diff options
-rw-r--r-- | .github/workflows/check-c.yml | 4 | ||||
-rw-r--r-- | .github/workflows/check-python.yml | 4 | ||||
-rw-r--r-- | etc/profile-m-z/mov-cli.profile | 9 |
3 files changed, 11 insertions, 6 deletions
diff --git a/.github/workflows/check-c.yml b/.github/workflows/check-c.yml index 349f92525..307b0c37c 100644 --- a/.github/workflows/check-c.yml +++ b/.github/workflows/check-c.yml | |||
@@ -161,7 +161,7 @@ jobs: | |||
161 | 161 | ||
162 | # Initializes the CodeQL tools for scanning. | 162 | # Initializes the CodeQL tools for scanning. |
163 | - name: Initialize CodeQL | 163 | - name: Initialize CodeQL |
164 | uses: github/codeql-action/init@1b1aada464948af03b950897e5eb522f92603cc2 | 164 | uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a |
165 | with: | 165 | with: |
166 | languages: cpp | 166 | languages: cpp |
167 | 167 | ||
@@ -172,4 +172,4 @@ jobs: | |||
172 | run: make -j "$(nproc)" | 172 | run: make -j "$(nproc)" |
173 | 173 | ||
174 | - name: Perform CodeQL Analysis | 174 | - name: Perform CodeQL Analysis |
175 | uses: github/codeql-action/analyze@1b1aada464948af03b950897e5eb522f92603cc2 | 175 | uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a |
diff --git a/.github/workflows/check-python.yml b/.github/workflows/check-python.yml index 507b975af..43d139c9f 100644 --- a/.github/workflows/check-python.yml +++ b/.github/workflows/check-python.yml | |||
@@ -51,9 +51,9 @@ jobs: | |||
51 | 51 | ||
52 | # Initializes the CodeQL tools for scanning. | 52 | # Initializes the CodeQL tools for scanning. |
53 | - name: Initialize CodeQL | 53 | - name: Initialize CodeQL |
54 | uses: github/codeql-action/init@1b1aada464948af03b950897e5eb522f92603cc2 | 54 | uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a |
55 | with: | 55 | with: |
56 | languages: python | 56 | languages: python |
57 | 57 | ||
58 | - name: Perform CodeQL Analysis | 58 | - name: Perform CodeQL Analysis |
59 | uses: github/codeql-action/analyze@1b1aada464948af03b950897e5eb522f92603cc2 | 59 | uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a |
diff --git a/etc/profile-m-z/mov-cli.profile b/etc/profile-m-z/mov-cli.profile index 1efd1e8f9..85f72f478 100644 --- a/etc/profile-m-z/mov-cli.profile +++ b/etc/profile-m-z/mov-cli.profile | |||
@@ -10,11 +10,16 @@ include mov-cli.local | |||
10 | 10 | ||
11 | noblacklist ${HOME}/.config/mov-cli | 11 | noblacklist ${HOME}/.config/mov-cli |
12 | 12 | ||
13 | # Allow /bin/sh (blacklisted by disable-shell.inc) | ||
14 | include allow-bin-sh.inc | ||
15 | |||
13 | include disable-proc.inc | 16 | include disable-proc.inc |
14 | include disable-xdg.inc | 17 | include disable-xdg.inc |
15 | 18 | ||
16 | mkdir ${HOME}/.config/mov-cli | 19 | mkdir ${HOME}/.config/mov-cli |
17 | whitelist ${HOME}/.config/mov-cli | 20 | whitelist ${HOME}/.config/mov-cli |
21 | whitelist ${DOWNLOADS} | ||
22 | whitelist /usr/share/nano | ||
18 | include whitelist-run-common.inc | 23 | include whitelist-run-common.inc |
19 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
20 | 25 | ||
@@ -24,9 +29,9 @@ noprinters | |||
24 | notv | 29 | notv |
25 | 30 | ||
26 | disable-mnt | 31 | disable-mnt |
27 | private-bin ffmpeg,fzf,mov-cli | 32 | private-bin fzf,mov-cli,nano,sh,uname |
28 | #private-cache | 33 | #private-cache |
29 | private-etc X11,alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,magic,magic.mgc,mime.types,nsswitch.conf,pango,passwd,pki,protocols,pulse,resolv.conf,rpc,services,ssl,xdg | 34 | private-etc X11,alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,magic,magic.mgc,mime.types,nanorc,nsswitch.conf,pango,passwd,pki,protocols,pulse,resolv.conf,rpc,services,ssl,xdg |
30 | private-tmp | 35 | private-tmp |
31 | 36 | ||
32 | # Redirect | 37 | # Redirect |