aboutsummaryrefslogtreecommitdiffstats
path: root/etc/disable-common.inc
diff options
context:
space:
mode:
Diffstat (limited to 'etc/disable-common.inc')
-rw-r--r--etc/disable-common.inc270
1 files changed, 135 insertions, 135 deletions
diff --git a/etc/disable-common.inc b/etc/disable-common.inc
index f23a03876..103399f7d 100644
--- a/etc/disable-common.inc
+++ b/etc/disable-common.inc
@@ -3,102 +3,102 @@
3include /etc/firejail/disable-common.local 3include /etc/firejail/disable-common.local
4 4
5# History files in $HOME 5# History files in $HOME
6blacklist-nolog ${HOME}/.history
7blacklist-nolog ${HOME}/.*_history 6blacklist-nolog ${HOME}/.*_history
7blacklist-nolog ${HOME}/.adobe
8blacklist-nolog ${HOME}/.bash_history 8blacklist-nolog ${HOME}/.bash_history
9blacklist-nolog ${HOME}/.history
9blacklist-nolog ${HOME}/.local/share/fish/fish_history 10blacklist-nolog ${HOME}/.local/share/fish/fish_history
10blacklist-nolog ${HOME}/.adobe
11blacklist-nolog ${HOME}/.macromedia 11blacklist-nolog ${HOME}/.macromedia
12 12
13# X11 session autostart 13# X11 session autostart
14blacklist ${HOME}/.xinitrc 14# blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs
15blacklist ${HOME}/.xserverrc
16blacklist /etc/X11/Xsession.d
17blacklist ${HOME}/.Xsession 15blacklist ${HOME}/.Xsession
18blacklist ${HOME}/.xsession
19blacklist ${HOME}/.xsessionrc
20blacklist ${HOME}/.xprofile
21blacklist ${HOME}/.gnomerc
22blacklist /etc/xdg/autostart
23blacklist ${HOME}/.config/autostart 16blacklist ${HOME}/.config/autostart
24blacklist ${HOME}/.local/share/autostart
25blacklist ${HOME}/.kde4/share/config/startupconfig
26blacklist ${HOME}/.kde4/env
27blacklist ${HOME}/.kde4/Autostart
28blacklist ${HOME}/.kde4/share/autostart
29blacklist ${HOME}/.kde4/shutdown
30blacklist ${HOME}/.kde/share/config/startupconfig
31blacklist ${HOME}/.kde/env
32blacklist ${HOME}/.kde/Autostart
33blacklist ${HOME}/.kde/share/autostart
34blacklist ${HOME}/.kde/shutdown
35blacklist ${HOME}/.config/startupconfig
36blacklist ${HOME}/.config/autostart-scripts 17blacklist ${HOME}/.config/autostart-scripts
37blacklist ${HOME}/.config/plasma-workspace/env
38blacklist ${HOME}/.config/plasma-workspace/shutdown
39blacklist ${HOME}/.config/lxsession/LXDE/autostart 18blacklist ${HOME}/.config/lxsession/LXDE/autostart
40blacklist ${HOME}/.config/openbox/autostart 19blacklist ${HOME}/.config/openbox/autostart
41blacklist ${HOME}/.config/openbox/environment 20blacklist ${HOME}/.config/openbox/environment
21blacklist ${HOME}/.config/plasma-workspace/env
22blacklist ${HOME}/.config/plasma-workspace/shutdown
23blacklist ${HOME}/.config/startupconfig
42blacklist ${HOME}/.fluxbox/startup 24blacklist ${HOME}/.fluxbox/startup
43# blacklist ${HOME}/.xpra - this will kill --x11=xpra cmdline option for all programs 25blacklist ${HOME}/.gnomerc
26blacklist ${HOME}/.kde/Autostart
27blacklist ${HOME}/.kde/env
28blacklist ${HOME}/.kde/share/autostart
29blacklist ${HOME}/.kde/share/config/startupconfig
30blacklist ${HOME}/.kde/shutdown
31blacklist ${HOME}/.kde4/env
32blacklist ${HOME}/.kde4/Autostart
33blacklist ${HOME}/.kde4/share/autostart
34blacklist ${HOME}/.kde4/shutdown
35blacklist ${HOME}/.kde4/share/config/startupconfig
36blacklist ${HOME}/.local/share/autostart
37blacklist ${HOME}/.xinitrc
38blacklist ${HOME}/.xprofile
39blacklist ${HOME}/.xserverrc
40blacklist ${HOME}/.xsession
41blacklist ${HOME}/.xsessionrc
42blacklist /etc/X11/Xsession.d
43blacklist /etc/xdg/autostart
44 44
45# KDE config 45# KDE config
46blacklist ${HOME}/.kde4/share/apps/konsole 46blacklist ${HOME}/.config/*.notifyrc
47blacklist ${HOME}/.kde4/share/apps/kwin 47blacklist ${HOME}/.config/khotkeysrc
48blacklist ${HOME}/.kde4/share/apps/plasma 48blacklist ${HOME}/.config/krunnerrc
49blacklist ${HOME}/.kde4/share/apps/solid 49blacklist ${HOME}/.config/plasma-org.kde.plasma.desktop-appletsrc
50blacklist ${HOME}/.kde4/share/config/*.notifyrc
51read-only ${HOME}/.kde4/share/config/kdeglobals
52blacklist ${HOME}/.kde4/share/config/khotkeysrc
53blacklist ${HOME}/.kde4/share/config/krunnerrc
54blacklist ${HOME}/.kde4/share/config/plasma-desktop-appletsrc
55read-only ${HOME}/.kde4/share/kde4/services
56blacklist ${HOME}/.kde/share/apps/konsole 50blacklist ${HOME}/.kde/share/apps/konsole
57blacklist ${HOME}/.kde/share/apps/kwin 51blacklist ${HOME}/.kde/share/apps/kwin
58blacklist ${HOME}/.kde/share/apps/plasma 52blacklist ${HOME}/.kde/share/apps/plasma
59blacklist ${HOME}/.kde/share/apps/solid 53blacklist ${HOME}/.kde/share/apps/solid
60blacklist ${HOME}/.kde/share/config/*.notifyrc 54blacklist ${HOME}/.kde/share/config/*.notifyrc
61read-only ${HOME}/.kde/share/config/kdeglobals
62blacklist ${HOME}/.kde/share/config/khotkeysrc 55blacklist ${HOME}/.kde/share/config/khotkeysrc
63blacklist ${HOME}/.kde/share/config/krunnerrc 56blacklist ${HOME}/.kde/share/config/krunnerrc
64blacklist ${HOME}/.kde/share/config/plasma-desktop-appletsrc 57blacklist ${HOME}/.kde/share/config/plasma-desktop-appletsrc
65read-only ${HOME}/.kde/share/kde4/services 58blacklist ${HOME}/.kde4/share/apps/plasma
66blacklist ${HOME}/.config/*.notifyrc 59blacklist ${HOME}/.kde4/share/apps/konsole
67read-only ${HOME}/.config/kdeglobals 60blacklist ${HOME}/.kde4/share/apps/kwin
68blacklist ${HOME}/.config/khotkeysrc 61blacklist ${HOME}/.kde4/share/config/krunnerrc
69blacklist ${HOME}/.config/krunnerrc 62blacklist ${HOME}/.kde4/share/config/plasma-desktop-appletsrc
70blacklist ${HOME}/.config/plasma-org.kde.plasma.desktop-appletsrc 63blacklist ${HOME}/.kde4/share/config/khotkeysrc
64blacklist ${HOME}/.kde4/share/apps/solid
65blacklist ${HOME}/.kde4/share/config/*.notifyrc
71blacklist ${HOME}/.local/share/kglobalaccel 66blacklist ${HOME}/.local/share/kglobalaccel
72blacklist ${HOME}/.local/share/konsole 67blacklist ${HOME}/.local/share/konsole
73read-only ${HOME}/.local/share/kservices5
74blacklist ${HOME}/.local/share/kwin 68blacklist ${HOME}/.local/share/kwin
75blacklist ${HOME}/.local/share/plasma 69blacklist ${HOME}/.local/share/plasma
76blacklist ${HOME}/.local/share/solid 70blacklist ${HOME}/.local/share/solid
71read-only ${HOME}/.config/kdeglobals
72read-only ${HOME}/.kde/share/config/kdeglobals
73read-only ${HOME}/.kde/share/kde4/services
74read-only ${HOME}/.kde4/share/kde4/services
75read-only ${HOME}/.kde4/share/config/kdeglobals
76read-only ${HOME}/.local/share/kservices5
77 77
78# systemd 78# systemd
79blacklist ${HOME}/.local/share/systemd
80blacklist ${HOME}/.config/systemd 79blacklist ${HOME}/.config/systemd
80blacklist ${HOME}/.local/share/systemd
81 81
82# VirtualBox 82# VirtualBox
83blacklist ${HOME}/.VirtualBox 83blacklist ${HOME}/.VirtualBox
84blacklist ${HOME}/VirtualBox VMs
85blacklist ${HOME}/.config/VirtualBox 84blacklist ${HOME}/.config/VirtualBox
85blacklist ${HOME}/VirtualBox VMs
86 86
87# VeraCrypt 87# VeraCrypt
88blacklist ${HOME}/.VeraCrypt
88blacklist ${PATH}/veracrypt 89blacklist ${PATH}/veracrypt
89blacklist ${PATH}/veracrypt-uninstall.sh 90blacklist ${PATH}/veracrypt-uninstall.sh
90blacklist /usr/share/veracrypt
91blacklist /usr/share/applications/veracrypt.* 91blacklist /usr/share/applications/veracrypt.*
92blacklist /usr/share/pixmaps/veracrypt.* 92blacklist /usr/share/pixmaps/veracrypt.*
93blacklist ${HOME}/.VeraCrypt 93blacklist /usr/share/veracrypt
94 94
95# TrueCrypt 95# TrueCrypt
96blacklist ${HOME}/.TrueCrypt
96blacklist ${PATH}/truecrypt 97blacklist ${PATH}/truecrypt
97blacklist ${PATH}/truecrypt-uninstall.sh 98blacklist ${PATH}/truecrypt-uninstall.sh
98blacklist /usr/share/truecrypt
99blacklist /usr/share/applications/truecrypt.* 99blacklist /usr/share/applications/truecrypt.*
100blacklist /usr/share/pixmaps/truecrypt.* 100blacklist /usr/share/pixmaps/truecrypt.*
101blacklist ${HOME}/.TrueCrypt 101blacklist /usr/share/truecrypt
102 102
103# zuluCrypt 103# zuluCrypt
104blacklist ${HOME}/.zuluCrypt 104blacklist ${HOME}/.zuluCrypt
@@ -107,162 +107,162 @@ blacklist ${PATH}/zuluCrypt-cli
107blacklist ${PATH}/zuluMount-cli 107blacklist ${PATH}/zuluMount-cli
108 108
109# var 109# var
110blacklist /var/spool/cron 110blacklist /var/lib/mysql/mysql.sock
111blacklist /var/spool/anacron 111blacklist /var/lib/mysqld/mysql.sock
112blacklist /var/mail 112blacklist /var/mail
113blacklist /var/run/acpid.socket 113blacklist /var/run/acpid.socket
114blacklist /var/run/docker.sock
114blacklist /var/run/minissdpd.sock 115blacklist /var/run/minissdpd.sock
115blacklist /var/run/rpcbind.sock
116blacklist /var/run/mysqld/mysqld.sock
117blacklist /var/run/mysql/mysqld.sock 116blacklist /var/run/mysql/mysqld.sock
118blacklist /var/lib/mysqld/mysql.sock 117blacklist /var/run/mysqld/mysqld.sock
119blacklist /var/lib/mysql/mysql.sock 118blacklist /var/run/rpcbind.sock
120blacklist /var/run/docker.sock 119blacklist /var/spool/anacron
120blacklist /var/spool/cron
121 121
122# etc 122# etc
123blacklist /etc/anacrontab
123blacklist /etc/cron* 124blacklist /etc/cron*
124blacklist /etc/profile.d 125blacklist /etc/profile.d
125blacklist /etc/rc.local 126blacklist /etc/rc.local
126blacklist /etc/anacrontab
127 127
128# Startup files 128# Startup files
129read-only ${HOME}/.antigen 129read-only ${HOME}/.antigen
130read-only ${HOME}/.bash_login
131read-only ${HOME}/.bashrc
132read-only ${HOME}/.bash_aliases 130read-only ${HOME}/.bash_aliases
133read-only ${HOME}/.bash_profile 131read-only ${HOME}/.bash_login
134read-only ${HOME}/.bash_logout 132read-only ${HOME}/.bash_logout
135read-only ${HOME}/.zsh.d 133read-only ${HOME}/.bash_profile
136read-only ${HOME}/.zshenv 134read-only ${HOME}/.bashrc
137read-only ${HOME}/.zshrc
138read-only ${HOME}/.zshrc.local
139read-only ${HOME}/.zlogin
140read-only ${HOME}/.zprofile
141read-only ${HOME}/.zlogout
142read-only ${HOME}/.zsh_files
143read-only ${HOME}/.tcshrc
144read-only ${HOME}/.cshrc
145read-only ${HOME}/.csh_files
146read-only ${HOME}/.config/fish 135read-only ${HOME}/.config/fish
147read-only ${HOME}/.local/share/fish 136read-only ${HOME}/.csh_files
148read-only ${HOME}/.profile 137read-only ${HOME}/.cshrc
149read-only ${HOME}/.forward 138read-only ${HOME}/.forward
139read-only ${HOME}/.local/share/fish
150read-only ${HOME}/.login 140read-only ${HOME}/.login
151read-only ${HOME}/.logout 141read-only ${HOME}/.logout
142read-only ${HOME}/.pam_environment
152read-only ${HOME}/.pgpkey 143read-only ${HOME}/.pgpkey
153read-only ${HOME}/.plan 144read-only ${HOME}/.plan
145read-only ${HOME}/.profile
154read-only ${HOME}/.project 146read-only ${HOME}/.project
155read-only ${HOME}/.pam_environment 147read-only ${HOME}/.tcshrc
148read-only ${HOME}/.zlogin
149read-only ${HOME}/.zlogout
150read-only ${HOME}/.zprofile
151read-only ${HOME}/.zsh.d
152read-only ${HOME}/.zsh_files
153read-only ${HOME}/.zshenv
154read-only ${HOME}/.zshrc
155read-only ${HOME}/.zshrc.local
156 156
157# Initialization files that allow arbitrary command execution 157# Initialization files that allow arbitrary command execution
158read-only ${HOME}/.caffrc 158read-only ${HOME}/.caffrc
159read-only ${HOME}/.dotfiles 159read-only ${HOME}/.dotfiles
160read-only ${HOME}/dotfiles
161read-only ${HOME}/.mailcap
162read-only ${HOME}/.muttrc
163read-only ${HOME}/.mutt/muttrc
164read-only ${HOME}/.msmtprc
165read-only ${HOME}/.exrc
166read-only ${HOME}/_exrc
167read-only ${HOME}/.vimrc
168read-only ${HOME}/_vimrc
169read-only ${HOME}/.gvimrc
170read-only ${HOME}/_gvimrc
171read-only ${HOME}/.vim
172read-only ${HOME}/.emacs 160read-only ${HOME}/.emacs
173read-only ${HOME}/.emacs.d 161read-only ${HOME}/.emacs.d
174read-only ${HOME}/.nano 162read-only ${HOME}/.exrc
175read-only ${HOME}/.tmux.conf 163read-only ${HOME}/.gvimrc
176read-only ${HOME}/.iscreenrc 164read-only ${HOME}/.iscreenrc
165read-only ${HOME}/.mailcap
166read-only ${HOME}/.msmtprc
167read-only ${HOME}/.mutt/muttrc
168read-only ${HOME}/.muttrc
169read-only ${HOME}/.nano
177read-only ${HOME}/.reportbugrc 170read-only ${HOME}/.reportbugrc
171read-only ${HOME}/.tmux.conf
172read-only ${HOME}/.vim
173read-only ${HOME}/.vimrc
178read-only ${HOME}/.xmonad 174read-only ${HOME}/.xmonad
179read-only ${HOME}/.xscreensaver 175read-only ${HOME}/.xscreensaver
176read-only ${HOME}/_exrc
177read-only ${HOME}/_gvimrc
178read-only ${HOME}/_vimrc
179read-only ${HOME}/dotfiles
180 180
181# Make directories commonly found in $PATH read-only 181# Make directories commonly found in $PATH read-only
182read-only ${HOME}/bin
183read-only ${HOME}/.gem 182read-only ${HOME}/.gem
184read-only ${HOME}/.luarocks 183read-only ${HOME}/.luarocks
185read-only ${HOME}/.npm-packages 184read-only ${HOME}/.npm-packages
185read-only ${HOME}/bin
186 186
187# The following block breaks trash functionality in file managers 187# The following block breaks trash functionality in file managers
188#noexec ${HOME}/.local/share
188#read-only ${HOME}/.local 189#read-only ${HOME}/.local
189#read-write ${HOME}/.local/share 190#read-write ${HOME}/.local/share
190#noexec ${HOME}/.local/share
191blacklist ${HOME}/.local/share/Trash 191blacklist ${HOME}/.local/share/Trash
192 192
193# Write-protection for desktop entries 193# Write-protection for desktop entries
194read-only ${HOME}/.local/share/applications 194read-only ${HOME}/.local/share/applications
195 195
196# top secret 196# top secret
197blacklist ${HOME}/.ecryptfs 197blacklist ${HOME}/*.kdb
198blacklist ${HOME}/*.kdbx
199blacklist ${HOME}/*.key
198blacklist ${HOME}/.Private 200blacklist ${HOME}/.Private
199blacklist ${HOME}/.ssh 201blacklist ${HOME}/.caff
200blacklist ${HOME}/.cert 202blacklist ${HOME}/.cert
203blacklist ${HOME}/.config/keybase
204blacklist ${HOME}/.ecryptfs
201blacklist ${HOME}/.gnome2/keyrings 205blacklist ${HOME}/.gnome2/keyrings
202blacklist ${HOME}/.local/share/keyrings 206blacklist ${HOME}/.gnupg
203blacklist ${HOME}/.kde4/share/apps/kwallet
204blacklist ${HOME}/.kde/share/apps/kwallet 207blacklist ${HOME}/.kde/share/apps/kwallet
208blacklist ${HOME}/.kde4/share/apps/kwallet
209blacklist ${HOME}/.local/share/keyrings
205blacklist ${HOME}/.local/share/kwalletd 210blacklist ${HOME}/.local/share/kwalletd
206blacklist ${HOME}/.config/keybase
207blacklist ${HOME}/.netrc
208blacklist ${HOME}/.gnupg
209blacklist ${HOME}/.caff
210blacklist ${HOME}/.smbcredentials
211blacklist ${HOME}/*.kdbx
212blacklist ${HOME}/*.kdb
213blacklist ${HOME}/*.key
214blacklist ${HOME}/.muttrc
215blacklist ${HOME}/.mutt/muttrc
216blacklist ${HOME}/.msmtprc 211blacklist ${HOME}/.msmtprc
212blacklist ${HOME}/.mutt/muttrc
213blacklist ${HOME}/.muttrc
214blacklist ${HOME}/.netrc
217blacklist ${HOME}/.pki 215blacklist ${HOME}/.pki
218blacklist /etc/shadow 216blacklist ${HOME}/.smbcredentials
219blacklist /etc/gshadow 217blacklist ${HOME}/.ssh
220blacklist /etc/passwd- 218blacklist /etc/group+
221blacklist /etc/group- 219blacklist /etc/group-
222blacklist /etc/shadow- 220blacklist /etc/gshadow
221blacklist /etc/gshadow+
223blacklist /etc/gshadow- 222blacklist /etc/gshadow-
224blacklist /etc/passwd+ 223blacklist /etc/passwd+
225blacklist /etc/group+ 224blacklist /etc/passwd-
225blacklist /etc/shadow
226blacklist /etc/shadow+ 226blacklist /etc/shadow+
227blacklist /etc/gshadow+ 227blacklist /etc/shadow-
228blacklist /etc/ssh 228blacklist /etc/ssh
229blacklist /var/backup
230blacklist /home/.ecryptfs 229blacklist /home/.ecryptfs
230blacklist /var/backup
231 231
232# system directories 232# system directories
233blacklist /sbin 233blacklist /sbin
234blacklist /usr/sbin
235blacklist /usr/local/sbin 234blacklist /usr/local/sbin
235blacklist /usr/sbin
236 236
237# system management 237# system management
238blacklist ${PATH}/umount
239blacklist ${PATH}/mount
240blacklist ${PATH}/fusermount
241blacklist ${PATH}/ntfs-3g
242blacklist ${PATH}/at 238blacklist ${PATH}/at
243blacklist ${PATH}/su 239blacklist ${PATH}/chage
244blacklist ${PATH}/sudo 240blacklist ${PATH}/chfn
245blacklist ${PATH}/xinput 241blacklist ${PATH}/chsh
242blacklist ${PATH}/crontab
246blacklist ${PATH}/evtest 243blacklist ${PATH}/evtest
247blacklist ${PATH}/xev 244blacklist ${PATH}/expiry
248blacklist ${PATH}/strace 245blacklist ${PATH}/fusermount
246blacklist ${PATH}/gpasswd
247blacklist ${PATH}/ksu
248blacklist ${PATH}/mount
249blacklist ${PATH}/mount.ecryptfs_private
249blacklist ${PATH}/nc 250blacklist ${PATH}/nc
250blacklist ${PATH}/ncat 251blacklist ${PATH}/ncat
251blacklist ${PATH}/gpasswd
252blacklist ${PATH}/newgidmap 252blacklist ${PATH}/newgidmap
253blacklist ${PATH}/newgrp 253blacklist ${PATH}/newgrp
254blacklist ${PATH}/newuidmap 254blacklist ${PATH}/newuidmap
255blacklist ${PATH}/ntfs-3g
255blacklist ${PATH}/pkexec 256blacklist ${PATH}/pkexec
257blacklist ${PATH}/procmail
256blacklist ${PATH}/sg 258blacklist ${PATH}/sg
257blacklist ${PATH}/crontab 259blacklist ${PATH}/strace
258blacklist ${PATH}/ksu 260blacklist ${PATH}/su
259blacklist ${PATH}/chsh 261blacklist ${PATH}/sudo
260blacklist ${PATH}/chfn 262blacklist ${PATH}/umount
261blacklist ${PATH}/chage
262blacklist ${PATH}/expiry
263blacklist ${PATH}/unix_chkpwd 263blacklist ${PATH}/unix_chkpwd
264blacklist ${PATH}/procmail 264blacklist ${PATH}/xev
265blacklist ${PATH}/mount.ecryptfs_private 265blacklist ${PATH}/xinput
266 266
267# other SUID binaries 267# other SUID binaries
268blacklist /usr/lib/virtualbox 268blacklist /usr/lib/virtualbox
@@ -276,11 +276,9 @@ blacklist /tmp/tmux-*
276# disable terminals running as server resulting in sandbox escape 276# disable terminals running as server resulting in sandbox escape
277blacklist ${PATH}/gnome-terminal 277blacklist ${PATH}/gnome-terminal
278blacklist ${PATH}/gnome-terminal.wrapper 278blacklist ${PATH}/gnome-terminal.wrapper
279blacklist ${PATH}/xfce4-terminal 279blacklist ${PATH}/lilyterm
280blacklist ${PATH}/xfce4-terminal.wrapper
281blacklist ${PATH}/mate-terminal 280blacklist ${PATH}/mate-terminal
282blacklist ${PATH}/mate-terminal.wrapper 281blacklist ${PATH}/mate-terminal.wrapper
283blacklist ${PATH}/lilyterm
284blacklist ${PATH}/pantheon-terminal 282blacklist ${PATH}/pantheon-terminal
285blacklist ${PATH}/roxterm 283blacklist ${PATH}/roxterm
286blacklist ${PATH}/roxterm-config 284blacklist ${PATH}/roxterm-config
@@ -288,12 +286,14 @@ blacklist ${PATH}/terminix
288blacklist ${PATH}/tilix 286blacklist ${PATH}/tilix
289blacklist ${PATH}/urxvtc 287blacklist ${PATH}/urxvtc
290blacklist ${PATH}/urxvtcd 288blacklist ${PATH}/urxvtcd
291# konsole doesn't seem to have this problem - last tested on Ubuntu 16.04 289blacklist ${PATH}/xfce4-terminal
290blacklist ${PATH}/xfce4-terminal.wrapper
292# blacklist ${PATH}/konsole 291# blacklist ${PATH}/konsole
292# konsole doesn't seem to have this problem - last tested on Ubuntu 16.04
293 293
294# kernel files 294# kernel files
295blacklist /vmlinuz*
296blacklist /initrd* 295blacklist /initrd*
296blacklist /vmlinuz*
297 297
298# complement noexec ${HOME} and noexec /tmp 298# complement noexec ${HOME} and noexec /tmp
299noexec ${HOME}/.config/pulse 299noexec ${HOME}/.config/pulse
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-01 09:02:55 +0000