diff options
45 files changed, 93 insertions, 61 deletions
diff --git a/etc/profile-a-l/anki.profile b/etc/profile-a-l/anki.profile index 442b5a481..2d0bfcb6c 100644 --- a/etc/profile-a-l/anki.profile +++ b/etc/profile-a-l/anki.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin anki,python* | 49 | private-bin anki,python* |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc @tls-ca,@x11,Trolltech.conf | 52 | private-etc @tls-ca,@x11 |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-a-l/celluloid.profile b/etc/profile-a-l/celluloid.profile index f06ac3b01..7b0f7bdf0 100644 --- a/etc/profile-a-l/celluloid.profile +++ b/etc/profile-a-l/celluloid.profile | |||
@@ -52,7 +52,7 @@ tracelog | |||
52 | 52 | ||
53 | private-bin celluloid,env,gnome-mpv,python*,youtube-dl | 53 | private-bin celluloid,env,gnome-mpv,python*,youtube-dl |
54 | private-cache | 54 | private-cache |
55 | private-etc @tls-ca,@x11,libva.conf,pkcs11,selinux | 55 | private-etc @tls-ca,@x11,libva.conf,pkcs11 |
56 | private-dev | 56 | private-dev |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
diff --git a/etc/profile-a-l/chatterino.profile b/etc/profile-a-l/chatterino.profile index ed3153ec7..2df03b10b 100644 --- a/etc/profile-a-l/chatterino.profile +++ b/etc/profile-a-l/chatterino.profile | |||
@@ -70,7 +70,7 @@ private-bin chatterino,cvlc,env,ffmpeg,mpv,nvlc,pgrep,python*,qvlc,rvlc,streamli | |||
70 | # private-cache may cause issues with mpv (see #2838) | 70 | # private-cache may cause issues with mpv (see #2838) |
71 | private-cache | 71 | private-cache |
72 | private-dev | 72 | private-dev |
73 | private-etc @tls-ca,@x11,dbus-1,rpc,services,Trolltech.conf | 73 | private-etc @tls-ca,@x11,dbus-1,rpc,services |
74 | private-srv none | 74 | private-srv none |
75 | private-tmp | 75 | private-tmp |
76 | 76 | ||
diff --git a/etc/profile-a-l/dolphin-emu.profile b/etc/profile-a-l/dolphin-emu.profile index d4734bf22..9743ebfbd 100644 --- a/etc/profile-a-l/dolphin-emu.profile +++ b/etc/profile-a-l/dolphin-emu.profile | |||
@@ -54,7 +54,7 @@ private-bin bash,dolphin-emu,dolphin-emu-x11,sh | |||
54 | private-cache | 54 | private-cache |
55 | # Add the next line to your dolphin-emu.local if you do not need controller support. | 55 | # Add the next line to your dolphin-emu.local if you do not need controller support. |
56 | #private-dev | 56 | #private-dev |
57 | private-etc @tls-ca,@x11,bumblebee,gconf,glvnd,host.conf,mime.types,rpc,services,Trolltech.conf | 57 | private-etc @tls-ca,@x11,bumblebee,gconf,glvnd,host.conf,mime.types,rpc,services |
58 | private-opt none | 58 | private-opt none |
59 | private-tmp | 59 | private-tmp |
60 | 60 | ||
diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile index d989e850a..e57e94338 100644 --- a/etc/profile-a-l/email-common.profile +++ b/etc/profile-a-l/email-common.profile | |||
@@ -69,7 +69,7 @@ tracelog | |||
69 | # disable-mnt | 69 | # disable-mnt |
70 | private-cache | 70 | private-cache |
71 | private-dev | 71 | private-dev |
72 | private-etc @tls-ca,@x11,gnupg,groups,hosts.conf,mailname,selinux,timezone | 72 | private-etc @tls-ca,@x11,gnupg,groups,hosts.conf,mailname,timezone |
73 | private-tmp | 73 | private-tmp |
74 | # encrypting and signing email | 74 | # encrypting and signing email |
75 | writable-run-user | 75 | writable-run-user |
diff --git a/etc/profile-a-l/equalx.profile b/etc/profile-a-l/equalx.profile index fa6674f6e..8cbdccbb5 100644 --- a/etc/profile-a-l/equalx.profile +++ b/etc/profile-a-l/equalx.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin equalx,gs,pdflatex,pdftocairo | 53 | private-bin equalx,gs,pdflatex,pdftocairo |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc @x11,equalx,equalx.conf,latexmk.conf,papersize,texlive,Trolltech.conf | 56 | private-etc @x11,equalx,equalx.conf,latexmk.conf,papersize,texlive |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-a-l/falkon.profile b/etc/profile-a-l/falkon.profile index 0d260f429..d805766eb 100644 --- a/etc/profile-a-l/falkon.profile +++ b/etc/profile-a-l/falkon.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | # private-bin falkon | 47 | # private-bin falkon |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc @tls-ca,@x11,adobe,mailcap,mime.types,selinux | 50 | private-etc @tls-ca,@x11,adobe,mailcap,mime.types |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | # dbus-user filter | 53 | # dbus-user filter |
diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile index 24d8e4c2f..fe0bc8756 100644 --- a/etc/profile-a-l/fractal.profile +++ b/etc/profile-a-l/fractal.profile | |||
@@ -46,7 +46,7 @@ disable-mnt | |||
46 | private-bin fractal | 46 | private-bin fractal |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 49 | private-etc @tls-ca,@x11,host.conf,mime.types |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | dbus-user filter | 52 | dbus-user filter |
diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 1c023f369..f7b9230f4 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile | |||
@@ -51,7 +51,7 @@ private-bin context,gettext,ghostwriter,latex,mktexfmt,pandoc,pdflatex,pdfroff,p | |||
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed | 53 | # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed |
54 | private-etc @tls-ca,@x11,dbus-1,firejail,gconf,groups,host.conf,mime.types,rpc,services,texlive,Trolltech.conf | 54 | private-etc @tls-ca,@x11,dbus-1,firejail,gconf,groups,host.conf,mime.types,rpc,services,texlive |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user filter | 57 | dbus-user filter |
diff --git a/etc/profile-a-l/git-cola.profile b/etc/profile-a-l/git-cola.profile index 34203ad4a..49568ba23 100644 --- a/etc/profile-a-l/git-cola.profile +++ b/etc/profile-a-l/git-cola.profile | |||
@@ -69,7 +69,7 @@ tracelog | |||
69 | private-bin basename,bash,cola,envsubst,gettext,git,git-cola,git-dag,git-gui,gitk,gpg,gpg-agent,nano,ps,python*,sh,ssh,ssh-agent,tclsh,tr,wc,which,xed | 69 | private-bin basename,bash,cola,envsubst,gettext,git,git-cola,git-dag,git-gui,gitk,gpg,gpg-agent,nano,ps,python*,sh,ssh,ssh-agent,tclsh,tr,wc,which,xed |
70 | private-cache | 70 | private-cache |
71 | private-dev | 71 | private-dev |
72 | private-etc @tls-ca,@x11,gitconfig,host.conf,mime.types,selinux,ssh | 72 | private-etc @tls-ca,@x11,gitconfig,host.conf,mime.types,ssh |
73 | private-tmp | 73 | private-tmp |
74 | writable-run-user | 74 | writable-run-user |
75 | 75 | ||
diff --git a/etc/profile-a-l/gnome-music.profile b/etc/profile-a-l/gnome-music.profile index 087353d45..22d5f87ea 100644 --- a/etc/profile-a-l/gnome-music.profile +++ b/etc/profile-a-l/gnome-music.profile | |||
@@ -41,7 +41,7 @@ tracelog | |||
41 | # private-bin calls a file manager - whatever is installed! | 41 | # private-bin calls a file manager - whatever is installed! |
42 | #private-bin env,gio-launch-desktop,gnome-music,python*,yelp | 42 | #private-bin env,gio-launch-desktop,gnome-music,python*,yelp |
43 | private-dev | 43 | private-dev |
44 | private-etc @x11,selinux | 44 | private-etc @x11 |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | restrict-namespaces | 47 | restrict-namespaces |
diff --git a/etc/profile-a-l/homebank.profile b/etc/profile-a-l/homebank.profile index ffe65c762..ccbb66333 100644 --- a/etc/profile-a-l/homebank.profile +++ b/etc/profile-a-l/homebank.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin homebank | 49 | private-bin homebank |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc @tls-ca,@x11,mime.types,selinux | 52 | private-etc @tls-ca,@x11,mime.types |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-a-l/kazam.profile b/etc/profile-a-l/kazam.profile index 0ed2cf48a..70414eeea 100644 --- a/etc/profile-a-l/kazam.profile +++ b/etc/profile-a-l/kazam.profile | |||
@@ -48,7 +48,7 @@ disable-mnt | |||
48 | # private-bin kazam,python* | 48 | # private-bin kazam,python* |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc @x11,selinux | 51 | private-etc @x11 |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | dbus-system none | 54 | dbus-system none |
diff --git a/etc/profile-a-l/kube.profile b/etc/profile-a-l/kube.profile index 7204549e2..5183a9327 100644 --- a/etc/profile-a-l/kube.profile +++ b/etc/profile-a-l/kube.profile | |||
@@ -67,7 +67,7 @@ tracelog | |||
67 | private-bin kube,sink_synchronizer | 67 | private-bin kube,sink_synchronizer |
68 | private-cache | 68 | private-cache |
69 | private-dev | 69 | private-dev |
70 | private-etc @tls-ca,@x11,selinux | 70 | private-etc @tls-ca,@x11 |
71 | private-tmp | 71 | private-tmp |
72 | writable-run-user | 72 | writable-run-user |
73 | 73 | ||
diff --git a/etc/profile-m-z/man.profile b/etc/profile-m-z/man.profile index 6cb523727..cdf1d807f 100644 --- a/etc/profile-m-z/man.profile +++ b/etc/profile-m-z/man.profile | |||
@@ -56,7 +56,7 @@ disable-mnt | |||
56 | #private-bin apropos,bash,cat,catman,col,gpreconv,groff,grotty,gunzip,gzip,less,man,most,nroff,preconv,sed,sh,tbl,tr,troff,whatis,which,xtotroff,zcat,zsoelim | 56 | #private-bin apropos,bash,cat,catman,col,gpreconv,groff,grotty,gunzip,gzip,less,man,most,nroff,preconv,sed,sh,tbl,tr,troff,whatis,which,xtotroff,zcat,zsoelim |
57 | private-cache | 57 | private-cache |
58 | private-dev | 58 | private-dev |
59 | private-etc @x11,groff,man_db.conf,manpath.config,selinux,sysless | 59 | private-etc @x11,groff,man_db.conf,manpath.config,sysless |
60 | #private-tmp | 60 | #private-tmp |
61 | 61 | ||
62 | dbus-user none | 62 | dbus-user none |
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index a67ef9101..fcac70fb3 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile | |||
@@ -51,7 +51,7 @@ tracelog | |||
51 | disable-mnt | 51 | disable-mnt |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc @tls-ca,@x11,mime.types,selinux | 54 | private-etc @tls-ca,@x11,mime.types |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user none | 57 | dbus-user none |
diff --git a/etc/profile-m-z/minecraft-launcher.profile b/etc/profile-m-z/minecraft-launcher.profile index 86378527b..d82854bed 100644 --- a/etc/profile-m-z/minecraft-launcher.profile +++ b/etc/profile-m-z/minecraft-launcher.profile | |||
@@ -50,7 +50,7 @@ private-cache | |||
50 | private-dev | 50 | private-dev |
51 | # If multiplayer or realms break, add 'private-etc <your-own-java-folder-from-/etc>' | 51 | # If multiplayer or realms break, add 'private-etc <your-own-java-folder-from-/etc>' |
52 | # or 'ignore private-etc' to your minecraft-launcher.local. | 52 | # or 'ignore private-etc' to your minecraft-launcher.local. |
53 | private-etc @tls-ca,@x11,host.conf,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-14-openjdk,java-7-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk,mime.types,selinux,services,timezone | 53 | private-etc @tls-ca,@x11,host.conf,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-14-openjdk,java-7-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk,mime.types,services,timezone |
54 | private-opt minecraft-launcher | 54 | private-opt minecraft-launcher |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
diff --git a/etc/profile-m-z/minitube.profile b/etc/profile-m-z/minitube.profile index 20e956cff..9e72f9996 100644 --- a/etc/profile-m-z/minitube.profile +++ b/etc/profile-m-z/minitube.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin minitube | 53 | private-bin minitube |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 56 | private-etc @tls-ca,@x11,host.conf,mime.types |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile index 7c5b3aee4..665b32ecf 100644 --- a/etc/profile-m-z/mirage.profile +++ b/etc/profile-m-z/mirage.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin ldconfig,mirage | 53 | private-bin ldconfig,mirage |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 56 | private-etc @tls-ca,@x11,host.conf,mime.types |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-m-z/musictube.profile b/etc/profile-m-z/musictube.profile index 0da6a8c3d..3387ed5de 100644 --- a/etc/profile-m-z/musictube.profile +++ b/etc/profile-m-z/musictube.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin musictube | 49 | private-bin musictube |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 52 | private-etc @tls-ca,@x11,host.conf,mime.types |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index c96dca73a..288ffedf1 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile | |||
@@ -124,7 +124,7 @@ tracelog | |||
124 | # disable-mnt | 124 | # disable-mnt |
125 | private-cache | 125 | private-cache |
126 | private-dev | 126 | private-dev |
127 | private-etc @tls-ca,@x11,gai.conf,gnupg,gnutls,hosts.conf,mail,mailname,Mutt,Muttrc,Muttrc.d,nntpserver,terminfo | 127 | private-etc @tls-ca,@x11,Mutt,Muttrc,Muttrc.d,gai.conf,gnupg,gnutls,hosts.conf,mail,mailname,nntpserver,terminfo |
128 | private-tmp | 128 | private-tmp |
129 | writable-run-user | 129 | writable-run-user |
130 | writable-var | 130 | writable-var |
diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 244e01cc5..80e28a5e5 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile | |||
@@ -53,7 +53,7 @@ tracelog | |||
53 | disable-mnt | 53 | disable-mnt |
54 | private-bin neochat | 54 | private-bin neochat |
55 | private-dev | 55 | private-dev |
56 | private-etc @tls-ca,@x11,dbus-1,host.conf,mime.types,rpc,services,Trolltech.conf | 56 | private-etc @tls-ca,@x11,dbus-1,host.conf,mime.types,rpc,services |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user filter | 59 | dbus-user filter |
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index 4f311b155..5bd1e7cba 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile | |||
@@ -116,7 +116,7 @@ tracelog | |||
116 | # disable-mnt | 116 | # disable-mnt |
117 | private-cache | 117 | private-cache |
118 | private-dev | 118 | private-dev |
119 | private-etc @tls-ca,@x11,gnupg,hosts.conf,mail,mailname,Mutt,Muttrc,Muttrc.d,neomuttrc,neomuttrc.d,nntpserver | 119 | private-etc @tls-ca,@x11,Mutt,Muttrc,Muttrc.d,gnupg,hosts.conf,mail,mailname,neomuttrc,neomuttrc.d,nntpserver |
120 | private-tmp | 120 | private-tmp |
121 | writable-run-user | 121 | writable-run-user |
122 | writable-var | 122 | writable-var |
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile index 32a65f0c5..d4bad2f67 100644 --- a/etc/profile-m-z/nextcloud.profile +++ b/etc/profile-m-z/nextcloud.profile | |||
@@ -61,7 +61,7 @@ tracelog | |||
61 | disable-mnt | 61 | disable-mnt |
62 | private-bin nextcloud,nextcloud-desktop | 62 | private-bin nextcloud,nextcloud-desktop |
63 | private-cache | 63 | private-cache |
64 | private-etc @tls-ca,@x11,host.conf,Nextcloud,os-release,selinux | 64 | private-etc @tls-ca,@x11,Nextcloud,host.conf,os-release |
65 | private-dev | 65 | private-dev |
66 | private-tmp | 66 | private-tmp |
67 | 67 | ||
diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile index a0565c77d..cdd2ffc3f 100644 --- a/etc/profile-m-z/nheko.profile +++ b/etc/profile-m-z/nheko.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | private-bin nheko | 47 | private-bin nheko |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 50 | private-etc @tls-ca,@x11,host.conf,mime.types |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user filter | 53 | dbus-user filter |
diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile index 452cda5e5..6ab21af5b 100644 --- a/etc/profile-m-z/nuclear.profile +++ b/etc/profile-m-z/nuclear.profile | |||
@@ -18,7 +18,7 @@ whitelist ${HOME}/.config/nuclear | |||
18 | no3d | 18 | no3d |
19 | 19 | ||
20 | # private-bin nuclear | 20 | # private-bin nuclear |
21 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 21 | private-etc @tls-ca,@x11,host.conf,mime.types |
22 | private-opt nuclear | 22 | private-opt nuclear |
23 | 23 | ||
24 | # Redirect | 24 | # Redirect |
diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile index a142598b7..f8be5819b 100644 --- a/etc/profile-m-z/onboard.profile +++ b/etc/profile-m-z/onboard.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-cache | 49 | private-cache |
50 | private-bin onboard,python*,tput | 50 | private-bin onboard,python*,tput |
51 | private-dev | 51 | private-dev |
52 | private-etc @x11,dbus-1,mime.types,selinux | 52 | private-etc @x11,dbus-1,mime.types |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-system none | 55 | dbus-system none |
diff --git a/etc/profile-m-z/openarena.profile b/etc/profile-m-z/openarena.profile index 1600db144..46d0bb86b 100644 --- a/etc/profile-m-z/openarena.profile +++ b/etc/profile-m-z/openarena.profile | |||
@@ -42,7 +42,7 @@ disable-mnt | |||
42 | private-bin bash,cut,glxinfo,grep,head,openarena,openarena_ded,quake3,zenity | 42 | private-bin bash,cut,glxinfo,grep,head,openarena,openarena_ded,quake3,zenity |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc @games,@x11,selinux,udev | 45 | private-etc @games,@x11,udev |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile index 507d6d634..721b06117 100644 --- a/etc/profile-m-z/openmw.profile +++ b/etc/profile-m-z/openmw.profile | |||
@@ -52,7 +52,7 @@ tracelog | |||
52 | private-bin bsatool,esmtool,niftest,openmw,openmw-cs,openmw-essimporter,openmw-iniimporter,openmw-launcher,openmw-wizard | 52 | private-bin bsatool,esmtool,niftest,openmw,openmw-cs,openmw-essimporter,openmw-iniimporter,openmw-launcher,openmw-wizard |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc @x11,bumblebee,glvnd,mime.types,openmw,Trolltech.conf | 55 | private-etc @x11,bumblebee,glvnd,mime.types,openmw |
56 | private-opt none | 56 | private-opt none |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
diff --git a/etc/profile-m-z/otter-browser.profile b/etc/profile-m-z/otter-browser.profile index 420ceece3..a1c0462ba 100644 --- a/etc/profile-m-z/otter-browser.profile +++ b/etc/profile-m-z/otter-browser.profile | |||
@@ -52,7 +52,7 @@ disable-mnt | |||
52 | private-bin bash,otter-browser,sh,which | 52 | private-bin bash,otter-browser,sh,which |
53 | private-cache | 53 | private-cache |
54 | ?BROWSER_DISABLE_U2F: private-dev | 54 | ?BROWSER_DISABLE_U2F: private-dev |
55 | private-etc @tls-ca,@x11,mailcap,mime.types,selinux | 55 | private-etc @tls-ca,@x11,mailcap,mime.types |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-system none | 58 | dbus-system none |
diff --git a/etc/profile-m-z/psi.profile b/etc/profile-m-z/psi.profile index 9d9d6e6c5..a1a0606b9 100644 --- a/etc/profile-m-z/psi.profile +++ b/etc/profile-m-z/psi.profile | |||
@@ -70,7 +70,7 @@ disable-mnt | |||
70 | private-bin getopt,psi | 70 | private-bin getopt,psi |
71 | private-cache | 71 | private-cache |
72 | private-dev | 72 | private-dev |
73 | private-etc @tls-ca,@x11,selinux | 73 | private-etc @tls-ca,@x11 |
74 | private-tmp | 74 | private-tmp |
75 | 75 | ||
76 | dbus-user none | 76 | dbus-user none |
diff --git a/etc/profile-m-z/pybitmessage.profile b/etc/profile-m-z/pybitmessage.profile index e057ee565..0789450cb 100644 --- a/etc/profile-m-z/pybitmessage.profile +++ b/etc/profile-m-z/pybitmessage.profile | |||
@@ -40,7 +40,7 @@ seccomp | |||
40 | disable-mnt | 40 | disable-mnt |
41 | private-bin bash,env,ldconfig,pybitmessage,python*,sh,stat | 41 | private-bin bash,env,ldconfig,pybitmessage,python*,sh,stat |
42 | private-dev | 42 | private-dev |
43 | private-etc @tls-ca,@x11,PyBitmessage,PyBitmessage.conf,selinux,sni-qt.conf,system-fips,Trolltech.conf | 43 | private-etc @tls-ca,@x11,PyBitmessage,PyBitmessage.conf,sni-qt.conf,system-fips |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
46 | restrict-namespaces | 46 | restrict-namespaces |
diff --git a/etc/profile-m-z/qcomicbook.profile b/etc/profile-m-z/qcomicbook.profile index cb807c69e..19ef7a464 100644 --- a/etc/profile-m-z/qcomicbook.profile +++ b/etc/profile-m-z/qcomicbook.profile | |||
@@ -52,7 +52,7 @@ tracelog | |||
52 | private-bin 7z,7zr,qcomicbook,rar,sh,tar,unace,unrar,unzip | 52 | private-bin 7z,7zr,qcomicbook,rar,sh,tar,unace,unrar,unzip |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc @x11,mime.types,Trolltech.conf | 55 | private-etc @x11,mime.types |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-user none | 58 | dbus-user none |
diff --git a/etc/profile-m-z/qgis.profile b/etc/profile-m-z/qgis.profile index 9635c2e06..1f378e004 100644 --- a/etc/profile-m-z/qgis.profile +++ b/etc/profile-m-z/qgis.profile | |||
@@ -51,7 +51,7 @@ tracelog | |||
51 | disable-mnt | 51 | disable-mnt |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc @tls-ca,QGIS,QGIS.conf,Trolltech.conf | 54 | private-etc @tls-ca,@x11,QGIS,QGIS.conf |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user none | 57 | dbus-user none |
diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile index ddd4800d8..fbc003d65 100644 --- a/etc/profile-m-z/quaternion.profile +++ b/etc/profile-m-z/quaternion.profile | |||
@@ -46,7 +46,7 @@ disable-mnt | |||
46 | private-bin quaternion | 46 | private-bin quaternion |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 49 | private-etc @tls-ca,@x11,host.conf,mime.types |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | dbus-user none | 52 | dbus-user none |
diff --git a/etc/profile-m-z/smuxi-frontend-gnome.profile b/etc/profile-m-z/smuxi-frontend-gnome.profile index 566d72733..89342aad8 100644 --- a/etc/profile-m-z/smuxi-frontend-gnome.profile +++ b/etc/profile-m-z/smuxi-frontend-gnome.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | private-bin bash,mono,mono-sgen,sh,smuxi-frontend-gnome | 47 | private-bin bash,mono,mono-sgen,sh,smuxi-frontend-gnome |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc @tls-ca,@x11,mono,selinux | 50 | private-etc @tls-ca,@x11,mono |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user none | 53 | dbus-user none |
diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile index 492a5bbeb..41b1f6507 100644 --- a/etc/profile-m-z/spectral.profile +++ b/etc/profile-m-z/spectral.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-cache | 45 | private-cache |
46 | private-bin spectral | 46 | private-bin spectral |
47 | private-dev | 47 | private-dev |
48 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux | 48 | private-etc @tls-ca,@x11,host.conf,mime.types |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | dbus-user filter | 51 | dbus-user filter |
diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile index 8acc6f763..378c8a1b7 100644 --- a/etc/profile-m-z/trojita.profile +++ b/etc/profile-m-z/trojita.profile | |||
@@ -53,7 +53,7 @@ tracelog | |||
53 | private-bin trojita | 53 | private-bin trojita |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc @tls-ca,@x11,selinux | 56 | private-etc @tls-ca,@x11 |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user filter | 59 | dbus-user filter |
diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile index 1e759a760..1f548a92d 100644 --- a/etc/profile-m-z/twitch.profile +++ b/etc/profile-m-z/twitch.profile | |||
@@ -18,7 +18,7 @@ mkdir ${HOME}/.config/Twitch | |||
18 | whitelist ${HOME}/.config/Twitch | 18 | whitelist ${HOME}/.config/Twitch |
19 | 19 | ||
20 | private-bin electron,electron[0-9],electron[0-9][0-9],twitch | 20 | private-bin electron,electron[0-9],electron[0-9][0-9],twitch |
21 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux | 21 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types |
22 | private-opt Twitch | 22 | private-opt Twitch |
23 | 23 | ||
24 | # Redirect | 24 | # Redirect |
diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile index 5049b740e..9bb1991c2 100644 --- a/etc/profile-m-z/youtube.profile +++ b/etc/profile-m-z/youtube.profile | |||
@@ -17,7 +17,7 @@ mkdir ${HOME}/.config/Youtube | |||
17 | whitelist ${HOME}/.config/Youtube | 17 | whitelist ${HOME}/.config/Youtube |
18 | 18 | ||
19 | private-bin electron,electron[0-9],electron[0-9][0-9],youtube | 19 | private-bin electron,electron[0-9],electron[0-9][0-9],youtube |
20 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux | 20 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types |
21 | private-opt Youtube | 21 | private-opt Youtube |
22 | 22 | ||
23 | # Redirect | 23 | # Redirect |
diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile index 570399557..09a8a446f 100644 --- a/etc/profile-m-z/youtubemusic-nativefier.profile +++ b/etc/profile-m-z/youtubemusic-nativefier.profile | |||
@@ -14,7 +14,7 @@ mkdir ${HOME}/.config/youtubemusic-nativefier-040164 | |||
14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 | 14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 |
15 | 15 | ||
16 | private-bin electron,electron[0-9],electron[0-9][0-9],youtubemusic-nativefier | 16 | private-bin electron,electron[0-9],electron[0-9][0-9],youtubemusic-nativefier |
17 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux | 17 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types |
18 | private-opt youtubemusic-nativefier | 18 | private-opt youtubemusic-nativefier |
19 | 19 | ||
20 | # Redirect | 20 | # Redirect |
diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile index f74887185..43b624705 100644 --- a/etc/profile-m-z/ytmdesktop.profile +++ b/etc/profile-m-z/ytmdesktop.profile | |||
@@ -14,7 +14,7 @@ mkdir ${HOME}/.config/youtube-music-desktop-app | |||
14 | whitelist ${HOME}/.config/youtube-music-desktop-app | 14 | whitelist ${HOME}/.config/youtube-music-desktop-app |
15 | 15 | ||
16 | # private-bin env,ytmdesktop | 16 | # private-bin env,ytmdesktop |
17 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux | 17 | private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types |
18 | # private-opt | 18 | # private-opt |
19 | 19 | ||
20 | # Redirect | 20 | # Redirect |
diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile index 7505fb575..caf9eab63 100644 --- a/etc/profile-m-z/zeal.profile +++ b/etc/profile-m-z/zeal.profile | |||
@@ -60,7 +60,7 @@ disable-mnt | |||
60 | private-bin zeal | 60 | private-bin zeal |
61 | private-cache | 61 | private-cache |
62 | private-dev | 62 | private-dev |
63 | private-etc @tls-ca,@x11,host.conf,mime.types,rpc,services,Trolltech.conf | 63 | private-etc @tls-ca,@x11,host.conf,mime.types,rpc,services |
64 | private-tmp | 64 | private-tmp |
65 | 65 | ||
66 | dbus-user filter | 66 | dbus-user filter |
diff --git a/src/include/etc_groups.h b/src/include/etc_groups.h index e3f8bcc7e..fffc5f9b9 100644 --- a/src/include/etc_groups.h +++ b/src/include/etc_groups.h | |||
@@ -39,6 +39,7 @@ static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer | |||
39 | "login.defs", // firejail reading UID/GID MIN and MAX at startup | 39 | "login.defs", // firejail reading UID/GID MIN and MAX at startup |
40 | "nsswitch.conf", | 40 | "nsswitch.conf", |
41 | "passwd", | 41 | "passwd", |
42 | "selinux", | ||
42 | NULL | 43 | NULL |
43 | }; | 44 | }; |
44 | 45 | ||
@@ -89,6 +90,7 @@ static char *etc_group_x11[] = { | |||
89 | "kde5rc", | 90 | "kde5rc", |
90 | "nvidia", // 3D | 91 | "nvidia", // 3D |
91 | "pango", // text rendering/internationalization | 92 | "pango", // text rendering/internationalization |
93 | "Trolltech.conf", // old QT config file | ||
92 | "X11", | 94 | "X11", |
93 | "xdg", | 95 | "xdg", |
94 | NULL | 96 | NULL |
diff --git a/src/tools/cleanup_etc.c b/src/tools/cleanup_etc.c index 3b368b116..f57a1ddb1 100644 --- a/src/tools/cleanup_etc.c +++ b/src/tools/cleanup_etc.c | |||
@@ -38,6 +38,8 @@ static int arr_x11 = 0; | |||
38 | static int arr_games = 0; | 38 | static int arr_games = 0; |
39 | static char outbuf[256 * 1024]; | 39 | static char outbuf[256 * 1024]; |
40 | static char *outptr; | 40 | static char *outptr; |
41 | static int arg_replace = 0; | ||
42 | static int arg_debug = 0; | ||
41 | 43 | ||
42 | void outprintf(char* fmt, ...) { | 44 | void outprintf(char* fmt, ...) { |
43 | va_list args; | 45 | va_list args; |
@@ -78,6 +80,17 @@ static void arr_add(const char *fname) { | |||
78 | arr_cnt++; | 80 | arr_cnt++; |
79 | } | 81 | } |
80 | 82 | ||
83 | int arr_cmp(const void *p1, const void *p2) { | ||
84 | char **ptr1 = (char **) p1; | ||
85 | char **ptr2 = (char **) p2; | ||
86 | |||
87 | return strcmp(*ptr1, *ptr2); | ||
88 | } | ||
89 | |||
90 | static void arr_sort(void) { | ||
91 | qsort(&arr[0], arr_cnt, sizeof(char *), arr_cmp); | ||
92 | } | ||
93 | |||
81 | static void arr_clean(void) { | 94 | static void arr_clean(void) { |
82 | int i; | 95 | int i; |
83 | for (i = 0; i < arr_cnt; i++) { | 96 | for (i = 0; i < arr_cnt; i++) { |
@@ -119,7 +132,7 @@ static void process_file(const char *fname) { | |||
119 | 132 | ||
120 | FILE *fp = fopen(fname, "r"); | 133 | FILE *fp = fopen(fname, "r"); |
121 | if (!fp) { | 134 | if (!fp) { |
122 | fprintf(stderr, "Error: cannot open profile file\n"); | 135 | fprintf(stderr, "Error: cannot open %s file\n", fname); |
123 | exit(1); | 136 | exit(1); |
124 | } | 137 | } |
125 | 138 | ||
@@ -133,10 +146,11 @@ static void process_file(const char *fname) { | |||
133 | int print = 0; | 146 | int print = 0; |
134 | while (fgets(line, MAX_BUF, fp)) { | 147 | while (fgets(line, MAX_BUF, fp)) { |
135 | cnt++; | 148 | cnt++; |
136 | if (strncmp(line, "private-etc ", 12) != 0) { | 149 | if (strncmp(line, "private-etc", 11) != 0) { |
137 | outprintf("%s", line); | 150 | outprintf("%s", line); |
138 | continue; | 151 | continue; |
139 | } | 152 | } |
153 | |||
140 | strcpy(orig_line,line); | 154 | strcpy(orig_line,line); |
141 | char *ptr = strchr(line, '\n'); | 155 | char *ptr = strchr(line, '\n'); |
142 | if (ptr) | 156 | if (ptr) |
@@ -158,6 +172,8 @@ static void process_file(const char *fname) { | |||
158 | 172 | ||
159 | ptr = strtok(ptr, ","); | 173 | ptr = strtok(ptr, ","); |
160 | while (ptr) { | 174 | while (ptr) { |
175 | if (arg_debug) | ||
176 | printf("%s\n", ptr); | ||
161 | if (arr_check(ptr, &etc_list[0])); | 177 | if (arr_check(ptr, &etc_list[0])); |
162 | else if (arr_check(ptr, &etc_group_sound[0])); | 178 | else if (arr_check(ptr, &etc_group_sound[0])); |
163 | else if (arr_check(ptr, &etc_group_network[0])); | 179 | else if (arr_check(ptr, &etc_group_network[0])); |
@@ -179,34 +195,36 @@ static void process_file(const char *fname) { | |||
179 | ptr = strtok(NULL, ","); | 195 | ptr = strtok(NULL, ","); |
180 | } | 196 | } |
181 | 197 | ||
198 | arr_sort(); | ||
182 | char *last_line = arr_print(); | 199 | char *last_line = arr_print(); |
183 | if (strcmp(last_line, orig_line) == 0) { | 200 | if (strcmp(last_line, orig_line) == 0) { |
184 | fclose(fp); | 201 | fclose(fp); |
185 | return; | 202 | return; |
186 | } | 203 | } |
187 | printf("\n********************\n%s\n\n%s\n%s\n", fname, orig_line, last_line); | 204 | printf("\n********************\nfile: %s\n\nold: %s\nnew: %s\n", fname, orig_line, last_line); |
188 | print = 1; | 205 | print = 1; |
189 | } | 206 | } |
190 | 207 | ||
191 | fclose(fp); | 208 | fclose(fp); |
192 | 209 | ||
193 | if (print) { | 210 | if (print && arg_replace) { |
194 | // printf("Replace? (Y/N): ", fname); | 211 | fp = fopen(fname, "w"); |
195 | // fgets(line, MAX_BUF, stdin); | 212 | if (!fp) { |
196 | // if (*line == 'y' || *line == 'Y') { | 213 | fprintf(stderr, "Error: cannot open profile file\n"); |
197 | fp = fopen(fname, "w"); | 214 | exit(1); |
198 | if (!fp) { | 215 | } |
199 | fprintf(stderr, "Error: cannot open profile file\n"); | 216 | fprintf(fp, "%s", outbuf); |
200 | exit(1); | 217 | fclose(fp); |
201 | } | ||
202 | fprintf(fp, "%s", outbuf); | ||
203 | fclose(fp); | ||
204 | // } | ||
205 | } | 218 | } |
206 | } | 219 | } |
207 | 220 | ||
208 | static void usage(void) { | 221 | static void usage(void) { |
209 | printf("usage: cleanup-etc file.profile\n"); | 222 | printf("usage: cleanup-etc [options] file.profile [file.profile]\n"); |
223 | printf("Group and clean private-etc entries in one or more profile files.\n"); | ||
224 | printf("Options:\n"); | ||
225 | printf(" --debug - print debug messages\n"); | ||
226 | printf(" --help - this help screen\n"); | ||
227 | printf(" --replace - replace profile file\n"); | ||
210 | } | 228 | } |
211 | 229 | ||
212 | int main(int argc, char **argv) { | 230 | int main(int argc, char **argv) { |
@@ -218,13 +236,25 @@ int main(int argc, char **argv) { | |||
218 | 236 | ||
219 | int i; | 237 | int i; |
220 | for (i = 1; i < argc; i++) { | 238 | for (i = 1; i < argc; i++) { |
221 | if (strcmp(argv[i], "-h") == 0) { | 239 | if (strcmp(argv[i], "-h") == 0 || |
240 | strcmp(argv[i], "-?") == 0 || | ||
241 | strcmp(argv[i], "--help") == 0) { | ||
222 | usage(); | 242 | usage(); |
223 | return 0; | 243 | return 0; |
224 | } | 244 | } |
245 | else if (strcmp(argv[i], "--debug") == 0) | ||
246 | arg_debug = 1; | ||
247 | else if (strcmp(argv[i], "--replace") == 0) | ||
248 | arg_replace = 1; | ||
249 | else if (*argv[i] == '-') { | ||
250 | fprintf(stderr, "Error: invalid program option %s\n", argv[i]); | ||
251 | return 1; | ||
252 | } | ||
253 | else | ||
254 | break; | ||
225 | } | 255 | } |
226 | 256 | ||
227 | for (i = 1; i < argc; i++) | 257 | for (; i < argc; i++) |
228 | process_file(argv[i]); | 258 | process_file(argv[i]); |
229 | 259 | ||
230 | return 0; | 260 | return 0; |