diff options
-rw-r--r-- | etc/catfish.profile | 1 | ||||
-rw-r--r-- | etc/lrzuntar.profile | 1 | ||||
-rw-r--r-- | etc/lzcat.profile | 1 | ||||
-rw-r--r-- | etc/lzcmp.profile | 1 | ||||
-rw-r--r-- | etc/lzegrep.profile | 1 | ||||
-rw-r--r-- | etc/lzfgrep.profile | 1 | ||||
-rw-r--r-- | etc/lzgrep.profile | 1 | ||||
-rw-r--r-- | etc/lzip.profile | 1 | ||||
-rw-r--r-- | etc/lzless.profile | 1 | ||||
-rw-r--r-- | etc/lzma.profile | 1 | ||||
-rw-r--r-- | etc/lzmainfo.profile | 1 | ||||
-rw-r--r-- | etc/lzmore.profile | 1 | ||||
-rw-r--r-- | etc/tuxguitar.profile | 2 | ||||
-rw-r--r-- | etc/unlzma.profile | 1 | ||||
-rw-r--r-- | etc/unxz.profile | 1 | ||||
-rw-r--r-- | etc/xfce4-dict.profile | 3 | ||||
-rw-r--r-- | etc/xfce4-notes.profile | 3 | ||||
-rw-r--r-- | etc/xxd.profile | 3 | ||||
-rw-r--r-- | etc/xz.profile | 1 | ||||
-rw-r--r-- | etc/xzcat.profile | 1 | ||||
-rw-r--r-- | etc/xzcmp.profile | 1 | ||||
-rw-r--r-- | etc/xzdiff.profile | 1 | ||||
-rw-r--r-- | etc/xzegrep.profile | 1 | ||||
-rw-r--r-- | etc/xzfgrep.profile | 1 | ||||
-rw-r--r-- | etc/xzmore.profile | 1 | ||||
-rw-r--r-- | etc/zathura.profile | 4 |
26 files changed, 34 insertions, 2 deletions
diff --git a/etc/catfish.profile b/etc/catfish.profile index c6c2d7e8a..577391c5d 100644 --- a/etc/catfish.profile +++ b/etc/catfish.profile | |||
@@ -24,6 +24,7 @@ include disable-passwdmgr.inc | |||
24 | whitelist /var/lib/mlocate | 24 | whitelist /var/lib/mlocate |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
27 | apparmor | ||
27 | caps.drop all | 28 | caps.drop all |
28 | net none | 29 | net none |
29 | no3d | 30 | no3d |
diff --git a/etc/lrzuntar.profile b/etc/lrzuntar.profile index 245d1c669..17215a5d7 100644 --- a/etc/lrzuntar.profile +++ b/etc/lrzuntar.profile | |||
@@ -7,6 +7,7 @@ include lrzuntar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | # added by included profile | 8 | # added by included profile |
9 | #include globals.local | 9 | #include globals.local |
10 | quiet | ||
10 | 11 | ||
11 | # Redirect | 12 | # Redirect |
12 | include cpio.profile | 13 | include cpio.profile |
diff --git a/etc/lzcat.profile b/etc/lzcat.profile index f7410b928..d9c72407f 100644 --- a/etc/lzcat.profile +++ b/etc/lzcat.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzcmp.profile b/etc/lzcmp.profile index f7410b928..d9c72407f 100644 --- a/etc/lzcmp.profile +++ b/etc/lzcmp.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzegrep.profile b/etc/lzegrep.profile index f7410b928..d9c72407f 100644 --- a/etc/lzegrep.profile +++ b/etc/lzegrep.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzfgrep.profile b/etc/lzfgrep.profile index f7410b928..d9c72407f 100644 --- a/etc/lzfgrep.profile +++ b/etc/lzfgrep.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzgrep.profile b/etc/lzgrep.profile index f7410b928..d9c72407f 100644 --- a/etc/lzgrep.profile +++ b/etc/lzgrep.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzip.profile b/etc/lzip.profile index f7410b928..d9c72407f 100644 --- a/etc/lzip.profile +++ b/etc/lzip.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzless.profile b/etc/lzless.profile index f7410b928..d9c72407f 100644 --- a/etc/lzless.profile +++ b/etc/lzless.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzma.profile b/etc/lzma.profile index f7410b928..d9c72407f 100644 --- a/etc/lzma.profile +++ b/etc/lzma.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzmainfo.profile b/etc/lzmainfo.profile index f7410b928..d9c72407f 100644 --- a/etc/lzmainfo.profile +++ b/etc/lzmainfo.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/lzmore.profile b/etc/lzmore.profile index f7410b928..d9c72407f 100644 --- a/etc/lzmore.profile +++ b/etc/lzmore.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/tuxguitar.profile b/etc/tuxguitar.profile index ae868a022..d2b13d9ee 100644 --- a/etc/tuxguitar.profile +++ b/etc/tuxguitar.profile | |||
@@ -15,6 +15,7 @@ include allow-java.inc | |||
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
18 | include disable-exec.inc | ||
18 | include disable-interpreters.inc | 19 | include disable-interpreters.inc |
19 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 21 | include disable-programs.inc |
@@ -22,6 +23,7 @@ include disable-xdg.inc | |||
22 | 23 | ||
23 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
24 | 25 | ||
26 | apparmor | ||
25 | caps.drop all | 27 | caps.drop all |
26 | netfilter | 28 | netfilter |
27 | no3d | 29 | no3d |
diff --git a/etc/unlzma.profile b/etc/unlzma.profile index f7410b928..d9c72407f 100644 --- a/etc/unlzma.profile +++ b/etc/unlzma.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/unxz.profile b/etc/unxz.profile index f7410b928..d9c72407f 100644 --- a/etc/unxz.profile +++ b/etc/unxz.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xfce4-dict.profile b/etc/xfce4-dict.profile index bc499bd30..a3e0c4633 100644 --- a/etc/xfce4-dict.profile +++ b/etc/xfce4-dict.profile | |||
@@ -15,6 +15,9 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | include whitelist-var-common.inc | ||
19 | |||
20 | apparmor | ||
18 | caps.drop all | 21 | caps.drop all |
19 | netfilter | 22 | netfilter |
20 | no3d | 23 | no3d |
diff --git a/etc/xfce4-notes.profile b/etc/xfce4-notes.profile index 4dad1bf7a..c3d0930ff 100644 --- a/etc/xfce4-notes.profile +++ b/etc/xfce4-notes.profile | |||
@@ -17,6 +17,9 @@ include disable-interpreters.inc | |||
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | 19 | ||
20 | include whitelist-var-common.inc | ||
21 | |||
22 | apparmor | ||
20 | caps.drop all | 23 | caps.drop all |
21 | netfilter | 24 | netfilter |
22 | no3d | 25 | no3d |
diff --git a/etc/xxd.profile b/etc/xxd.profile index 569f194d3..864e8ce9c 100644 --- a/etc/xxd.profile +++ b/etc/xxd.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile for xxd | 1 | # Firejail profile for xxd |
2 | # Description: Tool to make (or reverse) a hex dump | 2 | # Description: Tool to make (or reverse) a hex dump |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | # Persistent local customizations | 5 | # Persistent local customizations |
5 | include xxd.local | 6 | include xxd.local |
6 | # Persistent global definitions | 7 | # Persistent global definitions |
@@ -8,4 +9,4 @@ include xxd.local | |||
8 | #include globals.local | 9 | #include globals.local |
9 | 10 | ||
10 | # Redirect | 11 | # Redirect |
11 | include vim.profile | 12 | include cpio.profile |
diff --git a/etc/xz.profile b/etc/xz.profile index f7410b928..d9c72407f 100644 --- a/etc/xz.profile +++ b/etc/xz.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xzcat.profile b/etc/xzcat.profile index f7410b928..d9c72407f 100644 --- a/etc/xzcat.profile +++ b/etc/xzcat.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xzcmp.profile b/etc/xzcmp.profile index f7410b928..d9c72407f 100644 --- a/etc/xzcmp.profile +++ b/etc/xzcmp.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xzdiff.profile b/etc/xzdiff.profile index f7410b928..d9c72407f 100644 --- a/etc/xzdiff.profile +++ b/etc/xzdiff.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xzegrep.profile b/etc/xzegrep.profile index f7410b928..d9c72407f 100644 --- a/etc/xzegrep.profile +++ b/etc/xzegrep.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xzfgrep.profile b/etc/xzfgrep.profile index f7410b928..d9c72407f 100644 --- a/etc/xzfgrep.profile +++ b/etc/xzfgrep.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/xzmore.profile b/etc/xzmore.profile index f7410b928..d9c72407f 100644 --- a/etc/xzmore.profile +++ b/etc/xzmore.profile | |||
@@ -1,6 +1,7 @@ | |||
1 | # Firejail profile alias for cpio | 1 | # Firejail profile alias for cpio |
2 | # Description: Library and command line tools for XZ and LZMA compressed files | 2 | # Description: Library and command line tools for XZ and LZMA compressed files |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | quiet | ||
4 | 5 | ||
5 | # Redirect | 6 | # Redirect |
6 | include cpio.profile | 7 | include cpio.profile |
diff --git a/etc/zathura.profile b/etc/zathura.profile index 703c8edd4..9ca5fd862 100644 --- a/etc/zathura.profile +++ b/etc/zathura.profile | |||
@@ -25,6 +25,7 @@ whitelist /usr/share/zathura | |||
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
28 | apparmor | ||
28 | caps.drop all | 29 | caps.drop all |
29 | ipc-namespace | 30 | ipc-namespace |
30 | machine-id | 31 | machine-id |
@@ -47,7 +48,8 @@ private-bin zathura | |||
47 | private-cache | 48 | private-cache |
48 | private-dev | 49 | private-dev |
49 | private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id | 50 | private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id |
50 | private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,libarchive.so.*,libdjvulibre.so.*,libgirara-gtk*,libpoppler-glib.so.*,libspectre.so.*,zathura | 51 | # private-lib has problems on Debian 10 |
52 | #private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,libarchive.so.*,libdjvulibre.so.*,libgirara-gtk*,libpoppler-glib.so.*,libspectre.so.*,zathura | ||
51 | private-tmp | 53 | private-tmp |
52 | 54 | ||
53 | read-only ${HOME} | 55 | read-only ${HOME} |