diff options
26 files changed, 51 insertions, 51 deletions
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 59bd28f95..07fefec8c 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -589,7 +589,7 @@ blacklist ${HOME}/.local/share/agenda | |||
589 | blacklist ${HOME}/.local/share/apps/korganizer | 589 | blacklist ${HOME}/.local/share/apps/korganizer |
590 | blacklist ${HOME}/.local/share/aspyr-media | 590 | blacklist ${HOME}/.local/share/aspyr-media |
591 | blacklist ${HOME}/.local/share/autokey | 591 | blacklist ${HOME}/.local/share/autokey |
592 | blacklist ${HOME}/.local/share/authenticator-rs | 592 | blacklist ${HOME}/.local/share/authenticator-rs |
593 | blacklist ${HOME}/.local/share/backintime | 593 | blacklist ${HOME}/.local/share/backintime |
594 | blacklist ${HOME}/.local/share/baloo | 594 | blacklist ${HOME}/.local/share/baloo |
595 | blacklist ${HOME}/.local/share/barrier | 595 | blacklist ${HOME}/.local/share/barrier |
diff --git a/etc/profile-a-l/alacarte.profile b/etc/profile-a-l/alacarte.profile index 5fabf8283..8f7640ffe 100644 --- a/etc/profile-a-l/alacarte.profile +++ b/etc/profile-a-l/alacarte.profile | |||
@@ -11,7 +11,7 @@ include allow-python3.inc | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | 14 | include disable-exec.inc |
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
@@ -25,7 +25,7 @@ whitelist /usr/share/icons | |||
25 | whitelist /var/lib/app-info/icons | 25 | whitelist /var/lib/app-info/icons |
26 | whitelist /var/lib/flatpak/exports/share/applications | 26 | whitelist /var/lib/flatpak/exports/share/applications |
27 | whitelist /var/lib/flatpak/exports/share/icons | 27 | whitelist /var/lib/flatpak/exports/share/icons |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
31 | 31 | ||
diff --git a/etc/profile-a-l/authenticator-rs.profile b/etc/profile-a-l/authenticator-rs.profile index 1eb802d9b..fb12018f5 100644 --- a/etc/profile-a-l/authenticator-rs.profile +++ b/etc/profile-a-l/authenticator-rs.profile | |||
@@ -6,7 +6,7 @@ include authenticator-rs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/authenticator-rs | 9 | noblacklist ${HOME}/.local/share/authenticator-rs |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,12 +18,12 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/authenticator-rs | 20 | mkdir ${HOME}/.local/share/authenticator-rs |
21 | whitelist ${HOME}/.local/share/authenticator-rs | 21 | whitelist ${HOME}/.local/share/authenticator-rs |
22 | whitelist ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | whitelist /usr/share/uk.co.grumlimited.authenticator-rs | 23 | whitelist /usr/share/uk.co.grumlimited.authenticator-rs |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
29 | apparmor | 29 | apparmor |
diff --git a/etc/profile-a-l/balsa.profile b/etc/profile-a-l/balsa.profile index a401ac592..cda6b1aa0 100644 --- a/etc/profile-a-l/balsa.profile +++ b/etc/profile-a-l/balsa.profile | |||
@@ -58,7 +58,7 @@ shell none | |||
58 | tracelog | 58 | tracelog |
59 | 59 | ||
60 | # disable-mnt | 60 | # disable-mnt |
61 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg | 61 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg |
62 | # Add "ignore private-bin" for hyperlinks or have a look at the private-bins in firefox.profile and firefox-common.profile. | 62 | # Add "ignore private-bin" for hyperlinks or have a look at the private-bins in firefox.profile and firefox-common.profile. |
63 | private-bin balsa,balsa-ab | 63 | private-bin balsa,balsa-ab |
64 | private-cache | 64 | private-cache |
diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile index ab907eb0d..c3af29e15 100644 --- a/etc/profile-a-l/fractal.profile +++ b/etc/profile-a-l/fractal.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for fractal | 1 | # Firejail profile for fractal |
2 | # Description: Desktop client for Matrix | 2 | # Description: Desktop client for Matrix |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include fractal.local | 5 | include fractal.local |
@@ -21,7 +21,7 @@ mkdir ${HOME}/.cache/fractal | |||
21 | whitelist ${HOME}/.cache/fractal | 21 | whitelist ${HOME}/.cache/fractal |
22 | whitelist ${DOWNLOADS} | 22 | whitelist ${DOWNLOADS} |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-a-l/freetube.profile b/etc/profile-a-l/freetube.profile index 20a5d609e..e6aff533d 100644 --- a/etc/profile-a-l/freetube.profile +++ b/etc/profile-a-l/freetube.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/FreeTube | 9 | noblacklist ${HOME}/.config/FreeTube |
10 | 10 | ||
11 | include disable-shell.inc | 11 | include disable-shell.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.config/FreeTube | 13 | mkdir ${HOME}/.config/FreeTube |
14 | whitelist ${HOME}/.config/FreeTube | 14 | whitelist ${HOME}/.config/FreeTube |
diff --git a/etc/profile-a-l/homebank.profile b/etc/profile-a-l/homebank.profile index 8e600a2d7..da32de640 100644 --- a/etc/profile-a-l/homebank.profile +++ b/etc/profile-a-l/homebank.profile | |||
@@ -10,7 +10,7 @@ noblacklist ${HOME}/.config/homebank | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | 13 | include disable-exec.inc |
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
diff --git a/etc/profile-a-l/kazam.profile b/etc/profile-a-l/kazam.profile index 9899ff195..9c095e106 100644 --- a/etc/profile-a-l/kazam.profile +++ b/etc/profile-a-l/kazam.profile | |||
@@ -12,12 +12,12 @@ noblacklist ${PICTURES} | |||
12 | noblacklist ${VIDEOS} | 12 | noblacklist ${VIDEOS} |
13 | noblacklist ${HOME}/.config/kazam | 13 | noblacklist ${HOME}/.config/kazam |
14 | 14 | ||
15 | include allow-python2.inc | 15 | include allow-python2.inc |
16 | include allow-python3.inc | 16 | include allow-python3.inc |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
20 | include disable-exec.inc | 20 | include disable-exec.inc |
21 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
22 | include disable-programs.inc | 22 | include disable-programs.inc |
23 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
@@ -25,7 +25,7 @@ include disable-shell.inc | |||
25 | include disable-xdg.inc | 25 | include disable-xdg.inc |
26 | 26 | ||
27 | whitelist /usr/share/kazam | 27 | whitelist /usr/share/kazam |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
31 | 31 | ||
diff --git a/etc/profile-a-l/kube.profile b/etc/profile-a-l/kube.profile index cf3a69fd7..e0cfb9f24 100644 --- a/etc/profile-a-l/kube.profile +++ b/etc/profile-a-l/kube.profile | |||
@@ -63,7 +63,7 @@ shell none | |||
63 | tracelog | 63 | tracelog |
64 | 64 | ||
65 | # disable-mnt | 65 | # disable-mnt |
66 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg | 66 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg |
67 | # Add "ignore private-bin" for hyperlinks or have a look at the private-bins in firefox.profile and firefox-common.profile. | 67 | # Add "ignore private-bin" for hyperlinks or have a look at the private-bins in firefox.profile and firefox-common.profile. |
68 | private-bin kube,sink_synchronizer | 68 | private-bin kube,sink_synchronizer |
69 | private-cache | 69 | private-cache |
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index c70090a25..8a98209a2 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile | |||
@@ -11,7 +11,7 @@ include allow-python3.inc | |||
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
14 | include disable-exec.inc | 14 | include disable-exec.inc |
15 | include disable-interpreters.inc | 15 | include disable-interpreters.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
@@ -25,7 +25,7 @@ whitelist /usr/share/menulibre | |||
25 | whitelist /var/lib/app-info/icons | 25 | whitelist /var/lib/app-info/icons |
26 | whitelist /var/lib/flatpak/exports/share/applications | 26 | whitelist /var/lib/flatpak/exports/share/applications |
27 | whitelist /var/lib/flatpak/exports/share/icons | 27 | whitelist /var/lib/flatpak/exports/share/icons |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
31 | 31 | ||
diff --git a/etc/profile-m-z/minitube.profile b/etc/profile-m-z/minitube.profile index 39ecc7127..78ef5e398 100644 --- a/etc/profile-m-z/minitube.profile +++ b/etc/profile-m-z/minitube.profile | |||
@@ -19,7 +19,7 @@ include disable-exec.inc | |||
19 | include disable-interpreters.inc | 19 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-shell.inc | 22 | include disable-shell.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.cache/Flavio Tordini | 25 | mkdir ${HOME}/.cache/Flavio Tordini |
@@ -30,8 +30,8 @@ whitelist ${HOME}/.cache/Flavio Tordini | |||
30 | whitelist ${HOME}/.config/Flavio Tordini | 30 | whitelist ${HOME}/.config/Flavio Tordini |
31 | whitelist ${HOME}/.local/share/Flavio Tordini | 31 | whitelist ${HOME}/.local/share/Flavio Tordini |
32 | whitelist /usr/share/minitube | 32 | whitelist /usr/share/minitube |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | 37 | ||
diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile index 4a5f12aec..55c11be29 100644 --- a/etc/profile-m-z/mirage.profile +++ b/etc/profile-m-z/mirage.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for mirage | 1 | # Firejail profile for mirage |
2 | # Description: Desktop client for Matrix | 2 | # Description: Desktop client for Matrix |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include mirage.local | 5 | include mirage.local |
@@ -30,7 +30,7 @@ whitelist ${HOME}/.config/mirage | |||
30 | whitelist ${HOME}/.local/share/mirage | 30 | whitelist ${HOME}/.local/share/mirage |
31 | whitelist ${DOWNLOADS} | 31 | whitelist ${DOWNLOADS} |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
36 | 36 | ||
diff --git a/etc/profile-m-z/mtpaint.profile b/etc/profile-m-z/mtpaint.profile index cfd00e8ae..9f1f0f53d 100644 --- a/etc/profile-m-z/mtpaint.profile +++ b/etc/profile-m-z/mtpaint.profile | |||
@@ -10,14 +10,14 @@ noblacklist ${PICTURES} | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | 13 | include disable-exec.inc |
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/musictube.profile b/etc/profile-m-z/musictube.profile index 955df698d..dbfd12619 100644 --- a/etc/profile-m-z/musictube.profile +++ b/etc/profile-m-z/musictube.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for musictube | 1 | # Firejail profile for musictube |
2 | # Description: Stream music | 2 | # Description: Stream music |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include musictube.local | 5 | include musictube.local |
@@ -16,7 +16,7 @@ include disable-exec.inc | |||
16 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
17 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.cache/Flavio Tordini | 22 | mkdir ${HOME}/.cache/Flavio Tordini |
@@ -26,8 +26,8 @@ whitelist ${HOME}/.cache/Flavio Tordini | |||
26 | whitelist ${HOME}/.config/Flavio Tordini | 26 | whitelist ${HOME}/.config/Flavio Tordini |
27 | whitelist ${HOME}/.local/share/Flavio Tordini | 27 | whitelist ${HOME}/.local/share/Flavio Tordini |
28 | whitelist /usr/share/musictube | 28 | whitelist /usr/share/musictube |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
32 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
33 | 33 | ||
diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile index a7c091196..886403b9e 100644 --- a/etc/profile-m-z/nuclear.profile +++ b/etc/profile-m-z/nuclear.profile | |||
@@ -10,7 +10,7 @@ ignore dbus-user | |||
10 | 10 | ||
11 | noblacklist ${HOME}/.config/nuclear | 11 | noblacklist ${HOME}/.config/nuclear |
12 | 12 | ||
13 | include disable-shell.inc | 13 | include disable-shell.inc |
14 | 14 | ||
15 | mkdir ${HOME}/.config/nuclear | 15 | mkdir ${HOME}/.config/nuclear |
16 | whitelist ${HOME}/.config/nuclear | 16 | whitelist ${HOME}/.config/nuclear |
diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile index 3a235a677..f7cb8790b 100644 --- a/etc/profile-m-z/onboard.profile +++ b/etc/profile-m-z/onboard.profile | |||
@@ -13,7 +13,7 @@ include allow-python3.inc | |||
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
16 | include disable-exec.inc | 16 | include disable-exec.inc |
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
@@ -23,9 +23,9 @@ include disable-xdg.inc | |||
23 | mkdir ${HOME}/.config/onboard | 23 | mkdir ${HOME}/.config/onboard |
24 | whitelist ${HOME}/.config/onboard | 24 | whitelist ${HOME}/.config/onboard |
25 | whitelist /usr/share/onboard | 25 | whitelist /usr/share/onboard |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
31 | apparmor | 31 | apparmor |
diff --git a/etc/profile-m-z/otter-browser.profile b/etc/profile-m-z/otter-browser.profile index 652b6b7cb..aa26ddd4e 100644 --- a/etc/profile-m-z/otter-browser.profile +++ b/etc/profile-m-z/otter-browser.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for otter-browser | 1 | # Firejail profile for otter-browser |
2 | # Description: Lightweight web browser based on Qt5 | 2 | # Description: Lightweight web browser based on Qt5 |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include otter-browser.local | 5 | include otter-browser.local |
@@ -32,7 +32,7 @@ whitelist ${HOME}/.pki | |||
32 | whitelist ${HOME}/.local/share/pki | 32 | whitelist ${HOME}/.local/share/pki |
33 | whitelist /usr/share/otter-browser | 33 | whitelist /usr/share/otter-browser |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
36 | include whitelist-usr-share-common.inc | 36 | include whitelist-usr-share-common.inc |
37 | include whitelist-var-common.inc | 37 | include whitelist-var-common.inc |
38 | 38 | ||
@@ -54,6 +54,6 @@ private-bin bash,otter-browser,sh,which | |||
54 | private-cache | 54 | private-cache |
55 | ?BROWSER_DISABLE_U2F: private-dev | 55 | ?BROWSER_DISABLE_U2F: private-dev |
56 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 56 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-system none | 59 | dbus-system none |
diff --git a/etc/profile-m-z/photoflare.profile b/etc/profile-m-z/photoflare.profile index d9df3e3b3..9e6b4a87d 100644 --- a/etc/profile-m-z/photoflare.profile +++ b/etc/profile-m-z/photoflare.profile | |||
@@ -10,14 +10,14 @@ noblacklist ${PICTURES} | |||
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
13 | include disable-exec.inc | 13 | include disable-exec.inc |
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile index 2133c74d3..3041860b3 100644 --- a/etc/profile-m-z/quaternion.profile +++ b/etc/profile-m-z/quaternion.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for quaternion | 1 | # Firejail profile for quaternion |
2 | # Description: Desktop client for Matrix | 2 | # Description: Desktop client for Matrix |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include quaternion.local | 5 | include quaternion.local |
@@ -25,7 +25,7 @@ whitelist ${HOME}/.config/Quotient | |||
25 | whitelist ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | whitelist /usr/share/Quotient/quaternion | 26 | whitelist /usr/share/Quotient/quaternion |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
31 | 31 | ||
diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile index d7f94e144..66e917432 100644 --- a/etc/profile-m-z/spectral.profile +++ b/etc/profile-m-z/spectral.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | # Firejail profile for spectral | 1 | # Firejail profile for spectral |
2 | # Description: Desktop client for Matrix | 2 | # Description: Desktop client for Matrix |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include spectral.local | 5 | include spectral.local |
@@ -24,7 +24,7 @@ whitelist ${HOME}/.cache/ENCOM/Spectral | |||
24 | whitelist ${HOME}/.config/ENCOM | 24 | whitelist ${HOME}/.config/ENCOM |
25 | whitelist ${DOWNLOADS} | 25 | whitelist ${DOWNLOADS} |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index 78b12c2cb..d873a5672 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -34,7 +34,7 @@ nonewprivs | |||
34 | # noroot - see issue #1543 | 34 | # noroot - see issue #1543 |
35 | nosound | 35 | nosound |
36 | notv | 36 | notv |
37 | # nou2f - OpenSSH >= 8.2 supports U2F | 37 | # nou2f - OpenSSH >= 8.2 supports U2F |
38 | novideo | 38 | novideo |
39 | protocol unix,inet,inet6 | 39 | protocol unix,inet,inet6 |
40 | seccomp | 40 | seccomp |
diff --git a/etc/profile-m-z/strawberry.profile b/etc/profile-m-z/strawberry.profile index cd36c0d41..0801add28 100644 --- a/etc/profile-m-z/strawberry.profile +++ b/etc/profile-m-z/strawberry.profile | |||
@@ -21,7 +21,7 @@ include disable-xdg.inc | |||
21 | 21 | ||
22 | include whitelist-runuser-common.inc | 22 | include whitelist-runuser-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
26 | apparmor | 26 | apparmor |
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile index dcf7ee88b..2f573c872 100644 --- a/etc/profile-m-z/twitch.profile +++ b/etc/profile-m-z/twitch.profile | |||
@@ -12,7 +12,7 @@ ignore novideo | |||
12 | 12 | ||
13 | noblacklist ${HOME}/.config/Twitch | 13 | noblacklist ${HOME}/.config/Twitch |
14 | 14 | ||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/Twitch | 17 | mkdir ${HOME}/.config/Twitch |
18 | whitelist ${HOME}/.config/Twitch | 18 | whitelist ${HOME}/.config/Twitch |
diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile index 92890a3a8..ad7ceaee4 100644 --- a/etc/profile-m-z/youtube.profile +++ b/etc/profile-m-z/youtube.profile | |||
@@ -11,7 +11,7 @@ ignore nou2f | |||
11 | 11 | ||
12 | noblacklist ${HOME}/.config/Youtube | 12 | noblacklist ${HOME}/.config/Youtube |
13 | 13 | ||
14 | include disable-shell.inc | 14 | include disable-shell.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.config/Youtube | 16 | mkdir ${HOME}/.config/Youtube |
17 | whitelist ${HOME}/.config/Youtube | 17 | whitelist ${HOME}/.config/Youtube |
diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile index 10ff1616a..74b0e38b9 100644 --- a/etc/profile-m-z/youtubemusic-nativefier.profile +++ b/etc/profile-m-z/youtubemusic-nativefier.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/youtubemusic-nativefier-040164 | 9 | noblacklist ${HOME}/.config/youtubemusic-nativefier-040164 |
10 | 10 | ||
11 | include disable-shell.inc | 11 | include disable-shell.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.config/youtubemusic-nativefier-040164 | 13 | mkdir ${HOME}/.config/youtubemusic-nativefier-040164 |
14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 | 14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 |
diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile index 3f6dd9694..ab46fccc2 100644 --- a/etc/profile-m-z/ytmdesktop.profile +++ b/etc/profile-m-z/ytmdesktop.profile | |||
@@ -15,7 +15,7 @@ whitelist ${HOME}/.config/youtube-music-desktop-app | |||
15 | 15 | ||
16 | # private-bin env,ytmdesktop | 16 | # private-bin env,ytmdesktop |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
18 | # private-opt | 18 | # private-opt |
19 | 19 | ||
20 | # Redirect | 20 | # Redirect |
21 | include electron.profile | 21 | include electron.profile |