diff options
author | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-02 21:01:08 +0200 |
---|---|---|
committer | rusty-snake <print_hello_world+Public@protonmail.com> | 2019-06-02 21:01:08 +0200 |
commit | 109b1865669ac1038454023762fb83cd0ebf6cca (patch) | |
tree | efd9bc13c2c6e7f583709e3d46f2e9fe120de9bf /etc | |
parent | many profile cleanups (2) (diff) | |
download | firejail-109b1865669ac1038454023762fb83cd0ebf6cca.tar.gz firejail-109b1865669ac1038454023762fb83cd0ebf6cca.tar.zst firejail-109b1865669ac1038454023762fb83cd0ebf6cca.zip |
many profile cleanups (3)
Diffstat (limited to 'etc')
42 files changed, 76 insertions, 53 deletions
diff --git a/etc/JDownloader.profile b/etc/JDownloader.profile index c00730ef4..1435f3422 100644 --- a/etc/JDownloader.profile +++ b/etc/JDownloader.profile | |||
@@ -5,7 +5,6 @@ include JDownloader.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | |||
9 | noblacklist ${HOME}/.jd | 8 | noblacklist ${HOME}/.jd |
10 | 9 | ||
11 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
diff --git a/etc/Mathematica.profile b/etc/Mathematica.profile index 6aba2678b..c2734b1c1 100644 --- a/etc/Mathematica.profile +++ b/etc/Mathematica.profile | |||
@@ -16,6 +16,7 @@ include disable-programs.inc | |||
16 | 16 | ||
17 | mkdir ${HOME}/.Mathematica | 17 | mkdir ${HOME}/.Mathematica |
18 | mkdir ${HOME}/.Wolfram Research | 18 | mkdir ${HOME}/.Wolfram Research |
19 | mkdir ${HOME}/Documents/Wolfram Mathematica | ||
19 | whitelist ${HOME}/.Mathematica | 20 | whitelist ${HOME}/.Mathematica |
20 | whitelist ${HOME}/.Wolfram Research | 21 | whitelist ${HOME}/.Wolfram Research |
21 | whitelist ${HOME}/Documents/Wolfram Mathematica | 22 | whitelist ${HOME}/Documents/Wolfram Mathematica |
diff --git a/etc/Viber.profile b/etc/Viber.profile index 3f3ee8590..40358aa87 100644 --- a/etc/Viber.profile +++ b/etc/Viber.profile | |||
@@ -5,7 +5,6 @@ include Viber.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | |||
9 | noblacklist ${HOME}/.ViberPC | 8 | noblacklist ${HOME}/.ViberPC |
10 | 9 | ||
11 | include disable-common.inc | 10 | include disable-common.inc |
@@ -15,6 +14,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 15 | include disable-programs.inc |
17 | 16 | ||
17 | mkdir ${HOME}/.ViberPC | ||
18 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
19 | whitelist ${HOME}/.ViberPC | 19 | whitelist ${HOME}/.ViberPC |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
@@ -36,5 +36,4 @@ private-bin sh,bash,dig,awk,Viber | |||
36 | private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf | 36 | private-etc hosts,fonts,mailcap,resolv.conf,X11,pulse,alternatives,localtime,nsswitch.conf,ssl,proxychains.conf,pki,ca-certificates,crypto-policies,machine-id,asound.conf |
37 | private-tmp | 37 | private-tmp |
38 | 38 | ||
39 | |||
40 | env QTWEBENGINE_DISABLE_SANDBOX=1 | 39 | env QTWEBENGINE_DISABLE_SANDBOX=1 |
diff --git a/etc/amule.profile b/etc/amule.profile index 7cb2130bb..feb4a5e7e 100644 --- a/etc/amule.profile +++ b/etc/amule.profile | |||
@@ -6,7 +6,6 @@ include amule.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | |||
10 | noblacklist ${HOME}/.aMule | 9 | noblacklist ${HOME}/.aMule |
11 | 10 | ||
12 | include disable-common.inc | 11 | include disable-common.inc |
@@ -16,6 +15,7 @@ include disable-interpreters.inc | |||
16 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 16 | include disable-programs.inc |
18 | 17 | ||
18 | mkdir ${HOME}/.aMule | ||
19 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
20 | whitelist ${HOME}/.aMule | 20 | whitelist ${HOME}/.aMule |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
diff --git a/etc/anki.profile b/etc/anki.profile index f7fa8c780..d50c720f7 100644 --- a/etc/anki.profile +++ b/etc/anki.profile | |||
@@ -21,6 +21,7 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.local/share/Anki2 | ||
24 | whitelist ${DOCUMENTS} | 25 | whitelist ${DOCUMENTS} |
25 | whitelist ${HOME}/.local/share/Anki2 | 26 | whitelist ${HOME}/.local/share/Anki2 |
26 | include whitelist-common.inc | 27 | include whitelist-common.inc |
diff --git a/etc/assogiate.profile b/etc/assogiate.profile index 6a9848e83..02a4798f4 100644 --- a/etc/assogiate.profile +++ b/etc/assogiate.profile | |||
@@ -7,7 +7,6 @@ include assogiate.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${PICTURES} | 9 | noblacklist ${PICTURES} |
10 | whitelist ${PICTURES} | ||
11 | 10 | ||
12 | include disable-common.inc | 11 | include disable-common.inc |
13 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,6 +15,8 @@ include disable-interpreters.inc | |||
16 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 16 | include disable-programs.inc |
18 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | |||
19 | whitelist ${PICTURES} | ||
19 | include whitelist-common.inc | 20 | include whitelist-common.inc |
20 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
21 | 22 | ||
diff --git a/etc/basilisk.profile b/etc/basilisk.profile index 5f9fc8ef7..5bc91dc74 100644 --- a/etc/basilisk.profile +++ b/etc/basilisk.profile | |||
@@ -10,7 +10,6 @@ noblacklist ${HOME}/.moonchild productions/basilisk | |||
10 | 10 | ||
11 | mkdir ${HOME}/.cache/moonchild productions/basilisk | 11 | mkdir ${HOME}/.cache/moonchild productions/basilisk |
12 | mkdir ${HOME}/.moonchild productions | 12 | mkdir ${HOME}/.moonchild productions |
13 | whitelist ${DOWNLOADS} | ||
14 | whitelist ${HOME}/.cache/moonchild productions/basilisk | 13 | whitelist ${HOME}/.cache/moonchild productions/basilisk |
15 | whitelist ${HOME}/.moonchild productions | 14 | whitelist ${HOME}/.moonchild productions |
16 | 15 | ||
diff --git a/etc/chromium.profile b/etc/chromium.profile index dab9ce449..1c977a8ba 100644 --- a/etc/chromium.profile +++ b/etc/chromium.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.config/chromium-flags.conf | |||
12 | 12 | ||
13 | mkdir ${HOME}/.cache/chromium | 13 | mkdir ${HOME}/.cache/chromium |
14 | mkdir ${HOME}/.config/chromium | 14 | mkdir ${HOME}/.config/chromium |
15 | mkfile ${HOME}/.config/chromium-flags.conf | ||
15 | whitelist ${HOME}/.cache/chromium | 16 | whitelist ${HOME}/.cache/chromium |
16 | whitelist ${HOME}/.config/chromium | 17 | whitelist ${HOME}/.config/chromium |
17 | whitelist ${HOME}/.config/chromium-flags.conf | 18 | whitelist ${HOME}/.config/chromium-flags.conf |
diff --git a/etc/conkeror.profile b/etc/conkeror.profile index 21bef48a4..38edf0d21 100644 --- a/etc/conkeror.profile +++ b/etc/conkeror.profile | |||
@@ -10,9 +10,10 @@ noblacklist ${HOME}/.conkeror.mozdev.org | |||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-programs.inc | 11 | include disable-programs.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.conkeror.mozdev.org | ||
14 | mkfile ${HOME}/.conkerorrc | ||
13 | whitelist ${HOME}/.conkeror.mozdev.org | 15 | whitelist ${HOME}/.conkeror.mozdev.org |
14 | whitelist ${HOME}/.conkerorrc | 16 | whitelist ${HOME}/.conkerorrc |
15 | whitelist ${HOME}/.gtkrc-2.0 | ||
16 | whitelist ${HOME}/.lastpass | 17 | whitelist ${HOME}/.lastpass |
17 | whitelist ${HOME}/.pentadactyl | 18 | whitelist ${HOME}/.pentadactyl |
18 | whitelist ${HOME}/.pentadactylrc | 19 | whitelist ${HOME}/.pentadactylrc |
diff --git a/etc/cower.profile b/etc/cower.profile index bc1eeedc0..69575cea4 100644 --- a/etc/cower.profile +++ b/etc/cower.profile | |||
@@ -1,20 +1,13 @@ | |||
1 | # Firejail profile for cower | 1 | # Firejail profile for cower |
2 | # Description: a simple AUR agent with a pretentious name | ||
2 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
3 | |||
4 | # This profile could be significantly strengthened by adding the following to cower.local | ||
5 | # whitelist ${HOME}/<Your Build Folder> | ||
6 | # whitelist ${HOME}/.config/cower/ | ||
7 | |||
8 | quiet | 4 | quiet |
9 | |||
10 | # Persistent local customizations | 5 | # Persistent local customizations |
11 | include cower.local | 6 | include cower.local |
12 | # Persistent global definitions | 7 | # Persistent global definitions |
13 | include globals.local | 8 | include globals.local |
14 | 9 | ||
15 | noblacklist ${HOME}/.config/cower/config | 10 | noblacklist ${HOME}/.config/cower |
16 | read-only ${HOME}/.config/cower/config | ||
17 | |||
18 | noblacklist /var/lib/pacman | 11 | noblacklist /var/lib/pacman |
19 | 12 | ||
20 | include disable-common.inc | 13 | include disable-common.inc |
@@ -23,6 +16,11 @@ include disable-exec.inc | |||
23 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-xdg.inc | ||
20 | |||
21 | # This profile could be significantly strengthened by adding the following to cower.local | ||
22 | # whitelist ${HOME}/<Your Build Folder> | ||
23 | # whitelist ${HOME}/.config/cower | ||
26 | 24 | ||
27 | caps.drop all | 25 | caps.drop all |
28 | ipc-namespace | 26 | ipc-namespace |
@@ -42,7 +40,9 @@ shell none | |||
42 | 40 | ||
43 | disable-mnt | 41 | disable-mnt |
44 | private-bin cower | 42 | private-bin cower |
43 | private-cache | ||
45 | private-dev | 44 | private-dev |
46 | private-tmp | 45 | private-tmp |
47 | 46 | ||
48 | memory-deny-write-execute | 47 | memory-deny-write-execute |
48 | read-only ${HOME}/.config/cower/config | ||
diff --git a/etc/dconf-editor.profile b/etc/dconf-editor.profile index 6b7f8f112..7cd39ca6a 100644 --- a/etc/dconf-editor.profile +++ b/etc/dconf-editor.profile | |||
@@ -6,8 +6,6 @@ include dconf-editor.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | whitelist ${HOME}/.local/share/glib-2.0 | ||
10 | |||
11 | include disable-common.inc | 9 | include disable-common.inc |
12 | include disable-devel.inc | 10 | include disable-devel.inc |
13 | include disable-exec.inc | 11 | include disable-exec.inc |
@@ -16,6 +14,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 14 | include disable-programs.inc |
17 | include disable-xdg.inc | 15 | include disable-xdg.inc |
18 | 16 | ||
17 | whitelist ${HOME}/.local/share/glib-2.0 | ||
19 | include whitelist-common.inc | 18 | include whitelist-common.inc |
20 | 19 | ||
21 | apparmor | 20 | apparmor |
@@ -39,7 +38,7 @@ disable-mnt | |||
39 | private-bin dconf-editor | 38 | private-bin dconf-editor |
40 | private-cache | 39 | private-cache |
41 | private-dev | 40 | private-dev |
42 | private-etc alternatives,fonts,machine-id | 41 | private-etc alternatives,dconf,fonts,gtk-3.0,machine-id |
43 | private-lib | 42 | private-lib |
44 | private-tmp | 43 | private-tmp |
45 | 44 | ||
diff --git a/etc/dconf.profile b/etc/dconf.profile index 6ffcddaf5..cf8b4ab43 100644 --- a/etc/dconf.profile +++ b/etc/dconf.profile | |||
@@ -6,8 +6,6 @@ include dconf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | whitelist ${HOME}/.local/share/glib-2.0 | ||
10 | |||
11 | include disable-common.inc | 9 | include disable-common.inc |
12 | include disable-devel.inc | 10 | include disable-devel.inc |
13 | include disable-exec.inc | 11 | include disable-exec.inc |
@@ -16,6 +14,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 14 | include disable-programs.inc |
17 | include disable-xdg.inc | 15 | include disable-xdg.inc |
18 | 16 | ||
17 | whitelist ${HOME}/.local/share/glib-2.0 | ||
19 | # dconf paths are whitelisted by the following | 18 | # dconf paths are whitelisted by the following |
20 | include whitelist-common.inc | 19 | include whitelist-common.inc |
21 | 20 | ||
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index 9d7a34bc5..9d9be1426 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -242,6 +242,7 @@ read-only ${HOME}/.ssh/authorized_keys | |||
242 | 242 | ||
243 | # Initialization files that allow arbitrary command execution | 243 | # Initialization files that allow arbitrary command execution |
244 | read-only ${HOME}/.caffrc | 244 | read-only ${HOME}/.caffrc |
245 | read-only ${HOME}/.cargo/env | ||
245 | read-only ${HOME}/.dotfiles | 246 | read-only ${HOME}/.dotfiles |
246 | read-only ${HOME}/.emacs | 247 | read-only ${HOME}/.emacs |
247 | read-only ${HOME}/.emacs.d | 248 | read-only ${HOME}/.emacs.d |
@@ -275,7 +276,6 @@ read-only ${HOME}/bin | |||
275 | read-only ${HOME}/.bin | 276 | read-only ${HOME}/.bin |
276 | read-only ${HOME}/.local/bin | 277 | read-only ${HOME}/.local/bin |
277 | read-only ${HOME}/.cargo/bin | 278 | read-only ${HOME}/.cargo/bin |
278 | read-only ${HOME}/.cargo/env | ||
279 | blacklist ${HOME}/.cargo/registry | 279 | blacklist ${HOME}/.cargo/registry |
280 | blacklist ${HOME}/.cargo/config | 280 | blacklist ${HOME}/.cargo/config |
281 | 281 | ||
@@ -414,3 +414,12 @@ blacklist /usr/share/flatpak | |||
414 | blacklist /var/lib/flatpak | 414 | blacklist /var/lib/flatpak |
415 | # most of the time bwrap is SUID binary | 415 | # most of the time bwrap is SUID binary |
416 | blacklist ${PATH}/bwrap | 416 | blacklist ${PATH}/bwrap |
417 | |||
418 | # mail directories used by mutt | ||
419 | blacklist ${HOME}/.Mail | ||
420 | blacklist ${HOME}/.mail | ||
421 | blacklist ${HOME}/.signature | ||
422 | blacklist ${HOME}/Mail | ||
423 | blacklist ${HOME}/mail | ||
424 | blacklist ${HOME}/postponed | ||
425 | blacklist ${HOME}/sent | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index d03a709ca..cf0db34d0 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -7,6 +7,7 @@ blacklist ${HOME}/Monero/wallets | |||
7 | blacklist ${HOME}/Nextcloud/Notes | 7 | blacklist ${HOME}/Nextcloud/Notes |
8 | blacklist ${HOME}/SoftMaker | 8 | blacklist ${HOME}/SoftMaker |
9 | blacklist ${HOME}/Standard Notes Backups | 9 | blacklist ${HOME}/Standard Notes Backups |
10 | blacklist ${HOME}/mps | ||
10 | blacklist ${HOME}/wallet.dat | 11 | blacklist ${HOME}/wallet.dat |
11 | blacklist ${HOME}/.*coin | 12 | blacklist ${HOME}/.*coin |
12 | blacklist ${HOME}/.8pecxstudios | 13 | blacklist ${HOME}/.8pecxstudios |
@@ -118,6 +119,7 @@ blacklist ${HOME}/.config/artha.conf | |||
118 | blacklist ${HOME}/.config/asunder | 119 | blacklist ${HOME}/.config/asunder |
119 | blacklist ${HOME}/.config/atril | 120 | blacklist ${HOME}/.config/atril |
120 | blacklist ${HOME}/.config/audacious | 121 | blacklist ${HOME}/.config/audacious |
122 | blacklist ${HOME}/.config/autokey | ||
121 | blacklist ${HOME}/.config/aweather | 123 | blacklist ${HOME}/.config/aweather |
122 | blacklist ${HOME}/.config/baloofilerc | 124 | blacklist ${HOME}/.config/baloofilerc |
123 | blacklist ${HOME}/.config/baloorc | 125 | blacklist ${HOME}/.config/baloorc |
@@ -140,6 +142,7 @@ blacklist ${HOME}/.config/clipit | |||
140 | blacklist ${HOME}/.config/cliqz | 142 | blacklist ${HOME}/.config/cliqz |
141 | blacklist ${HOME}/.config/cmus | 143 | blacklist ${HOME}/.config/cmus |
142 | blacklist ${HOME}/.config/corebird | 144 | blacklist ${HOME}/.config/corebird |
145 | blacklist ${HOME}/.config/cower | ||
143 | blacklist ${HOME}/.config/darktable | 146 | blacklist ${HOME}/.config/darktable |
144 | blacklist ${HOME}/.config/deadbeef | 147 | blacklist ${HOME}/.config/deadbeef |
145 | blacklist ${HOME}/.config/deluge | 148 | blacklist ${HOME}/.config/deluge |
@@ -267,6 +270,7 @@ blacklist ${HOME}/.config/redshift.conf | |||
267 | blacklist ${HOME}/.config/remmina | 270 | blacklist ${HOME}/.config/remmina |
268 | blacklist ${HOME}/.config/ristretto | 271 | blacklist ${HOME}/.config/ristretto |
269 | blacklist ${HOME}/.config/scribus | 272 | blacklist ${HOME}/.config/scribus |
273 | blacklist ${HOME}/.config/scribusrc | ||
270 | blacklist ${HOME}/.config/sinew.in | 274 | blacklist ${HOME}/.config/sinew.in |
271 | blacklist ${HOME}/.config/skypeforlinux | 275 | blacklist ${HOME}/.config/skypeforlinux |
272 | blacklist ${HOME}/.config/slimjet | 276 | blacklist ${HOME}/.config/slimjet |
@@ -455,6 +459,7 @@ blacklist ${HOME}/.local/share/akonadi* | |||
455 | blacklist ${HOME}/.local/share/akregator | 459 | blacklist ${HOME}/.local/share/akregator |
456 | blacklist ${HOME}/.local/share/apps/korganizer | 460 | blacklist ${HOME}/.local/share/apps/korganizer |
457 | blacklist ${HOME}/.local/share/aspyr-media | 461 | blacklist ${HOME}/.local/share/aspyr-media |
462 | blacklist ${HOME}/.local/share/autokey | ||
458 | blacklist ${HOME}/.local/share/baloo | 463 | blacklist ${HOME}/.local/share/baloo |
459 | blacklist ${HOME}/.local/share/bibletime | 464 | blacklist ${HOME}/.local/share/bibletime |
460 | blacklist ${HOME}/.local/share/caja-python | 465 | blacklist ${HOME}/.local/share/caja-python |
diff --git a/etc/dooble.profile b/etc/dooble.profile index 80bcce463..bc197b223 100644 --- a/etc/dooble.profile +++ b/etc/dooble.profile | |||
@@ -1,11 +1,12 @@ | |||
1 | # Firejail profile for dooble | 1 | # Firejail profile for dooble |
2 | # This file is overwritten after every install/update | 2 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include dooble.local | ||
5 | # Backward compatibility | ||
4 | include dooble-qt4.local | 6 | include dooble-qt4.local |
5 | # Persistent global definitions | 7 | # Persistent global definitions |
6 | include globals.local | 8 | include globals.local |
7 | 9 | ||
8 | |||
9 | noblacklist ${HOME}/.dooble | 10 | noblacklist ${HOME}/.dooble |
10 | 11 | ||
11 | include disable-common.inc | 12 | include disable-common.inc |
diff --git a/etc/enpass.profile b/etc/enpass.profile index b337c721d..4ac35bbd6 100644 --- a/etc/enpass.profile +++ b/etc/enpass.profile | |||
@@ -20,12 +20,16 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.cache/Enpass | ||
24 | mkfile ${HOME}/.config/sinew.in | ||
25 | mkdir ${HOME}/.config/Sinew Software Systems | ||
26 | mkdir ${HOME}/.local/share/Enpass | ||
23 | whitelist ${HOME}/.cache/Enpass | 27 | whitelist ${HOME}/.cache/Enpass |
24 | whitelist ${HOME}/.config/sinew.in | 28 | whitelist ${HOME}/.config/sinew.in |
25 | whitelist ${HOME}/.config/Sinew Software Systems | 29 | whitelist ${HOME}/.config/Sinew Software Systems |
26 | whitelist ${HOME}/.local/share/Enpass | 30 | whitelist ${HOME}/.local/share/Enpass |
27 | whitelist ${DOCUMENTS} | 31 | whitelist ${DOCUMENTS} |
28 | 32 | include whitelist-common.inc | |
29 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
30 | 34 | ||
31 | # machine-id and nosound break audio notification functionality | 35 | # machine-id and nosound break audio notification functionality |
diff --git a/etc/falkon.profile b/etc/falkon.profile index af6aaa1a7..cabf5aeba 100644 --- a/etc/falkon.profile +++ b/etc/falkon.profile | |||
@@ -16,6 +16,8 @@ include disable-interpreters.inc | |||
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.cache/falkon | ||
20 | mkdir ${HOME}/.config/falkon | ||
19 | whitelist ${DOWNLOADS} | 21 | whitelist ${DOWNLOADS} |
20 | whitelist ${HOME}/.cache/falkon | 22 | whitelist ${HOME}/.cache/falkon |
21 | whitelist ${HOME}/.config/falkon | 23 | whitelist ${HOME}/.config/falkon |
diff --git a/etc/gpredict.profile b/etc/gpredict.profile index be3742fe3..e6d37ee27 100644 --- a/etc/gpredict.profile +++ b/etc/gpredict.profile | |||
@@ -15,6 +15,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/Gpredict | ||
18 | whitelist ${HOME}/.config/Gpredict | 19 | whitelist ${HOME}/.config/Gpredict |
19 | include whitelist-common.inc | 20 | include whitelist-common.inc |
20 | 21 | ||
diff --git a/etc/mate-calc.profile b/etc/mate-calc.profile index ac5577b4c..2f6020ad3 100644 --- a/etc/mate-calc.profile +++ b/etc/mate-calc.profile | |||
@@ -15,12 +15,13 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/mate-calc | ||
19 | mkdir ${HOME}/.config/caja | ||
20 | mkdir ${HOME}/.config/mate-menu | ||
18 | whitelist ${HOME}/.cache/mate-calc | 21 | whitelist ${HOME}/.cache/mate-calc |
19 | whitelist ${HOME}/.config/caja | 22 | whitelist ${HOME}/.config/caja |
20 | whitelist ${HOME}/.config/gtk-3.0 | ||
21 | whitelist ${HOME}/.config/dconf | ||
22 | whitelist ${HOME}/.config/mate-menu | 23 | whitelist ${HOME}/.config/mate-menu |
23 | whitelist ${HOME}/.themes | 24 | include whitelist-common.inc |
24 | 25 | ||
25 | caps.drop all | 26 | caps.drop all |
26 | net none | 27 | net none |
@@ -40,7 +41,7 @@ shell none | |||
40 | 41 | ||
41 | disable-mnt | 42 | disable-mnt |
42 | private-bin mate-calc,mate-calculator | 43 | private-bin mate-calc,mate-calculator |
43 | private-etc alternatives,fonts | 44 | private-etc alternatives,dconf,fonts,gtk-3.0 |
44 | private-dev | 45 | private-dev |
45 | private-opt none | 46 | private-opt none |
46 | private-tmp | 47 | private-tmp |
diff --git a/etc/mate-color-select.profile b/etc/mate-color-select.profile index bd3631445..f1a7ca18f 100644 --- a/etc/mate-color-select.profile +++ b/etc/mate-color-select.profile | |||
@@ -5,7 +5,6 @@ include mate-color-select.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | |||
9 | include disable-common.inc | 8 | include disable-common.inc |
10 | include disable-devel.inc | 9 | include disable-devel.inc |
11 | include disable-exec.inc | 10 | include disable-exec.inc |
@@ -13,10 +12,7 @@ include disable-interpreters.inc | |||
13 | include disable-passwdmgr.inc | 12 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 13 | include disable-programs.inc |
15 | 14 | ||
16 | whitelist ${HOME}/.config/gtk-3.0 | 15 | include whitelist-common.inc |
17 | whitelist ${HOME}/.fonts | ||
18 | whitelist ${HOME}/.icons | ||
19 | whitelist ${HOME}/.themes | ||
20 | 16 | ||
21 | caps.drop all | 17 | caps.drop all |
22 | netfilter | 18 | netfilter |
diff --git a/etc/mate-dictionary.profile b/etc/mate-dictionary.profile index 1217910a0..d1dc76260 100644 --- a/etc/mate-dictionary.profile +++ b/etc/mate-dictionary.profile | |||
@@ -14,11 +14,9 @@ include disable-interpreters.inc | |||
14 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/mate/mate-dictionary | ||
17 | whitelist ${HOME}/.config/mate/mate-dictionary | 18 | whitelist ${HOME}/.config/mate/mate-dictionary |
18 | whitelist ${HOME}/.config/gtk-3.0 | 19 | include whitelist-common.inc |
19 | whitelist ${HOME}/.fonts | ||
20 | whitelist ${HOME}/.icons | ||
21 | whitelist ${HOME}/.themes | ||
22 | 20 | ||
23 | caps.drop all | 21 | caps.drop all |
24 | netfilter | 22 | netfilter |
diff --git a/etc/meteo-qt.profile b/etc/meteo-qt.profile index 7c9b5f7f1..4437d86ea 100644 --- a/etc/meteo-qt.profile +++ b/etc/meteo-qt.profile | |||
@@ -20,8 +20,8 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | whitelist ${HOME}/.config/autostart | ||
24 | mkdir ${HOME}/.config/meteo-qt | 23 | mkdir ${HOME}/.config/meteo-qt |
24 | whitelist ${HOME}/.config/autostart | ||
25 | whitelist ${HOME}/.config/meteo-qt | 25 | whitelist ${HOME}/.config/meteo-qt |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
diff --git a/etc/mpsyt.profile b/etc/mpsyt.profile index 88d464b5f..775e137bc 100644 --- a/etc/mpsyt.profile +++ b/etc/mpsyt.profile | |||
@@ -6,10 +6,6 @@ include mpsyt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Allow python (blacklisted by disable-interpreters.inc) | ||
10 | include allow-python2.inc | ||
11 | include allow-python3.inc | ||
12 | |||
13 | noblacklist ${HOME}/.config/mpv | 9 | noblacklist ${HOME}/.config/mpv |
14 | noblacklist ${HOME}/.mplayer | 10 | noblacklist ${HOME}/.mplayer |
15 | noblacklist ${HOME}/.config/mps-youtube | 11 | noblacklist ${HOME}/.config/mps-youtube |
@@ -18,6 +14,10 @@ noblacklist ${HOME}/mps | |||
18 | noblacklist ${MUSIC} | 14 | noblacklist ${MUSIC} |
19 | noblacklist ${VIDEOS} | 15 | noblacklist ${VIDEOS} |
20 | 16 | ||
17 | # Allow python (blacklisted by disable-interpreters.inc) | ||
18 | include allow-python2.inc | ||
19 | include allow-python3.inc | ||
20 | |||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
23 | include disable-exec.inc | 23 | include disable-exec.inc |
diff --git a/etc/multimc5.profile b/etc/multimc5.profile index 88dd4c536..98edf273e 100644 --- a/etc/multimc5.profile +++ b/etc/multimc5.profile | |||
@@ -21,6 +21,8 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.local/share/multimc | 23 | mkdir ${HOME}/.local/share/multimc |
24 | mkdir ${HOME}/.local/share/multimc5 | ||
25 | mkdir ${HOME}/.multimc5 | ||
24 | whitelist ${HOME}/.local/share/multimc | 26 | whitelist ${HOME}/.local/share/multimc |
25 | whitelist ${HOME}/.local/share/multimc5 | 27 | whitelist ${HOME}/.local/share/multimc5 |
26 | whitelist ${HOME}/.multimc5 | 28 | whitelist ${HOME}/.multimc5 |
diff --git a/etc/nethack-vultures.profile b/etc/nethack-vultures.profile index 2c23a4868..e1294153b 100644 --- a/etc/nethack-vultures.profile +++ b/etc/nethack-vultures.profile | |||
@@ -6,7 +6,6 @@ include nethack.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | |||
10 | noblacklist ${HOME}/.vultures | 9 | noblacklist ${HOME}/.vultures |
11 | noblacklist /var/log | 10 | noblacklist /var/log |
12 | 11 | ||
@@ -43,4 +42,3 @@ private-cache | |||
43 | private-dev | 42 | private-dev |
44 | private-tmp | 43 | private-tmp |
45 | writable-var | 44 | writable-var |
46 | |||
diff --git a/etc/nethack.profile b/etc/nethack.profile index 5375d2f4f..3df632451 100644 --- a/etc/nethack.profile +++ b/etc/nethack.profile | |||
@@ -6,7 +6,6 @@ include nethack.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | |||
10 | noblacklist /var/games/nethack | 9 | noblacklist /var/games/nethack |
11 | 10 | ||
12 | include disable-common.inc | 11 | include disable-common.inc |
diff --git a/etc/nheko.profile b/etc/nheko.profile index 2dfddf872..119b30239 100644 --- a/etc/nheko.profile +++ b/etc/nheko.profile | |||
@@ -18,11 +18,9 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.config/nheko | 19 | mkdir ${HOME}/.config/nheko |
20 | mkdir ${HOME}/.cache/nheko/nheko | 20 | mkdir ${HOME}/.cache/nheko/nheko |
21 | |||
22 | whitelist ${HOME}/.config/nheko | 21 | whitelist ${HOME}/.config/nheko |
23 | whitelist ${HOME}/.cache/nheko/nheko | 22 | whitelist ${HOME}/.cache/nheko/nheko |
24 | whitelist ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
25 | |||
26 | include whitelist-common.inc | 24 | include whitelist-common.inc |
27 | 25 | ||
28 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/nylas.profile b/etc/nylas.profile index 263e09198..c959eb991 100644 --- a/etc/nylas.profile +++ b/etc/nylas.profile | |||
@@ -14,6 +14,8 @@ include disable-interpreters.inc | |||
14 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/Nylas Mail | ||
18 | mkdir ${HOME}/.nylas-mail | ||
17 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
18 | whitelist ${HOME}/.config/Nylas Mail | 20 | whitelist ${HOME}/.config/Nylas Mail |
19 | whitelist ${HOME}/.nylas-mail | 21 | whitelist ${HOME}/.nylas-mail |
diff --git a/etc/qgis.profile b/etc/qgis.profile index c3d6011eb..70788b207 100644 --- a/etc/qgis.profile +++ b/etc/qgis.profile | |||
@@ -6,7 +6,6 @@ include qgis.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/QtProject.conf | ||
10 | noblacklist ${HOME}/.config/QGIS | 9 | noblacklist ${HOME}/.config/QGIS |
11 | noblacklist ${HOME}/.local/share/QGIS | 10 | noblacklist ${HOME}/.local/share/QGIS |
12 | noblacklist ${HOME}/.qgis2 | 11 | noblacklist ${HOME}/.qgis2 |
diff --git a/etc/quiterss.profile b/etc/quiterss.profile index 41c84425b..e2a3c9c23 100644 --- a/etc/quiterss.profile +++ b/etc/quiterss.profile | |||
@@ -22,6 +22,8 @@ mkdir ${HOME}/.cache/QuiteRss | |||
22 | mkdir ${HOME}/.config/QuiteRss | 22 | mkdir ${HOME}/.config/QuiteRss |
23 | mkdir ${HOME}/.local/share/data | 23 | mkdir ${HOME}/.local/share/data |
24 | mkdir ${HOME}/.local/share/data/QuiteRss | 24 | mkdir ${HOME}/.local/share/data/QuiteRss |
25 | mkdir ${HOME}/.local/share/QuiteRss | ||
26 | mkfile ${HOME}/quiterssfeeds.opml | ||
25 | whitelist ${HOME}/.cache/QuiteRss | 27 | whitelist ${HOME}/.cache/QuiteRss |
26 | whitelist ${HOME}/.config/QuiteRss/ | 28 | whitelist ${HOME}/.config/QuiteRss/ |
27 | whitelist ${HOME}/.config/QuiteRssrc | 29 | whitelist ${HOME}/.config/QuiteRssrc |
diff --git a/etc/qupzilla.profile b/etc/qupzilla.profile index 1b23b2baf..954b1a3b4 100644 --- a/etc/qupzilla.profile +++ b/etc/qupzilla.profile | |||
@@ -15,6 +15,8 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/qupzilla | ||
19 | mkdir ${HOME}/.config/qupzilla | ||
18 | whitelist ${DOWNLOADS} | 20 | whitelist ${DOWNLOADS} |
19 | whitelist ${HOME}/.cache/qupzilla | 21 | whitelist ${HOME}/.cache/qupzilla |
20 | whitelist ${HOME}/.config/qupzilla | 22 | whitelist ${HOME}/.config/qupzilla |
diff --git a/etc/ricochet.profile b/etc/ricochet.profile index 3cb30c459..fc770d62d 100644 --- a/etc/ricochet.profile +++ b/etc/ricochet.profile | |||
@@ -5,7 +5,6 @@ include ricochet.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | |||
9 | noblacklist ${HOME}/.local/share/Ricochet | 8 | noblacklist ${HOME}/.local/share/Ricochet |
10 | 9 | ||
11 | include disable-common.inc | 10 | include disable-common.inc |
@@ -15,6 +14,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 15 | include disable-programs.inc |
17 | 16 | ||
17 | mkdir ${HOME}/.local/share/Ricochet | ||
18 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
19 | whitelist ${HOME}/.local/share/Ricochet | 19 | whitelist ${HOME}/.local/share/Ricochet |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
diff --git a/etc/rocketchat.profile b/etc/rocketchat.profile index c95bc3c3d..8170c62e7 100644 --- a/etc/rocketchat.profile +++ b/etc/rocketchat.profile | |||
@@ -7,6 +7,7 @@ include globals.local | |||
7 | 7 | ||
8 | noblacklist ${HOME}/.config/Rocket.Chat | 8 | noblacklist ${HOME}/.config/Rocket.Chat |
9 | 9 | ||
10 | mkdir ${HOME}/.config/Rocket.Chat | ||
10 | whitelist ${HOME}/.config/Rocket.Chat | 11 | whitelist ${HOME}/.config/Rocket.Chat |
11 | include whitelist-common.inc | 12 | include whitelist-common.inc |
12 | 13 | ||
diff --git a/etc/seahorse.profile b/etc/seahorse.profile index fc54a0716..7baae2603 100644 --- a/etc/seahorse.profile +++ b/etc/seahorse.profile | |||
@@ -32,6 +32,7 @@ include disable-interpreters.inc | |||
32 | include disable-passwdmgr.inc | 32 | include disable-passwdmgr.inc |
33 | include disable-programs.inc | 33 | include disable-programs.inc |
34 | include disable-xdg.inc | 34 | include disable-xdg.inc |
35 | |||
35 | include whitelist-common.inc | 36 | include whitelist-common.inc |
36 | include whitelist-var-common.inc | 37 | include whitelist-var-common.inc |
37 | 38 | ||
diff --git a/etc/seamonkey.profile b/etc/seamonkey.profile index d92c62a52..ca74efe68 100644 --- a/etc/seamonkey.profile +++ b/etc/seamonkey.profile | |||
@@ -18,6 +18,8 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.cache/mozilla | 19 | mkdir ${HOME}/.cache/mozilla |
20 | mkdir ${HOME}/.mozilla | 20 | mkdir ${HOME}/.mozilla |
21 | mkdir ${HOME}/.pki | ||
22 | mkdir ${HOME}/.local/share/pki | ||
21 | whitelist ${DOWNLOADS} | 23 | whitelist ${DOWNLOADS} |
22 | whitelist ${HOME}/.cache/gnome-mplayer/plugin | 24 | whitelist ${HOME}/.cache/gnome-mplayer/plugin |
23 | whitelist ${HOME}/.cache/mozilla | 25 | whitelist ${HOME}/.cache/mozilla |
diff --git a/etc/slack.profile b/etc/slack.profile index ed76be373..53baf5f40 100644 --- a/etc/slack.profile +++ b/etc/slack.profile | |||
@@ -13,7 +13,6 @@ include disable-interpreters.inc | |||
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.config | ||
17 | mkdir ${HOME}/.config/Slack | 16 | mkdir ${HOME}/.config/Slack |
18 | whitelist ${HOME}/.config/Slack | 17 | whitelist ${HOME}/.config/Slack |
19 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
diff --git a/etc/slashem.profile b/etc/slashem.profile index 011698e1f..8c84180d7 100644 --- a/etc/slashem.profile +++ b/etc/slashem.profile | |||
@@ -6,7 +6,6 @@ include slashem.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | |||
10 | noblacklist /var/games/slashem | 9 | noblacklist /var/games/slashem |
11 | 10 | ||
12 | include disable-common.inc | 11 | include disable-common.inc |
diff --git a/etc/start-tor-browser.desktop.profile b/etc/start-tor-browser.desktop.profile index a61038157..d5d7a17e4 100644 --- a/etc/start-tor-browser.desktop.profile +++ b/etc/start-tor-browser.desktop.profile | |||
@@ -3,7 +3,6 @@ | |||
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include start-tor-browser.desktop.local | 4 | include start-tor-browser.desktop.local |
5 | 5 | ||
6 | |||
7 | noblacklist ${HOME}/.tor-browser-* | 6 | noblacklist ${HOME}/.tor-browser-* |
8 | noblacklist ${HOME}/.tor-browser_* | 7 | noblacklist ${HOME}/.tor-browser_* |
9 | 8 | ||
diff --git a/etc/surf.profile b/etc/surf.profile index 0504b5fe5..5f116fd0c 100644 --- a/etc/surf.profile +++ b/etc/surf.profile | |||
@@ -15,6 +15,7 @@ include disable-passwdmgr.inc | |||
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.surf | 17 | mkdir ${HOME}/.surf |
18 | whitelist ${HOME}/.surf | ||
18 | whitelist ${DOWNLOADS} | 19 | whitelist ${DOWNLOADS} |
19 | include whitelist-common.inc | 20 | include whitelist-common.inc |
20 | 21 | ||
diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile index 3953de614..7c545d08f 100644 --- a/etc/wire-desktop.profile +++ b/etc/wire-desktop.profile | |||
@@ -16,7 +16,6 @@ include disable-programs.inc | |||
16 | mkdir ${HOME}/.config/Wire | 16 | mkdir ${HOME}/.config/Wire |
17 | whitelist ${HOME}/.config/Wire | 17 | whitelist ${HOME}/.config/Wire |
18 | whitelist ${DOWNLOADS} | 18 | whitelist ${DOWNLOADS} |
19 | |||
20 | include whitelist-common.inc | 19 | include whitelist-common.inc |
21 | 20 | ||
22 | caps.drop all | 21 | caps.drop all |
diff --git a/etc/zaproxy.profile b/etc/zaproxy.profile index 9ef3e713e..0598ea18d 100644 --- a/etc/zaproxy.profile +++ b/etc/zaproxy.profile | |||
@@ -19,6 +19,7 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.java | ||
22 | mkdir ${HOME}/.ZAP | 23 | mkdir ${HOME}/.ZAP |
23 | whitelist ${HOME}/.java | 24 | whitelist ${HOME}/.java |
24 | whitelist ${HOME}/.ZAP | 25 | whitelist ${HOME}/.ZAP |
diff --git a/etc/zoom.profile b/etc/zoom.profile index 456b197f3..6d312aff6 100644 --- a/etc/zoom.profile +++ b/etc/zoom.profile | |||
@@ -13,6 +13,8 @@ include disable-devel.inc | |||
13 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/zoom | ||
17 | mkfile ${HOME}/.config/zoomus.conf | ||
16 | mkdir ${HOME}/.zoom | 18 | mkdir ${HOME}/.zoom |
17 | whitelist ${HOME}/.cache/zoom | 19 | whitelist ${HOME}/.cache/zoom |
18 | whitelist ${HOME}/.config/zoomus.conf | 20 | whitelist ${HOME}/.config/zoomus.conf |