diff options
33 files changed, 127 insertions, 0 deletions
diff --git a/etc/0ad.profile b/etc/0ad.profile index 565d42567..8b5820d5e 100644 --- a/etc/0ad.profile +++ b/etc/0ad.profile | |||
@@ -23,7 +23,9 @@ mkdir ${HOME}/.local/share/0ad | |||
23 | whitelist ${HOME}/.cache/0ad | 23 | whitelist ${HOME}/.cache/0ad |
24 | whitelist ${HOME}/.config/0ad | 24 | whitelist ${HOME}/.config/0ad |
25 | whitelist ${HOME}/.local/share/0ad | 25 | whitelist ${HOME}/.local/share/0ad |
26 | whitelist /usr/share/0ad | ||
26 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-usr-share-common.inc | ||
27 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
28 | 30 | ||
29 | caps.drop all | 31 | caps.drop all |
diff --git a/etc/ark.profile b/etc/ark.profile index 7f74a4d49..2fe546b55 100644 --- a/etc/ark.profile +++ b/etc/ark.profile | |||
@@ -15,6 +15,8 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | whitelist /usr/share/ark | ||
19 | include whitelist-usr-share-common.inc | ||
18 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
19 | 21 | ||
20 | apparmor | 22 | apparmor |
diff --git a/etc/bibletime.profile b/etc/bibletime.profile index 0de3bc480..b76bc8367 100644 --- a/etc/bibletime.profile +++ b/etc/bibletime.profile | |||
@@ -25,7 +25,10 @@ mkdir ${HOME}/.local/share/bibletime | |||
25 | whitelist ${HOME}/.bibletime | 25 | whitelist ${HOME}/.bibletime |
26 | whitelist ${HOME}/.sword | 26 | whitelist ${HOME}/.sword |
27 | whitelist ${HOME}/.local/share/bibletime | 27 | whitelist ${HOME}/.local/share/bibletime |
28 | whitelist /usr/share/bibletime | ||
29 | whitelist /usr/share/sword | ||
28 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-usr-share-common.inc | ||
29 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
30 | 33 | ||
31 | apparmor | 34 | apparmor |
diff --git a/etc/dconf-editor.profile b/etc/dconf-editor.profile index 29f676535..f9300268f 100644 --- a/etc/dconf-editor.profile +++ b/etc/dconf-editor.profile | |||
@@ -16,6 +16,7 @@ include disable-xdg.inc | |||
16 | 16 | ||
17 | whitelist ${HOME}/.local/share/glib-2.0 | 17 | whitelist ${HOME}/.local/share/glib-2.0 |
18 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-usr-share-common.inc | ||
19 | 20 | ||
20 | apparmor | 21 | apparmor |
21 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/dragon.profile b/etc/dragon.profile index fb8aaaf96..df839cc47 100644 --- a/etc/dragon.profile +++ b/etc/dragon.profile | |||
@@ -18,6 +18,8 @@ include disable-passwdmgr.inc | |||
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | whitelist /usr/share/dragonplayer | ||
22 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
22 | 24 | ||
23 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/eog.profile b/etc/eog.profile index 8e3aa42fe..4a68053ea 100644 --- a/etc/eog.profile +++ b/etc/eog.profile | |||
@@ -8,6 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/eog | 9 | noblacklist ${HOME}/.config/eog |
10 | 10 | ||
11 | whitelist /usr/share/eog | ||
12 | include whitelist-usr-share-common.inc | ||
13 | |||
11 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager' | 14 | # private-bin, private-etc and private-lib break 'Open With' / 'Open in file manager' |
12 | # comment those if you need that functionality | 15 | # comment those if you need that functionality |
13 | # or put 'ignore private-bin', 'ignore private-etc' and 'ignore private-lib' in your eog.local | 16 | # or put 'ignore private-bin', 'ignore private-etc' and 'ignore private-lib' in your eog.local |
diff --git a/etc/evince.profile b/etc/evince.profile index af1b934c5..0ace1dc3e 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -17,6 +17,10 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /usr/share/evince | ||
21 | whitelist /usr/share/poppler | ||
22 | whitelist /usr/share/tracker | ||
23 | include whitelist-usr-share-common.inc | ||
20 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
21 | 25 | ||
22 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/feedreader.profile b/etc/feedreader.profile index e381b12d6..c12ab2399 100644 --- a/etc/feedreader.profile +++ b/etc/feedreader.profile | |||
@@ -21,7 +21,9 @@ mkdir ${HOME}/.cache/feedreader | |||
21 | mkdir ${HOME}/.local/share/feedreader | 21 | mkdir ${HOME}/.local/share/feedreader |
22 | whitelist ${HOME}/.cache/feedreader | 22 | whitelist ${HOME}/.cache/feedreader |
23 | whitelist ${HOME}/.local/share/feedreader | 23 | whitelist ${HOME}/.local/share/feedreader |
24 | whitelist /usr/share/feedreader | ||
24 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | ||
25 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
26 | 28 | ||
27 | caps.drop all | 29 | caps.drop all |
diff --git a/etc/file-roller.profile b/etc/file-roller.profile index 496152540..5251ecd46 100644 --- a/etc/file-roller.profile +++ b/etc/file-roller.profile | |||
@@ -13,6 +13,8 @@ include disable-interpreters.inc | |||
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | whitelist /usr/share/file-roller | ||
17 | include whitelist-usr-share-common.inc | ||
16 | include whitelist-var-common.inc | 18 | include whitelist-var-common.inc |
17 | 19 | ||
18 | apparmor | 20 | apparmor |
diff --git a/etc/firefox.profile b/etc/firefox.profile index 8d90a0917..b05321ece 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -14,6 +14,9 @@ mkdir ${HOME}/.mozilla | |||
14 | whitelist ${HOME}/.cache/mozilla/firefox | 14 | whitelist ${HOME}/.cache/mozilla/firefox |
15 | whitelist ${HOME}/.mozilla | 15 | whitelist ${HOME}/.mozilla |
16 | 16 | ||
17 | whitelist /usr/share/mozilla | ||
18 | include whitelist-usr-share-common.inc | ||
19 | |||
17 | # firefox requires a shell to launch on Arch. | 20 | # firefox requires a shell to launch on Arch. |
18 | #private-bin bash,dbus-launch,dbus-send,env,firefox,sh,which | 21 | #private-bin bash,dbus-launch,dbus-send,env,firefox,sh,which |
19 | # Fedora use shell scripts to launch firefox, at least this is required | 22 | # Fedora use shell scripts to launch firefox, at least this is required |
diff --git a/etc/ghostwriter.profile b/etc/ghostwriter.profile index b09d28b21..8a9ccabc2 100644 --- a/etc/ghostwriter.profile +++ b/etc/ghostwriter.profile | |||
@@ -19,6 +19,13 @@ include disable-passwdmgr.inc | |||
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | whitelist /usr/share/ghostwriter | ||
23 | whitelist /usr/share/mozilla-dicts | ||
24 | whitelist /usr/share/texlive | ||
25 | whitelist /usr/share/pandoc | ||
26 | whitelist /usr/share/pandoc-* | ||
27 | include whitelist-usr-share-common.inc | ||
28 | |||
22 | apparmor | 29 | apparmor |
23 | caps.drop all | 30 | caps.drop all |
24 | machine-id | 31 | machine-id |
diff --git a/etc/gimp.profile b/etc/gimp.profile index e68d49274..ea73d1b0a 100644 --- a/etc/gimp.profile +++ b/etc/gimp.profile | |||
@@ -23,6 +23,9 @@ include disable-passwdmgr.inc | |||
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | whitelist /usr/share/gimp | ||
27 | whitelist /usr/share/mypaint-data | ||
28 | include whitelist-usr-share-common.inc | ||
26 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
27 | 30 | ||
28 | apparmor | 31 | apparmor |
diff --git a/etc/gitg.profile b/etc/gitg.profile index 08c1c94b6..9ac1076ed 100644 --- a/etc/gitg.profile +++ b/etc/gitg.profile | |||
@@ -19,6 +19,8 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist /usr/share/gitg | ||
23 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
23 | 25 | ||
24 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/gnome-characters.profile b/etc/gnome-characters.profile index 828c6324e..c3e9466d7 100644 --- a/etc/gnome-characters.profile +++ b/etc/gnome-characters.profile | |||
@@ -14,7 +14,9 @@ include disable-passwdmgr.inc | |||
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | include disable-xdg.inc | 15 | include disable-xdg.inc |
16 | 16 | ||
17 | whitelist /usr/share/org.gnome.Characters | ||
17 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-usr-share-common.inc | ||
18 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
19 | 21 | ||
20 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/gnome-clocks.profile b/etc/gnome-clocks.profile index 2beee83e0..025335a23 100644 --- a/etc/gnome-clocks.profile +++ b/etc/gnome-clocks.profile | |||
@@ -14,7 +14,10 @@ include disable-passwdmgr.inc | |||
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | include disable-xdg.inc | 15 | include disable-xdg.inc |
16 | 16 | ||
17 | whitelist /usr/share/gnome-clocks | ||
18 | whitelist /usr/share/libgweather | ||
17 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | ||
18 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
19 | 22 | ||
20 | apparmor | 23 | apparmor |
diff --git a/etc/gnome-latex.profile b/etc/gnome-latex.profile index 9cef9072c..1bf48c6ab 100644 --- a/etc/gnome-latex.profile +++ b/etc/gnome-latex.profile | |||
@@ -19,6 +19,10 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist /usr/share/gnome-latex | ||
23 | whitelist /usr/share/perl5 | ||
24 | whitelist /usr/share/texlive | ||
25 | include whitelist-usr-share-common.inc | ||
22 | # May cause issues. | 26 | # May cause issues. |
23 | #include whitelist-var-common.inc | 27 | #include whitelist-var-common.inc |
24 | 28 | ||
diff --git a/etc/gnome-logs.profile b/etc/gnome-logs.profile index 67256852c..75ad21608 100644 --- a/etc/gnome-logs.profile +++ b/etc/gnome-logs.profile | |||
@@ -15,6 +15,7 @@ include disable-programs.inc | |||
15 | include disable-xdg.inc | 15 | include disable-xdg.inc |
16 | 16 | ||
17 | whitelist /var/log/journal | 17 | whitelist /var/log/journal |
18 | include whitelist-usr-share-common.inc | ||
18 | include whitelist-var-common.inc | 19 | include whitelist-var-common.inc |
19 | 20 | ||
20 | apparmor | 21 | apparmor |
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile index be8e809ce..6f7f13c56 100644 --- a/etc/gnome-maps.profile +++ b/etc/gnome-maps.profile | |||
@@ -26,7 +26,9 @@ whitelist ${HOME}/.cache/champlain | |||
26 | whitelist ${HOME}/.local/share/maps-places.json | 26 | whitelist ${HOME}/.local/share/maps-places.json |
27 | whitelist ${DOWNLOADS} | 27 | whitelist ${DOWNLOADS} |
28 | whitelist ${PICTURES} | 28 | whitelist ${PICTURES} |
29 | whitelist /usr/share/gnome-maps | ||
29 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-usr-share-common.inc | ||
30 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
31 | 33 | ||
32 | apparmor | 34 | apparmor |
diff --git a/etc/gucharmap.profile b/etc/gucharmap.profile index c8fe9e8c9..b3aa58d29 100644 --- a/etc/gucharmap.profile +++ b/etc/gucharmap.profile | |||
@@ -15,6 +15,7 @@ include disable-programs.inc | |||
15 | include disable-xdg.inc | 15 | include disable-xdg.inc |
16 | 16 | ||
17 | include whitelist-common.inc | 17 | include whitelist-common.inc |
18 | include whitelist-usr-share-common.inc | ||
18 | include whitelist-var-common.inc | 19 | include whitelist-var-common.inc |
19 | 20 | ||
20 | apparmor | 21 | apparmor |
diff --git a/etc/keepassxc.profile b/etc/keepassxc.profile index 96718fcde..a48165140 100644 --- a/etc/keepassxc.profile +++ b/etc/keepassxc.profile | |||
@@ -22,6 +22,8 @@ include disable-passwdmgr.inc | |||
22 | include disable-programs.inc | 22 | include disable-programs.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | whitelist /usr/share/keepassxc | ||
26 | include whitelist-usr-share-common.inc | ||
25 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
26 | 28 | ||
27 | caps.drop all | 29 | caps.drop all |
diff --git a/etc/meld.profile b/etc/meld.profile index 70de7c27b..8e3668d57 100644 --- a/etc/meld.profile +++ b/etc/meld.profile | |||
@@ -37,6 +37,10 @@ include disable-passwdmgr.inc | |||
37 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in /var. | 37 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in /var. |
38 | #include whitelist-var-common.inc | 38 | #include whitelist-var-common.inc |
39 | 39 | ||
40 | # Uncomment the next lines (or put it into your meld.local) if you don't need to compare files in /usr/share. | ||
41 | #whitelist /usr/share/meld | ||
42 | #include whitelist-usr-share-common.inc | ||
43 | |||
40 | apparmor | 44 | apparmor |
41 | caps.drop all | 45 | caps.drop all |
42 | ipc-namespace | 46 | ipc-namespace |
diff --git a/etc/mpv.profile b/etc/mpv.profile index 289a3cd5d..ab295a30d 100644 --- a/etc/mpv.profile +++ b/etc/mpv.profile | |||
@@ -27,6 +27,7 @@ include disable-passwdmgr.inc | |||
27 | include disable-programs.inc | 27 | include disable-programs.inc |
28 | include disable-xdg.inc | 28 | include disable-xdg.inc |
29 | 29 | ||
30 | include whitelist-usr-share-common.inc | ||
30 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
31 | 32 | ||
32 | apparmor | 33 | apparmor |
diff --git a/etc/okular.profile b/etc/okular.profile index 56fd21fc8..1dc8c9482 100644 --- a/etc/okular.profile +++ b/etc/okular.profile | |||
@@ -26,6 +26,9 @@ include disable-passwdmgr.inc | |||
26 | include disable-programs.inc | 26 | include disable-programs.inc |
27 | include disable-xdg.inc | 27 | include disable-xdg.inc |
28 | 28 | ||
29 | whitelist /usr/share/poppler | ||
30 | whitelist /usr/share/okular | ||
31 | include whitelist-usr-share-common.inc | ||
29 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
30 | 33 | ||
31 | apparmor | 34 | apparmor |
diff --git a/etc/rhythmbox.profile b/etc/rhythmbox.profile index 9bcbdb561..b5f9941e3 100644 --- a/etc/rhythmbox.profile +++ b/etc/rhythmbox.profile | |||
@@ -21,6 +21,10 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | whitelist /usr/share/rhythmbox | ||
25 | whitelist /usr/share/lua | ||
26 | whitelist /usr/share/libquvi-scripts | ||
27 | include whitelist-usr-share-common.inc | ||
24 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
25 | 29 | ||
26 | # apparmor - makes settings immutable | 30 | # apparmor - makes settings immutable |
diff --git a/etc/sqlitebrowser.profile b/etc/sqlitebrowser.profile index d423bb65c..94bb4d3f2 100644 --- a/etc/sqlitebrowser.profile +++ b/etc/sqlitebrowser.profile | |||
@@ -17,6 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | include whitelist-usr-share-common.inc | ||
20 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
21 | 22 | ||
22 | apparmor | 23 | apparmor |
diff --git a/etc/supertuxkart.profile b/etc/supertuxkart.profile index 8a48eeac8..2975a61ed 100644 --- a/etc/supertuxkart.profile +++ b/etc/supertuxkart.profile | |||
@@ -24,7 +24,9 @@ mkdir ${HOME}/.local/share/supertuxkart | |||
24 | whitelist ${HOME}/.config/supertuxkart | 24 | whitelist ${HOME}/.config/supertuxkart |
25 | whitelist ${HOME}/.cache/supertuxkart | 25 | whitelist ${HOME}/.cache/supertuxkart |
26 | whitelist ${HOME}/.local/share/supertuxkart | 26 | whitelist ${HOME}/.local/share/supertuxkart |
27 | whitelist /usr/share/supertuxkart | ||
27 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-usr-share-common.inc | ||
28 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
29 | 31 | ||
30 | apparmor | 32 | apparmor |
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 10b5ee2ae..dcf6dd201 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
@@ -107,6 +107,7 @@ include globals.local | |||
107 | ##mkfile PATH | 107 | ##mkfile PATH |
108 | #whitelist PATH | 108 | #whitelist PATH |
109 | #include whitelist-common.inc | 109 | #include whitelist-common.inc |
110 | #include whitelist-usr-share-common.inc | ||
110 | #include whitelist-var-common.inc | 111 | #include whitelist-var-common.inc |
111 | 112 | ||
112 | ##allusers | 113 | ##allusers |
diff --git a/etc/thunderbird.profile b/etc/thunderbird.profile index 9e60050e6..ea6e3855d 100644 --- a/etc/thunderbird.profile +++ b/etc/thunderbird.profile | |||
@@ -34,6 +34,9 @@ whitelist ${HOME}/.gnupg | |||
34 | # whitelist ${HOME}/.icedove | 34 | # whitelist ${HOME}/.icedove |
35 | whitelist ${HOME}/.thunderbird | 35 | whitelist ${HOME}/.thunderbird |
36 | 36 | ||
37 | #whitelist /usr/share/mozilla | ||
38 | #include whitelist-usr-share-common.inc | ||
39 | |||
37 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE | 40 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE |
38 | ignore private-tmp | 41 | ignore private-tmp |
39 | # machine-id breaks audio in browsers; enable it when sound is not required | 42 | # machine-id breaks audio in browsers; enable it when sound is not required |
diff --git a/etc/transmission-gtk.profile b/etc/transmission-gtk.profile index 01bdeb4ef..de8da003b 100644 --- a/etc/transmission-gtk.profile +++ b/etc/transmission-gtk.profile | |||
@@ -7,6 +7,8 @@ include transmission-gtk.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | include whitelist-usr-share-common.inc | ||
11 | |||
10 | private-bin transmission-gtk | 12 | private-bin transmission-gtk |
11 | 13 | ||
12 | ignore memory-deny-write-execute | 14 | ignore memory-deny-write-execute |
diff --git a/etc/wget.profile b/etc/wget.profile index 83ff0bb64..4bf354652 100644 --- a/etc/wget.profile +++ b/etc/wget.profile | |||
@@ -15,6 +15,7 @@ include disable-exec.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | include whitelist-usr-share-common.inc | ||
18 | include whitelist-var-common.inc | 19 | include whitelist-var-common.inc |
19 | 20 | ||
20 | caps.drop all | 21 | caps.drop all |
diff --git a/etc/whitelist-usr-share-common.inc b/etc/whitelist-usr-share-common.inc new file mode 100644 index 000000000..61c69b2f8 --- /dev/null +++ b/etc/whitelist-usr-share-common.inc | |||
@@ -0,0 +1,49 @@ | |||
1 | # Local customizations come here | ||
2 | include whitelist-usr-share-common.local | ||
3 | |||
4 | # common /usr/share whitelist for all profiles | ||
5 | |||
6 | whitelist /usr/share/alsa | ||
7 | whitelist /usr/share/applications | ||
8 | whitelist /usr/share/crypto-policies | ||
9 | whitelist /usr/share/cursors | ||
10 | whitelist /usr/share/dconf | ||
11 | whitelist /usr/share/distro-info | ||
12 | whitelist /usr/share/drirc.d | ||
13 | whitelist /usr/share/enchant | ||
14 | whitelist /usr/share/enchant-2 | ||
15 | whitelist /usr/share/fontconfig | ||
16 | whitelist /usr/share/fonts | ||
17 | whitelist /usr/share/gjs-1.0 | ||
18 | whitelist /usr/share/glib-2.0 | ||
19 | whitelist /usr/share/glvnd | ||
20 | whitelist /usr/share/gtk-2.0 | ||
21 | whitelist /usr/share/gtk-3.0 | ||
22 | whitelist /usr/share/gtksourceview-3.0 | ||
23 | whitelist /usr/share/gtksourceview-4 | ||
24 | whitelist /usr/share/hunspell | ||
25 | whitelist /usr/share/hwdata | ||
26 | whitelist /usr/share/icons | ||
27 | whitelist /usr/share/knotifications5 | ||
28 | whitelist /usr/share/kservices5 | ||
29 | whitelist /usr/share/Kvantum | ||
30 | whitelist /usr/share/kxmlgui5 | ||
31 | whitelist /usr/share/libthai | ||
32 | whitelist /usr/share/locale | ||
33 | whitelist /usr/share/mime | ||
34 | whitelist /usr/share/misc | ||
35 | whitelist /usr/share/Modules | ||
36 | whitelist /usr/share/myspell | ||
37 | whitelist /usr/share/p11-kit | ||
38 | whitelist /usr/share/pixmaps | ||
39 | whitelist /usr/share/pki | ||
40 | whitelist /usr/share/plasma | ||
41 | whitelist /usr/share/qt5 | ||
42 | whitelist /usr/share/sounds | ||
43 | whitelist /usr/share/tcl8.6 | ||
44 | whitelist /usr/share/terminfo | ||
45 | whitelist /usr/share/themes | ||
46 | whitelist /usr/share/thumbnail.so | ||
47 | whitelist /usr/share/X11 | ||
48 | whitelist /usr/share/xml | ||
49 | whitelist /usr/share/zoneinfo | ||
diff --git a/etc/yelp.profile b/etc/yelp.profile index 66f094e1d..41138cd17 100644 --- a/etc/yelp.profile +++ b/etc/yelp.profile | |||
@@ -18,7 +18,11 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.config/yelp | 19 | mkdir ${HOME}/.config/yelp |
20 | whitelist ${HOME}/.config/yelp | 20 | whitelist ${HOME}/.config/yelp |
21 | whitelist /usr/share/help | ||
22 | whitelist /usr/share/yelp | ||
23 | whitelist /usr/share/yelp-xsl | ||
21 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
23 | 27 | ||
24 | apparmor | 28 | apparmor |
diff --git a/etc/youtube-dl.profile b/etc/youtube-dl.profile index f8ac1e16d..74c07d96b 100644 --- a/etc/youtube-dl.profile +++ b/etc/youtube-dl.profile | |||
@@ -30,6 +30,7 @@ include disable-passwdmgr.inc | |||
30 | include disable-programs.inc | 30 | include disable-programs.inc |
31 | include disable-xdg.inc | 31 | include disable-xdg.inc |
32 | 32 | ||
33 | include whitelist-usr-share-common.inc | ||
33 | include whitelist-var-common.inc | 34 | include whitelist-var-common.inc |
34 | 35 | ||
35 | apparmor | 36 | apparmor |