diff options
Diffstat (limited to 'etc/profile-m-z')
113 files changed, 252 insertions, 108 deletions
diff --git a/etc/profile-m-z/Viber.profile b/etc/profile-m-z/Viber.profile index ca7165a5d..89ca53af6 100644 --- a/etc/profile-m-z/Viber.profile +++ b/etc/profile-m-z/Viber.profile | |||
@@ -33,5 +33,5 @@ shell none | |||
33 | 33 | ||
34 | disable-mnt | 34 | disable-mnt |
35 | private-bin awk,bash,dig,sh,Viber | 35 | private-bin awk,bash,dig,sh,Viber |
36 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hosts,ld.so.preload,localtime,machine-id,mailcap,nsswitch.conf,pki,proxychains.conf,pulse,resolv.conf,ssl,X11 | 36 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,mailcap,nsswitch.conf,pki,proxychains.conf,pulse,resolv.conf,ssl,X11 |
37 | private-tmp | 37 | private-tmp |
diff --git a/etc/profile-m-z/magicor.profile b/etc/profile-m-z/magicor.profile index b7cba2421..47165dd3d 100644 --- a/etc/profile-m-z/magicor.profile +++ b/etc/profile-m-z/magicor.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin magicor,python2* | 45 | private-bin magicor,python2* |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc ld.so.preload,machine-id | 48 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | dbus-user none | 51 | dbus-user none |
diff --git a/etc/profile-m-z/man.profile b/etc/profile-m-z/man.profile index b6038cc91..9c5959091 100644 --- a/etc/profile-m-z/man.profile +++ b/etc/profile-m-z/man.profile | |||
@@ -58,7 +58,7 @@ disable-mnt | |||
58 | #private-bin apropos,bash,cat,catman,col,gpreconv,groff,grotty,gunzip,gzip,less,man,most,nroff,preconv,sed,sh,tbl,tr,troff,whatis,which,xtotroff,zcat,zsoelim | 58 | #private-bin apropos,bash,cat,catman,col,gpreconv,groff,grotty,gunzip,gzip,less,man,most,nroff,preconv,sed,sh,tbl,tr,troff,whatis,which,xtotroff,zcat,zsoelim |
59 | private-cache | 59 | private-cache |
60 | private-dev | 60 | private-dev |
61 | private-etc alternatives,fonts,groff,ld.so.preload,locale,locale.alias,locale.conf,man_db.conf,manpath.config,selinux,sysless,xdg | 61 | private-etc alternatives,fonts,groff,ld.so.cache,ld.so.preload,locale,locale.alias,locale.conf,man_db.conf,manpath.config,selinux,sysless,xdg |
62 | #private-tmp | 62 | #private-tmp |
63 | 63 | ||
64 | dbus-user none | 64 | dbus-user none |
diff --git a/etc/profile-m-z/masterpdfeditor.profile b/etc/profile-m-z/masterpdfeditor.profile index dc2088a18..764d040ab 100644 --- a/etc/profile-m-z/masterpdfeditor.profile +++ b/etc/profile-m-z/masterpdfeditor.profile | |||
@@ -36,6 +36,6 @@ tracelog | |||
36 | 36 | ||
37 | private-cache | 37 | private-cache |
38 | private-dev | 38 | private-dev |
39 | private-etc alternatives,fonts,ld.so.preload | 39 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
40 | private-tmp | 40 | private-tmp |
41 | 41 | ||
diff --git a/etc/profile-m-z/mate-calc.profile b/etc/profile-m-z/mate-calc.profile index cb14c6584..2be6b9af1 100644 --- a/etc/profile-m-z/mate-calc.profile +++ b/etc/profile-m-z/mate-calc.profile | |||
@@ -42,7 +42,7 @@ shell none | |||
42 | 42 | ||
43 | disable-mnt | 43 | disable-mnt |
44 | private-bin mate-calc,mate-calculator | 44 | private-bin mate-calc,mate-calculator |
45 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.preload | 45 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload |
46 | private-dev | 46 | private-dev |
47 | private-opt none | 47 | private-opt none |
48 | private-tmp | 48 | private-tmp |
diff --git a/etc/profile-m-z/mate-color-select.profile b/etc/profile-m-z/mate-color-select.profile index 97793abd5..e16b0fc6c 100644 --- a/etc/profile-m-z/mate-color-select.profile +++ b/etc/profile-m-z/mate-color-select.profile | |||
@@ -33,7 +33,7 @@ shell none | |||
33 | 33 | ||
34 | disable-mnt | 34 | disable-mnt |
35 | private-bin mate-color-select | 35 | private-bin mate-color-select |
36 | private-etc alternatives,fonts,ld.so.preload | 36 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
37 | private-dev | 37 | private-dev |
38 | private-lib | 38 | private-lib |
39 | private-tmp | 39 | private-tmp |
diff --git a/etc/profile-m-z/mate-dictionary.profile b/etc/profile-m-z/mate-dictionary.profile index cb0002af6..469416304 100644 --- a/etc/profile-m-z/mate-dictionary.profile +++ b/etc/profile-m-z/mate-dictionary.profile | |||
@@ -37,7 +37,7 @@ shell none | |||
37 | 37 | ||
38 | disable-mnt | 38 | disable-mnt |
39 | private-bin mate-dictionary | 39 | private-bin mate-dictionary |
40 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.preload,pki,resolv.conf,ssl | 40 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl |
41 | private-opt mate-dictionary | 41 | private-opt mate-dictionary |
42 | private-dev | 42 | private-dev |
43 | private-tmp | 43 | private-tmp |
diff --git a/etc/profile-m-z/mcabber.profile b/etc/profile-m-z/mcabber.profile index 87083f1e3..4c4a6aa76 100644 --- a/etc/profile-m-z/mcabber.profile +++ b/etc/profile-m-z/mcabber.profile | |||
@@ -31,4 +31,4 @@ shell none | |||
31 | 31 | ||
32 | private-bin mcabber | 32 | private-bin mcabber |
33 | private-dev | 33 | private-dev |
34 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,pki,ssl | 34 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,pki,ssl |
diff --git a/etc/profile-m-z/mdr.profile b/etc/profile-m-z/mdr.profile index da5e0ffa8..bcfd59cbb 100644 --- a/etc/profile-m-z/mdr.profile +++ b/etc/profile-m-z/mdr.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin mdr | 45 | private-bin mdr |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc ld.so.preload,none | 48 | private-etc alternatives,ld.so.cache,ld.so.preload |
49 | private-lib | 49 | private-lib |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-m-z/mediainfo.profile b/etc/profile-m-z/mediainfo.profile index 9403321e2..9bfbaf745 100644 --- a/etc/profile-m-z/mediainfo.profile +++ b/etc/profile-m-z/mediainfo.profile | |||
@@ -42,7 +42,7 @@ x11 none | |||
42 | private-bin mediainfo | 42 | private-bin mediainfo |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,ld.so.preload | 45 | private-etc alternatives,ld.so.cache,ld.so.preload |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index f9f7db3cb..ed0758a49 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile | |||
@@ -52,7 +52,7 @@ tracelog | |||
52 | disable-mnt | 52 | disable-mnt |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.preload,locale.alias,locale.conf,mime.types,nsswitch.conf,passwd,pki,selinux,X11,xdg | 55 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,locale.alias,locale.conf,mime.types,nsswitch.conf,passwd,pki,selinux,X11,xdg |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-user none | 58 | dbus-user none |
diff --git a/etc/profile-m-z/mindless.profile b/etc/profile-m-z/mindless.profile index bcc7b232b..16ace7ce4 100644 --- a/etc/profile-m-z/mindless.profile +++ b/etc/profile-m-z/mindless.profile | |||
@@ -42,7 +42,7 @@ private | |||
42 | private-bin mindless | 42 | private-bin mindless |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc fonts,ld.so.preload | 45 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-m-z/mirrormagic.profile b/etc/profile-m-z/mirrormagic.profile index 133a17350..be846ce63 100644 --- a/etc/profile-m-z/mirrormagic.profile +++ b/etc/profile-m-z/mirrormagic.profile | |||
@@ -44,7 +44,7 @@ private | |||
44 | private-bin mirrormagic | 44 | private-bin mirrormagic |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc ld.so.preload,machine-id | 47 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-m-z/mocp.profile b/etc/profile-m-z/mocp.profile index 79f603f92..313d78030 100644 --- a/etc/profile-m-z/mocp.profile +++ b/etc/profile-m-z/mocp.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | private-bin mocp | 42 | private-bin mocp |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,group,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl | 45 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,group,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-m-z/mp3splt-gtk.profile b/etc/profile-m-z/mp3splt-gtk.profile index 445691f6a..fe3c78b55 100644 --- a/etc/profile-m-z/mp3splt-gtk.profile +++ b/etc/profile-m-z/mp3splt-gtk.profile | |||
@@ -37,7 +37,7 @@ tracelog | |||
37 | private-bin mp3splt-gtk | 37 | private-bin mp3splt-gtk |
38 | private-cache | 38 | private-cache |
39 | private-dev | 39 | private-dev |
40 | private-etc alsa,alternatives,asound.conf,dconf,fonts,gtk-3.0,ld.so.preload,machine-id,openal,pulse | 40 | private-etc alsa,alternatives,asound.conf,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,machine-id,openal,pulse |
41 | private-tmp | 41 | private-tmp |
42 | 42 | ||
43 | dbus-user none | 43 | dbus-user none |
diff --git a/etc/profile-m-z/mp3splt.profile b/etc/profile-m-z/mp3splt.profile index 4d6109250..c89c72ce4 100644 --- a/etc/profile-m-z/mp3splt.profile +++ b/etc/profile-m-z/mp3splt.profile | |||
@@ -44,7 +44,7 @@ disable-mnt | |||
44 | private-bin flacsplt,mp3splt,mp3wrap,oggsplt | 44 | private-bin flacsplt,mp3splt,mp3wrap,oggsplt |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,ld.so.preload | 47 | private-etc alternatives,ld.so.cache,ld.so.preload |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | memory-deny-write-execute | 50 | memory-deny-write-execute |
diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile index 597390914..18a839363 100644 --- a/etc/profile-m-z/mpDris2.profile +++ b/etc/profile-m-z/mpDris2.profile | |||
@@ -49,7 +49,7 @@ shell none | |||
49 | private-bin mpDris2,notify-send,python* | 49 | private-bin mpDris2,notify-send,python* |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,hosts,ld.so.preload,nsswitch.conf | 52 | private-etc alternatives,hosts,ld.so.cache,ld.so.preload,nsswitch.conf |
53 | private-lib libdbus-1.so.*,libdbus-glib-1.so.*,libgirepository-1.0.so.*,libnotify.so.*,libpython*,python2*,python3* | 53 | private-lib libdbus-1.so.*,libdbus-glib-1.so.*,libgirepository-1.0.so.*,libnotify.so.*,libpython*,python2*,python3* |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index 74402a8de..efb11465b 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile | |||
@@ -74,7 +74,7 @@ seccomp.block-secondary | |||
74 | shell none | 74 | shell none |
75 | tracelog | 75 | tracelog |
76 | 76 | ||
77 | private-bin env,mpv,python*,waf,youtube-dl | 77 | private-bin env,mpv,python*,waf,youtube-dl,yt-dlp |
78 | # private-cache causes slow OSD, see #2838 | 78 | # private-cache causes slow OSD, see #2838 |
79 | #private-cache | 79 | #private-cache |
80 | private-dev | 80 | private-dev |
diff --git a/etc/profile-m-z/mrrescue.profile b/etc/profile-m-z/mrrescue.profile index 5b5902563..3fe88ec7f 100644 --- a/etc/profile-m-z/mrrescue.profile +++ b/etc/profile-m-z/mrrescue.profile | |||
@@ -52,7 +52,7 @@ disable-mnt | |||
52 | private-bin love,mrrescue,sh | 52 | private-bin love,mrrescue,sh |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc ld.so.preload,machine-id | 55 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-user none | 58 | dbus-user none |
diff --git a/etc/profile-m-z/ms-office.profile b/etc/profile-m-z/ms-office.profile index 7b4a305e9..e15b14db7 100644 --- a/etc/profile-m-z/ms-office.profile +++ b/etc/profile-m-z/ms-office.profile | |||
@@ -35,7 +35,7 @@ tracelog | |||
35 | 35 | ||
36 | disable-mnt | 36 | disable-mnt |
37 | private-bin bash,env,fonts,jak,ms-office,python*,sh | 37 | private-bin bash,env,fonts,jak,ms-office,python*,sh |
38 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,pki,resolv.conf,ssl | 38 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl |
39 | private-dev | 39 | private-dev |
40 | private-tmp | 40 | private-tmp |
41 | 41 | ||
diff --git a/etc/profile-m-z/mupdf-x11-curl.profile b/etc/profile-m-z/mupdf-x11-curl.profile index b95ab2194..006f64ba8 100644 --- a/etc/profile-m-z/mupdf-x11-curl.profile +++ b/etc/profile-m-z/mupdf-x11-curl.profile | |||
@@ -12,7 +12,7 @@ ignore net none | |||
12 | netfilter | 12 | netfilter |
13 | protocol unix,inet,inet6 | 13 | protocol unix,inet,inet6 |
14 | 14 | ||
15 | private-etc ca-certificates,crypto-policies,hosts,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 15 | private-etc alternatives,ca-certificates,crypto-policies,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl |
16 | 16 | ||
17 | # Redirect | 17 | # Redirect |
18 | include mupdf.profile | 18 | include mupdf.profile |
diff --git a/etc/profile-m-z/musixmatch.profile b/etc/profile-m-z/musixmatch.profile index aab2ac19d..796d7fbb0 100644 --- a/etc/profile-m-z/musixmatch.profile +++ b/etc/profile-m-z/musixmatch.profile | |||
@@ -33,5 +33,5 @@ seccomp !chroot | |||
33 | 33 | ||
34 | disable-mnt | 34 | disable-mnt |
35 | private-dev | 35 | private-dev |
36 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,ld.so.preload,machine-id,pki,pulse,ssl | 36 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,machine-id,pki,pulse,ssl |
37 | 37 | ||
diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index fb923051f..d10c55549 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile | |||
@@ -134,7 +134,7 @@ tracelog | |||
134 | # disable-mnt | 134 | # disable-mnt |
135 | private-cache | 135 | private-cache |
136 | private-dev | 136 | private-dev |
137 | private-etc alternatives,ca-certificates,crypto-policies,fonts,gai.conf,gcrypt,gnupg,gnutls,hostname,hosts,hosts.conf,ld.so.preload,mail,mailname,Mutt,Muttrc,Muttrc.d,nntpserver,nsswitch.conf,passwd,pki,resolv.conf,ssl,terminfo,xdg | 137 | private-etc alternatives,ca-certificates,crypto-policies,fonts,gai.conf,gcrypt,gnupg,gnutls,hostname,hosts,hosts.conf,ld.so.cache,ld.so.preload,mail,mailname,Mutt,Muttrc,Muttrc.d,nntpserver,nsswitch.conf,passwd,pki,resolv.conf,ssl,terminfo,xdg |
138 | private-tmp | 138 | private-tmp |
139 | writable-run-user | 139 | writable-run-user |
140 | writable-var | 140 | writable-var |
diff --git a/etc/profile-m-z/mypaint.profile b/etc/profile-m-z/mypaint.profile index bf01aaa0e..74301df06 100644 --- a/etc/profile-m-z/mypaint.profile +++ b/etc/profile-m-z/mypaint.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | 43 | ||
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.preload | 46 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile index 23a30bf97..f7c1f0ff7 100644 --- a/etc/profile-m-z/nano.profile +++ b/etc/profile-m-z/nano.profile | |||
@@ -49,7 +49,7 @@ private-dev | |||
49 | # Add the next lines to your nano.local if you want to edit files in /etc directly. | 49 | # Add the next lines to your nano.local if you want to edit files in /etc directly. |
50 | #ignore private-etc | 50 | #ignore private-etc |
51 | #writable-etc | 51 | #writable-etc |
52 | private-etc alternatives,ld.so.preload,nanorc | 52 | private-etc alternatives,ld.so.cache,ld.so.preload,nanorc |
53 | # Add the next line to your nano.local if you want to edit files in /var directly. | 53 | # Add the next line to your nano.local if you want to edit files in /var directly. |
54 | #writable-var | 54 | #writable-var |
55 | 55 | ||
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index 1e59a1490..f31cf9dcb 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile | |||
@@ -137,7 +137,7 @@ tracelog | |||
137 | # disable-mnt | 137 | # disable-mnt |
138 | private-cache | 138 | private-cache |
139 | private-dev | 139 | private-dev |
140 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gnupg,hostname,hosts,hosts.conf,ld.so.preload,mail,mailname,Mutt,Muttrc,Muttrc.d,neomuttrc,neomuttrc.d,nntpserver,nsswitch.conf,passwd,pki,resolv.conf,ssl,xdg | 140 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,gnupg,hostname,hosts,hosts.conf,ld.so.cache,ld.so.preload,mail,mailname,Mutt,Muttrc,Muttrc.d,neomuttrc,neomuttrc.d,nntpserver,nsswitch.conf,passwd,pki,resolv.conf,ssl,xdg |
141 | private-tmp | 141 | private-tmp |
142 | writable-run-user | 142 | writable-run-user |
143 | writable-var | 143 | writable-var |
diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile index 57f026a0b..d6ac8d5bc 100644 --- a/etc/profile-m-z/netactview.profile +++ b/etc/profile-m-z/netactview.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin netactview,netactview_polkit | 45 | private-bin netactview,netactview_polkit |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,fonts,ld.so.preload | 48 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
49 | private-lib | 49 | private-lib |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-m-z/newsboat.profile b/etc/profile-m-z/newsboat.profile index 34c6110cf..cf72bf802 100644 --- a/etc/profile-m-z/newsboat.profile +++ b/etc/profile-m-z/newsboat.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin gzip,lynx,newsboat,sh,w3m | 53 | private-bin gzip,lynx,newsboat,sh,w3m |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,lynx.cfg,lynx.lss,pki,resolv.conf,ssl,terminfo | 56 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,lynx.cfg,lynx.lss,pki,resolv.conf,ssl,terminfo |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-m-z/newsflash.profile b/etc/profile-m-z/newsflash.profile index 56cedec03..9966a0e1b 100644 --- a/etc/profile-m-z/newsflash.profile +++ b/etc/profile-m-z/newsflash.profile | |||
@@ -51,7 +51,7 @@ disable-mnt | |||
51 | private-bin com.gitlab.newsflash,newsflash | 51 | private-bin com.gitlab.newsflash,newsflash |
52 | private-cache | 52 | private-cache |
53 | private-dev | 53 | private-dev |
54 | private-etc ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,nsswitch.conf,pango,pki,resolv.conf,ssl,X11 | 54 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,nsswitch.conf,pango,pki,resolv.conf,ssl,X11 |
55 | private-tmp | 55 | private-tmp |
56 | 56 | ||
57 | dbus-user none | 57 | dbus-user none |
diff --git a/etc/profile-m-z/nomacs.profile b/etc/profile-m-z/nomacs.profile index 0bed12b1f..7ffb09e56 100644 --- a/etc/profile-m-z/nomacs.profile +++ b/etc/profile-m-z/nomacs.profile | |||
@@ -41,5 +41,5 @@ tracelog | |||
41 | #private-bin nomacs | 41 | #private-bin nomacs |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gtk-3.0,hosts,ld.so.preload,login.defs,machine-id,pki,resolv.conf,ssl | 44 | private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.preload,login.defs,machine-id,pki,resolv.conf,ssl |
45 | private-tmp | 45 | private-tmp |
diff --git a/etc/profile-m-z/noprofile.profile b/etc/profile-m-z/noprofile.profile new file mode 100644 index 000000000..560ee9db3 --- /dev/null +++ b/etc/profile-m-z/noprofile.profile | |||
@@ -0,0 +1,28 @@ | |||
1 | # This is the weakest possible firejail profile. | ||
2 | # If a program still fail with this profile, it is incompatible with firejail. | ||
3 | # (from https://gist.github.com/rusty-snake/bb234cb3e50e1e4e7429f29a7931cc72) | ||
4 | # | ||
5 | # Usage: | ||
6 | # 1. download | ||
7 | # 2. firejail --profile=noprofile.profile /path/to/program | ||
8 | |||
9 | # Keep in mind that even with this profile some things are done | ||
10 | # which can break the program. | ||
11 | # - some env-vars are cleared | ||
12 | # - /etc/firejail/firejail.config can contain options such as 'force-nonewprivs yes' | ||
13 | # - a new private pid-namespace is created | ||
14 | # - a minimal hardcoded blacklist is applied | ||
15 | # - ... | ||
16 | |||
17 | noblacklist /sys/fs | ||
18 | noblacklist /sys/module | ||
19 | |||
20 | allow-debuggers | ||
21 | allusers | ||
22 | keep-config-pulse | ||
23 | keep-dev-shm | ||
24 | keep-var-tmp | ||
25 | writable-etc | ||
26 | writable-run-user | ||
27 | writable-var | ||
28 | writable-var-log | ||
diff --git a/etc/profile-m-z/notify-send.profile b/etc/profile-m-z/notify-send.profile index a7bb93a02..9f23c099d 100644 --- a/etc/profile-m-z/notify-send.profile +++ b/etc/profile-m-z/notify-send.profile | |||
@@ -49,7 +49,7 @@ private | |||
49 | private-bin notify-send | 49 | private-bin notify-send |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc ld.so.preload,none | 52 | private-etc alternatives,ld.so.cache,ld.so.preload |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user filter | 55 | dbus-user filter |
diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile index 9e3093ea7..9f4a6ec46 100644 --- a/etc/profile-m-z/nuclear.profile +++ b/etc/profile-m-z/nuclear.profile | |||
@@ -18,7 +18,7 @@ whitelist ${HOME}/.config/nuclear | |||
18 | no3d | 18 | no3d |
19 | 19 | ||
20 | # private-bin nuclear | 20 | # private-bin nuclear |
21 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 21 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
22 | private-opt nuclear | 22 | private-opt nuclear |
23 | 23 | ||
24 | # Redirect | 24 | # Redirect |
diff --git a/etc/profile-m-z/nyx.profile b/etc/profile-m-z/nyx.profile index 9b431d76d..653591482 100644 --- a/etc/profile-m-z/nyx.profile +++ b/etc/profile-m-z/nyx.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin nyx,python* | 45 | private-bin nyx,python* |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,fonts,ld.so.preload,passwd,tor | 48 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,passwd,tor |
49 | private-opt none | 49 | private-opt none |
50 | private-srv none | 50 | private-srv none |
51 | private-tmp | 51 | private-tmp |
diff --git a/etc/profile-m-z/odt2txt.profile b/etc/profile-m-z/odt2txt.profile index 7d2374ccf..de62f4114 100644 --- a/etc/profile-m-z/odt2txt.profile +++ b/etc/profile-m-z/odt2txt.profile | |||
@@ -38,7 +38,7 @@ x11 none | |||
38 | private-bin odt2txt | 38 | private-bin odt2txt |
39 | private-cache | 39 | private-cache |
40 | private-dev | 40 | private-dev |
41 | private-etc alternatives,ld.so.preload | 41 | private-etc alternatives,ld.so.cache,ld.so.preload |
42 | private-tmp | 42 | private-tmp |
43 | 43 | ||
44 | dbus-user none | 44 | dbus-user none |
diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile index 0a200b46e..fb28ad89f 100644 --- a/etc/profile-m-z/okular.profile +++ b/etc/profile-m-z/okular.profile | |||
@@ -36,6 +36,7 @@ whitelist /usr/share/kconf_update/okular.upd | |||
36 | whitelist /usr/share/kxmlgui5/okular | 36 | whitelist /usr/share/kxmlgui5/okular |
37 | whitelist /usr/share/okular | 37 | whitelist /usr/share/okular |
38 | whitelist /usr/share/poppler | 38 | whitelist /usr/share/poppler |
39 | include whitelist-run-common.inc | ||
39 | include whitelist-runuser-common.inc | 40 | include whitelist-runuser-common.inc |
40 | include whitelist-usr-share-common.inc | 41 | include whitelist-usr-share-common.inc |
41 | include whitelist-var-common.inc | 42 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile index e70e5e81e..e05e58cad 100644 --- a/etc/profile-m-z/onboard.profile +++ b/etc/profile-m-z/onboard.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-cache | 50 | private-cache |
51 | private-bin onboard,python*,tput | 51 | private-bin onboard,python*,tput |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,dbus-1,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.preload,locale,locale.alias,locale.conf,mime.types,selinux,X11,xdg | 53 | private-etc alternatives,dbus-1,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,locale,locale.alias,locale.conf,mime.types,selinux,X11,xdg |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-system none | 56 | dbus-system none |
diff --git a/etc/profile-m-z/openarena.profile b/etc/profile-m-z/openarena.profile index de334defd..c3ac097a0 100644 --- a/etc/profile-m-z/openarena.profile +++ b/etc/profile-m-z/openarena.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin bash,cut,glxinfo,grep,head,openarena,openarena_ded,quake3,zenity | 43 | private-bin bash,cut,glxinfo,grep,head,openarena,openarena_ded,quake3,zenity |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc drirc,ld.so.preload,machine-id,openal,passwd,selinux,udev,xdg | 46 | private-etc alternatives,drirc,ld.so.cache,ld.so.preload,machine-id,openal,passwd,selinux,udev,xdg |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/openstego.profile b/etc/profile-m-z/openstego.profile new file mode 100644 index 000000000..f6622b38d --- /dev/null +++ b/etc/profile-m-z/openstego.profile | |||
@@ -0,0 +1,58 @@ | |||
1 | # Firejail profile for OpenStego | ||
2 | # Description: Steganography application that provides data hiding and watermarking functionality | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include openstego.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/openstego.ini | ||
10 | |||
11 | # Allow java (blacklisted by disable-devel.inc) | ||
12 | include allow-java.inc | ||
13 | |||
14 | include disable-common.inc | ||
15 | include disable-devel.inc | ||
16 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | ||
18 | include disable-proc.inc | ||
19 | include disable-programs.inc | ||
20 | |||
21 | mkfile ${HOME}/openstego.ini | ||
22 | whitelist ${HOME}/openstego.ini | ||
23 | whitelist ${HOME}/.java | ||
24 | whitelist ${PICTURES} | ||
25 | whitelist ${DOCUMENTS} | ||
26 | whitelist ${DESKTOP} | ||
27 | whitelist /usr/share/java | ||
28 | include whitelist-common.inc | ||
29 | include whitelist-run-common.inc | ||
30 | include whitelist-runuser-common.inc | ||
31 | include whitelist-usr-share-common.inc | ||
32 | include whitelist-var-common.inc | ||
33 | |||
34 | caps.drop all | ||
35 | machine-id | ||
36 | net none | ||
37 | no3d | ||
38 | nogroups | ||
39 | noinput | ||
40 | nonewprivs | ||
41 | noroot | ||
42 | nosound | ||
43 | notv | ||
44 | nou2f | ||
45 | novideo | ||
46 | seccomp | ||
47 | seccomp.block-secondary | ||
48 | shell none | ||
49 | tracelog | ||
50 | |||
51 | disable-mnt | ||
52 | private-bin bash,dirname,openstego,readlink,sh | ||
53 | private-cache | ||
54 | private-dev | ||
55 | private-tmp | ||
56 | |||
57 | dbus-user none | ||
58 | dbus-system none | ||
diff --git a/etc/profile-m-z/pandoc.profile b/etc/profile-m-z/pandoc.profile index 460f60beb..c016b5103 100644 --- a/etc/profile-m-z/pandoc.profile +++ b/etc/profile-m-z/pandoc.profile | |||
@@ -50,7 +50,7 @@ x11 none | |||
50 | disable-mnt | 50 | disable-mnt |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc alternatives,ld.so.preload,texlive,texmf | 53 | private-etc alternatives,ld.so.cache,ld.so.preload,texlive,texmf |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-user none | 56 | dbus-user none |
diff --git a/etc/profile-m-z/parole.profile b/etc/profile-m-z/parole.profile index a4737d388..3d380542f 100644 --- a/etc/profile-m-z/parole.profile +++ b/etc/profile-m-z/parole.profile | |||
@@ -27,4 +27,4 @@ shell none | |||
27 | 27 | ||
28 | private-bin dbus-launch,parole | 28 | private-bin dbus-launch,parole |
29 | private-cache | 29 | private-cache |
30 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,ld.so.preload,machine-id,passwd,pki,pulse,ssl | 30 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd,pki,pulse,ssl |
diff --git a/etc/profile-m-z/pavucontrol.profile b/etc/profile-m-z/pavucontrol.profile index 76f1c9704..d64aab200 100644 --- a/etc/profile-m-z/pavucontrol.profile +++ b/etc/profile-m-z/pavucontrol.profile | |||
@@ -45,7 +45,7 @@ disable-mnt | |||
45 | private-bin pavucontrol | 45 | private-bin pavucontrol |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,asound.conf,avahi,fonts,ld.so.preload,machine-id,pulse | 48 | private-etc alternatives,asound.conf,avahi,fonts,ld.so.cache,ld.so.preload,machine-id,pulse |
49 | private-lib | 49 | private-lib |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-m-z/pdfchain.profile b/etc/profile-m-z/pdfchain.profile index 400fc3d77..41ec98a39 100644 --- a/etc/profile-m-z/pdfchain.profile +++ b/etc/profile-m-z/pdfchain.profile | |||
@@ -34,7 +34,7 @@ shell none | |||
34 | 34 | ||
35 | private-bin pdfchain,pdftk,sh | 35 | private-bin pdfchain,pdftk,sh |
36 | private-dev | 36 | private-dev |
37 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.preload,xdg | 37 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,xdg |
38 | private-tmp | 38 | private-tmp |
39 | 39 | ||
40 | dbus-user none | 40 | dbus-user none |
diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile index b1c2dfb1c..9d2f2b95f 100644 --- a/etc/profile-m-z/pdftotext.profile +++ b/etc/profile-m-z/pdftotext.profile | |||
@@ -48,7 +48,7 @@ x11 none | |||
48 | private-bin pdftotext | 48 | private-bin pdftotext |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc alternatives,ld.so.preload | 51 | private-etc alternatives,ld.so.cache,ld.so.preload |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | dbus-user none | 54 | dbus-user none |
diff --git a/etc/profile-m-z/peek.profile b/etc/profile-m-z/peek.profile index e216742a4..f5c295b5d 100644 --- a/etc/profile-m-z/peek.profile +++ b/etc/profile-m-z/peek.profile | |||
@@ -48,7 +48,7 @@ tracelog | |||
48 | disable-mnt | 48 | disable-mnt |
49 | private-bin bash,convert,ffmpeg,firejail,fish,peek,sh,which,zsh | 49 | private-bin bash,convert,ffmpeg,firejail,fish,peek,sh,which,zsh |
50 | private-dev | 50 | private-dev |
51 | private-etc dconf,firejail,fonts,gtk-3.0,ld.so.preload,login.defs,pango,passwd,X11 | 51 | private-etc alternatives,dconf,firejail,fonts,gtk-3.0,ld.so.cache,ld.so.preload,login.defs,pango,passwd,X11 |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | dbus-user filter | 54 | dbus-user filter |
diff --git a/etc/profile-m-z/photoflare.profile b/etc/profile-m-z/photoflare.profile index c0d0ae4df..80efedec7 100644 --- a/etc/profile-m-z/photoflare.profile +++ b/etc/profile-m-z/photoflare.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin photoflare | 43 | private-bin photoflare |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,ld.so.preload,locale,locale.alias,locale.conf,mime.types,X11 | 46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,locale,locale.alias,locale.conf,mime.types,X11 |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile index fb50e66ca..69c78740d 100644 --- a/etc/profile-m-z/pingus.profile +++ b/etc/profile-m-z/pingus.profile | |||
@@ -50,7 +50,7 @@ disable-mnt | |||
50 | private-bin pingus,pingus.bin,sh | 50 | private-bin pingus,pingus.bin,sh |
51 | private-cache | 51 | private-cache |
52 | private-dev | 52 | private-dev |
53 | private-etc ld.so.preload,machine-id | 53 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
56 | dbus-user none | 56 | dbus-user none |
diff --git a/etc/profile-m-z/pkglog.profile b/etc/profile-m-z/pkglog.profile index 23e21f347..69b954f53 100644 --- a/etc/profile-m-z/pkglog.profile +++ b/etc/profile-m-z/pkglog.profile | |||
@@ -44,7 +44,7 @@ private | |||
44 | private-bin pkglog,python* | 44 | private-bin pkglog,python* |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,ld.so.preload | 47 | private-etc alternatives,ld.so.cache,ld.so.preload |
48 | private-opt none | 48 | private-opt none |
49 | private-tmp | 49 | private-tmp |
50 | writable-var-log | 50 | writable-var-log |
diff --git a/etc/profile-m-z/plv.profile b/etc/profile-m-z/plv.profile index a6b0768f1..38ccf72e8 100644 --- a/etc/profile-m-z/plv.profile +++ b/etc/profile-m-z/plv.profile | |||
@@ -46,7 +46,7 @@ disable-mnt | |||
46 | private-bin plv | 46 | private-bin plv |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,fonts,ld.so.preload | 49 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
50 | private-opt none | 50 | private-opt none |
51 | private-tmp | 51 | private-tmp |
52 | writable-var-log | 52 | writable-var-log |
diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile index 534cc5943..6b989202f 100644 --- a/etc/profile-m-z/pngquant.profile +++ b/etc/profile-m-z/pngquant.profile | |||
@@ -47,7 +47,7 @@ x11 none | |||
47 | private-bin pngquant | 47 | private-bin pngquant |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ld.so.preload | 50 | private-etc alternatives,ld.so.cache,ld.so.preload |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | dbus-user none | 53 | dbus-user none |
diff --git a/etc/profile-m-z/pragha.profile b/etc/profile-m-z/pragha.profile index c9793433e..fd595c27a 100644 --- a/etc/profile-m-z/pragha.profile +++ b/etc/profile-m-z/pragha.profile | |||
@@ -33,6 +33,6 @@ seccomp | |||
33 | shell none | 33 | shell none |
34 | 34 | ||
35 | private-dev | 35 | private-dev |
36 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl,xdg | 36 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl,xdg |
37 | private-tmp | 37 | private-tmp |
38 | 38 | ||
diff --git a/etc/profile-m-z/profanity.profile b/etc/profile-m-z/profanity.profile index af0ca5d8f..25a248425 100644 --- a/etc/profile-m-z/profanity.profile +++ b/etc/profile-m-z/profanity.profile | |||
@@ -44,7 +44,7 @@ shell none | |||
44 | private-bin profanity | 44 | private-bin profanity |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,localtime,mime.types,nsswitch.conf,pki,resolv.conf,ssl | 47 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,localtime,mime.types,nsswitch.conf,pki,resolv.conf,ssl |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-m-z/qgis.profile b/etc/profile-m-z/qgis.profile index 4ebd556d6..555e1e41b 100644 --- a/etc/profile-m-z/qgis.profile +++ b/etc/profile-m-z/qgis.profile | |||
@@ -52,7 +52,7 @@ tracelog | |||
52 | disable-mnt | 52 | disable-mnt |
53 | private-cache | 53 | private-cache |
54 | private-dev | 54 | private-dev |
55 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.preload,machine-id,pki,QGIS,QGIS.conf,resolv.conf,ssl,Trolltech.conf | 55 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,pki,QGIS,QGIS.conf,resolv.conf,ssl,Trolltech.conf |
56 | private-tmp | 56 | private-tmp |
57 | 57 | ||
58 | dbus-user none | 58 | dbus-user none |
diff --git a/etc/profile-m-z/qnapi.profile b/etc/profile-m-z/qnapi.profile index 89cb5baa8..4a3ce366e 100644 --- a/etc/profile-m-z/qnapi.profile +++ b/etc/profile-m-z/qnapi.profile | |||
@@ -47,7 +47,7 @@ tracelog | |||
47 | private-bin 7z,qnapi | 47 | private-bin 7z,qnapi |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,fonts,ld.so.preload | 50 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
51 | private-opt none | 51 | private-opt none |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
diff --git a/etc/profile-m-z/qrencode.profile b/etc/profile-m-z/qrencode.profile index 691449b9f..dd3f24875 100644 --- a/etc/profile-m-z/qrencode.profile +++ b/etc/profile-m-z/qrencode.profile | |||
@@ -47,7 +47,7 @@ disable-mnt | |||
47 | private-bin qrencode | 47 | private-bin qrencode |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc ld.so.preload,none | 50 | private-etc alternatives,ld.so.cache,ld.so.preload |
51 | private-lib libpcre* | 51 | private-lib libpcre* |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
diff --git a/etc/profile-m-z/regextester.profile b/etc/profile-m-z/regextester.profile index 6b9144791..f1ce313e7 100644 --- a/etc/profile-m-z/regextester.profile +++ b/etc/profile-m-z/regextester.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin regextester | 43 | private-bin regextester |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,ld.so.preload | 46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
47 | private-lib libgranite.so.* | 47 | private-lib libgranite.so.* |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index e49f10b7b..e44e55a12 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin rsync | 49 | private-bin rsync |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl | 52 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-m-z/scorchwentbonkers.profile b/etc/profile-m-z/scorchwentbonkers.profile index d256b2efe..70b5d844a 100644 --- a/etc/profile-m-z/scorchwentbonkers.profile +++ b/etc/profile-m-z/scorchwentbonkers.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin scorchwentbonkers | 43 | private-bin scorchwentbonkers |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alsa,asound.conf,ld.so.preload,machine-id,pulse | 46 | private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.preload,machine-id,pulse |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/seahorse-adventures.profile b/etc/profile-m-z/seahorse-adventures.profile index cb3378597..72d6d5cf7 100644 --- a/etc/profile-m-z/seahorse-adventures.profile +++ b/etc/profile-m-z/seahorse-adventures.profile | |||
@@ -48,7 +48,7 @@ private | |||
48 | private-bin bash,dash,python*,seahorse-adventures,sh | 48 | private-bin bash,dash,python*,seahorse-adventures,sh |
49 | private-cache | 49 | private-cache |
50 | private-dev | 50 | private-dev |
51 | private-etc ld.so.preload,machine-id | 51 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
54 | dbus-user none | 54 | dbus-user none |
diff --git a/etc/profile-m-z/seahorse-tool.profile b/etc/profile-m-z/seahorse-tool.profile index f08b852db..9ef174606 100644 --- a/etc/profile-m-z/seahorse-tool.profile +++ b/etc/profile-m-z/seahorse-tool.profile | |||
@@ -8,7 +8,7 @@ include seahorse-tool.local | |||
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | # private-etc workaround for: #2877 | 10 | # private-etc workaround for: #2877 |
11 | private-etc firejail,ld.so.preload,login.defs,passwd | 11 | private-etc alternatives,firejail,ld.so.cache,ld.so.preload,login.defs,passwd |
12 | private-tmp | 12 | private-tmp |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
diff --git a/etc/profile-m-z/seahorse.profile b/etc/profile-m-z/seahorse.profile index 94a27da87..7382e4712 100644 --- a/etc/profile-m-z/seahorse.profile +++ b/etc/profile-m-z/seahorse.profile | |||
@@ -60,7 +60,7 @@ tracelog | |||
60 | disable-mnt | 60 | disable-mnt |
61 | private-cache | 61 | private-cache |
62 | private-dev | 62 | private-dev |
63 | private-etc ca-certificates,crypto-policies,dconf,fonts,gconf,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssh,ssl,X11 | 63 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gconf,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssh,ssl,X11 |
64 | writable-run-user | 64 | writable-run-user |
65 | 65 | ||
66 | dbus-user filter | 66 | dbus-user filter |
diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile index 3c9ef3a86..9e40796a6 100644 --- a/etc/profile-m-z/server.profile +++ b/etc/profile-m-z/server.profile | |||
@@ -83,6 +83,7 @@ private-tmp | |||
83 | dbus-user none | 83 | dbus-user none |
84 | # dbus-system none | 84 | # dbus-system none |
85 | 85 | ||
86 | # deterministic-shutdown | ||
86 | # memory-deny-write-execute | 87 | # memory-deny-write-execute |
87 | # read-only ${HOME} | 88 | # read-only ${HOME} |
88 | # writable-run-user | 89 | # writable-run-user |
diff --git a/etc/profile-m-z/shotwell.profile b/etc/profile-m-z/shotwell.profile index 304a1cda2..3b569eeaf 100644 --- a/etc/profile-m-z/shotwell.profile +++ b/etc/profile-m-z/shotwell.profile | |||
@@ -49,7 +49,7 @@ tracelog | |||
49 | private-bin shotwell | 49 | private-bin shotwell |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,fonts,ld.so.preload,machine-id | 52 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id |
53 | private-opt none | 53 | private-opt none |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
diff --git a/etc/profile-m-z/softmaker-common.profile b/etc/profile-m-z/softmaker-common.profile index 47468a531..099e6a2ad 100644 --- a/etc/profile-m-z/softmaker-common.profile +++ b/etc/profile-m-z/softmaker-common.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | private-bin freeoffice-planmaker,freeoffice-presentations,freeoffice-textmaker,planmaker18,planmaker18free,presentations18,presentations18free,sh,textmaker18,textmaker18free | 43 | private-bin freeoffice-planmaker,freeoffice-presentations,freeoffice-textmaker,planmaker18,planmaker18free,presentations18,presentations18free,sh,textmaker18,textmaker18free |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,SoftMaker,ssl | 46 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,SoftMaker,ssl |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index 21a77a0d1..deaf37f52 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile | |||
@@ -42,7 +42,7 @@ shell none | |||
42 | private-bin sqlitebrowser | 42 | private-bin sqlitebrowser |
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.preload,machine-id,passwd,pki,ssl | 45 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd,pki,ssl |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | # breaks proxy creation | 48 | # breaks proxy creation |
diff --git a/etc/profile-m-z/strawberry.profile b/etc/profile-m-z/strawberry.profile index 50ecc3432..32e43f079 100644 --- a/etc/profile-m-z/strawberry.profile +++ b/etc/profile-m-z/strawberry.profile | |||
@@ -43,7 +43,7 @@ disable-mnt | |||
43 | private-bin strawberry,strawberry-tagreader | 43 | private-bin strawberry,strawberry-tagreader |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 46 | private-etc alternatives,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-system none | 49 | dbus-system none |
diff --git a/etc/profile-m-z/subdownloader.profile b/etc/profile-m-z/subdownloader.profile index 65cb678d0..a9f22085b 100644 --- a/etc/profile-m-z/subdownloader.profile +++ b/etc/profile-m-z/subdownloader.profile | |||
@@ -44,7 +44,7 @@ tracelog | |||
44 | 44 | ||
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc alternatives,fonts,ld.so.preload | 47 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile index d48065c4b..464fa1b08 100644 --- a/etc/profile-m-z/supertux2.profile +++ b/etc/profile-m-z/supertux2.profile | |||
@@ -44,7 +44,7 @@ tracelog | |||
44 | disable-mnt | 44 | disable-mnt |
45 | # private-bin supertux2 | 45 | # private-bin supertux2 |
46 | private-cache | 46 | private-cache |
47 | private-etc ld.so.preload,machine-id | 47 | private-etc alternatives,ld.so.cache,ld.so.preload,machine-id |
48 | private-dev | 48 | private-dev |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index 5b5b4aae5..473472251 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile | |||
@@ -54,7 +54,7 @@ private-bin supertuxkart | |||
54 | private-cache | 54 | private-cache |
55 | # Add the next line to your supertuxkart.local if you do not need controller support. | 55 | # Add the next line to your supertuxkart.local if you do not need controller support. |
56 | #private-dev | 56 | #private-dev |
57 | private-etc alternatives,ca-certificates,crypto-policies,drirc,hosts,ld.so.preload,machine-id,openal,pki,resolv.conf,ssl | 57 | private-etc alternatives,ca-certificates,crypto-policies,drirc,hosts,ld.so.cache,ld.so.preload,machine-id,openal,pki,resolv.conf,ssl |
58 | private-tmp | 58 | private-tmp |
59 | private-opt none | 59 | private-opt none |
60 | private-srv none | 60 | private-srv none |
diff --git a/etc/profile-m-z/surf.profile b/etc/profile-m-z/surf.profile index cfecb6f62..c04f00cab 100644 --- a/etc/profile-m-z/surf.profile +++ b/etc/profile-m-z/surf.profile | |||
@@ -34,6 +34,6 @@ tracelog | |||
34 | disable-mnt | 34 | disable-mnt |
35 | private-bin bash,curl,dmenu,ls,printf,sed,sh,sleep,st,stterm,surf,xargs,xprop | 35 | private-bin bash,curl,dmenu,ls,printf,sed,sh,sleep,st,stterm,surf,xargs,xprop |
36 | private-dev | 36 | private-dev |
37 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,hosts,ld.so.preload,machine-id,passwd,pki,resolv.conf,ssl | 37 | private-etc alternatives,ca-certificates,crypto-policies,fonts,group,hosts,ld.so.cache,ld.so.preload,machine-id,passwd,pki,resolv.conf,ssl |
38 | private-tmp | 38 | private-tmp |
39 | 39 | ||
diff --git a/etc/profile-m-z/tar.profile b/etc/profile-m-z/tar.profile index 388805f31..0817adda8 100644 --- a/etc/profile-m-z/tar.profile +++ b/etc/profile-m-z/tar.profile | |||
@@ -14,7 +14,7 @@ ignore include disable-shell.inc | |||
14 | # all capabilities this is automatically read-only. | 14 | # all capabilities this is automatically read-only. |
15 | noblacklist /var/lib/pacman | 15 | noblacklist /var/lib/pacman |
16 | 16 | ||
17 | private-etc alternatives,group,ld.so.preload,localtime,login.defs,passwd | 17 | private-etc alternatives,group,ld.so.cache,ld.so.preload,localtime,login.defs,passwd |
18 | #private-lib libfakeroot,liblzma.so.*,libreadline.so.* | 18 | #private-lib libfakeroot,liblzma.so.*,libreadline.so.* |
19 | # Debian based distributions need this for 'dpkg --unpack' (incl. synaptic) | 19 | # Debian based distributions need this for 'dpkg --unpack' (incl. synaptic) |
20 | writable-var | 20 | writable-var |
diff --git a/etc/profile-m-z/teams-for-linux.profile b/etc/profile-m-z/teams-for-linux.profile index 310c440b1..ee19bcd00 100644 --- a/etc/profile-m-z/teams-for-linux.profile +++ b/etc/profile-m-z/teams-for-linux.profile | |||
@@ -20,7 +20,7 @@ mkdir ${HOME}/.config/teams-for-linux | |||
20 | whitelist ${HOME}/.config/teams-for-linux | 20 | whitelist ${HOME}/.config/teams-for-linux |
21 | 21 | ||
22 | private-bin bash,cut,echo,egrep,electron,electron[0-9],electron[0-9][0-9],grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh | 22 | private-bin bash,cut,echo,egrep,electron,electron[0-9],electron[0-9][0-9],grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh |
23 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,localtime,machine-id,pki,resolv.conf,ssl | 23 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,localtime,machine-id,pki,resolv.conf,ssl |
24 | 24 | ||
25 | # Redirect | 25 | # Redirect |
26 | include electron.profile | 26 | include electron.profile |
diff --git a/etc/profile-m-z/telnet.profile b/etc/profile-m-z/telnet.profile new file mode 100644 index 000000000..0b0510460 --- /dev/null +++ b/etc/profile-m-z/telnet.profile | |||
@@ -0,0 +1,54 @@ | |||
1 | # Firejail profile for ftp | ||
2 | # Description: standard File Access Protocol utility | ||
3 | # This file is overwritten after every install/update | ||
4 | quiet | ||
5 | # Persistent local customizations | ||
6 | include telnet.local | ||
7 | # Persistent global definitions | ||
8 | include globals.local | ||
9 | |||
10 | noblacklist ${PATH}/telnet | ||
11 | |||
12 | include disable-common.inc | ||
13 | include disable-devel.inc | ||
14 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | ||
16 | include disable-proc.inc | ||
17 | include disable-programs.inc | ||
18 | #include disable-shell.inc | ||
19 | include disable-write-mnt.inc | ||
20 | include disable-X11.inc | ||
21 | include disable-xdg.inc | ||
22 | |||
23 | apparmor | ||
24 | caps.drop all | ||
25 | ipc-namespace | ||
26 | machine-id | ||
27 | netfilter | ||
28 | no3d | ||
29 | nodvd | ||
30 | nogroups | ||
31 | noinput | ||
32 | nonewprivs | ||
33 | noroot | ||
34 | nosound | ||
35 | notv | ||
36 | nou2f | ||
37 | novideo | ||
38 | protocol inet,inet6 | ||
39 | seccomp | ||
40 | shell none | ||
41 | tracelog | ||
42 | |||
43 | #disable-mnt | ||
44 | #private-bin PROGRAMS | ||
45 | private-cache | ||
46 | private-dev | ||
47 | #private-etc FILES | ||
48 | private-tmp | ||
49 | |||
50 | dbus-user none | ||
51 | dbus-system none | ||
52 | |||
53 | memory-deny-write-execute | ||
54 | noexec ${HOME} | ||
diff --git a/etc/profile-m-z/tilp.profile b/etc/profile-m-z/tilp.profile index 07212a452..d2db44b1c 100644 --- a/etc/profile-m-z/tilp.profile +++ b/etc/profile-m-z/tilp.profile | |||
@@ -30,6 +30,6 @@ tracelog | |||
30 | disable-mnt | 30 | disable-mnt |
31 | private-bin tilp | 31 | private-bin tilp |
32 | private-cache | 32 | private-cache |
33 | private-etc alternatives,fonts,ld.so.preload | 33 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
34 | private-tmp | 34 | private-tmp |
35 | 35 | ||
diff --git a/etc/profile-m-z/tin.profile b/etc/profile-m-z/tin.profile index a43e53aae..1d4ee9370 100644 --- a/etc/profile-m-z/tin.profile +++ b/etc/profile-m-z/tin.profile | |||
@@ -58,7 +58,7 @@ disable-mnt | |||
58 | private-bin rtin,tin | 58 | private-bin rtin,tin |
59 | private-cache | 59 | private-cache |
60 | private-dev | 60 | private-dev |
61 | private-etc ld.so.preload,passwd,resolv.conf,terminfo,tin | 61 | private-etc alternatives,ld.so.cache,ld.so.preload,passwd,resolv.conf,terminfo,tin |
62 | private-lib terminfo | 62 | private-lib terminfo |
63 | private-tmp | 63 | private-tmp |
64 | 64 | ||
diff --git a/etc/profile-m-z/tor.profile b/etc/profile-m-z/tor.profile index 312123f59..d8cd8eb44 100644 --- a/etc/profile-m-z/tor.profile +++ b/etc/profile-m-z/tor.profile | |||
@@ -46,6 +46,6 @@ private | |||
46 | private-bin bash,tor | 46 | private-bin bash,tor |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,passwd,pki,ssl,tor | 49 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,passwd,pki,ssl,tor |
50 | private-tmp | 50 | private-tmp |
51 | writable-var | 51 | writable-var |
diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile index 0e23b7843..4acb8e7e8 100644 --- a/etc/profile-m-z/transgui.profile +++ b/etc/profile-m-z/transgui.profile | |||
@@ -45,7 +45,7 @@ tracelog | |||
45 | private-bin geoiplookup,geoiplookup6,transgui | 45 | private-bin geoiplookup,geoiplookup6,transgui |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alternatives,fonts,ld.so.preload | 48 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
49 | private-lib libgdk_pixbuf-2.0.so.*,libGeoIP.so*,libgthread-2.0.so.*,libgtk-x11-2.0.so.*,libX11.so.* | 49 | private-lib libgdk_pixbuf-2.0.so.*,libGeoIP.so*,libgthread-2.0.so.*,libgtk-x11-2.0.so.*,libX11.so.* |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
diff --git a/etc/profile-m-z/transmission-cli.profile b/etc/profile-m-z/transmission-cli.profile index b3fab083c..8a1711e97 100644 --- a/etc/profile-m-z/transmission-cli.profile +++ b/etc/profile-m-z/transmission-cli.profile | |||
@@ -8,7 +8,7 @@ include transmission-cli.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | private-bin transmission-cli | 10 | private-bin transmission-cli |
11 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 11 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl |
12 | 12 | ||
13 | # Redirect | 13 | # Redirect |
14 | include transmission-common.profile | 14 | include transmission-common.profile |
diff --git a/etc/profile-m-z/transmission-daemon.profile b/etc/profile-m-z/transmission-daemon.profile index 9d91b8b81..5d28f2f10 100644 --- a/etc/profile-m-z/transmission-daemon.profile +++ b/etc/profile-m-z/transmission-daemon.profile | |||
@@ -17,7 +17,7 @@ caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot | |||
17 | protocol packet | 17 | protocol packet |
18 | 18 | ||
19 | private-bin transmission-daemon | 19 | private-bin transmission-daemon |
20 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 20 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl |
21 | 21 | ||
22 | read-write /var/lib/transmission | 22 | read-write /var/lib/transmission |
23 | writable-var-log | 23 | writable-var-log |
diff --git a/etc/profile-m-z/transmission-remote-gtk.profile b/etc/profile-m-z/transmission-remote-gtk.profile index 20d54500f..6a0f1bde3 100644 --- a/etc/profile-m-z/transmission-remote-gtk.profile +++ b/etc/profile-m-z/transmission-remote-gtk.profile | |||
@@ -12,7 +12,7 @@ noblacklist ${HOME}/.config/transmission-remote-gtk | |||
12 | mkdir ${HOME}/.config/transmission-remote-gtk | 12 | mkdir ${HOME}/.config/transmission-remote-gtk |
13 | whitelist ${HOME}/.config/transmission-remote-gtk | 13 | whitelist ${HOME}/.config/transmission-remote-gtk |
14 | 14 | ||
15 | private-etc fonts,hostname,hosts,ld.so.preload,resolv.conf | 15 | private-etc alternatives,fonts,hostname,hosts,ld.so.cache,ld.so.preload,resolv.conf |
16 | # Problems with private-lib (see issue #2889) | 16 | # Problems with private-lib (see issue #2889) |
17 | ignore private-lib | 17 | ignore private-lib |
18 | 18 | ||
diff --git a/etc/profile-m-z/transmission-remote.profile b/etc/profile-m-z/transmission-remote.profile index ad4ad2172..565433d99 100644 --- a/etc/profile-m-z/transmission-remote.profile +++ b/etc/profile-m-z/transmission-remote.profile | |||
@@ -8,7 +8,7 @@ include transmission-remote.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | private-bin transmission-remote | 10 | private-bin transmission-remote |
11 | private-etc alternatives,hosts,ld.so.preload,nsswitch.conf | 11 | private-etc alternatives,hosts,ld.so.cache,ld.so.preload,nsswitch.conf |
12 | 12 | ||
13 | # Redirect | 13 | # Redirect |
14 | include transmission-common.profile | 14 | include transmission-common.profile |
diff --git a/etc/profile-m-z/transmission-show.profile b/etc/profile-m-z/transmission-show.profile index 822a368da..0a5826ec4 100644 --- a/etc/profile-m-z/transmission-show.profile +++ b/etc/profile-m-z/transmission-show.profile | |||
@@ -8,7 +8,7 @@ include transmission-show.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | private-bin transmission-show | 10 | private-bin transmission-show |
11 | private-etc alternatives,hosts,ld.so.preload,nsswitch.conf | 11 | private-etc alternatives,hosts,ld.so.cache,ld.so.preload,nsswitch.conf |
12 | 12 | ||
13 | # Redirect | 13 | # Redirect |
14 | include transmission-common.profile | 14 | include transmission-common.profile |
diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile index 1959aee1e..60a192ac1 100644 --- a/etc/profile-m-z/trojita.profile +++ b/etc/profile-m-z/trojita.profile | |||
@@ -54,7 +54,7 @@ tracelog | |||
54 | private-bin trojita | 54 | private-bin trojita |
55 | private-cache | 55 | private-cache |
56 | private-dev | 56 | private-dev |
57 | private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.preload,pki,resolv.conf,selinux,ssl,xdg | 57 | private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.cache,ld.so.preload,pki,resolv.conf,selinux,ssl,xdg |
58 | private-tmp | 58 | private-tmp |
59 | 59 | ||
60 | dbus-user filter | 60 | dbus-user filter |
diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile index bd2f1bcf9..987a2b719 100644 --- a/etc/profile-m-z/twitch.profile +++ b/etc/profile-m-z/twitch.profile | |||
@@ -18,7 +18,7 @@ mkdir ${HOME}/.config/Twitch | |||
18 | whitelist ${HOME}/.config/Twitch | 18 | whitelist ${HOME}/.config/Twitch |
19 | 19 | ||
20 | private-bin electron,electron[0-9],electron[0-9][0-9],twitch | 20 | private-bin electron,electron[0-9],electron[0-9][0-9],twitch |
21 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 21 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
22 | private-opt Twitch | 22 | private-opt Twitch |
23 | 23 | ||
24 | # Redirect | 24 | # Redirect |
diff --git a/etc/profile-m-z/unf.profile b/etc/profile-m-z/unf.profile index 685e74e25..1b82ad881 100644 --- a/etc/profile-m-z/unf.profile +++ b/etc/profile-m-z/unf.profile | |||
@@ -49,7 +49,7 @@ private-bin unf | |||
49 | private-cache | 49 | private-cache |
50 | ?HAS_APPIMAGE: ignore private-dev | 50 | ?HAS_APPIMAGE: ignore private-dev |
51 | private-dev | 51 | private-dev |
52 | private-etc alternatives,ld.so.preload | 52 | private-etc alternatives,ld.so.cache,ld.so.preload |
53 | private-lib gcc/*/*/libgcc_s.so.* | 53 | private-lib gcc/*/*/libgcc_s.so.* |
54 | private-tmp | 54 | private-tmp |
55 | 55 | ||
diff --git a/etc/profile-m-z/unrar.profile b/etc/profile-m-z/unrar.profile index 761ee91c5..443d1f415 100644 --- a/etc/profile-m-z/unrar.profile +++ b/etc/profile-m-z/unrar.profile | |||
@@ -8,7 +8,7 @@ include unrar.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | private-bin unrar | 10 | private-bin unrar |
11 | private-etc alternatives,group,ld.so.preload,localtime,passwd | 11 | private-etc alternatives,group,ld.so.cache,ld.so.preload,localtime,passwd |
12 | private-tmp | 12 | private-tmp |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index 981826b16..97df693ba 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile | |||
@@ -10,7 +10,7 @@ include globals.local | |||
10 | # GNOME Shell integration (chrome-gnome-shell) | 10 | # GNOME Shell integration (chrome-gnome-shell) |
11 | noblacklist ${HOME}/.local/share/gnome-shell | 11 | noblacklist ${HOME}/.local/share/gnome-shell |
12 | 12 | ||
13 | private-etc alternatives,group,ld.so.preload,localtime,passwd | 13 | private-etc alternatives,group,ld.so.cache,ld.so.preload,localtime,passwd |
14 | 14 | ||
15 | # Redirect | 15 | # Redirect |
16 | include archiver-common.profile | 16 | include archiver-common.profile |
diff --git a/etc/profile-m-z/uudeview.profile b/etc/profile-m-z/uudeview.profile index 3b38f16e0..426766e17 100644 --- a/etc/profile-m-z/uudeview.profile +++ b/etc/profile-m-z/uudeview.profile | |||
@@ -41,7 +41,7 @@ x11 none | |||
41 | private-bin uudeview | 41 | private-bin uudeview |
42 | private-cache | 42 | private-cache |
43 | private-dev | 43 | private-dev |
44 | private-etc alternatives,ld.so.preload | 44 | private-etc alternatives,ld.so.cache,ld.so.preload |
45 | 45 | ||
46 | dbus-user none | 46 | dbus-user none |
47 | dbus-system none | 47 | dbus-system none |
diff --git a/etc/profile-m-z/viewnior.profile b/etc/profile-m-z/viewnior.profile index ed2f0103b..585a8eddb 100644 --- a/etc/profile-m-z/viewnior.profile +++ b/etc/profile-m-z/viewnior.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | private-bin viewnior | 43 | private-bin viewnior |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,ld.so.preload,machine-id | 46 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id |
47 | private-tmp | 47 | private-tmp |
48 | 48 | ||
49 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/virtualbox.profile b/etc/profile-m-z/virtualbox.profile index a6d3eaafd..227ad83cc 100644 --- a/etc/profile-m-z/virtualbox.profile +++ b/etc/profile-m-z/virtualbox.profile | |||
@@ -45,7 +45,7 @@ tracelog | |||
45 | #disable-mnt | 45 | #disable-mnt |
46 | #private-bin awk,basename,bash,env,gawk,grep,ps,readlink,sh,virtualbox,VirtualBox,VBox*,vbox*,whoami | 46 | #private-bin awk,basename,bash,env,gawk,grep,ps,readlink,sh,virtualbox,VirtualBox,VBox*,vbox*,whoami |
47 | private-cache | 47 | private-cache |
48 | private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,pki,pulse,resolv.conf,ssl | 48 | private-etc alsa,alternatives,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,pki,pulse,resolv.conf,ssl |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | dbus-user none | 51 | dbus-user none |
diff --git a/etc/profile-m-z/vmware-view.profile b/etc/profile-m-z/vmware-view.profile index b2b019ff4..278a66149 100644 --- a/etc/profile-m-z/vmware-view.profile +++ b/etc/profile-m-z/vmware-view.profile | |||
@@ -7,6 +7,7 @@ include vmware-view.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.vmware | 9 | noblacklist ${HOME}/.vmware |
10 | noblacklist /usr/lib/vmware | ||
10 | 11 | ||
11 | noblacklist /sbin | 12 | noblacklist /sbin |
12 | noblacklist /usr/sbin | 13 | noblacklist /usr/sbin |
diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile index 8e25daee0..57fbbae96 100644 --- a/etc/profile-m-z/vmware.profile +++ b/etc/profile-m-z/vmware.profile | |||
@@ -8,6 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/vmware | 9 | noblacklist ${HOME}/.cache/vmware |
10 | noblacklist ${HOME}/.vmware | 10 | noblacklist ${HOME}/.vmware |
11 | noblacklist /usr/lib/vmware | ||
11 | 12 | ||
12 | include disable-common.inc | 13 | include disable-common.inc |
13 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -38,6 +39,6 @@ tracelog | |||
38 | #disable-mnt | 39 | #disable-mnt |
39 | # Add the next line to your vmware.local to enable private-bin. | 40 | # Add the next line to your vmware.local to enable private-bin. |
40 | #private-bin env,bash,sh,ovftool,vmafossexec,vmaf_*,vmnet-*,vmplayer,vmrest,vmrun,vmss2core,vmstat,vmware,vmware-* | 41 | #private-bin env,bash,sh,ovftool,vmafossexec,vmaf_*,vmnet-*,vmplayer,vmrest,vmrun,vmss2core,vmstat,vmware,vmware-* |
41 | private-etc alsa,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl,vmware,vmware-installer,vmware-vix | 42 | private-etc alsa,alternatives,asound.conf,ca-certificates,conf.d,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl,vmware,vmware-installer,vmware-vix |
42 | dbus-user none | 43 | dbus-user none |
43 | dbus-system none | 44 | dbus-system none |
diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index d2e30e824..c9e209142 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile | |||
@@ -62,7 +62,7 @@ disable-mnt | |||
62 | private-bin perl,sh,w3m | 62 | private-bin perl,sh,w3m |
63 | private-cache | 63 | private-cache |
64 | private-dev | 64 | private-dev |
65 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,mailcap,nsswitch.conf,pki,resolv.conf,ssl | 65 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,mailcap,nsswitch.conf,pki,resolv.conf,ssl |
66 | private-tmp | 66 | private-tmp |
67 | 67 | ||
68 | dbus-user none | 68 | dbus-user none |
diff --git a/etc/profile-m-z/warmux.profile b/etc/profile-m-z/warmux.profile index fc59b7239..0a6f19b1e 100644 --- a/etc/profile-m-z/warmux.profile +++ b/etc/profile-m-z/warmux.profile | |||
@@ -49,7 +49,7 @@ disable-mnt | |||
49 | private-bin warmux | 49 | private-bin warmux |
50 | private-cache | 50 | private-cache |
51 | private-dev | 51 | private-dev |
52 | private-etc ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.preload,machine-id,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl | 52 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl |
53 | private-tmp | 53 | private-tmp |
54 | 54 | ||
55 | dbus-user none | 55 | dbus-user none |
diff --git a/etc/profile-m-z/whalebird.profile b/etc/profile-m-z/whalebird.profile index ae3944561..92ebebdae 100644 --- a/etc/profile-m-z/whalebird.profile +++ b/etc/profile-m-z/whalebird.profile | |||
@@ -21,7 +21,7 @@ whitelist ${HOME}/.config/Whalebird | |||
21 | no3d | 21 | no3d |
22 | 22 | ||
23 | private-bin electron,electron[0-9],electron[0-9][0-9],whalebird | 23 | private-bin electron,electron[0-9],electron[0-9][0-9],whalebird |
24 | private-etc fonts,ld.so.preload,machine-id | 24 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id |
25 | 25 | ||
26 | # Redirect | 26 | # Redirect |
27 | include electron.profile | 27 | include electron.profile |
diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile index 0650e41ad..afff6f587 100644 --- a/etc/profile-m-z/whois.profile +++ b/etc/profile-m-z/whois.profile | |||
@@ -47,7 +47,7 @@ private | |||
47 | private-bin bash,sh,whois | 47 | private-bin bash,sh,whois |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,hosts,jwhois.conf,ld.so.preload,resolv.conf,services,whois.conf | 50 | private-etc alternatives,hosts,jwhois.conf,ld.so.cache,ld.so.preload,resolv.conf,services,whois.conf |
51 | private-lib gconv | 51 | private-lib gconv |
52 | private-tmp | 52 | private-tmp |
53 | 53 | ||
diff --git a/etc/profile-m-z/wire-desktop.profile b/etc/profile-m-z/wire-desktop.profile index eebad4a19..d8742cd71 100644 --- a/etc/profile-m-z/wire-desktop.profile +++ b/etc/profile-m-z/wire-desktop.profile | |||
@@ -26,7 +26,7 @@ mkdir ${HOME}/.config/Wire | |||
26 | whitelist ${HOME}/.config/Wire | 26 | whitelist ${HOME}/.config/Wire |
27 | 27 | ||
28 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop | 28 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop |
29 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.preload,machine-id,pki,resolv.conf,ssl | 29 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,pki,resolv.conf,ssl |
30 | 30 | ||
31 | # Redirect | 31 | # Redirect |
32 | include electron.profile | 32 | include electron.profile |
diff --git a/etc/profile-m-z/wordwarvi.profile b/etc/profile-m-z/wordwarvi.profile index 374290ed0..3147c2ac3 100644 --- a/etc/profile-m-z/wordwarvi.profile +++ b/etc/profile-m-z/wordwarvi.profile | |||
@@ -45,7 +45,7 @@ private | |||
45 | private-bin wordwarvi | 45 | private-bin wordwarvi |
46 | private-cache | 46 | private-cache |
47 | private-dev | 47 | private-dev |
48 | private-etc alsa,asound.conf,ld.so.preload,machine-id,pulse | 48 | private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.preload,machine-id,pulse |
49 | private-tmp | 49 | private-tmp |
50 | 50 | ||
51 | dbus-user none | 51 | dbus-user none |
diff --git a/etc/profile-m-z/xbill.profile b/etc/profile-m-z/xbill.profile index 738b5ca13..bb119996c 100644 --- a/etc/profile-m-z/xbill.profile +++ b/etc/profile-m-z/xbill.profile | |||
@@ -44,7 +44,7 @@ private | |||
44 | private-bin xbill | 44 | private-bin xbill |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc ld.so.preload,none | 47 | private-etc alternatives,ld.so.cache,ld.so.preload |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
50 | dbus-user none | 50 | dbus-user none |
diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile index 21857dbe6..386ef2bd6 100644 --- a/etc/profile-m-z/xfce4-mixer.profile +++ b/etc/profile-m-z/xfce4-mixer.profile | |||
@@ -46,7 +46,7 @@ disable-mnt | |||
46 | private-bin xfce4-mixer,xfconf-query | 46 | private-bin xfce4-mixer,xfconf-query |
47 | private-cache | 47 | private-cache |
48 | private-dev | 48 | private-dev |
49 | private-etc alternatives,asound.conf,fonts,ld.so.preload,machine-id,pulse | 49 | private-etc alternatives,asound.conf,fonts,ld.so.cache,ld.so.preload,machine-id,pulse |
50 | private-tmp | 50 | private-tmp |
51 | 51 | ||
52 | dbus-user filter | 52 | dbus-user filter |
diff --git a/etc/profile-m-z/xfce4-screenshooter.profile b/etc/profile-m-z/xfce4-screenshooter.profile index ad3058ce2..d74ed5754 100644 --- a/etc/profile-m-z/xfce4-screenshooter.profile +++ b/etc/profile-m-z/xfce4-screenshooter.profile | |||
@@ -42,7 +42,7 @@ tracelog | |||
42 | disable-mnt | 42 | disable-mnt |
43 | private-bin xfce4-screenshooter,xfconf-query | 43 | private-bin xfce4-screenshooter,xfconf-query |
44 | private-dev | 44 | private-dev |
45 | private-etc ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,ld.so.preload,pki,resolv.conf,ssl | 45 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl |
46 | private-tmp | 46 | private-tmp |
47 | 47 | ||
48 | dbus-user none | 48 | dbus-user none |
diff --git a/etc/profile-m-z/xiphos.profile b/etc/profile-m-z/xiphos.profile index 9b7a006d2..c7fd0799b 100644 --- a/etc/profile-m-z/xiphos.profile +++ b/etc/profile-m-z/xiphos.profile | |||
@@ -47,5 +47,5 @@ disable-mnt | |||
47 | private-bin xiphos | 47 | private-bin xiphos |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.preload,pki,resolv.conf,ssli,sword,sword.conf | 50 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,resolv.conf,ssli,sword,sword.conf |
51 | private-tmp | 51 | private-tmp |
diff --git a/etc/profile-m-z/xlinks.profile b/etc/profile-m-z/xlinks.profile index 1c9310986..404baf607 100644 --- a/etc/profile-m-z/xlinks.profile +++ b/etc/profile-m-z/xlinks.profile | |||
@@ -14,7 +14,7 @@ include whitelist-common.inc | |||
14 | # if you want to use user-configured programs add 'private-bin PROGRAM1,PROGRAM2' | 14 | # if you want to use user-configured programs add 'private-bin PROGRAM1,PROGRAM2' |
15 | # to your xlinks.local or append 'PROGRAM1,PROGRAM2' to this private-bin line | 15 | # to your xlinks.local or append 'PROGRAM1,PROGRAM2' to this private-bin line |
16 | private-bin xlinks | 16 | private-bin xlinks |
17 | private-etc fonts,ld.so.preload | 17 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
18 | 18 | ||
19 | # Redirect | 19 | # Redirect |
20 | include links.profile | 20 | include links.profile |
diff --git a/etc/profile-m-z/xlinks2 b/etc/profile-m-z/xlinks2 index bbf660e29..d7edd3543 100644 --- a/etc/profile-m-z/xlinks2 +++ b/etc/profile-m-z/xlinks2 | |||
@@ -14,7 +14,7 @@ include whitelist-common.inc | |||
14 | # if you want to use user-configured programs add 'private-bin PROGRAM1,PROGRAM2' | 14 | # if you want to use user-configured programs add 'private-bin PROGRAM1,PROGRAM2' |
15 | # to your xlinks.local or append 'PROGRAM1,PROGRAM2' to this private-bin line | 15 | # to your xlinks.local or append 'PROGRAM1,PROGRAM2' to this private-bin line |
16 | private-bin xlinks2 | 16 | private-bin xlinks2 |
17 | private-etc fonts,ld.so.preload | 17 | private-etc alternatives,fonts,ld.so.cache,ld.so.preload |
18 | 18 | ||
19 | # Redirect | 19 | # Redirect |
20 | include links2.profile | 20 | include links2.profile |
diff --git a/etc/profile-m-z/xmr-stak.profile b/etc/profile-m-z/xmr-stak.profile index 2a9fbf171..e541436a4 100644 --- a/etc/profile-m-z/xmr-stak.profile +++ b/etc/profile-m-z/xmr-stak.profile | |||
@@ -38,7 +38,7 @@ disable-mnt | |||
38 | private ${HOME}/.xmr-stak | 38 | private ${HOME}/.xmr-stak |
39 | private-bin xmr-stak | 39 | private-bin xmr-stak |
40 | private-dev | 40 | private-dev |
41 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl | 41 | private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl |
42 | #private-lib libxmrstak_opencl_backend,libxmrstak_cuda_backend | 42 | #private-lib libxmrstak_opencl_backend,libxmrstak_cuda_backend |
43 | private-opt cuda | 43 | private-opt cuda |
44 | private-tmp | 44 | private-tmp |
diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile index fe7395078..a0e77b4e7 100644 --- a/etc/profile-m-z/xournal.profile +++ b/etc/profile-m-z/xournal.profile | |||
@@ -43,7 +43,7 @@ tracelog | |||
43 | private-bin xournal | 43 | private-bin xournal |
44 | private-cache | 44 | private-cache |
45 | private-dev | 45 | private-dev |
46 | private-etc alternatives,fonts,group,ld.so.preload,machine-id,passwd | 46 | private-etc alternatives,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd |
47 | # TODO should use private-lib | 47 | # TODO should use private-lib |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index c5e44c6b4..31a51b2c4 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile | |||
@@ -56,7 +56,7 @@ disable-mnt | |||
56 | private-bin groff,man,tbl,troff,yelp | 56 | private-bin groff,man,tbl,troff,yelp |
57 | private-cache | 57 | private-cache |
58 | private-dev | 58 | private-dev |
59 | private-etc alsa,alternatives,asound.conf,crypto-policies,cups,dconf,drirc,fonts,gcrypt,groff,gtk-3.0,ld.so.preload,machine-id,man_db.conf,openal,os-release,pulse,sgml,xml | 59 | private-etc alsa,alternatives,asound.conf,crypto-policies,cups,dconf,drirc,fonts,gcrypt,groff,gtk-3.0,ld.so.cache,ld.so.preload,machine-id,man_db.conf,openal,os-release,pulse,sgml,xml |
60 | private-tmp | 60 | private-tmp |
61 | 61 | ||
62 | dbus-user filter | 62 | dbus-user filter |
diff --git a/etc/profile-m-z/youtube-viewers-common.profile b/etc/profile-m-z/youtube-viewers-common.profile index 3224f8fc6..80d551038 100644 --- a/etc/profile-m-z/youtube-viewers-common.profile +++ b/etc/profile-m-z/youtube-viewers-common.profile | |||
@@ -53,7 +53,7 @@ disable-mnt | |||
53 | private-bin bash,ffmpeg,ffprobe,firefox,mpv,perl,python*,sh,smplayer,stty,wget,which,xterm,youtube-dl,yt-dlp | 53 | private-bin bash,ffmpeg,ffprobe,firefox,mpv,perl,python*,sh,smplayer,stty,wget,which,xterm,youtube-dl,yt-dlp |
54 | private-cache | 54 | private-cache |
55 | private-dev | 55 | private-dev |
56 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,machine-id,mime.types,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl,X11,xdg | 56 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,mime.types,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl,X11,xdg |
57 | private-tmp | 57 | private-tmp |
58 | 58 | ||
59 | dbus-user none | 59 | dbus-user none |
diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile index c7dbec968..5c4d697da 100644 --- a/etc/profile-m-z/youtube.profile +++ b/etc/profile-m-z/youtube.profile | |||
@@ -17,7 +17,7 @@ mkdir ${HOME}/.config/Youtube | |||
17 | whitelist ${HOME}/.config/Youtube | 17 | whitelist ${HOME}/.config/Youtube |
18 | 18 | ||
19 | private-bin electron,electron[0-9],electron[0-9][0-9],youtube | 19 | private-bin electron,electron[0-9],electron[0-9][0-9],youtube |
20 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 20 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
21 | private-opt Youtube | 21 | private-opt Youtube |
22 | 22 | ||
23 | # Redirect | 23 | # Redirect |
diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile index 35ecf059d..2b5ffeaaf 100644 --- a/etc/profile-m-z/youtubemusic-nativefier.profile +++ b/etc/profile-m-z/youtubemusic-nativefier.profile | |||
@@ -14,7 +14,7 @@ mkdir ${HOME}/.config/youtubemusic-nativefier-040164 | |||
14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 | 14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 |
15 | 15 | ||
16 | private-bin electron,electron[0-9],electron[0-9][0-9],youtubemusic-nativefier | 16 | private-bin electron,electron[0-9],electron[0-9][0-9],youtubemusic-nativefier |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
18 | private-opt youtubemusic-nativefier | 18 | private-opt youtubemusic-nativefier |
19 | 19 | ||
20 | # Redirect | 20 | # Redirect |
diff --git a/etc/profile-m-z/yt-dlp.profile b/etc/profile-m-z/yt-dlp.profile index bfb24b488..32e873aa5 100644 --- a/etc/profile-m-z/yt-dlp.profile +++ b/etc/profile-m-z/yt-dlp.profile | |||
@@ -12,8 +12,8 @@ noblacklist ${HOME}/.cache/yt-dlp | |||
12 | noblacklist ${HOME}/.config/yt-dlp | 12 | noblacklist ${HOME}/.config/yt-dlp |
13 | noblacklist ${HOME}/yt-dlp.conf | 13 | noblacklist ${HOME}/yt-dlp.conf |
14 | 14 | ||
15 | private-bin yt-dlp | 15 | private-bin ffprobe,yt-dlp |
16 | private-etc ld.so.preload,yt-dlp.conf | 16 | private-etc alternatives,ld.so.cache,ld.so.preload,yt-dlp.conf |
17 | 17 | ||
18 | # Redirect | 18 | # Redirect |
19 | include youtube-dl.profile | 19 | include youtube-dl.profile |
diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile index 84f2f3cb2..59b6e2543 100644 --- a/etc/profile-m-z/ytmdesktop.profile +++ b/etc/profile-m-z/ytmdesktop.profile | |||
@@ -14,7 +14,7 @@ mkdir ${HOME}/.config/youtube-music-desktop-app | |||
14 | whitelist ${HOME}/.config/youtube-music-desktop-app | 14 | whitelist ${HOME}/.config/youtube-music-desktop-app |
15 | 15 | ||
16 | # private-bin env,ytmdesktop | 16 | # private-bin env,ytmdesktop |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
18 | # private-opt | 18 | # private-opt |
19 | 19 | ||
20 | # Redirect | 20 | # Redirect |
diff --git a/etc/profile-m-z/zulip.profile b/etc/profile-m-z/zulip.profile index c1c94d74f..8acfdd651 100644 --- a/etc/profile-m-z/zulip.profile +++ b/etc/profile-m-z/zulip.profile | |||
@@ -44,5 +44,5 @@ disable-mnt | |||
44 | private-bin locale,zulip | 44 | private-bin locale,zulip |
45 | private-cache | 45 | private-cache |
46 | private-dev | 46 | private-dev |
47 | private-etc asound.conf,fonts,ld.so.preload,machine-id | 47 | private-etc alternatives,asound.conf,fonts,ld.so.cache,ld.so.preload,machine-id |
48 | private-tmp | 48 | private-tmp |