diff options
Diffstat (limited to 'etc/profile-a-l')
149 files changed, 149 insertions, 151 deletions
diff --git a/etc/profile-a-l/1password.profile b/etc/profile-a-l/1password.profile index bc8bfae0d..b340ad228 100644 --- a/etc/profile-a-l/1password.profile +++ b/etc/profile-a-l/1password.profile | |||
@@ -11,7 +11,7 @@ noblacklist ${HOME}/.config/1Password | |||
11 | mkdir ${HOME}/.config/1Password | 11 | mkdir ${HOME}/.config/1Password |
12 | whitelist ${HOME}/.config/1Password | 12 | whitelist ${HOME}/.config/1Password |
13 | 13 | ||
14 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 14 | private-etc @tls-ca |
15 | 15 | ||
16 | # Needed for keychain things, talking to Firefox, possibly other things? Not sure how to narrow down | 16 | # Needed for keychain things, talking to Firefox, possibly other things? Not sure how to narrow down |
17 | ignore dbus-user none | 17 | ignore dbus-user none |
diff --git a/etc/profile-a-l/abiword.profile b/etc/profile-a-l/abiword.profile index eb7a5254f..a0eed24ca 100644 --- a/etc/profile-a-l/abiword.profile +++ b/etc/profile-a-l/abiword.profile | |||
@@ -41,7 +41,7 @@ tracelog | |||
41 | private-bin abiword | 41 | private-bin abiword |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,fonts,gtk-3.0,ld.so.cache,ld.so.preload,passwd | 44 | private-etc @x11 |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | # dbus-user none | 47 | # dbus-user none |
diff --git a/etc/profile-a-l/agetpkg.profile b/etc/profile-a-l/agetpkg.profile index 96c56d85d..7a36302f1 100644 --- a/etc/profile-a-l/agetpkg.profile +++ b/etc/profile-a-l/agetpkg.profile | |||
@@ -49,7 +49,7 @@ tracelog | |||
49 | private-bin agetpkg,python3 | 49 | private-bin agetpkg,python3 |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl | 52 | private-etc @tls-ca |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-a-l/alacarte.profile b/etc/profile-a-l/alacarte.profile index 9612ffdd2..22a303cdd 100644 --- a/etc/profile-a-l/alacarte.profile +++ b/etc/profile-a-l/alacarte.profile | |||
@@ -52,7 +52,7 @@ disable-mnt | |||
52 | # private-bin alacarte,bash,python*,sh | 52 | # private-bin alacarte,bash,python*,sh |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,locale.alias,locale.conf,login.defs,mime.types,nsswitch.conf,passwd,pki,X11,xdg | 55 | private-etc @tls-ca,@x11,mime.types |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-user none | 58 | dbus-user none |
diff --git a/etc/profile-a-l/alienarena.profile b/etc/profile-a-l/alienarena.profile index 0f7407f05..9f9bd975a 100644 --- a/etc/profile-a-l/alienarena.profile +++ b/etc/profile-a-l/alienarena.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin alienarena | 43 | private-bin alienarena |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alsa,alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,drirc,fonts,glvnd,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,nsswitch.conf,nvidia,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11 | 46 | private-etc @tls-ca,@x11,bumblebee,glvnd,host.conf,rpc,services |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-a-l/alpine.profile b/etc/profile-a-l/alpine.profile index 4e994c025..5ccb9896f 100644 --- a/etc/profile-a-l/alpine.profile +++ b/etc/profile-a-l/alpine.profile | |||
@@ -90,7 +90,7 @@ disable-mnt | |||
90 | private-bin alpine | 90 | private-bin alpine |
91 | private-cache | 91 | private-cache |
92 | private-dev | 92 | private-dev |
93 | private-etc alternatives,c-client.cf,ca-certificates,crypto-policies,host.conf,hostname,hosts,krb5.keytab,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mailcap,mime.types,nsswitch.conf,passwd,pine.conf,pinerc.fixed,pki,protocols,resolv.conf,rpc,services,ssl,terminfo,xdg | 93 | private-etc @tls-ca,@x11,c-client.cf,host.conf,krb5.keytab,mailcap,mime.types,pine.conf,pinerc.fixed,rpc,services,terminfo |
94 | private-tmp | 94 | private-tmp |
95 | writable-run-user | 95 | writable-run-user |
96 | writable-var | 96 | writable-var |
diff --git a/etc/profile-a-l/anki.profile b/etc/profile-a-l/anki.profile index 466f60bda..442b5a481 100644 --- a/etc/profile-a-l/anki.profile +++ b/etc/profile-a-l/anki.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin anki,python* | 49 | private-bin anki,python* |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,ca-certificates,fonts,gtk-2.0,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,pki,resolv.conf,ssl,Trolltech.conf | 52 | private-etc @tls-ca,@x11,Trolltech.conf |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-a-l/apostrophe.profile b/etc/profile-a-l/apostrophe.profile index dab91fe7d..4ad6ac6bc 100644 --- a/etc/profile-a-l/apostrophe.profile +++ b/etc/profile-a-l/apostrophe.profile | |||
@@ -62,7 +62,7 @@ disable-mnt | |||
62 | private-bin apostrophe,fmtutil,kpsewhich,mktexfmt,pandoc,pdftex,perl,python3*,sh,xdvipdfmx,xelatex,xetex | 62 | private-bin apostrophe,fmtutil,kpsewhich,mktexfmt,pandoc,pdftex,perl,python3*,sh,xdvipdfmx,xelatex,xetex |
63 | private-cache | 63 | private-cache |
64 | private-dev | 64 | private-dev |
65 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,texlive,X11 | 65 | private-etc @x11,texlive |
66 | private-tmp | 66 | private-tmp |
67 | 67 | ||
68 | dbus-user filter | 68 | dbus-user filter |
diff --git a/etc/profile-a-l/aria2c.profile b/etc/profile-a-l/aria2c.profile index 17eb2451c..2e9e75737 100644 --- a/etc/profile-a-l/aria2c.profile +++ b/etc/profile-a-l/aria2c.profile | |||
@@ -45,7 +45,7 @@ private-bin aria2c,gzip | |||
45 | # Add 'private-cache' to your aria2c.local if you don't use Lutris/winetricks (see issue #2772). | 45 | # Add 'private-cache' to your aria2c.local if you don't use Lutris/winetricks (see issue #2772). |
46 | #private-cache | 46 | #private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,ca-certificates,crypto-policies,groups,ld.so.cache,ld.so.preload,login.defs,machine-id,nsswitch.conf,passwd,pki,resolv.conf,ssl | 48 | private-etc @tls-ca,groups |
49 | private-lib libreadline.so.* | 49 | private-lib libreadline.so.* |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-a-l/arm.profile b/etc/profile-a-l/arm.profile index ed0629c9b..1c2fbcccc 100644 --- a/etc/profile-a-l/arm.profile +++ b/etc/profile-a-l/arm.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | disable-mnt | 42 | disable-mnt |
43 | private-bin arm,bash,ldconfig,lsof,ps,python*,sh,tor | 43 | private-bin arm,bash,ldconfig,lsof,ps,python*,sh,tor |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,passwd,pki,resolv.conf,ssl,tor | 45 | private-etc @tls-ca,tor |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | restrict-namespaces | 48 | restrict-namespaces |
diff --git a/etc/profile-a-l/artha.profile b/etc/profile-a-l/artha.profile index b1347b0d9..897140857 100644 --- a/etc/profile-a-l/artha.profile +++ b/etc/profile-a-l/artha.profile | |||
@@ -54,7 +54,7 @@ disable-mnt | |||
54 | private-bin artha,enchant,notify-send | 54 | private-bin artha,enchant,notify-send |
55 | private-cache | 55 | private-cache |
56 | private-dev | 56 | private-dev |
57 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 57 | private-etc |
58 | private-lib libnotify.so.* | 58 | private-lib libnotify.so.* |
59 | private-tmp | 59 | private-tmp |
60 | 60 | ||
diff --git a/etc/profile-a-l/atool.profile b/etc/profile-a-l/atool.profile index b2bc17c67..672286087 100644 --- a/etc/profile-a-l/atool.profile +++ b/etc/profile-a-l/atool.profile | |||
@@ -13,7 +13,7 @@ include allow-perl.inc | |||
13 | noroot | 13 | noroot |
14 | 14 | ||
15 | # without login.defs atool complains and uses UID/GID 1000 by default | 15 | # without login.defs atool complains and uses UID/GID 1000 by default |
16 | private-etc alternatives,group,ld.so.cache,ld.so.preload,login.defs,passwd,resolv.conf | 16 | private-etc |
17 | private-tmp | 17 | private-tmp |
18 | 18 | ||
19 | # Redirect | 19 | # Redirect |
diff --git a/etc/profile-a-l/atril.profile b/etc/profile-a-l/atril.profile index f24aff108..d0513d2a7 100644 --- a/etc/profile-a-l/atril.profile +++ b/etc/profile-a-l/atril.profile | |||
@@ -41,7 +41,7 @@ tracelog | |||
41 | 41 | ||
42 | private-bin 7z,7za,7zr,atril,atril-previewer,atril-thumbnailer,sh,tar,unrar,unzip,zipnote | 42 | private-bin 7z,7za,7zr,atril,atril-previewer,atril-thumbnailer,sh,tar,unrar,unzip,zipnote |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 44 | private-etc |
45 | # atril uses webkit gtk to display epub files | 45 | # atril uses webkit gtk to display epub files |
46 | # waiting for globbing support in private-lib; for now hardcoding it to webkit2gtk-4.0 | 46 | # waiting for globbing support in private-lib; for now hardcoding it to webkit2gtk-4.0 |
47 | #private-lib webkit2gtk-4.0 - problems on Arch with the new version of WebKit | 47 | #private-lib webkit2gtk-4.0 - problems on Arch with the new version of WebKit |
diff --git a/etc/profile-a-l/audio-recorder.profile b/etc/profile-a-l/audio-recorder.profile index 74dba7411..deba11a47 100644 --- a/etc/profile-a-l/audio-recorder.profile +++ b/etc/profile-a-l/audio-recorder.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | disable-mnt | 43 | disable-mnt |
44 | # private-bin audio-recorder | 44 | # private-bin audio-recorder |
45 | private-cache | 45 | private-cache |
46 | private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload | 46 | private-etc |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user filter | 49 | dbus-user filter |
diff --git a/etc/profile-a-l/authenticator-rs.profile b/etc/profile-a-l/authenticator-rs.profile index 73a2e1806..215f22fd0 100644 --- a/etc/profile-a-l/authenticator-rs.profile +++ b/etc/profile-a-l/authenticator-rs.profile | |||
@@ -46,7 +46,7 @@ disable-mnt | |||
46 | private-bin authenticator-rs | 46 | private-bin authenticator-rs |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl,xdg | 49 | private-etc @tls-ca,@x11 |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | dbus-user filter | 52 | dbus-user filter |
diff --git a/etc/profile-a-l/authenticator.profile b/etc/profile-a-l/authenticator.profile index 02c1d8768..96c70a838 100644 --- a/etc/profile-a-l/authenticator.profile +++ b/etc/profile-a-l/authenticator.profile | |||
@@ -38,7 +38,7 @@ seccomp | |||
38 | disable-mnt | 38 | disable-mnt |
39 | # private-bin authenticator,python* | 39 | # private-bin authenticator,python* |
40 | private-dev | 40 | private-dev |
41 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl | 41 | private-etc @tls-ca |
42 | private-tmp | 42 | private-tmp |
43 | 43 | ||
44 | # makes settings immutable | 44 | # makes settings immutable |
diff --git a/etc/profile-a-l/ballbuster.profile b/etc/profile-a-l/ballbuster.profile index b60b5715c..9ca947106 100644 --- a/etc/profile-a-l/ballbuster.profile +++ b/etc/profile-a-l/ballbuster.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin ballbuster | 44 | private-bin ballbuster |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,pulse | 47 | private-etc |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-a-l/bibletime.profile b/etc/profile-a-l/bibletime.profile index 85a1a58c7..3fb2a82c3 100644 --- a/etc/profile-a-l/bibletime.profile +++ b/etc/profile-a-l/bibletime.profile | |||
@@ -51,7 +51,7 @@ disable-mnt | |||
51 | # private-bin bibletime | 51 | # private-bin bibletime |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,login.defs,machine-id,passwd,pki,resolv.conf,ssl,sword,sword.conf | 54 | private-etc @tls-ca,sword,sword.conf |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user none | 57 | dbus-user none |
diff --git a/etc/profile-a-l/bijiben.profile b/etc/profile-a-l/bijiben.profile index b6b52601e..53d212e34 100644 --- a/etc/profile-a-l/bijiben.profile +++ b/etc/profile-a-l/bijiben.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-bin bijiben | 50 | private-bin bijiben |
51 | # private-cache -- access to .cache/tracker is required | 51 | # private-cache -- access to .cache/tracker is required |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload | 53 | private-etc @x11 |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-user filter | 56 | dbus-user filter |
diff --git a/etc/profile-a-l/bitwarden.profile b/etc/profile-a-l/bitwarden.profile index f8114c71b..ba30c3654 100644 --- a/etc/profile-a-l/bitwarden.profile +++ b/etc/profile-a-l/bitwarden.profile | |||
@@ -23,7 +23,7 @@ no3d | |||
23 | nosound | 23 | nosound |
24 | 24 | ||
25 | ?HAS_APPIMAGE: ignore private-dev | 25 | ?HAS_APPIMAGE: ignore private-dev |
26 | private-etc alternatives,ca-certificates,crypto-policies,fonts,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 26 | private-etc @tls-ca |
27 | private-opt Bitwarden | 27 | private-opt Bitwarden |
28 | 28 | ||
29 | # Redirect | 29 | # Redirect |
diff --git a/etc/profile-a-l/bless.profile b/etc/profile-a-l/bless.profile index 9badb4357..6dd540943 100644 --- a/etc/profile-a-l/bless.profile +++ b/etc/profile-a-l/bless.profile | |||
@@ -34,7 +34,7 @@ seccomp | |||
34 | # private-bin bash,bless,mono,sh | 34 | # private-bin bash,bless,mono,sh |
35 | private-cache | 35 | private-cache |
36 | private-dev | 36 | private-dev |
37 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,mono | 37 | private-etc mono |
38 | private-tmp | 38 | private-tmp |
39 | 39 | ||
40 | dbus-user none | 40 | dbus-user none |
diff --git a/etc/profile-a-l/blobby.profile b/etc/profile-a-l/blobby.profile index 6e7a87e5f..dccdae924 100644 --- a/etc/profile-a-l/blobby.profile +++ b/etc/profile-a-l/blobby.profile | |||
@@ -40,7 +40,7 @@ tracelog | |||
40 | disable-mnt | 40 | disable-mnt |
41 | private-bin blobby | 41 | private-bin blobby |
42 | private-dev | 42 | private-dev |
43 | private-etc alsa,alternatives,asound.conf,drirc,group,hosts,ld.so.cache,ld.so.preload,login.defs,machine-id,passwd,pulse | 43 | private-etc @x11 |
44 | private-lib | 44 | private-lib |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
diff --git a/etc/profile-a-l/blobwars.profile b/etc/profile-a-l/blobwars.profile index e6926ee29..fc0a76945 100644 --- a/etc/profile-a-l/blobwars.profile +++ b/etc/profile-a-l/blobwars.profile | |||
@@ -42,7 +42,7 @@ disable-mnt | |||
42 | private-bin blobwars | 42 | private-bin blobwars |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id | 45 | private-etc |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-a-l/bsdtar.profile b/etc/profile-a-l/bsdtar.profile index fbc7c9056..c5c2e33eb 100644 --- a/etc/profile-a-l/bsdtar.profile +++ b/etc/profile-a-l/bsdtar.profile | |||
@@ -6,7 +6,7 @@ include bsdtar.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | private-etc alternatives,group,ld.so.cache,ld.so.preload,localtime,passwd | 9 | private-etc |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include archiver-common.profile | 12 | include archiver-common.profile |
diff --git a/etc/profile-a-l/cameramonitor.profile b/etc/profile-a-l/cameramonitor.profile index b2248ad06..df94ac859 100644 --- a/etc/profile-a-l/cameramonitor.profile +++ b/etc/profile-a-l/cameramonitor.profile | |||
@@ -45,7 +45,7 @@ tracelog | |||
45 | disable-mnt | 45 | disable-mnt |
46 | private-bin cameramonitor,python* | 46 | private-bin cameramonitor,python* |
47 | private-cache | 47 | private-cache |
48 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 48 | private-etc |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | # dbus-user none | 51 | # dbus-user none |
diff --git a/etc/profile-a-l/cargo.profile b/etc/profile-a-l/cargo.profile index 4c8afd895..a0fe8ddf1 100644 --- a/etc/profile-a-l/cargo.profile +++ b/etc/profile-a-l/cargo.profile | |||
@@ -16,7 +16,7 @@ noblacklist ${HOME}/.cargo/credentials.toml | |||
16 | #whitelist ${HOME}/.rustup | 16 | #whitelist ${HOME}/.rustup |
17 | 17 | ||
18 | #private-bin cargo,rustc | 18 | #private-bin cargo,rustc |
19 | private-etc alternatives,ca-certificates,crypto-policies,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,magic,magic.mgc,nsswitch.conf,passwd,pki,protocols,resolv.conf,rpc,services,ssl | 19 | private-etc @tls-ca,host.conf,magic,magic.mgc,rpc,services |
20 | 20 | ||
21 | memory-deny-write-execute | 21 | memory-deny-write-execute |
22 | 22 | ||
diff --git a/etc/profile-a-l/cawbird.profile b/etc/profile-a-l/cawbird.profile index e4e32b265..17887b6cc 100644 --- a/etc/profile-a-l/cawbird.profile +++ b/etc/profile-a-l/cawbird.profile | |||
@@ -38,7 +38,7 @@ disable-mnt | |||
38 | private-bin cawbird | 38 | private-bin cawbird |
39 | private-cache | 39 | private-cache |
40 | private-dev | 40 | private-dev |
41 | private-etc alternatives,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,pki,resolv.conf,ssl,X11,xdg | 41 | private-etc @tls-ca,@x11,host.conf,mime.types |
42 | private-tmp | 42 | private-tmp |
43 | 43 | ||
44 | # dbus-user none | 44 | # dbus-user none |
diff --git a/etc/profile-a-l/celluloid.profile b/etc/profile-a-l/celluloid.profile index 0c4335e8f..f06ac3b01 100644 --- a/etc/profile-a-l/celluloid.profile +++ b/etc/profile-a-l/celluloid.profile | |||
@@ -52,7 +52,7 @@ tracelog | |||
52 | 52 | ||
53 | private-bin celluloid,env,gnome-mpv,python*,youtube-dl | 53 | private-bin celluloid,env,gnome-mpv,python*,youtube-dl |
54 | private-cache | 54 | private-cache |
55 | private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.preload,libva.conf,localtime,machine-id,pkcs11,pki,resolv.conf,selinux,ssl,xdg | 55 | private-etc @tls-ca,@x11,libva.conf,pkcs11,selinux |
56 | private-dev | 56 | private-dev |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
diff --git a/etc/profile-a-l/chatterino.profile b/etc/profile-a-l/chatterino.profile index 4dfd85740..ed3153ec7 100644 --- a/etc/profile-a-l/chatterino.profile +++ b/etc/profile-a-l/chatterino.profile | |||
@@ -70,7 +70,7 @@ private-bin chatterino,cvlc,env,ffmpeg,mpv,nvlc,pgrep,python*,qvlc,rvlc,streamli | |||
70 | # private-cache may cause issues with mpv (see #2838) | 70 | # private-cache may cause issues with mpv (see #2838) |
71 | private-cache | 71 | private-cache |
72 | private-dev | 72 | private-dev |
73 | private-etc alsa,alternatives,asound.conf,ca-certificates,dbus-1,fonts,hostname,hosts,kde4rc,kde5rc,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,nvidia,passwd,pulse,resolv.conf,rpc,services,ssl,Trolltech.conf,X11 | 73 | private-etc @tls-ca,@x11,dbus-1,rpc,services,Trolltech.conf |
74 | private-srv none | 74 | private-srv none |
75 | private-tmp | 75 | private-tmp |
76 | 76 | ||
diff --git a/etc/profile-a-l/cheese.profile b/etc/profile-a-l/cheese.profile index 8aed77c04..93d9c9a8b 100644 --- a/etc/profile-a-l/cheese.profile +++ b/etc/profile-a-l/cheese.profile | |||
@@ -51,7 +51,7 @@ disable-mnt | |||
51 | private-bin cheese | 51 | private-bin cheese |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc alternatives,clutter-1.0,dconf,drirc,fonts,gtk-3.0,ld.so.cache,ld.so.preload | 54 | private-etc @x11,clutter-1.0 |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user filter | 57 | dbus-user filter |
diff --git a/etc/profile-a-l/clawsker.profile b/etc/profile-a-l/clawsker.profile index 4f4e8e7bf..3b8eb7bbd 100644 --- a/etc/profile-a-l/clawsker.profile +++ b/etc/profile-a-l/clawsker.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin bash,clawsker,perl,sh,which | 43 | private-bin bash,clawsker,perl,sh,which |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 46 | private-etc |
47 | private-lib girepository-1.*,libdbus-glib-1.so.*,libetpan.so.*,libgirepository-1.*,libgtk-3.so.*,libgtk-x11-2.0.so.*,libstartup-notification-1.so.*,perl* | 47 | private-lib girepository-1.*,libdbus-glib-1.so.*,libetpan.so.*,libgirepository-1.*,libgtk-3.so.*,libgtk-x11-2.0.so.*,libstartup-notification-1.so.*,perl* |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
diff --git a/etc/profile-a-l/cmus.profile b/etc/profile-a-l/cmus.profile index ad6332f78..cc7a43609 100644 --- a/etc/profile-a-l/cmus.profile +++ b/etc/profile-a-l/cmus.profile | |||
@@ -26,6 +26,6 @@ protocol unix,inet,inet6 | |||
26 | seccomp | 26 | seccomp |
27 | 27 | ||
28 | private-bin cmus | 28 | private-bin cmus |
29 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,group,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl | 29 | private-etc @tls-ca |
30 | 30 | ||
31 | restrict-namespaces | 31 | restrict-namespaces |
diff --git a/etc/profile-a-l/cointop.profile b/etc/profile-a-l/cointop.profile index c341c4ea2..aa053e2f7 100644 --- a/etc/profile-a-l/cointop.profile +++ b/etc/profile-a-l/cointop.profile | |||
@@ -52,7 +52,7 @@ disable-mnt | |||
52 | private-bin cointop | 52 | private-bin cointop |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl | 55 | private-etc @tls-ca,host.conf,rpc,services |
56 | private-lib | 56 | private-lib |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
diff --git a/etc/profile-a-l/colorful.profile b/etc/profile-a-l/colorful.profile index 442d50259..50f8f67f3 100644 --- a/etc/profile-a-l/colorful.profile +++ b/etc/profile-a-l/colorful.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin colorful | 44 | private-bin colorful |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,pulse | 47 | private-etc |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-a-l/com.github.bleakgrey.tootle.profile b/etc/profile-a-l/com.github.bleakgrey.tootle.profile index 990b6bc5a..8b7d2317c 100644 --- a/etc/profile-a-l/com.github.bleakgrey.tootle.profile +++ b/etc/profile-a-l/com.github.bleakgrey.tootle.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin com.github.bleakgrey.tootle | 44 | private-bin com.github.bleakgrey.tootle |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id mime.types,nsswitch.conf,pki,pulse,resolv.conf,ssl,X11,xdg | 47 | private-etc @tls-ca,@x11,host.conf,mime.types |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | # Settings are immutable | 50 | # Settings are immutable |
diff --git a/etc/profile-a-l/com.github.dahenson.agenda.profile b/etc/profile-a-l/com.github.dahenson.agenda.profile index 5f2a1c3e6..ab389d3ee 100644 --- a/etc/profile-a-l/com.github.dahenson.agenda.profile +++ b/etc/profile-a-l/com.github.dahenson.agenda.profile | |||
@@ -51,7 +51,7 @@ disable-mnt | |||
51 | private-bin com.github.dahenson.agenda | 51 | private-bin com.github.dahenson.agenda |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload | 54 | private-etc @x11 |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user filter | 57 | dbus-user filter |
diff --git a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile index 21f37494b..f4533b537 100644 --- a/etc/profile-a-l/com.github.johnfactotum.Foliate.profile +++ b/etc/profile-a-l/com.github.johnfactotum.Foliate.profile | |||
@@ -54,7 +54,7 @@ disable-mnt | |||
54 | private-bin com.github.johnfactotum.Foliate,gjs | 54 | private-bin com.github.johnfactotum.Foliate,gjs |
55 | private-cache | 55 | private-cache |
56 | private-dev | 56 | private-dev |
57 | private-etc alternatives,dconf,fonts,gconf,gtk-3.0,ld.so.cache,ld.so.preload | 57 | private-etc @x11,gconf |
58 | private-tmp | 58 | private-tmp |
59 | 59 | ||
60 | read-only ${HOME} | 60 | read-only ${HOME} |
diff --git a/etc/profile-a-l/com.github.phase1geo.minder.profile b/etc/profile-a-l/com.github.phase1geo.minder.profile index 07a6a6813..22a64cb35 100644 --- a/etc/profile-a-l/com.github.phase1geo.minder.profile +++ b/etc/profile-a-l/com.github.phase1geo.minder.profile | |||
@@ -51,7 +51,7 @@ disable-mnt | |||
51 | private-bin com.github.phase1geo.minder | 51 | private-bin com.github.phase1geo.minder |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,pango,passwd,X11,xdg | 54 | private-etc @x11,mime.types |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user filter | 57 | dbus-user filter |
diff --git a/etc/profile-a-l/com.github.tchx84.Flatseal.profile b/etc/profile-a-l/com.github.tchx84.Flatseal.profile index fd4494e92..eee98ba8d 100644 --- a/etc/profile-a-l/com.github.tchx84.Flatseal.profile +++ b/etc/profile-a-l/com.github.tchx84.Flatseal.profile | |||
@@ -51,7 +51,7 @@ disable-mnt | |||
51 | private-bin com.github.tchx84.Flatseal,gjs | 51 | private-bin com.github.tchx84.Flatseal,gjs |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload | 54 | private-etc @x11 |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user filter | 57 | dbus-user filter |
diff --git a/etc/profile-a-l/coyim.profile b/etc/profile-a-l/coyim.profile index 793de8ab4..21b576fb7 100644 --- a/etc/profile-a-l/coyim.profile +++ b/etc/profile-a-l/coyim.profile | |||
@@ -39,7 +39,7 @@ tracelog | |||
39 | disable-mnt | 39 | disable-mnt |
40 | private-cache | 40 | private-cache |
41 | private-dev | 41 | private-dev |
42 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,pki,ssl | 42 | private-etc @tls-ca |
43 | private-tmp | 43 | private-tmp |
44 | 44 | ||
45 | dbus-user none | 45 | dbus-user none |
diff --git a/etc/profile-a-l/crow.profile b/etc/profile-a-l/crow.profile index 842191f3f..601daacfa 100644 --- a/etc/profile-a-l/crow.profile +++ b/etc/profile-a-l/crow.profile | |||
@@ -38,7 +38,7 @@ seccomp | |||
38 | disable-mnt | 38 | disable-mnt |
39 | private-bin crow | 39 | private-bin crow |
40 | private-dev | 40 | private-dev |
41 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,ld.so.cache,ld.so.preload,machine-id,nsswitch.conf,pki,pulse,resolv.conf,ssl | 41 | private-etc @tls-ca,@x11 |
42 | private-opt none | 42 | private-opt none |
43 | private-tmp | 43 | private-tmp |
44 | private-srv none | 44 | private-srv none |
diff --git a/etc/profile-a-l/d-feet.profile b/etc/profile-a-l/d-feet.profile index 63d89ec36..7dd5ca260 100644 --- a/etc/profile-a-l/d-feet.profile +++ b/etc/profile-a-l/d-feet.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin d-feet,python* | 49 | private-bin d-feet,python* |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,dbus-1,fonts,ld.so.cache,ld.so.preload,machine-id | 52 | private-etc dbus-1 |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | #memory-deny-write-execute - breaks on Arch (see issue #1803) | 55 | #memory-deny-write-execute - breaks on Arch (see issue #1803) |
diff --git a/etc/profile-a-l/dbus-send.profile b/etc/profile-a-l/dbus-send.profile index b259c7e93..80790bb0c 100644 --- a/etc/profile-a-l/dbus-send.profile +++ b/etc/profile-a-l/dbus-send.profile | |||
@@ -50,7 +50,7 @@ private | |||
50 | private-bin dbus-send | 50 | private-bin dbus-send |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,dbus-1,ld.so.cache,ld.so.preload | 53 | private-etc dbus-1 |
54 | private-lib libpcre* | 54 | private-lib libpcre* |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
diff --git a/etc/profile-a-l/dconf-editor.profile b/etc/profile-a-l/dconf-editor.profile index 876e637b2..e2e2492bc 100644 --- a/etc/profile-a-l/dconf-editor.profile +++ b/etc/profile-a-l/dconf-editor.profile | |||
@@ -42,7 +42,7 @@ disable-mnt | |||
42 | private-bin dconf-editor | 42 | private-bin dconf-editor |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,machine-id | 45 | private-etc @x11 |
46 | private-lib | 46 | private-lib |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/profile-a-l/dconf.profile b/etc/profile-a-l/dconf.profile index 5136445da..2b2ada742 100644 --- a/etc/profile-a-l/dconf.profile +++ b/etc/profile-a-l/dconf.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin dconf,gsettings | 45 | private-bin dconf,gsettings |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,dconf,ld.so.cache,ld.so.preload | 48 | private-etc @x11 |
49 | private-lib | 49 | private-lib |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-a-l/ddgtk.profile b/etc/profile-a-l/ddgtk.profile index 8ea5d178e..9811c90d6 100644 --- a/etc/profile-a-l/ddgtk.profile +++ b/etc/profile-a-l/ddgtk.profile | |||
@@ -44,7 +44,7 @@ tracelog | |||
44 | disable-mnt | 44 | disable-mnt |
45 | private-bin bash,dd,ddgtk,grep,lsblk,python*,sed,sh,tr | 45 | private-bin bash,dd,ddgtk,grep,lsblk,python*,sed,sh,tr |
46 | private-cache | 46 | private-cache |
47 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 47 | private-etc |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-a-l/devhelp.profile b/etc/profile-a-l/devhelp.profile index ef31fc3eb..066cdc8b0 100644 --- a/etc/profile-a-l/devhelp.profile +++ b/etc/profile-a-l/devhelp.profile | |||
@@ -41,7 +41,7 @@ disable-mnt | |||
41 | private-bin devhelp | 41 | private-bin devhelp |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,dconf,fonts,ld.so.cache,ld.so.preload,machine-id,ssl | 44 | private-etc @tls-ca,@x11 |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | # makes settings immutable | 47 | # makes settings immutable |
diff --git a/etc/profile-a-l/devilspie.profile b/etc/profile-a-l/devilspie.profile index 0579547af..4461c2a82 100644 --- a/etc/profile-a-l/devilspie.profile +++ b/etc/profile-a-l/devilspie.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | private-bin devilspie | 47 | private-bin devilspie |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ld.so.cache,ld.so.preload | 50 | private-etc |
51 | private-lib gconv | 51 | private-lib gconv |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
diff --git a/etc/profile-a-l/dig.profile b/etc/profile-a-l/dig.profile index 3ee58147a..7c0fee9c3 100644 --- a/etc/profile-a-l/dig.profile +++ b/etc/profile-a-l/dig.profile | |||
@@ -48,7 +48,7 @@ tracelog | |||
48 | disable-mnt | 48 | disable-mnt |
49 | private-bin bash,dig,sh | 49 | private-bin bash,dig,sh |
50 | private-dev | 50 | private-dev |
51 | private-etc alternatives,ld.so.cache,ld.so.preload,login.defs,passwd,resolv.conf | 51 | private-etc |
52 | # Add the next line to your dig.local on non Debian/Ubuntu OS (see issue #3038). | 52 | # Add the next line to your dig.local on non Debian/Ubuntu OS (see issue #3038). |
53 | #private-lib | 53 | #private-lib |
54 | private-tmp | 54 | private-tmp |
diff --git a/etc/profile-a-l/discord-common.profile b/etc/profile-a-l/discord-common.profile index bf49c8d48..6f01600eb 100644 --- a/etc/profile-a-l/discord-common.profile +++ b/etc/profile-a-l/discord-common.profile | |||
@@ -24,7 +24,7 @@ whitelist ${HOME}/.config/BetterDiscord | |||
24 | whitelist ${HOME}/.local/share/betterdiscordctl | 24 | whitelist ${HOME}/.local/share/betterdiscordctl |
25 | 25 | ||
26 | private-bin awk,bash,cut,echo,egrep,electron,electron[0-9],electron[0-9][0-9],fish,grep,head,sed,sh,tclsh,tr,which,xdg-mime,xdg-open,zsh | 26 | private-bin awk,bash,cut,echo,egrep,electron,electron[0-9],electron[0-9][0-9],fish,grep,head,sed,sh,tclsh,tr,which,xdg-mime,xdg-open,zsh |
27 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,localtime,login.defs,machine-id,password,pki,pulse,resolv.conf,ssl | 27 | private-etc @tls-ca,password |
28 | 28 | ||
29 | join-or-start discord | 29 | join-or-start discord |
30 | 30 | ||
diff --git a/etc/profile-a-l/display.profile b/etc/profile-a-l/display.profile index 15f6e441d..bf77828be 100644 --- a/etc/profile-a-l/display.profile +++ b/etc/profile-a-l/display.profile | |||
@@ -39,7 +39,7 @@ seccomp | |||
39 | private-bin display,python* | 39 | private-bin display,python* |
40 | private-dev | 40 | private-dev |
41 | # On Debian-based systems, display is a symlink in /etc/alternatives | 41 | # On Debian-based systems, display is a symlink in /etc/alternatives |
42 | private-etc alternatives,ImageMagick-6,ImageMagick-7,ld.so.cache,ld.so.preload | 42 | private-etc ImageMagick-6,ImageMagick-7 |
43 | private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libgomp.so.*,ImageMagick*,libfreetype.so.*,libltdl.so.*,libMagickWand-*.so.*,libXext.so.* | 43 | private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libgomp.so.*,ImageMagick*,libfreetype.so.*,libltdl.so.*,libMagickWand-*.so.*,libXext.so.* |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
diff --git a/etc/profile-a-l/dolphin-emu.profile b/etc/profile-a-l/dolphin-emu.profile index acaf2e021..d4734bf22 100644 --- a/etc/profile-a-l/dolphin-emu.profile +++ b/etc/profile-a-l/dolphin-emu.profile | |||
@@ -54,7 +54,7 @@ private-bin bash,dolphin-emu,dolphin-emu-x11,sh | |||
54 | private-cache | 54 | private-cache |
55 | # Add the next line to your dolphin-emu.local if you do not need controller support. | 55 | # Add the next line to your dolphin-emu.local if you do not need controller support. |
56 | #private-dev | 56 | #private-dev |
57 | private-etc alsa,alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,dconf,drirc,fonts,gconf,glvnd,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,kde4rc,kde5rc,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,nvidia,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,Trolltech.conf,X11,xdg | 57 | private-etc @tls-ca,@x11,bumblebee,gconf,glvnd,host.conf,mime.types,rpc,services,Trolltech.conf |
58 | private-opt none | 58 | private-opt none |
59 | private-tmp | 59 | private-tmp |
60 | 60 | ||
diff --git a/etc/profile-a-l/drawio.profile b/etc/profile-a-l/drawio.profile index 9d9fa291b..79366b8ee 100644 --- a/etc/profile-a-l/drawio.profile +++ b/etc/profile-a-l/drawio.profile | |||
@@ -44,7 +44,7 @@ seccomp !chroot | |||
44 | private-bin drawio | 44 | private-bin drawio |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 47 | private-etc |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-a-l/easystroke.profile b/etc/profile-a-l/easystroke.profile index 920eb7697..40fd8be7c 100644 --- a/etc/profile-a-l/easystroke.profile +++ b/etc/profile-a-l/easystroke.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | #private-bin bash,easystroke,sh | 44 | #private-bin bash,easystroke,sh |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,passwd | 47 | private-etc |
48 | # breaks custom shell command functionality | 48 | # breaks custom shell command functionality |
49 | #private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* | 49 | #private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* |
50 | private-tmp | 50 | private-tmp |
diff --git a/etc/profile-a-l/electron-mail.profile b/etc/profile-a-l/electron-mail.profile index d0d0f2168..4872223f1 100644 --- a/etc/profile-a-l/electron-mail.profile +++ b/etc/profile-a-l/electron-mail.profile | |||
@@ -29,7 +29,7 @@ read-only ${HOME}/.mozilla/firefox/profiles.ini | |||
29 | machine-id | 29 | machine-id |
30 | nosound | 30 | nosound |
31 | 31 | ||
32 | private-etc alternatives,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 32 | private-etc @tls-ca,@x11 |
33 | private-opt ElectronMail | 33 | private-opt ElectronMail |
34 | 34 | ||
35 | dbus-user filter | 35 | dbus-user filter |
diff --git a/etc/profile-a-l/electrum.profile b/etc/profile-a-l/electrum.profile index 78a996f71..48ce0aa22 100644 --- a/etc/profile-a-l/electrum.profile +++ b/etc/profile-a-l/electrum.profile | |||
@@ -46,7 +46,7 @@ private-bin electrum,python* | |||
46 | private-cache | 46 | private-cache |
47 | ?HAS_APPIMAGE: ignore private-dev | 47 | ?HAS_APPIMAGE: ignore private-dev |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,ld.so.cache,ld.so.preload,machine-id,pki,resolv.conf,ssl | 49 | private-etc @tls-ca,@x11 |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | # dbus-user none | 52 | # dbus-user none |
diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile index 0d5d18fe2..d989e850a 100644 --- a/etc/profile-a-l/email-common.profile +++ b/etc/profile-a-l/email-common.profile | |||
@@ -69,7 +69,7 @@ tracelog | |||
69 | # disable-mnt | 69 | # disable-mnt |
70 | private-cache | 70 | private-cache |
71 | private-dev | 71 | private-dev |
72 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gnupg,groups,gtk-2.0,gtk-3.0,hostname,hosts,hosts.conf,ld.so.cache,ld.so.preload,localtime,machine-id,mailname,nsswitch.conf,passwd,pki,resolv.conf,selinux,ssl,timezone,xdg | 72 | private-etc @tls-ca,@x11,gnupg,groups,hosts.conf,mailname,selinux,timezone |
73 | private-tmp | 73 | private-tmp |
74 | # encrypting and signing email | 74 | # encrypting and signing email |
75 | writable-run-user | 75 | writable-run-user |
diff --git a/etc/profile-a-l/enchant.profile b/etc/profile-a-l/enchant.profile index 37a6c088b..051c75fc1 100644 --- a/etc/profile-a-l/enchant.profile +++ b/etc/profile-a-l/enchant.profile | |||
@@ -47,7 +47,7 @@ x11 none | |||
47 | private-bin enchant,enchant-* | 47 | private-bin enchant,enchant-* |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ld.so.cache,ld.so.preload | 50 | private-etc |
51 | private-lib | 51 | private-lib |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
diff --git a/etc/profile-a-l/eo-common.profile b/etc/profile-a-l/eo-common.profile index 83abb551e..c487a5add 100644 --- a/etc/profile-a-l/eo-common.profile +++ b/etc/profile-a-l/eo-common.profile | |||
@@ -46,7 +46,7 @@ tracelog | |||
46 | 46 | ||
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload | 49 | private-etc @x11 |
50 | private-lib eog,eom,gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.* | 50 | private-lib eog,eom,gdk-pixbuf-2.*,gio,girepository-1.*,gvfs,libgconf-2.so.* |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
diff --git a/etc/profile-a-l/equalx.profile b/etc/profile-a-l/equalx.profile index 2fe0a4af4..fa6674f6e 100644 --- a/etc/profile-a-l/equalx.profile +++ b/etc/profile-a-l/equalx.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin equalx,gs,pdflatex,pdftocairo | 53 | private-bin equalx,gs,pdflatex,pdftocairo |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc alternatives,equalx,equalx.conf,fonts,gtk-2.0,latexmk.conf,ld.so.cache,ld.so.preload,machine-id,papersize,passwd,texlive,Trolltech.conf | 56 | private-etc @x11,equalx,equalx.conf,latexmk.conf,papersize,texlive,Trolltech.conf |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-a-l/evince.profile b/etc/profile-a-l/evince.profile index 95115d484..75a3958ad 100644 --- a/etc/profile-a-l/evince.profile +++ b/etc/profile-a-l/evince.profile | |||
@@ -54,7 +54,7 @@ tracelog | |||
54 | private-bin evince,evince-previewer,evince-thumbnailer,sh | 54 | private-bin evince,evince-previewer,evince-thumbnailer,sh |
55 | private-cache | 55 | private-cache |
56 | private-dev | 56 | private-dev |
57 | private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd | 57 | private-etc |
58 | # private-lib might break two-page-view on some systems | 58 | # private-lib might break two-page-view on some systems |
59 | private-lib evince,gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,gconv,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libarchive.so.*,libdjvulibre.so.*,libgconf-2.so.*,libgraphite2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,libspectre.so.* | 59 | private-lib evince,gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,gconv,gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libarchive.so.*,libdjvulibre.so.*,libgconf-2.so.*,libgraphite2.so.*,libpoppler-glib.so.*,librsvg-2.so.*,libspectre.so.* |
60 | private-tmp | 60 | private-tmp |
diff --git a/etc/profile-a-l/exiftool.profile b/etc/profile-a-l/exiftool.profile index 45331487c..a8be4828f 100644 --- a/etc/profile-a-l/exiftool.profile +++ b/etc/profile-a-l/exiftool.profile | |||
@@ -47,7 +47,7 @@ x11 none | |||
47 | #private-bin exiftool,perl | 47 | #private-bin exiftool,perl |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ld.so.cache,ld.so.preload | 50 | private-etc |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user none | 53 | dbus-user none |
diff --git a/etc/profile-a-l/falkon.profile b/etc/profile-a-l/falkon.profile index 2daf1ff15..0d260f429 100644 --- a/etc/profile-a-l/falkon.profile +++ b/etc/profile-a-l/falkon.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | # private-bin falkon | 47 | # private-bin falkon |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc adobe,alternatives,asound.conf,ati,ca-certificates,crypto-policies,dconf,drirc,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,xdg | 50 | private-etc @tls-ca,@x11,adobe,mailcap,mime.types,selinux |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | # dbus-user filter | 53 | # dbus-user filter |
diff --git a/etc/profile-a-l/fdns.profile b/etc/profile-a-l/fdns.profile index 248cb5b49..77e16a56b 100644 --- a/etc/profile-a-l/fdns.profile +++ b/etc/profile-a-l/fdns.profile | |||
@@ -42,7 +42,7 @@ private | |||
42 | private-bin bash,fdns,sh | 42 | private-bin bash,fdns,sh |
43 | private-cache | 43 | private-cache |
44 | #private-dev | 44 | #private-dev |
45 | private-etc alternatives,ca-certificates,crypto-policies,fdns,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pki,ssl | 45 | private-etc @tls-ca,fdns |
46 | # private-lib | 46 | # private-lib |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/profile-a-l/feh-network.inc.profile b/etc/profile-a-l/feh-network.inc.profile index 7293e89a8..4b45cd198 100644 --- a/etc/profile-a-l/feh-network.inc.profile +++ b/etc/profile-a-l/feh-network.inc.profile | |||
@@ -5,4 +5,4 @@ include feh-network.inc.local | |||
5 | ignore net none | 5 | ignore net none |
6 | netfilter | 6 | netfilter |
7 | protocol unix,inet,inet6 | 7 | protocol unix,inet,inet6 |
8 | private-etc alternatives,ca-certificates,crypto-policies,hosts,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl | 8 | private-etc @tls-ca |
diff --git a/etc/profile-a-l/feh.profile b/etc/profile-a-l/feh.profile index be5ab8627..82b3f7645 100644 --- a/etc/profile-a-l/feh.profile +++ b/etc/profile-a-l/feh.profile | |||
@@ -35,7 +35,7 @@ seccomp | |||
35 | private-bin feh,jpegexiforient,jpegtran | 35 | private-bin feh,jpegexiforient,jpegtran |
36 | private-cache | 36 | private-cache |
37 | private-dev | 37 | private-dev |
38 | private-etc alternatives,feh,ld.so.cache,ld.so.preload | 38 | private-etc feh |
39 | private-tmp | 39 | private-tmp |
40 | 40 | ||
41 | dbus-user none | 41 | dbus-user none |
diff --git a/etc/profile-a-l/ffmpeg.profile b/etc/profile-a-l/ffmpeg.profile index 160f26f78..b7d54f05d 100644 --- a/etc/profile-a-l/ffmpeg.profile +++ b/etc/profile-a-l/ffmpeg.profile | |||
@@ -47,7 +47,7 @@ tracelog | |||
47 | private-bin ffmpeg | 47 | private-bin ffmpeg |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ca-certificates,crypto-policies,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,nsswitch.conf,pkcs11,pki,resolv.conf,ssl | 50 | private-etc @tls-ca,pkcs11 |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user none | 53 | dbus-user none |
diff --git a/etc/profile-a-l/ffplay.profile b/etc/profile-a-l/ffplay.profile index 52abb99d4..5cffd4980 100644 --- a/etc/profile-a-l/ffplay.profile +++ b/etc/profile-a-l/ffplay.profile | |||
@@ -14,7 +14,7 @@ ignore nogroups | |||
14 | ignore nosound | 14 | ignore nosound |
15 | 15 | ||
16 | private-bin ffplay | 16 | private-bin ffplay |
17 | private-etc alsa,alternatives,asound.conf,group,ld.so.cache,ld.so.preload | 17 | private-etc |
18 | 18 | ||
19 | # Redirect | 19 | # Redirect |
20 | include ffmpeg.profile | 20 | include ffmpeg.profile |
diff --git a/etc/profile-a-l/file-roller.profile b/etc/profile-a-l/file-roller.profile index ef4e0e117..4f39bec55 100644 --- a/etc/profile-a-l/file-roller.profile +++ b/etc/profile-a-l/file-roller.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | private-bin 7z,7za,7zr,ar,arj,atool,bash,brotli,bsdtar,bzip2,compress,cp,cpio,dpkg-deb,file-roller,gtar,gzip,isoinfo,lha,lrzip,lsar,lz4,lzip,lzma,lzop,mv,p7zip,rar,rm,rzip,sh,tar,unace,unalz,unar,uncompress,unrar,unsquashfs,unstuff,unzip,unzstd,xz,xzdec,zip,zoo,zstd | 42 | private-bin 7z,7za,7zr,ar,arj,atool,bash,brotli,bsdtar,bzip2,compress,cp,cpio,dpkg-deb,file-roller,gtar,gzip,isoinfo,lha,lrzip,lsar,lz4,lzip,lzma,lzop,mv,p7zip,rar,rm,rzip,sh,tar,unace,unalz,unar,uncompress,unrar,unsquashfs,unstuff,unzip,unzstd,xz,xzdec,zip,zoo,zstd |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,xdg | 45 | private-etc @x11 |
46 | # private-tmp | 46 | # private-tmp |
47 | 47 | ||
48 | dbus-system none | 48 | dbus-system none |
diff --git a/etc/profile-a-l/firefox-common.profile b/etc/profile-a-l/firefox-common.profile index 57c9b5dfb..42d12c5d9 100644 --- a/etc/profile-a-l/firefox-common.profile +++ b/etc/profile-a-l/firefox-common.profile | |||
@@ -57,9 +57,7 @@ seccomp !chroot | |||
57 | 57 | ||
58 | disable-mnt | 58 | disable-mnt |
59 | ?BROWSER_DISABLE_U2F: private-dev | 59 | ?BROWSER_DISABLE_U2F: private-dev |
60 | # private-etc below works fine on most distributions. There are some problems on CentOS. | 60 | # private-etc below works fine on most distributions. There could be some problems on CentOS. |
61 | # Add it to your firefox-common.local if you want to enable it. | ||
62 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | ||
63 | private-etc @tls-ca,@x11,mailcap,mime.types,os-release | 61 | private-etc @tls-ca,@x11,mailcap,mime.types,os-release |
64 | private-tmp | 62 | private-tmp |
65 | 63 | ||
diff --git a/etc/profile-a-l/flameshot.profile b/etc/profile-a-l/flameshot.profile index 0984055a3..3f4432857 100644 --- a/etc/profile-a-l/flameshot.profile +++ b/etc/profile-a-l/flameshot.profile | |||
@@ -51,7 +51,7 @@ tracelog | |||
51 | disable-mnt | 51 | disable-mnt |
52 | private-bin flameshot | 52 | private-bin flameshot |
53 | private-cache | 53 | private-cache |
54 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.preload,machine-id,pki,resolv.conf,ssl | 54 | private-etc @tls-ca |
55 | private-dev | 55 | private-dev |
56 | #private-tmp | 56 | #private-tmp |
57 | 57 | ||
diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile index a614d7d9f..24d8e4c2f 100644 --- a/etc/profile-a-l/fractal.profile +++ b/etc/profile-a-l/fractal.profile | |||
@@ -46,7 +46,7 @@ disable-mnt | |||
46 | private-bin fractal | 46 | private-bin fractal |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 49 | private-etc @tls-ca,@x11,host.conf,mime.types,selinux |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | dbus-user filter | 52 | dbus-user filter |
diff --git a/etc/profile-a-l/freetube.profile b/etc/profile-a-l/freetube.profile index bcde18b36..bdc5fa557 100644 --- a/etc/profile-a-l/freetube.profile +++ b/etc/profile-a-l/freetube.profile | |||
@@ -18,7 +18,7 @@ mkdir ${HOME}/.config/FreeTube | |||
18 | whitelist ${HOME}/.config/FreeTube | 18 | whitelist ${HOME}/.config/FreeTube |
19 | 19 | ||
20 | private-bin electron,electron[0-9],electron[0-9][0-9],freetube,sh | 20 | private-bin electron,electron[0-9],electron[0-9][0-9],freetube,sh |
21 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,pki,pulse,resolv.conf,ssl,X11,xdg | 21 | private-etc @tls-ca,@x11,host.conf,mime.types |
22 | 22 | ||
23 | dbus-user filter | 23 | dbus-user filter |
24 | dbus-user.own org.mpris.MediaPlayer2.chromium.* | 24 | dbus-user.own org.mpris.MediaPlayer2.chromium.* |
diff --git a/etc/profile-a-l/frogatto.profile b/etc/profile-a-l/frogatto.profile index 067fe3caa..d9ee054ab 100644 --- a/etc/profile-a-l/frogatto.profile +++ b/etc/profile-a-l/frogatto.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin frogatto,sh | 44 | private-bin frogatto,sh |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id | 47 | private-etc |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-a-l/gajim.profile b/etc/profile-a-l/gajim.profile index d4d578dd4..ed7b32f6e 100644 --- a/etc/profile-a-l/gajim.profile +++ b/etc/profile-a-l/gajim.profile | |||
@@ -58,7 +58,7 @@ disable-mnt | |||
58 | private-bin bash,gajim,gajim-history-manager,gpg,gpg2,paplay,python*,sh,zsh | 58 | private-bin bash,gajim,gajim-history-manager,gpg,gpg2,paplay,python*,sh,zsh |
59 | private-cache | 59 | private-cache |
60 | private-dev | 60 | private-dev |
61 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.preload,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl,xdg | 61 | private-etc @tls-ca,@x11 |
62 | private-tmp | 62 | private-tmp |
63 | writable-run-user | 63 | writable-run-user |
64 | 64 | ||
diff --git a/etc/profile-a-l/galculator.profile b/etc/profile-a-l/galculator.profile index 0fba8ac07..96ded592d 100644 --- a/etc/profile-a-l/galculator.profile +++ b/etc/profile-a-l/galculator.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | private-bin galculator | 42 | private-bin galculator |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 45 | private-etc |
46 | private-lib | 46 | private-lib |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/profile-a-l/gallery-dl.profile b/etc/profile-a-l/gallery-dl.profile index 2947873ef..9c8200dc4 100644 --- a/etc/profile-a-l/gallery-dl.profile +++ b/etc/profile-a-l/gallery-dl.profile | |||
@@ -12,7 +12,7 @@ noblacklist ${HOME}/.config/gallery-dl | |||
12 | noblacklist ${HOME}/.gallery-dl.conf | 12 | noblacklist ${HOME}/.gallery-dl.conf |
13 | 13 | ||
14 | private-bin gallery-dl | 14 | private-bin gallery-dl |
15 | private-etc alternatives,gallery-dl.conf,ld.so.cache,ld.so.preload | 15 | private-etc gallery-dl.conf |
16 | 16 | ||
17 | # Redirect | 17 | # Redirect |
18 | include youtube-dl.profile | 18 | include youtube-dl.profile |
diff --git a/etc/profile-a-l/gapplication.profile b/etc/profile-a-l/gapplication.profile index 106e0eda6..baf8f614e 100644 --- a/etc/profile-a-l/gapplication.profile +++ b/etc/profile-a-l/gapplication.profile | |||
@@ -48,7 +48,7 @@ private | |||
48 | private-bin gapplication | 48 | private-bin gapplication |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc alternatives,ld.so.cache,ld.so.preload | 51 | private-etc |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | # Add the next line to your gapplication.local to filter D-Bus names. | 54 | # Add the next line to your gapplication.local to filter D-Bus names. |
diff --git a/etc/profile-a-l/gcloud.profile b/etc/profile-a-l/gcloud.profile index 313b34a53..ad37312a8 100644 --- a/etc/profile-a-l/gcloud.profile +++ b/etc/profile-a-l/gcloud.profile | |||
@@ -35,7 +35,7 @@ tracelog | |||
35 | 35 | ||
36 | disable-mnt | 36 | disable-mnt |
37 | private-dev | 37 | private-dev |
38 | private-etc alternatives,ca-certificates,crypto-policies,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,pki,resolv.conf,ssl | 38 | private-etc @tls-ca |
39 | private-tmp | 39 | private-tmp |
40 | 40 | ||
41 | dbus-user none | 41 | dbus-user none |
diff --git a/etc/profile-a-l/gconf.profile b/etc/profile-a-l/gconf.profile index 5b434342b..ead78d983 100644 --- a/etc/profile-a-l/gconf.profile +++ b/etc/profile-a-l/gconf.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin gconf-editor,gconf-merge-*,gconfpkg,gconftool-2,gsettings-*-convert,python2* | 53 | private-bin gconf-editor,gconf-merge-*,gconfpkg,gconftool-2,gsettings-*-convert,python2* |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc alternatives,fonts,gconf,ld.so.cache,ld.so.preload | 56 | private-etc gconf |
57 | private-lib GConf,libpython*,python2* | 57 | private-lib GConf,libpython*,python2* |
58 | private-tmp | 58 | private-tmp |
59 | 59 | ||
diff --git a/etc/profile-a-l/geary.profile b/etc/profile-a-l/geary.profile index 6aaf1ab05..a19a20ba7 100644 --- a/etc/profile-a-l/geary.profile +++ b/etc/profile-a-l/geary.profile | |||
@@ -75,7 +75,7 @@ tracelog | |||
75 | #private-bin geary,sh | 75 | #private-bin geary,sh |
76 | private-cache | 76 | private-cache |
77 | private-dev | 77 | private-dev |
78 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,mailcap,mime.types,nsswitch.conf,passwd,pki,resolv.conf,ssl,xdg | 78 | private-etc @tls-ca,@x11,mailcap,mime.types |
79 | private-tmp | 79 | private-tmp |
80 | 80 | ||
81 | dbus-user filter | 81 | dbus-user filter |
diff --git a/etc/profile-a-l/geekbench.profile b/etc/profile-a-l/geekbench.profile index cda47a7e9..3a929774a 100644 --- a/etc/profile-a-l/geekbench.profile +++ b/etc/profile-a-l/geekbench.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | #private-bin bash,geekbench*,sh -- #4576 | 47 | #private-bin bash,geekbench*,sh -- #4576 |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,group,ld.so.cache,ld.so.preload,lsb-release,passwd | 50 | private-etc lsb-release |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user none | 53 | dbus-user none |
diff --git a/etc/profile-a-l/gfeeds.profile b/etc/profile-a-l/gfeeds.profile index d3d49433b..1c97ad21c 100644 --- a/etc/profile-a-l/gfeeds.profile +++ b/etc/profile-a-l/gfeeds.profile | |||
@@ -60,7 +60,7 @@ disable-mnt | |||
60 | private-bin gfeeds,python3* | 60 | private-bin gfeeds,python3* |
61 | # private-cache -- feeds are stored in ~/.cache | 61 | # private-cache -- feeds are stored in ~/.cache |
62 | private-dev | 62 | private-dev |
63 | private-etc alternatives,ca-certificates,crypto-policies,dbus-1,dconf,fonts,gconf,group,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,passwd,pki,protocols,resolv.conf,rpc,services,ssl,X11,xdg | 63 | private-etc @tls-ca,@x11,dbus-1,gconf,host.conf,mime.types,rpc,services |
64 | private-tmp | 64 | private-tmp |
65 | 65 | ||
66 | dbus-user filter | 66 | dbus-user filter |
diff --git a/etc/profile-a-l/gget.profile b/etc/profile-a-l/gget.profile index 02c4f9509..11d5f620c 100644 --- a/etc/profile-a-l/gget.profile +++ b/etc/profile-a-l/gget.profile | |||
@@ -48,7 +48,7 @@ disable-mnt | |||
48 | private-bin gget | 48 | private-bin gget |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl | 51 | private-etc @tls-ca |
52 | private-lib | 52 | private-lib |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 9c719ddb1..1c023f369 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile | |||
@@ -51,7 +51,7 @@ private-bin context,gettext,ghostwriter,latex,mktexfmt,pandoc,pdflatex,pdfroff,p | |||
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed | 53 | # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed |
54 | private-etc alternatives,ca-certificates,crypto-policies,dbus-1,dconf,firejail,fonts,gconf,groups,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,login.defs,machine-id,mime.types,nsswitch.conf,pango,passwd,pki,protocols,resolv.conf,rpc,services,ssl,texlive,Trolltech.conf,X11,xdg | 54 | private-etc @tls-ca,@x11,dbus-1,firejail,gconf,groups,host.conf,mime.types,rpc,services,texlive,Trolltech.conf |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user filter | 57 | dbus-user filter |
diff --git a/etc/profile-a-l/gimp.profile b/etc/profile-a-l/gimp.profile index f29929a72..717519112 100644 --- a/etc/profile-a-l/gimp.profile +++ b/etc/profile-a-l/gimp.profile | |||
@@ -59,7 +59,7 @@ seccomp !mbind | |||
59 | tracelog | 59 | tracelog |
60 | 60 | ||
61 | private-dev | 61 | private-dev |
62 | private-etc @x11,gcrypt,python* | 62 | private-etc @tls-ca,@x11,python* |
63 | private-tmp | 63 | private-tmp |
64 | 64 | ||
65 | dbus-user none | 65 | dbus-user none |
diff --git a/etc/profile-a-l/gist.profile b/etc/profile-a-l/gist.profile index d315619b7..6eea076f7 100644 --- a/etc/profile-a-l/gist.profile +++ b/etc/profile-a-l/gist.profile | |||
@@ -51,7 +51,7 @@ tracelog | |||
51 | disable-mnt | 51 | disable-mnt |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc alternatives,ld.so.cache,ld.so.preload | 54 | private-etc |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user none | 57 | dbus-user none |
diff --git a/etc/profile-a-l/git-cola.profile b/etc/profile-a-l/git-cola.profile index 2f7068d68..34203ad4a 100644 --- a/etc/profile-a-l/git-cola.profile +++ b/etc/profile-a-l/git-cola.profile | |||
@@ -69,7 +69,7 @@ tracelog | |||
69 | private-bin basename,bash,cola,envsubst,gettext,git,git-cola,git-dag,git-gui,gitk,gpg,gpg-agent,nano,ps,python*,sh,ssh,ssh-agent,tclsh,tr,wc,which,xed | 69 | private-bin basename,bash,cola,envsubst,gettext,git,git-cola,git-dag,git-gui,gitk,gpg,gpg-agent,nano,ps,python*,sh,ssh,ssh-agent,tclsh,tr,wc,which,xed |
70 | private-cache | 70 | private-cache |
71 | private-dev | 71 | private-dev |
72 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gitconfig,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,login.defs,machine-id,mime.types,nsswitch.conf,passwd,pki,resolv.conf,selinux,ssh,ssl,X11,xdg | 72 | private-etc @tls-ca,@x11,gitconfig,host.conf,mime.types,selinux,ssh |
73 | private-tmp | 73 | private-tmp |
74 | writable-run-user | 74 | writable-run-user |
75 | 75 | ||
diff --git a/etc/profile-a-l/gitter.profile b/etc/profile-a-l/gitter.profile index 0f9ed9592..e3cf87c87 100644 --- a/etc/profile-a-l/gitter.profile +++ b/etc/profile-a-l/gitter.profile | |||
@@ -36,7 +36,7 @@ seccomp | |||
36 | 36 | ||
37 | disable-mnt | 37 | disable-mnt |
38 | private-bin bash,env,gitter | 38 | private-bin bash,env,gitter |
39 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,pulse,resolv.conf,ssl | 39 | private-etc @tls-ca |
40 | private-opt Gitter | 40 | private-opt Gitter |
41 | private-dev | 41 | private-dev |
42 | private-tmp | 42 | private-tmp |
diff --git a/etc/profile-a-l/gl-117.profile b/etc/profile-a-l/gl-117.profile index 92ba70113..fbfbdd204 100644 --- a/etc/profile-a-l/gl-117.profile +++ b/etc/profile-a-l/gl-117.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin gl-117 | 43 | private-bin gl-117 |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alsa,alternatives,asound.conf,bumblebee,drirc,glvnd,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nvidia,pulse | 46 | private-etc @x11,bumblebee,glvnd |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-a-l/glaxium.profile b/etc/profile-a-l/glaxium.profile index d61b566d8..5aa69f714 100644 --- a/etc/profile-a-l/glaxium.profile +++ b/etc/profile-a-l/glaxium.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin glaxium | 43 | private-bin glaxium |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alsa,alternatives,asound.conf,bumblebee,drirc,glvnd,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nvidia,pulse | 46 | private-etc @x11,bumblebee,glvnd |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-a-l/gmpc.profile b/etc/profile-a-l/gmpc.profile index b337dc4d5..f3e045000 100644 --- a/etc/profile-a-l/gmpc.profile +++ b/etc/profile-a-l/gmpc.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | disable-mnt | 43 | disable-mnt |
44 | #private-bin gmpc | 44 | #private-bin gmpc |
45 | private-cache | 45 | private-cache |
46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,resolv.conf | 46 | private-etc |
47 | private-tmp | 47 | private-tmp |
48 | writable-run-user | 48 | writable-run-user |
49 | 49 | ||
diff --git a/etc/profile-a-l/gnome-calendar.profile b/etc/profile-a-l/gnome-calendar.profile index b0d3f1d34..70a302138 100644 --- a/etc/profile-a-l/gnome-calendar.profile +++ b/etc/profile-a-l/gnome-calendar.profile | |||
@@ -44,7 +44,7 @@ private | |||
44 | private-bin gnome-calendar | 44 | private-bin gnome-calendar |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,pki,resolv.conf,ssl | 47 | private-etc @tls-ca,@x11 |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user filter | 50 | dbus-user filter |
diff --git a/etc/profile-a-l/gnome-characters.profile b/etc/profile-a-l/gnome-characters.profile index 2e11f335b..9e9730e53 100644 --- a/etc/profile-a-l/gnome-characters.profile +++ b/etc/profile-a-l/gnome-characters.profile | |||
@@ -48,7 +48,7 @@ disable-mnt | |||
48 | private-bin gjs,gnome-characters | 48 | private-bin gjs,gnome-characters |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc alternatives,dconf,fonts,gconf,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,pango,X11,xdg | 51 | private-etc @x11,gconf,mime.types |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | # Add the next lines to your gnome-characters.local if you don't need access to recently used chars. | 54 | # Add the next lines to your gnome-characters.local if you don't need access to recently used chars. |
diff --git a/etc/profile-a-l/gnome-chess.profile b/etc/profile-a-l/gnome-chess.profile index 78bd54b64..9f5174b9e 100644 --- a/etc/profile-a-l/gnome-chess.profile +++ b/etc/profile-a-l/gnome-chess.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin fairymax,gnome-chess,gnuchess,hoichess | 49 | private-bin fairymax,gnome-chess,gnuchess,hoichess |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,dconf,fonts,gnome-chess,gtk-3.0,ld.so.cache,ld.so.preload | 52 | private-etc @x11,gnome-chess |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | restrict-namespaces | 55 | restrict-namespaces |
diff --git a/etc/profile-a-l/gnome-clocks.profile b/etc/profile-a-l/gnome-clocks.profile index 5563afcbd..f290b26de 100644 --- a/etc/profile-a-l/gnome-clocks.profile +++ b/etc/profile-a-l/gnome-clocks.profile | |||
@@ -41,7 +41,7 @@ disable-mnt | |||
41 | private-bin gnome-clocks,gsound-play | 41 | private-bin gnome-clocks,gsound-play |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,pkcs11,pki,resolv.conf,ssl | 44 | private-etc @tls-ca,@x11,pkcs11 |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | restrict-namespaces | 47 | restrict-namespaces |
diff --git a/etc/profile-a-l/gnome-hexgl.profile b/etc/profile-a-l/gnome-hexgl.profile index f0493c645..4f436202c 100644 --- a/etc/profile-a-l/gnome-hexgl.profile +++ b/etc/profile-a-l/gnome-hexgl.profile | |||
@@ -41,7 +41,7 @@ private | |||
41 | private-bin gnome-hexgl | 41 | private-bin gnome-hexgl |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.preload,machine-id,pulse | 44 | private-etc |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | dbus-user none | 47 | dbus-user none |
diff --git a/etc/profile-a-l/gnome-latex.profile b/etc/profile-a-l/gnome-latex.profile index 43e0a1ec1..b15439aee 100644 --- a/etc/profile-a-l/gnome-latex.profile +++ b/etc/profile-a-l/gnome-latex.profile | |||
@@ -47,7 +47,7 @@ tracelog | |||
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed | 49 | # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed |
50 | private-etc alternatives,dconf,fonts,gtk-3.0,latexmk.conf,ld.so.cache,ld.so.preload,login.defs,passwd,texlive | 50 | private-etc @x11,latexmk.conf,texlive |
51 | 51 | ||
52 | dbus-system none | 52 | dbus-system none |
53 | 53 | ||
diff --git a/etc/profile-a-l/gnome-logs.profile b/etc/profile-a-l/gnome-logs.profile index b619b0f27..61f4f4107 100644 --- a/etc/profile-a-l/gnome-logs.profile +++ b/etc/profile-a-l/gnome-logs.profile | |||
@@ -39,7 +39,7 @@ disable-mnt | |||
39 | private-bin gnome-logs | 39 | private-bin gnome-logs |
40 | private-cache | 40 | private-cache |
41 | private-dev | 41 | private-dev |
42 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,localtime,machine-id | 42 | private-etc |
43 | private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* | 43 | private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* |
44 | private-tmp | 44 | private-tmp |
45 | writable-var-log | 45 | writable-var-log |
diff --git a/etc/profile-a-l/gnome-maps.profile b/etc/profile-a-l/gnome-maps.profile index d14b2a5a1..17f52e588 100644 --- a/etc/profile-a-l/gnome-maps.profile +++ b/etc/profile-a-l/gnome-maps.profile | |||
@@ -63,7 +63,7 @@ disable-mnt | |||
63 | private-bin gjs,gnome-maps | 63 | private-bin gjs,gnome-maps |
64 | # private-cache -- gnome-maps cache all maps/satelite-images | 64 | # private-cache -- gnome-maps cache all maps/satelite-images |
65 | private-dev | 65 | private-dev |
66 | private-etc alternatives,ca-certificates,clutter-1.0,crypto-policies,dconf,drirc,fonts,gconf,gcrypt,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pango,pkcs11,pki,protocols,resolv.conf,rpc,services,ssl,X11,xdg | 66 | private-etc @tls-ca,@x11,clutter-1.0,gconf,host.conf,mime.types,pkcs11,rpc,services |
67 | private-tmp | 67 | private-tmp |
68 | 68 | ||
69 | dbus-user filter | 69 | dbus-user filter |
diff --git a/etc/profile-a-l/gnome-music.profile b/etc/profile-a-l/gnome-music.profile index ec033dbf0..087353d45 100644 --- a/etc/profile-a-l/gnome-music.profile +++ b/etc/profile-a-l/gnome-music.profile | |||
@@ -41,7 +41,7 @@ tracelog | |||
41 | # private-bin calls a file manager - whatever is installed! | 41 | # private-bin calls a file manager - whatever is installed! |
42 | #private-bin env,gio-launch-desktop,gnome-music,python*,yelp | 42 | #private-bin env,gio-launch-desktop,gnome-music,python*,yelp |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,asound.conf,dconf,fonts,fonts,gtk-3.0,ld.so.cache,ld.so.preload,machine-id,pulse,selinux,xdg | 44 | private-etc @x11,selinux |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | restrict-namespaces | 47 | restrict-namespaces |
diff --git a/etc/profile-a-l/gnome-passwordsafe.profile b/etc/profile-a-l/gnome-passwordsafe.profile index 0d7fb2de8..450e76082 100644 --- a/etc/profile-a-l/gnome-passwordsafe.profile +++ b/etc/profile-a-l/gnome-passwordsafe.profile | |||
@@ -52,7 +52,7 @@ disable-mnt | |||
52 | private-bin gnome-passwordsafe,python3* | 52 | private-bin gnome-passwordsafe,python3* |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,passwd | 55 | private-etc @x11 |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-user filter | 58 | dbus-user filter |
diff --git a/etc/profile-a-l/gnome-pie.profile b/etc/profile-a-l/gnome-pie.profile index 6d90773aa..ac0fb555d 100644 --- a/etc/profile-a-l/gnome-pie.profile +++ b/etc/profile-a-l/gnome-pie.profile | |||
@@ -33,7 +33,7 @@ seccomp | |||
33 | disable-mnt | 33 | disable-mnt |
34 | private-cache | 34 | private-cache |
35 | private-dev | 35 | private-dev |
36 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 36 | private-etc |
37 | private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* | 37 | private-lib gdk-pixbuf-2.*,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,librsvg-2.so.* |
38 | private-tmp | 38 | private-tmp |
39 | 39 | ||
diff --git a/etc/profile-a-l/gnome-pomodoro.profile b/etc/profile-a-l/gnome-pomodoro.profile index fb019227f..9906b15d9 100644 --- a/etc/profile-a-l/gnome-pomodoro.profile +++ b/etc/profile-a-l/gnome-pomodoro.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin gnome-pomodoro | 43 | private-bin gnome-pomodoro |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id | 46 | private-etc @x11 |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user filter | 49 | dbus-user filter |
diff --git a/etc/profile-a-l/gnome-recipes.profile b/etc/profile-a-l/gnome-recipes.profile index 75f3199e2..aa1ded516 100644 --- a/etc/profile-a-l/gnome-recipes.profile +++ b/etc/profile-a-l/gnome-recipes.profile | |||
@@ -46,7 +46,7 @@ seccomp | |||
46 | disable-mnt | 46 | disable-mnt |
47 | private-bin gnome-recipes,tar | 47 | private-bin gnome-recipes,tar |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,ssl | 49 | private-etc @tls-ca |
50 | private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,libgnutls.so.*,libjpeg.so.*,libp11-kit.so.*,libproxy.so.*,librsvg-2.so.* | 50 | private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.*,libgnutls.so.*,libjpeg.so.*,libp11-kit.so.*,libproxy.so.*,librsvg-2.so.* |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
diff --git a/etc/profile-a-l/gnome-screenshot.profile b/etc/profile-a-l/gnome-screenshot.profile index 74238a109..25be407b5 100644 --- a/etc/profile-a-l/gnome-screenshot.profile +++ b/etc/profile-a-l/gnome-screenshot.profile | |||
@@ -41,7 +41,7 @@ tracelog | |||
41 | disable-mnt | 41 | disable-mnt |
42 | private-bin gnome-screenshot | 42 | private-bin gnome-screenshot |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,localtime,machine-id | 44 | private-etc @x11 |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | dbus-user filter | 47 | dbus-user filter |
diff --git a/etc/profile-a-l/gnome-sound-recorder.profile b/etc/profile-a-l/gnome-sound-recorder.profile index d07bd80a7..f278b332b 100644 --- a/etc/profile-a-l/gnome-sound-recorder.profile +++ b/etc/profile-a-l/gnome-sound-recorder.profile | |||
@@ -39,7 +39,7 @@ tracelog | |||
39 | disable-mnt | 39 | disable-mnt |
40 | private-cache | 40 | private-cache |
41 | private-dev | 41 | private-dev |
42 | private-etc alsa,alternatives,asound.conf,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,machine-id,openal,pango,pulse,xdg | 42 | private-etc @games,@x11 |
43 | private-tmp | 43 | private-tmp |
44 | 44 | ||
45 | restrict-namespaces | 45 | restrict-namespaces |
diff --git a/etc/profile-a-l/gnome-system-log.profile b/etc/profile-a-l/gnome-system-log.profile index 4c74c0a61..f4e985342 100644 --- a/etc/profile-a-l/gnome-system-log.profile +++ b/etc/profile-a-l/gnome-system-log.profile | |||
@@ -42,7 +42,7 @@ disable-mnt | |||
42 | private-bin gnome-system-log | 42 | private-bin gnome-system-log |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,localtime,machine-id | 45 | private-etc |
46 | private-lib | 46 | private-lib |
47 | private-tmp | 47 | private-tmp |
48 | writable-var-log | 48 | writable-var-log |
diff --git a/etc/profile-a-l/gnome-todo.profile b/etc/profile-a-l/gnome-todo.profile index ae7ea83d8..5c375de2d 100644 --- a/etc/profile-a-l/gnome-todo.profile +++ b/etc/profile-a-l/gnome-todo.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin gnome-todo | 45 | private-bin gnome-todo |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,localtime,passwd,xdg | 48 | private-etc @x11 |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | dbus-user filter | 51 | dbus-user filter |
diff --git a/etc/profile-a-l/gnome_games-common.profile b/etc/profile-a-l/gnome_games-common.profile index c9145d78e..c03d41f06 100644 --- a/etc/profile-a-l/gnome_games-common.profile +++ b/etc/profile-a-l/gnome_games-common.profile | |||
@@ -40,7 +40,7 @@ tracelog | |||
40 | disable-mnt | 40 | disable-mnt |
41 | private-cache | 41 | private-cache |
42 | private-dev | 42 | private-dev |
43 | private-etc alternatives,dconf,fonts,gconf,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,machine-id,pango,passwd,X11 | 43 | private-etc @x11,gconf |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
46 | dbus-user filter | 46 | dbus-user filter |
diff --git a/etc/profile-a-l/gnote.profile b/etc/profile-a-l/gnote.profile index d7944ae24..c6ce0c2c0 100644 --- a/etc/profile-a-l/gnote.profile +++ b/etc/profile-a-l/gnote.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-bin gnote | 50 | private-bin gnote |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,pango,X11 | 53 | private-etc @x11 |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-user filter | 56 | dbus-user filter |
diff --git a/etc/profile-a-l/gnubik.profile b/etc/profile-a-l/gnubik.profile index bdbcf9baf..025cb74b6 100644 --- a/etc/profile-a-l/gnubik.profile +++ b/etc/profile-a-l/gnubik.profile | |||
@@ -42,7 +42,7 @@ private | |||
42 | private-bin gnubik | 42 | private-bin gnubik |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,drirc,fonts,gtk-2.0,ld.so.cache,ld.so.preload | 45 | private-etc @x11 |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-a-l/godot.profile b/etc/profile-a-l/godot.profile index 36a2cae07..5e41384ab 100644 --- a/etc/profile-a-l/godot.profile +++ b/etc/profile-a-l/godot.profile | |||
@@ -37,7 +37,7 @@ tracelog | |||
37 | # private-bin godot | 37 | # private-bin godot |
38 | private-cache | 38 | private-cache |
39 | private-dev | 39 | private-dev |
40 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,ld.so.cache,ld.so.preload,machine-id,mono,nsswitch.conf,openal,pki,pulse,resolv.conf,ssl | 40 | private-etc @games,@tls-ca,@x11,mono |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
43 | dbus-user none | 43 | dbus-user none |
diff --git a/etc/profile-a-l/goldendict.profile b/etc/profile-a-l/goldendict.profile index 327648cd1..822e5ffc2 100644 --- a/etc/profile-a-l/goldendict.profile +++ b/etc/profile-a-l/goldendict.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-bin goldendict | 50 | private-bin goldendict |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 53 | private-etc @tls-ca |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-user none | 56 | dbus-user none |
diff --git a/etc/profile-a-l/googler-common.profile b/etc/profile-a-l/googler-common.profile index da7c24581..58769643a 100644 --- a/etc/profile-a-l/googler-common.profile +++ b/etc/profile-a-l/googler-common.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin env,python3*,sh,w3m | 53 | private-bin env,python3*,sh,w3m |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl | 56 | private-etc @tls-ca,host.conf,rpc,services |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-a-l/gpicview.profile b/etc/profile-a-l/gpicview.profile index 1012f5774..0525995c3 100644 --- a/etc/profile-a-l/gpicview.profile +++ b/etc/profile-a-l/gpicview.profile | |||
@@ -40,7 +40,7 @@ tracelog | |||
40 | private-bin gpicview | 40 | private-bin gpicview |
41 | private-cache | 41 | private-cache |
42 | private-dev | 42 | private-dev |
43 | private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,passwd | 43 | private-etc |
44 | private-lib | 44 | private-lib |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
diff --git a/etc/profile-a-l/gpredict.profile b/etc/profile-a-l/gpredict.profile index 53a6f94e2..99c840a27 100644 --- a/etc/profile-a-l/gpredict.profile +++ b/etc/profile-a-l/gpredict.profile | |||
@@ -35,7 +35,7 @@ tracelog | |||
35 | 35 | ||
36 | private-bin gpredict | 36 | private-bin gpredict |
37 | private-dev | 37 | private-dev |
38 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl | 38 | private-etc @tls-ca |
39 | private-tmp | 39 | private-tmp |
40 | 40 | ||
41 | restrict-namespaces | 41 | restrict-namespaces |
diff --git a/etc/profile-a-l/gradio.profile b/etc/profile-a-l/gradio.profile index 368482fa3..a0d2247e0 100644 --- a/etc/profile-a-l/gradio.profile +++ b/etc/profile-a-l/gradio.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin gradio | 44 | private-bin gradio |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl,xdg | 47 | private-etc @tls-ca,@x11,host.conf |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user filter | 50 | dbus-user filter |
diff --git a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile index 02a49134c..19af7c0b9 100644 --- a/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile +++ b/etc/profile-a-l/gravity-beams-and-evaporating-stars.profile | |||
@@ -39,7 +39,7 @@ private | |||
39 | private-bin gravity-beams-and-evaporating-stars | 39 | private-bin gravity-beams-and-evaporating-stars |
40 | private-cache | 40 | private-cache |
41 | private-dev | 41 | private-dev |
42 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 42 | private-etc |
43 | private-tmp | 43 | private-tmp |
44 | 44 | ||
45 | dbus-user none | 45 | dbus-user none |
diff --git a/etc/profile-a-l/gtk-update-icon-cache.profile b/etc/profile-a-l/gtk-update-icon-cache.profile index 5fd92fd4f..eb09fe381 100644 --- a/etc/profile-a-l/gtk-update-icon-cache.profile +++ b/etc/profile-a-l/gtk-update-icon-cache.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin gtk-update-icon-cache | 45 | private-bin gtk-update-icon-cache |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,ld.so.cache,ld.so.preload | 48 | private-etc |
49 | private-lib | 49 | private-lib |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-a-l/gucharmap.profile b/etc/profile-a-l/gucharmap.profile index 68b78ec62..ef4aad4da 100644 --- a/etc/profile-a-l/gucharmap.profile +++ b/etc/profile-a-l/gucharmap.profile | |||
@@ -42,7 +42,7 @@ disable-mnt | |||
42 | private-bin gnome-character-map,gucharmap | 42 | private-bin gnome-character-map,gucharmap |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,dbus-1,dconf,fonts,gconf,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,pango,X11,xdg | 45 | private-etc @x11,dbus-1,gconf,mime.types |
46 | private-lib | 46 | private-lib |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/profile-a-l/guvcview.profile b/etc/profile-a-l/guvcview.profile index db307e940..467bee3a0 100644 --- a/etc/profile-a-l/guvcview.profile +++ b/etc/profile-a-l/guvcview.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | private-bin guvcview | 47 | private-bin guvcview |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alsa,alternatives,asound.conf,bumblebee,dconf,drirc,fonts,glvnd,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nvidia,pango,pulse,X11 | 50 | private-etc @x11,bumblebee,glvnd |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user none | 53 | dbus-user none |
diff --git a/etc/profile-a-l/gwenview.profile b/etc/profile-a-l/gwenview.profile index 8f7f74e0d..4be71f6d3 100644 --- a/etc/profile-a-l/gwenview.profile +++ b/etc/profile-a-l/gwenview.profile | |||
@@ -46,7 +46,7 @@ seccomp | |||
46 | 46 | ||
47 | private-bin gimp*,gwenview,kbuildsycoca4,kdeinit4 | 47 | private-bin gimp*,gwenview,kbuildsycoca4,kdeinit4 |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,fonts,gimp,gtk-2.0,kde4rc,kde5rc,ld.so.cache,ld.so.preload,machine-id,passwd,pulse,xdg | 49 | private-etc @x11,gimp |
50 | 50 | ||
51 | # dbus-user none | 51 | # dbus-user none |
52 | # dbus-system none | 52 | # dbus-system none |
diff --git a/etc/profile-a-l/homebank.profile b/etc/profile-a-l/homebank.profile index 91b73e8e9..ffe65c762 100644 --- a/etc/profile-a-l/homebank.profile +++ b/etc/profile-a-l/homebank.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin homebank | 49 | private-bin homebank |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11 | 52 | private-etc @tls-ca,@x11,mime.types,selinux |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-a-l/host.profile b/etc/profile-a-l/host.profile index b33709ef0..3f7901d3f 100644 --- a/etc/profile-a-l/host.profile +++ b/etc/profile-a-l/host.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | disable-mnt | 42 | disable-mnt |
43 | private | 43 | private |
44 | private-bin bash,host,sh | 44 | private-bin bash,host,sh |
45 | private-etc alternatives,ld.so.cache,ld.so.preload,login.defs,passwd,resolv.conf | 45 | private-etc |
46 | private-dev | 46 | private-dev |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
diff --git a/etc/profile-a-l/hyperrogue.profile b/etc/profile-a-l/hyperrogue.profile index 13dc06ecc..72d28ed08 100644 --- a/etc/profile-a-l/hyperrogue.profile +++ b/etc/profile-a-l/hyperrogue.profile | |||
@@ -43,7 +43,7 @@ private-bin hyperrogue | |||
43 | private-cache | 43 | private-cache |
44 | private-cwd | 44 | private-cwd |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 46 | private-etc |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-a-l/i2prouter.profile b/etc/profile-a-l/i2prouter.profile index 757af67b0..e295729d7 100644 --- a/etc/profile-a-l/i2prouter.profile +++ b/etc/profile-a-l/i2prouter.profile | |||
@@ -67,7 +67,7 @@ seccomp | |||
67 | disable-mnt | 67 | disable-mnt |
68 | private-cache | 68 | private-cache |
69 | private-dev | 69 | private-dev |
70 | private-etc alternatives,ca-certificates,crypto-policies,dconf,group,hostname,hosts,i2p,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,resolv.conf,ssl | 70 | private-etc @tls-ca,@x11,i2p,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk |
71 | private-tmp | 71 | private-tmp |
72 | 72 | ||
73 | restrict-namespaces | 73 | restrict-namespaces |
diff --git a/etc/profile-a-l/io.github.lainsce.Notejot.profile b/etc/profile-a-l/io.github.lainsce.Notejot.profile index cb2f30350..4730802a2 100644 --- a/etc/profile-a-l/io.github.lainsce.Notejot.profile +++ b/etc/profile-a-l/io.github.lainsce.Notejot.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-bin io.github.lainsce.Notejot | 50 | private-bin io.github.lainsce.Notejot |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11 | 53 | private-etc @x11 |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-user filter | 56 | dbus-user filter |
diff --git a/etc/profile-a-l/ipcalc.profile b/etc/profile-a-l/ipcalc.profile index 983c31bcb..7eabbca84 100644 --- a/etc/profile-a-l/ipcalc.profile +++ b/etc/profile-a-l/ipcalc.profile | |||
@@ -49,7 +49,7 @@ private-bin bash,ipcalc,ipcalc-ng,perl,sh | |||
49 | # private-cache | 49 | # private-cache |
50 | private-dev | 50 | private-dev |
51 | # empty etc directory | 51 | # empty etc directory |
52 | private-etc alternatives,ld.so.cache,ld.so.preload | 52 | private-etc |
53 | private-lib | 53 | private-lib |
54 | private-opt none | 54 | private-opt none |
55 | private-tmp | 55 | private-tmp |
diff --git a/etc/profile-a-l/jerry.profile b/etc/profile-a-l/jerry.profile index 3136b412e..0cdfa2ace 100644 --- a/etc/profile-a-l/jerry.profile +++ b/etc/profile-a-l/jerry.profile | |||
@@ -33,7 +33,7 @@ tracelog | |||
33 | 33 | ||
34 | private-bin bash,jerry,sh,stockfish | 34 | private-bin bash,jerry,sh,stockfish |
35 | private-dev | 35 | private-dev |
36 | private-etc alternatives,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload | 36 | private-etc @x11 |
37 | private-tmp | 37 | private-tmp |
38 | 38 | ||
39 | dbus-user none | 39 | dbus-user none |
diff --git a/etc/profile-a-l/jitsi-meet-desktop.profile b/etc/profile-a-l/jitsi-meet-desktop.profile index edb7ed840..8c85d1043 100644 --- a/etc/profile-a-l/jitsi-meet-desktop.profile +++ b/etc/profile-a-l/jitsi-meet-desktop.profile | |||
@@ -21,7 +21,7 @@ mkdir ${HOME}/.config/Jitsi Meet | |||
21 | whitelist ${HOME}/.config/Jitsi Meet | 21 | whitelist ${HOME}/.config/Jitsi Meet |
22 | 22 | ||
23 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],jitsi-meet-desktop,sh | 23 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],jitsi-meet-desktop,sh |
24 | private-etc alsa,alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,drirc,fonts,glvnd,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,nvidia,pango,passwd,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11,xdg | 24 | private-etc @tls-ca,@x11,bumblebee,glvnd,host.conf,mime.types,rpc,services |
25 | 25 | ||
26 | # Redirect | 26 | # Redirect |
27 | include electron.profile | 27 | include electron.profile |
diff --git a/etc/profile-a-l/jumpnbump.profile b/etc/profile-a-l/jumpnbump.profile index 66d63283a..cefceefed 100644 --- a/etc/profile-a-l/jumpnbump.profile +++ b/etc/profile-a-l/jumpnbump.profile | |||
@@ -40,7 +40,7 @@ disable-mnt | |||
40 | private-bin jumpnbump | 40 | private-bin jumpnbump |
41 | private-cache | 41 | private-cache |
42 | private-dev | 42 | private-dev |
43 | private-etc alternatives,ld.so.cache,ld.so.preload | 43 | private-etc |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
46 | dbus-user none | 46 | dbus-user none |
diff --git a/etc/profile-a-l/kalgebra.profile b/etc/profile-a-l/kalgebra.profile index bde52f30e..a4e67cf6b 100644 --- a/etc/profile-a-l/kalgebra.profile +++ b/etc/profile-a-l/kalgebra.profile | |||
@@ -41,7 +41,7 @@ disable-mnt | |||
41 | private-bin kalgebra,kalgebramobile | 41 | private-bin kalgebra,kalgebramobile |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 44 | private-etc |
45 | private-tmp | 45 | private-tmp |
46 | 46 | ||
47 | dbus-user none | 47 | dbus-user none |
diff --git a/etc/profile-a-l/kazam.profile b/etc/profile-a-l/kazam.profile index c01000af1..0ed2cf48a 100644 --- a/etc/profile-a-l/kazam.profile +++ b/etc/profile-a-l/kazam.profile | |||
@@ -48,7 +48,7 @@ disable-mnt | |||
48 | # private-bin kazam,python* | 48 | # private-bin kazam,python* |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc alsa,alternatives,asound.conf,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,machine-id,pulse,selinux,X11,xdg | 51 | private-etc @x11,selinux |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | dbus-system none | 54 | dbus-system none |
diff --git a/etc/profile-a-l/kcalc.profile b/etc/profile-a-l/kcalc.profile index ea56f2d39..cfb756c43 100644 --- a/etc/profile-a-l/kcalc.profile +++ b/etc/profile-a-l/kcalc.profile | |||
@@ -59,7 +59,7 @@ disable-mnt | |||
59 | private-bin kcalc | 59 | private-bin kcalc |
60 | private-cache | 60 | private-cache |
61 | private-dev | 61 | private-dev |
62 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,locale,locale.conf | 62 | private-etc |
63 | # private-lib - problems on Arch | 63 | # private-lib - problems on Arch |
64 | private-tmp | 64 | private-tmp |
65 | 65 | ||
diff --git a/etc/profile-a-l/keepassx.profile b/etc/profile-a-l/keepassx.profile index 935fe3933..4644d598d 100644 --- a/etc/profile-a-l/keepassx.profile +++ b/etc/profile-a-l/keepassx.profile | |||
@@ -40,7 +40,7 @@ tracelog | |||
40 | 40 | ||
41 | private-bin keepassx,keepassx2 | 41 | private-bin keepassx,keepassx2 |
42 | private-dev | 42 | private-dev |
43 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 43 | private-etc |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
46 | dbus-user none | 46 | dbus-user none |
diff --git a/etc/profile-a-l/keepassxc.profile b/etc/profile-a-l/keepassxc.profile index 80374690c..f7959ca81 100644 --- a/etc/profile-a-l/keepassxc.profile +++ b/etc/profile-a-l/keepassxc.profile | |||
@@ -89,7 +89,7 @@ private-bin keepassxc,keepassxc-cli,keepassxc-proxy | |||
89 | # hardware keys) on /dev after it has already started; add "ignore private-dev" | 89 | # hardware keys) on /dev after it has already started; add "ignore private-dev" |
90 | # to keepassxc.local if this is an issue (see #4883). | 90 | # to keepassxc.local if this is an issue (see #4883). |
91 | private-dev | 91 | private-dev |
92 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id | 92 | private-etc |
93 | private-tmp | 93 | private-tmp |
94 | 94 | ||
95 | dbus-user filter | 95 | dbus-user filter |
diff --git a/etc/profile-a-l/kid3.profile b/etc/profile-a-l/kid3.profile index 424fb006e..651571fd9 100644 --- a/etc/profile-a-l/kid3.profile +++ b/etc/profile-a-l/kid3.profile | |||
@@ -36,7 +36,7 @@ tracelog | |||
36 | 36 | ||
37 | private-cache | 37 | private-cache |
38 | private-dev | 38 | private-dev |
39 | private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gtk-3.0,hostname,hosts,kde5rc,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl | 39 | private-etc @tls-ca,@x11 |
40 | private-tmp | 40 | private-tmp |
41 | private-opt none | 41 | private-opt none |
42 | private-srv none | 42 | private-srv none |
diff --git a/etc/profile-a-l/kiwix-desktop.profile b/etc/profile-a-l/kiwix-desktop.profile index 5a028aeea..2e369b945 100644 --- a/etc/profile-a-l/kiwix-desktop.profile +++ b/etc/profile-a-l/kiwix-desktop.profile | |||
@@ -43,7 +43,7 @@ seccomp !chroot | |||
43 | disable-mnt | 43 | disable-mnt |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl | 46 | private-etc @tls-ca |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-a-l/klavaro.profile b/etc/profile-a-l/klavaro.profile index 0785b904d..faf6a2d08 100644 --- a/etc/profile-a-l/klavaro.profile +++ b/etc/profile-a-l/klavaro.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin bash,klavaro,sh,tclsh,tclsh* | 44 | private-bin bash,klavaro,sh,tclsh,tclsh* |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload | 47 | private-etc |
48 | private-tmp | 48 | private-tmp |
49 | private-opt none | 49 | private-opt none |
50 | private-srv none | 50 | private-srv none |
diff --git a/etc/profile-a-l/ktouch.profile b/etc/profile-a-l/ktouch.profile index 68ef6111a..b5ce96e70 100644 --- a/etc/profile-a-l/ktouch.profile +++ b/etc/profile-a-l/ktouch.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin ktouch | 45 | private-bin ktouch |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,fonts,kde5rc,ld.so.cache,ld.so.preload,machine-id | 48 | private-etc @x11 |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | dbus-user none | 51 | dbus-user none |
diff --git a/etc/profile-a-l/kube.profile b/etc/profile-a-l/kube.profile index 0cdfe4f10..7204549e2 100644 --- a/etc/profile-a-l/kube.profile +++ b/etc/profile-a-l/kube.profile | |||
@@ -67,7 +67,7 @@ tracelog | |||
67 | private-bin kube,sink_synchronizer | 67 | private-bin kube,sink_synchronizer |
68 | private-cache | 68 | private-cache |
69 | private-dev | 69 | private-dev |
70 | private-etc alternatives,ca-certificates,crypto-policies,fonts,gcrypt,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.preload,pki,resolv.conf,selinux,ssl,xdg | 70 | private-etc @tls-ca,@x11,selinux |
71 | private-tmp | 71 | private-tmp |
72 | writable-run-user | 72 | writable-run-user |
73 | 73 | ||
diff --git a/etc/profile-a-l/kwin_x11.profile b/etc/profile-a-l/kwin_x11.profile index 7ecf26d8e..589811643 100644 --- a/etc/profile-a-l/kwin_x11.profile +++ b/etc/profile-a-l/kwin_x11.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | disable-mnt | 42 | disable-mnt |
43 | private-bin kwin_x11 | 43 | private-bin kwin_x11 |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,drirc,fonts,kde5rc,ld.so.cache,ld.so.preload,machine-id,xdg | 45 | private-etc @x11 |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | restrict-namespaces | 48 | restrict-namespaces |
diff --git a/etc/profile-a-l/kwrite.profile b/etc/profile-a-l/kwrite.profile index 18a024c7e..34fe2ace6 100644 --- a/etc/profile-a-l/kwrite.profile +++ b/etc/profile-a-l/kwrite.profile | |||
@@ -46,7 +46,7 @@ tracelog | |||
46 | 46 | ||
47 | private-bin kbuildsycoca4,kdeinit4,kwrite | 47 | private-bin kbuildsycoca4,kdeinit4,kwrite |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,ld.so.preload,machine-id,pulse,xdg | 49 | private-etc @x11 |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | # dbus-user none | 52 | # dbus-user none |
diff --git a/etc/profile-a-l/lifeograph.profile b/etc/profile-a-l/lifeograph.profile index 025156d2d..4440757ad 100644 --- a/etc/profile-a-l/lifeograph.profile +++ b/etc/profile-a-l/lifeograph.profile | |||
@@ -48,7 +48,7 @@ disable-mnt | |||
48 | private-bin lifeograph | 48 | private-bin lifeograph |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11 | 51 | private-etc @x11 |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | dbus-user filter | 54 | dbus-user filter |
diff --git a/etc/profile-a-l/links-common.profile b/etc/profile-a-l/links-common.profile index 22a4a2a2a..838d619b7 100644 --- a/etc/profile-a-l/links-common.profile +++ b/etc/profile-a-l/links-common.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-bin sh | 50 | private-bin sh |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 53 | private-etc @tls-ca |
54 | # Add the next line to your links-common.local to allow external media players. | 54 | # Add the next line to your links-common.local to allow external media players. |
55 | # private-etc alsa,asound.conf,machine-id,openal,pulse | 55 | # private-etc alsa,asound.conf,machine-id,openal,pulse |
56 | private-tmp | 56 | private-tmp |
diff --git a/etc/profile-a-l/linuxqq.profile b/etc/profile-a-l/linuxqq.profile index 8855f09f5..83f3d11d3 100644 --- a/etc/profile-a-l/linuxqq.profile +++ b/etc/profile-a-l/linuxqq.profile | |||
@@ -23,7 +23,7 @@ noprinters | |||
23 | 23 | ||
24 | # If you don't need/want to save anything to disk you can add `private` to your linuxqq.local. | 24 | # If you don't need/want to save anything to disk you can add `private` to your linuxqq.local. |
25 | #private | 25 | #private |
26 | private-etc alsa,alternatives,ca-certificates,crypto-policies,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,login.defs,machine-id,nsswitch.conf,os-release,passwd,pki,pulse,resolv.conf,ssl,xdg | 26 | private-etc @tls-ca,@x11,host.conf,os-release |
27 | private-opt QQ | 27 | private-opt QQ |
28 | 28 | ||
29 | dbus-user filter | 29 | dbus-user filter |
diff --git a/etc/profile-a-l/lollypop.profile b/etc/profile-a-l/lollypop.profile index 78b78662b..bb13e0301 100644 --- a/etc/profile-a-l/lollypop.profile +++ b/etc/profile-a-l/lollypop.profile | |||
@@ -36,7 +36,7 @@ protocol unix,inet,inet6 | |||
36 | seccomp | 36 | seccomp |
37 | 37 | ||
38 | private-dev | 38 | private-dev |
39 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl,xdg | 39 | private-etc @tls-ca,@x11,host.conf |
40 | private-tmp | 40 | private-tmp |
41 | 41 | ||
42 | restrict-namespaces | 42 | restrict-namespaces |
diff --git a/etc/profile-a-l/lyx.profile b/etc/profile-a-l/lyx.profile index ae2f2d434..c3366acef 100644 --- a/etc/profile-a-l/lyx.profile +++ b/etc/profile-a-l/lyx.profile | |||
@@ -32,7 +32,7 @@ apparmor | |||
32 | machine-id | 32 | machine-id |
33 | 33 | ||
34 | # private-bin atril,dvilualatex,env,latex,lua*,luatex,lyx,lyxclient,okular,pdf2latex,pdflatex,pdftex,perl*,python*,qpdf,qpdfview,sh,tex2lyx,texmf,xelatex | 34 | # private-bin atril,dvilualatex,env,latex,lua*,luatex,lyx,lyxclient,okular,pdf2latex,pdflatex,pdftex,perl*,python*,qpdf,qpdfview,sh,tex2lyx,texmf,xelatex |
35 | private-etc alternatives,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,locale,locale.alias,locale.conf,lyx,machine-id,mime.types,passwd,texmf,X11,xdg | 35 | private-etc @x11,lyx,mime.types,texmf |
36 | 36 | ||
37 | # Redirect | 37 | # Redirect |
38 | include latex-common.profile | 38 | include latex-common.profile |