diff options
Diffstat (limited to 'etc/profile-m-z')
-rw-r--r-- | etc/profile-m-z/megaglest.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/minetest.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/ostrichriders.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/pingus.profile | 10 | ||||
-rw-r--r-- | etc/profile-m-z/scorched3d-wrapper.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/scorched3d.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/supertux2.profile | 5 | ||||
-rw-r--r-- | etc/profile-m-z/torcs.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/transmission-gtk.profile | 1 |
9 files changed, 34 insertions, 1 deletions
diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile index 86e7f129e..19f9edf05 100644 --- a/etc/profile-m-z/megaglest.profile +++ b/etc/profile-m-z/megaglest.profile | |||
@@ -18,9 +18,13 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.megaglest | 19 | mkdir ${HOME}/.megaglest |
20 | whitelist ${HOME}/.megaglest | 20 | whitelist ${HOME}/.megaglest |
21 | whitelist /usr/share/megaglest | ||
21 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
23 | 26 | ||
27 | apparmor | ||
24 | caps.drop all | 28 | caps.drop all |
25 | ipc-namespace | 29 | ipc-namespace |
26 | netfilter | 30 | netfilter |
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index 619173024..f201b13d7 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile | |||
@@ -21,7 +21,10 @@ mkdir ${HOME}/.cache/minetest | |||
21 | mkdir ${HOME}/.minetest | 21 | mkdir ${HOME}/.minetest |
22 | whitelist ${HOME}/.cache/minetest | 22 | whitelist ${HOME}/.cache/minetest |
23 | whitelist ${HOME}/.minetest | 23 | whitelist ${HOME}/.minetest |
24 | whitelist /usr/share/minetest | ||
24 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | ||
27 | include whitelist-usr-share-common.inc | ||
25 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
26 | 29 | ||
27 | caps.drop all | 30 | caps.drop all |
diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index 378d267f6..4cd4dae17 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile | |||
@@ -18,7 +18,9 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.ostrichriders | 19 | mkdir ${HOME}/.ostrichriders |
20 | whitelist ${HOME}/.ostrichriders | 20 | whitelist ${HOME}/.ostrichriders |
21 | whitelist /usr/share/ostrichriders | ||
21 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
23 | 25 | ||
24 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile index cfe45b9c9..0b6a9ad5f 100644 --- a/etc/profile-m-z/pingus.profile +++ b/etc/profile-m-z/pingus.profile | |||
@@ -14,10 +14,14 @@ include disable-exec.inc | |||
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | ||
17 | 18 | ||
18 | mkdir ${HOME}/.pingus | 19 | mkdir ${HOME}/.pingus |
19 | whitelist ${HOME}/.pingus | 20 | whitelist ${HOME}/.pingus |
21 | whitelist /usr/share/pingus | ||
20 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
22 | 26 | ||
23 | apparmor | 27 | apparmor |
@@ -33,9 +37,13 @@ novideo | |||
33 | protocol unix,netlink | 37 | protocol unix,netlink |
34 | seccomp | 38 | seccomp |
35 | shell none | 39 | shell none |
40 | tracelog | ||
36 | 41 | ||
37 | # private-bin pingus | 42 | disbale-mnt |
43 | private-bin pingus,pingus.bin,sh | ||
44 | private-cache | ||
38 | private-dev | 45 | private-dev |
46 | private-etc machine-id | ||
39 | private-tmp | 47 | private-tmp |
40 | 48 | ||
41 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/scorched3d-wrapper.profile b/etc/profile-m-z/scorched3d-wrapper.profile index 9cbb19bff..507d0827e 100644 --- a/etc/profile-m-z/scorched3d-wrapper.profile +++ b/etc/profile-m-z/scorched3d-wrapper.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include scorched3d-wrapper.local | 4 | include scorched3d-wrapper.local |
5 | 5 | ||
6 | whitelist /usr/share/opengl-games-utils | ||
7 | private-bin basename,bash,cut,glxinfo,grep,head,sed,zenity | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include scorched3d.profile | 10 | include scorched3d.profile |
diff --git a/etc/profile-m-z/scorched3d.profile b/etc/profile-m-z/scorched3d.profile index b5e51198b..6a1003c33 100644 --- a/etc/profile-m-z/scorched3d.profile +++ b/etc/profile-m-z/scorched3d.profile | |||
@@ -18,7 +18,10 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.scorched3d | 19 | mkdir ${HOME}/.scorched3d |
20 | whitelist ${HOME}/.scorched3d | 20 | whitelist ${HOME}/.scorched3d |
21 | whitelist /usr/share/scorched3d | ||
21 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
23 | 26 | ||
24 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile index e1cdb114c..ceaae8fbf 100644 --- a/etc/profile-m-z/supertux2.profile +++ b/etc/profile-m-z/supertux2.profile | |||
@@ -14,10 +14,14 @@ include disable-exec.inc | |||
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | ||
17 | 18 | ||
18 | mkdir ${HOME}/.local/share/supertux2 | 19 | mkdir ${HOME}/.local/share/supertux2 |
19 | whitelist ${HOME}/.local/share/supertux2 | 20 | whitelist ${HOME}/.local/share/supertux2 |
21 | whitelist /usr/share/supertux2 | ||
20 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
22 | 26 | ||
23 | apparmor | 27 | apparmor |
@@ -33,6 +37,7 @@ novideo | |||
33 | protocol unix,netlink | 37 | protocol unix,netlink |
34 | seccomp | 38 | seccomp |
35 | shell none | 39 | shell none |
40 | tracelog | ||
36 | 41 | ||
37 | disable-mnt | 42 | disable-mnt |
38 | # private-bin supertux2 | 43 | # private-bin supertux2 |
diff --git a/etc/profile-m-z/torcs.profile b/etc/profile-m-z/torcs.profile index 8dcd7447b..1ed78934e 100644 --- a/etc/profile-m-z/torcs.profile +++ b/etc/profile-m-z/torcs.profile | |||
@@ -18,7 +18,10 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.torcs | 19 | mkdir ${HOME}/.torcs |
20 | whitelist ${HOME}/.torcs | 20 | whitelist ${HOME}/.torcs |
21 | whitelist /usr/share/games/torcs | ||
22 | whitelist /var/games/torcs | ||
21 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
23 | 26 | ||
24 | caps.drop all | 27 | caps.drop all |
@@ -37,6 +40,7 @@ shell none | |||
37 | tracelog | 40 | tracelog |
38 | 41 | ||
39 | disable-mnt | 42 | disable-mnt |
43 | private-bin bash,chmod,cp,mkdir,rm,torcs | ||
40 | private-cache | 44 | private-cache |
41 | private-dev | 45 | private-dev |
42 | private-tmp | 46 | private-tmp |
diff --git a/etc/profile-m-z/transmission-gtk.profile b/etc/profile-m-z/transmission-gtk.profile index baa970307..03111ec56 100644 --- a/etc/profile-m-z/transmission-gtk.profile +++ b/etc/profile-m-z/transmission-gtk.profile | |||
@@ -10,6 +10,7 @@ include globals.local | |||
10 | include whitelist-runuser-common.inc | 10 | include whitelist-runuser-common.inc |
11 | 11 | ||
12 | private-bin transmission-gtk | 12 | private-bin transmission-gtk |
13 | private-cache | ||
13 | 14 | ||
14 | ignore memory-deny-write-execute | 15 | ignore memory-deny-write-execute |
15 | 16 | ||