diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2024-03-27 12:13:47 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-03-27 12:13:47 +0000 |
commit | 0060b5105b1fc74aecae71b60b473451a8b65020 (patch) | |
tree | 4b729d3d9b568ba1b251abf8f5ea1ef02724fca5 /etc | |
parent | profiles: sort blacklist sections (#6289) (diff) | |
download | firejail-0060b5105b1fc74aecae71b60b473451a8b65020.tar.gz firejail-0060b5105b1fc74aecae71b60b473451a8b65020.tar.zst firejail-0060b5105b1fc74aecae71b60b473451a8b65020.zip |
profiles: rename disable-X11.inc to disable-x11.inc (#6294)
That is, make "X11" lowercase so that the order of the includes in the
disable- section remain the same when sorted with `LC_ALL=C`, as is the
case for most of the other sections. That is also likely to be the
default in text editors (such as in vim on Arch), so this should make
the disable- section more consistent and easier to sort when editing the
profile.
Also, keep the old include as a redirect to the new one for now to avoid
breakage.
Commands used to search and replace:
git mv etc/inc/disable-X11.inc etc/inc/disable-x11.inc
git grep -Ilz 'disable-X11' -- etc | xargs -0 \
perl -pi -e 's/disable-X11/disable-x11/'
Relates to #4462 #4854 #6070 #6289.
This is a follow-up to #6286.
Diffstat (limited to 'etc')
62 files changed, 81 insertions, 73 deletions
diff --git a/etc/inc/disable-X11.inc b/etc/inc/disable-X11.inc index d227c7a0b..9f2bb47ae 100644 --- a/etc/inc/disable-X11.inc +++ b/etc/inc/disable-X11.inc | |||
@@ -2,14 +2,7 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include disable-X11.local | 3 | include disable-X11.local |
4 | 4 | ||
5 | blacklist /tmp/.X11-unix | 5 | # Warning: This file is deprecated; use disable-x11.inc (lowercase) instead. |
6 | blacklist ${HOME}/.Xauthority | 6 | |
7 | blacklist ${RUNUSER}/gdm/Xauthority | 7 | # Redirect |
8 | blacklist ${RUNUSER}/.mutter-Xwaylandauth* | 8 | include disable-x11.inc |
9 | blacklist ${RUNUSER}/xauth_* | ||
10 | #blacklist ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] | ||
11 | blacklist /tmp/xauth* | ||
12 | blacklist /tmp/.ICE-unix | ||
13 | blacklist ${RUNUSER}/ICEauthority | ||
14 | rmenv DISPLAY | ||
15 | rmenv XAUTHORITY | ||
diff --git a/etc/inc/disable-x11.inc b/etc/inc/disable-x11.inc new file mode 100644 index 000000000..d78329046 --- /dev/null +++ b/etc/inc/disable-x11.inc | |||
@@ -0,0 +1,15 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include disable-x11.local | ||
4 | |||
5 | blacklist /tmp/.X11-unix | ||
6 | blacklist ${HOME}/.Xauthority | ||
7 | blacklist ${RUNUSER}/gdm/Xauthority | ||
8 | blacklist ${RUNUSER}/.mutter-Xwaylandauth* | ||
9 | blacklist ${RUNUSER}/xauth_* | ||
10 | #blacklist ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] | ||
11 | blacklist /tmp/xauth* | ||
12 | blacklist /tmp/.ICE-unix | ||
13 | blacklist ${RUNUSER}/ICEauthority | ||
14 | rmenv DISPLAY | ||
15 | rmenv XAUTHORITY | ||
diff --git a/etc/profile-a-l/agetpkg.profile b/etc/profile-a-l/agetpkg.profile index e455a17db..1bf954e3a 100644 --- a/etc/profile-a-l/agetpkg.profile +++ b/etc/profile-a-l/agetpkg.profile | |||
@@ -19,7 +19,7 @@ include disable-exec.inc | |||
19 | include disable-interpreters.inc | 19 | include disable-interpreters.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-shell.inc | 21 | include disable-shell.inc |
22 | include disable-X11.inc | 22 | include disable-x11.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | whitelist ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
diff --git a/etc/profile-a-l/alpine.profile b/etc/profile-a-l/alpine.profile index 2ded32959..7ff2058a5 100644 --- a/etc/profile-a-l/alpine.profile +++ b/etc/profile-a-l/alpine.profile | |||
@@ -38,7 +38,7 @@ include disable-exec.inc | |||
38 | include disable-interpreters.inc | 38 | include disable-interpreters.inc |
39 | include disable-programs.inc | 39 | include disable-programs.inc |
40 | include disable-shell.inc | 40 | include disable-shell.inc |
41 | include disable-X11.inc | 41 | include disable-x11.inc |
42 | include disable-xdg.inc | 42 | include disable-xdg.inc |
43 | 43 | ||
44 | #whitelist ${DOCUMENTS} | 44 | #whitelist ${DOCUMENTS} |
diff --git a/etc/profile-a-l/aria2c.profile b/etc/profile-a-l/aria2c.profile index 0d70cf381..a3add6a4d 100644 --- a/etc/profile-a-l/aria2c.profile +++ b/etc/profile-a-l/aria2c.profile | |||
@@ -18,7 +18,7 @@ include disable-devel.inc | |||
18 | include disable-exec.inc | 18 | include disable-exec.inc |
19 | include disable-interpreters.inc | 19 | include disable-interpreters.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-X11.inc | 21 | include disable-x11.inc |
22 | 22 | ||
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
diff --git a/etc/profile-a-l/bpftop.profile b/etc/profile-a-l/bpftop.profile index 7670f1b4b..d5b723f17 100644 --- a/etc/profile-a-l/bpftop.profile +++ b/etc/profile-a-l/bpftop.profile | |||
@@ -17,7 +17,7 @@ include disable-interpreters.inc | |||
17 | include disable-proc.inc | 17 | include disable-proc.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
diff --git a/etc/profile-a-l/build-systems-common.profile b/etc/profile-a-l/build-systems-common.profile index 8616996d2..9761efc72 100644 --- a/etc/profile-a-l/build-systems-common.profile +++ b/etc/profile-a-l/build-systems-common.profile | |||
@@ -25,7 +25,7 @@ include disable-exec.inc | |||
25 | include disable-interpreters.inc | 25 | include disable-interpreters.inc |
26 | include disable-programs.inc | 26 | include disable-programs.inc |
27 | include disable-shell.inc | 27 | include disable-shell.inc |
28 | include disable-X11.inc | 28 | include disable-x11.inc |
29 | include disable-xdg.inc | 29 | include disable-xdg.inc |
30 | 30 | ||
31 | #whitelist ${HOME}/Projects | 31 | #whitelist ${HOME}/Projects |
diff --git a/etc/profile-a-l/clac.profile b/etc/profile-a-l/clac.profile index cd2b2522d..7a8104b63 100644 --- a/etc/profile-a-l/clac.profile +++ b/etc/profile-a-l/clac.profile | |||
@@ -16,7 +16,7 @@ include disable-interpreters.inc | |||
16 | include disable-proc.inc | 16 | include disable-proc.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | #include disable-X11.inc # x11 none | 19 | #include disable-x11.inc # x11 none |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | #include whitelist-common.inc # see #903 | 22 | #include whitelist-common.inc # see #903 |
diff --git a/etc/profile-a-l/cloneit.profile b/etc/profile-a-l/cloneit.profile index 827dd1de2..abbeb9d77 100644 --- a/etc/profile-a-l/cloneit.profile +++ b/etc/profile-a-l/cloneit.profile | |||
@@ -17,7 +17,7 @@ include disable-interpreters.inc | |||
17 | include disable-proc.inc | 17 | include disable-proc.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | include whitelist-run-common.inc | 23 | include whitelist-run-common.inc |
diff --git a/etc/profile-a-l/cointop.profile b/etc/profile-a-l/cointop.profile index aa053e2f7..fa30331e1 100644 --- a/etc/profile-a-l/cointop.profile +++ b/etc/profile-a-l/cointop.profile | |||
@@ -17,7 +17,7 @@ include disable-interpreters.inc | |||
17 | include disable-proc.inc | 17 | include disable-proc.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.config/cointop | 23 | mkdir ${HOME}/.config/cointop |
diff --git a/etc/profile-a-l/curl.profile b/etc/profile-a-l/curl.profile index 1d9ec5fa4..9044e9ac0 100644 --- a/etc/profile-a-l/curl.profile +++ b/etc/profile-a-l/curl.profile | |||
@@ -25,7 +25,7 @@ blacklist ${RUNUSER} | |||
25 | include disable-common.inc | 25 | include disable-common.inc |
26 | include disable-exec.inc | 26 | include disable-exec.inc |
27 | include disable-programs.inc | 27 | include disable-programs.inc |
28 | include disable-X11.inc | 28 | include disable-x11.inc |
29 | # Depending on workflow you can add 'include disable-xdg.inc' to your curl.local. | 29 | # Depending on workflow you can add 'include disable-xdg.inc' to your curl.local. |
30 | #include disable-xdg.inc | 30 | #include disable-xdg.inc |
31 | 31 | ||
diff --git a/etc/profile-a-l/daisy.profile b/etc/profile-a-l/daisy.profile index 40b29a1f5..c6e616414 100644 --- a/etc/profile-a-l/daisy.profile +++ b/etc/profile-a-l/daisy.profile | |||
@@ -15,7 +15,7 @@ include disable-interpreters.inc | |||
15 | include disable-proc.inc | 15 | include disable-proc.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | #include disable-X11.inc # x11 none | 18 | #include disable-x11.inc # x11 none |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
diff --git a/etc/profile-a-l/dbus-send.profile b/etc/profile-a-l/dbus-send.profile index 3a552b929..b54724aa5 100644 --- a/etc/profile-a-l/dbus-send.profile +++ b/etc/profile-a-l/dbus-send.profile | |||
@@ -16,7 +16,7 @@ include disable-interpreters.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-write-mnt.inc | 18 | include disable-write-mnt.inc |
19 | include disable-X11.inc | 19 | include disable-x11.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | #include whitelist-common.inc # see #903 | 22 | #include whitelist-common.inc # see #903 |
diff --git a/etc/profile-a-l/deadlink.profile b/etc/profile-a-l/deadlink.profile index 9b378b455..dd7283ed9 100644 --- a/etc/profile-a-l/deadlink.profile +++ b/etc/profile-a-l/deadlink.profile | |||
@@ -22,7 +22,7 @@ include disable-interpreters.inc | |||
22 | include disable-proc.inc | 22 | include disable-proc.inc |
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | include disable-shell.inc | 24 | include disable-shell.inc |
25 | include disable-X11.inc | 25 | include disable-x11.inc |
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | include whitelist-run-common.inc | 28 | include whitelist-run-common.inc |
diff --git a/etc/profile-a-l/dexios.profile b/etc/profile-a-l/dexios.profile index 7d549d745..936aa9f05 100644 --- a/etc/profile-a-l/dexios.profile +++ b/etc/profile-a-l/dexios.profile | |||
@@ -17,7 +17,7 @@ include disable-interpreters.inc | |||
17 | include disable-proc.inc | 17 | include disable-proc.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | whitelist ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
diff --git a/etc/profile-a-l/dig.profile b/etc/profile-a-l/dig.profile index 80eef569c..6a00475f9 100644 --- a/etc/profile-a-l/dig.profile +++ b/etc/profile-a-l/dig.profile | |||
@@ -17,7 +17,7 @@ include disable-common.inc | |||
17 | include disable-exec.inc | 17 | include disable-exec.inc |
18 | #include disable-interpreters.inc | 18 | #include disable-interpreters.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | #mkfile ${HOME}/.digrc # see #903 | 23 | #mkfile ${HOME}/.digrc # see #903 |
diff --git a/etc/profile-a-l/dnscrypt-proxy.profile b/etc/profile-a-l/dnscrypt-proxy.profile index e27fa202b..49d201d76 100644 --- a/etc/profile-a-l/dnscrypt-proxy.profile +++ b/etc/profile-a-l/dnscrypt-proxy.profile | |||
@@ -17,7 +17,7 @@ include disable-devel.inc | |||
17 | include disable-exec.inc | 17 | include disable-exec.inc |
18 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | whitelist /usr/share/dnscrypt-proxy | 23 | whitelist /usr/share/dnscrypt-proxy |
diff --git a/etc/profile-a-l/dnsmasq.profile b/etc/profile-a-l/dnsmasq.profile index b41eff3ae..2ce980cb1 100644 --- a/etc/profile-a-l/dnsmasq.profile +++ b/etc/profile-a-l/dnsmasq.profile | |||
@@ -17,7 +17,7 @@ include disable-common.inc | |||
17 | include disable-devel.inc | 17 | include disable-devel.inc |
18 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | whitelist /var/lib/libvirt/dnsmasq | 23 | whitelist /var/lib/libvirt/dnsmasq |
diff --git a/etc/profile-a-l/drill.profile b/etc/profile-a-l/drill.profile index 95e86e5b9..2205f52a0 100644 --- a/etc/profile-a-l/drill.profile +++ b/etc/profile-a-l/drill.profile | |||
@@ -16,7 +16,7 @@ include disable-common.inc | |||
16 | include disable-exec.inc | 16 | include disable-exec.inc |
17 | #include disable-interpreters.inc | 17 | #include disable-interpreters.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-X11.inc | 19 | include disable-x11.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | #include whitelist-common.inc # see #903 | 22 | #include whitelist-common.inc # see #903 |
diff --git a/etc/profile-a-l/editorconfiger.profile b/etc/profile-a-l/editorconfiger.profile index 8812db35f..654d65ee0 100644 --- a/etc/profile-a-l/editorconfiger.profile +++ b/etc/profile-a-l/editorconfiger.profile | |||
@@ -16,7 +16,7 @@ include disable-interpreters.inc | |||
16 | include disable-proc.inc | 16 | include disable-proc.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | include disable-X11.inc | 19 | include disable-x11.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | apparmor | 22 | apparmor |
diff --git a/etc/profile-a-l/erd.profile b/etc/profile-a-l/erd.profile index d821f5882..e72b75e75 100644 --- a/etc/profile-a-l/erd.profile +++ b/etc/profile-a-l/erd.profile | |||
@@ -8,7 +8,7 @@ include erd.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | include disable-exec.inc | 10 | include disable-exec.inc |
11 | #include disable-X11.inc # x11 none | 11 | #include disable-x11.inc # x11 none |
12 | 12 | ||
13 | apparmor | 13 | apparmor |
14 | caps.drop all | 14 | caps.drop all |
diff --git a/etc/profile-a-l/fdns.profile b/etc/profile-a-l/fdns.profile index cacd7025d..2d956f5a4 100644 --- a/etc/profile-a-l/fdns.profile +++ b/etc/profile-a-l/fdns.profile | |||
@@ -15,7 +15,7 @@ include disable-devel.inc | |||
15 | include disable-exec.inc | 15 | include disable-exec.inc |
16 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | #include whitelist-usr-share-common.inc | 21 | #include whitelist-usr-share-common.inc |
diff --git a/etc/profile-a-l/ftp.profile b/etc/profile-a-l/ftp.profile index f448ab932..e133deba2 100644 --- a/etc/profile-a-l/ftp.profile +++ b/etc/profile-a-l/ftp.profile | |||
@@ -17,7 +17,7 @@ include disable-proc.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | #include disable-shell.inc | 18 | #include disable-shell.inc |
19 | include disable-write-mnt.inc | 19 | include disable-write-mnt.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | apparmor | 23 | apparmor |
diff --git a/etc/profile-a-l/gget.profile b/etc/profile-a-l/gget.profile index e0268a68c..eff215381 100644 --- a/etc/profile-a-l/gget.profile +++ b/etc/profile-a-l/gget.profile | |||
@@ -15,7 +15,7 @@ include disable-exec.inc | |||
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | whitelist ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
diff --git a/etc/profile-a-l/gist.profile b/etc/profile-a-l/gist.profile index c7be8dcc5..4dff73c54 100644 --- a/etc/profile-a-l/gist.profile +++ b/etc/profile-a-l/gist.profile | |||
@@ -19,7 +19,7 @@ include disable-devel.inc | |||
19 | include disable-exec.inc | 19 | include disable-exec.inc |
20 | include disable-interpreters.inc | 20 | include disable-interpreters.inc |
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-X11.inc | 22 | include disable-x11.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.gist | 25 | mkdir ${HOME}/.gist |
diff --git a/etc/profile-a-l/git.profile b/etc/profile-a-l/git.profile index a900e10f3..f2fd63e1b 100644 --- a/etc/profile-a-l/git.profile +++ b/etc/profile-a-l/git.profile | |||
@@ -33,7 +33,7 @@ blacklist ${RUNUSER}/wayland-* | |||
33 | include disable-common.inc | 33 | include disable-common.inc |
34 | include disable-exec.inc | 34 | include disable-exec.inc |
35 | include disable-programs.inc | 35 | include disable-programs.inc |
36 | include disable-X11.inc | 36 | include disable-x11.inc |
37 | 37 | ||
38 | whitelist /usr/share/git | 38 | whitelist /usr/share/git |
39 | whitelist /usr/share/git-core | 39 | whitelist /usr/share/git-core |
diff --git a/etc/profile-a-l/gnome-keyring-daemon.profile b/etc/profile-a-l/gnome-keyring-daemon.profile index 0370b0472..b8c51991c 100644 --- a/etc/profile-a-l/gnome-keyring-daemon.profile +++ b/etc/profile-a-l/gnome-keyring-daemon.profile | |||
@@ -14,8 +14,8 @@ include disable-devel.inc | |||
14 | include disable-exec.inc | 14 | include disable-exec.inc |
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | #include disable-X11.inc # x11 none | 17 | #include disable-x11.inc # x11 none |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | whitelist ${RUNUSER}/gnupg | 21 | whitelist ${RUNUSER}/gnupg |
diff --git a/etc/profile-a-l/googler-common.profile b/etc/profile-a-l/googler-common.profile index e1ec5f4b9..823228612 100644 --- a/etc/profile-a-l/googler-common.profile +++ b/etc/profile-a-l/googler-common.profile | |||
@@ -22,7 +22,7 @@ include disable-exec.inc | |||
22 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | include disable-shell.inc | 24 | include disable-shell.inc |
25 | include disable-X11.inc | 25 | include disable-x11.inc |
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | whitelist ${HOME}/.w3m | 28 | whitelist ${HOME}/.w3m |
diff --git a/etc/profile-a-l/gpg-agent.profile b/etc/profile-a-l/gpg-agent.profile index 29249cf21..102a4ef24 100644 --- a/etc/profile-a-l/gpg-agent.profile +++ b/etc/profile-a-l/gpg-agent.profile | |||
@@ -15,7 +15,7 @@ include disable-common.inc | |||
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.gnupg | 21 | mkdir ${HOME}/.gnupg |
diff --git a/etc/profile-a-l/gpg.profile b/etc/profile-a-l/gpg.profile index 02dd3b076..6becc80eb 100644 --- a/etc/profile-a-l/gpg.profile +++ b/etc/profile-a-l/gpg.profile | |||
@@ -15,7 +15,7 @@ include disable-common.inc | |||
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | 19 | ||
20 | whitelist ${RUNUSER}/gnupg | 20 | whitelist ${RUNUSER}/gnupg |
21 | whitelist ${RUNUSER}/keyring | 21 | whitelist ${RUNUSER}/keyring |
diff --git a/etc/profile-a-l/links-common.profile b/etc/profile-a-l/links-common.profile index 4bab6b0cc..fd0aab879 100644 --- a/etc/profile-a-l/links-common.profile +++ b/etc/profile-a-l/links-common.profile | |||
@@ -13,7 +13,7 @@ include disable-interpreters.inc | |||
13 | # Additional noblacklist files/directories (blacklisted in disable-programs.inc) | 13 | # Additional noblacklist files/directories (blacklisted in disable-programs.inc) |
14 | # used as associated programs can be added in your links-common.local. | 14 | # used as associated programs can be added in your links-common.local. |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-X11.inc | 16 | include disable-x11.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
diff --git a/etc/profile-a-l/lynx.profile b/etc/profile-a-l/lynx.profile index 2c61147ec..233bdafb6 100644 --- a/etc/profile-a-l/lynx.profile +++ b/etc/profile-a-l/lynx.profile | |||
@@ -13,7 +13,7 @@ include disable-common.inc | |||
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-X11.inc | 16 | include disable-x11.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | include whitelist-runuser-common.inc | 19 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/makepkg.profile b/etc/profile-m-z/makepkg.profile index a8dd3988b..148e06840 100644 --- a/etc/profile-m-z/makepkg.profile +++ b/etc/profile-m-z/makepkg.profile | |||
@@ -32,7 +32,7 @@ noblacklist /var/lib/pacman | |||
32 | include disable-common.inc | 32 | include disable-common.inc |
33 | include disable-exec.inc | 33 | include disable-exec.inc |
34 | include disable-programs.inc | 34 | include disable-programs.inc |
35 | include disable-X11.inc | 35 | include disable-x11.inc |
36 | 36 | ||
37 | caps.drop all | 37 | caps.drop all |
38 | ipc-namespace | 38 | ipc-namespace |
diff --git a/etc/profile-m-z/mimetype.profile b/etc/profile-m-z/mimetype.profile index 4b62624bb..6d9af90cb 100644 --- a/etc/profile-m-z/mimetype.profile +++ b/etc/profile-m-z/mimetype.profile | |||
@@ -11,7 +11,7 @@ blacklist ${RUNUSER}/wayland-* | |||
11 | 11 | ||
12 | include disable-exec.inc | 12 | include disable-exec.inc |
13 | include disable-proc.inc | 13 | include disable-proc.inc |
14 | include disable-X11.inc | 14 | include disable-x11.inc |
15 | 15 | ||
16 | apparmor | 16 | apparmor |
17 | caps.drop all | 17 | caps.drop all |
diff --git a/etc/profile-m-z/mocp.profile b/etc/profile-m-z/mocp.profile index d80e263b6..18e7331f3 100644 --- a/etc/profile-m-z/mocp.profile +++ b/etc/profile-m-z/mocp.profile | |||
@@ -18,7 +18,7 @@ include disable-exec.inc | |||
18 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
19 | include disable-proc.inc | 19 | include disable-proc.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-X11.inc | 21 | include disable-x11.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.moc | 24 | mkdir ${HOME}/.moc |
diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index 447301d46..0f43a9335 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile | |||
@@ -50,7 +50,7 @@ include disable-devel.inc | |||
50 | include disable-exec.inc | 50 | include disable-exec.inc |
51 | include disable-interpreters.inc | 51 | include disable-interpreters.inc |
52 | include disable-programs.inc | 52 | include disable-programs.inc |
53 | include disable-X11.inc | 53 | include disable-x11.inc |
54 | include disable-xdg.inc | 54 | include disable-xdg.inc |
55 | 55 | ||
56 | mkdir ${HOME}/.Mail | 56 | mkdir ${HOME}/.Mail |
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index 22720422b..4101e74ee 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile | |||
@@ -48,7 +48,7 @@ include disable-devel.inc | |||
48 | include disable-exec.inc | 48 | include disable-exec.inc |
49 | include disable-interpreters.inc | 49 | include disable-interpreters.inc |
50 | include disable-programs.inc | 50 | include disable-programs.inc |
51 | include disable-X11.inc | 51 | include disable-x11.inc |
52 | include disable-xdg.inc | 52 | include disable-xdg.inc |
53 | 53 | ||
54 | mkdir ${HOME}/.Mail | 54 | mkdir ${HOME}/.Mail |
diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile index f301196c6..43fafc3de 100644 --- a/etc/profile-m-z/nodejs-common.profile +++ b/etc/profile-m-z/nodejs-common.profile | |||
@@ -39,7 +39,7 @@ include disable-common.inc | |||
39 | include disable-exec.inc | 39 | include disable-exec.inc |
40 | include disable-programs.inc | 40 | include disable-programs.inc |
41 | include disable-shell.inc | 41 | include disable-shell.inc |
42 | include disable-X11.inc | 42 | include disable-x11.inc |
43 | include disable-xdg.inc | 43 | include disable-xdg.inc |
44 | 44 | ||
45 | # If you want whitelisting, change ${HOME}/Projects below to your node projects directory | 45 | # If you want whitelisting, change ${HOME}/Projects below to your node projects directory |
diff --git a/etc/profile-m-z/nslookup.profile b/etc/profile-m-z/nslookup.profile index aae506b0b..5313d2906 100644 --- a/etc/profile-m-z/nslookup.profile +++ b/etc/profile-m-z/nslookup.profile | |||
@@ -16,7 +16,7 @@ include disable-devel.inc | |||
16 | include disable-exec.inc | 16 | include disable-exec.inc |
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-X11.inc | 19 | include disable-x11.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | whitelist ${HOME}/.nslookuprc | 22 | whitelist ${HOME}/.nslookuprc |
diff --git a/etc/profile-m-z/ping.profile b/etc/profile-m-z/ping.profile index c3aa0a501..785de68cb 100644 --- a/etc/profile-m-z/ping.profile +++ b/etc/profile-m-z/ping.profile | |||
@@ -15,7 +15,7 @@ include disable-exec.inc | |||
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-proc.inc | 16 | include disable-proc.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | #include whitelist-common.inc # see #903 | 21 | #include whitelist-common.inc # see #903 |
diff --git a/etc/profile-m-z/qpdf.profile b/etc/profile-m-z/qpdf.profile index edec7cf0a..a5b65aa8e 100644 --- a/etc/profile-m-z/qpdf.profile +++ b/etc/profile-m-z/qpdf.profile | |||
@@ -18,7 +18,7 @@ include disable-interpreters.inc | |||
18 | include disable-proc.inc | 18 | include disable-proc.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-shell.inc | 20 | include disable-shell.inc |
21 | include disable-X11.inc | 21 | include disable-x11.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | whitelist ${DOCUMENTS} | 24 | whitelist ${DOCUMENTS} |
diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index 52ccb4309..12724a077 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile | |||
@@ -19,7 +19,7 @@ include disable-exec.inc | |||
19 | include disable-interpreters.inc | 19 | include disable-interpreters.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-shell.inc | 21 | include disable-shell.inc |
22 | include disable-X11.inc | 22 | include disable-x11.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | # Add the next line to your rsync-download_only.local to enable extra hardening. | 25 | # Add the next line to your rsync-download_only.local to enable extra hardening. |
diff --git a/etc/profile-m-z/rtv.profile b/etc/profile-m-z/rtv.profile index e719b0d0d..5219f73f6 100644 --- a/etc/profile-m-z/rtv.profile +++ b/etc/profile-m-z/rtv.profile | |||
@@ -27,7 +27,7 @@ include disable-devel.inc | |||
27 | include disable-exec.inc | 27 | include disable-exec.inc |
28 | include disable-interpreters.inc | 28 | include disable-interpreters.inc |
29 | include disable-programs.inc | 29 | include disable-programs.inc |
30 | include disable-X11.inc | 30 | include disable-x11.inc |
31 | include disable-xdg.inc | 31 | include disable-xdg.inc |
32 | 32 | ||
33 | mkdir ${HOME}/.config/rtv | 33 | mkdir ${HOME}/.config/rtv |
diff --git a/etc/profile-m-z/seahorse-daemon.profile b/etc/profile-m-z/seahorse-daemon.profile index b3ead7191..f409b1930 100644 --- a/etc/profile-m-z/seahorse-daemon.profile +++ b/etc/profile-m-z/seahorse-daemon.profile | |||
@@ -9,7 +9,7 @@ include seahorse-daemon.local | |||
9 | #include globals.local | 9 | #include globals.local |
10 | 10 | ||
11 | blacklist ${RUNUSER}/wayland-* | 11 | blacklist ${RUNUSER}/wayland-* |
12 | include disable-X11.inc | 12 | include disable-x11.inc |
13 | 13 | ||
14 | memory-deny-write-execute | 14 | memory-deny-write-execute |
15 | 15 | ||
diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile index a77cf7e0b..a2978ab19 100644 --- a/etc/profile-m-z/server.profile +++ b/etc/profile-m-z/server.profile | |||
@@ -44,7 +44,7 @@ include disable-common.inc | |||
44 | #include disable-interpreters.inc | 44 | #include disable-interpreters.inc |
45 | include disable-programs.inc | 45 | include disable-programs.inc |
46 | include disable-write-mnt.inc | 46 | include disable-write-mnt.inc |
47 | include disable-X11.inc | 47 | include disable-x11.inc |
48 | include disable-xdg.inc | 48 | include disable-xdg.inc |
49 | 49 | ||
50 | #include whitelist-runuser-common.inc | 50 | #include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/signal-cli.profile b/etc/profile-m-z/signal-cli.profile index 979d71b33..67bb45141 100644 --- a/etc/profile-m-z/signal-cli.profile +++ b/etc/profile-m-z/signal-cli.profile | |||
@@ -17,7 +17,7 @@ include disable-devel.inc | |||
17 | include disable-exec.inc | 17 | include disable-exec.inc |
18 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.local/share/signal-cli | 23 | mkdir ${HOME}/.local/share/signal-cli |
diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile index 6630244be..97ddfd292 100644 --- a/etc/profile-m-z/ssh-agent.profile +++ b/etc/profile-m-z/ssh-agent.profile | |||
@@ -13,7 +13,7 @@ blacklist ${RUNUSER}/wayland-* | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-X11.inc | 16 | include disable-x11.inc |
17 | 17 | ||
18 | include whitelist-usr-share-common.inc | 18 | include whitelist-usr-share-common.inc |
19 | 19 | ||
diff --git a/etc/profile-m-z/ssmtp.profile b/etc/profile-m-z/ssmtp.profile index 356a732e7..8e2c21498 100644 --- a/etc/profile-m-z/ssmtp.profile +++ b/etc/profile-m-z/ssmtp.profile | |||
@@ -24,7 +24,7 @@ include disable-interpreters.inc | |||
24 | include disable-proc.inc | 24 | include disable-proc.inc |
25 | include disable-programs.inc | 25 | include disable-programs.inc |
26 | include disable-shell.inc | 26 | include disable-shell.inc |
27 | include disable-X11.inc | 27 | include disable-x11.inc |
28 | include disable-xdg.inc | 28 | include disable-xdg.inc |
29 | 29 | ||
30 | mkfile ${HOME}/dead.letter | 30 | mkfile ${HOME}/dead.letter |
diff --git a/etc/profile-m-z/statusof.profile b/etc/profile-m-z/statusof.profile index 45da84e11..6422f979b 100644 --- a/etc/profile-m-z/statusof.profile +++ b/etc/profile-m-z/statusof.profile | |||
@@ -20,7 +20,7 @@ include disable-interpreters.inc | |||
20 | include disable-proc.inc | 20 | include disable-proc.inc |
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-shell.inc | 22 | include disable-shell.inc |
23 | include disable-X11.inc | 23 | include disable-x11.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
diff --git a/etc/profile-m-z/telnet.profile b/etc/profile-m-z/telnet.profile index 13a47c958..ec27b89a8 100644 --- a/etc/profile-m-z/telnet.profile +++ b/etc/profile-m-z/telnet.profile | |||
@@ -17,7 +17,7 @@ include disable-proc.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | #include disable-shell.inc | 18 | #include disable-shell.inc |
19 | include disable-write-mnt.inc | 19 | include disable-write-mnt.inc |
20 | include disable-X11.inc | 20 | include disable-x11.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | apparmor | 23 | apparmor |
diff --git a/etc/profile-m-z/termshark.profile b/etc/profile-m-z/termshark.profile index bdee14e64..64f52cf6d 100644 --- a/etc/profile-m-z/termshark.profile +++ b/etc/profile-m-z/termshark.profile | |||
@@ -10,7 +10,7 @@ include termshark.local | |||
10 | 10 | ||
11 | blacklist ${RUNUSER} | 11 | blacklist ${RUNUSER} |
12 | 12 | ||
13 | include disable-X11.inc | 13 | include disable-x11.inc |
14 | 14 | ||
15 | # Redirect | 15 | # Redirect |
16 | include wireshark.profile | 16 | include wireshark.profile |
diff --git a/etc/profile-m-z/tin.profile b/etc/profile-m-z/tin.profile index 7c1d534e9..865735a79 100644 --- a/etc/profile-m-z/tin.profile +++ b/etc/profile-m-z/tin.profile | |||
@@ -18,7 +18,7 @@ include disable-exec.inc | |||
18 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-shell.inc | 20 | include disable-shell.inc |
21 | include disable-X11.inc | 21 | include disable-x11.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.tin | 24 | mkdir ${HOME}/.tin |
diff --git a/etc/profile-m-z/tmux.profile b/etc/profile-m-z/tmux.profile index 55d84a618..a846b7f02 100644 --- a/etc/profile-m-z/tmux.profile +++ b/etc/profile-m-z/tmux.profile | |||
@@ -15,7 +15,7 @@ noblacklist /tmp/tmux-* | |||
15 | #include disable-devel.inc | 15 | #include disable-devel.inc |
16 | #include disable-exec.inc | 16 | #include disable-exec.inc |
17 | #include disable-programs.inc | 17 | #include disable-programs.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | 19 | ||
20 | caps.drop all | 20 | caps.drop all |
21 | ipc-namespace | 21 | ipc-namespace |
diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile index 8a3464496..d7de4310f 100644 --- a/etc/profile-m-z/tracker.profile +++ b/etc/profile-m-z/tracker.profile | |||
@@ -15,7 +15,7 @@ include disable-devel.inc | |||
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-X11.inc | 18 | include disable-x11.inc |
19 | 19 | ||
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/tshark.profile b/etc/profile-m-z/tshark.profile index fab45a334..8e57de6cb 100644 --- a/etc/profile-m-z/tshark.profile +++ b/etc/profile-m-z/tshark.profile | |||
@@ -9,7 +9,7 @@ include tshark.local | |||
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | blacklist ${RUNUSER} |
11 | 11 | ||
12 | include disable-X11.inc | 12 | include disable-x11.inc |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include wireshark.profile | 15 | include wireshark.profile |
diff --git a/etc/profile-m-z/tvnamer.profile b/etc/profile-m-z/tvnamer.profile index 19c94feea..c71434f2a 100644 --- a/etc/profile-m-z/tvnamer.profile +++ b/etc/profile-m-z/tvnamer.profile | |||
@@ -23,7 +23,7 @@ include disable-interpreters.inc | |||
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | include disable-proc.inc | 24 | include disable-proc.inc |
25 | include disable-shell.inc | 25 | include disable-shell.inc |
26 | include disable-X11.inc | 26 | include disable-x11.inc |
27 | include disable-xdg.inc | 27 | include disable-xdg.inc |
28 | 28 | ||
29 | mkdir ${HOME}/.config/tvnamer | 29 | mkdir ${HOME}/.config/tvnamer |
diff --git a/etc/profile-m-z/unbound.profile b/etc/profile-m-z/unbound.profile index dfce92e2d..c12054d47 100644 --- a/etc/profile-m-z/unbound.profile +++ b/etc/profile-m-z/unbound.profile | |||
@@ -16,7 +16,7 @@ include disable-devel.inc | |||
16 | include disable-exec.inc | 16 | include disable-exec.inc |
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-X11.inc | 19 | include disable-x11.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | whitelist /usr/share/dns | 22 | whitelist /usr/share/dns |
diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index 4e2f1bb3e..6c8d84ea4 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile | |||
@@ -28,7 +28,7 @@ include disable-exec.inc | |||
28 | include disable-interpreters.inc | 28 | include disable-interpreters.inc |
29 | include disable-programs.inc | 29 | include disable-programs.inc |
30 | include disable-shell.inc | 30 | include disable-shell.inc |
31 | include disable-X11.inc | 31 | include disable-x11.inc |
32 | include disable-xdg.inc | 32 | include disable-xdg.inc |
33 | 33 | ||
34 | mkdir ${HOME}/.w3m | 34 | mkdir ${HOME}/.w3m |
diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index 90a1d3d7a..dacfd739e 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile | |||
@@ -23,7 +23,7 @@ include disable-exec.inc | |||
23 | include disable-interpreters.inc | 23 | include disable-interpreters.inc |
24 | include disable-programs.inc | 24 | include disable-programs.inc |
25 | include disable-shell.inc | 25 | include disable-shell.inc |
26 | include disable-X11.inc | 26 | include disable-x11.inc |
27 | # Depending on workflow you can add the next line to your wget.local. | 27 | # Depending on workflow you can add the next line to your wget.local. |
28 | #include disable-xdg.inc | 28 | #include disable-xdg.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile index e7f66cf76..42ce3bc5c 100644 --- a/etc/profile-m-z/whois.profile +++ b/etc/profile-m-z/whois.profile | |||
@@ -14,7 +14,7 @@ include disable-devel.inc | |||
14 | include disable-exec.inc | 14 | include disable-exec.inc |
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-X11.inc | 17 | include disable-x11.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/yt-dlp.profile b/etc/profile-m-z/yt-dlp.profile index 6dd9d03a3..41cf907bd 100644 --- a/etc/profile-m-z/yt-dlp.profile +++ b/etc/profile-m-z/yt-dlp.profile | |||
@@ -37,7 +37,7 @@ include disable-exec.inc | |||
37 | include disable-interpreters.inc | 37 | include disable-interpreters.inc |
38 | include disable-programs.inc | 38 | include disable-programs.inc |
39 | include disable-shell.inc | 39 | include disable-shell.inc |
40 | include disable-X11.inc | 40 | include disable-x11.inc |
41 | include disable-xdg.inc | 41 | include disable-xdg.inc |
42 | 42 | ||
43 | include whitelist-usr-share-common.inc | 43 | include whitelist-usr-share-common.inc |
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 29ea55439..347cbeb3c 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
@@ -120,7 +120,7 @@ include globals.local | |||
120 | #include disable-programs.inc | 120 | #include disable-programs.inc |
121 | #include disable-shell.inc | 121 | #include disable-shell.inc |
122 | #include disable-write-mnt.inc | 122 | #include disable-write-mnt.inc |
123 | #include disable-X11.inc | 123 | #include disable-x11.inc |
124 | #include disable-xdg.inc | 124 | #include disable-xdg.inc |
125 | 125 | ||
126 | # This section often mirrors noblacklist section above. The idea is | 126 | # This section often mirrors noblacklist section above. The idea is |
@@ -181,7 +181,7 @@ include globals.local | |||
181 | #seccomp.block-secondary | 181 | #seccomp.block-secondary |
182 | ##seccomp-error-action log (only for debugging seccomp issues) | 182 | ##seccomp-error-action log (only for debugging seccomp issues) |
183 | #tracelog | 183 | #tracelog |
184 | # Prefer 'x11 none' instead of 'disable-X11.inc' if 'net none' is set | 184 | # Prefer 'x11 none' instead of 'disable-x11.inc' if 'net none' is set |
185 | ##x11 none | 185 | ##x11 none |
186 | 186 | ||
187 | #disable-mnt | 187 | #disable-mnt |