotify 24whitelist ${HOME}/.cache/spotify
25allow ${HOME}/.config/spotify 25whitelist ${HOME}/.config/spotify
26allow ${HOME}/.local/share/spotify 26whitelist ${HOME}/.local/share/spotify
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-var-common.inc 28include whitelist-var-common.inc
29 29
diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile
index aa577b63a..4dd2c7262 100644
--- a/etc/profile-m-z/sqlitebrowser.profile
+++ b/etc/profile-m-z/sqlitebrowser.profile
@@ -6,8 +6,8 @@ include sqlitebrowser.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/sqlitebrowser 9noblacklist ${HOME}/.config/sqlitebrowser
10nodeny ${DOCUMENTS} 10noblacklist ${DOCUMENTS}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile
index e456ebe07..5802299a3 100644
--- a/etc/profile-m-z/ssh-agent.profile
+++ b/etc/profile-m-z/ssh-agent.profile
@@ -9,8 +9,8 @@ include globals.local
9# Allow ssh (blacklisted by disable-common.inc) 9# Allow ssh (blacklisted by disable-common.inc)
10include allow-ssh.inc 10include allow-ssh.inc
11 11
12deny /tmp/.X11-unix 12blacklist /tmp/.X11-unix
13deny ${RUNUSER}/wayland-* 13blacklist ${RUNUSER}/wayland-*
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-passwdmgr.inc 16include disable-passwdmgr.inc
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile
index 8a0d86150..a58642192 100644
--- a/etc/profile-m-z/ssh.profile
+++ b/etc/profile-m-z/ssh.profile
@@ -8,8 +8,8 @@ include ssh.local
8include globals.local 8include globals.local
9 9
10# nc can be used as ProxyCommand, e.g. when using tor 10# nc can be used as ProxyCommand, e.g. when using tor
11nodeny ${PATH}/nc 11noblacklist ${PATH}/nc
12nodeny ${PATH}/ncat 12noblacklist ${PATH}/ncat
13 13
14# Allow ssh (blacklisted by disable-common.inc) 14# Allow ssh (blacklisted by disable-common.inc)
15include allow-ssh.inc 15include allow-ssh.inc
@@ -19,8 +19,8 @@ include disable-exec.inc
19include disable-passwdmgr.inc 19include disable-passwdmgr.inc
20include disable-programs.inc 20include disable-programs.inc
21 21
22allow ${RUNUSER}/gnupg/S.gpg-agent.ssh 22whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh
23allow ${RUNUSER}/keyring/ssh 23whitelist ${RUNUSER}/keyring/ssh
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-runuser-common.inc 25include whitelist-runuser-common.inc
26 26
diff --git a/etc/profile-m-z/standardnotes-desktop.profile b/etc/profile-m-z/standardnotes-desktop.profile
index 75de118ab..48a532876 100644
--- a/etc/profile-m-z/standardnotes-desktop.profile
+++ b/etc/profile-m-z/standardnotes-desktop.profile
@@ -5,8 +5,8 @@ include standardnotes-desktop.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/Standard Notes Backups 8noblacklist ${HOME}/Standard Notes Backups
9nodeny ${HOME}/.config/Standard Notes 9noblacklist ${HOME}/.config/Standard Notes
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-programs.inc
17 17
18mkdir ${HOME}/Standard Notes Backups 18mkdir ${HOME}/Standard Notes Backups
19mkdir ${HOME}/.config/Standard Notes 19mkdir ${HOME}/.config/Standard Notes
20allow ${HOME}/Standard Notes Backups 20whitelist ${HOME}/Standard Notes Backups
21allow ${HOME}/.config/Standard Notes 21whitelist ${HOME}/.config/Standard Notes
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
24apparmor 24apparmor
diff --git a/etc/profile-m-z/start-tor-browser.desktop.profile b/etc/profile-m-z/start-tor-browser.desktop.profile
index 8f75365e8..2f73c9fee 100644
--- a/etc/profile-m-z/start-tor-browser.desktop.profile
+++ b/etc/profile-m-z/start-tor-browser.desktop.profile
@@ -6,71 +6,71 @@ include start-tor-browser.desktop.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser* 9noblacklist ${HOME}/.tor-browser*
10 10
11allow ${HOME}/.tor-browser-ar 11whitelist ${HOME}/.tor-browser-ar
12allow ${HOME}/.tor-browser-ca 12whitelist ${HOME}/.tor-browser-ca
13allow ${HOME}/.tor-browser-cs 13whitelist ${HOME}/.tor-browser-cs
14allow ${HOME}/.tor-browser-da 14whitelist ${HOME}/.tor-browser-da
15allow ${HOME}/.tor-browser-de 15whitelist ${HOME}/.tor-browser-de
16allow ${HOME}/.tor-browser-el 16whitelist ${HOME}/.tor-browser-el
17allow ${HOME}/.tor-browser-en 17whitelist ${HOME}/.tor-browser-en
18allow ${HOME}/.tor-browser-en-us 18whitelist ${HOME}/.tor-browser-en-us
19allow ${HOME}/.tor-browser-es 19whitelist ${HOME}/.tor-browser-es
20allow ${HOME}/.tor-browser-es-es 20whitelist ${HOME}/.tor-browser-es-es
21allow ${HOME}/.tor-browser-fa 21whitelist ${HOME}/.tor-browser-fa
22allow ${HOME}/.tor-browser-fr 22whitelist ${HOME}/.tor-browser-fr
23allow ${HOME}/.tor-browser-ga-ie 23whitelist ${HOME}/.tor-browser-ga-ie
24allow ${HOME}/.tor-browser-he 24whitelist ${HOME}/.tor-browser-he
25allow ${HOME}/.tor-browser-hu 25whitelist ${HOME}/.tor-browser-hu
26allow ${HOME}/.tor-browser-id 26whitelist ${HOME}/.tor-browser-id
27allow ${HOME}/.tor-browser-is 27whitelist ${HOME}/.tor-browser-is
28allow ${HOME}/.tor-browser-it 28whitelist ${HOME}/.tor-browser-it
29allow ${HOME}/.tor-browser-ja 29whitelist ${HOME}/.tor-browser-ja
30allow ${HOME}/.tor-browser-ka 30whitelist ${HOME}/.tor-browser-ka
31allow ${HOME}/.tor-browser-ko 31whitelist ${HOME}/.tor-browser-ko
32allow ${HOME}/.tor-browser-nb 32whitelist ${HOME}/.tor-browser-nb
33allow ${HOME}/.tor-browser-nl 33whitelist ${HOME}/.tor-browser-nl
34allow ${HOME}/.tor-browser-pl 34whitelist ${HOME}/.tor-browser-pl
35allow ${HOME}/.tor-browser-pt-br 35whitelist ${HOME}/.tor-browser-pt-br
36allow ${HOME}/.tor-browser-ru 36whitelist ${HOME}/.tor-browser-ru
37allow ${HOME}/.tor-browser-sv-se 37whitelist ${HOME}/.tor-browser-sv-se
38allow ${HOME}/.tor-browser-tr 38whitelist ${HOME}/.tor-browser-tr
39allow ${HOME}/.tor-browser-vi 39whitelist ${HOME}/.tor-browser-vi
40allow ${HOME}/.tor-browser-zh-cn 40whitelist ${HOME}/.tor-browser-zh-cn
41allow ${HOME}/.tor-browser-zh-tw 41whitelist ${HOME}/.tor-browser-zh-tw
42 42
43allow ${HOME}/.tor-browser_ar 43whitelist ${HOME}/.tor-browser_ar
44allow ${HOME}/.tor-browser_ca 44whitelist ${HOME}/.tor-browser_ca
45allow ${HOME}/.tor-browser_cs 45whitelist ${HOME}/.tor-browser_cs
46allow ${HOME}/.tor-browser_da 46whitelist ${HOME}/.tor-browser_da
47allow ${HOME}/.tor-browser_de 47whitelist ${HOME}/.tor-browser_de
48allow ${HOME}/.tor-browser_el 48whitelist ${HOME}/.tor-browser_el
49allow ${HOME}/.tor-browser_en 49whitelist ${HOME}/.tor-browser_en
50allow ${HOME}/.tor-browser_en_US 50whitelist ${HOME}/.tor-browser_en_US
51allow ${HOME}/.tor-browser_es 51whitelist ${HOME}/.tor-browser_es
52allow ${HOME}/.tor-browser_es-ES 52whitelist ${HOME}/.tor-browser_es-ES
53allow ${HOME}/.tor-browser_fa 53whitelist ${HOME}/.tor-browser_fa
54allow ${HOME}/.tor-browser_fr 54whitelist ${HOME}/.tor-browser_fr
55allow ${HOME}/.tor-browser_ga-IE 55whitelist ${HOME}/.tor-browser_ga-IE
56allow ${HOME}/.tor-browser_he 56whitelist ${HOME}/.tor-browser_he
57allow ${HOME}/.tor-browser_hu 57whitelist ${HOME}/.tor-browser_hu
58allow ${HOME}/.tor-browser_id 58whitelist ${HOME}/.tor-browser_id
59allow ${HOME}/.tor-browser_is 59whitelist ${HOME}/.tor-browser_is
60allow ${HOME}/.tor-browser_it 60whitelist ${HOME}/.tor-browser_it
61allow ${HOME}/.tor-browser_ja 61whitelist ${HOME}/.tor-browser_ja
62allow ${HOME}/.tor-browser_ka 62whitelist ${HOME}/.tor-browser_ka
63allow ${HOME}/.tor-browser_ko 63whitelist ${HOME}/.tor-browser_ko
64allow ${HOME}/.tor-browser_nb 64whitelist ${HOME}/.tor-browser_nb
65allow ${HOME}/.tor-browser_nl 65whitelist ${HOME}/.tor-browser_nl
66allow ${HOME}/.tor-browser_pl 66whitelist ${HOME}/.tor-browser_pl
67allow ${HOME}/.tor-browser_pt-BR 67whitelist ${HOME}/.tor-browser_pt-BR
68allow ${HOME}/.tor-browser_ru 68whitelist ${HOME}/.tor-browser_ru
69allow ${HOME}/.tor-browser_sv-SE 69whitelist ${HOME}/.tor-browser_sv-SE
70allow ${HOME}/.tor-browser_tr 70whitelist ${HOME}/.tor-browser_tr
71allow ${HOME}/.tor-browser_vi 71whitelist ${HOME}/.tor-browser_vi
72allow ${HOME}/.tor-browser_zh-CN 72whitelist ${HOME}/.tor-browser_zh-CN
73allow ${HOME}/.tor-browser_zh-TW 73whitelist ${HOME}/.tor-browser_zh-TW
74 74
75# Redirect 75# Redirect
76include torbrowser-launcher.profile 76include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/steam.profile b/etc/profile-m-z/steam.profile
index 09e29373d..06d08f3a2 100644
--- a/etc/profile-m-z/steam.profile
+++ b/etc/profile-m-z/steam.profile
@@ -6,40 +6,40 @@ include steam.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Epic 9noblacklist ${HOME}/.config/Epic
10nodeny ${HOME}/.config/Loop_Hero 10noblacklist ${HOME}/.config/Loop_Hero
11nodeny ${HOME}/.config/ModTheSpire 11noblacklist ${HOME}/.config/ModTheSpire
12nodeny ${HOME}/.config/RogueLegacy 12noblacklist ${HOME}/.config/RogueLegacy
13nodeny ${HOME}/.config/RogueLegacyStorageContainer 13noblacklist ${HOME}/.config/RogueLegacyStorageContainer
14nodeny ${HOME}/.killingfloor 14noblacklist ${HOME}/.killingfloor
15nodeny ${HOME}/.klei 15noblacklist ${HOME}/.klei
16nodeny ${HOME}/.local/share/3909/PapersPlease 16noblacklist ${HOME}/.local/share/3909/PapersPlease
17nodeny ${HOME}/.local/share/aspyr-media 17noblacklist ${HOME}/.local/share/aspyr-media
18nodeny ${HOME}/.local/share/bohemiainteractive 18noblacklist ${HOME}/.local/share/bohemiainteractive
19nodeny ${HOME}/.local/share/cdprojektred 19noblacklist ${HOME}/.local/share/cdprojektred
20nodeny ${HOME}/.local/share/Dredmor 20noblacklist ${HOME}/.local/share/Dredmor
21nodeny ${HOME}/.local/share/FasterThanLight 21noblacklist ${HOME}/.local/share/FasterThanLight
22nodeny ${HOME}/.local/share/feral-interactive 22noblacklist ${HOME}/.local/share/feral-interactive
23nodeny ${HOME}/.local/share/IntoTheBreach 23noblacklist ${HOME}/.local/share/IntoTheBreach
24nodeny ${HOME}/.local/share/Paradox Interactive 24noblacklist ${HOME}/.local/share/Paradox Interactive
25nodeny ${HOME}/.local/share/PillarsOfEternity 25noblacklist ${HOME}/.local/share/PillarsOfEternity
26nodeny ${HOME}/.local/share/RogueLegacy 26noblacklist ${HOME}/.local/share/RogueLegacy
27nodeny ${HOME}/.local/share/RogueLegacyStorageContainer 27noblacklist ${HOME}/.local/share/RogueLegacyStorageContainer
28nodeny ${HOME}/.local/share/Steam 28noblacklist ${HOME}/.local/share/Steam
29nodeny ${HOME}/.local/share/SteamWorldDig 29noblacklist ${HOME}/.local/share/SteamWorldDig
30nodeny ${HOME}/.local/share/SteamWorld Dig 2 30noblacklist ${HOME}/.local/share/SteamWorld Dig 2
31nodeny ${HOME}/.local/share/SuperHexagon 31noblacklist ${HOME}/.local/share/SuperHexagon
32nodeny ${HOME}/.local/share/Terraria 32noblacklist ${HOME}/.local/share/Terraria
33nodeny ${HOME}/.local/share/vpltd 33noblacklist ${HOME}/.local/share/vpltd
34nodeny ${HOME}/.local/share/vulkan 34noblacklist ${HOME}/.local/share/vulkan
35nodeny ${HOME}/.mbwarband 35noblacklist ${HOME}/.mbwarband
36nodeny ${HOME}/.paradoxinteractive 36noblacklist ${HOME}/.paradoxinteractive
37nodeny ${HOME}/.steam 37noblacklist ${HOME}/.steam
38nodeny ${HOME}/.steampath 38noblacklist ${HOME}/.steampath
39nodeny ${HOME}/.steampid 39noblacklist ${HOME}/.steampid
40# needed for STEAM_RUNTIME_PREFER_HOST_LIBRARIES=1 to work 40# needed for STEAM_RUNTIME_PREFER_HOST_LIBRARIES=1 to work
41nodeny /sbin 41noblacklist /sbin
42nodeny /usr/sbin 42noblacklist /usr/sbin
43 43
44# Allow java (blacklisted by disable-devel.inc) 44# Allow java (blacklisted by disable-devel.inc)
45include allow-java.inc 45include allow-java.inc
@@ -84,38 +84,38 @@ mkdir ${HOME}/.paradoxinteractive
84mkdir ${HOME}/.steam 84mkdir ${HOME}/.steam
85mkfile ${HOME}/.steampath 85mkfile ${HOME}/.steampath
86mkfile ${HOME}/.steampid 86mkfile ${HOME}/.steampid
87allow ${HOME}/.config/Epic 87whitelist ${HOME}/.config/Epic
88allow ${HOME}/.config/Loop_Hero 88whitelist ${HOME}/.config/Loop_Hero
89allow ${HOME}/.config/ModTheSpire 89whitelist ${HOME}/.config/ModTheSpire
90allow ${HOME}/.config/RogueLegacy 90whitelist ${HOME}/.config/RogueLegacy
91allow ${HOME}/.config/RogueLegacyStorageContainer 91whitelist ${HOME}/.config/RogueLegacyStorageContainer
92allow ${HOME}/.config/unity3d 92whitelist ${HOME}/.config/unity3d
93allow ${HOME}/.killingfloor 93whitelist ${HOME}/.killingfloor
94allow ${HOME}/.klei 94whitelist ${HOME}/.klei
95allow ${HOME}/.local/share/3909/PapersPlease 95whitelist ${HOME}/.local/share/3909/PapersPlease
96allow ${HOME}/.local/share/aspyr-media 96whitelist ${HOME}/.local/share/aspyr-media
97allow ${HOME}/.local/share/bohemiainteractive 97whitelist ${HOME}/.local/share/bohemiainteractive
98allow ${HOME}/.local/share/cdprojektred 98whitelist ${HOME}/.local/share/cdprojektred
99allow ${HOME}/.local/share/Dredmor 99whitelist ${HOME}/.local/share/Dredmor
100allow ${HOME}/.local/share/FasterThanLight 100whitelist ${HOME}/.local/share/FasterThanLight
101allow ${HOME}/.local/share/feral-interactive 101whitelist ${HOME}/.local/share/feral-interactive
102allow ${HOME}/.local/share/IntoTheBreach 102whitelist ${HOME}/.local/share/IntoTheBreach
103allow ${HOME}/.local/share/Paradox Interactive 103whitelist ${HOME}/.local/share/Paradox Interactive
104allow ${HOME}/.local/share/PillarsOfEternity 104whitelist ${HOME}/.local/share/PillarsOfEternity
105allow ${HOME}/.local/share/RogueLegacy 105whitelist ${HOME}/.local/share/RogueLegacy
106allow ${HOME}/.local/share/RogueLegacyStorageContainer 106whitelist ${HOME}/.local/share/RogueLegacyStorageContainer
107allow ${HOME}/.local/share/Steam 107whitelist ${HOME}/.local/share/Steam
108allow ${HOME}/.local/share/SteamWorldDig 108whitelist ${HOME}/.local/share/SteamWorldDig
109allow ${HOME}/.local/share/SteamWorld Dig 2 109whitelist ${HOME}/.local/share/SteamWorld Dig 2
110allow ${HOME}/.local/share/SuperHexagon 110whitelist ${HOME}/.local/share/SuperHexagon
111allow ${HOME}/.local/share/Terraria 111whitelist ${HOME}/.local/share/Terraria
112allow ${HOME}/.local/share/vpltd 112whitelist ${HOME}/.local/share/vpltd
113allow ${HOME}/.local/share/vulkan 113whitelist ${HOME}/.local/share/vulkan
114allow ${HOME}/.mbwarband 114whitelist ${HOME}/.mbwarband
115allow ${HOME}/.paradoxinteractive 115whitelist ${HOME}/.paradoxinteractive
116allow ${HOME}/.steam 116whitelist ${HOME}/.steam
117allow ${HOME}/.steampath 117whitelist ${HOME}/.steampath
118allow ${HOME}/.steampid 118whitelist ${HOME}/.steampid
119include whitelist-common.inc 119include whitelist-common.inc
120include whitelist-var-common.inc 120include whitelist-var-common.inc
121 121
diff --git a/etc/profile-m-z/stellarium.profile b/etc/profile-m-z/stellarium.profile
index 003d3a079..a752ab53c 100644
--- a/etc/profile-m-z/stellarium.profile
+++ b/etc/profile-m-z/stellarium.profile
@@ -6,8 +6,8 @@ include stellarium.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/stellarium 9noblacklist ${HOME}/.config/stellarium
10nodeny ${HOME}/.stellarium 10noblacklist ${HOME}/.stellarium
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-shell.inc
19 19
20mkdir ${HOME}/.config/stellarium 20mkdir ${HOME}/.config/stellarium
21mkdir ${HOME}/.stellarium 21mkdir ${HOME}/.stellarium
22allow ${HOME}/.config/stellarium 22whitelist ${HOME}/.config/stellarium
23allow ${HOME}/.stellarium 23whitelist ${HOME}/.stellarium
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
26 26
diff --git a/etc/profile-m-z/straw-viewer.profile b/etc/profile-m-z/straw-viewer.profile
index dd643bc20..d73927f2a 100644
--- a/etc/profile-m-z/straw-viewer.profile
+++ b/etc/profile-m-z/straw-viewer.profile
@@ -7,13 +7,13 @@ include straw-viewer.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.cache/straw-viewer 10noblacklist ${HOME}/.cache/straw-viewer
11nodeny ${HOME}/.config/straw-viewer 11noblacklist ${HOME}/.config/straw-viewer
12 12
13mkdir ${HOME}/.config/straw-viewer 13mkdir ${HOME}/.config/straw-viewer
14mkdir ${HOME}/.cache/straw-viewer 14mkdir ${HOME}/.cache/straw-viewer
15allow ${HOME}/.cache/straw-viewer 15whitelist ${HOME}/.cache/straw-viewer
16allow ${HOME}/.config/straw-viewer 16whitelist ${HOME}/.config/straw-viewer
17 17
18private-bin gtk-straw-viewer,straw-viewer 18private-bin gtk-straw-viewer,straw-viewer
19 19
diff --git a/etc/profile-m-z/strawberry.profile b/etc/profile-m-z/strawberry.profile
index aed0b7910..b87906f55 100644
--- a/etc/profile-m-z/strawberry.profile
+++ b/etc/profile-m-z/strawberry.profile
@@ -6,10 +6,10 @@ include strawberry.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/strawberry 9noblacklist ${HOME}/.cache/strawberry
10nodeny ${HOME}/.config/strawberry 10noblacklist ${HOME}/.config/strawberry
11nodeny ${HOME}/.local/share/strawberry 11noblacklist ${HOME}/.local/share/strawberry
12nodeny ${MUSIC} 12noblacklist ${MUSIC}
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile
index 5c820ef81..1ebcded7f 100644
--- a/etc/profile-m-z/strings.profile
+++ b/etc/profile-m-z/strings.profile
@@ -7,7 +7,7 @@ include strings.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER} 10blacklist ${RUNUSER}
11 11
12#include disable-common.inc 12#include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/subdownloader.profile b/etc/profile-m-z/subdownloader.profile
index 0d07b5ea7..bbe92fd38 100644
--- a/etc/profile-m-z/subdownloader.profile
+++ b/etc/profile-m-z/subdownloader.profile
@@ -6,8 +6,8 @@ include subdownloader.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/SubDownloader 9noblacklist ${HOME}/.config/SubDownloader
10nodeny ${VIDEOS} 10noblacklist ${VIDEOS}
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python2.inc 13include allow-python2.inc
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile
index 8cc547805..cfd7a63ea 100644
--- a/etc/profile-m-z/supertux2.profile
+++ b/etc/profile-m-z/supertux2.profile
@@ -6,7 +6,7 @@ include supertux2.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.local/share/supertux2 9noblacklist ${HOME}/.local/share/supertux2
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,9 +18,9 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.local/share/supertux2 20mkdir ${HOME}/.local/share/supertux2
21allow ${HOME}/.local/share/supertux2 21whitelist ${HOME}/.local/share/supertux2
22allow /usr/share/supertux2 22whitelist /usr/share/supertux2
23allow /usr/share/games/supertux2 # Debian version 23whitelist /usr/share/games/supertux2 # Debian version
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-runuser-common.inc 25include whitelist-runuser-common.inc
26include whitelist-usr-share-common.inc 26include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile
index 44dc1524f..4eb8f921c 100644
--- a/etc/profile-m-z/supertuxkart.profile
+++ b/etc/profile-m-z/supertuxkart.profile
@@ -6,11 +6,11 @@ include supertuxkart.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/supertuxkart 9noblacklist ${HOME}/.config/supertuxkart
10nodeny ${HOME}/.cache/supertuxkart 10noblacklist ${HOME}/.cache/supertuxkart
11nodeny ${HOME}/.local/share/supertuxkart 11noblacklist ${HOME}/.local/share/supertuxkart
12 12
13deny /usr/libexec 13blacklist /usr/libexec
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -24,11 +24,11 @@ include disable-xdg.inc
24mkdir ${HOME}/.config/supertuxkart 24mkdir ${HOME}/.config/supertuxkart
25mkdir ${HOME}/.cache/supertuxkart 25mkdir ${HOME}/.cache/supertuxkart
26mkdir ${HOME}/.local/share/supertuxkart 26mkdir ${HOME}/.local/share/supertuxkart
27allow ${HOME}/.config/supertuxkart 27whitelist ${HOME}/.config/supertuxkart
28allow ${HOME}/.cache/supertuxkart 28whitelist ${HOME}/.cache/supertuxkart
29allow ${HOME}/.local/share/supertuxkart 29whitelist ${HOME}/.local/share/supertuxkart
30allow /usr/share/supertuxkart 30whitelist /usr/share/supertuxkart
31allow /usr/share/games/supertuxkart # Debian version 31whitelist /usr/share/games/supertuxkart # Debian version
32include whitelist-common.inc 32include whitelist-common.inc
33include whitelist-runuser-common.inc 33include whitelist-runuser-common.inc
34include whitelist-usr-share-common.inc 34include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/surf.profile b/etc/profile-m-z/surf.profile
index fd1e7f9e9..8db7d2433 100644
--- a/etc/profile-m-z/surf.profile
+++ b/etc/profile-m-z/surf.profile
@@ -6,7 +6,7 @@ include surf.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.surf 9noblacklist ${HOME}/.surf
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -15,8 +15,8 @@ include disable-passwdmgr.inc
15include disable-programs.inc 15include disable-programs.inc
16 16
17mkdir ${HOME}/.surf 17mkdir ${HOME}/.surf
18allow ${HOME}/.surf 18whitelist ${HOME}/.surf
19allow ${DOWNLOADS} 19whitelist ${DOWNLOADS}
20include whitelist-common.inc 20include whitelist-common.inc
21 21
22caps.drop all 22caps.drop all
diff --git a/etc/profile-m-z/swell-foop.profile b/etc/profile-m-z/swell-foop.profile
index 55cd0965a..9efae815d 100644
--- a/etc/profile-m-z/swell-foop.profile
+++ b/etc/profile-m-z/swell-foop.profile
@@ -6,12 +6,12 @@ include swell-foop.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.local/share/swell-foop 9noblacklist ${HOME}/.local/share/swell-foop
10 10
11mkdir ${HOME}/.local/share/swell-foop 11mkdir ${HOME}/.local/share/swell-foop
12allow ${HOME}/.local/share/swell-foop 12whitelist ${HOME}/.local/share/swell-foop
13 13
14allow /usr/share/swell-foop 14whitelist /usr/share/swell-foop
15 15
16private-bin swell-foop 16private-bin swell-foop
17 17
diff --git a/etc/profile-m-z/sylpheed.profile b/etc/profile-m-z/sylpheed.profile
index 447cdc99e..328812b04 100644
--- a/etc/profile-m-z/sylpheed.profile
+++ b/etc/profile-m-z/sylpheed.profile
@@ -6,12 +6,12 @@ include sylpheed.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.sylpheed-2.0 9noblacklist ${HOME}/.sylpheed-2.0
10 10
11mkdir ${HOME}/.sylpheed-2.0 11mkdir ${HOME}/.sylpheed-2.0
12allow ${HOME}/.sylpheed-2.0 12whitelist ${HOME}/.sylpheed-2.0
13 13
14allow /usr/share/sylpheed 14whitelist /usr/share/sylpheed
15 15
16# private-bin curl,gpg,gpg2,gpg-agent,gpgsm,pinentry,pinentry-gtk-2,sylpheed 16# private-bin curl,gpg,gpg2,gpg-agent,gpgsm,pinentry,pinentry-gtk-2,sylpheed
17 17
diff --git a/etc/profile-m-z/synfigstudio.profile b/etc/profile-m-z/synfigstudio.profile
index 7cbbafd54..c60186c42 100644
--- a/etc/profile-m-z/synfigstudio.profile
+++ b/etc/profile-m-z/synfigstudio.profile
@@ -6,8 +6,8 @@ include synfigstudio.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/synfig 9noblacklist ${HOME}/.config/synfig
10nodeny ${HOME}/.synfig 10noblacklist ${HOME}/.synfig
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/sysprof.profile b/etc/profile-m-z/sysprof.profile
index f20f88791..b52b25b96 100644
--- a/etc/profile-m-z/sysprof.profile
+++ b/etc/profile-m-z/sysprof.profile
@@ -6,7 +6,7 @@ include sysprof.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
12include disable-exec.inc 12include disable-exec.inc
@@ -24,15 +24,15 @@ include disable-xdg.inc
24#nowhitelist /usr/share/yelp-tools 24#nowhitelist /usr/share/yelp-tools
25#nowhitelist /usr/share/yelp-xsl 25#nowhitelist /usr/share/yelp-xsl
26 26
27nodeny ${HOME}/.config/yelp 27noblacklist ${HOME}/.config/yelp
28mkdir ${HOME}/.config/yelp 28mkdir ${HOME}/.config/yelp
29allow ${HOME}/.config/yelp 29whitelist ${HOME}/.config/yelp
30allow /usr/share/help/C/sysprof 30whitelist /usr/share/help/C/sysprof
31allow /usr/share/yelp 31whitelist /usr/share/yelp
32allow /usr/share/yelp-tools 32whitelist /usr/share/yelp-tools
33allow /usr/share/yelp-xsl 33whitelist /usr/share/yelp-xsl
34 34
35allow ${DOCUMENTS} 35whitelist ${DOCUMENTS}
36include whitelist-common.inc 36include whitelist-common.inc
37include whitelist-runuser-common.inc 37include whitelist-runuser-common.inc
38include whitelist-usr-share-common.inc 38include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/tar.profile b/etc/profile-m-z/tar.profile
index 74c8a0849..0d3a900e9 100644
--- a/etc/profile-m-z/tar.profile
+++ b/etc/profile-m-z/tar.profile
@@ -12,7 +12,7 @@ ignore include disable-shell.inc
12 12
13# Arch Linux (based distributions) need access to /var/lib/pacman. As we drop 13# Arch Linux (based distributions) need access to /var/lib/pacman. As we drop
14# all capabilities this is automatically read-only. 14# all capabilities this is automatically read-only.
15nodeny /var/lib/pacman 15noblacklist /var/lib/pacman
16 16
17private-etc alternatives,group,localtime,login.defs,passwd 17private-etc alternatives,group,localtime,login.defs,passwd
18#private-lib libfakeroot,liblzma.so.*,libreadline.so.* 18#private-lib libfakeroot,liblzma.so.*,libreadline.so.*
diff --git a/etc/profile-m-z/tb-starter-wrapper.profile b/etc/profile-m-z/tb-starter-wrapper.profile
index 691c33191..ffe9605b6 100644
--- a/etc/profile-m-z/tb-starter-wrapper.profile
+++ b/etc/profile-m-z/tb-starter-wrapper.profile
@@ -8,10 +8,10 @@ include tb-starter-wrapper.local
8# added by included profile 8# added by included profile
9#include globals.local 9#include globals.local
10 10
11nodeny ${HOME}/.tb 11noblacklist ${HOME}/.tb
12 12
13mkdir ${HOME}/.tb 13mkdir ${HOME}/.tb
14allow ${HOME}/.tb 14whitelist ${HOME}/.tb
15 15
16private-bin tb-starter-wrapper 16private-bin tb-starter-wrapper
17 17
diff --git a/etc/profile-m-z/tcpdump.profile b/etc/profile-m-z/tcpdump.profile
index b4c4873b3..e2ba5893c 100644
--- a/etc/profile-m-z/tcpdump.profile
+++ b/etc/profile-m-z/tcpdump.profile
@@ -6,9 +6,9 @@ include tcpdump.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny /sbin 9noblacklist /sbin
10nodeny /usr/sbin 10noblacklist /usr/sbin
11nodeny ${PATH}/tcpdump 11noblacklist ${PATH}/tcpdump
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/teams-for-linux.profile b/etc/profile-m-z/teams-for-linux.profile
index 24cbb42da..eee083332 100644
--- a/etc/profile-m-z/teams-for-linux.profile
+++ b/etc/profile-m-z/teams-for-linux.profile
@@ -14,10 +14,10 @@ ignore include whitelist-usr-share-common.inc
14ignore dbus-user none 14ignore dbus-user none
15ignore dbus-system none 15ignore dbus-system none
16 16
17nodeny ${HOME}/.config/teams-for-linux 17noblacklist ${HOME}/.config/teams-for-linux
18 18
19mkdir ${HOME}/.config/teams-for-linux 19mkdir ${HOME}/.config/teams-for-linux
20allow ${HOME}/.config/teams-for-linux 20whitelist ${HOME}/.config/teams-for-linux
21 21
22private-bin bash,cut,echo,egrep,grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh 22private-bin bash,cut,echo,egrep,grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh
23private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl 23private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl
diff --git a/etc/profile-m-z/teams.profile b/etc/profile-m-z/teams.profile
index 8639edbc8..c8d98cbaa 100644
--- a/etc/profile-m-z/teams.profile
+++ b/etc/profile-m-z/teams.profile
@@ -18,13 +18,13 @@ ignore apparmor
18ignore dbus-user none 18ignore dbus-user none
19ignore dbus-system none 19ignore dbus-system none
20 20
21nodeny ${HOME}/.config/teams 21noblacklist ${HOME}/.config/teams
22nodeny ${HOME}/.config/Microsoft 22noblacklist ${HOME}/.config/Microsoft
23 23
24mkdir ${HOME}/.config/teams 24mkdir ${HOME}/.config/teams
25mkdir ${HOME}/.config/Microsoft 25mkdir ${HOME}/.config/Microsoft
26allow ${HOME}/.config/teams 26whitelist ${HOME}/.config/teams
27allow ${HOME}/.config/Microsoft 27whitelist ${HOME}/.config/Microsoft
28 28
29# Redirect 29# Redirect
30include electron.profile 30include electron.profile
diff --git a/etc/profile-m-z/teamspeak3.profile b/etc/profile-m-z/teamspeak3.profile
index 781a5f4eb..02a2c8ae4 100644
--- a/etc/profile-m-z/teamspeak3.profile
+++ b/etc/profile-m-z/teamspeak3.profile
@@ -6,8 +6,8 @@ include teamspeak3.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.ts3client 9noblacklist ${HOME}/.ts3client
10nodeny ${PATH}/openssl 10noblacklist ${PATH}/openssl
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-passwdmgr.inc
17include disable-programs.inc 17include disable-programs.inc
18 18
19mkdir ${HOME}/.ts3client 19mkdir ${HOME}/.ts3client
20allow ${DOWNLOADS} 20whitelist ${DOWNLOADS}
21allow ${HOME}/.ts3client 21whitelist ${HOME}/.ts3client
22include whitelist-common.inc 22include whitelist-common.inc
23 23
24caps.drop all 24caps.drop all
diff --git a/etc/profile-m-z/teeworlds.profile b/etc/profile-m-z/teeworlds.profile
index c9c444ffc..be01aee12 100644
--- a/etc/profile-m-z/teeworlds.profile
+++ b/etc/profile-m-z/teeworlds.profile
@@ -6,7 +6,7 @@ include teeworlds.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.teeworlds 9noblacklist ${HOME}/.teeworlds
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.teeworlds 20mkdir ${HOME}/.teeworlds
21allow ${HOME}/.teeworlds 21whitelist ${HOME}/.teeworlds
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/telegram.profile b/etc/profile-m-z/telegram.profile
index 92689a461..e7580938d 100644
--- a/etc/profile-m-z/telegram.profile
+++ b/etc/profile-m-z/telegram.profile
@@ -5,8 +5,8 @@ include telegram.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.TelegramDesktop 8noblacklist ${HOME}/.TelegramDesktop
9nodeny ${HOME}/.local/share/TelegramDesktop 9noblacklist ${HOME}/.local/share/TelegramDesktop
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -19,9 +19,9 @@ include disable-xdg.inc
19 19
20mkdir ${HOME}/.TelegramDesktop 20mkdir ${HOME}/.TelegramDesktop
21mkdir ${HOME}/.local/share/TelegramDesktop 21mkdir ${HOME}/.local/share/TelegramDesktop
22allow ${HOME}/.TelegramDesktop 22whitelist ${HOME}/.TelegramDesktop
23allow ${HOME}/.local/share/TelegramDesktop 23whitelist ${HOME}/.local/share/TelegramDesktop
24allow ${DOWNLOADS} 24whitelist ${DOWNLOADS}
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-runuser-common.inc 26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/terasology.profile b/etc/profile-m-z/terasology.profile
index b2f98fbac..ce2ca1d17 100644
--- a/etc/profile-m-z/terasology.profile
+++ b/etc/profile-m-z/terasology.profile
@@ -7,7 +7,7 @@ include globals.local
7 7
8ignore noexec /tmp 8ignore noexec /tmp
9 9
10nodeny ${HOME}/.local/share/terasology 10noblacklist ${HOME}/.local/share/terasology
11 11
12# Allow java (blacklisted by disable-devel.inc) 12# Allow java (blacklisted by disable-devel.inc)
13include allow-java.inc 13include allow-java.inc
@@ -21,8 +21,8 @@ include disable-programs.inc
21 21
22mkdir ${HOME}/.java 22mkdir ${HOME}/.java
23mkdir ${HOME}/.local/share/terasology 23mkdir ${HOME}/.local/share/terasology
24allow ${HOME}/.java 24whitelist ${HOME}/.java
25allow ${HOME}/.local/share/terasology 25whitelist ${HOME}/.local/share/terasology
26include whitelist-common.inc 26include whitelist-common.inc
27 27
28caps.drop all 28caps.drop all
diff --git a/etc/profile-m-z/thunderbird.profile b/etc/profile-m-z/thunderbird.profile
index a539cadf8..b478fbe1e 100644
--- a/etc/profile-m-z/thunderbird.profile
+++ b/etc/profile-m-z/thunderbird.profile
@@ -22,14 +22,14 @@ writable-run-user
22#writable-var 22#writable-var
23 23
24# These lines are needed to allow Firefox to load your profile when clicking a link in an email 24# These lines are needed to allow Firefox to load your profile when clicking a link in an email
25nodeny ${HOME}/.mozilla 25noblacklist ${HOME}/.mozilla
26allow ${HOME}/.mozilla/firefox/profiles.ini 26whitelist ${HOME}/.mozilla/firefox/profiles.ini
27read-only ${HOME}/.mozilla/firefox/profiles.ini 27read-only ${HOME}/.mozilla/firefox/profiles.ini
28 28
29nodeny ${HOME}/.cache/thunderbird 29noblacklist ${HOME}/.cache/thunderbird
30nodeny ${HOME}/.gnupg 30noblacklist ${HOME}/.gnupg
31# noblacklist ${HOME}/.icedove 31# noblacklist ${HOME}/.icedove
32nodeny ${HOME}/.thunderbird 32noblacklist ${HOME}/.thunderbird
33 33
34include disable-passwdmgr.inc 34include disable-passwdmgr.inc
35include disable-xdg.inc 35include disable-xdg.inc
@@ -42,15 +42,15 @@ mkdir ${HOME}/.cache/thunderbird
42mkdir ${HOME}/.gnupg 42mkdir ${HOME}/.gnupg
43# mkdir ${HOME}/.icedove 43# mkdir ${HOME}/.icedove
44mkdir ${HOME}/.thunderbird 44mkdir ${HOME}/.thunderbird
45allow ${HOME}/.cache/thunderbird 45whitelist ${HOME}/.cache/thunderbird
46allow ${HOME}/.gnupg 46whitelist ${HOME}/.gnupg
47# whitelist ${HOME}/.icedove 47# whitelist ${HOME}/.icedove
48allow ${HOME}/.thunderbird 48whitelist ${HOME}/.thunderbird
49 49
50allow /usr/share/gnupg 50whitelist /usr/share/gnupg
51allow /usr/share/mozilla 51whitelist /usr/share/mozilla
52allow /usr/share/thunderbird 52whitelist /usr/share/thunderbird
53allow /usr/share/webext 53whitelist /usr/share/webext
54include whitelist-usr-share-common.inc 54include whitelist-usr-share-common.inc
55 55
56# machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required 56# machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required
diff --git a/etc/profile-m-z/tilp.profile b/etc/profile-m-z/tilp.profile
index b0fa54f08..dd4a372c4 100644
--- a/etc/profile-m-z/tilp.profile
+++ b/etc/profile-m-z/tilp.profile
@@ -5,7 +5,7 @@ include tilp.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.tilp 8noblacklist ${HOME}/.tilp
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
diff --git a/etc/profile-m-z/tin.profile b/etc/profile-m-z/tin.profile
index 3ee696b8b..e0ed3090a 100644
--- a/etc/profile-m-z/tin.profile
+++ b/etc/profile-m-z/tin.profile
@@ -6,12 +6,12 @@ include tin.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.newsrc 9noblacklist ${HOME}/.newsrc
10nodeny ${HOME}/.tin 10noblacklist ${HOME}/.tin
11 11
12deny /tmp/.X11-unix 12blacklist /tmp/.X11-unix
13deny ${RUNUSER} 13blacklist ${RUNUSER}
14deny /usr/libexec 14blacklist /usr/libexec
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
diff --git a/etc/profile-m-z/tmux.profile b/etc/profile-m-z/tmux.profile
index d2e90e356..0139d7515 100644
--- a/etc/profile-m-z/tmux.profile
+++ b/etc/profile-m-z/tmux.profile
@@ -7,10 +7,10 @@ include tmux.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny /tmp/.X11-unix 10blacklist /tmp/.X11-unix
11deny ${RUNUSER} 11blacklist ${RUNUSER}
12 12
13nodeny /tmp/tmux-* 13noblacklist /tmp/tmux-*
14 14
15# include disable-common.inc 15# include disable-common.inc
16# include disable-devel.inc 16# include disable-devel.inc
diff --git a/etc/profile-m-z/tor-browser-ar.profile b/etc/profile-m-z/tor-browser-ar.profile
index 49158b93e..59f1bc3b1 100644
--- a/etc/profile-m-z/tor-browser-ar.profile
+++ b/etc/profile-m-z/tor-browser-ar.profile
@@ -6,10 +6,10 @@ include tor-browser-ar.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ar 9noblacklist ${HOME}/.tor-browser-ar
10 10
11mkdir ${HOME}/.tor-browser-ar 11mkdir ${HOME}/.tor-browser-ar
12allow ${HOME}/.tor-browser-ar 12whitelist ${HOME}/.tor-browser-ar
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-ca.profile b/etc/profile-m-z/tor-browser-ca.profile
index 612f8bd7c..68577e352 100644
--- a/etc/profile-m-z/tor-browser-ca.profile
+++ b/etc/profile-m-z/tor-browser-ca.profile
@@ -6,10 +6,10 @@ include tor-browser-ca.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ca 9noblacklist ${HOME}/.tor-browser-ca
10 10
11mkdir ${HOME}/.tor-browser-ca 11mkdir ${HOME}/.tor-browser-ca
12allow ${HOME}/.tor-browser-ca 12whitelist ${HOME}/.tor-browser-ca
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-cs.profile b/etc/profile-m-z/tor-browser-cs.profile
index a400fde05..33e51fcd0 100644
--- a/etc/profile-m-z/tor-browser-cs.profile
+++ b/etc/profile-m-z/tor-browser-cs.profile
@@ -6,10 +6,10 @@ include tor-browser-cs.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-cs 9noblacklist ${HOME}/.tor-browser-cs
10 10
11mkdir ${HOME}/.tor-browser-cs 11mkdir ${HOME}/.tor-browser-cs
12allow ${HOME}/.tor-browser-cs 12whitelist ${HOME}/.tor-browser-cs
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-da.profile b/etc/profile-m-z/tor-browser-da.profile
index 9010025e3..440bb7fc3 100644
--- a/etc/profile-m-z/tor-browser-da.profile
+++ b/etc/profile-m-z/tor-browser-da.profile
@@ -6,10 +6,10 @@ include tor-browser-da.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-da 9noblacklist ${HOME}/.tor-browser-da
10 10
11mkdir ${HOME}/.tor-browser-da 11mkdir ${HOME}/.tor-browser-da
12allow ${HOME}/.tor-browser-da 12whitelist ${HOME}/.tor-browser-da
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-de.profile b/etc/profile-m-z/tor-browser-de.profile
index cd556c32b..b2b98cf82 100644
--- a/etc/profile-m-z/tor-browser-de.profile
+++ b/etc/profile-m-z/tor-browser-de.profile
@@ -6,10 +6,10 @@ include tor-browser-de.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-de 9noblacklist ${HOME}/.tor-browser-de
10 10
11mkdir ${HOME}/.tor-browser-de 11mkdir ${HOME}/.tor-browser-de
12allow ${HOME}/.tor-browser-de 12whitelist ${HOME}/.tor-browser-de
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-el.profile b/etc/profile-m-z/tor-browser-el.profile
index ee2b0fea7..626757dd5 100644
--- a/etc/profile-m-z/tor-browser-el.profile
+++ b/etc/profile-m-z/tor-browser-el.profile
@@ -6,10 +6,10 @@ include tor-browser-el.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-el 9noblacklist ${HOME}/.tor-browser-el
10 10
11mkdir ${HOME}/.tor-browser-el 11mkdir ${HOME}/.tor-browser-el
12allow ${HOME}/.tor-browser-el 12whitelist ${HOME}/.tor-browser-el
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-en-us.profile b/etc/profile-m-z/tor-browser-en-us.profile
index 2be71a5aa..15e690748 100644
--- a/etc/profile-m-z/tor-browser-en-us.profile
+++ b/etc/profile-m-z/tor-browser-en-us.profile
@@ -6,10 +6,10 @@ include tor-browser-en-us.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-en-us 9noblacklist ${HOME}/.tor-browser-en-us
10 10
11mkdir ${HOME}/.tor-browser-en-us 11mkdir ${HOME}/.tor-browser-en-us
12allow ${HOME}/.tor-browser-en-us 12whitelist ${HOME}/.tor-browser-en-us
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-en.profile b/etc/profile-m-z/tor-browser-en.profile
index 633c2f4f9..ef8c1eb8b 100644
--- a/etc/profile-m-z/tor-browser-en.profile
+++ b/etc/profile-m-z/tor-browser-en.profile
@@ -6,10 +6,10 @@ include tor-browser-en.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-en 9noblacklist ${HOME}/.tor-browser-en
10 10
11mkdir ${HOME}/.tor-browser-en 11mkdir ${HOME}/.tor-browser-en
12allow ${HOME}/.tor-browser-en 12whitelist ${HOME}/.tor-browser-en
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-es-es.profile b/etc/profile-m-z/tor-browser-es-es.profile
index f7c2302a7..ad734662e 100644
--- a/etc/profile-m-z/tor-browser-es-es.profile
+++ b/etc/profile-m-z/tor-browser-es-es.profile
@@ -6,10 +6,10 @@ include tor-browser-es-es.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-es-es 9noblacklist ${HOME}/.tor-browser-es-es
10 10
11mkdir ${HOME}/.tor-browser-es-es 11mkdir ${HOME}/.tor-browser-es-es
12allow ${HOME}/.tor-browser-es-es 12whitelist ${HOME}/.tor-browser-es-es
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-es.profile b/etc/profile-m-z/tor-browser-es.profile
index d88dcdec1..97d8d8577 100644
--- a/etc/profile-m-z/tor-browser-es.profile
+++ b/etc/profile-m-z/tor-browser-es.profile
@@ -6,10 +6,10 @@ include tor-browser-es.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-es 9noblacklist ${HOME}/.tor-browser-es
10 10
11mkdir ${HOME}/.tor-browser-es 11mkdir ${HOME}/.tor-browser-es
12allow ${HOME}/.tor-browser-es 12whitelist ${HOME}/.tor-browser-es
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-fa.profile b/etc/profile-m-z/tor-browser-fa.profile
index 3f7074fdb..095be69e4 100644
--- a/etc/profile-m-z/tor-browser-fa.profile
+++ b/etc/profile-m-z/tor-browser-fa.profile
@@ -6,10 +6,10 @@ include tor-browser-fa.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-fa 9noblacklist ${HOME}/.tor-browser-fa
10 10
11mkdir ${HOME}/.tor-browser-fa 11mkdir ${HOME}/.tor-browser-fa
12allow ${HOME}/.tor-browser-fa 12whitelist ${HOME}/.tor-browser-fa
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-fr.profile b/etc/profile-m-z/tor-browser-fr.profile
index ef14f44a2..37f61fc3a 100644
--- a/etc/profile-m-z/tor-browser-fr.profile
+++ b/etc/profile-m-z/tor-browser-fr.profile
@@ -6,10 +6,10 @@ include tor-browser-fr.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-fr 9noblacklist ${HOME}/.tor-browser-fr
10 10
11mkdir ${HOME}/.tor-browser-fr 11mkdir ${HOME}/.tor-browser-fr
12allow ${HOME}/.tor-browser-fr 12whitelist ${HOME}/.tor-browser-fr
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-ga-ie.profile b/etc/profile-m-z/tor-browser-ga-ie.profile
index 06baaf34f..ab7141fc4 100644
--- a/etc/profile-m-z/tor-browser-ga-ie.profile
+++ b/etc/profile-m-z/tor-browser-ga-ie.profile
@@ -6,10 +6,10 @@ include tor-browser-ga-ie.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ga-ie 9noblacklist ${HOME}/.tor-browser-ga-ie
10 10
11mkdir ${HOME}/.tor-browser-ga-ie 11mkdir ${HOME}/.tor-browser-ga-ie
12allow ${HOME}/.tor-browser-ga-ie 12whitelist ${HOME}/.tor-browser-ga-ie
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-he.profile b/etc/profile-m-z/tor-browser-he.profile
index 57588ffc7..ae56f3b7f 100644
--- a/etc/profile-m-z/tor-browser-he.profile
+++ b/etc/profile-m-z/tor-browser-he.profile
@@ -6,10 +6,10 @@ include tor-browser-he.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-he 9noblacklist ${HOME}/.tor-browser-he
10 10
11mkdir ${HOME}/.tor-browser-he 11mkdir ${HOME}/.tor-browser-he
12allow ${HOME}/.tor-browser-he 12whitelist ${HOME}/.tor-browser-he
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-hu.profile b/etc/profile-m-z/tor-browser-hu.profile
index a10b66a24..65cd18ac8 100644
--- a/etc/profile-m-z/tor-browser-hu.profile
+++ b/etc/profile-m-z/tor-browser-hu.profile
@@ -6,10 +6,10 @@ include tor-browser-hu.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-hu 9noblacklist ${HOME}/.tor-browser-hu
10 10
11mkdir ${HOME}/.tor-browser-hu 11mkdir ${HOME}/.tor-browser-hu
12allow ${HOME}/.tor-browser-hu 12whitelist ${HOME}/.tor-browser-hu
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-id.profile b/etc/profile-m-z/tor-browser-id.profile
index fcdb822cd..57fe09f47 100644
--- a/etc/profile-m-z/tor-browser-id.profile
+++ b/etc/profile-m-z/tor-browser-id.profile
@@ -6,10 +6,10 @@ include tor-browser-id.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-id 9noblacklist ${HOME}/.tor-browser-id
10 10
11mkdir ${HOME}/.tor-browser-id 11mkdir ${HOME}/.tor-browser-id
12allow ${HOME}/.tor-browser-id 12whitelist ${HOME}/.tor-browser-id
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-is.profile b/etc/profile-m-z/tor-browser-is.profile
index 45b47c108..54f1df42d 100644
--- a/etc/profile-m-z/tor-browser-is.profile
+++ b/etc/profile-m-z/tor-browser-is.profile
@@ -6,10 +6,10 @@ include tor-browser-is.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-is 9noblacklist ${HOME}/.tor-browser-is
10 10
11mkdir ${HOME}/.tor-browser-is 11mkdir ${HOME}/.tor-browser-is
12allow ${HOME}/.tor-browser-is 12whitelist ${HOME}/.tor-browser-is
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-it.profile b/etc/profile-m-z/tor-browser-it.profile
index b5a2f7c13..a7d46e875 100644
--- a/etc/profile-m-z/tor-browser-it.profile
+++ b/etc/profile-m-z/tor-browser-it.profile
@@ -6,10 +6,10 @@ include tor-browser-it.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-it 9noblacklist ${HOME}/.tor-browser-it
10 10
11mkdir ${HOME}/.tor-browser-it 11mkdir ${HOME}/.tor-browser-it
12allow ${HOME}/.tor-browser-it 12whitelist ${HOME}/.tor-browser-it
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-ja.profile b/etc/profile-m-z/tor-browser-ja.profile
index e1f023bd4..b89016141 100644
--- a/etc/profile-m-z/tor-browser-ja.profile
+++ b/etc/profile-m-z/tor-browser-ja.profile
@@ -6,10 +6,10 @@ include tor-browser-ja.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ja 9noblacklist ${HOME}/.tor-browser-ja
10 10
11mkdir ${HOME}/.tor-browser-ja 11mkdir ${HOME}/.tor-browser-ja
12allow ${HOME}/.tor-browser-ja 12whitelist ${HOME}/.tor-browser-ja
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-ka.profile b/etc/profile-m-z/tor-browser-ka.profile
index 17930b58e..b57cf10de 100644
--- a/etc/profile-m-z/tor-browser-ka.profile
+++ b/etc/profile-m-z/tor-browser-ka.profile
@@ -6,10 +6,10 @@ include tor-browser-ka.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ka 9noblacklist ${HOME}/.tor-browser-ka
10 10
11mkdir ${HOME}/.tor-browser-ka 11mkdir ${HOME}/.tor-browser-ka
12allow ${HOME}/.tor-browser-ka 12whitelist ${HOME}/.tor-browser-ka
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-ko.profile b/etc/profile-m-z/tor-browser-ko.profile
index b33d1edb4..a9bedb6fd 100644
--- a/etc/profile-m-z/tor-browser-ko.profile
+++ b/etc/profile-m-z/tor-browser-ko.profile
@@ -6,10 +6,10 @@ include tor-browser-ko.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ko 9noblacklist ${HOME}/.tor-browser-ko
10 10
11mkdir ${HOME}/.tor-browser-ko 11mkdir ${HOME}/.tor-browser-ko
12allow ${HOME}/.tor-browser-ko 12whitelist ${HOME}/.tor-browser-ko
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-nb.profile b/etc/profile-m-z/tor-browser-nb.profile
index b462eb9ac..fbe9f92bd 100644
--- a/etc/profile-m-z/tor-browser-nb.profile
+++ b/etc/profile-m-z/tor-browser-nb.profile
@@ -6,10 +6,10 @@ include tor-browser-nb.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-nb 9noblacklist ${HOME}/.tor-browser-nb
10 10
11mkdir ${HOME}/.tor-browser-nb 11mkdir ${HOME}/.tor-browser-nb
12allow ${HOME}/.tor-browser-nb 12whitelist ${HOME}/.tor-browser-nb
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-nl.profile b/etc/profile-m-z/tor-browser-nl.profile
index 0225eb6fd..678ac1713 100644
--- a/etc/profile-m-z/tor-browser-nl.profile
+++ b/etc/profile-m-z/tor-browser-nl.profile
@@ -6,10 +6,10 @@ include tor-browser-nl.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-nl 9noblacklist ${HOME}/.tor-browser-nl
10 10
11mkdir ${HOME}/.tor-browser-nl 11mkdir ${HOME}/.tor-browser-nl
12allow ${HOME}/.tor-browser-nl 12whitelist ${HOME}/.tor-browser-nl
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-pl.profile b/etc/profile-m-z/tor-browser-pl.profile
index 75604b458..25d473b1a 100644
--- a/etc/profile-m-z/tor-browser-pl.profile
+++ b/etc/profile-m-z/tor-browser-pl.profile
@@ -6,10 +6,10 @@ include tor-browser-pl.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-pl 9noblacklist ${HOME}/.tor-browser-pl
10 10
11mkdir ${HOME}/.tor-browser-pl 11mkdir ${HOME}/.tor-browser-pl
12allow ${HOME}/.tor-browser-pl 12whitelist ${HOME}/.tor-browser-pl
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-pt-br.profile b/etc/profile-m-z/tor-browser-pt-br.profile
index 4d50d8034..55adbd5ea 100644
--- a/etc/profile-m-z/tor-browser-pt-br.profile
+++ b/etc/profile-m-z/tor-browser-pt-br.profile
@@ -6,10 +6,10 @@ include tor-browser-pt-br.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-pt-br 9noblacklist ${HOME}/.tor-browser-pt-br
10 10
11mkdir ${HOME}/.tor-browser-pt-br 11mkdir ${HOME}/.tor-browser-pt-br
12allow ${HOME}/.tor-browser-pt-br 12whitelist ${HOME}/.tor-browser-pt-br
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-ru.profile b/etc/profile-m-z/tor-browser-ru.profile
index 4bca3c46f..aea13be9d 100644
--- a/etc/profile-m-z/tor-browser-ru.profile
+++ b/etc/profile-m-z/tor-browser-ru.profile
@@ -6,10 +6,10 @@ include tor-browser-ru.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-ru 9noblacklist ${HOME}/.tor-browser-ru
10 10
11mkdir ${HOME}/.tor-browser-ru 11mkdir ${HOME}/.tor-browser-ru
12allow ${HOME}/.tor-browser-ru 12whitelist ${HOME}/.tor-browser-ru
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-sv-se.profile b/etc/profile-m-z/tor-browser-sv-se.profile
index 1b319dc43..b7882bd04 100644
--- a/etc/profile-m-z/tor-browser-sv-se.profile
+++ b/etc/profile-m-z/tor-browser-sv-se.profile
@@ -6,10 +6,10 @@ include tor-browser-sv-se.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-sv-se 9noblacklist ${HOME}/.tor-browser-sv-se
10 10
11mkdir ${HOME}/.tor-browser-sv-se 11mkdir ${HOME}/.tor-browser-sv-se
12allow ${HOME}/.tor-browser-sv-se 12whitelist ${HOME}/.tor-browser-sv-se
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-tr.profile b/etc/profile-m-z/tor-browser-tr.profile
index 0775a0c08..c52e8c4c4 100644
--- a/etc/profile-m-z/tor-browser-tr.profile
+++ b/etc/profile-m-z/tor-browser-tr.profile
@@ -6,10 +6,10 @@ include tor-browser-tr.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-tr 9noblacklist ${HOME}/.tor-browser-tr
10 10
11mkdir ${HOME}/.tor-browser-tr 11mkdir ${HOME}/.tor-browser-tr
12allow ${HOME}/.tor-browser-tr 12whitelist ${HOME}/.tor-browser-tr
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-vi.profile b/etc/profile-m-z/tor-browser-vi.profile
index c4d5a7a76..d5bf76655 100644
--- a/etc/profile-m-z/tor-browser-vi.profile
+++ b/etc/profile-m-z/tor-browser-vi.profile
@@ -6,10 +6,10 @@ include tor-browser-vi.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-vi 9noblacklist ${HOME}/.tor-browser-vi
10 10
11mkdir ${HOME}/.tor-browser-vi 11mkdir ${HOME}/.tor-browser-vi
12allow ${HOME}/.tor-browser-vi 12whitelist ${HOME}/.tor-browser-vi
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-zh-cn.profile b/etc/profile-m-z/tor-browser-zh-cn.profile
index 4cd287e5d..6c8925a4a 100644
--- a/etc/profile-m-z/tor-browser-zh-cn.profile
+++ b/etc/profile-m-z/tor-browser-zh-cn.profile
@@ -6,10 +6,10 @@ include tor-browser-zh-cn.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-zh-cn 9noblacklist ${HOME}/.tor-browser-zh-cn
10 10
11mkdir ${HOME}/.tor-browser-zh-cn 11mkdir ${HOME}/.tor-browser-zh-cn
12allow ${HOME}/.tor-browser-zh-cn 12whitelist ${HOME}/.tor-browser-zh-cn
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser-zh-tw.profile b/etc/profile-m-z/tor-browser-zh-tw.profile
index c75baf522..141a6701e 100644
--- a/etc/profile-m-z/tor-browser-zh-tw.profile
+++ b/etc/profile-m-z/tor-browser-zh-tw.profile
@@ -6,10 +6,10 @@ include tor-browser-zh-tw.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser-zh-tw 9noblacklist ${HOME}/.tor-browser-zh-tw
10 10
11mkdir ${HOME}/.tor-browser-zh-tw 11mkdir ${HOME}/.tor-browser-zh-tw
12allow ${HOME}/.tor-browser-zh-tw 12whitelist ${HOME}/.tor-browser-zh-tw
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser.profile b/etc/profile-m-z/tor-browser.profile
index 8a2dbda53..76a0e1fa5 100644
--- a/etc/profile-m-z/tor-browser.profile
+++ b/etc/profile-m-z/tor-browser.profile
@@ -6,10 +6,10 @@ include tor-browser.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser 9noblacklist ${HOME}/.tor-browser
10 10
11mkdir ${HOME}/.tor-browser 11mkdir ${HOME}/.tor-browser
12allow ${HOME}/.tor-browser 12whitelist ${HOME}/.tor-browser
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ar.profile b/etc/profile-m-z/tor-browser_ar.profile
index 90b5a0960..d811b7549 100644
--- a/etc/profile-m-z/tor-browser_ar.profile
+++ b/etc/profile-m-z/tor-browser_ar.profile
@@ -6,10 +6,10 @@ include tor-browser_ar.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ar 9noblacklist ${HOME}/.tor-browser_ar
10 10
11mkdir ${HOME}/.tor-browser_ar 11mkdir ${HOME}/.tor-browser_ar
12allow ${HOME}/.tor-browser_ar 12whitelist ${HOME}/.tor-browser_ar
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ca.profile b/etc/profile-m-z/tor-browser_ca.profile
index a04207ccd..8bf1f7cd4 100644
--- a/etc/profile-m-z/tor-browser_ca.profile
+++ b/etc/profile-m-z/tor-browser_ca.profile
@@ -6,10 +6,10 @@ include tor-browser_ca.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ca 9noblacklist ${HOME}/.tor-browser_ca
10 10
11mkdir ${HOME}/.tor-browser_ca 11mkdir ${HOME}/.tor-browser_ca
12allow ${HOME}/.tor-browser_ca 12whitelist ${HOME}/.tor-browser_ca
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_cs.profile b/etc/profile-m-z/tor-browser_cs.profile
index b99ad14a8..b41107bf1 100644
--- a/etc/profile-m-z/tor-browser_cs.profile
+++ b/etc/profile-m-z/tor-browser_cs.profile
@@ -6,10 +6,10 @@ include tor-browser_cs.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_cs 9noblacklist ${HOME}/.tor-browser_cs
10 10
11mkdir ${HOME}/.tor-browser_cs 11mkdir ${HOME}/.tor-browser_cs
12allow ${HOME}/.tor-browser_cs 12whitelist ${HOME}/.tor-browser_cs
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_da.profile b/etc/profile-m-z/tor-browser_da.profile
index 545e53b7e..cbec4ee2e 100644
--- a/etc/profile-m-z/tor-browser_da.profile
+++ b/etc/profile-m-z/tor-browser_da.profile
@@ -6,10 +6,10 @@ include tor-browser_da.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_da 9noblacklist ${HOME}/.tor-browser_da
10 10
11mkdir ${HOME}/.tor-browser_da 11mkdir ${HOME}/.tor-browser_da
12allow ${HOME}/.tor-browser_da 12whitelist ${HOME}/.tor-browser_da
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_de.profile b/etc/profile-m-z/tor-browser_de.profile
index 545f82f72..ea26765d3 100644
--- a/etc/profile-m-z/tor-browser_de.profile
+++ b/etc/profile-m-z/tor-browser_de.profile
@@ -6,10 +6,10 @@ include tor-browser_de.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_de 9noblacklist ${HOME}/.tor-browser_de
10 10
11mkdir ${HOME}/.tor-browser_de 11mkdir ${HOME}/.tor-browser_de
12allow ${HOME}/.tor-browser_de 12whitelist ${HOME}/.tor-browser_de
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_el.profile b/etc/profile-m-z/tor-browser_el.profile
index 3120b1701..ff57a8722 100644
--- a/etc/profile-m-z/tor-browser_el.profile
+++ b/etc/profile-m-z/tor-browser_el.profile
@@ -6,10 +6,10 @@ include tor-browser_el.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_el 9noblacklist ${HOME}/.tor-browser_el
10 10
11mkdir ${HOME}/.tor-browser_el 11mkdir ${HOME}/.tor-browser_el
12allow ${HOME}/.tor-browser_el 12whitelist ${HOME}/.tor-browser_el
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_en-US.profile b/etc/profile-m-z/tor-browser_en-US.profile
index 6719ac057..18c92b638 100644
--- a/etc/profile-m-z/tor-browser_en-US.profile
+++ b/etc/profile-m-z/tor-browser_en-US.profile
@@ -6,10 +6,10 @@ include tor-browser_en-US.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_en-US 9noblacklist ${HOME}/.tor-browser_en-US
10 10
11mkdir ${HOME}/.tor-browser_en-US 11mkdir ${HOME}/.tor-browser_en-US
12allow ${HOME}/.tor-browser_en-US 12whitelist ${HOME}/.tor-browser_en-US
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_en.profile b/etc/profile-m-z/tor-browser_en.profile
index 4cbd37109..ebba83cc4 100644
--- a/etc/profile-m-z/tor-browser_en.profile
+++ b/etc/profile-m-z/tor-browser_en.profile
@@ -6,10 +6,10 @@ include tor-browser_en.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_en 9noblacklist ${HOME}/.tor-browser_en
10 10
11mkdir ${HOME}/.tor-browser_en 11mkdir ${HOME}/.tor-browser_en
12allow ${HOME}/.tor-browser_en 12whitelist ${HOME}/.tor-browser_en
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_es-ES.profile b/etc/profile-m-z/tor-browser_es-ES.profile
index 6c8a5987c..aecab38d5 100644
--- a/etc/profile-m-z/tor-browser_es-ES.profile
+++ b/etc/profile-m-z/tor-browser_es-ES.profile
@@ -6,10 +6,10 @@ include tor-browser_es-ES.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_es-ES 9noblacklist ${HOME}/.tor-browser_es-ES
10 10
11mkdir ${HOME}/.tor-browser_es-ES 11mkdir ${HOME}/.tor-browser_es-ES
12allow ${HOME}/.tor-browser_es-ES 12whitelist ${HOME}/.tor-browser_es-ES
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_es.profile b/etc/profile-m-z/tor-browser_es.profile
index 7d358b7ca..e19e9b5e6 100644
--- a/etc/profile-m-z/tor-browser_es.profile
+++ b/etc/profile-m-z/tor-browser_es.profile
@@ -6,10 +6,10 @@ include tor-browser_es.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_es 9noblacklist ${HOME}/.tor-browser_es
10 10
11mkdir ${HOME}/.tor-browser_es 11mkdir ${HOME}/.tor-browser_es
12allow ${HOME}/.tor-browser_es 12whitelist ${HOME}/.tor-browser_es
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_fa.profile b/etc/profile-m-z/tor-browser_fa.profile
index fc4285c5d..68414c277 100644
--- a/etc/profile-m-z/tor-browser_fa.profile
+++ b/etc/profile-m-z/tor-browser_fa.profile
@@ -6,10 +6,10 @@ include tor-browser_fa.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_fa 9noblacklist ${HOME}/.tor-browser_fa
10 10
11mkdir ${HOME}/.tor-browser_fa 11mkdir ${HOME}/.tor-browser_fa
12allow ${HOME}/.tor-browser_fa 12whitelist ${HOME}/.tor-browser_fa
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_fr.profile b/etc/profile-m-z/tor-browser_fr.profile
index 2d0c0ff1f..0a8bb30b7 100644
--- a/etc/profile-m-z/tor-browser_fr.profile
+++ b/etc/profile-m-z/tor-browser_fr.profile
@@ -6,10 +6,10 @@ include tor-browser_fr.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_fr 9noblacklist ${HOME}/.tor-browser_fr
10 10
11mkdir ${HOME}/.tor-browser_fr 11mkdir ${HOME}/.tor-browser_fr
12allow ${HOME}/.tor-browser_fr 12whitelist ${HOME}/.tor-browser_fr
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ga-IE.profile b/etc/profile-m-z/tor-browser_ga-IE.profile
index 2880e1e2a..12354b900 100644
--- a/etc/profile-m-z/tor-browser_ga-IE.profile
+++ b/etc/profile-m-z/tor-browser_ga-IE.profile
@@ -6,10 +6,10 @@ include tor-browser_ga-IE.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ga-IE 9noblacklist ${HOME}/.tor-browser_ga-IE
10 10
11mkdir ${HOME}/.tor-browser_ga-IE 11mkdir ${HOME}/.tor-browser_ga-IE
12allow ${HOME}/.tor-browser_ga-IE 12whitelist ${HOME}/.tor-browser_ga-IE
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_he.profile b/etc/profile-m-z/tor-browser_he.profile
index ac6993019..19cbb0809 100644
--- a/etc/profile-m-z/tor-browser_he.profile
+++ b/etc/profile-m-z/tor-browser_he.profile
@@ -6,10 +6,10 @@ include tor-browser_he.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_he 9noblacklist ${HOME}/.tor-browser_he
10 10
11mkdir ${HOME}/.tor-browser_he 11mkdir ${HOME}/.tor-browser_he
12allow ${HOME}/.tor-browser_he 12whitelist ${HOME}/.tor-browser_he
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_hu.profile b/etc/profile-m-z/tor-browser_hu.profile
index 6877a6be4..62b55e170 100644
--- a/etc/profile-m-z/tor-browser_hu.profile
+++ b/etc/profile-m-z/tor-browser_hu.profile
@@ -6,10 +6,10 @@ include tor-browser_hu.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_hu 9noblacklist ${HOME}/.tor-browser_hu
10 10
11mkdir ${HOME}/.tor-browser_hu 11mkdir ${HOME}/.tor-browser_hu
12allow ${HOME}/.tor-browser_hu 12whitelist ${HOME}/.tor-browser_hu
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_id.profile b/etc/profile-m-z/tor-browser_id.profile
index 5f5601f74..2970a7747 100644
--- a/etc/profile-m-z/tor-browser_id.profile
+++ b/etc/profile-m-z/tor-browser_id.profile
@@ -6,10 +6,10 @@ include tor-browser_id.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_id 9noblacklist ${HOME}/.tor-browser_id
10 10
11mkdir ${HOME}/.tor-browser_id 11mkdir ${HOME}/.tor-browser_id
12allow ${HOME}/.tor-browser_id 12whitelist ${HOME}/.tor-browser_id
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_is.profile b/etc/profile-m-z/tor-browser_is.profile
index f0814d16e..f922c7644 100644
--- a/etc/profile-m-z/tor-browser_is.profile
+++ b/etc/profile-m-z/tor-browser_is.profile
@@ -6,10 +6,10 @@ include tor-browser_is.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_is 9noblacklist ${HOME}/.tor-browser_is
10 10
11mkdir ${HOME}/.tor-browser_is 11mkdir ${HOME}/.tor-browser_is
12allow ${HOME}/.tor-browser_is 12whitelist ${HOME}/.tor-browser_is
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_it.profile b/etc/profile-m-z/tor-browser_it.profile
index fa01f6bca..406901759 100644
--- a/etc/profile-m-z/tor-browser_it.profile
+++ b/etc/profile-m-z/tor-browser_it.profile
@@ -6,10 +6,10 @@ include tor-browser_it.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_it 9noblacklist ${HOME}/.tor-browser_it
10 10
11mkdir ${HOME}/.tor-browser_it 11mkdir ${HOME}/.tor-browser_it
12allow ${HOME}/.tor-browser_it 12whitelist ${HOME}/.tor-browser_it
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ja.profile b/etc/profile-m-z/tor-browser_ja.profile
index dde107dd3..8f9d8d751 100644
--- a/etc/profile-m-z/tor-browser_ja.profile
+++ b/etc/profile-m-z/tor-browser_ja.profile
@@ -6,10 +6,10 @@ include tor-browser_ja.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ja 9noblacklist ${HOME}/.tor-browser_ja
10 10
11mkdir ${HOME}/.tor-browser_ja 11mkdir ${HOME}/.tor-browser_ja
12allow ${HOME}/.tor-browser_ja 12whitelist ${HOME}/.tor-browser_ja
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ka.profile b/etc/profile-m-z/tor-browser_ka.profile
index 7de4dff65..4de4135e1 100644
--- a/etc/profile-m-z/tor-browser_ka.profile
+++ b/etc/profile-m-z/tor-browser_ka.profile
@@ -6,10 +6,10 @@ include tor-browser_ka.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ka 9noblacklist ${HOME}/.tor-browser_ka
10 10
11mkdir ${HOME}/.tor-browser_ka 11mkdir ${HOME}/.tor-browser_ka
12allow ${HOME}/.tor-browser_ka 12whitelist ${HOME}/.tor-browser_ka
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ko.profile b/etc/profile-m-z/tor-browser_ko.profile
index 7e3ceb4d9..125c733ce 100644
--- a/etc/profile-m-z/tor-browser_ko.profile
+++ b/etc/profile-m-z/tor-browser_ko.profile
@@ -6,10 +6,10 @@ include tor-browser_ko.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ko 9noblacklist ${HOME}/.tor-browser_ko
10 10
11mkdir ${HOME}/.tor-browser_ko 11mkdir ${HOME}/.tor-browser_ko
12allow ${HOME}/.tor-browser_ko 12whitelist ${HOME}/.tor-browser_ko
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_nb.profile b/etc/profile-m-z/tor-browser_nb.profile
index c11001960..dc6ac876b 100644
--- a/etc/profile-m-z/tor-browser_nb.profile
+++ b/etc/profile-m-z/tor-browser_nb.profile
@@ -6,10 +6,10 @@ include tor-browser_nb.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_nb 9noblacklist ${HOME}/.tor-browser_nb
10 10
11mkdir ${HOME}/.tor-browser_nb 11mkdir ${HOME}/.tor-browser_nb
12allow ${HOME}/.tor-browser_nb 12whitelist ${HOME}/.tor-browser_nb
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_nl.profile b/etc/profile-m-z/tor-browser_nl.profile
index 2d1044f9d..2a3a5b519 100644
--- a/etc/profile-m-z/tor-browser_nl.profile
+++ b/etc/profile-m-z/tor-browser_nl.profile
@@ -6,10 +6,10 @@ include tor-browser_nl.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_nl 9noblacklist ${HOME}/.tor-browser_nl
10 10
11mkdir ${HOME}/.tor-browser_nl 11mkdir ${HOME}/.tor-browser_nl
12allow ${HOME}/.tor-browser_nl 12whitelist ${HOME}/.tor-browser_nl
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_pl.profile b/etc/profile-m-z/tor-browser_pl.profile
index 2818320a0..b7dec32db 100644
--- a/etc/profile-m-z/tor-browser_pl.profile
+++ b/etc/profile-m-z/tor-browser_pl.profile
@@ -6,10 +6,10 @@ include tor-browser_pl.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_pl 9noblacklist ${HOME}/.tor-browser_pl
10 10
11mkdir ${HOME}/.tor-browser_pl 11mkdir ${HOME}/.tor-browser_pl
12allow ${HOME}/.tor-browser_pl 12whitelist ${HOME}/.tor-browser_pl
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_pt-BR.profile b/etc/profile-m-z/tor-browser_pt-BR.profile
index 8c33e2545..7a7d4726c 100644
--- a/etc/profile-m-z/tor-browser_pt-BR.profile
+++ b/etc/profile-m-z/tor-browser_pt-BR.profile
@@ -6,10 +6,10 @@ include tor-browser_pt-BR.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_pt-BR 9noblacklist ${HOME}/.tor-browser_pt-BR
10 10
11mkdir ${HOME}/.tor-browser_pt-BR 11mkdir ${HOME}/.tor-browser_pt-BR
12allow ${HOME}/.tor-browser_pt-BR 12whitelist ${HOME}/.tor-browser_pt-BR
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_ru.profile b/etc/profile-m-z/tor-browser_ru.profile
index 2553bb031..7d2e6bc97 100644
--- a/etc/profile-m-z/tor-browser_ru.profile
+++ b/etc/profile-m-z/tor-browser_ru.profile
@@ -6,10 +6,10 @@ include tor-browser_ru.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_ru 9noblacklist ${HOME}/.tor-browser_ru
10 10
11mkdir ${HOME}/.tor-browser_ru 11mkdir ${HOME}/.tor-browser_ru
12allow ${HOME}/.tor-browser_ru 12whitelist ${HOME}/.tor-browser_ru
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_sv-SE.profile b/etc/profile-m-z/tor-browser_sv-SE.profile
index 3152cb658..585925e81 100644
--- a/etc/profile-m-z/tor-browser_sv-SE.profile
+++ b/etc/profile-m-z/tor-browser_sv-SE.profile
@@ -6,10 +6,10 @@ include tor-browser_sv-SE.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_sv-SE 9noblacklist ${HOME}/.tor-browser_sv-SE
10 10
11mkdir ${HOME}/.tor-browser_sv-SE 11mkdir ${HOME}/.tor-browser_sv-SE
12allow ${HOME}/.tor-browser_sv-SE 12whitelist ${HOME}/.tor-browser_sv-SE
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_tr.profile b/etc/profile-m-z/tor-browser_tr.profile
index 9808d4725..4b0cc3821 100644
--- a/etc/profile-m-z/tor-browser_tr.profile
+++ b/etc/profile-m-z/tor-browser_tr.profile
@@ -6,10 +6,10 @@ include tor-browser_tr.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_tr 9noblacklist ${HOME}/.tor-browser_tr
10 10
11mkdir ${HOME}/.tor-browser_tr 11mkdir ${HOME}/.tor-browser_tr
12allow ${HOME}/.tor-browser_tr 12whitelist ${HOME}/.tor-browser_tr
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_vi.profile b/etc/profile-m-z/tor-browser_vi.profile
index 364fca40b..4dcfbf56d 100644
--- a/etc/profile-m-z/tor-browser_vi.profile
+++ b/etc/profile-m-z/tor-browser_vi.profile
@@ -6,10 +6,10 @@ include tor-browser_vi.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_vi 9noblacklist ${HOME}/.tor-browser_vi
10 10
11mkdir ${HOME}/.tor-browser_vi 11mkdir ${HOME}/.tor-browser_vi
12allow ${HOME}/.tor-browser_vi 12whitelist ${HOME}/.tor-browser_vi
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_zh-CN.profile b/etc/profile-m-z/tor-browser_zh-CN.profile
index 193e8a399..1e03b8d6b 100644
--- a/etc/profile-m-z/tor-browser_zh-CN.profile
+++ b/etc/profile-m-z/tor-browser_zh-CN.profile
@@ -6,10 +6,10 @@ include tor-browser_zh-CN.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_zh-CN 9noblacklist ${HOME}/.tor-browser_zh-CN
10 10
11mkdir ${HOME}/.tor-browser_zh-CN 11mkdir ${HOME}/.tor-browser_zh-CN
12allow ${HOME}/.tor-browser_zh-CN 12whitelist ${HOME}/.tor-browser_zh-CN
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/tor-browser_zh-TW.profile b/etc/profile-m-z/tor-browser_zh-TW.profile
index 047be9b8e..a2dcf5cf1 100644
--- a/etc/profile-m-z/tor-browser_zh-TW.profile
+++ b/etc/profile-m-z/tor-browser_zh-TW.profile
@@ -6,10 +6,10 @@ include tor-browser_zh-TW.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.tor-browser_zh-TW 9noblacklist ${HOME}/.tor-browser_zh-TW
10 10
11mkdir ${HOME}/.tor-browser_zh-TW 11mkdir ${HOME}/.tor-browser_zh-TW
12allow ${HOME}/.tor-browser_zh-TW 12whitelist ${HOME}/.tor-browser_zh-TW
13 13
14# Redirect 14# Redirect
15include torbrowser-launcher.profile 15include torbrowser-launcher.profile
diff --git a/etc/profile-m-z/torbrowser-launcher.profile b/etc/profile-m-z/torbrowser-launcher.profile
index 65a37db5f..7659ed1e9 100644
--- a/etc/profile-m-z/torbrowser-launcher.profile
+++ b/etc/profile-m-z/torbrowser-launcher.profile
@@ -8,15 +8,15 @@ include globals.local
8 8
9ignore noexec ${HOME} 9ignore noexec ${HOME}
10 10
11nodeny ${HOME}/.config/torbrowser 11noblacklist ${HOME}/.config/torbrowser
12nodeny ${HOME}/.local/share/torbrowser 12noblacklist ${HOME}/.local/share/torbrowser
13 13
14# Allow python (blacklisted by disable-interpreters.inc) 14# Allow python (blacklisted by disable-interpreters.inc)
15include allow-python2.inc 15include allow-python2.inc
16include allow-python3.inc 16include allow-python3.inc
17 17
18deny /opt 18blacklist /opt
19deny /srv 19blacklist /srv
20 20
21include disable-common.inc 21include disable-common.inc
22include disable-devel.inc 22include disable-devel.inc
@@ -28,10 +28,10 @@ include disable-xdg.inc
28 28
29mkdir ${HOME}/.config/torbrowser 29mkdir ${HOME}/.config/torbrowser
30mkdir ${HOME}/.local/share/torbrowser 30mkdir ${HOME}/.local/share/torbrowser
31allow ${DOWNLOADS} 31whitelist ${DOWNLOADS}
32allow ${HOME}/.config/torbrowser 32whitelist ${HOME}/.config/torbrowser
33allow ${HOME}/.local/share/torbrowser 33whitelist ${HOME}/.local/share/torbrowser
34allow /usr/share/torbrowser-launcher 34whitelist /usr/share/torbrowser-launcher
35include whitelist-common.inc 35include whitelist-common.inc
36include whitelist-var-common.inc 36include whitelist-var-common.inc
37include whitelist-runuser-common.inc 37include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/torcs.profile b/etc/profile-m-z/torcs.profile
index c5d89c3e3..0f98a8f64 100644
--- a/etc/profile-m-z/torcs.profile
+++ b/etc/profile-m-z/torcs.profile
@@ -6,7 +6,7 @@ include torcs.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.torcs 9noblacklist ${HOME}/.torcs
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,9 +17,9 @@ include disable-programs.inc
17include disable-xdg.inc 17include disable-xdg.inc
18 18
19mkdir ${HOME}/.torcs 19mkdir ${HOME}/.torcs
20allow ${HOME}/.torcs 20whitelist ${HOME}/.torcs
21allow /usr/share/games/torcs 21whitelist /usr/share/games/torcs
22allow /var/games/torcs 22whitelist /var/games/torcs
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/totem.profile b/etc/profile-m-z/totem.profile
index 77d3c55f8..70d9e0aee 100644
--- a/etc/profile-m-z/totem.profile
+++ b/etc/profile-m-z/totem.profile
@@ -13,8 +13,8 @@ include allow-lua.inc
13# Allow python (blacklisted by disable-interpreters.inc) 13# Allow python (blacklisted by disable-interpreters.inc)
14include allow-python3.inc 14include allow-python3.inc
15 15
16nodeny ${HOME}/.config/totem 16noblacklist ${HOME}/.config/totem
17nodeny ${HOME}/.local/share/totem 17noblacklist ${HOME}/.local/share/totem
18 18
19include disable-common.inc 19include disable-common.inc
20include disable-devel.inc 20include disable-devel.inc
@@ -27,9 +27,9 @@ include disable-shell.inc
27read-only ${DESKTOP} 27read-only ${DESKTOP}
28mkdir ${HOME}/.config/totem 28mkdir ${HOME}/.config/totem
29mkdir ${HOME}/.local/share/totem 29mkdir ${HOME}/.local/share/totem
30allow ${HOME}/.config/totem 30whitelist ${HOME}/.config/totem
31allow ${HOME}/.local/share/totem 31whitelist ${HOME}/.local/share/totem
32allow /usr/share/totem 32whitelist /usr/share/totem
33include whitelist-common.inc 33include whitelist-common.inc
34include whitelist-player-common.inc 34include whitelist-player-common.inc
35include whitelist-runuser-common.inc 35include whitelist-runuser-common.inc
diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile
index 26f4abd0b..87c5de076 100644
--- a/etc/profile-m-z/tracker.profile
+++ b/etc/profile-m-z/tracker.profile
@@ -8,8 +8,8 @@ include globals.local
8 8
9# Tracker is started by systemd on most systems. Therefore it is not firejailed by default 9# Tracker is started by systemd on most systems. Therefore it is not firejailed by default
10 10
11deny /tmp/.X11-unix 11blacklist /tmp/.X11-unix
12deny ${RUNUSER}/wayland-* 12blacklist ${RUNUSER}/wayland-*
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile
index d5920e2a2..ea118a9f0 100644
--- a/etc/profile-m-z/transgui.profile
+++ b/etc/profile-m-z/transgui.profile
@@ -6,7 +6,7 @@ include transgui.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/transgui 9noblacklist ${HOME}/.config/transgui
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.config/transgui 20mkdir ${HOME}/.config/transgui
21allow ${HOME}/.config/transgui 21whitelist ${HOME}/.config/transgui
22allow ${DOWNLOADS} 22whitelist ${DOWNLOADS}
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/transmission-common.profile b/etc/profile-m-z/transmission-common.profile
index 5c2cf9d9a..82671b709 100644
--- a/etc/profile-m-z/transmission-common.profile
+++ b/etc/profile-m-z/transmission-common.profile
@@ -7,8 +7,8 @@ include transmission-common.local
7# added by caller profile 7# added by caller profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.cache/transmission 10noblacklist ${HOME}/.cache/transmission
11nodeny ${HOME}/.config/transmission 11noblacklist ${HOME}/.config/transmission
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -19,9 +19,9 @@ include disable-programs.inc
19 19
20mkdir ${HOME}/.cache/transmission 20mkdir ${HOME}/.cache/transmission
21mkdir ${HOME}/.config/transmission 21mkdir ${HOME}/.config/transmission
22allow ${DOWNLOADS} 22whitelist ${DOWNLOADS}
23allow ${HOME}/.cache/transmission 23whitelist ${HOME}/.cache/transmission
24allow ${HOME}/.config/transmission 24whitelist ${HOME}/.config/transmission
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-usr-share-common.inc 26include whitelist-usr-share-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
diff --git a/etc/profile-m-z/transmission-daemon.profile b/etc/profile-m-z/transmission-daemon.profile
index 9f0c464fc..348d3cb80 100644
--- a/etc/profile-m-z/transmission-daemon.profile
+++ b/etc/profile-m-z/transmission-daemon.profile
@@ -10,8 +10,8 @@ include globals.local
10ignore caps.drop all 10ignore caps.drop all
11 11
12mkdir ${HOME}/.config/transmission-daemon 12mkdir ${HOME}/.config/transmission-daemon
13allow ${HOME}/.config/transmission-daemon 13whitelist ${HOME}/.config/transmission-daemon
14allow /var/lib/transmission 14whitelist /var/lib/transmission
15 15
16caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot 16caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot
17protocol packet 17protocol packet
diff --git a/etc/profile-m-z/transmission-remote-gtk.profile b/etc/profile-m-z/transmission-remote-gtk.profile
index 7c8eddcbc..a6400e2c0 100644
--- a/etc/profile-m-z/transmission-remote-gtk.profile
+++ b/etc/profile-m-z/transmission-remote-gtk.profile
@@ -7,10 +7,10 @@ include transmission-remote-gtk.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.config/transmission-remote-gtk 10noblacklist ${HOME}/.config/transmission-remote-gtk
11 11
12mkdir ${HOME}/.config/transmission-remote-gtk 12mkdir ${HOME}/.config/transmission-remote-gtk
13allow ${HOME}/.config/transmission-remote-gtk 13whitelist ${HOME}/.config/transmission-remote-gtk
14 14
15private-etc fonts,hostname,hosts,resolv.conf 15private-etc fonts,hostname,hosts,resolv.conf
16# Problems with private-lib (see issue #2889) 16# Problems with private-lib (see issue #2889)
diff --git a/etc/profile-m-z/tremulous.profile b/etc/profile-m-z/tremulous.profile
index c2797ddaa..aba563fac 100644
--- a/etc/profile-m-z/tremulous.profile
+++ b/etc/profile-m-z/tremulous.profile
@@ -6,7 +6,7 @@ include tremulous.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.tremulous 9noblacklist ${HOME}/.tremulous
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.tremulous 20mkdir ${HOME}/.tremulous
21allow ${HOME}/.tremulous 21whitelist ${HOME}/.tremulous
22allow /usr/share/tremulous 22whitelist /usr/share/tremulous
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-runuser-common.inc 24include whitelist-runuser-common.inc
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile
index 95f39b35d..2d95081f6 100644
--- a/etc/profile-m-z/trojita.profile
+++ b/etc/profile-m-z/trojita.profile
@@ -6,10 +6,10 @@ include trojita.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.abook 9noblacklist ${HOME}/.abook
10nodeny ${HOME}/.mozilla 10noblacklist ${HOME}/.mozilla
11nodeny ${HOME}/.cache/flaska.net/trojita 11noblacklist ${HOME}/.cache/flaska.net/trojita
12nodeny ${HOME}/.config/flaska.net 12noblacklist ${HOME}/.config/flaska.net
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -23,10 +23,10 @@ include disable-xdg.inc
23mkdir ${HOME}/.abook 23mkdir ${HOME}/.abook
24mkdir ${HOME}/.cache/flaska.net/trojita 24mkdir ${HOME}/.cache/flaska.net/trojita
25mkdir ${HOME}/.config/flaska.net 25mkdir ${HOME}/.config/flaska.net
26allow ${HOME}/.abook 26whitelist ${HOME}/.abook
27allow ${HOME}/.mozilla/firefox/profiles.ini 27whitelist ${HOME}/.mozilla/firefox/profiles.ini
28allow ${HOME}/.cache/flaska.net/trojita 28whitelist ${HOME}/.cache/flaska.net/trojita
29allow ${HOME}/.config/flaska.net 29whitelist ${HOME}/.config/flaska.net
30include whitelist-common.inc 30include whitelist-common.inc
31include whitelist-runuser-common.inc 31include whitelist-runuser-common.inc
32include whitelist-usr-share-common.inc 32include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/truecraft.profile b/etc/profile-m-z/truecraft.profile
index 76f289a27..749626475 100644
--- a/etc/profile-m-z/truecraft.profile
+++ b/etc/profile-m-z/truecraft.profile
@@ -5,8 +5,8 @@ include truecraft.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/mono 8noblacklist ${HOME}/.config/mono
9nodeny ${HOME}/.config/truecraft 9noblacklist ${HOME}/.config/truecraft
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-programs.inc
17 17
18mkdir ${HOME}/.config/mono 18mkdir ${HOME}/.config/mono
19mkdir ${HOME}/.config/truecraft 19mkdir ${HOME}/.config/truecraft
20allow ${HOME}/.config/mono 20whitelist ${HOME}/.config/mono
21allow ${HOME}/.config/truecraft 21whitelist ${HOME}/.config/truecraft
22include whitelist-common.inc 22include whitelist-common.inc
23 23
24caps.drop all 24caps.drop all
diff --git a/etc/profile-m-z/ts3client_runscript.sh.profile b/etc/profile-m-z/ts3client_runscript.sh.profile
index cd6ae96df..8d4675454 100644
--- a/etc/profile-m-z/ts3client_runscript.sh.profile
+++ b/etc/profile-m-z/ts3client_runscript.sh.profile
@@ -9,11 +9,11 @@ include ts3client_runscript.sh.local
9 9
10ignore noexec ${HOME} 10ignore noexec ${HOME}
11 11
12nodeny ${HOME}/TeamSpeak3-Client-linux_x86 12noblacklist ${HOME}/TeamSpeak3-Client-linux_x86
13nodeny ${HOME}/TeamSpeak3-Client-linux_amd64 13noblacklist ${HOME}/TeamSpeak3-Client-linux_amd64
14 14
15allow ${HOME}/TeamSpeak3-Client-linux_x86 15whitelist ${HOME}/TeamSpeak3-Client-linux_x86
16allow ${HOME}/TeamSpeak3-Client-linux_amd64 16whitelist ${HOME}/TeamSpeak3-Client-linux_amd64
17 17
18# Redirect 18# Redirect
19include teamspeak3.profile 19include teamspeak3.profile
diff --git a/etc/profile-m-z/tutanota-desktop.profile b/etc/profile-m-z/tutanota-desktop.profile
index e59a86ce6..d2cb0cc8a 100644
--- a/etc/profile-m-z/tutanota-desktop.profile
+++ b/etc/profile-m-z/tutanota-desktop.profile
@@ -6,8 +6,8 @@ include tutanota-desktop.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/tuta_integration 9noblacklist ${HOME}/.config/tuta_integration
10nodeny ${HOME}/.config/tutanota-desktop 10noblacklist ${HOME}/.config/tutanota-desktop
11 11
12ignore noexec /tmp 12ignore noexec /tmp
13 13
@@ -15,12 +15,12 @@ include disable-shell.inc
15 15
16mkdir ${HOME}/.config/tuta_integration 16mkdir ${HOME}/.config/tuta_integration
17mkdir ${HOME}/.config/tutanota-desktop 17mkdir ${HOME}/.config/tutanota-desktop
18allow ${HOME}/.config/tuta_integration 18whitelist ${HOME}/.config/tuta_integration
19allow ${HOME}/.config/tutanota-desktop 19whitelist ${HOME}/.config/tutanota-desktop
20 20
21# These lines are needed to allow Firefox to open links 21# These lines are needed to allow Firefox to open links
22nodeny ${HOME}/.mozilla 22noblacklist ${HOME}/.mozilla
23allow ${HOME}/.mozilla/firefox/profiles.ini 23whitelist ${HOME}/.mozilla/firefox/profiles.ini
24read-only ${HOME}/.mozilla/firefox/profiles.ini 24read-only ${HOME}/.mozilla/firefox/profiles.ini
25 25
26?HAS_APPIMAGE: ignore private-dev 26?HAS_APPIMAGE: ignore private-dev
diff --git a/etc/profile-m-z/tuxguitar.profile b/etc/profile-m-z/tuxguitar.profile
index 5bb97e161..3cd496412 100644
--- a/etc/profile-m-z/tuxguitar.profile
+++ b/etc/profile-m-z/tuxguitar.profile
@@ -9,9 +9,9 @@ include globals.local
9# tuxguitar fails to launch 9# tuxguitar fails to launch
10ignore noexec ${HOME} 10ignore noexec ${HOME}
11 11
12nodeny ${HOME}/.tuxguitar* 12noblacklist ${HOME}/.tuxguitar*
13nodeny ${DOCUMENTS} 13noblacklist ${DOCUMENTS}
14nodeny ${MUSIC} 14noblacklist ${MUSIC}
15 15
16# Allow java (blacklisted by disable-devel.inc) 16# Allow java (blacklisted by disable-devel.inc)
17include allow-java.inc 17include allow-java.inc
diff --git a/etc/profile-m-z/tvbrowser.profile b/etc/profile-m-z/tvbrowser.profile
index 8febcd337..dae7d86da 100644
--- a/etc/profile-m-z/tvbrowser.profile
+++ b/etc/profile-m-z/tvbrowser.profile
@@ -6,8 +6,8 @@ include tvbrowser.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/tvbrowser 9noblacklist ${HOME}/.config/tvbrowser
10nodeny ${HOME}/.tvbrowser 10noblacklist ${HOME}/.tvbrowser
11 11
12# Allow java (blacklisted by disable-devel.inc) 12# Allow java (blacklisted by disable-devel.inc)
13include allow-java.inc 13include allow-java.inc
@@ -22,9 +22,9 @@ include disable-xdg.inc
22 22
23mkdir ${HOME}/.config/tvbrowser 23mkdir ${HOME}/.config/tvbrowser
24mkdir ${HOME}/.tvbrowser 24mkdir ${HOME}/.tvbrowser
25allow ${HOME}/.config/tvbrowser 25whitelist ${HOME}/.config/tvbrowser
26allow ${HOME}/.tvbrowser 26whitelist ${HOME}/.tvbrowser
27allow /usr/share/tvbrowser 27whitelist /usr/share/tvbrowser
28include whitelist-common.inc 28include whitelist-common.inc
29include whitelist-usr-share-common.inc 29include whitelist-usr-share-common.inc
30include whitelist-var-common.inc 30include whitelist-var-common.inc
diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile
index abcc885e6..2f573c872 100644
--- a/etc/profile-m-z/twitch.profile
+++ b/etc/profile-m-z/twitch.profile
@@ -10,12 +10,12 @@ include globals.local
10ignore nou2f 10ignore nou2f
11ignore novideo 11ignore novideo
12 12
13nodeny ${HOME}/.config/Twitch 13noblacklist ${HOME}/.config/Twitch
14 14
15include disable-shell.inc 15include disable-shell.inc
16 16
17mkdir ${HOME}/.config/Twitch 17mkdir ${HOME}/.config/Twitch
18allow ${HOME}/.config/Twitch 18whitelist ${HOME}/.config/Twitch
19 19
20private-bin twitch 20private-bin twitch
21private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg 21private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
diff --git a/etc/profile-m-z/uefitool.profile b/etc/profile-m-z/uefitool.profile
index 8c705c95f..3e4fdbb03 100644
--- a/etc/profile-m-z/uefitool.profile
+++ b/etc/profile-m-z/uefitool.profile
@@ -5,7 +5,7 @@ include uefitool.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${DOCUMENTS} 8noblacklist ${DOCUMENTS}
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
diff --git a/etc/profile-m-z/uget-gtk.profile b/etc/profile-m-z/uget-gtk.profile
index eed2db541..4420099ff 100644
--- a/etc/profile-m-z/uget-gtk.profile
+++ b/etc/profile-m-z/uget-gtk.profile
@@ -5,7 +5,7 @@ include uget-gtk.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/uGet 8noblacklist ${HOME}/.config/uGet
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
@@ -14,8 +14,8 @@ include disable-programs.inc
14include disable-shell.inc 14include disable-shell.inc
15 15
16mkdir ${HOME}/.config/uGet 16mkdir ${HOME}/.config/uGet
17allow ${DOWNLOADS} 17whitelist ${DOWNLOADS}
18allow ${HOME}/.config/uGet 18whitelist ${HOME}/.config/uGet
19include whitelist-common.inc 19include whitelist-common.inc
20include whitelist-usr-share-common.inc 20include whitelist-usr-share-common.inc
21include whitelist-var-common.inc 21include whitelist-var-common.inc
diff --git a/etc/profile-m-z/unbound.profile b/etc/profile-m-z/unbound.profile
index 7e7b3fbec..0c077babf 100644
--- a/etc/profile-m-z/unbound.profile
+++ b/etc/profile-m-z/unbound.profile
@@ -6,11 +6,11 @@ include unbound.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny /sbin 9noblacklist /sbin
10nodeny /usr/sbin 10noblacklist /usr/sbin
11 11
12deny /tmp/.X11-unix 12blacklist /tmp/.X11-unix
13deny ${RUNUSER}/wayland-* 13blacklist ${RUNUSER}/wayland-*
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
@@ -22,8 +22,8 @@ include disable-xdg.inc
22 22
23include whitelist-usr-share-common.inc 23include whitelist-usr-share-common.inc
24 24
25allow /var/lib/unbound 25whitelist /var/lib/unbound
26allow /var/run 26whitelist /var/run
27 27
28caps.keep net_admin,net_bind_service,setgid,setuid,sys_chroot,sys_resource 28caps.keep net_admin,net_bind_service,setgid,setuid,sys_chroot,sys_resource
29ipc-namespace 29ipc-namespace
diff --git a/etc/profile-m-z/unf.profile b/etc/profile-m-z/unf.profile
index 846271971..6db7ba362 100644
--- a/etc/profile-m-z/unf.profile
+++ b/etc/profile-m-z/unf.profile
@@ -7,7 +7,7 @@ include unf.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-programs.inc
18include disable-shell.inc 18include disable-shell.inc
19include disable-xdg.inc 19include disable-xdg.inc
20 20
21allow ${DOWNLOADS} 21whitelist ${DOWNLOADS}
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-usr-share-common.inc 23include whitelist-usr-share-common.inc
24include whitelist-var-common.inc 24include whitelist-var-common.inc
diff --git a/etc/profile-m-z/unknown-horizons.profile b/etc/profile-m-z/unknown-horizons.profile
index 3e1c6264d..956492f52 100644
--- a/etc/profile-m-z/unknown-horizons.profile
+++ b/etc/profile-m-z/unknown-horizons.profile
@@ -6,7 +6,7 @@ include unknown-horizons.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.unknown-horizons 9noblacklist ${HOME}/.unknown-horizons
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-exec.inc 12include disable-exec.inc
@@ -14,10 +14,10 @@ include disable-passwdmgr.inc
14include disable-programs.inc 14include disable-programs.inc
15 15
16mkdir ${HOME}/.unknown-horizons 16mkdir ${HOME}/.unknown-horizons
17allow ${HOME}/.unknown-horizons 17whitelist ${HOME}/.unknown-horizons
18include whitelist-common.inc 18include whitelist-common.inc
19include whitelist-runuser-common.inc 19include whitelist-runuser-common.inc
20allow /usr/share/unknown-horizons 20whitelist /usr/share/unknown-horizons
21include whitelist-usr-share-common.inc 21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
23 23
diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile
index 99d2415ca..0231e3dba 100644
--- a/etc/profile-m-z/unzip.profile
+++ b/etc/profile-m-z/unzip.profile
@@ -8,7 +8,7 @@ include unzip.local
8include globals.local 8include globals.local
9 9
10# GNOME Shell integration (chrome-gnome-shell) 10# GNOME Shell integration (chrome-gnome-shell)
11nodeny ${HOME}/.local/share/gnome-shell 11noblacklist ${HOME}/.local/share/gnome-shell
12 12
13private-etc alternatives,group,localtime,passwd 13private-etc alternatives,group,localtime,passwd
14 14
diff --git a/etc/profile-m-z/utox.profile b/etc/profile-m-z/utox.profile
index 3b0f7c646..dd881f091 100644
--- a/etc/profile-m-z/utox.profile
+++ b/etc/profile-m-z/utox.profile
@@ -6,8 +6,8 @@ include utox.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/Tox 9noblacklist ${HOME}/.cache/Tox
10nodeny ${HOME}/.config/tox 10noblacklist ${HOME}/.config/tox
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-shell.inc
19include disable-xdg.inc 19include disable-xdg.inc
20 20
21mkdir ${HOME}/.config/tox 21mkdir ${HOME}/.config/tox
22allow ${DOWNLOADS} 22whitelist ${DOWNLOADS}
23allow ${HOME}/.config/tox 23whitelist ${HOME}/.config/tox
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
26 26
diff --git a/etc/profile-m-z/uudeview.profile b/etc/profile-m-z/uudeview.profile
index 3bda71666..2adc044e5 100644
--- a/etc/profile-m-z/uudeview.profile
+++ b/etc/profile-m-z/uudeview.profile
@@ -7,7 +7,7 @@ include uudeview.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny ${RUNUSER}/wayland-* 10blacklist ${RUNUSER}/wayland-*
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/uzbl-browser.profile b/etc/profile-m-z/uzbl-browser.profile
index 6899f4bf7..41487a8f2 100644
--- a/etc/profile-m-z/uzbl-browser.profile
+++ b/etc/profile-m-z/uzbl-browser.profile
@@ -5,9 +5,9 @@ include uzbl-browser.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/uzbl 8noblacklist ${HOME}/.config/uzbl
9nodeny ${HOME}/.gnupg 9noblacklist ${HOME}/.gnupg
10nodeny ${HOME}/.local/share/uzbl 10noblacklist ${HOME}/.local/share/uzbl
11 11
12# Allow python (blacklisted by disable-interpreters.inc) 12# Allow python (blacklisted by disable-interpreters.inc)
13include allow-python2.inc 13include allow-python2.inc
@@ -22,11 +22,11 @@ mkdir ${HOME}/.config/uzbl
22mkdir ${HOME}/.gnupg 22mkdir ${HOME}/.gnupg
23mkdir ${HOME}/.local/share/uzbl 23mkdir ${HOME}/.local/share/uzbl
24mkdir ${HOME}/.password-store 24mkdir ${HOME}/.password-store
25allow ${DOWNLOADS} 25whitelist ${DOWNLOADS}
26allow ${HOME}/.config/uzbl 26whitelist ${HOME}/.config/uzbl
27allow ${HOME}/.gnupg 27whitelist ${HOME}/.gnupg
28allow ${HOME}/.local/share/uzbl 28whitelist ${HOME}/.local/share/uzbl
29allow ${HOME}/.password-store 29whitelist ${HOME}/.password-store
30include whitelist-common.inc 30include whitelist-common.inc
31 31
32caps.drop all 32caps.drop all
diff --git a/etc/profile-m-z/viewnior.profile b/etc/profile-m-z/viewnior.profile
index e0bf02706..a9ba344dd 100644
--- a/etc/profile-m-z/viewnior.profile
+++ b/etc/profile-m-z/viewnior.profile
@@ -6,11 +6,11 @@ include viewnior.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.Steam 9noblacklist ${HOME}/.Steam
10nodeny ${HOME}/.config/viewnior 10noblacklist ${HOME}/.config/viewnior
11nodeny ${HOME}/.steam 11noblacklist ${HOME}/.steam
12 12
13deny ${HOME}/.bashrc 13blacklist ${HOME}/.bashrc
14 14
15include disable-common.inc 15include disable-common.inc
16include disable-devel.inc 16include disable-devel.inc
diff --git a/etc/profile-m-z/viking.profile b/etc/profile-m-z/viking.profile
index b16f691d6..8f8ef5939 100644
--- a/etc/profile-m-z/viking.profile
+++ b/etc/profile-m-z/viking.profile
@@ -6,9 +6,9 @@ include viking.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.viking 9noblacklist ${HOME}/.viking
10nodeny ${HOME}/.viking-maps 10noblacklist ${HOME}/.viking-maps
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/vim.profile b/etc/profile-m-z/vim.profile
index b535225dd..c3cfe5980 100644
--- a/etc/profile-m-z/vim.profile
+++ b/etc/profile-m-z/vim.profile
@@ -6,9 +6,9 @@ include vim.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.vim 9noblacklist ${HOME}/.vim
10nodeny ${HOME}/.viminfo 10noblacklist ${HOME}/.viminfo
11nodeny ${HOME}/.vimrc 11noblacklist ${HOME}/.vimrc
12 12
13# Allows files commonly used by IDEs 13# Allows files commonly used by IDEs
14include allow-common-devel.inc 14include allow-common-devel.inc
diff --git a/etc/profile-m-z/virtualbox.profile b/etc/profile-m-z/virtualbox.profile
index f28828338..c22fb0ff9 100644
--- a/etc/profile-m-z/virtualbox.profile
+++ b/etc/profile-m-z/virtualbox.profile
@@ -6,12 +6,12 @@ include virtualbox.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.VirtualBox 9noblacklist ${HOME}/.VirtualBox
10nodeny ${HOME}/.config/VirtualBox 10noblacklist ${HOME}/.config/VirtualBox
11nodeny ${HOME}/VirtualBox VMs 11noblacklist ${HOME}/VirtualBox VMs
12# noblacklist /usr/bin/virtualbox 12# noblacklist /usr/bin/virtualbox
13nodeny /usr/lib/virtualbox 13noblacklist /usr/lib/virtualbox
14nodeny /usr/lib64/virtualbox 14noblacklist /usr/lib64/virtualbox
15 15
16include disable-common.inc 16include disable-common.inc
17include disable-devel.inc 17include disable-devel.inc
@@ -23,10 +23,10 @@ include disable-xdg.inc
23 23
24mkdir ${HOME}/.config/VirtualBox 24mkdir ${HOME}/.config/VirtualBox
25mkdir ${HOME}/VirtualBox VMs 25mkdir ${HOME}/VirtualBox VMs
26allow ${HOME}/.config/VirtualBox 26whitelist ${HOME}/.config/VirtualBox
27allow ${HOME}/VirtualBox VMs 27whitelist ${HOME}/VirtualBox VMs
28allow ${DOWNLOADS} 28whitelist ${DOWNLOADS}
29allow /usr/share/virtualbox 29whitelist /usr/share/virtualbox
30include whitelist-common.inc 30include whitelist-common.inc
31include whitelist-runuser-common.inc 31include whitelist-runuser-common.inc
32include whitelist-usr-share-common.inc 32include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/vivaldi.profile b/etc/profile-m-z/vivaldi.profile
index 3858405db..fdeb0307f 100644
--- a/etc/profile-m-z/vivaldi.profile
+++ b/etc/profile-m-z/vivaldi.profile
@@ -8,26 +8,26 @@ include globals.local
8# Allow HTML5 Proprietary Media & DRM/EME (Widevine) 8# Allow HTML5 Proprietary Media & DRM/EME (Widevine)
9ignore apparmor 9ignore apparmor
10ignore noexec /var 10ignore noexec /var
11nodeny /var/opt 11noblacklist /var/opt
12allow /var/opt/vivaldi 12whitelist /var/opt/vivaldi
13writable-var 13writable-var
14 14
15nodeny ${HOME}/.cache/vivaldi 15noblacklist ${HOME}/.cache/vivaldi
16nodeny ${HOME}/.cache/vivaldi-snapshot 16noblacklist ${HOME}/.cache/vivaldi-snapshot
17nodeny ${HOME}/.config/vivaldi 17noblacklist ${HOME}/.config/vivaldi
18nodeny ${HOME}/.config/vivaldi-snapshot 18noblacklist ${HOME}/.config/vivaldi-snapshot
19nodeny ${HOME}/.local/lib/vivaldi 19noblacklist ${HOME}/.local/lib/vivaldi
20 20
21mkdir ${HOME}/.cache/vivaldi 21mkdir ${HOME}/.cache/vivaldi
22mkdir ${HOME}/.cache/vivaldi-snapshot 22mkdir ${HOME}/.cache/vivaldi-snapshot
23mkdir ${HOME}/.config/vivaldi 23mkdir ${HOME}/.config/vivaldi
24mkdir ${HOME}/.config/vivaldi-snapshot 24mkdir ${HOME}/.config/vivaldi-snapshot
25mkdir ${HOME}/.local/lib/vivaldi 25mkdir ${HOME}/.local/lib/vivaldi
26allow ${HOME}/.cache/vivaldi 26whitelist ${HOME}/.cache/vivaldi
27allow ${HOME}/.cache/vivaldi-snapshot 27whitelist ${HOME}/.cache/vivaldi-snapshot
28allow ${HOME}/.config/vivaldi 28whitelist ${HOME}/.config/vivaldi
29allow ${HOME}/.config/vivaldi-snapshot 29whitelist ${HOME}/.config/vivaldi-snapshot
30allow ${HOME}/.local/lib/vivaldi 30whitelist ${HOME}/.local/lib/vivaldi
31 31
32#private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot 32#private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot
33 33
diff --git a/etc/profile-m-z/vlc.profile b/etc/profile-m-z/vlc.profile
index ede2d4525..cd7dccd8a 100644
--- a/etc/profile-m-z/vlc.profile
+++ b/etc/profile-m-z/vlc.profile
@@ -6,10 +6,10 @@ include vlc.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/vlc 9noblacklist ${HOME}/.cache/vlc
10nodeny ${HOME}/.config/vlc 10noblacklist ${HOME}/.config/vlc
11nodeny ${HOME}/.config/aacs 11noblacklist ${HOME}/.config/aacs
12nodeny ${HOME}/.local/share/vlc 12noblacklist ${HOME}/.local/share/vlc
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -22,10 +22,10 @@ read-only ${DESKTOP}
22mkdir ${HOME}/.cache/vlc 22mkdir ${HOME}/.cache/vlc
23mkdir ${HOME}/.config/vlc 23mkdir ${HOME}/.config/vlc
24mkdir ${HOME}/.local/share/vlc 24mkdir ${HOME}/.local/share/vlc
25allow ${HOME}/.cache/vlc 25whitelist ${HOME}/.cache/vlc
26allow ${HOME}/.config/vlc 26whitelist ${HOME}/.config/vlc
27allow ${HOME}/.config/aacs 27whitelist ${HOME}/.config/aacs
28allow ${HOME}/.local/share/vlc 28whitelist ${HOME}/.local/share/vlc
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-player-common.inc 30include whitelist-player-common.inc
31include whitelist-var-common.inc 31include whitelist-var-common.inc
diff --git a/etc/profile-m-z/vmware-view.profile b/etc/profile-m-z/vmware-view.profile
index f23e90e84..f07c31b68 100644
--- a/etc/profile-m-z/vmware-view.profile
+++ b/etc/profile-m-z/vmware-view.profile
@@ -6,10 +6,10 @@ include vmware-view.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.vmware 9noblacklist ${HOME}/.vmware
10 10
11nodeny /sbin 11noblacklist /sbin
12nodeny /usr/sbin 12noblacklist /usr/sbin
13 13
14include allow-bin-sh.inc 14include allow-bin-sh.inc
15 15
@@ -23,7 +23,7 @@ include disable-shell.inc
23include disable-xdg.inc 23include disable-xdg.inc
24 24
25mkdir ${HOME}/.vmware 25mkdir ${HOME}/.vmware
26allow ${HOME}/.vmware 26whitelist ${HOME}/.vmware
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-runuser-common.inc 28include whitelist-runuser-common.inc
29include whitelist-usr-share-common.inc 29include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile
index 3a535588f..5241e27b3 100644
--- a/etc/profile-m-z/vmware.profile
+++ b/etc/profile-m-z/vmware.profile
@@ -6,8 +6,8 @@ include vmware.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/vmware 9noblacklist ${HOME}/.cache/vmware
10nodeny ${HOME}/.vmware 10noblacklist ${HOME}/.vmware
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
@@ -19,8 +19,8 @@ include disable-xdg.inc
19 19
20mkdir ${HOME}/.cache/vmware 20mkdir ${HOME}/.cache/vmware
21mkdir ${HOME}/.vmware 21mkdir ${HOME}/.vmware
22allow ${HOME}/.cache/vmware 22whitelist ${HOME}/.cache/vmware
23allow ${HOME}/.vmware 23whitelist ${HOME}/.vmware
24# Add the next lines to your vmware.local if you need to use "shared VM". 24# Add the next lines to your vmware.local if you need to use "shared VM".
25#whitelist /var/lib/vmware 25#whitelist /var/lib/vmware
26#writable-var 26#writable-var
diff --git a/etc/profile-m-z/vscodium.profile b/etc/profile-m-z/vscodium.profile
index 7996113f5..a4a4fb7d8 100644
--- a/etc/profile-m-z/vscodium.profile
+++ b/etc/profile-m-z/vscodium.profile
@@ -6,7 +6,7 @@ include vscodium.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny ${HOME}/.VSCodium 9noblacklist ${HOME}/.VSCodium
10 10
11# Redirect 11# Redirect
12include code.profile 12include code.profile
diff --git a/etc/profile-m-z/vulturesclaw.profile b/etc/profile-m-z/vulturesclaw.profile
index a6c38c1f1..fa6ddf1fb 100644
--- a/etc/profile-m-z/vulturesclaw.profile
+++ b/etc/profile-m-z/vulturesclaw.profile
@@ -6,8 +6,8 @@ include vulturesclaw.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny /var/games/vulturesclaw 9noblacklist /var/games/vulturesclaw
10allow /var/games/vulturesclaw 10whitelist /var/games/vulturesclaw
11 11
12# Redirect 12# Redirect
13include nethack-vultures.profile 13include nethack-vultures.profile
diff --git a/etc/profile-m-z/vultureseye.profile b/etc/profile-m-z/vultureseye.profile
index 763c50bf6..49d3fa94f 100644
--- a/etc/profile-m-z/vultureseye.profile
+++ b/etc/profile-m-z/vultureseye.profile
@@ -6,8 +6,8 @@ include vultureseye.local
6# added by included profile 6# added by included profile
7#include globals.local 7#include globals.local
8 8
9nodeny /var/games/vultureseye 9noblacklist /var/games/vultureseye
10allow /var/games/vultureseye 10whitelist /var/games/vultureseye
11 11
12# Redirect 12# Redirect
13include nethack-vultures.profile 13include nethack-vultures.profile
diff --git a/etc/profile-m-z/vym.profile b/etc/profile-m-z/vym.profile
index 1f2462c32..5421c4e4b 100644
--- a/etc/profile-m-z/vym.profile
+++ b/etc/profile-m-z/vym.profile
@@ -6,7 +6,7 @@ include vym.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/InSilmaril 9noblacklist ${HOME}/.config/InSilmaril
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile
index 6b38bbf13..69b2c6c59 100644
--- a/etc/profile-m-z/w3m.profile
+++ b/etc/profile-m-z/w3m.profile
@@ -12,10 +12,10 @@ include globals.local
12#ignore private-dev 12#ignore private-dev
13#ignore private-etc 13#ignore private-etc
14 14
15nodeny ${HOME}/.w3m 15noblacklist ${HOME}/.w3m
16 16
17deny /tmp/.X11-unix 17blacklist /tmp/.X11-unix
18deny ${RUNUSER}/wayland-* 18blacklist ${RUNUSER}/wayland-*
19 19
20# Allow /bin/sh (blacklisted by disable-shell.inc) 20# Allow /bin/sh (blacklisted by disable-shell.inc)
21include allow-bin-sh.inc 21include allow-bin-sh.inc
@@ -33,9 +33,9 @@ include disable-shell.inc
33include disable-xdg.inc 33include disable-xdg.inc
34 34
35mkdir ${HOME}/.w3m 35mkdir ${HOME}/.w3m
36allow /usr/share/w3m 36whitelist /usr/share/w3m
37allow ${DOWNLOADS} 37whitelist ${DOWNLOADS}
38allow ${HOME}/.w3m 38whitelist ${HOME}/.w3m
39include whitelist-runuser-common.inc 39include whitelist-runuser-common.inc
40include whitelist-usr-share-common.inc 40include whitelist-usr-share-common.inc
41include whitelist-var-common.inc 41include whitelist-var-common.inc
diff --git a/etc/profile-m-z/warmux.profile b/etc/profile-m-z/warmux.profile
index 6658ac5db..1227a202c 100644
--- a/etc/profile-m-z/warmux.profile
+++ b/etc/profile-m-z/warmux.profile
@@ -6,9 +6,9 @@ include warmux.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/wormux 9noblacklist ${HOME}/.config/wormux
10nodeny ${HOME}/.local/share/wormux 10noblacklist ${HOME}/.local/share/wormux
11nodeny ${HOME}/.wormux 11noblacklist ${HOME}/.wormux
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -22,10 +22,10 @@ include disable-xdg.inc
22mkdir ${HOME}/.config/wormux 22mkdir ${HOME}/.config/wormux
23mkdir ${HOME}/.local/share/wormux 23mkdir ${HOME}/.local/share/wormux
24mkdir ${HOME}/.wormux 24mkdir ${HOME}/.wormux
25allow ${HOME}/.config/wormux 25whitelist ${HOME}/.config/wormux
26allow ${HOME}/.local/share/wormux 26whitelist ${HOME}/.local/share/wormux
27allow ${HOME}/.wormux 27whitelist ${HOME}/.wormux
28allow /usr/share/warmux 28whitelist /usr/share/warmux
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
31include whitelist-var-common.inc 31include whitelist-var-common.inc
diff --git a/etc/profile-m-z/warsow.profile b/etc/profile-m-z/warsow.profile
index fac4d0555..e0cd3daad 100644
--- a/etc/profile-m-z/warsow.profile
+++ b/etc/profile-m-z/warsow.profile
@@ -8,8 +8,8 @@ include globals.local
8 8
9ignore noexec ${HOME} 9ignore noexec ${HOME}
10 10
11nodeny ${HOME}/.cache/warsow-2.1 11noblacklist ${HOME}/.cache/warsow-2.1
12nodeny ${HOME}/.local/share/warsow-2.1 12noblacklist ${HOME}/.local/share/warsow-2.1
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -22,9 +22,9 @@ include disable-xdg.inc
22 22
23mkdir ${HOME}/.cache/warsow-2.1 23mkdir ${HOME}/.cache/warsow-2.1
24mkdir ${HOME}/.local/share/warsow-2.1 24mkdir ${HOME}/.local/share/warsow-2.1
25allow ${HOME}/.cache/warsow-2.1 25whitelist ${HOME}/.cache/warsow-2.1
26allow ${HOME}/.local/share/warsow-2.1 26whitelist ${HOME}/.local/share/warsow-2.1
27allow /usr/share/warsow 27whitelist /usr/share/warsow
28include whitelist-common.inc 28include whitelist-common.inc
29include whitelist-runuser-common.inc 29include whitelist-runuser-common.inc
30include whitelist-usr-share-common.inc 30include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/warzone2100.profile b/etc/profile-m-z/warzone2100.profile
index 081ae349b..420e8927e 100644
--- a/etc/profile-m-z/warzone2100.profile
+++ b/etc/profile-m-z/warzone2100.profile
@@ -6,7 +6,7 @@ include warzone2100.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.warzone2100-3.* 9noblacklist ${HOME}/.warzone2100-3.*
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,9 +18,9 @@ include disable-shell.inc
18 18
19mkdir ${HOME}/.warzone2100-3.1 19mkdir ${HOME}/.warzone2100-3.1
20mkdir ${HOME}/.warzone2100-3.2 20mkdir ${HOME}/.warzone2100-3.2
21allow ${HOME}/.warzone2100-3.1 21whitelist ${HOME}/.warzone2100-3.1
22allow ${HOME}/.warzone2100-3.2 22whitelist ${HOME}/.warzone2100-3.2
23allow /usr/share/games 23whitelist /usr/share/games
24include whitelist-common.inc 24include whitelist-common.inc
25include whitelist-runuser-common.inc 25include whitelist-runuser-common.inc
26include whitelist-usr-share-common.inc 26include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/waterfox.profile b/etc/profile-m-z/waterfox.profile
index 4081b29b9..18f1ca79a 100644
--- a/etc/profile-m-z/waterfox.profile
+++ b/etc/profile-m-z/waterfox.profile
@@ -5,13 +5,13 @@ include waterfox.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.cache/waterfox 8noblacklist ${HOME}/.cache/waterfox
9nodeny ${HOME}/.waterfox 9noblacklist ${HOME}/.waterfox
10 10
11mkdir ${HOME}/.cache/waterfox 11mkdir ${HOME}/.cache/waterfox
12mkdir ${HOME}/.waterfox 12mkdir ${HOME}/.waterfox
13allow ${HOME}/.cache/waterfox 13whitelist ${HOME}/.cache/waterfox
14allow ${HOME}/.waterfox 14whitelist ${HOME}/.waterfox
15 15
16# Add the next lines to your watefox.local if you want to use the migration wizard. 16# Add the next lines to your watefox.local if you want to use the migration wizard.
17#noblacklist ${HOME}/.mozilla 17#noblacklist ${HOME}/.mozilla
diff --git a/etc/profile-m-z/webstorm.profile b/etc/profile-m-z/webstorm.profile
index 1f42dae2c..69e96d0cd 100644
--- a/etc/profile-m-z/webstorm.profile
+++ b/etc/profile-m-z/webstorm.profile
@@ -5,12 +5,12 @@ include webstorm.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.WebStorm* 8noblacklist ${HOME}/.WebStorm*
9nodeny ${HOME}/.android 9noblacklist ${HOME}/.android
10nodeny ${HOME}/.local/share/JetBrains 10noblacklist ${HOME}/.local/share/JetBrains
11nodeny ${HOME}/.tooling 11noblacklist ${HOME}/.tooling
12# Allow KDE file manager to open with log directories (blacklisted by disable-programs.inc) 12# Allow KDE file manager to open with log directories (blacklisted by disable-programs.inc)
13nodeny ${HOME}/.config/dolphinrc 13noblacklist ${HOME}/.config/dolphinrc
14 14
15# Allows files commonly used by IDEs 15# Allows files commonly used by IDEs
16include allow-common-devel.inc 16include allow-common-devel.inc
@@ -18,8 +18,8 @@ include allow-common-devel.inc
18# Allow ssh (blacklisted by disable-common.inc) 18# Allow ssh (blacklisted by disable-common.inc)
19include allow-ssh.inc 19include allow-ssh.inc
20 20
21nodeny ${PATH}/node 21noblacklist ${PATH}/node
22nodeny ${HOME}/.nvm 22noblacklist ${HOME}/.nvm
23 23
24include disable-common.inc 24include disable-common.inc
25include disable-devel.inc 25include disable-devel.inc
diff --git a/etc/profile-m-z/webui-aria2.profile b/etc/profile-m-z/webui-aria2.profile
index d1bbcfb67..d5a998f35 100644
--- a/etc/profile-m-z/webui-aria2.profile
+++ b/etc/profile-m-z/webui-aria2.profile
@@ -6,7 +6,7 @@ include webui-aria2.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${PATH}/node 9noblacklist ${PATH}/node
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/weechat.profile b/etc/profile-m-z/weechat.profile
index 99941a590..76935212f 100644
--- a/etc/profile-m-z/weechat.profile
+++ b/etc/profile-m-z/weechat.profile
@@ -6,12 +6,12 @@ include weechat.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.weechat 9noblacklist ${HOME}/.weechat
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-programs.inc 12include disable-programs.inc
13 13
14allow /usr/share/weechat 14whitelist /usr/share/weechat
15include whitelist-usr-share-common.inc 15include whitelist-usr-share-common.inc
16include whitelist-var-common.inc 16include whitelist-var-common.inc
17 17
diff --git a/etc/profile-m-z/wesnoth.profile b/etc/profile-m-z/wesnoth.profile
index 47b923e6a..199b3c6f0 100644
--- a/etc/profile-m-z/wesnoth.profile
+++ b/etc/profile-m-z/wesnoth.profile
@@ -6,9 +6,9 @@ include wesnoth.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/wesnoth 9noblacklist ${HOME}/.cache/wesnoth
10nodeny ${HOME}/.config/wesnoth 10noblacklist ${HOME}/.config/wesnoth
11nodeny ${HOME}/.local/share/wesnoth 11noblacklist ${HOME}/.local/share/wesnoth
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -19,9 +19,9 @@ include disable-programs.inc
19mkdir ${HOME}/.cache/wesnoth 19mkdir ${HOME}/.cache/wesnoth
20mkdir ${HOME}/.config/wesnoth 20mkdir ${HOME}/.config/wesnoth
21mkdir ${HOME}/.local/share/wesnoth 21mkdir ${HOME}/.local/share/wesnoth
22allow ${HOME}/.cache/wesnoth 22whitelist ${HOME}/.cache/wesnoth
23allow ${HOME}/.config/wesnoth 23whitelist ${HOME}/.config/wesnoth
24allow ${HOME}/.local/share/wesnoth 24whitelist ${HOME}/.local/share/wesnoth
25include whitelist-common.inc 25include whitelist-common.inc
26 26
27caps.drop all 27caps.drop all
diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile
index 3c4a4eb63..53c4711bd 100644
--- a/etc/profile-m-z/wget.profile
+++ b/etc/profile-m-z/wget.profile
@@ -7,12 +7,12 @@ include wget.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.netrc 10noblacklist ${HOME}/.netrc
11nodeny ${HOME}/.wget-hsts 11noblacklist ${HOME}/.wget-hsts
12nodeny ${HOME}/.wgetrc 12noblacklist ${HOME}/.wgetrc
13 13
14deny /tmp/.X11-unix 14blacklist /tmp/.X11-unix
15deny ${RUNUSER} 15blacklist ${RUNUSER}
16 16
17include disable-common.inc 17include disable-common.inc
18include disable-devel.inc 18include disable-devel.inc
diff --git a/etc/profile-m-z/whalebird.profile b/etc/profile-m-z/whalebird.profile
index fdbd406c2..22a84274d 100644
--- a/etc/profile-m-z/whalebird.profile
+++ b/etc/profile-m-z/whalebird.profile
@@ -13,10 +13,10 @@ ignore include whitelist-usr-share-common.inc
13ignore dbus-user none 13ignore dbus-user none
14ignore dbus-system none 14ignore dbus-system none
15 15
16nodeny ${HOME}/.config/Whalebird 16noblacklist ${HOME}/.config/Whalebird
17 17
18mkdir ${HOME}/.config/Whalebird 18mkdir ${HOME}/.config/Whalebird
19allow ${HOME}/.config/Whalebird 19whitelist ${HOME}/.config/Whalebird
20 20
21no3d 21no3d
22 22
diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile
index 35d7fe9cb..93871a5a4 100644
--- a/etc/profile-m-z/whois.profile
+++ b/etc/profile-m-z/whois.profile
@@ -7,8 +7,8 @@ include whois.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10deny /tmp/.X11-unix 10blacklist /tmp/.X11-unix
11deny ${RUNUSER} 11blacklist ${RUNUSER}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/widelands.profile b/etc/profile-m-z/widelands.profile
index 8f5adb0fc..0dc26b11d 100644
--- a/etc/profile-m-z/widelands.profile
+++ b/etc/profile-m-z/widelands.profile
@@ -6,7 +6,7 @@ include widelands.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.widelands 9noblacklist ${HOME}/.widelands
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,7 +18,7 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.widelands 20mkdir ${HOME}/.widelands
21allow ${HOME}/.widelands 21whitelist ${HOME}/.widelands
22include whitelist-common.inc 22include whitelist-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/wine.profile b/etc/profile-m-z/wine.profile
index 6bc68c829..0ea24aafd 100644
--- a/etc/profile-m-z/wine.profile
+++ b/etc/profile-m-z/wine.profile
@@ -6,13 +6,13 @@ include wine.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/winetricks 9noblacklist ${HOME}/.cache/winetricks
10nodeny ${HOME}/.Steam 10noblacklist ${HOME}/.Steam
11nodeny ${HOME}/.local/share/Steam 11noblacklist ${HOME}/.local/share/Steam
12nodeny ${HOME}/.local/share/steam 12noblacklist ${HOME}/.local/share/steam
13nodeny ${HOME}/.steam 13noblacklist ${HOME}/.steam
14nodeny ${HOME}/.wine 14noblacklist ${HOME}/.wine
15nodeny /tmp/.wine-* 15noblacklist /tmp/.wine-*
16 16
17include disable-common.inc 17include disable-common.inc
18include disable-devel.inc 18include disable-devel.inc
diff --git a/etc/profile-m-z/wire-desktop.profile b/etc/profile-m-z/wire-desktop.profile
index 5f40bbd48..151cd2adb 100644
--- a/etc/profile-m-z/wire-desktop.profile
+++ b/etc/profile-m-z/wire-desktop.profile
@@ -20,10 +20,10 @@ ignore private-cache
20ignore dbus-user none 20ignore dbus-user none
21ignore dbus-system none 21ignore dbus-system none
22 22
23nodeny ${HOME}/.config/Wire 23noblacklist ${HOME}/.config/Wire
24 24
25mkdir ${HOME}/.config/Wire 25mkdir ${HOME}/.config/Wire
26allow ${HOME}/.config/Wire 26whitelist ${HOME}/.config/Wire
27 27
28private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop 28private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop
29private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl 29private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl
diff --git a/etc/profile-m-z/wireshark.profile b/etc/profile-m-z/wireshark.profile
index f3f347283..1824026a8 100644
--- a/etc/profile-m-z/wireshark.profile
+++ b/etc/profile-m-z/wireshark.profile
@@ -6,9 +6,9 @@ include wireshark.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/wireshark 9noblacklist ${HOME}/.config/wireshark
10nodeny ${HOME}/.wireshark 10noblacklist ${HOME}/.wireshark
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13# Allow lua (blacklisted by disable-interpreters.inc) 13# Allow lua (blacklisted by disable-interpreters.inc)
14include allow-lua.inc 14include allow-lua.inc
@@ -21,7 +21,7 @@ include disable-passwdmgr.inc
21include disable-programs.inc 21include disable-programs.inc
22include disable-xdg.inc 22include disable-xdg.inc
23 23
24allow /usr/share/wireshark 24whitelist /usr/share/wireshark
25include whitelist-usr-share-common.inc 25include whitelist-usr-share-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
27 27
diff --git a/etc/profile-m-z/wordwarvi.profile b/etc/profile-m-z/wordwarvi.profile
index 1f1541a20..9c724a5d2 100644
--- a/etc/profile-m-z/wordwarvi.profile
+++ b/etc/profile-m-z/wordwarvi.profile
@@ -6,7 +6,7 @@ include wordwarvi.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.wordwarvi 9noblacklist ${HOME}/.wordwarvi
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,8 +18,8 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.wordwarvi 20mkdir ${HOME}/.wordwarvi
21allow ${HOME}/.wordwarvi 21whitelist ${HOME}/.wordwarvi
22allow /usr/share/wordwarvi 22whitelist /usr/share/wordwarvi
23include whitelist-common.inc 23include whitelist-common.inc
24include whitelist-usr-share-common.inc 24include whitelist-usr-share-common.inc
25include whitelist-var-common.inc 25include whitelist-var-common.inc
diff --git a/etc/profile-m-z/wps.profile b/etc/profile-m-z/wps.profile
index 6d16dfb04..a44b6490e 100644
--- a/etc/profile-m-z/wps.profile
+++ b/etc/profile-m-z/wps.profile
@@ -6,9 +6,9 @@ include wps.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.kingsoft 9noblacklist ${HOME}/.kingsoft
10nodeny ${HOME}/.config/Kingsoft 10noblacklist ${HOME}/.config/Kingsoft
11nodeny ${HOME}/.local/share/Kingsoft 11noblacklist ${HOME}/.local/share/Kingsoft
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/x2goclient.profile b/etc/profile-m-z/x2goclient.profile
index 311746cd9..557f07cd9 100644
--- a/etc/profile-m-z/x2goclient.profile
+++ b/etc/profile-m-z/x2goclient.profile
@@ -6,8 +6,8 @@ include x2goclient.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.x2go 9noblacklist ${HOME}/.x2go
10nodeny ${HOME}/.x2goclient 10noblacklist ${HOME}/.x2goclient
11 11
12# Allow ssh (blacklisted by disable-common.inc) 12# Allow ssh (blacklisted by disable-common.inc)
13include allow-ssh.inc 13include allow-ssh.inc
diff --git a/etc/profile-m-z/xbill.profile b/etc/profile-m-z/xbill.profile
index e545aa3a0..384f76acc 100644
--- a/etc/profile-m-z/xbill.profile
+++ b/etc/profile-m-z/xbill.profile
@@ -15,8 +15,8 @@ include disable-programs.inc
15include disable-shell.inc 15include disable-shell.inc
16include disable-xdg.inc 16include disable-xdg.inc
17 17
18allow /usr/share/xbill 18whitelist /usr/share/xbill
19allow /var/games/xbill/scores 19whitelist /var/games/xbill/scores
20include whitelist-common.inc 20include whitelist-common.inc
21include whitelist-usr-share-common.inc 21include whitelist-usr-share-common.inc
22include whitelist-var-common.inc 22include whitelist-var-common.inc
diff --git a/etc/profile-m-z/xchat.profile b/etc/profile-m-z/xchat.profile
index 7d0adbcc2..a94444aab 100644
--- a/etc/profile-m-z/xchat.profile
+++ b/etc/profile-m-z/xchat.profile
@@ -6,7 +6,7 @@ include xchat.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/xchat 9noblacklist ${HOME}/.config/xchat
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/xed.profile b/etc/profile-m-z/xed.profile
index 5db709bd1..4a3022e83 100644
--- a/etc/profile-m-z/xed.profile
+++ b/etc/profile-m-z/xed.profile
@@ -5,10 +5,10 @@ include xed.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/xed 8noblacklist ${HOME}/.config/xed
9nodeny ${HOME}/.python-history 9noblacklist ${HOME}/.python-history
10nodeny ${HOME}/.python_history 10noblacklist ${HOME}/.python_history
11nodeny ${HOME}/.pythonhist 11noblacklist ${HOME}/.pythonhist
12 12
13# Allow python (blacklisted by disable-interpreters.inc) 13# Allow python (blacklisted by disable-interpreters.inc)
14include allow-python2.inc 14include allow-python2.inc
diff --git a/etc/profile-m-z/xfburn.profile b/etc/profile-m-z/xfburn.profile
index 297ff6164..cd9561e74 100644
--- a/etc/profile-m-z/xfburn.profile
+++ b/etc/profile-m-z/xfburn.profile
@@ -6,7 +6,7 @@ include xfburn.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/xfburn 9noblacklist ${HOME}/.config/xfburn
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/xfce4-dict.profile b/etc/profile-m-z/xfce4-dict.profile
index 8ecd84116..ecd321c7e 100644
--- a/etc/profile-m-z/xfce4-dict.profile
+++ b/etc/profile-m-z/xfce4-dict.profile
@@ -6,7 +6,7 @@ include xfce4-dict.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/xfce4-dict 9noblacklist ${HOME}/.config/xfce4-dict
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile
index 8a6f9e921..bb38dbebd 100644
--- a/etc/profile-m-z/xfce4-mixer.profile
+++ b/etc/profile-m-z/xfce4-mixer.profile
@@ -6,7 +6,7 @@ include xfce4-mixer.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml 9noblacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,10 +18,10 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml 20mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml
21allow ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml 21whitelist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml
22allow /usr/share/gstreamer-* 22whitelist /usr/share/gstreamer-*
23allow /usr/share/xfce4 23whitelist /usr/share/xfce4
24allow /usr/share/xfce4-mixer 24whitelist /usr/share/xfce4-mixer
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-usr-share-common.inc 26include whitelist-usr-share-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
diff --git a/etc/profile-m-z/xfce4-notes.profile b/etc/profile-m-z/xfce4-notes.profile
index fe88f9b27..ebfb4333c 100644
--- a/etc/profile-m-z/xfce4-notes.profile
+++ b/etc/profile-m-z/xfce4-notes.profile
@@ -6,9 +6,9 @@ include xfce4-notes.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/xfce4/xfce4-notes.gtkrc 9noblacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc
10nodeny ${HOME}/.config/xfce4/xfce4-notes.rc 10noblacklist ${HOME}/.config/xfce4/xfce4-notes.rc
11nodeny ${HOME}/.local/share/notes 11noblacklist ${HOME}/.local/share/notes
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/xfce4-screenshooter.profile b/etc/profile-m-z/xfce4-screenshooter.profile
index baf222354..b1e5bafbf 100644
--- a/etc/profile-m-z/xfce4-screenshooter.profile
+++ b/etc/profile-m-z/xfce4-screenshooter.profile
@@ -6,7 +6,7 @@ include xfce4-screenshooter.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${PICTURES} 9noblacklist ${PICTURES}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,7 +17,7 @@ include disable-programs.inc
17include disable-shell.inc 17include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20allow /usr/share/xfce4 20whitelist /usr/share/xfce4
21include whitelist-runuser-common.inc 21include whitelist-runuser-common.inc
22include whitelist-usr-share-common.inc 22include whitelist-usr-share-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
diff --git a/etc/profile-m-z/xiphos.profile b/etc/profile-m-z/xiphos.profile
index 5c11cbd66..81d98db7a 100644
--- a/etc/profile-m-z/xiphos.profile
+++ b/etc/profile-m-z/xiphos.profile
@@ -6,10 +6,10 @@ include xiphos.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.sword 9noblacklist ${HOME}/.sword
10nodeny ${HOME}/.xiphos 10noblacklist ${HOME}/.xiphos
11 11
12deny ${HOME}/.bashrc 12blacklist ${HOME}/.bashrc
13 13
14include disable-common.inc 14include disable-common.inc
15include disable-devel.inc 15include disable-devel.inc
@@ -21,8 +21,8 @@ include disable-shell.inc
21 21
22mkdir ${HOME}/.sword 22mkdir ${HOME}/.sword
23mkdir ${HOME}/.xiphos 23mkdir ${HOME}/.xiphos
24allow ${HOME}/.sword 24whitelist ${HOME}/.sword
25allow ${HOME}/.xiphos 25whitelist ${HOME}/.xiphos
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-var-common.inc 27include whitelist-var-common.inc
28 28
diff --git a/etc/profile-m-z/xlinks.profile b/etc/profile-m-z/xlinks.profile
index da4801101..d5e25cfe7 100644
--- a/etc/profile-m-z/xlinks.profile
+++ b/etc/profile-m-z/xlinks.profile
@@ -7,7 +7,7 @@ include xlinks.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny /tmp/.X11-unix 10noblacklist /tmp/.X11-unix
11 11
12include whitelist-common.inc 12include whitelist-common.inc
13 13
diff --git a/etc/profile-m-z/xlinks2 b/etc/profile-m-z/xlinks2
index a7612cb2a..1ae6a60ca 100644
--- a/etc/profile-m-z/xlinks2
+++ b/etc/profile-m-z/xlinks2
@@ -7,7 +7,7 @@ include xlinks2.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny /tmp/.X11-unix 10noblacklist /tmp/.X11-unix
11 11
12include whitelist-common.inc 12include whitelist-common.inc
13 13
diff --git a/etc/profile-m-z/xmms.profile b/etc/profile-m-z/xmms.profile
index 1ed35f29a..25261d925 100644
--- a/etc/profile-m-z/xmms.profile
+++ b/etc/profile-m-z/xmms.profile
@@ -5,8 +5,8 @@ include xmms.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.xmms 8noblacklist ${HOME}/.xmms
9nodeny ${MUSIC} 9noblacklist ${MUSIC}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
diff --git a/etc/profile-m-z/xmr-stak.profile b/etc/profile-m-z/xmr-stak.profile
index c97c12f56..e7020f36b 100644
--- a/etc/profile-m-z/xmr-stak.profile
+++ b/etc/profile-m-z/xmr-stak.profile
@@ -5,7 +5,7 @@ include xmr-stak.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.xmr-stak 8noblacklist ${HOME}/.xmr-stak
9 9
10include disable-common.inc 10include disable-common.inc
11include disable-devel.inc 11include disable-devel.inc
diff --git a/etc/profile-m-z/xonotic.profile b/etc/profile-m-z/xonotic.profile
index 94a09198c..53c9a0a08 100644
--- a/etc/profile-m-z/xonotic.profile
+++ b/etc/profile-m-z/xonotic.profile
@@ -6,7 +6,7 @@ include xonotic.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.xonotic 9noblacklist ${HOME}/.xonotic
10 10
11include allow-bin-sh.inc 11include allow-bin-sh.inc
12include allow-opengl-game.inc 12include allow-opengl-game.inc
@@ -21,8 +21,8 @@ include disable-shell.inc
21include disable-xdg.inc 21include disable-xdg.inc
22 22
23mkdir ${HOME}/.xonotic 23mkdir ${HOME}/.xonotic
24allow ${HOME}/.xonotic 24whitelist ${HOME}/.xonotic
25allow /usr/share/xonotic 25whitelist /usr/share/xonotic
26include whitelist-common.inc 26include whitelist-common.inc
27include whitelist-runuser-common.inc 27include whitelist-runuser-common.inc
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile
index 34a188a4e..c4f092d50 100644
--- a/etc/profile-m-z/xournal.profile
+++ b/etc/profile-m-z/xournal.profile
@@ -6,7 +6,7 @@ include xournal.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -17,8 +17,8 @@ include disable-programs.inc
17include disable-shell.inc 17include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20allow /usr/share/xournal 20whitelist /usr/share/xournal
21allow /usr/share/poppler 21whitelist /usr/share/poppler
22include whitelist-usr-share-common.inc 22include whitelist-usr-share-common.inc
23include whitelist-var-common.inc 23include whitelist-var-common.inc
24 24
diff --git a/etc/profile-m-z/xournalpp.profile b/etc/profile-m-z/xournalpp.profile
index f82d2a5d3..988b878b9 100644
--- a/etc/profile-m-z/xournalpp.profile
+++ b/etc/profile-m-z/xournalpp.profile
@@ -7,13 +7,13 @@ include xournalpp.local
7# added by included profile 7# added by included profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.xournalpp 10noblacklist ${HOME}/.xournalpp
11 11
12include allow-lua.inc 12include allow-lua.inc
13 13
14allow /usr/share/texlive 14whitelist /usr/share/texlive
15allow /usr/share/xournalpp 15whitelist /usr/share/xournalpp
16allow /var/lib/texmf 16whitelist /var/lib/texmf
17include whitelist-runuser-common.inc 17include whitelist-runuser-common.inc
18 18
19#mkdir ${HOME}/.xournalpp 19#mkdir ${HOME}/.xournalpp
diff --git a/etc/profile-m-z/xpdf.profile b/etc/profile-m-z/xpdf.profile
index 9da63b52a..1447ec9a7 100644
--- a/etc/profile-m-z/xpdf.profile
+++ b/etc/profile-m-z/xpdf.profile
@@ -6,8 +6,8 @@ include xpdf.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.xpdfrc 9noblacklist ${HOME}/.xpdfrc
10nodeny ${DOCUMENTS} 10noblacklist ${DOCUMENTS}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/xplayer.profile b/etc/profile-m-z/xplayer.profile
index 4af4586e3..c3bb3292c 100644
--- a/etc/profile-m-z/xplayer.profile
+++ b/etc/profile-m-z/xplayer.profile
@@ -5,8 +5,8 @@ include xplayer.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.config/xplayer 8noblacklist ${HOME}/.config/xplayer
9nodeny ${HOME}/.local/share/xplayer 9noblacklist ${HOME}/.local/share/xplayer
10 10
11# Allow python (blacklisted by disable-interpreters.inc) 11# Allow python (blacklisted by disable-interpreters.inc)
12include allow-python2.inc 12include allow-python2.inc
@@ -22,8 +22,8 @@ include disable-programs.inc
22read-only ${DESKTOP} 22read-only ${DESKTOP}
23mkdir ${HOME}/.config/xplayer 23mkdir ${HOME}/.config/xplayer
24mkdir ${HOME}/.local/share/xplayer 24mkdir ${HOME}/.local/share/xplayer
25allow ${HOME}/.config/xplayer 25whitelist ${HOME}/.config/xplayer
26allow ${HOME}/.local/share/xplayer 26whitelist ${HOME}/.local/share/xplayer
27include whitelist-common.inc 27include whitelist-common.inc
28include whitelist-player-common.inc 28include whitelist-player-common.inc
29include whitelist-var-common.inc 29include whitelist-var-common.inc
diff --git a/etc/profile-m-z/xpra.profile b/etc/profile-m-z/xpra.profile
index 28fbc94dd..6e409e1aa 100644
--- a/etc/profile-m-z/xpra.profile
+++ b/etc/profile-m-z/xpra.profile
@@ -25,7 +25,7 @@ include disable-interpreters.inc
25include disable-passwdmgr.inc 25include disable-passwdmgr.inc
26include disable-programs.inc 26include disable-programs.inc
27 27
28allow /var/lib/xkb 28whitelist /var/lib/xkb
29# whitelisting home directory, or including whitelist-common.inc 29# whitelisting home directory, or including whitelist-common.inc
30# will crash xpra on some platforms 30# will crash xpra on some platforms
31 31
diff --git a/etc/profile-m-z/xreader.profile b/etc/profile-m-z/xreader.profile
index 440f26af2..3ab35edfc 100644
--- a/etc/profile-m-z/xreader.profile
+++ b/etc/profile-m-z/xreader.profile
@@ -6,9 +6,9 @@ include xreader.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.cache/xreader 9noblacklist ${HOME}/.cache/xreader
10nodeny ${HOME}/.config/xreader 10noblacklist ${HOME}/.config/xreader
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/xviewer.profile b/etc/profile-m-z/xviewer.profile
index 671e0cf5b..4d454f81c 100644
--- a/etc/profile-m-z/xviewer.profile
+++ b/etc/profile-m-z/xviewer.profile
@@ -5,10 +5,10 @@ include xviewer.local
5# Persistent global definitions 5# Persistent global definitions
6include globals.local 6include globals.local
7 7
8nodeny ${HOME}/.Steam 8noblacklist ${HOME}/.Steam
9nodeny ${HOME}/.config/xviewer 9noblacklist ${HOME}/.config/xviewer
10nodeny ${HOME}/.local/share/Trash 10noblacklist ${HOME}/.local/share/Trash
11nodeny ${HOME}/.steam 11noblacklist ${HOME}/.steam
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
diff --git a/etc/profile-m-z/yandex-browser.profile b/etc/profile-m-z/yandex-browser.profile
index 27d0eb411..81cd021f7 100644
--- a/etc/profile-m-z/yandex-browser.profile
+++ b/etc/profile-m-z/yandex-browser.profile
@@ -10,19 +10,19 @@ ignore whitelist /usr/share/chromium
10ignore include whitelist-runuser-common.inc 10ignore include whitelist-runuser-common.inc
11ignore include whitelist-usr-share-common.inc 11ignore include whitelist-usr-share-common.inc
12 12
13nodeny ${HOME}/.cache/yandex-browser 13noblacklist ${HOME}/.cache/yandex-browser
14nodeny ${HOME}/.cache/yandex-browser-beta 14noblacklist ${HOME}/.cache/yandex-browser-beta
15nodeny ${HOME}/.config/yandex-browser 15noblacklist ${HOME}/.config/yandex-browser
16nodeny ${HOME}/.config/yandex-browser-beta 16noblacklist ${HOME}/.config/yandex-browser-beta
17 17
18mkdir ${HOME}/.cache/yandex-browser 18mkdir ${HOME}/.cache/yandex-browser
19mkdir ${HOME}/.cache/yandex-browser-beta 19mkdir ${HOME}/.cache/yandex-browser-beta
20mkdir ${HOME}/.config/yandex-browser 20mkdir ${HOME}/.config/yandex-browser
21mkdir ${HOME}/.config/yandex-browser-beta 21mkdir ${HOME}/.config/yandex-browser-beta
22allow ${HOME}/.cache/yandex-browser 22whitelist ${HOME}/.cache/yandex-browser
23allow ${HOME}/.cache/yandex-browser-beta 23whitelist ${HOME}/.cache/yandex-browser-beta
24allow ${HOME}/.config/yandex-browser 24whitelist ${HOME}/.config/yandex-browser
25allow ${HOME}/.config/yandex-browser-beta 25whitelist ${HOME}/.config/yandex-browser-beta
26 26
27# Redirect 27# Redirect
28include chromium-common.profile 28include chromium-common.profile
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile
index b288993f2..dee154409 100644
--- a/etc/profile-m-z/yelp.profile
+++ b/etc/profile-m-z/yelp.profile
@@ -6,7 +6,7 @@ include yelp.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/yelp 9noblacklist ${HOME}/.config/yelp
10 10
11include disable-common.inc 11include disable-common.inc
12include disable-devel.inc 12include disable-devel.inc
@@ -18,15 +18,15 @@ include disable-shell.inc
18include disable-xdg.inc 18include disable-xdg.inc
19 19
20mkdir ${HOME}/.config/yelp 20mkdir ${HOME}/.config/yelp
21allow ${HOME}/.config/yelp 21whitelist ${HOME}/.config/yelp
22allow /usr/libexec/webkit2gtk-4.0 22whitelist /usr/libexec/webkit2gtk-4.0
23allow /usr/share/doc 23whitelist /usr/share/doc
24allow /usr/share/groff 24whitelist /usr/share/groff
25allow /usr/share/help 25whitelist /usr/share/help
26allow /usr/share/man 26whitelist /usr/share/man
27allow /usr/share/yelp 27whitelist /usr/share/yelp
28allow /usr/share/yelp-tools 28whitelist /usr/share/yelp-tools
29allow /usr/share/yelp-xsl 29whitelist /usr/share/yelp-xsl
30include whitelist-common.inc 30include whitelist-common.inc
31include whitelist-runuser-common.inc 31include whitelist-runuser-common.inc
32include whitelist-usr-share-common.inc 32include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/youtube-dl-gui.profile b/etc/profile-m-z/youtube-dl-gui.profile
index 26ea3acaa..b52271a2c 100644
--- a/etc/profile-m-z/youtube-dl-gui.profile
+++ b/etc/profile-m-z/youtube-dl-gui.profile
@@ -8,7 +8,7 @@ include globals.local
8include allow-python2.inc 8include allow-python2.inc
9include allow-python3.inc 9include allow-python3.inc
10 10
11nodeny ${HOME}/.config/youtube-dlg 11noblacklist ${HOME}/.config/youtube-dlg
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -20,8 +20,8 @@ include disable-shell.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22mkdir ${HOME}/.config/youtube-dlg 22mkdir ${HOME}/.config/youtube-dlg
23allow ${HOME}/.config/youtube-dlg 23whitelist ${HOME}/.config/youtube-dlg
24allow ${DOWNLOADS} 24whitelist ${DOWNLOADS}
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-runuser-common.inc 26include whitelist-runuser-common.inc
27include whitelist-usr-share-common.inc 27include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile
index 37f87d0b5..24c4d6db3 100644
--- a/etc/profile-m-z/youtube-dl.profile
+++ b/etc/profile-m-z/youtube-dl.profile
@@ -10,18 +10,18 @@ include globals.local
10# breaks when installed under ${HOME} via `pip install --user` (see #2833) 10# breaks when installed under ${HOME} via `pip install --user` (see #2833)
11ignore noexec ${HOME} 11ignore noexec ${HOME}
12 12
13nodeny ${HOME}/.cache/youtube-dl 13noblacklist ${HOME}/.cache/youtube-dl
14nodeny ${HOME}/.config/youtube-dl 14noblacklist ${HOME}/.config/youtube-dl
15nodeny ${HOME}/.netrc 15noblacklist ${HOME}/.netrc
16nodeny ${MUSIC} 16noblacklist ${MUSIC}
17nodeny ${VIDEOS} 17noblacklist ${VIDEOS}
18 18
19# Allow python (blacklisted by disable-interpreters.inc) 19# Allow python (blacklisted by disable-interpreters.inc)
20include allow-python2.inc 20include allow-python2.inc
21include allow-python3.inc 21include allow-python3.inc
22 22
23deny /tmp/.X11-unix 23blacklist /tmp/.X11-unix
24deny ${RUNUSER} 24blacklist ${RUNUSER}
25 25
26include disable-common.inc 26include disable-common.inc
27include disable-devel.inc 27include disable-devel.inc
diff --git a/etc/profile-m-z/youtube-viewer.profile b/etc/profile-m-z/youtube-viewer.profile
index 84b8bbc6a..b54dd37ad 100644
--- a/etc/profile-m-z/youtube-viewer.profile
+++ b/etc/profile-m-z/youtube-viewer.profile
@@ -7,13 +7,13 @@ include youtube-viewer.local
7# Persistent global definitions 7# Persistent global definitions
8include globals.local 8include globals.local
9 9
10nodeny ${HOME}/.cache/youtube-viewer 10noblacklist ${HOME}/.cache/youtube-viewer
11nodeny ${HOME}/.config/youtube-viewer 11noblacklist ${HOME}/.config/youtube-viewer
12 12
13mkdir ${HOME}/.cache/youtube-viewer 13mkdir ${HOME}/.cache/youtube-viewer
14mkdir ${HOME}/.config/youtube-viewer 14mkdir ${HOME}/.config/youtube-viewer
15allow ${HOME}/.cache/youtube-viewer 15whitelist ${HOME}/.cache/youtube-viewer
16allow ${HOME}/.config/youtube-viewer 16whitelist ${HOME}/.config/youtube-viewer
17 17
18private-bin gtk-youtube-viewer,gtk2-youtube-viewer,gtk3-youtube-viewer,youtube-viewer 18private-bin gtk-youtube-viewer,gtk2-youtube-viewer,gtk3-youtube-viewer,youtube-viewer
19 19
diff --git a/etc/profile-m-z/youtube-viewers-common.profile b/etc/profile-m-z/youtube-viewers-common.profile
index f531f815e..25a073d4a 100644
--- a/etc/profile-m-z/youtube-viewers-common.profile
+++ b/etc/profile-m-z/youtube-viewers-common.profile
@@ -7,7 +7,7 @@ include youtube-viewers-common.local
7# added by caller profile 7# added by caller profile
8#include globals.local 8#include globals.local
9 9
10nodeny ${HOME}/.cache/youtube-dl 10noblacklist ${HOME}/.cache/youtube-dl
11 11
12# Allow lua (blacklisted by disable-interpreters.inc) 12# Allow lua (blacklisted by disable-interpreters.inc)
13include allow-lua.inc 13include allow-lua.inc
@@ -27,8 +27,8 @@ include disable-passwdmgr.inc
27include disable-programs.inc 27include disable-programs.inc
28include disable-xdg.inc 28include disable-xdg.inc
29 29
30allow ${DOWNLOADS} 30whitelist ${DOWNLOADS}
31allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs 31whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs
32include whitelist-common.inc 32include whitelist-common.inc
33include whitelist-runuser-common.inc 33include whitelist-runuser-common.inc
34include whitelist-usr-share-common.inc 34include whitelist-usr-share-common.inc
diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile
index b015fb013..ad7ceaee4 100644
--- a/etc/profile-m-z/youtube.profile
+++ b/etc/profile-m-z/youtube.profile
@@ -9,12 +9,12 @@ include globals.local
9# Disabled until someone reported positive feedback 9# Disabled until someone reported positive feedback
10ignore nou2f 10ignore nou2f
11 11
12nodeny ${HOME}/.config/Youtube 12noblacklist ${HOME}/.config/Youtube
13 13
14include disable-shell.inc 14include disable-shell.inc
15 15
16mkdir ${HOME}/.config/Youtube 16mkdir ${HOME}/.config/Youtube
17allow ${HOME}/.config/Youtube 17whitelist ${HOME}/.config/Youtube
18 18
19private-bin youtube 19private-bin youtube
20private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg 20private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile
index d594a3d0f..74b0e38b9 100644
--- a/etc/profile-m-z/youtubemusic-nativefier.profile
+++ b/etc/profile-m-z/youtubemusic-nativefier.profile
@@ -6,12 +6,12 @@ include youtube.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/youtubemusic-nativefier-040164 9noblacklist ${HOME}/.config/youtubemusic-nativefier-040164
10 10
11include disable-shell.inc 11include disable-shell.inc
12 12
13mkdir ${HOME}/.config/youtubemusic-nativefier-040164 13mkdir ${HOME}/.config/youtubemusic-nativefier-040164
14allow ${HOME}/.config/youtubemusic-nativefier-040164 14whitelist ${HOME}/.config/youtubemusic-nativefier-040164
15 15
16private-bin youtubemusic-nativefier 16private-bin youtubemusic-nativefier
17private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg 17private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile
index 9987c953e..ab46fccc2 100644
--- a/etc/profile-m-z/ytmdesktop.profile
+++ b/etc/profile-m-z/ytmdesktop.profile
@@ -8,10 +8,10 @@ include globals.local
8 8
9ignore dbus-user none 9ignore dbus-user none
10 10
11nodeny ${HOME}/.config/youtube-music-desktop-app 11noblacklist ${HOME}/.config/youtube-music-desktop-app
12 12
13mkdir ${HOME}/.config/youtube-music-desktop-app 13mkdir ${HOME}/.config/youtube-music-desktop-app
14allow ${HOME}/.config/youtube-music-desktop-app 14whitelist ${HOME}/.config/youtube-music-desktop-app
15 15
16# private-bin env,ytmdesktop 16# private-bin env,ytmdesktop
17private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg 17private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
diff --git a/etc/profile-m-z/zaproxy.profile b/etc/profile-m-z/zaproxy.profile
index 2f18a8c45..5a168feb6 100644
--- a/etc/profile-m-z/zaproxy.profile
+++ b/etc/profile-m-z/zaproxy.profile
@@ -6,7 +6,7 @@ include zaproxy.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.ZAP 9noblacklist ${HOME}/.ZAP
10 10
11# Allow java (blacklisted by disable-devel.inc) 11# Allow java (blacklisted by disable-devel.inc)
12include allow-java.inc 12include allow-java.inc
@@ -20,8 +20,8 @@ include disable-programs.inc
20 20
21mkdir ${HOME}/.java 21mkdir ${HOME}/.java
22mkdir ${HOME}/.ZAP 22mkdir ${HOME}/.ZAP
23allow ${HOME}/.java 23whitelist ${HOME}/.java
24allow ${HOME}/.ZAP 24whitelist ${HOME}/.ZAP
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
27 27
diff --git a/etc/profile-m-z/zart.profile b/etc/profile-m-z/zart.profile
index 32ff4f8ed..10f83aa30 100644
--- a/etc/profile-m-z/zart.profile
+++ b/etc/profile-m-z/zart.profile
@@ -6,8 +6,8 @@ include zart.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${DOCUMENTS} 9noblacklist ${DOCUMENTS}
10nodeny ${PICTURES} 10noblacklist ${PICTURES}
11 11
12include disable-common.inc 12include disable-common.inc
13include disable-devel.inc 13include disable-devel.inc
diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile
index 4bc841f63..d0e68c980 100644
--- a/etc/profile-m-z/zathura.profile
+++ b/etc/profile-m-z/zathura.profile
@@ -6,9 +6,9 @@ include zathura.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/zathura 9noblacklist ${HOME}/.config/zathura
10nodeny ${HOME}/.local/share/zathura 10noblacklist ${HOME}/.local/share/zathura
11nodeny ${DOCUMENTS} 11noblacklist ${DOCUMENTS}
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -22,8 +22,8 @@ include disable-xdg.inc
22 22
23mkdir ${HOME}/.config/zathura 23mkdir ${HOME}/.config/zathura
24mkdir ${HOME}/.local/share/zathura 24mkdir ${HOME}/.local/share/zathura
25allow /usr/share/doc 25whitelist /usr/share/doc
26allow /usr/share/zathura 26whitelist /usr/share/zathura
27include whitelist-runuser-common.inc 27include whitelist-runuser-common.inc
28include whitelist-usr-share-common.inc 28include whitelist-usr-share-common.inc
29include whitelist-var-common.inc 29include whitelist-var-common.inc
diff --git a/etc/profile-m-z/zcat.profile b/etc/profile-m-z/zcat.profile
index 904ea9f05..5de13ab90 100644
--- a/etc/profile-m-z/zcat.profile
+++ b/etc/profile-m-z/zcat.profile
@@ -9,7 +9,7 @@ include zcat.local
9 9
10# Allow running kernel config check 10# Allow running kernel config check
11ignore include disable-shell.inc 11ignore include disable-shell.inc
12nodeny /proc/config.gz 12noblacklist /proc/config.gz
13 13
14# Redirect 14# Redirect
15include gzip.profile 15include gzip.profile
diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile
index 458df2a46..2c6f6910f 100644
--- a/etc/profile-m-z/zeal.profile
+++ b/etc/profile-m-z/zeal.profile
@@ -6,9 +6,9 @@ include zeal.local
6# Persistent global definitions 6# Persistent global definitions
7include globals.local 7include globals.local
8 8
9nodeny ${HOME}/.config/Zeal 9noblacklist ${HOME}/.config/Zeal
10nodeny ${HOME}/.cache/Zeal 10noblacklist ${HOME}/.cache/Zeal
11nodeny ${HOME}/.local/share/Zeal 11noblacklist ${HOME}/.local/share/Zeal
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -23,9 +23,9 @@ mkdir ${HOME}/.cache/Zeal
23mkdir ${HOME}/.config/qt5ct 23mkdir ${HOME}/.config/qt5ct
24mkdir ${HOME}/.config/Zeal 24mkdir ${HOME}/.config/Zeal
25mkdir ${HOME}/.local/share/Zeal 25mkdir ${HOME}/.local/share/Zeal
26allow ${HOME}/.cache/Zeal 26whitelist ${HOME}/.cache/Zeal
27allow ${HOME}/.config/Zeal 27whitelist ${HOME}/.config/Zeal
28allow ${HOME}/.local/share/Zeal 28whitelist ${HOME}/.local/share/Zeal
29include whitelist-common.inc 29include whitelist-common.inc
30include whitelist-var-common.inc 30include whitelist-var-common.inc
31 31
diff --git a/etc/profile-m-z/zgrep.profile b/etc/profile-m-z/zgrep.profile
index e2dfbd105..f63dc871f 100644
--- a/etc/profile-m-z/zgrep.profile
+++ b/etc/profile-m-z/zgrep.profile
@@ -9,7 +9,7 @@ include zgrep.local
9 9
10# Allow running kernel config check 10# Allow running kernel config check
11ignore include disable-shell.inc 11ignore include disable-shell.inc
12nodeny /proc/config.gz 12noblacklist /proc/config.gz
13 13
14# Redirect 14# Redirect
15include gzip.profile 15include gzip.profile
diff --git a/etc/profile-m-z/zoom.profile b/etc/profile-m-z/zoom.profile
index 6b0417b56..ac615d861 100644
--- a/etc/profile-m-z/zoom.profile
+++ b/etc/profile-m-z/zoom.profile
@@ -16,17 +16,17 @@ ignore dbus-system none
16# If you use such a system, add 'ignore nogroups' to your zoom.local. 16# If you use such a system, add 'ignore nogroups' to your zoom.local.
17#ignore nogroups 17#ignore nogroups
18 18
19nodeny ${HOME}/.config/zoomus.conf 19noblacklist ${HOME}/.config/zoomus.conf
20nodeny ${HOME}/.zoom 20noblacklist ${HOME}/.zoom
21 21
22noallow ${DOWNLOADS} 22nowhitelist ${DOWNLOADS}
23 23
24mkdir ${HOME}/.cache/zoom 24mkdir ${HOME}/.cache/zoom
25mkfile ${HOME}/.config/zoomus.conf 25mkfile ${HOME}/.config/zoomus.conf
26mkdir ${HOME}/.zoom 26mkdir ${HOME}/.zoom
27allow ${HOME}/.cache/zoom 27whitelist ${HOME}/.cache/zoom
28allow ${HOME}/.config/zoomus.conf 28whitelist ${HOME}/.config/zoomus.conf
29allow ${HOME}/.zoom 29whitelist ${HOME}/.zoom
30 30
31# Disable for now, see https://github.com/netblue30/firejail/issues/3726 31# Disable for now, see https://github.com/netblue30/firejail/issues/3726
32#private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl 32#private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl
diff --git a/etc/profile-m-z/zulip.profile b/etc/profile-m-z/zulip.profile
index cdbbdccf1..093da5212 100644
--- a/etc/profile-m-z/zulip.profile
+++ b/etc/profile-m-z/zulip.profile
@@ -8,7 +8,7 @@ include globals.local
8 8
9ignore noexec /tmp 9ignore noexec /tmp
10 10
11nodeny ${HOME}/.config/Zulip 11noblacklist ${HOME}/.config/Zulip
12 12
13include disable-common.inc 13include disable-common.inc
14include disable-devel.inc 14include disable-devel.inc
@@ -20,8 +20,8 @@ include disable-shell.inc
20include disable-xdg.inc 20include disable-xdg.inc
21 21
22mkdir ${HOME}/.config/Zulip 22mkdir ${HOME}/.config/Zulip
23allow ${HOME}/.config/Zulip 23whitelist ${HOME}/.config/Zulip
24allow ${DOWNLOADS} 24whitelist ${DOWNLOADS}
25include whitelist-common.inc 25include whitelist-common.inc
26include whitelist-var-common.inc 26include whitelist-var-common.inc
27 27
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-26 07:54:58 +0000