diff options
Diffstat (limited to 'etc/profile-m-z')
405 files changed, 1934 insertions, 1707 deletions
diff --git a/etc/profile-m-z/Maelstrom.profile b/etc/profile-m-z/Maelstrom.profile index 62d0a8b3a..e6c43007d 100644 --- a/etc/profile-m-z/Maelstrom.profile +++ b/etc/profile-m-z/Maelstrom.profile | |||
@@ -6,7 +6,7 @@ include Maelstrom.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /var/lib/games/Maelstrom-Scores | 9 | nodeny /var/lib/games/Maelstrom-Scores |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /var/lib/games | 20 | allow /var/lib/games |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/Mathematica.profile b/etc/profile-m-z/Mathematica.profile index c2734b1c1..bd929d21a 100644 --- a/etc/profile-m-z/Mathematica.profile +++ b/etc/profile-m-z/Mathematica.profile | |||
@@ -5,8 +5,8 @@ include Mathematica.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.Mathematica | 8 | nodeny ${HOME}/.Mathematica |
9 | noblacklist ${HOME}/.Wolfram Research | 9 | nodeny ${HOME}/.Wolfram Research |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | mkdir ${HOME}/.Mathematica | 17 | mkdir ${HOME}/.Mathematica |
18 | mkdir ${HOME}/.Wolfram Research | 18 | mkdir ${HOME}/.Wolfram Research |
19 | mkdir ${HOME}/Documents/Wolfram Mathematica | 19 | mkdir ${HOME}/Documents/Wolfram Mathematica |
20 | whitelist ${HOME}/.Mathematica | 20 | allow ${HOME}/.Mathematica |
21 | whitelist ${HOME}/.Wolfram Research | 21 | allow ${HOME}/.Wolfram Research |
22 | whitelist ${HOME}/Documents/Wolfram Mathematica | 22 | allow ${HOME}/Documents/Wolfram Mathematica |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | 24 | ||
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-m-z/PCSX2.profile b/etc/profile-m-z/PCSX2.profile index e678b7204..f833b9446 100644 --- a/etc/profile-m-z/PCSX2.profile +++ b/etc/profile-m-z/PCSX2.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your PCSX2.local. | 9 | # Note: you must whitelist your games folder in your PCSX2.local. |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/PCSX2 | 11 | nodeny ${HOME}/.config/PCSX2 |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,7 +21,7 @@ include disable-write-mnt.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.config/PCSX2 | 23 | mkdir ${HOME}/.config/PCSX2 |
24 | whitelist ${HOME}/.config/PCSX2 | 24 | allow ${HOME}/.config/PCSX2 |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/QMediathekView.profile b/etc/profile-m-z/QMediathekView.profile index 86120587b..d7b01fe06 100644 --- a/etc/profile-m-z/QMediathekView.profile +++ b/etc/profile-m-z/QMediathekView.profile | |||
@@ -6,18 +6,18 @@ include QMediathekView.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/QMediathekView | 9 | nodeny ${HOME}/.config/QMediathekView |
10 | noblacklist ${HOME}/.local/share/QMediathekView | 10 | nodeny ${HOME}/.local/share/QMediathekView |
11 | 11 | ||
12 | noblacklist ${HOME}/.config/mpv | 12 | nodeny ${HOME}/.config/mpv |
13 | noblacklist ${HOME}/.config/smplayer | 13 | nodeny ${HOME}/.config/smplayer |
14 | noblacklist ${HOME}/.config/totem | 14 | nodeny ${HOME}/.config/totem |
15 | noblacklist ${HOME}/.config/vlc | 15 | nodeny ${HOME}/.config/vlc |
16 | noblacklist ${HOME}/.config/xplayer | 16 | nodeny ${HOME}/.config/xplayer |
17 | noblacklist ${HOME}/.local/share/totem | 17 | nodeny ${HOME}/.local/share/totem |
18 | noblacklist ${HOME}/.local/share/xplayer | 18 | nodeny ${HOME}/.local/share/xplayer |
19 | noblacklist ${HOME}/.mplayer | 19 | nodeny ${HOME}/.mplayer |
20 | noblacklist ${VIDEOS} | 20 | nodeny ${VIDEOS} |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
@@ -28,7 +28,7 @@ include disable-programs.inc | |||
28 | include disable-shell.inc | 28 | include disable-shell.inc |
29 | include disable-xdg.inc | 29 | include disable-xdg.inc |
30 | 30 | ||
31 | whitelist /usr/share/qtchooser | 31 | allow /usr/share/qtchooser |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile index 660378089..4ca42730a 100644 --- a/etc/profile-m-z/QOwnNotes.profile +++ b/etc/profile-m-z/QOwnNotes.profile | |||
@@ -6,10 +6,10 @@ include QOwnNotes.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | noblacklist ${HOME}/Nextcloud/Notes | 10 | nodeny ${HOME}/Nextcloud/Notes |
11 | noblacklist ${HOME}/.config/PBE | 11 | nodeny ${HOME}/.config/PBE |
12 | noblacklist ${HOME}/.local/share/PBE | 12 | nodeny ${HOME}/.local/share/PBE |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-xdg.inc | |||
23 | mkdir ${HOME}/Nextcloud/Notes | 23 | mkdir ${HOME}/Nextcloud/Notes |
24 | mkdir ${HOME}/.config/PBE | 24 | mkdir ${HOME}/.config/PBE |
25 | mkdir ${HOME}/.local/share/PBE | 25 | mkdir ${HOME}/.local/share/PBE |
26 | whitelist ${DOCUMENTS} | 26 | allow ${DOCUMENTS} |
27 | whitelist ${HOME}/Nextcloud/Notes | 27 | allow ${HOME}/Nextcloud/Notes |
28 | whitelist ${HOME}/.config/PBE | 28 | allow ${HOME}/.config/PBE |
29 | whitelist ${HOME}/.local/share/PBE | 29 | allow ${HOME}/.local/share/PBE |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
diff --git a/etc/profile-m-z/Viber.profile b/etc/profile-m-z/Viber.profile index 3195e39fa..b98847d3a 100644 --- a/etc/profile-m-z/Viber.profile +++ b/etc/profile-m-z/Viber.profile | |||
@@ -5,8 +5,8 @@ include Viber.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.ViberPC | 8 | nodeny ${HOME}/.ViberPC |
9 | noblacklist ${PATH}/dig | 9 | nodeny ${PATH}/dig |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.ViberPC | 18 | mkdir ${HOME}/.ViberPC |
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | whitelist ${HOME}/.ViberPC | 20 | allow ${HOME}/.ViberPC |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-m-z/XMind.profile b/etc/profile-m-z/XMind.profile index d78e04595..c9cf7adf7 100644 --- a/etc/profile-m-z/XMind.profile +++ b/etc/profile-m-z/XMind.profile | |||
@@ -5,7 +5,7 @@ include XMind.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.xmind | 8 | nodeny ${HOME}/.xmind |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -15,8 +15,8 @@ include disable-passwdmgr.inc | |||
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.xmind | 17 | mkdir ${HOME}/.xmind |
18 | whitelist ${HOME}/.xmind | 18 | allow ${HOME}/.xmind |
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | 21 | ||
22 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/profile-m-z/Xephyr.profile b/etc/profile-m-z/Xephyr.profile index 5cf5161ce..7ba1cdac9 100644 --- a/etc/profile-m-z/Xephyr.profile +++ b/etc/profile-m-z/Xephyr.profile | |||
@@ -15,7 +15,7 @@ include globals.local | |||
15 | # or run "sudo firecfg" | 15 | # or run "sudo firecfg" |
16 | # | 16 | # |
17 | 17 | ||
18 | whitelist /var/lib/xkb | 18 | allow /var/lib/xkb |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | 20 | ||
21 | caps.drop all | 21 | caps.drop all |
diff --git a/etc/profile-m-z/Xvfb.profile b/etc/profile-m-z/Xvfb.profile index 1acd43023..a246ccb23 100644 --- a/etc/profile-m-z/Xvfb.profile +++ b/etc/profile-m-z/Xvfb.profile | |||
@@ -18,7 +18,7 @@ include globals.local | |||
18 | # some Linux distributions. Also, older versions of Xpra use Xvfb. | 18 | # some Linux distributions. Also, older versions of Xpra use Xvfb. |
19 | # | 19 | # |
20 | 20 | ||
21 | whitelist /var/lib/xkb | 21 | allow /var/lib/xkb |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/ZeGrapher.profile b/etc/profile-m-z/ZeGrapher.profile index 7686c3442..4f65ad7d1 100644 --- a/etc/profile-m-z/ZeGrapher.profile +++ b/etc/profile-m-z/ZeGrapher.profile | |||
@@ -6,7 +6,7 @@ include ZeGrapher.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/ZeGrapher Project | 9 | nodeny ${HOME}/.config/ZeGrapher Project |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | whitelist /usr/share/ZeGrapher | 19 | allow /usr/share/ZeGrapher |
20 | include whitelist-runuser-common.inc | 20 | include whitelist-runuser-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/io.github.lainsce.Notejot.profile b/etc/profile-m-z/io.github.lainsce.Notejot.profile new file mode 100644 index 000000000..a8029db72 --- /dev/null +++ b/etc/profile-m-z/io.github.lainsce.Notejot.profile | |||
@@ -0,0 +1,61 @@ | |||
1 | # Firejail profile for notejot | ||
2 | # Description: Jot your ideas | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include io.github.lainsce.Notejot.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | nodeny ${HOME}/.cache/io.github.lainsce.Notejot | ||
10 | nodeny ${HOME}/.local/share/io.github.lainsce.Notejot | ||
11 | |||
12 | include disable-common.inc | ||
13 | include disable-devel.inc | ||
14 | include disable-exec.inc | ||
15 | include disable-interpreters.inc | ||
16 | include disable-passwdmgr.inc | ||
17 | include disable-programs.inc | ||
18 | include disable-shell.inc | ||
19 | include disable-xdg.inc | ||
20 | |||
21 | mkdir ${HOME}/.cache/io.github.lainsce.Notejot | ||
22 | mkdir ${HOME}/.local/share/io.github.lainsce.Notejot | ||
23 | allow ${HOME}/.cache/io.github.lainsce.Notejot | ||
24 | allow ${HOME}/.local/share/io.github.lainsce.Notejot | ||
25 | allow /usr/libexec/webkit2gtk-4.0 | ||
26 | include whitelist-common.inc | ||
27 | include whitelist-runuser-common.inc | ||
28 | include whitelist-usr-share-common.inc | ||
29 | include whitelist-var-common.inc | ||
30 | |||
31 | apparmor | ||
32 | caps.drop all | ||
33 | machine-id | ||
34 | net none | ||
35 | no3d | ||
36 | nodvd | ||
37 | nogroups | ||
38 | noinput | ||
39 | nonewprivs | ||
40 | noroot | ||
41 | nosound | ||
42 | notv | ||
43 | nou2f | ||
44 | novideo | ||
45 | protocol unix | ||
46 | seccomp | ||
47 | seccomp.block-secondary | ||
48 | shell none | ||
49 | tracelog | ||
50 | |||
51 | disable-mnt | ||
52 | private-bin io.github.lainsce.Notejot | ||
53 | private-cache | ||
54 | private-dev | ||
55 | private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11 | ||
56 | private-tmp | ||
57 | |||
58 | dbus-user filter | ||
59 | dbus-user.own io.github.lainsce.Notejot | ||
60 | dbus-user.talk ca.desrt.dconf | ||
61 | dbus-system none | ||
diff --git a/etc/profile-m-z/macrofusion.profile b/etc/profile-m-z/macrofusion.profile index d1dcb6fe0..763d475bb 100644 --- a/etc/profile-m-z/macrofusion.profile +++ b/etc/profile-m-z/macrofusion.profile | |||
@@ -5,8 +5,8 @@ include macrofusion.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/mfusion | 8 | nodeny ${HOME}/.config/mfusion |
9 | noblacklist ${PICTURES} | 9 | nodeny ${PICTURES} |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
diff --git a/etc/profile-m-z/magicor.profile b/etc/profile-m-z/magicor.profile index 8a27b2626..d561a5095 100644 --- a/etc/profile-m-z/magicor.profile +++ b/etc/profile-m-z/magicor.profile | |||
@@ -6,7 +6,7 @@ include magicor.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.magicor | 9 | nodeny ${HOME}/.magicor |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -21,8 +21,8 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.magicor | 23 | mkdir ${HOME}/.magicor |
24 | whitelist ${HOME}/.magicor | 24 | allow ${HOME}/.magicor |
25 | whitelist /usr/share/magicor | 25 | allow /usr/share/magicor |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/makepkg.profile b/etc/profile-m-z/makepkg.profile index 513fcae55..a7c486c9f 100644 --- a/etc/profile-m-z/makepkg.profile +++ b/etc/profile-m-z/makepkg.profile | |||
@@ -6,8 +6,8 @@ include makepkg.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | 9 | deny /tmp/.X11-unix |
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | # Note: see this Arch forum discussion https://bbs.archlinux.org/viewtopic.php?pid=1743138 | 12 | # Note: see this Arch forum discussion https://bbs.archlinux.org/viewtopic.php?pid=1743138 |
13 | # for potential issues and their solutions when Firejailing makepkg | 13 | # for potential issues and their solutions when Firejailing makepkg |
@@ -17,18 +17,18 @@ blacklist ${RUNUSER}/wayland-* | |||
17 | # whitelist ${HOME}/.gnupg | 17 | # whitelist ${HOME}/.gnupg |
18 | 18 | ||
19 | # Enable severely restricted access to ${HOME}/.gnupg | 19 | # Enable severely restricted access to ${HOME}/.gnupg |
20 | noblacklist ${HOME}/.gnupg | 20 | nodeny ${HOME}/.gnupg |
21 | read-only ${HOME}/.gnupg/gpg.conf | 21 | read-only ${HOME}/.gnupg/gpg.conf |
22 | read-only ${HOME}/.gnupg/trustdb.gpg | 22 | read-only ${HOME}/.gnupg/trustdb.gpg |
23 | read-only ${HOME}/.gnupg/pubring.kbx | 23 | read-only ${HOME}/.gnupg/pubring.kbx |
24 | blacklist ${HOME}/.gnupg/random_seed | 24 | deny ${HOME}/.gnupg/random_seed |
25 | blacklist ${HOME}/.gnupg/pubring.kbx~ | 25 | deny ${HOME}/.gnupg/pubring.kbx~ |
26 | blacklist ${HOME}/.gnupg/private-keys-v1.d | 26 | deny ${HOME}/.gnupg/private-keys-v1.d |
27 | blacklist ${HOME}/.gnupg/crls.d | 27 | deny ${HOME}/.gnupg/crls.d |
28 | blacklist ${HOME}/.gnupg/openpgp-revocs.d | 28 | deny ${HOME}/.gnupg/openpgp-revocs.d |
29 | 29 | ||
30 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. | 30 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. |
31 | noblacklist /var/lib/pacman | 31 | nodeny /var/lib/pacman |
32 | 32 | ||
33 | include disable-common.inc | 33 | include disable-common.inc |
34 | include disable-exec.inc | 34 | include disable-exec.inc |
diff --git a/etc/profile-m-z/man.profile b/etc/profile-m-z/man.profile index bd510fcac..383eeeeb7 100644 --- a/etc/profile-m-z/man.profile +++ b/etc/profile-m-z/man.profile | |||
@@ -7,10 +7,10 @@ include man.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | deny ${RUNUSER} |
11 | 11 | ||
12 | noblacklist ${HOME}/.local/share/man | 12 | nodeny ${HOME}/.local/share/man |
13 | noblacklist ${HOME}/.rustup | 13 | nodeny ${HOME}/.rustup |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -23,12 +23,12 @@ include disable-xdg.inc | |||
23 | #mkdir ${HOME}/.local/share/man | 23 | #mkdir ${HOME}/.local/share/man |
24 | #whitelist ${HOME}/.local/share/man | 24 | #whitelist ${HOME}/.local/share/man |
25 | #whitelist ${HOME}/.manpath | 25 | #whitelist ${HOME}/.manpath |
26 | whitelist /usr/share/groff | 26 | allow /usr/share/groff |
27 | whitelist /usr/share/info | 27 | allow /usr/share/info |
28 | whitelist /usr/share/lintian | 28 | allow /usr/share/lintian |
29 | whitelist /usr/share/locale | 29 | allow /usr/share/locale |
30 | whitelist /usr/share/man | 30 | allow /usr/share/man |
31 | whitelist /var/cache/man | 31 | allow /var/cache/man |
32 | #include whitelist-common.inc | 32 | #include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/manaplus.profile b/etc/profile-m-z/manaplus.profile index f59a56ac6..67ee783a6 100644 --- a/etc/profile-m-z/manaplus.profile +++ b/etc/profile-m-z/manaplus.profile | |||
@@ -6,8 +6,8 @@ include manaplus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mana | 9 | nodeny ${HOME}/.config/mana |
10 | noblacklist ${HOME}/.local/share/mana | 10 | nodeny ${HOME}/.local/share/mana |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -21,8 +21,8 @@ include disable-xdg.inc | |||
21 | mkdir ${HOME}/.config/mana | 21 | mkdir ${HOME}/.config/mana |
22 | mkdir ${HOME}/.config/mana/mana | 22 | mkdir ${HOME}/.config/mana/mana |
23 | mkdir ${HOME}/.local/share/mana | 23 | mkdir ${HOME}/.local/share/mana |
24 | whitelist ${HOME}/.config/mana | 24 | allow ${HOME}/.config/mana |
25 | whitelist ${HOME}/.local/share/mana | 25 | allow ${HOME}/.local/share/mana |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/marker.profile b/etc/profile-m-z/marker.profile index bd56a8221..7645ad335 100644 --- a/etc/profile-m-z/marker.profile +++ b/etc/profile-m-z/marker.profile | |||
@@ -11,8 +11,8 @@ include globals.local | |||
11 | #protocol unix,inet,inet6 | 11 | #protocol unix,inet,inet6 |
12 | #private-etc ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf | 12 | #private-etc ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf |
13 | 13 | ||
14 | noblacklist ${HOME}/.cache/marker | 14 | nodeny ${HOME}/.cache/marker |
15 | noblacklist ${DOCUMENTS} | 15 | nodeny ${DOCUMENTS} |
16 | 16 | ||
17 | include allow-python3.inc | 17 | include allow-python3.inc |
18 | 18 | ||
@@ -25,8 +25,8 @@ include disable-programs.inc | |||
25 | include disable-shell.inc | 25 | include disable-shell.inc |
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | whitelist /usr/libexec/webkit2gtk-4.0 | 28 | allow /usr/libexec/webkit2gtk-4.0 |
29 | whitelist /usr/share/com.github.fabiocolacio.marker | 29 | allow /usr/share/com.github.fabiocolacio.marker |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
32 | include whitelist-var-common.inc | 32 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/masterpdfeditor.profile b/etc/profile-m-z/masterpdfeditor.profile index de1135071..d8b215b7f 100644 --- a/etc/profile-m-z/masterpdfeditor.profile +++ b/etc/profile-m-z/masterpdfeditor.profile | |||
@@ -6,8 +6,8 @@ include masterpdfeditor.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Code Industry | 9 | nodeny ${HOME}/.config/Code Industry |
10 | noblacklist ${HOME}/.masterpdfeditor | 10 | nodeny ${HOME}/.masterpdfeditor |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mate-calc.profile b/etc/profile-m-z/mate-calc.profile index 39ee7439d..92832783e 100644 --- a/etc/profile-m-z/mate-calc.profile +++ b/etc/profile-m-z/mate-calc.profile | |||
@@ -6,7 +6,7 @@ include mate-calc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mate-calc | 9 | nodeny ${HOME}/.config/mate-calc |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-programs.inc | |||
18 | mkdir ${HOME}/.cache/mate-calc | 18 | mkdir ${HOME}/.cache/mate-calc |
19 | mkdir ${HOME}/.config/caja | 19 | mkdir ${HOME}/.config/caja |
20 | mkdir ${HOME}/.config/mate-menu | 20 | mkdir ${HOME}/.config/mate-menu |
21 | whitelist ${HOME}/.cache/mate-calc | 21 | allow ${HOME}/.cache/mate-calc |
22 | whitelist ${HOME}/.config/caja | 22 | allow ${HOME}/.config/caja |
23 | whitelist ${HOME}/.config/mate-menu | 23 | allow ${HOME}/.config/mate-menu |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/mate-dictionary.profile b/etc/profile-m-z/mate-dictionary.profile index ae1fcbf62..90c9d0993 100644 --- a/etc/profile-m-z/mate-dictionary.profile +++ b/etc/profile-m-z/mate-dictionary.profile | |||
@@ -5,7 +5,7 @@ include mate-dictionary.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/mate/mate-dictionary | 8 | nodeny ${HOME}/.config/mate/mate-dictionary |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.config/mate/mate-dictionary | 18 | mkdir ${HOME}/.config/mate/mate-dictionary |
19 | whitelist ${HOME}/.config/mate/mate-dictionary | 19 | allow ${HOME}/.config/mate/mate-dictionary |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | 21 | ||
22 | apparmor | 22 | apparmor |
diff --git a/etc/profile-m-z/matrix-mirage.profile b/etc/profile-m-z/matrix-mirage.profile index b3080df88..8ee470a50 100644 --- a/etc/profile-m-z/matrix-mirage.profile +++ b/etc/profile-m-z/matrix-mirage.profile | |||
@@ -7,16 +7,16 @@ include matrix-mirage.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.cache/matrix-mirage | 10 | nodeny ${HOME}/.cache/matrix-mirage |
11 | noblacklist ${HOME}/.config/matrix-mirage | 11 | nodeny ${HOME}/.config/matrix-mirage |
12 | noblacklist ${HOME}/.local/share/matrix-mirage | 12 | nodeny ${HOME}/.local/share/matrix-mirage |
13 | 13 | ||
14 | mkdir ${HOME}/.cache/matrix-mirage | 14 | mkdir ${HOME}/.cache/matrix-mirage |
15 | mkdir ${HOME}/.config/matrix-mirage | 15 | mkdir ${HOME}/.config/matrix-mirage |
16 | mkdir ${HOME}/.local/share/matrix-mirage | 16 | mkdir ${HOME}/.local/share/matrix-mirage |
17 | whitelist ${HOME}/.cache/matrix-mirage | 17 | allow ${HOME}/.cache/matrix-mirage |
18 | whitelist ${HOME}/.config/matrix-mirage | 18 | allow ${HOME}/.config/matrix-mirage |
19 | whitelist ${HOME}/.local/share/matrix-mirage | 19 | allow ${HOME}/.local/share/matrix-mirage |
20 | 20 | ||
21 | private-bin matrix-mirage | 21 | private-bin matrix-mirage |
22 | 22 | ||
diff --git a/etc/profile-m-z/mattermost-desktop.profile b/etc/profile-m-z/mattermost-desktop.profile index 3c2bf4fa3..01076a90a 100644 --- a/etc/profile-m-z/mattermost-desktop.profile +++ b/etc/profile-m-z/mattermost-desktop.profile | |||
@@ -10,12 +10,12 @@ ignore apparmor | |||
10 | ignore dbus-user none | 10 | ignore dbus-user none |
11 | ignore dbus-system none | 11 | ignore dbus-system none |
12 | 12 | ||
13 | noblacklist ${HOME}/.config/Mattermost | 13 | nodeny ${HOME}/.config/Mattermost |
14 | 14 | ||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/Mattermost | 17 | mkdir ${HOME}/.config/Mattermost |
18 | whitelist ${HOME}/.config/Mattermost | 18 | allow ${HOME}/.config/Mattermost |
19 | 19 | ||
20 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 20 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl |
21 | 21 | ||
diff --git a/etc/profile-m-z/mcabber.profile b/etc/profile-m-z/mcabber.profile index 38d2d8d63..ae749114a 100644 --- a/etc/profile-m-z/mcabber.profile +++ b/etc/profile-m-z/mcabber.profile | |||
@@ -6,8 +6,8 @@ include mcabber.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.mcabber | 9 | nodeny ${HOME}/.mcabber |
10 | noblacklist ${HOME}/.mcabberrc | 10 | nodeny ${HOME}/.mcabberrc |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mcomix.profile b/etc/profile-m-z/mcomix.profile index fcd1e24e5..d9e12fb5d 100644 --- a/etc/profile-m-z/mcomix.profile +++ b/etc/profile-m-z/mcomix.profile | |||
@@ -6,9 +6,9 @@ include mcomix.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mcomix | 9 | nodeny ${HOME}/.config/mcomix |
10 | noblacklist ${HOME}/.local/share/mcomix | 10 | nodeny ${HOME}/.local/share/mcomix |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 13 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
14 | include allow-bin-sh.inc | 14 | include allow-bin-sh.inc |
@@ -30,7 +30,7 @@ include disable-xdg.inc | |||
30 | 30 | ||
31 | mkdir ${HOME}/.config/mcomix | 31 | mkdir ${HOME}/.config/mcomix |
32 | mkdir ${HOME}/.local/share/mcomix | 32 | mkdir ${HOME}/.local/share/mcomix |
33 | whitelist /usr/share/mcomix | 33 | allow /usr/share/mcomix |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
36 | include whitelist-runuser-common.inc | 36 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/mdr.profile b/etc/profile-m-z/mdr.profile index 5d3f8dc41..9e8656290 100644 --- a/etc/profile-m-z/mdr.profile +++ b/etc/profile-m-z/mdr.profile | |||
@@ -5,7 +5,7 @@ include mdr.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | blacklist ${RUNUSER}/wayland-* | 8 | deny ${RUNUSER}/wayland-* |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-m-z/mediainfo.profile b/etc/profile-m-z/mediainfo.profile index 17363624f..ae34ea321 100644 --- a/etc/profile-m-z/mediainfo.profile +++ b/etc/profile-m-z/mediainfo.profile | |||
@@ -6,7 +6,7 @@ include mediainfo.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | 9 | deny ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mediathekview.profile b/etc/profile-m-z/mediathekview.profile index 0063badd8..3459ad4cf 100644 --- a/etc/profile-m-z/mediathekview.profile +++ b/etc/profile-m-z/mediathekview.profile | |||
@@ -6,16 +6,16 @@ include mediathekview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mpv | 9 | nodeny ${HOME}/.config/mpv |
10 | noblacklist ${HOME}/.config/smplayer | 10 | nodeny ${HOME}/.config/smplayer |
11 | noblacklist ${HOME}/.config/totem | 11 | nodeny ${HOME}/.config/totem |
12 | noblacklist ${HOME}/.config/vlc | 12 | nodeny ${HOME}/.config/vlc |
13 | noblacklist ${HOME}/.config/xplayer | 13 | nodeny ${HOME}/.config/xplayer |
14 | noblacklist ${HOME}/.local/share/totem | 14 | nodeny ${HOME}/.local/share/totem |
15 | noblacklist ${HOME}/.local/share/xplayer | 15 | nodeny ${HOME}/.local/share/xplayer |
16 | noblacklist ${HOME}/.mediathek3 | 16 | nodeny ${HOME}/.mediathek3 |
17 | noblacklist ${HOME}/.mplayer | 17 | nodeny ${HOME}/.mplayer |
18 | noblacklist ${VIDEOS} | 18 | nodeny ${VIDEOS} |
19 | 19 | ||
20 | # Allow java (blacklisted by disable-devel.inc) | 20 | # Allow java (blacklisted by disable-devel.inc) |
21 | include allow-java.inc | 21 | include allow-java.inc |
diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile index f07b9166a..ad9094ddf 100644 --- a/etc/profile-m-z/megaglest.profile +++ b/etc/profile-m-z/megaglest.profile | |||
@@ -6,7 +6,7 @@ include megaglest.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.megaglest | 9 | nodeny ${HOME}/.megaglest |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.megaglest | 20 | mkdir ${HOME}/.megaglest |
21 | whitelist ${HOME}/.megaglest | 21 | allow ${HOME}/.megaglest |
22 | whitelist /usr/share/megaglest | 22 | allow /usr/share/megaglest |
23 | whitelist /usr/share/games/megaglest # Debian version | 23 | allow /usr/share/games/megaglest # Debian version |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile index 2a8bb3acf..06ee572c9 100644 --- a/etc/profile-m-z/meld.profile +++ b/etc/profile-m-z/meld.profile | |||
@@ -13,12 +13,12 @@ include globals.local | |||
13 | # Calling it by its absolute path (example for git mergetool): | 13 | # Calling it by its absolute path (example for git mergetool): |
14 | # $ git config --global mergetool.meld.cmd /usr/bin/meld | 14 | # $ git config --global mergetool.meld.cmd /usr/bin/meld |
15 | 15 | ||
16 | noblacklist ${HOME}/.config/meld | 16 | nodeny ${HOME}/.config/meld |
17 | noblacklist ${HOME}/.config/git | 17 | nodeny ${HOME}/.config/git |
18 | noblacklist ${HOME}/.gitconfig | 18 | nodeny ${HOME}/.gitconfig |
19 | noblacklist ${HOME}/.git-credentials | 19 | nodeny ${HOME}/.git-credentials |
20 | noblacklist ${HOME}/.local/share/meld | 20 | nodeny ${HOME}/.local/share/meld |
21 | noblacklist ${HOME}/.subversion | 21 | nodeny ${HOME}/.subversion |
22 | 22 | ||
23 | # Allow python (blacklisted by disable-interpreters.inc) | 23 | # Allow python (blacklisted by disable-interpreters.inc) |
24 | # Python 2 is EOL (see #3164). Add the next line to your meld.local if you understand the risks | 24 | # Python 2 is EOL (see #3164). Add the next line to your meld.local if you understand the risks |
@@ -29,7 +29,7 @@ include allow-python3.inc | |||
29 | # Allow ssh (blacklisted by disable-common.inc) | 29 | # Allow ssh (blacklisted by disable-common.inc) |
30 | include allow-ssh.inc | 30 | include allow-ssh.inc |
31 | 31 | ||
32 | blacklist /usr/libexec | 32 | deny /usr/libexec |
33 | 33 | ||
34 | # Add the next line to your meld.local if you don't need to compare files in disable-common.inc. | 34 | # Add the next line to your meld.local if you don't need to compare files in disable-common.inc. |
35 | #include disable-common.inc | 35 | #include disable-common.inc |
diff --git a/etc/profile-m-z/mendeleydesktop.profile b/etc/profile-m-z/mendeleydesktop.profile index c0bdbb230..e33d6c157 100644 --- a/etc/profile-m-z/mendeleydesktop.profile +++ b/etc/profile-m-z/mendeleydesktop.profile | |||
@@ -6,13 +6,13 @@ include mendeleydesktop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | noblacklist ${HOME}/.cache/Mendeley Ltd. | 10 | nodeny ${HOME}/.cache/Mendeley Ltd. |
11 | noblacklist ${HOME}/.config/Mendeley Ltd. | 11 | nodeny ${HOME}/.config/Mendeley Ltd. |
12 | noblacklist ${HOME}/.local/share/Mendeley Ltd. | 12 | nodeny ${HOME}/.local/share/Mendeley Ltd. |
13 | noblacklist ${HOME}/.local/share/data/Mendeley Ltd. | 13 | nodeny ${HOME}/.local/share/data/Mendeley Ltd. |
14 | noblacklist ${HOME}/.pki | 14 | nodeny ${HOME}/.pki |
15 | noblacklist ${HOME}/.local/share/pki | 15 | nodeny ${HOME}/.local/share/pki |
16 | 16 | ||
17 | # Allow python (blacklisted by disable-interpreters.inc) | 17 | # Allow python (blacklisted by disable-interpreters.inc) |
18 | include allow-python2.inc | 18 | include allow-python2.inc |
diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index 2081b8c96..52808a5b5 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile | |||
@@ -19,13 +19,13 @@ include disable-passwdmgr.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | # Whitelist your system icon directory,varies by distro | 21 | # Whitelist your system icon directory,varies by distro |
22 | whitelist /usr/share/app-info | 22 | allow /usr/share/app-info |
23 | whitelist /usr/share/desktop-directories | 23 | allow /usr/share/desktop-directories |
24 | whitelist /usr/share/icons | 24 | allow /usr/share/icons |
25 | whitelist /usr/share/menulibre | 25 | allow /usr/share/menulibre |
26 | whitelist /var/lib/app-info/icons | 26 | allow /var/lib/app-info/icons |
27 | whitelist /var/lib/flatpak/exports/share/applications | 27 | allow /var/lib/flatpak/exports/share/applications |
28 | whitelist /var/lib/flatpak/exports/share/icons | 28 | allow /var/lib/flatpak/exports/share/icons |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/meteo-qt.profile b/etc/profile-m-z/meteo-qt.profile index 85ed7bc74..48f936632 100644 --- a/etc/profile-m-z/meteo-qt.profile +++ b/etc/profile-m-z/meteo-qt.profile | |||
@@ -6,8 +6,8 @@ include meteo-qt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/autostart | 9 | nodeny ${HOME}/.config/autostart |
10 | noblacklist ${HOME}/.config/meteo-qt | 10 | nodeny ${HOME}/.config/meteo-qt |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
@@ -22,8 +22,8 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.config/meteo-qt | 24 | mkdir ${HOME}/.config/meteo-qt |
25 | whitelist ${HOME}/.config/autostart | 25 | allow ${HOME}/.config/autostart |
26 | whitelist ${HOME}/.config/meteo-qt | 26 | allow ${HOME}/.config/meteo-qt |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/microsoft-edge-beta.profile b/etc/profile-m-z/microsoft-edge-beta.profile new file mode 100644 index 000000000..259d39a5f --- /dev/null +++ b/etc/profile-m-z/microsoft-edge-beta.profile | |||
@@ -0,0 +1,20 @@ | |||
1 | # Firejail profile for Microsoft Edge Beta | ||
2 | # Description: Web browser from Microsoft,beta channel | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include microsoft-edge-beta.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | nodeny ${HOME}/.cache/microsoft-edge-beta | ||
10 | nodeny ${HOME}/.config/microsoft-edge-beta | ||
11 | |||
12 | mkdir ${HOME}/.cache/microsoft-edge-beta | ||
13 | mkdir ${HOME}/.config/microsoft-edge-beta | ||
14 | allow ${HOME}/.cache/microsoft-edge-beta | ||
15 | allow ${HOME}/.config/microsoft-edge-beta | ||
16 | |||
17 | private-opt microsoft | ||
18 | |||
19 | # Redirect | ||
20 | include chromium-common.profile \ No newline at end of file | ||
diff --git a/etc/profile-m-z/microsoft-edge-dev.profile b/etc/profile-m-z/microsoft-edge-dev.profile index 039cd36a8..96465866c 100644 --- a/etc/profile-m-z/microsoft-edge-dev.profile +++ b/etc/profile-m-z/microsoft-edge-dev.profile | |||
@@ -6,13 +6,13 @@ include microsoft-edge-dev.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/microsoft-edge-dev | 9 | nodeny ${HOME}/.cache/microsoft-edge-dev |
10 | noblacklist ${HOME}/.config/microsoft-edge-dev | 10 | nodeny ${HOME}/.config/microsoft-edge-dev |
11 | 11 | ||
12 | mkdir ${HOME}/.cache/microsoft-edge-dev | 12 | mkdir ${HOME}/.cache/microsoft-edge-dev |
13 | mkdir ${HOME}/.config/microsoft-edge-dev | 13 | mkdir ${HOME}/.config/microsoft-edge-dev |
14 | whitelist ${HOME}/.cache/microsoft-edge-dev | 14 | allow ${HOME}/.cache/microsoft-edge-dev |
15 | whitelist ${HOME}/.config/microsoft-edge-dev | 15 | allow ${HOME}/.config/microsoft-edge-dev |
16 | 16 | ||
17 | private-opt microsoft | 17 | private-opt microsoft |
18 | 18 | ||
diff --git a/etc/profile-m-z/midori.profile b/etc/profile-m-z/midori.profile index e15259608..c4a444e0d 100644 --- a/etc/profile-m-z/midori.profile +++ b/etc/profile-m-z/midori.profile | |||
@@ -9,17 +9,17 @@ include globals.local | |||
9 | # noexec ${HOME} breaks DRM binaries. | 9 | # noexec ${HOME} breaks DRM binaries. |
10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
11 | 11 | ||
12 | noblacklist ${HOME}/.cache/midori | 12 | nodeny ${HOME}/.cache/midori |
13 | noblacklist ${HOME}/.config/midori | 13 | nodeny ${HOME}/.config/midori |
14 | noblacklist ${HOME}/.local/share/midori | 14 | nodeny ${HOME}/.local/share/midori |
15 | # noblacklist ${HOME}/.local/share/webkit | 15 | # noblacklist ${HOME}/.local/share/webkit |
16 | # noblacklist ${HOME}/.local/share/webkitgtk | 16 | # noblacklist ${HOME}/.local/share/webkitgtk |
17 | noblacklist ${HOME}/.pki | 17 | nodeny ${HOME}/.pki |
18 | noblacklist ${HOME}/.local/share/pki | 18 | nodeny ${HOME}/.local/share/pki |
19 | 19 | ||
20 | noblacklist ${HOME}/.cache/gnome-mplayer | 20 | nodeny ${HOME}/.cache/gnome-mplayer |
21 | noblacklist ${HOME}/.config/gnome-mplayer | 21 | nodeny ${HOME}/.config/gnome-mplayer |
22 | noblacklist ${HOME}/.lastpass | 22 | nodeny ${HOME}/.lastpass |
23 | 23 | ||
24 | include disable-common.inc | 24 | include disable-common.inc |
25 | include disable-devel.inc | 25 | include disable-devel.inc |
@@ -36,17 +36,17 @@ mkdir ${HOME}/.local/share/webkit | |||
36 | mkdir ${HOME}/.local/share/webkitgtk | 36 | mkdir ${HOME}/.local/share/webkitgtk |
37 | mkdir ${HOME}/.pki | 37 | mkdir ${HOME}/.pki |
38 | mkdir ${HOME}/.local/share/pki | 38 | mkdir ${HOME}/.local/share/pki |
39 | whitelist ${DOWNLOADS} | 39 | allow ${DOWNLOADS} |
40 | whitelist ${HOME}/.cache/gnome-mplayer/plugin | 40 | allow ${HOME}/.cache/gnome-mplayer/plugin |
41 | whitelist ${HOME}/.cache/midori | 41 | allow ${HOME}/.cache/midori |
42 | whitelist ${HOME}/.config/gnome-mplayer | 42 | allow ${HOME}/.config/gnome-mplayer |
43 | whitelist ${HOME}/.config/midori | 43 | allow ${HOME}/.config/midori |
44 | whitelist ${HOME}/.lastpass | 44 | allow ${HOME}/.lastpass |
45 | whitelist ${HOME}/.local/share/midori | 45 | allow ${HOME}/.local/share/midori |
46 | whitelist ${HOME}/.local/share/webkit | 46 | allow ${HOME}/.local/share/webkit |
47 | whitelist ${HOME}/.local/share/webkitgtk | 47 | allow ${HOME}/.local/share/webkitgtk |
48 | whitelist ${HOME}/.pki | 48 | allow ${HOME}/.pki |
49 | whitelist ${HOME}/.local/share/pki | 49 | allow ${HOME}/.local/share/pki |
50 | include whitelist-common.inc | 50 | include whitelist-common.inc |
51 | include whitelist-var-common.inc | 51 | include whitelist-var-common.inc |
52 | 52 | ||
diff --git a/etc/profile-m-z/min.profile b/etc/profile-m-z/min.profile index 7f3aeab44..214332184 100644 --- a/etc/profile-m-z/min.profile +++ b/etc/profile-m-z/min.profile | |||
@@ -6,10 +6,10 @@ include min.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Min | 9 | nodeny ${HOME}/.config/Min |
10 | 10 | ||
11 | mkdir ${HOME}/.config/Min | 11 | mkdir ${HOME}/.config/Min |
12 | whitelist ${HOME}/.config/Min | 12 | allow ${HOME}/.config/Min |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include chromium-common.profile | 15 | include chromium-common.profile |
diff --git a/etc/profile-m-z/mindless.profile b/etc/profile-m-z/mindless.profile index fbf6b58e8..ee8402b87 100644 --- a/etc/profile-m-z/mindless.profile +++ b/etc/profile-m-z/mindless.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | whitelist /usr/share/mindless | 18 | allow /usr/share/mindless |
19 | include whitelist-usr-share-common.inc | 19 | include whitelist-usr-share-common.inc |
20 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/minecraft-launcher.profile b/etc/profile-m-z/minecraft-launcher.profile index 1028e374a..595313851 100644 --- a/etc/profile-m-z/minecraft-launcher.profile +++ b/etc/profile-m-z/minecraft-launcher.profile | |||
@@ -11,7 +11,7 @@ include globals.local | |||
11 | 11 | ||
12 | ignore noexec ${HOME} | 12 | ignore noexec ${HOME} |
13 | 13 | ||
14 | noblacklist ${HOME}/.minecraft | 14 | nodeny ${HOME}/.minecraft |
15 | 15 | ||
16 | include allow-java.inc | 16 | include allow-java.inc |
17 | 17 | ||
@@ -25,7 +25,7 @@ include disable-shell.inc | |||
25 | include disable-xdg.inc | 25 | include disable-xdg.inc |
26 | 26 | ||
27 | mkdir ${HOME}/.minecraft | 27 | mkdir ${HOME}/.minecraft |
28 | whitelist ${HOME}/.minecraft | 28 | allow ${HOME}/.minecraft |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index cad1adbda..11d0859b7 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile | |||
@@ -9,8 +9,8 @@ include globals.local | |||
9 | # In order to save in-game screenshots to a persistent location edit ~/.minetest/minetest.conf: | 9 | # In order to save in-game screenshots to a persistent location edit ~/.minetest/minetest.conf: |
10 | # screenshot_path = /home/<USER>/.minetest/screenshots | 10 | # screenshot_path = /home/<USER>/.minetest/screenshots |
11 | 11 | ||
12 | noblacklist ${HOME}/.cache/minetest | 12 | nodeny ${HOME}/.cache/minetest |
13 | noblacklist ${HOME}/.minetest | 13 | nodeny ${HOME}/.minetest |
14 | 14 | ||
15 | # Allow lua (blacklisted by disable-interpreters.inc) | 15 | # Allow lua (blacklisted by disable-interpreters.inc) |
16 | include allow-lua.inc | 16 | include allow-lua.inc |
@@ -26,10 +26,10 @@ include disable-xdg.inc | |||
26 | 26 | ||
27 | mkdir ${HOME}/.cache/minetest | 27 | mkdir ${HOME}/.cache/minetest |
28 | mkdir ${HOME}/.minetest | 28 | mkdir ${HOME}/.minetest |
29 | whitelist ${HOME}/.cache/minetest | 29 | allow ${HOME}/.cache/minetest |
30 | whitelist ${HOME}/.minetest | 30 | allow ${HOME}/.minetest |
31 | whitelist /usr/share/games/minetest | 31 | allow /usr/share/games/minetest |
32 | whitelist /usr/share/minetest | 32 | allow /usr/share/minetest |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/minitube.profile b/etc/profile-m-z/minitube.profile index 3fe3428d0..192913dbf 100644 --- a/etc/profile-m-z/minitube.profile +++ b/etc/profile-m-z/minitube.profile | |||
@@ -6,10 +6,10 @@ include minitube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${PICTURES} | 9 | nodeny ${PICTURES} |
10 | noblacklist ${HOME}/.cache/Flavio Tordini | 10 | nodeny ${HOME}/.cache/Flavio Tordini |
11 | noblacklist ${HOME}/.config/Flavio Tordini | 11 | nodeny ${HOME}/.config/Flavio Tordini |
12 | noblacklist ${HOME}/.local/share/Flavio Tordini | 12 | nodeny ${HOME}/.local/share/Flavio Tordini |
13 | 13 | ||
14 | include allow-lua.inc | 14 | include allow-lua.inc |
15 | 15 | ||
@@ -25,11 +25,11 @@ include disable-xdg.inc | |||
25 | mkdir ${HOME}/.cache/Flavio Tordini | 25 | mkdir ${HOME}/.cache/Flavio Tordini |
26 | mkdir ${HOME}/.config/Flavio Tordini | 26 | mkdir ${HOME}/.config/Flavio Tordini |
27 | mkdir ${HOME}/.local/share/Flavio Tordini | 27 | mkdir ${HOME}/.local/share/Flavio Tordini |
28 | whitelist ${PICTURES} | 28 | allow ${PICTURES} |
29 | whitelist ${HOME}/.cache/Flavio Tordini | 29 | allow ${HOME}/.cache/Flavio Tordini |
30 | whitelist ${HOME}/.config/Flavio Tordini | 30 | allow ${HOME}/.config/Flavio Tordini |
31 | whitelist ${HOME}/.local/share/Flavio Tordini | 31 | allow ${HOME}/.local/share/Flavio Tordini |
32 | whitelist /usr/share/minitube | 32 | allow /usr/share/minitube |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile index 505009283..b2f2cc5b1 100644 --- a/etc/profile-m-z/mirage.profile +++ b/etc/profile-m-z/mirage.profile | |||
@@ -6,10 +6,10 @@ include mirage.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/mirage | 9 | nodeny ${HOME}/.cache/mirage |
10 | noblacklist ${HOME}/.config/mirage | 10 | nodeny ${HOME}/.config/mirage |
11 | noblacklist ${HOME}/.local/share/mirage | 11 | nodeny ${HOME}/.local/share/mirage |
12 | noblacklist /sbin | 12 | nodeny /sbin |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
@@ -27,10 +27,10 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/.cache/mirage | 27 | mkdir ${HOME}/.cache/mirage |
28 | mkdir ${HOME}/.config/mirage | 28 | mkdir ${HOME}/.config/mirage |
29 | mkdir ${HOME}/.local/share/mirage | 29 | mkdir ${HOME}/.local/share/mirage |
30 | whitelist ${HOME}/.cache/mirage | 30 | allow ${HOME}/.cache/mirage |
31 | whitelist ${HOME}/.config/mirage | 31 | allow ${HOME}/.config/mirage |
32 | whitelist ${HOME}/.local/share/mirage | 32 | allow ${HOME}/.local/share/mirage |
33 | whitelist ${DOWNLOADS} | 33 | allow ${DOWNLOADS} |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
36 | include whitelist-usr-share-common.inc | 36 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mirrormagic.profile b/etc/profile-m-z/mirrormagic.profile index 58dfd56f5..d5ebfd4b0 100644 --- a/etc/profile-m-z/mirrormagic.profile +++ b/etc/profile-m-z/mirrormagic.profile | |||
@@ -6,7 +6,7 @@ include mirrormagic.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.mirrormagic | 9 | nodeny ${HOME}/.mirrormagic |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.mirrormagic | 20 | mkdir ${HOME}/.mirrormagic |
21 | whitelist ${HOME}/.mirrormagic | 21 | allow ${HOME}/.mirrormagic |
22 | whitelist /usr/share/mirrormagic | 22 | allow /usr/share/mirrormagic |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/mocp.profile b/etc/profile-m-z/mocp.profile index e71ba4569..b734bd7c0 100644 --- a/etc/profile-m-z/mocp.profile +++ b/etc/profile-m-z/mocp.profile | |||
@@ -7,8 +7,8 @@ include mocp.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.moc | 10 | nodeny ${HOME}/.moc |
11 | noblacklist ${MUSIC} | 11 | nodeny ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mousepad.profile b/etc/profile-m-z/mousepad.profile index 98063fa7c..a02b29b61 100644 --- a/etc/profile-m-z/mousepad.profile +++ b/etc/profile-m-z/mousepad.profile | |||
@@ -6,7 +6,7 @@ include mousepad.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Mousepad | 9 | nodeny ${HOME}/.config/Mousepad |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mp3splt-gtk.profile b/etc/profile-m-z/mp3splt-gtk.profile index 37ce60e04..f47384753 100644 --- a/etc/profile-m-z/mp3splt-gtk.profile +++ b/etc/profile-m-z/mp3splt-gtk.profile | |||
@@ -6,7 +6,7 @@ include mp3splt-gtk.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.mp3splt-gtk | 9 | nodeny ${HOME}/.mp3splt-gtk |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mp3splt.profile b/etc/profile-m-z/mp3splt.profile index 070de8451..8a2ab15bd 100644 --- a/etc/profile-m-z/mp3splt.profile +++ b/etc/profile-m-z/mp3splt.profile | |||
@@ -6,9 +6,9 @@ include mp3splt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | 9 | deny ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | noblacklist ${MUSIC} | 11 | nodeny ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile index 55a0b5897..6994b0429 100644 --- a/etc/profile-m-z/mpDris2.profile +++ b/etc/profile-m-z/mpDris2.profile | |||
@@ -6,13 +6,13 @@ include mpDris2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mpDris2 | 9 | nodeny ${HOME}/.config/mpDris2 |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
14 | 14 | ||
15 | noblacklist ${MUSIC} | 15 | nodeny ${MUSIC} |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-programs.inc | |||
23 | include disable-shell.inc | 23 | include disable-shell.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | whitelist ${MUSIC} | 26 | allow ${MUSIC} |
27 | 27 | ||
28 | mkdir ${HOME}/.config/mpDris2 | 28 | mkdir ${HOME}/.config/mpDris2 |
29 | whitelist ${HOME}/.config/mpDris2 | 29 | allow ${HOME}/.config/mpDris2 |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
diff --git a/etc/profile-m-z/mpd.profile b/etc/profile-m-z/mpd.profile index b517d4ab2..8b3350ac8 100644 --- a/etc/profile-m-z/mpd.profile +++ b/etc/profile-m-z/mpd.profile | |||
@@ -6,10 +6,10 @@ include mpd.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mpd | 9 | nodeny ${HOME}/.config/mpd |
10 | noblacklist ${HOME}/.mpd | 10 | nodeny ${HOME}/.mpd |
11 | noblacklist ${HOME}/.mpdconf | 11 | nodeny ${HOME}/.mpdconf |
12 | noblacklist ${MUSIC} | 12 | nodeny ${MUSIC} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mpg123.profile b/etc/profile-m-z/mpg123.profile index 25187e894..03bd44daa 100644 --- a/etc/profile-m-z/mpg123.profile +++ b/etc/profile-m-z/mpg123.profile | |||
@@ -7,7 +7,7 @@ include mpg123.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${MUSIC} | 10 | nodeny ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mplayer.profile b/etc/profile-m-z/mplayer.profile index 5d023b7f1..84754aeb2 100644 --- a/etc/profile-m-z/mplayer.profile +++ b/etc/profile-m-z/mplayer.profile | |||
@@ -6,7 +6,7 @@ include mplayer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.mplayer | 9 | nodeny ${HOME}/.mplayer |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | read-only ${DESKTOP} | 18 | read-only ${DESKTOP} |
19 | mkdir ${HOME}/.mplayer | 19 | mkdir ${HOME}/.mplayer |
20 | whitelist ${HOME}/.mplayer | 20 | allow ${HOME}/.mplayer |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-player-common.inc | 22 | include whitelist-player-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mpsyt.profile b/etc/profile-m-z/mpsyt.profile index bfe57a132..d35519103 100644 --- a/etc/profile-m-z/mpsyt.profile +++ b/etc/profile-m-z/mpsyt.profile | |||
@@ -6,12 +6,12 @@ include mpsyt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mps-youtube | 9 | nodeny ${HOME}/.config/mps-youtube |
10 | noblacklist ${HOME}/.config/mpv | 10 | nodeny ${HOME}/.config/mpv |
11 | noblacklist ${HOME}/.config/youtube-dl | 11 | nodeny ${HOME}/.config/youtube-dl |
12 | noblacklist ${HOME}/.mplayer | 12 | nodeny ${HOME}/.mplayer |
13 | noblacklist ${HOME}/.netrc | 13 | nodeny ${HOME}/.netrc |
14 | noblacklist ${HOME}/mps | 14 | nodeny ${HOME}/mps |
15 | 15 | ||
16 | # Allow lua (blacklisted by disable-interpreters.inc) | 16 | # Allow lua (blacklisted by disable-interpreters.inc) |
17 | include allow-lua.inc | 17 | include allow-lua.inc |
@@ -20,8 +20,8 @@ include allow-lua.inc | |||
20 | include allow-python2.inc | 20 | include allow-python2.inc |
21 | include allow-python3.inc | 21 | include allow-python3.inc |
22 | 22 | ||
23 | noblacklist ${MUSIC} | 23 | nodeny ${MUSIC} |
24 | noblacklist ${VIDEOS} | 24 | nodeny ${VIDEOS} |
25 | 25 | ||
26 | include disable-common.inc | 26 | include disable-common.inc |
27 | include disable-devel.inc | 27 | include disable-devel.inc |
@@ -37,12 +37,12 @@ mkdir ${HOME}/.config/mpv | |||
37 | mkdir ${HOME}/.config/youtube-dl | 37 | mkdir ${HOME}/.config/youtube-dl |
38 | mkdir ${HOME}/.mplayer | 38 | mkdir ${HOME}/.mplayer |
39 | mkdir ${HOME}/mps | 39 | mkdir ${HOME}/mps |
40 | whitelist ${HOME}/.config/mps-youtube | 40 | allow ${HOME}/.config/mps-youtube |
41 | whitelist ${HOME}/.config/mpv | 41 | allow ${HOME}/.config/mpv |
42 | whitelist ${HOME}/.config/youtube-dl | 42 | allow ${HOME}/.config/youtube-dl |
43 | whitelist ${HOME}/.mplayer | 43 | allow ${HOME}/.mplayer |
44 | whitelist ${HOME}/.netrc | 44 | allow ${HOME}/.netrc |
45 | whitelist ${HOME}/mps | 45 | allow ${HOME}/mps |
46 | include whitelist-common.inc | 46 | include whitelist-common.inc |
47 | include whitelist-player-common.inc | 47 | include whitelist-player-common.inc |
48 | include whitelist-var-common.inc | 48 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/mpv.profile b/etc/profile-m-z/mpv.profile index af5c214f7..4ea2dd348 100644 --- a/etc/profile-m-z/mpv.profile +++ b/etc/profile-m-z/mpv.profile | |||
@@ -24,9 +24,9 @@ include globals.local | |||
24 | #include allow-bin-sh.inc | 24 | #include allow-bin-sh.inc |
25 | #private-bin sh | 25 | #private-bin sh |
26 | 26 | ||
27 | noblacklist ${HOME}/.config/mpv | 27 | nodeny ${HOME}/.config/mpv |
28 | noblacklist ${HOME}/.config/youtube-dl | 28 | nodeny ${HOME}/.config/youtube-dl |
29 | noblacklist ${HOME}/.netrc | 29 | nodeny ${HOME}/.netrc |
30 | 30 | ||
31 | # Allow lua (blacklisted by disable-interpreters.inc) | 31 | # Allow lua (blacklisted by disable-interpreters.inc) |
32 | include allow-lua.inc | 32 | include allow-lua.inc |
@@ -35,7 +35,7 @@ include allow-lua.inc | |||
35 | include allow-python2.inc | 35 | include allow-python2.inc |
36 | include allow-python3.inc | 36 | include allow-python3.inc |
37 | 37 | ||
38 | blacklist /usr/libexec | 38 | deny /usr/libexec |
39 | 39 | ||
40 | include disable-common.inc | 40 | include disable-common.inc |
41 | include disable-devel.inc | 41 | include disable-devel.inc |
@@ -49,14 +49,14 @@ read-only ${DESKTOP} | |||
49 | mkdir ${HOME}/.config/mpv | 49 | mkdir ${HOME}/.config/mpv |
50 | mkdir ${HOME}/.config/youtube-dl | 50 | mkdir ${HOME}/.config/youtube-dl |
51 | mkfile ${HOME}/.netrc | 51 | mkfile ${HOME}/.netrc |
52 | whitelist ${HOME}/.config/mpv | 52 | allow ${HOME}/.config/mpv |
53 | whitelist ${HOME}/.config/youtube-dl | 53 | allow ${HOME}/.config/youtube-dl |
54 | whitelist ${HOME}/.netrc | 54 | allow ${HOME}/.netrc |
55 | include whitelist-common.inc | 55 | include whitelist-common.inc |
56 | include whitelist-player-common.inc | 56 | include whitelist-player-common.inc |
57 | whitelist /usr/share/lua | 57 | allow /usr/share/lua |
58 | whitelist /usr/share/lua* | 58 | allow /usr/share/lua* |
59 | whitelist /usr/share/vulkan | 59 | allow /usr/share/vulkan |
60 | include whitelist-usr-share-common.inc | 60 | include whitelist-usr-share-common.inc |
61 | include whitelist-var-common.inc | 61 | include whitelist-var-common.inc |
62 | 62 | ||
diff --git a/etc/profile-m-z/mrrescue.profile b/etc/profile-m-z/mrrescue.profile index e3ceb3bd4..a8c49a690 100644 --- a/etc/profile-m-z/mrrescue.profile +++ b/etc/profile-m-z/mrrescue.profile | |||
@@ -6,7 +6,7 @@ include mrrescue.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/love | 9 | nodeny ${HOME}/.local/share/love |
10 | 10 | ||
11 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 11 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
12 | include allow-bin-sh.inc | 12 | include allow-bin-sh.inc |
@@ -14,7 +14,7 @@ include allow-bin-sh.inc | |||
14 | # Allow lua (blacklisted by disable-interpreters.inc) | 14 | # Allow lua (blacklisted by disable-interpreters.inc) |
15 | include allow-lua.inc | 15 | include allow-lua.inc |
16 | 16 | ||
17 | blacklist /usr/libexec | 17 | deny /usr/libexec |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
@@ -26,8 +26,8 @@ include disable-shell.inc | |||
26 | include disable-xdg.inc | 26 | include disable-xdg.inc |
27 | 27 | ||
28 | mkdir ${HOME}/.local/share/love | 28 | mkdir ${HOME}/.local/share/love |
29 | whitelist ${HOME}/.local/share/love | 29 | allow ${HOME}/.local/share/love |
30 | whitelist /usr/share/mrrescue | 30 | allow /usr/share/mrrescue |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
33 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/ms-excel.profile b/etc/profile-m-z/ms-excel.profile index db24e8f9b..5fea86ae7 100644 --- a/etc/profile-m-z/ms-excel.profile +++ b/etc/profile-m-z/ms-excel.profile | |||
@@ -6,7 +6,7 @@ include ms-excel.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/ms-excel-online | 9 | nodeny ${HOME}/.cache/ms-excel-online |
10 | private-bin ms-excel | 10 | private-bin ms-excel |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-office.profile b/etc/profile-m-z/ms-office.profile index 38fc84ecc..4033627f7 100644 --- a/etc/profile-m-z/ms-office.profile +++ b/etc/profile-m-z/ms-office.profile | |||
@@ -5,8 +5,8 @@ include ms-office.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/ms-office-online | 8 | nodeny ${HOME}/.cache/ms-office-online |
9 | noblacklist ${HOME}/.jak | 9 | nodeny ${HOME}/.jak |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
diff --git a/etc/profile-m-z/ms-onenote.profile b/etc/profile-m-z/ms-onenote.profile index 9ea0637bd..805de5102 100644 --- a/etc/profile-m-z/ms-onenote.profile +++ b/etc/profile-m-z/ms-onenote.profile | |||
@@ -6,7 +6,7 @@ include ms-onenote.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/ms-onenote-online | 9 | nodeny ${HOME}/.cache/ms-onenote-online |
10 | private-bin ms-onenote | 10 | private-bin ms-onenote |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-outlook.profile b/etc/profile-m-z/ms-outlook.profile index fc3e7c009..bd14fb7d3 100644 --- a/etc/profile-m-z/ms-outlook.profile +++ b/etc/profile-m-z/ms-outlook.profile | |||
@@ -6,7 +6,7 @@ include ms-outlook.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/ms-outlook-online | 9 | nodeny ${HOME}/.cache/ms-outlook-online |
10 | private-bin ms-outlook | 10 | private-bin ms-outlook |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-powerpoint.profile b/etc/profile-m-z/ms-powerpoint.profile index dadcd5b1e..02a7424e2 100644 --- a/etc/profile-m-z/ms-powerpoint.profile +++ b/etc/profile-m-z/ms-powerpoint.profile | |||
@@ -6,7 +6,7 @@ include ms-powerpoint.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/ms-powerpoint-online | 9 | nodeny ${HOME}/.cache/ms-powerpoint-online |
10 | private-bin ms-powerpoint | 10 | private-bin ms-powerpoint |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/ms-skype.profile b/etc/profile-m-z/ms-skype.profile index df1618361..01729f9a2 100644 --- a/etc/profile-m-z/ms-skype.profile +++ b/etc/profile-m-z/ms-skype.profile | |||
@@ -8,7 +8,7 @@ include ms-skype.local | |||
8 | 8 | ||
9 | ignore novideo | 9 | ignore novideo |
10 | 10 | ||
11 | noblacklist ${HOME}/.cache/ms-skype-online | 11 | nodeny ${HOME}/.cache/ms-skype-online |
12 | 12 | ||
13 | private-bin ms-skype | 13 | private-bin ms-skype |
14 | 14 | ||
diff --git a/etc/profile-m-z/ms-word.profile b/etc/profile-m-z/ms-word.profile index 5a617a893..34cf02128 100644 --- a/etc/profile-m-z/ms-word.profile +++ b/etc/profile-m-z/ms-word.profile | |||
@@ -6,7 +6,7 @@ include ms-word.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/ms-word-online | 9 | nodeny ${HOME}/.cache/ms-word-online |
10 | private-bin ms-word | 10 | private-bin ms-word |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
diff --git a/etc/profile-m-z/mtpaint.profile b/etc/profile-m-z/mtpaint.profile index 85c3ee9f2..ec7cd5d04 100644 --- a/etc/profile-m-z/mtpaint.profile +++ b/etc/profile-m-z/mtpaint.profile | |||
@@ -6,7 +6,7 @@ include mtpaint.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${PICTURES} | 9 | nodeny ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/multimc5.profile b/etc/profile-m-z/multimc5.profile index 6df681df1..447e7753f 100644 --- a/etc/profile-m-z/multimc5.profile +++ b/etc/profile-m-z/multimc5.profile | |||
@@ -5,9 +5,9 @@ include multimc5.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.local/share/multimc | 8 | nodeny ${HOME}/.local/share/multimc |
9 | noblacklist ${HOME}/.local/share/multimc5 | 9 | nodeny ${HOME}/.local/share/multimc5 |
10 | noblacklist ${HOME}/.multimc5 | 10 | nodeny ${HOME}/.multimc5 |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
@@ -22,9 +22,9 @@ include disable-programs.inc | |||
22 | mkdir ${HOME}/.local/share/multimc | 22 | mkdir ${HOME}/.local/share/multimc |
23 | mkdir ${HOME}/.local/share/multimc5 | 23 | mkdir ${HOME}/.local/share/multimc5 |
24 | mkdir ${HOME}/.multimc5 | 24 | mkdir ${HOME}/.multimc5 |
25 | whitelist ${HOME}/.local/share/multimc | 25 | allow ${HOME}/.local/share/multimc |
26 | whitelist ${HOME}/.local/share/multimc5 | 26 | allow ${HOME}/.local/share/multimc5 |
27 | whitelist ${HOME}/.multimc5 | 27 | allow ${HOME}/.multimc5 |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | 29 | ||
30 | caps.drop all | 30 | caps.drop all |
diff --git a/etc/profile-m-z/mumble.profile b/etc/profile-m-z/mumble.profile index c7f59c5ee..1d72e07b8 100644 --- a/etc/profile-m-z/mumble.profile +++ b/etc/profile-m-z/mumble.profile | |||
@@ -6,9 +6,9 @@ include mumble.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Mumble | 9 | nodeny ${HOME}/.config/Mumble |
10 | noblacklist ${HOME}/.local/share/data/Mumble | 10 | nodeny ${HOME}/.local/share/data/Mumble |
11 | noblacklist ${HOME}/.local/share/Mumble | 11 | nodeny ${HOME}/.local/share/Mumble |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,9 +21,9 @@ include disable-shell.inc | |||
21 | mkdir ${HOME}/.config/Mumble | 21 | mkdir ${HOME}/.config/Mumble |
22 | mkdir ${HOME}/.local/share/data/Mumble | 22 | mkdir ${HOME}/.local/share/data/Mumble |
23 | mkdir ${HOME}/.local/share/Mumble | 23 | mkdir ${HOME}/.local/share/Mumble |
24 | whitelist ${HOME}/.config/Mumble | 24 | allow ${HOME}/.config/Mumble |
25 | whitelist ${HOME}/.local/share/data/Mumble | 25 | allow ${HOME}/.local/share/data/Mumble |
26 | whitelist ${HOME}/.local/share/Mumble | 26 | allow ${HOME}/.local/share/Mumble |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/mupdf-gl.profile b/etc/profile-m-z/mupdf-gl.profile index be94a9083..c208a5e54 100644 --- a/etc/profile-m-z/mupdf-gl.profile +++ b/etc/profile-m-z/mupdf-gl.profile | |||
@@ -7,7 +7,7 @@ include mupdf-gl.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.mupdf.history | 10 | nodeny ${HOME}/.mupdf.history |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
13 | include mupdf.profile | 13 | include mupdf.profile |
diff --git a/etc/profile-m-z/mupdf.profile b/etc/profile-m-z/mupdf.profile index 9e4609c48..e602b1429 100644 --- a/etc/profile-m-z/mupdf.profile +++ b/etc/profile-m-z/mupdf.profile | |||
@@ -6,7 +6,7 @@ include mupdf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mupen64plus.profile b/etc/profile-m-z/mupen64plus.profile index 00983a8f3..ecc7e2957 100644 --- a/etc/profile-m-z/mupen64plus.profile +++ b/etc/profile-m-z/mupen64plus.profile | |||
@@ -6,8 +6,8 @@ include mupen64plus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/mupen64plus | 9 | nodeny ${HOME}/.config/mupen64plus |
10 | noblacklist ${HOME}/.local/share/mupen64plus | 10 | nodeny ${HOME}/.local/share/mupen64plus |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | # you'll need to manually whitelist ROM files | 18 | # you'll need to manually whitelist ROM files |
19 | mkdir ${HOME}/.config/mupen64plus | 19 | mkdir ${HOME}/.config/mupen64plus |
20 | mkdir ${HOME}/.local/share/mupen64plus | 20 | mkdir ${HOME}/.local/share/mupen64plus |
21 | whitelist ${HOME}/.config/mupen64plus | 21 | allow ${HOME}/.config/mupen64plus |
22 | whitelist ${HOME}/.local/share/mupen64plus | 22 | allow ${HOME}/.local/share/mupen64plus |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | 24 | ||
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-m-z/musescore.profile b/etc/profile-m-z/musescore.profile index 679e82ae8..aa141f9c0 100644 --- a/etc/profile-m-z/musescore.profile +++ b/etc/profile-m-z/musescore.profile | |||
@@ -6,12 +6,12 @@ include musescore.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/MusE | 9 | nodeny ${HOME}/.config/MusE |
10 | noblacklist ${HOME}/.config/MuseScore | 10 | nodeny ${HOME}/.config/MuseScore |
11 | noblacklist ${HOME}/.local/share/data/MusE | 11 | nodeny ${HOME}/.local/share/data/MusE |
12 | noblacklist ${HOME}/.local/share/data/MuseScore | 12 | nodeny ${HOME}/.local/share/data/MuseScore |
13 | noblacklist ${DOCUMENTS} | 13 | nodeny ${DOCUMENTS} |
14 | noblacklist ${MUSIC} | 14 | nodeny ${MUSIC} |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-m-z/musictube.profile b/etc/profile-m-z/musictube.profile index 04500ac6a..5ab1303a2 100644 --- a/etc/profile-m-z/musictube.profile +++ b/etc/profile-m-z/musictube.profile | |||
@@ -6,9 +6,9 @@ include musictube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/Flavio Tordini | 9 | nodeny ${HOME}/.cache/Flavio Tordini |
10 | noblacklist ${HOME}/.config/Flavio Tordini | 10 | nodeny ${HOME}/.config/Flavio Tordini |
11 | noblacklist ${HOME}/.local/share/Flavio Tordini | 11 | nodeny ${HOME}/.local/share/Flavio Tordini |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,10 +22,10 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/Flavio Tordini | 22 | mkdir ${HOME}/.cache/Flavio Tordini |
23 | mkdir ${HOME}/.config/Flavio Tordini | 23 | mkdir ${HOME}/.config/Flavio Tordini |
24 | mkdir ${HOME}/.local/share/Flavio Tordini | 24 | mkdir ${HOME}/.local/share/Flavio Tordini |
25 | whitelist ${HOME}/.cache/Flavio Tordini | 25 | allow ${HOME}/.cache/Flavio Tordini |
26 | whitelist ${HOME}/.config/Flavio Tordini | 26 | allow ${HOME}/.config/Flavio Tordini |
27 | whitelist ${HOME}/.local/share/Flavio Tordini | 27 | allow ${HOME}/.local/share/Flavio Tordini |
28 | whitelist /usr/share/musictube | 28 | allow /usr/share/musictube |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/musixmatch.profile b/etc/profile-m-z/musixmatch.profile index 74b3e9a5f..9390f9dcf 100644 --- a/etc/profile-m-z/musixmatch.profile +++ b/etc/profile-m-z/musixmatch.profile | |||
@@ -5,7 +5,7 @@ include musixmatch.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${MUSIC} | 8 | nodeny ${MUSIC} |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index debf81659..91606bdfa 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile | |||
@@ -7,36 +7,36 @@ include mutt.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist /var/mail | 10 | nodeny /var/mail |
11 | noblacklist /var/spool/mail | 11 | nodeny /var/spool/mail |
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | noblacklist ${HOME}/.Mail | 13 | nodeny ${HOME}/.Mail |
14 | noblacklist ${HOME}/.bogofilter | 14 | nodeny ${HOME}/.bogofilter |
15 | noblacklist ${HOME}/.cache/mutt | 15 | nodeny ${HOME}/.cache/mutt |
16 | noblacklist ${HOME}/.config/mutt | 16 | nodeny ${HOME}/.config/mutt |
17 | noblacklist ${HOME}/.config/nano | 17 | nodeny ${HOME}/.config/nano |
18 | noblacklist ${HOME}/.elinks | 18 | nodeny ${HOME}/.elinks |
19 | noblacklist ${HOME}/.emacs | 19 | nodeny ${HOME}/.emacs |
20 | noblacklist ${HOME}/.emacs.d | 20 | nodeny ${HOME}/.emacs.d |
21 | noblacklist ${HOME}/.gnupg | 21 | nodeny ${HOME}/.gnupg |
22 | noblacklist ${HOME}/.mail | 22 | nodeny ${HOME}/.mail |
23 | noblacklist ${HOME}/.mailcap | 23 | nodeny ${HOME}/.mailcap |
24 | noblacklist ${HOME}/.msmtprc | 24 | nodeny ${HOME}/.msmtprc |
25 | noblacklist ${HOME}/.mutt | 25 | nodeny ${HOME}/.mutt |
26 | noblacklist ${HOME}/.muttrc | 26 | nodeny ${HOME}/.muttrc |
27 | noblacklist ${HOME}/.nanorc | 27 | nodeny ${HOME}/.nanorc |
28 | noblacklist ${HOME}/.signature | 28 | nodeny ${HOME}/.signature |
29 | noblacklist ${HOME}/.vim | 29 | nodeny ${HOME}/.vim |
30 | noblacklist ${HOME}/.viminfo | 30 | nodeny ${HOME}/.viminfo |
31 | noblacklist ${HOME}/.vimrc | 31 | nodeny ${HOME}/.vimrc |
32 | noblacklist ${HOME}/.w3m | 32 | nodeny ${HOME}/.w3m |
33 | noblacklist ${HOME}/Mail | 33 | nodeny ${HOME}/Mail |
34 | noblacklist ${HOME}/mail | 34 | nodeny ${HOME}/mail |
35 | noblacklist ${HOME}/postponed | 35 | nodeny ${HOME}/postponed |
36 | noblacklist ${HOME}/sent | 36 | nodeny ${HOME}/sent |
37 | 37 | ||
38 | blacklist /tmp/.X11-unix | 38 | deny /tmp/.X11-unix |
39 | blacklist ${RUNUSER}/wayland-* | 39 | deny ${RUNUSER}/wayland-* |
40 | 40 | ||
41 | # Add the next lines to your mutt.local for oauth.py,S/MIME support. | 41 | # Add the next lines to your mutt.local for oauth.py,S/MIME support. |
42 | #include allow-perl.inc | 42 | #include allow-perl.inc |
@@ -75,37 +75,37 @@ mkfile ${HOME}/.nanorc | |||
75 | mkfile ${HOME}/.signature | 75 | mkfile ${HOME}/.signature |
76 | mkfile ${HOME}/.viminfo | 76 | mkfile ${HOME}/.viminfo |
77 | mkfile ${HOME}/.vimrc | 77 | mkfile ${HOME}/.vimrc |
78 | whitelist ${DOCUMENTS} | 78 | allow ${DOCUMENTS} |
79 | whitelist ${DOWNLOADS} | 79 | allow ${DOWNLOADS} |
80 | whitelist ${HOME}/.Mail | 80 | allow ${HOME}/.Mail |
81 | whitelist ${HOME}/.bogofilter | 81 | allow ${HOME}/.bogofilter |
82 | whitelist ${HOME}/.cache/mutt | 82 | allow ${HOME}/.cache/mutt |
83 | whitelist ${HOME}/.config/mutt | 83 | allow ${HOME}/.config/mutt |
84 | whitelist ${HOME}/.config/nano | 84 | allow ${HOME}/.config/nano |
85 | whitelist ${HOME}/.elinks | 85 | allow ${HOME}/.elinks |
86 | whitelist ${HOME}/.emacs | 86 | allow ${HOME}/.emacs |
87 | whitelist ${HOME}/.emacs.d | 87 | allow ${HOME}/.emacs.d |
88 | whitelist ${HOME}/.gnupg | 88 | allow ${HOME}/.gnupg |
89 | whitelist ${HOME}/.mail | 89 | allow ${HOME}/.mail |
90 | whitelist ${HOME}/.mailcap | 90 | allow ${HOME}/.mailcap |
91 | whitelist ${HOME}/.msmtprc | 91 | allow ${HOME}/.msmtprc |
92 | whitelist ${HOME}/.mutt | 92 | allow ${HOME}/.mutt |
93 | whitelist ${HOME}/.muttrc | 93 | allow ${HOME}/.muttrc |
94 | whitelist ${HOME}/.nanorc | 94 | allow ${HOME}/.nanorc |
95 | whitelist ${HOME}/.signature | 95 | allow ${HOME}/.signature |
96 | whitelist ${HOME}/.vim | 96 | allow ${HOME}/.vim |
97 | whitelist ${HOME}/.viminfo | 97 | allow ${HOME}/.viminfo |
98 | whitelist ${HOME}/.vimrc | 98 | allow ${HOME}/.vimrc |
99 | whitelist ${HOME}/.w3m | 99 | allow ${HOME}/.w3m |
100 | whitelist ${HOME}/Mail | 100 | allow ${HOME}/Mail |
101 | whitelist ${HOME}/mail | 101 | allow ${HOME}/mail |
102 | whitelist ${HOME}/postponed | 102 | allow ${HOME}/postponed |
103 | whitelist ${HOME}/sent | 103 | allow ${HOME}/sent |
104 | whitelist /usr/share/gnupg | 104 | allow /usr/share/gnupg |
105 | whitelist /usr/share/gnupg2 | 105 | allow /usr/share/gnupg2 |
106 | whitelist /usr/share/mutt | 106 | allow /usr/share/mutt |
107 | whitelist /var/mail | 107 | allow /var/mail |
108 | whitelist /var/spool/mail | 108 | allow /var/spool/mail |
109 | include whitelist-common.inc | 109 | include whitelist-common.inc |
110 | include whitelist-runuser-common.inc | 110 | include whitelist-runuser-common.inc |
111 | include whitelist-usr-share-common.inc | 111 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/mypaint.profile b/etc/profile-m-z/mypaint.profile index d8d487fe7..19af47498 100644 --- a/etc/profile-m-z/mypaint.profile +++ b/etc/profile-m-z/mypaint.profile | |||
@@ -6,10 +6,10 @@ include mypaint.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/mypaint | 9 | nodeny ${HOME}/.cache/mypaint |
10 | noblacklist ${HOME}/.config/mypaint | 10 | nodeny ${HOME}/.config/mypaint |
11 | noblacklist ${HOME}/.local/share/mypaint | 11 | nodeny ${HOME}/.local/share/mypaint |
12 | noblacklist ${PICTURES} | 12 | nodeny ${PICTURES} |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
diff --git a/etc/profile-m-z/nano.profile b/etc/profile-m-z/nano.profile index 4698c2287..f0553bed5 100644 --- a/etc/profile-m-z/nano.profile +++ b/etc/profile-m-z/nano.profile | |||
@@ -7,10 +7,10 @@ include nano.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | noblacklist ${HOME}/.config/nano | 12 | nodeny ${HOME}/.config/nano |
13 | noblacklist ${HOME}/.nanorc | 13 | nodeny ${HOME}/.nanorc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist /usr/share/nano | 22 | allow /usr/share/nano |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | 24 | ||
25 | apparmor | 25 | apparmor |
diff --git a/etc/profile-m-z/natron.profile b/etc/profile-m-z/natron.profile index 5bf152f84..35d152748 100644 --- a/etc/profile-m-z/natron.profile +++ b/etc/profile-m-z/natron.profile | |||
@@ -5,9 +5,9 @@ include natron.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.Natron | 8 | nodeny ${HOME}/.Natron |
9 | noblacklist ${HOME}/.cache/INRIA/Natron | 9 | nodeny ${HOME}/.cache/INRIA/Natron |
10 | noblacklist ${HOME}/.config/INRIA | 10 | nodeny ${HOME}/.config/INRIA |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/ncdu.profile b/etc/profile-m-z/ncdu.profile index 063e30366..38646dc90 100644 --- a/etc/profile-m-z/ncdu.profile +++ b/etc/profile-m-z/ncdu.profile | |||
@@ -6,7 +6,7 @@ include ncdu.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | 9 | deny ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | include disable-exec.inc | 11 | include disable-exec.inc |
12 | 12 | ||
diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 9f00448c8..ceb885908 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile | |||
@@ -6,12 +6,12 @@ include neochat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/KDE/neochat | 9 | nodeny ${HOME}/.cache/KDE/neochat |
10 | noblacklist ${HOME}/.config/KDE | 10 | nodeny ${HOME}/.config/KDE |
11 | noblacklist ${HOME}/.config/KDE/neochat | 11 | nodeny ${HOME}/.config/KDE/neochat |
12 | noblacklist ${HOME}/.config/neochatrc | 12 | nodeny ${HOME}/.config/neochatrc |
13 | noblacklist ${HOME}/.config/neochat.notifyrc | 13 | nodeny ${HOME}/.config/neochat.notifyrc |
14 | noblacklist ${HOME}/.local/share/KDE/neochat | 14 | nodeny ${HOME}/.local/share/KDE/neochat |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -24,9 +24,9 @@ include disable-xdg.inc | |||
24 | 24 | ||
25 | mkdir ${HOME}/.cache/KDE/neochat | 25 | mkdir ${HOME}/.cache/KDE/neochat |
26 | mkdir ${HOME}/.local/share/KDE/neochat | 26 | mkdir ${HOME}/.local/share/KDE/neochat |
27 | whitelist ${HOME}/.cache/KDE/neochat | 27 | allow ${HOME}/.cache/KDE/neochat |
28 | whitelist ${HOME}/.local/share/KDE/neochat | 28 | allow ${HOME}/.local/share/KDE/neochat |
29 | whitelist ${DOWNLOADS} | 29 | allow ${DOWNLOADS} |
30 | include whitelist-1793-workaround.inc | 30 | include whitelist-1793-workaround.inc |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index fafa129e4..939d6f111 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile | |||
@@ -7,38 +7,38 @@ include neomutt.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${DOCUMENTS} | 10 | nodeny ${DOCUMENTS} |
11 | noblacklist ${HOME}/.Mail | 11 | nodeny ${HOME}/.Mail |
12 | noblacklist ${HOME}/.bogofilter | 12 | nodeny ${HOME}/.bogofilter |
13 | noblacklist ${HOME}/.config/mutt | 13 | nodeny ${HOME}/.config/mutt |
14 | noblacklist ${HOME}/.config/nano | 14 | nodeny ${HOME}/.config/nano |
15 | noblacklist ${HOME}/.config/neomutt | 15 | nodeny ${HOME}/.config/neomutt |
16 | noblacklist ${HOME}/.elinks | 16 | nodeny ${HOME}/.elinks |
17 | noblacklist ${HOME}/.emacs | 17 | nodeny ${HOME}/.emacs |
18 | noblacklist ${HOME}/.emacs.d | 18 | nodeny ${HOME}/.emacs.d |
19 | noblacklist ${HOME}/.gnupg | 19 | nodeny ${HOME}/.gnupg |
20 | noblacklist ${HOME}/.mail | 20 | nodeny ${HOME}/.mail |
21 | noblacklist ${HOME}/.mailcap | 21 | nodeny ${HOME}/.mailcap |
22 | noblacklist ${HOME}/.msmtprc | 22 | nodeny ${HOME}/.msmtprc |
23 | noblacklist ${HOME}/.mutt | 23 | nodeny ${HOME}/.mutt |
24 | noblacklist ${HOME}/.muttrc | 24 | nodeny ${HOME}/.muttrc |
25 | noblacklist ${HOME}/.nanorc | 25 | nodeny ${HOME}/.nanorc |
26 | noblacklist ${HOME}/.neomutt | 26 | nodeny ${HOME}/.neomutt |
27 | noblacklist ${HOME}/.neomuttrc | 27 | nodeny ${HOME}/.neomuttrc |
28 | noblacklist ${HOME}/.signature | 28 | nodeny ${HOME}/.signature |
29 | noblacklist ${HOME}/.vim | 29 | nodeny ${HOME}/.vim |
30 | noblacklist ${HOME}/.viminfo | 30 | nodeny ${HOME}/.viminfo |
31 | noblacklist ${HOME}/.vimrc | 31 | nodeny ${HOME}/.vimrc |
32 | noblacklist ${HOME}/.w3m | 32 | nodeny ${HOME}/.w3m |
33 | noblacklist ${HOME}/Mail | 33 | nodeny ${HOME}/Mail |
34 | noblacklist ${HOME}/mail | 34 | nodeny ${HOME}/mail |
35 | noblacklist ${HOME}/postponed | 35 | nodeny ${HOME}/postponed |
36 | noblacklist ${HOME}/sent | 36 | nodeny ${HOME}/sent |
37 | noblacklist /var/mail | 37 | nodeny /var/mail |
38 | noblacklist /var/spool/mail | 38 | nodeny /var/spool/mail |
39 | 39 | ||
40 | blacklist /tmp/.X11-unix | 40 | deny /tmp/.X11-unix |
41 | blacklist ${RUNUSER}/wayland-* | 41 | deny ${RUNUSER}/wayland-* |
42 | 42 | ||
43 | include allow-lua.inc | 43 | include allow-lua.inc |
44 | 44 | ||
@@ -76,39 +76,39 @@ mkfile ${HOME}/.neomuttrc | |||
76 | mkfile ${HOME}/.signature | 76 | mkfile ${HOME}/.signature |
77 | mkfile ${HOME}/.viminfo | 77 | mkfile ${HOME}/.viminfo |
78 | mkfile ${HOME}/.vimrc | 78 | mkfile ${HOME}/.vimrc |
79 | whitelist ${DOCUMENTS} | 79 | allow ${DOCUMENTS} |
80 | whitelist ${DOWNLOADS} | 80 | allow ${DOWNLOADS} |
81 | whitelist ${HOME}/.Mail | 81 | allow ${HOME}/.Mail |
82 | whitelist ${HOME}/.bogofilter | 82 | allow ${HOME}/.bogofilter |
83 | whitelist ${HOME}/.config/mutt | 83 | allow ${HOME}/.config/mutt |
84 | whitelist ${HOME}/.config/nano | 84 | allow ${HOME}/.config/nano |
85 | whitelist ${HOME}/.config/neomutt | 85 | allow ${HOME}/.config/neomutt |
86 | whitelist ${HOME}/.elinks | 86 | allow ${HOME}/.elinks |
87 | whitelist ${HOME}/.emacs | 87 | allow ${HOME}/.emacs |
88 | whitelist ${HOME}/.emacs.d | 88 | allow ${HOME}/.emacs.d |
89 | whitelist ${HOME}/.gnupg | 89 | allow ${HOME}/.gnupg |
90 | whitelist ${HOME}/.mail | 90 | allow ${HOME}/.mail |
91 | whitelist ${HOME}/.mailcap | 91 | allow ${HOME}/.mailcap |
92 | whitelist ${HOME}/.msmtprc | 92 | allow ${HOME}/.msmtprc |
93 | whitelist ${HOME}/.mutt | 93 | allow ${HOME}/.mutt |
94 | whitelist ${HOME}/.muttrc | 94 | allow ${HOME}/.muttrc |
95 | whitelist ${HOME}/.nanorc | 95 | allow ${HOME}/.nanorc |
96 | whitelist ${HOME}/.neomutt | 96 | allow ${HOME}/.neomutt |
97 | whitelist ${HOME}/.neomuttrc | 97 | allow ${HOME}/.neomuttrc |
98 | whitelist ${HOME}/.signature | 98 | allow ${HOME}/.signature |
99 | whitelist ${HOME}/.vim | 99 | allow ${HOME}/.vim |
100 | whitelist ${HOME}/.viminfo | 100 | allow ${HOME}/.viminfo |
101 | whitelist ${HOME}/.vimrc | 101 | allow ${HOME}/.vimrc |
102 | whitelist ${HOME}/.w3m | 102 | allow ${HOME}/.w3m |
103 | whitelist ${HOME}/Mail | 103 | allow ${HOME}/Mail |
104 | whitelist ${HOME}/mail | 104 | allow ${HOME}/mail |
105 | whitelist ${HOME}/postponed | 105 | allow ${HOME}/postponed |
106 | whitelist ${HOME}/sent | 106 | allow ${HOME}/sent |
107 | whitelist /usr/share/gnupg | 107 | allow /usr/share/gnupg |
108 | whitelist /usr/share/gnupg2 | 108 | allow /usr/share/gnupg2 |
109 | whitelist /usr/share/neomutt | 109 | allow /usr/share/neomutt |
110 | whitelist /var/mail | 110 | allow /var/mail |
111 | whitelist /var/spool/mail | 111 | allow /var/spool/mail |
112 | include whitelist-common.inc | 112 | include whitelist-common.inc |
113 | include whitelist-runuser-common.inc | 113 | include whitelist-runuser-common.inc |
114 | include whitelist-usr-share-common.inc | 114 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile index 5d45dd7bc..68297c110 100644 --- a/etc/profile-m-z/netactview.profile +++ b/etc/profile-m-z/netactview.profile | |||
@@ -6,7 +6,7 @@ include netactview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.netactview | 9 | nodeny ${HOME}/.netactview |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/.netactview | 20 | mkfile ${HOME}/.netactview |
21 | whitelist ${HOME}/.netactview | 21 | allow ${HOME}/.netactview |
22 | whitelist /usr/share/netactview | 22 | allow /usr/share/netactview |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/nethack-vultures.profile b/etc/profile-m-z/nethack-vultures.profile index c9a537370..d5bf8a52a 100644 --- a/etc/profile-m-z/nethack-vultures.profile +++ b/etc/profile-m-z/nethack-vultures.profile | |||
@@ -6,7 +6,7 @@ include nethack.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.vultures | 9 | nodeny ${HOME}/.vultures |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.vultures | 18 | mkdir ${HOME}/.vultures |
19 | whitelist ${HOME}/.vultures | 19 | allow ${HOME}/.vultures |
20 | whitelist /var/log/vultures | 20 | allow /var/log/vultures |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/nethack.profile b/etc/profile-m-z/nethack.profile index b57abe260..23b57bb52 100644 --- a/etc/profile-m-z/nethack.profile +++ b/etc/profile-m-z/nethack.profile | |||
@@ -6,7 +6,7 @@ include nethack.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /var/games/nethack | 9 | nodeny /var/games/nethack |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -15,7 +15,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | whitelist /var/games/nethack | 18 | allow /var/games/nethack |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/netsurf.profile b/etc/profile-m-z/netsurf.profile index 0ddb7bbbe..b099d6f0c 100644 --- a/etc/profile-m-z/netsurf.profile +++ b/etc/profile-m-z/netsurf.profile | |||
@@ -6,8 +6,8 @@ include netsurf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/netsurf | 9 | nodeny ${HOME}/.cache/netsurf |
10 | noblacklist ${HOME}/.config/netsurf | 10 | nodeny ${HOME}/.config/netsurf |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-programs.inc | |||
16 | 16 | ||
17 | mkdir ${HOME}/.cache/netsurf | 17 | mkdir ${HOME}/.cache/netsurf |
18 | mkdir ${HOME}/.config/netsurf | 18 | mkdir ${HOME}/.config/netsurf |
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | whitelist ${HOME}/.cache/netsurf | 20 | allow ${HOME}/.cache/netsurf |
21 | whitelist ${HOME}/.config/netsurf | 21 | allow ${HOME}/.config/netsurf |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/neverball.profile b/etc/profile-m-z/neverball.profile index ecfbb14e4..dad90a66c 100644 --- a/etc/profile-m-z/neverball.profile +++ b/etc/profile-m-z/neverball.profile | |||
@@ -6,7 +6,7 @@ include neverball.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.neverball | 9 | nodeny ${HOME}/.neverball |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.neverball | 20 | mkdir ${HOME}/.neverball |
21 | whitelist ${HOME}/.neverball | 21 | allow ${HOME}/.neverball |
22 | whitelist /usr/share/neverball | 22 | allow /usr/share/neverball |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/newsbeuter.profile b/etc/profile-m-z/newsbeuter.profile index 6efb19502..c26ba4be0 100644 --- a/etc/profile-m-z/newsbeuter.profile +++ b/etc/profile-m-z/newsbeuter.profile | |||
@@ -11,15 +11,15 @@ ignore include newsboat.local | |||
11 | ignore mkdir ${HOME}/.config/newsboat | 11 | ignore mkdir ${HOME}/.config/newsboat |
12 | ignore mkdir ${HOME}/.local/share/newsboat | 12 | ignore mkdir ${HOME}/.local/share/newsboat |
13 | ignore mkdir ${HOME}/.newsboat | 13 | ignore mkdir ${HOME}/.newsboat |
14 | blacklist ${PATH}/newsboat | 14 | deny ${PATH}/newsboat |
15 | 15 | ||
16 | blacklist ${HOME}/.config/newsboat | 16 | deny ${HOME}/.config/newsboat |
17 | blacklist ${HOME}/.local/share/newsboat | 17 | deny ${HOME}/.local/share/newsboat |
18 | blacklist ${HOME}/.newsboat | 18 | deny ${HOME}/.newsboat |
19 | 19 | ||
20 | nowhitelist ${HOME}/.config/newsboat | 20 | noallow ${HOME}/.config/newsboat |
21 | nowhitelist ${HOME}/.local/share/newsboat | 21 | noallow ${HOME}/.local/share/newsboat |
22 | nowhitelist ${HOME}/.newsboat | 22 | noallow ${HOME}/.newsboat |
23 | 23 | ||
24 | mkdir ${HOME}/.config/newsbeuter | 24 | mkdir ${HOME}/.config/newsbeuter |
25 | mkdir ${HOME}/.local/share/newsbeuter | 25 | mkdir ${HOME}/.local/share/newsbeuter |
diff --git a/etc/profile-m-z/newsboat.profile b/etc/profile-m-z/newsboat.profile index 13bc3a615..e34752b55 100644 --- a/etc/profile-m-z/newsboat.profile +++ b/etc/profile-m-z/newsboat.profile | |||
@@ -6,12 +6,12 @@ include newsboat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/newsbeuter | 9 | nodeny ${HOME}/.config/newsbeuter |
10 | noblacklist ${HOME}/.config/newsboat | 10 | nodeny ${HOME}/.config/newsboat |
11 | noblacklist ${HOME}/.local/share/newsbeuter | 11 | nodeny ${HOME}/.local/share/newsbeuter |
12 | noblacklist ${HOME}/.local/share/newsboat | 12 | nodeny ${HOME}/.local/share/newsboat |
13 | noblacklist ${HOME}/.newsbeuter | 13 | nodeny ${HOME}/.newsbeuter |
14 | noblacklist ${HOME}/.newsboat | 14 | nodeny ${HOME}/.newsboat |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -24,12 +24,12 @@ include disable-xdg.inc | |||
24 | mkdir ${HOME}/.config/newsboat | 24 | mkdir ${HOME}/.config/newsboat |
25 | mkdir ${HOME}/.local/share/newsboat | 25 | mkdir ${HOME}/.local/share/newsboat |
26 | mkdir ${HOME}/.newsboat | 26 | mkdir ${HOME}/.newsboat |
27 | whitelist ${HOME}/.config/newsbeuter | 27 | allow ${HOME}/.config/newsbeuter |
28 | whitelist ${HOME}/.config/newsboat | 28 | allow ${HOME}/.config/newsboat |
29 | whitelist ${HOME}/.local/share/newsbeuter | 29 | allow ${HOME}/.local/share/newsbeuter |
30 | whitelist ${HOME}/.local/share/newsboat | 30 | allow ${HOME}/.local/share/newsboat |
31 | whitelist ${HOME}/.newsbeuter | 31 | allow ${HOME}/.newsbeuter |
32 | whitelist ${HOME}/.newsboat | 32 | allow ${HOME}/.newsboat |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-runuser-common.inc | 34 | include whitelist-runuser-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/newsflash.profile b/etc/profile-m-z/newsflash.profile index 18d8c6ed4..273628ea2 100644 --- a/etc/profile-m-z/newsflash.profile +++ b/etc/profile-m-z/newsflash.profile | |||
@@ -6,9 +6,9 @@ include newsflash.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/NewsFlashGTK | 9 | nodeny ${HOME}/.cache/NewsFlashGTK |
10 | noblacklist ${HOME}/.config/news-flash | 10 | nodeny ${HOME}/.config/news-flash |
11 | noblacklist ${HOME}/.local/share/news-flash | 11 | nodeny ${HOME}/.local/share/news-flash |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/NewsFlashGTK | 22 | mkdir ${HOME}/.cache/NewsFlashGTK |
23 | mkdir ${HOME}/.config/news-flash | 23 | mkdir ${HOME}/.config/news-flash |
24 | mkdir ${HOME}/.local/share/news-flash | 24 | mkdir ${HOME}/.local/share/news-flash |
25 | whitelist ${HOME}/.cache/NewsFlashGTK | 25 | allow ${HOME}/.cache/NewsFlashGTK |
26 | whitelist ${HOME}/.config/news-flash | 26 | allow ${HOME}/.config/news-flash |
27 | whitelist ${HOME}/.local/share/news-flash | 27 | allow ${HOME}/.local/share/news-flash |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile index 9fd76fbe7..7ba46691d 100644 --- a/etc/profile-m-z/nextcloud.profile +++ b/etc/profile-m-z/nextcloud.profile | |||
@@ -6,9 +6,9 @@ include nextcloud.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/Nextcloud | 9 | nodeny ${HOME}/Nextcloud |
10 | noblacklist ${HOME}/.config/Nextcloud | 10 | nodeny ${HOME}/.config/Nextcloud |
11 | noblacklist ${HOME}/.local/share/Nextcloud | 11 | nodeny ${HOME}/.local/share/Nextcloud |
12 | # Add the next lines to your nextcloud.local to allow sync in more directories. | 12 | # Add the next lines to your nextcloud.local to allow sync in more directories. |
13 | #noblacklist ${DOCUMENTS} | 13 | #noblacklist ${DOCUMENTS} |
14 | #noblacklist ${MUSIC} | 14 | #noblacklist ${MUSIC} |
@@ -27,9 +27,9 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/Nextcloud | 27 | mkdir ${HOME}/Nextcloud |
28 | mkdir ${HOME}/.config/Nextcloud | 28 | mkdir ${HOME}/.config/Nextcloud |
29 | mkdir ${HOME}/.local/share/Nextcloud | 29 | mkdir ${HOME}/.local/share/Nextcloud |
30 | whitelist ${HOME}/Nextcloud | 30 | allow ${HOME}/Nextcloud |
31 | whitelist ${HOME}/.config/Nextcloud | 31 | allow ${HOME}/.config/Nextcloud |
32 | whitelist ${HOME}/.local/share/Nextcloud | 32 | allow ${HOME}/.local/share/Nextcloud |
33 | # Add the next lines to your nextcloud.local to allow sync in more directories. | 33 | # Add the next lines to your nextcloud.local to allow sync in more directories. |
34 | #whitelist ${DOCUMENTS} | 34 | #whitelist ${DOCUMENTS} |
35 | #whitelist ${MUSIC} | 35 | #whitelist ${MUSIC} |
diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile index f8062891c..0149e0737 100644 --- a/etc/profile-m-z/nheko.profile +++ b/etc/profile-m-z/nheko.profile | |||
@@ -6,9 +6,9 @@ include nheko.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/nheko | 9 | nodeny ${HOME}/.cache/nheko |
10 | noblacklist ${HOME}/.config/nheko | 10 | nodeny ${HOME}/.config/nheko |
11 | noblacklist ${HOME}/.local/share/nheko | 11 | nodeny ${HOME}/.local/share/nheko |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,10 +22,10 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.cache/nheko | 22 | mkdir ${HOME}/.cache/nheko |
23 | mkdir ${HOME}/.config/nheko | 23 | mkdir ${HOME}/.config/nheko |
24 | mkdir ${HOME}/.local/share/nheko | 24 | mkdir ${HOME}/.local/share/nheko |
25 | whitelist ${HOME}/.cache/nheko | 25 | allow ${HOME}/.cache/nheko |
26 | whitelist ${HOME}/.config/nheko | 26 | allow ${HOME}/.config/nheko |
27 | whitelist ${HOME}/.local/share/nheko | 27 | allow ${HOME}/.local/share/nheko |
28 | whitelist ${DOWNLOADS} | 28 | allow ${DOWNLOADS} |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/nicotine.profile b/etc/profile-m-z/nicotine.profile index 1c7dbc009..b31a7babf 100644 --- a/etc/profile-m-z/nicotine.profile +++ b/etc/profile-m-z/nicotine.profile | |||
@@ -6,7 +6,7 @@ include nicotine.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.nicotine | 9 | nodeny ${HOME}/.nicotine |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -21,9 +21,9 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.nicotine | 23 | mkdir ${HOME}/.nicotine |
24 | whitelist ${DOWNLOADS} | 24 | allow ${DOWNLOADS} |
25 | whitelist ${HOME}/.nicotine | 25 | allow ${HOME}/.nicotine |
26 | whitelist /usr/share/GeoIP | 26 | allow /usr/share/GeoIP |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/nitroshare.profile b/etc/profile-m-z/nitroshare.profile index 8dba84f02..70fffd5d4 100644 --- a/etc/profile-m-z/nitroshare.profile +++ b/etc/profile-m-z/nitroshare.profile | |||
@@ -6,8 +6,8 @@ include nitroshare.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Nathan Osman | 9 | nodeny ${HOME}/.config/Nathan Osman |
10 | noblacklist ${HOME}/.config/NitroShare | 10 | nodeny ${HOME}/.config/NitroShare |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile index fa69f9214..7981ba6ae 100644 --- a/etc/profile-m-z/nodejs-common.profile +++ b/etc/profile-m-z/nodejs-common.profile | |||
@@ -7,22 +7,22 @@ include nodejs-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | deny /tmp/.X11-unix |
11 | blacklist ${RUNUSER} | 11 | deny ${RUNUSER} |
12 | 12 | ||
13 | ignore read-only ${HOME}/.npm-packages | 13 | ignore read-only ${HOME}/.npm-packages |
14 | ignore read-only ${HOME}/.npmrc | 14 | ignore read-only ${HOME}/.npmrc |
15 | ignore read-only ${HOME}/.nvm | 15 | ignore read-only ${HOME}/.nvm |
16 | ignore read-only ${HOME}/.yarnrc | 16 | ignore read-only ${HOME}/.yarnrc |
17 | 17 | ||
18 | noblacklist ${HOME}/.node-gyp | 18 | nodeny ${HOME}/.node-gyp |
19 | noblacklist ${HOME}/.npm | 19 | nodeny ${HOME}/.npm |
20 | noblacklist ${HOME}/.npmrc | 20 | nodeny ${HOME}/.npmrc |
21 | noblacklist ${HOME}/.nvm | 21 | nodeny ${HOME}/.nvm |
22 | noblacklist ${HOME}/.yarn | 22 | nodeny ${HOME}/.yarn |
23 | noblacklist ${HOME}/.yarn-config | 23 | nodeny ${HOME}/.yarn-config |
24 | noblacklist ${HOME}/.yarncache | 24 | nodeny ${HOME}/.yarncache |
25 | noblacklist ${HOME}/.yarnrc | 25 | nodeny ${HOME}/.yarnrc |
26 | 26 | ||
27 | ignore noexec ${HOME} | 27 | ignore noexec ${HOME} |
28 | 28 | ||
@@ -58,9 +58,9 @@ include disable-xdg.inc | |||
58 | #whitelist ${HOME}/Projects | 58 | #whitelist ${HOME}/Projects |
59 | #include whitelist-common.inc | 59 | #include whitelist-common.inc |
60 | 60 | ||
61 | whitelist /usr/share/doc/node | 61 | allow /usr/share/doc/node |
62 | whitelist /usr/share/nvm | 62 | allow /usr/share/nvm |
63 | whitelist /usr/share/systemtap/tapset/node.stp | 63 | allow /usr/share/systemtap/tapset/node.stp |
64 | include whitelist-runuser-common.inc | 64 | include whitelist-runuser-common.inc |
65 | include whitelist-usr-share-common.inc | 65 | include whitelist-usr-share-common.inc |
66 | include whitelist-var-common.inc | 66 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/nomacs.profile b/etc/profile-m-z/nomacs.profile index a36dee874..80fbd0fcb 100644 --- a/etc/profile-m-z/nomacs.profile +++ b/etc/profile-m-z/nomacs.profile | |||
@@ -6,10 +6,10 @@ include nomacs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/nomacs | 9 | nodeny ${HOME}/.config/nomacs |
10 | noblacklist ${HOME}/.local/share/nomacs | 10 | nodeny ${HOME}/.local/share/nomacs |
11 | noblacklist ${HOME}/.local/share/data/nomacs | 11 | nodeny ${HOME}/.local/share/data/nomacs |
12 | noblacklist ${PICTURES} | 12 | nodeny ${PICTURES} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/notify-send.profile b/etc/profile-m-z/notify-send.profile index 650118c98..a3bcc040c 100644 --- a/etc/profile-m-z/notify-send.profile +++ b/etc/profile-m-z/notify-send.profile | |||
@@ -7,7 +7,7 @@ include notify-send.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/nslookup.profile b/etc/profile-m-z/nslookup.profile index c7a131a2c..b3002ad0e 100644 --- a/etc/profile-m-z/nslookup.profile +++ b/etc/profile-m-z/nslookup.profile | |||
@@ -7,10 +7,10 @@ include nslookup.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | deny /tmp/.X11-unix |
11 | blacklist ${RUNUSER} | 11 | deny ${RUNUSER} |
12 | 12 | ||
13 | noblacklist ${PATH}/nslookup | 13 | nodeny ${PATH}/nslookup |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -20,7 +20,7 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | whitelist ${HOME}/.nslookuprc | 23 | allow ${HOME}/.nslookuprc |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile index 886403b9e..67f54f9fc 100644 --- a/etc/profile-m-z/nuclear.profile +++ b/etc/profile-m-z/nuclear.profile | |||
@@ -8,12 +8,12 @@ include globals.local | |||
8 | 8 | ||
9 | ignore dbus-user | 9 | ignore dbus-user |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/nuclear | 11 | nodeny ${HOME}/.config/nuclear |
12 | 12 | ||
13 | include disable-shell.inc | 13 | include disable-shell.inc |
14 | 14 | ||
15 | mkdir ${HOME}/.config/nuclear | 15 | mkdir ${HOME}/.config/nuclear |
16 | whitelist ${HOME}/.config/nuclear | 16 | allow ${HOME}/.config/nuclear |
17 | 17 | ||
18 | no3d | 18 | no3d |
19 | 19 | ||
diff --git a/etc/profile-m-z/nylas.profile b/etc/profile-m-z/nylas.profile index fe0c2116b..ee7710b9c 100644 --- a/etc/profile-m-z/nylas.profile +++ b/etc/profile-m-z/nylas.profile | |||
@@ -5,8 +5,8 @@ include nylas.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/Nylas Mail | 8 | nodeny ${HOME}/.config/Nylas Mail |
9 | noblacklist ${HOME}/.nylas-mail | 9 | nodeny ${HOME}/.nylas-mail |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,9 +16,9 @@ include disable-programs.inc | |||
16 | 16 | ||
17 | mkdir ${HOME}/.config/Nylas Mail | 17 | mkdir ${HOME}/.config/Nylas Mail |
18 | mkdir ${HOME}/.nylas-mail | 18 | mkdir ${HOME}/.nylas-mail |
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | whitelist ${HOME}/.config/Nylas Mail | 20 | allow ${HOME}/.config/Nylas Mail |
21 | whitelist ${HOME}/.nylas-mail | 21 | allow ${HOME}/.nylas-mail |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/nyx.profile b/etc/profile-m-z/nyx.profile index d040d42af..1d606f70c 100644 --- a/etc/profile-m-z/nyx.profile +++ b/etc/profile-m-z/nyx.profile | |||
@@ -10,7 +10,7 @@ include globals.local | |||
10 | include allow-python2.inc | 10 | include allow-python2.inc |
11 | include allow-python3.inc | 11 | include allow-python3.inc |
12 | 12 | ||
13 | noblacklist ${HOME}/.nyx | 13 | nodeny ${HOME}/.nyx |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,7 +22,7 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.nyx | 24 | mkdir ${HOME}/.nyx |
25 | whitelist ${HOME}/.nyx | 25 | allow ${HOME}/.nyx |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/obs.profile b/etc/profile-m-z/obs.profile index 9345cee4f..f70bdc55a 100644 --- a/etc/profile-m-z/obs.profile +++ b/etc/profile-m-z/obs.profile | |||
@@ -5,10 +5,10 @@ include obs.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/obs-studio | 8 | nodeny ${HOME}/.config/obs-studio |
9 | noblacklist ${MUSIC} | 9 | nodeny ${MUSIC} |
10 | noblacklist ${PICTURES} | 10 | nodeny ${PICTURES} |
11 | noblacklist ${VIDEOS} | 11 | nodeny ${VIDEOS} |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/ocenaudio.profile b/etc/profile-m-z/ocenaudio.profile index 7be68a201..792c2ffc6 100644 --- a/etc/profile-m-z/ocenaudio.profile +++ b/etc/profile-m-z/ocenaudio.profile | |||
@@ -6,9 +6,9 @@ include ocenaudio.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/ocenaudio | 9 | nodeny ${HOME}/.local/share/ocenaudio |
10 | noblacklist ${DOCUMENTS} | 10 | nodeny ${DOCUMENTS} |
11 | noblacklist ${MUSIC} | 11 | nodeny ${MUSIC} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/odt2txt.profile b/etc/profile-m-z/odt2txt.profile index 6163d2e22..61b71ec10 100644 --- a/etc/profile-m-z/odt2txt.profile +++ b/etc/profile-m-z/odt2txt.profile | |||
@@ -6,9 +6,9 @@ include odt2txt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | 9 | deny ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/okular.profile b/etc/profile-m-z/okular.profile index ab8ccf623..feeed86cb 100644 --- a/etc/profile-m-z/okular.profile +++ b/etc/profile-m-z/okular.profile | |||
@@ -6,18 +6,18 @@ include okular.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/okular | 9 | nodeny ${HOME}/.cache/okular |
10 | noblacklist ${HOME}/.config/okularpartrc | 10 | nodeny ${HOME}/.config/okularpartrc |
11 | noblacklist ${HOME}/.config/okularrc | 11 | nodeny ${HOME}/.config/okularrc |
12 | noblacklist ${HOME}/.kde/share/apps/okular | 12 | nodeny ${HOME}/.kde/share/apps/okular |
13 | noblacklist ${HOME}/.kde/share/config/okularpartrc | 13 | nodeny ${HOME}/.kde/share/config/okularpartrc |
14 | noblacklist ${HOME}/.kde/share/config/okularrc | 14 | nodeny ${HOME}/.kde/share/config/okularrc |
15 | noblacklist ${HOME}/.kde4/share/apps/okular | 15 | nodeny ${HOME}/.kde4/share/apps/okular |
16 | noblacklist ${HOME}/.kde4/share/config/okularpartrc | 16 | nodeny ${HOME}/.kde4/share/config/okularpartrc |
17 | noblacklist ${HOME}/.kde4/share/config/okularrc | 17 | nodeny ${HOME}/.kde4/share/config/okularrc |
18 | noblacklist ${HOME}/.local/share/kxmlgui5/okular | 18 | nodeny ${HOME}/.local/share/kxmlgui5/okular |
19 | noblacklist ${HOME}/.local/share/okular | 19 | nodeny ${HOME}/.local/share/okular |
20 | noblacklist ${DOCUMENTS} | 20 | nodeny ${DOCUMENTS} |
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-devel.inc | 23 | include disable-devel.inc |
@@ -28,15 +28,15 @@ include disable-programs.inc | |||
28 | include disable-shell.inc | 28 | include disable-shell.inc |
29 | include disable-xdg.inc | 29 | include disable-xdg.inc |
30 | 30 | ||
31 | whitelist /usr/share/config.kcfg/gssettings.kcfg | 31 | allow /usr/share/config.kcfg/gssettings.kcfg |
32 | whitelist /usr/share/config.kcfg/pdfsettings.kcfg | 32 | allow /usr/share/config.kcfg/pdfsettings.kcfg |
33 | whitelist /usr/share/config.kcfg/okular.kcfg | 33 | allow /usr/share/config.kcfg/okular.kcfg |
34 | whitelist /usr/share/config.kcfg/okular_core.kcfg | 34 | allow /usr/share/config.kcfg/okular_core.kcfg |
35 | whitelist /usr/share/ghostscript | 35 | allow /usr/share/ghostscript |
36 | whitelist /usr/share/kconf_update/okular.upd | 36 | allow /usr/share/kconf_update/okular.upd |
37 | whitelist /usr/share/kxmlgui5/okular | 37 | allow /usr/share/kxmlgui5/okular |
38 | whitelist /usr/share/okular | 38 | allow /usr/share/okular |
39 | whitelist /usr/share/poppler | 39 | allow /usr/share/poppler |
40 | include whitelist-runuser-common.inc | 40 | include whitelist-runuser-common.inc |
41 | include whitelist-usr-share-common.inc | 41 | include whitelist-usr-share-common.inc |
42 | include whitelist-var-common.inc | 42 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile index 5b367b639..748d17995 100644 --- a/etc/profile-m-z/onboard.profile +++ b/etc/profile-m-z/onboard.profile | |||
@@ -6,7 +6,7 @@ include onboard.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/onboard | 9 | nodeny ${HOME}/.config/onboard |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,8 +22,8 @@ include disable-shell.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.config/onboard | 24 | mkdir ${HOME}/.config/onboard |
25 | whitelist ${HOME}/.config/onboard | 25 | allow ${HOME}/.config/onboard |
26 | whitelist /usr/share/onboard | 26 | allow /usr/share/onboard |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/onionshare-gui.profile b/etc/profile-m-z/onionshare-gui.profile index 960df9034..188818a7f 100644 --- a/etc/profile-m-z/onionshare-gui.profile +++ b/etc/profile-m-z/onionshare-gui.profile | |||
@@ -5,7 +5,7 @@ include onionshare-gui.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/onionshare | 8 | nodeny ${HOME}/.config/onionshare |
9 | 9 | ||
10 | # Allow python (blacklisted by disable-interpreters.inc) | 10 | # Allow python (blacklisted by disable-interpreters.inc) |
11 | include allow-python3.inc | 11 | include allow-python3.inc |
diff --git a/etc/profile-m-z/open-invaders.profile b/etc/profile-m-z/open-invaders.profile index 7a840d4a9..6e2b31def 100644 --- a/etc/profile-m-z/open-invaders.profile +++ b/etc/profile-m-z/open-invaders.profile | |||
@@ -6,7 +6,7 @@ include open-invaders.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.openinvaders | 9 | nodeny ${HOME}/.openinvaders |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.openinvaders | 19 | mkdir ${HOME}/.openinvaders |
20 | whitelist ${HOME}/.openinvaders | 20 | allow ${HOME}/.openinvaders |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/openarena.profile b/etc/profile-m-z/openarena.profile index 36ce0316f..dfc78e5a9 100644 --- a/etc/profile-m-z/openarena.profile +++ b/etc/profile-m-z/openarena.profile | |||
@@ -6,7 +6,7 @@ include openarena.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.openarena | 9 | nodeny ${HOME}/.openarena |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.openarena | 19 | mkdir ${HOME}/.openarena |
20 | whitelist ${HOME}/.openarena | 20 | allow ${HOME}/.openarena |
21 | whitelist /usr/share/openarena | 21 | allow /usr/share/openarena |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | 23 | include whitelist-runuser-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/openbox.profile b/etc/profile-m-z/openbox.profile index b49fd9932..5a6b378f0 100644 --- a/etc/profile-m-z/openbox.profile +++ b/etc/profile-m-z/openbox.profile | |||
@@ -7,7 +7,7 @@ include openbox.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # all applications started in openbox will run in this profile | 9 | # all applications started in openbox will run in this profile |
10 | noblacklist ${HOME}/.config/openbox | 10 | nodeny ${HOME}/.config/openbox |
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | 12 | ||
13 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/profile-m-z/opencity.profile b/etc/profile-m-z/opencity.profile index a3d371e15..268e7cee3 100644 --- a/etc/profile-m-z/opencity.profile +++ b/etc/profile-m-z/opencity.profile | |||
@@ -6,7 +6,7 @@ include opencity.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.opencity | 9 | nodeny ${HOME}/.opencity |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.opencity | 20 | mkdir ${HOME}/.opencity |
21 | whitelist ${HOME}/.opencity | 21 | allow ${HOME}/.opencity |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/openclonk.profile b/etc/profile-m-z/openclonk.profile index 32b40df42..588191cb3 100644 --- a/etc/profile-m-z/openclonk.profile +++ b/etc/profile-m-z/openclonk.profile | |||
@@ -6,7 +6,7 @@ include openclonk.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.clonk | 9 | nodeny ${HOME}/.clonk |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.clonk | 20 | mkdir ${HOME}/.clonk |
21 | whitelist ${HOME}/.clonk | 21 | allow ${HOME}/.clonk |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile index d1fe67aed..95d507c98 100644 --- a/etc/profile-m-z/openmw.profile +++ b/etc/profile-m-z/openmw.profile | |||
@@ -6,8 +6,8 @@ include openmw.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/openmw | 9 | nodeny ${HOME}/.config/openmw |
10 | noblacklist ${HOME}/.local/share/openmw | 10 | nodeny ${HOME}/.local/share/openmw |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -21,11 +21,11 @@ include disable-xdg.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.config/openmw | 22 | mkdir ${HOME}/.config/openmw |
23 | mkdir ${HOME}/.local/share/openmw | 23 | mkdir ${HOME}/.local/share/openmw |
24 | whitelist ${HOME}/.config/openmw | 24 | allow ${HOME}/.config/openmw |
25 | # Copy Morrowind data files into ${HOME}/.local/share/openmw or load them from /mnt. | 25 | # Copy Morrowind data files into ${HOME}/.local/share/openmw or load them from /mnt. |
26 | # Alternatively you can whitelist custom paths in your openmw.local. | 26 | # Alternatively you can whitelist custom paths in your openmw.local. |
27 | whitelist ${HOME}/.local/share/openmw | 27 | allow ${HOME}/.local/share/openmw |
28 | whitelist /usr/share/openmw | 28 | allow /usr/share/openmw |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-runuser-common.inc | 30 | include whitelist-runuser-common.inc |
31 | include whitelist-usr-share-common.inc | 31 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/openshot.profile b/etc/profile-m-z/openshot.profile index 6118630c4..ebb536b3e 100644 --- a/etc/profile-m-z/openshot.profile +++ b/etc/profile-m-z/openshot.profile | |||
@@ -6,8 +6,8 @@ include openshot.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.openshot | 9 | nodeny ${HOME}/.openshot |
10 | noblacklist ${HOME}/.openshot_qt | 10 | nodeny ${HOME}/.openshot_qt |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python3.inc | 13 | include allow-python3.inc |
@@ -19,8 +19,8 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist /usr/share/blender | 22 | allow /usr/share/blender |
23 | whitelist /usr/share/inkscape | 23 | allow /usr/share/inkscape |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/openttd.profile b/etc/profile-m-z/openttd.profile index 546958bb7..79c1f8ffa 100644 --- a/etc/profile-m-z/openttd.profile +++ b/etc/profile-m-z/openttd.profile | |||
@@ -6,7 +6,7 @@ include openttd.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.openttd | 9 | nodeny ${HOME}/.openttd |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.openttd | 20 | mkdir ${HOME}/.openttd |
21 | whitelist ${HOME}/.openttd | 21 | allow ${HOME}/.openttd |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/opera-beta.profile b/etc/profile-m-z/opera-beta.profile index 551f1aba4..548afc0b4 100644 --- a/etc/profile-m-z/opera-beta.profile +++ b/etc/profile-m-z/opera-beta.profile | |||
@@ -10,13 +10,13 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | noblacklist ${HOME}/.cache/opera | 13 | nodeny ${HOME}/.cache/opera |
14 | noblacklist ${HOME}/.config/opera-beta | 14 | nodeny ${HOME}/.config/opera-beta |
15 | 15 | ||
16 | mkdir ${HOME}/.cache/opera | 16 | mkdir ${HOME}/.cache/opera |
17 | mkdir ${HOME}/.config/opera-beta | 17 | mkdir ${HOME}/.config/opera-beta |
18 | whitelist ${HOME}/.cache/opera | 18 | allow ${HOME}/.cache/opera |
19 | whitelist ${HOME}/.config/opera-beta | 19 | allow ${HOME}/.config/opera-beta |
20 | 20 | ||
21 | # Redirect | 21 | # Redirect |
22 | include chromium-common.profile | 22 | include chromium-common.profile |
diff --git a/etc/profile-m-z/opera.profile b/etc/profile-m-z/opera.profile index 2c7c5fc35..5a3fe064e 100644 --- a/etc/profile-m-z/opera.profile +++ b/etc/profile-m-z/opera.profile | |||
@@ -11,16 +11,16 @@ ignore whitelist /usr/share/chromium | |||
11 | ignore include whitelist-runuser-common.inc | 11 | ignore include whitelist-runuser-common.inc |
12 | ignore include whitelist-usr-share-common.inc | 12 | ignore include whitelist-usr-share-common.inc |
13 | 13 | ||
14 | noblacklist ${HOME}/.cache/opera | 14 | nodeny ${HOME}/.cache/opera |
15 | noblacklist ${HOME}/.config/opera | 15 | nodeny ${HOME}/.config/opera |
16 | noblacklist ${HOME}/.opera | 16 | nodeny ${HOME}/.opera |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/opera | 18 | mkdir ${HOME}/.cache/opera |
19 | mkdir ${HOME}/.config/opera | 19 | mkdir ${HOME}/.config/opera |
20 | mkdir ${HOME}/.opera | 20 | mkdir ${HOME}/.opera |
21 | whitelist ${HOME}/.cache/opera | 21 | allow ${HOME}/.cache/opera |
22 | whitelist ${HOME}/.config/opera | 22 | allow ${HOME}/.config/opera |
23 | whitelist ${HOME}/.opera | 23 | allow ${HOME}/.opera |
24 | 24 | ||
25 | # Redirect | 25 | # Redirect |
26 | include chromium-common.profile | 26 | include chromium-common.profile |
diff --git a/etc/profile-m-z/orage.profile b/etc/profile-m-z/orage.profile index 4e4d8bea5..a49cbdb91 100644 --- a/etc/profile-m-z/orage.profile +++ b/etc/profile-m-z/orage.profile | |||
@@ -6,8 +6,8 @@ include orage.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/orage | 9 | nodeny ${HOME}/.config/orage |
10 | noblacklist ${HOME}/.local/share/orage | 10 | nodeny ${HOME}/.local/share/orage |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index 310b90919..ed881816e 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile | |||
@@ -6,7 +6,7 @@ include ostrichriders.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.ostrichriders | 9 | nodeny ${HOME}/.ostrichriders |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.ostrichriders | 20 | mkdir ${HOME}/.ostrichriders |
21 | whitelist ${HOME}/.ostrichriders | 21 | allow ${HOME}/.ostrichriders |
22 | whitelist /usr/share/ostrichriders | 22 | allow /usr/share/ostrichriders |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/otter-browser.profile b/etc/profile-m-z/otter-browser.profile index 20a4e25ed..bc9e730a1 100644 --- a/etc/profile-m-z/otter-browser.profile +++ b/etc/profile-m-z/otter-browser.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 9 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
10 | 10 | ||
11 | noblacklist ${HOME}/.cache/Otter | 11 | nodeny ${HOME}/.cache/Otter |
12 | noblacklist ${HOME}/.config/otter | 12 | nodeny ${HOME}/.config/otter |
13 | noblacklist ${HOME}/.pki | 13 | nodeny ${HOME}/.pki |
14 | noblacklist ${HOME}/.local/share/pki | 14 | nodeny ${HOME}/.local/share/pki |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -25,12 +25,12 @@ mkdir ${HOME}/.cache/Otter | |||
25 | mkdir ${HOME}/.config/otter | 25 | mkdir ${HOME}/.config/otter |
26 | mkdir ${HOME}/.pki | 26 | mkdir ${HOME}/.pki |
27 | mkdir ${HOME}/.local/share/pki | 27 | mkdir ${HOME}/.local/share/pki |
28 | whitelist ${DOWNLOADS} | 28 | allow ${DOWNLOADS} |
29 | whitelist ${HOME}/.cache/Otter | 29 | allow ${HOME}/.cache/Otter |
30 | whitelist ${HOME}/.config/otter | 30 | allow ${HOME}/.config/otter |
31 | whitelist ${HOME}/.pki | 31 | allow ${HOME}/.pki |
32 | whitelist ${HOME}/.local/share/pki | 32 | allow ${HOME}/.local/share/pki |
33 | whitelist /usr/share/otter-browser | 33 | allow /usr/share/otter-browser |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
36 | include whitelist-usr-share-common.inc | 36 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/palemoon.profile b/etc/profile-m-z/palemoon.profile index acb2ce176..503c141d8 100644 --- a/etc/profile-m-z/palemoon.profile +++ b/etc/profile-m-z/palemoon.profile | |||
@@ -5,13 +5,13 @@ include palemoon.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/moonchild productions/pale moon | 8 | nodeny ${HOME}/.cache/moonchild productions/pale moon |
9 | noblacklist ${HOME}/.moonchild productions/pale moon | 9 | nodeny ${HOME}/.moonchild productions/pale moon |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/moonchild productions/pale moon | 11 | mkdir ${HOME}/.cache/moonchild productions/pale moon |
12 | mkdir ${HOME}/.moonchild productions | 12 | mkdir ${HOME}/.moonchild productions |
13 | whitelist ${HOME}/.cache/moonchild productions/pale moon | 13 | allow ${HOME}/.cache/moonchild productions/pale moon |
14 | whitelist ${HOME}/.moonchild productions | 14 | allow ${HOME}/.moonchild productions |
15 | 15 | ||
16 | # Palemoon can use the full firejail seccomp filter (unlike firefox >= 60) | 16 | # Palemoon can use the full firejail seccomp filter (unlike firefox >= 60) |
17 | seccomp | 17 | seccomp |
diff --git a/etc/profile-m-z/pandoc.profile b/etc/profile-m-z/pandoc.profile index 513b4119e..a59f53298 100644 --- a/etc/profile-m-z/pandoc.profile +++ b/etc/profile-m-z/pandoc.profile | |||
@@ -7,9 +7,9 @@ include pandoc.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | deny ${RUNUSER} |
11 | 11 | ||
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/parole.profile b/etc/profile-m-z/parole.profile index 0a4422a73..a277d1cbc 100644 --- a/etc/profile-m-z/parole.profile +++ b/etc/profile-m-z/parole.profile | |||
@@ -6,8 +6,8 @@ include parole.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${MUSIC} | 9 | nodeny ${MUSIC} |
10 | noblacklist ${VIDEOS} | 10 | nodeny ${VIDEOS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/patch.profile b/etc/profile-m-z/patch.profile index 0de968185..156c3956d 100644 --- a/etc/profile-m-z/patch.profile +++ b/etc/profile-m-z/patch.profile | |||
@@ -7,9 +7,9 @@ include patch.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | deny ${RUNUSER} |
11 | 11 | ||
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pavucontrol-qt.profile b/etc/profile-m-z/pavucontrol-qt.profile index f96ba14d2..dcd69cdd0 100644 --- a/etc/profile-m-z/pavucontrol-qt.profile +++ b/etc/profile-m-z/pavucontrol-qt.profile | |||
@@ -7,10 +7,10 @@ include pavucontrol-qt.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.config/pavucontrol-qt | 10 | nodeny ${HOME}/.config/pavucontrol-qt |
11 | 11 | ||
12 | mkdir ${HOME}/.config/pavucontrol-qt | 12 | mkdir ${HOME}/.config/pavucontrol-qt |
13 | whitelist ${HOME}/.config/pavucontrol-qt | 13 | allow ${HOME}/.config/pavucontrol-qt |
14 | 14 | ||
15 | private-bin pavucontrol-qt | 15 | private-bin pavucontrol-qt |
16 | ignore private-lib | 16 | ignore private-lib |
diff --git a/etc/profile-m-z/pavucontrol.profile b/etc/profile-m-z/pavucontrol.profile index b46fb3026..f44730c33 100644 --- a/etc/profile-m-z/pavucontrol.profile +++ b/etc/profile-m-z/pavucontrol.profile | |||
@@ -6,7 +6,7 @@ include pavucontrol.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/pavucontrol.ini | 9 | nodeny ${HOME}/.config/pavucontrol.ini |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | # whitelisting in ${HOME} is broken, see #3112 | 19 | # whitelisting in ${HOME} is broken, see #3112 |
20 | #mkfile ${HOME}/.config/pavucontrol.ini | 20 | #mkfile ${HOME}/.config/pavucontrol.ini |
21 | #whitelist ${HOME}/.config/pavucontrol.ini | 21 | #whitelist ${HOME}/.config/pavucontrol.ini |
22 | whitelist /usr/share/pavucontrol | 22 | allow /usr/share/pavucontrol |
23 | whitelist /usr/share/pavucontrol-qt | 23 | allow /usr/share/pavucontrol-qt |
24 | #include whitelist-common.inc | 24 | #include whitelist-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/pcsxr.profile b/etc/profile-m-z/pcsxr.profile index a6dab2a9a..3f920ced8 100644 --- a/etc/profile-m-z/pcsxr.profile +++ b/etc/profile-m-z/pcsxr.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your pcsxr.local | 9 | # Note: you must whitelist your games folder in your pcsxr.local |
10 | 10 | ||
11 | noblacklist ${HOME}/.pcsxr | 11 | nodeny ${HOME}/.pcsxr |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,7 +21,7 @@ include disable-write-mnt.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.pcsxr | 23 | mkdir ${HOME}/.pcsxr |
24 | whitelist ${HOME}/.pcsxr | 24 | allow ${HOME}/.pcsxr |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/pdfchain.profile b/etc/profile-m-z/pdfchain.profile index d72417914..13a011072 100644 --- a/etc/profile-m-z/pdfchain.profile +++ b/etc/profile-m-z/pdfchain.profile | |||
@@ -5,7 +5,7 @@ include pdfchain.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${DOCUMENTS} | 8 | nodeny ${DOCUMENTS} |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pdfmod.profile b/etc/profile-m-z/pdfmod.profile index a19826555..e49ce8073 100644 --- a/etc/profile-m-z/pdfmod.profile +++ b/etc/profile-m-z/pdfmod.profile | |||
@@ -6,9 +6,9 @@ include pdfmod.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/pdfmod | 9 | nodeny ${HOME}/.cache/pdfmod |
10 | noblacklist ${HOME}/.config/pdfmod | 10 | nodeny ${HOME}/.config/pdfmod |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pdfsam.profile b/etc/profile-m-z/pdfsam.profile index e2808d4d2..67c14bbc3 100644 --- a/etc/profile-m-z/pdfsam.profile +++ b/etc/profile-m-z/pdfsam.profile | |||
@@ -6,7 +6,7 @@ include pdfsam.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | 10 | ||
11 | # Allow java (blacklisted by disable-devel.inc) | 11 | # Allow java (blacklisted by disable-devel.inc) |
12 | include allow-java.inc | 12 | include allow-java.inc |
diff --git a/etc/profile-m-z/pdftotext.profile b/etc/profile-m-z/pdftotext.profile index d3902a51c..1c7ebfad5 100644 --- a/etc/profile-m-z/pdftotext.profile +++ b/etc/profile-m-z/pdftotext.profile | |||
@@ -6,9 +6,9 @@ include pdftotext.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER} | 9 | deny ${RUNUSER} |
10 | 10 | ||
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | include disable-shell.inc | 19 | include disable-shell.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | whitelist ${DOCUMENTS} | 22 | allow ${DOCUMENTS} |
23 | whitelist ${DOWNLOADS} | 23 | allow ${DOWNLOADS} |
24 | whitelist /usr/share/poppler | 24 | allow /usr/share/poppler |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-m-z/peek.profile b/etc/profile-m-z/peek.profile index c33953687..e809625ad 100644 --- a/etc/profile-m-z/peek.profile +++ b/etc/profile-m-z/peek.profile | |||
@@ -5,9 +5,9 @@ include peek.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/peek | 8 | nodeny ${HOME}/.cache/peek |
9 | noblacklist ${PICTURES} | 9 | nodeny ${PICTURES} |
10 | noblacklist ${VIDEOS} | 10 | nodeny ${VIDEOS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/penguin-command.profile b/etc/profile-m-z/penguin-command.profile index f5ad0321d..5ebd7b462 100644 --- a/etc/profile-m-z/penguin-command.profile +++ b/etc/profile-m-z/penguin-command.profile | |||
@@ -6,7 +6,7 @@ include penguin-command.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.penguin-command | 9 | nodeny ${HOME}/.penguin-command |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | 18 | ||
19 | whitelist ${HOME}/.penguin-command | 19 | allow ${HOME}/.penguin-command |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-m-z/photoflare.profile b/etc/profile-m-z/photoflare.profile index 40068ff78..8dd506850 100644 --- a/etc/profile-m-z/photoflare.profile +++ b/etc/profile-m-z/photoflare.profile | |||
@@ -6,7 +6,7 @@ include photoflare.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include photoflare.local | 7 | include photoflare.local |
8 | 8 | ||
9 | noblacklist ${PICTURES} | 9 | nodeny ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/picard.profile b/etc/profile-m-z/picard.profile index a5ea47088..ac178ee6c 100644 --- a/etc/profile-m-z/picard.profile +++ b/etc/profile-m-z/picard.profile | |||
@@ -6,9 +6,9 @@ include picard.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/MusicBrainz | 9 | nodeny ${HOME}/.cache/MusicBrainz |
10 | noblacklist ${HOME}/.config/MusicBrainz | 10 | nodeny ${HOME}/.config/MusicBrainz |
11 | noblacklist ${MUSIC} | 11 | nodeny ${MUSIC} |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/pidgin.profile b/etc/profile-m-z/pidgin.profile index 26872e9a1..a65abeb2e 100644 --- a/etc/profile-m-z/pidgin.profile +++ b/etc/profile-m-z/pidgin.profile | |||
@@ -9,7 +9,7 @@ include globals.local | |||
9 | ignore noexec ${RUNUSER} | 9 | ignore noexec ${RUNUSER} |
10 | ignore noexec /dev/shm | 10 | ignore noexec /dev/shm |
11 | 11 | ||
12 | noblacklist ${HOME}/.purple | 12 | nodeny ${HOME}/.purple |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-programs.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.purple | 22 | mkdir ${HOME}/.purple |
23 | whitelist ${HOME}/.purple | 23 | allow ${HOME}/.purple |
24 | whitelist ${DOWNLOADS} | 24 | allow ${DOWNLOADS} |
25 | whitelist ${PICTURES} | 25 | allow ${PICTURES} |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/pinball.profile b/etc/profile-m-z/pinball.profile index 2e17be2ce..41e4fb6c0 100644 --- a/etc/profile-m-z/pinball.profile +++ b/etc/profile-m-z/pinball.profile | |||
@@ -6,7 +6,7 @@ include pinball.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/emilia | 9 | nodeny ${HOME}/.config/emilia |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,11 +18,11 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/emilia | 20 | mkdir ${HOME}/.config/emilia |
21 | whitelist ${HOME}/.config/emilia | 21 | allow ${HOME}/.config/emilia |
22 | 22 | ||
23 | whitelist /usr/share/pinball | 23 | allow /usr/share/pinball |
24 | # on debian games are stored under /usr/share/games | 24 | # on debian games are stored under /usr/share/games |
25 | whitelist /usr/share/games/pinball | 25 | allow /usr/share/games/pinball |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/ping.profile b/etc/profile-m-z/ping.profile index e914007c0..65e77abfa 100644 --- a/etc/profile-m-z/ping.profile +++ b/etc/profile-m-z/ping.profile | |||
@@ -7,8 +7,8 @@ include ping.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | deny /tmp/.X11-unix |
11 | blacklist ${RUNUSER} | 11 | deny ${RUNUSER} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile index f1fdfcbad..aa2cfe203 100644 --- a/etc/profile-m-z/pingus.profile +++ b/etc/profile-m-z/pingus.profile | |||
@@ -6,12 +6,12 @@ include pingus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.pingus | 9 | nodeny ${HOME}/.pingus |
10 | 10 | ||
11 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 11 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
12 | include allow-bin-sh.inc | 12 | include allow-bin-sh.inc |
13 | 13 | ||
14 | blacklist /usr/libexec | 14 | deny /usr/libexec |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -23,8 +23,8 @@ include disable-shell.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.pingus | 25 | mkdir ${HOME}/.pingus |
26 | whitelist ${HOME}/.pingus | 26 | allow ${HOME}/.pingus |
27 | whitelist /usr/share/pingus | 27 | allow /usr/share/pingus |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/pinta.profile b/etc/profile-m-z/pinta.profile index 19406c399..d0d4f1fce 100644 --- a/etc/profile-m-z/pinta.profile +++ b/etc/profile-m-z/pinta.profile | |||
@@ -6,9 +6,9 @@ include pinta.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Pinta | 9 | nodeny ${HOME}/.config/Pinta |
10 | noblacklist ${DOCUMENTS} | 10 | nodeny ${DOCUMENTS} |
11 | noblacklist ${PICTURES} | 11 | nodeny ${PICTURES} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pioneer.profile b/etc/profile-m-z/pioneer.profile index 721b3944a..6cfea28b6 100644 --- a/etc/profile-m-z/pioneer.profile +++ b/etc/profile-m-z/pioneer.profile | |||
@@ -6,7 +6,7 @@ include pioneer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.pioneer | 9 | nodeny ${HOME}/.pioneer |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.pioneer | 20 | mkdir ${HOME}/.pioneer |
21 | whitelist ${HOME}/.pioneer | 21 | allow ${HOME}/.pioneer |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/pipe-viewer.profile b/etc/profile-m-z/pipe-viewer.profile index 3de064311..acd7eeaf2 100644 --- a/etc/profile-m-z/pipe-viewer.profile +++ b/etc/profile-m-z/pipe-viewer.profile | |||
@@ -7,13 +7,13 @@ include pipe-viewer.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.cache/pipe-viewer | 10 | nodeny ${HOME}/.cache/pipe-viewer |
11 | noblacklist ${HOME}/.config/pipe-viewer | 11 | nodeny ${HOME}/.config/pipe-viewer |
12 | 12 | ||
13 | mkdir ${HOME}/.config/pipe-viewer | 13 | mkdir ${HOME}/.config/pipe-viewer |
14 | mkdir ${HOME}/.cache/pipe-viewer | 14 | mkdir ${HOME}/.cache/pipe-viewer |
15 | whitelist ${HOME}/.cache/pipe-viewer | 15 | allow ${HOME}/.cache/pipe-viewer |
16 | whitelist ${HOME}/.config/pipe-viewer | 16 | allow ${HOME}/.config/pipe-viewer |
17 | 17 | ||
18 | private-bin gtk-pipe-viewer,pipe-viewer | 18 | private-bin gtk-pipe-viewer,pipe-viewer |
19 | 19 | ||
diff --git a/etc/profile-m-z/pitivi.profile b/etc/profile-m-z/pitivi.profile index a2dd809c4..abce4c911 100644 --- a/etc/profile-m-z/pitivi.profile +++ b/etc/profile-m-z/pitivi.profile | |||
@@ -6,7 +6,7 @@ include pitivi.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/pitivi | 9 | nodeny ${HOME}/.config/pitivi |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
diff --git a/etc/profile-m-z/pix.profile b/etc/profile-m-z/pix.profile index 81d3e9370..63451d352 100644 --- a/etc/profile-m-z/pix.profile +++ b/etc/profile-m-z/pix.profile | |||
@@ -5,10 +5,10 @@ include pix.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/pix | 8 | nodeny ${HOME}/.config/pix |
9 | noblacklist ${HOME}/.local/share/pix | 9 | nodeny ${HOME}/.local/share/pix |
10 | noblacklist ${HOME}/.Steam | 10 | nodeny ${HOME}/.Steam |
11 | noblacklist ${HOME}/.steam | 11 | nodeny ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/pkglog.profile b/etc/profile-m-z/pkglog.profile index 4eb41b3bd..13d7db7f7 100644 --- a/etc/profile-m-z/pkglog.profile +++ b/etc/profile-m-z/pkglog.profile | |||
@@ -17,9 +17,9 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /var/log/apt/history.log | 20 | allow /var/log/apt/history.log |
21 | whitelist /var/log/dnf.rpm.log | 21 | allow /var/log/dnf.rpm.log |
22 | whitelist /var/log/pacman.log | 22 | allow /var/log/pacman.log |
23 | 23 | ||
24 | apparmor | 24 | apparmor |
25 | caps.drop all | 25 | caps.drop all |
diff --git a/etc/profile-m-z/playonlinux.profile b/etc/profile-m-z/playonlinux.profile index 8e98905b5..9c23841e2 100644 --- a/etc/profile-m-z/playonlinux.profile +++ b/etc/profile-m-z/playonlinux.profile | |||
@@ -7,10 +7,10 @@ include playonlinux.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.PlayOnLinux | 10 | nodeny ${HOME}/.PlayOnLinux |
11 | 11 | ||
12 | # nc is needed to run playonlinux | 12 | # nc is needed to run playonlinux |
13 | noblacklist ${PATH}/nc | 13 | nodeny ${PATH}/nc |
14 | 14 | ||
15 | # Allow perl (blacklisted by disable-interpreters.inc) | 15 | # Allow perl (blacklisted by disable-interpreters.inc) |
16 | include allow-perl.inc | 16 | include allow-perl.inc |
diff --git a/etc/profile-m-z/pluma.profile b/etc/profile-m-z/pluma.profile index 10e12e5b1..ab7e0c64b 100644 --- a/etc/profile-m-z/pluma.profile +++ b/etc/profile-m-z/pluma.profile | |||
@@ -6,8 +6,8 @@ include pluma.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/enchant | 9 | nodeny ${HOME}/.config/enchant |
10 | noblacklist ${HOME}/.config/pluma | 10 | nodeny ${HOME}/.config/pluma |
11 | 11 | ||
12 | # Allows files commonly used by IDEs | 12 | # Allows files commonly used by IDEs |
13 | include allow-common-devel.inc | 13 | include allow-common-devel.inc |
diff --git a/etc/profile-m-z/plv.profile b/etc/profile-m-z/plv.profile index 5201fd853..02cb83ef6 100644 --- a/etc/profile-m-z/plv.profile +++ b/etc/profile-m-z/plv.profile | |||
@@ -6,7 +6,7 @@ include plv.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/PacmanLogViewer | 9 | nodeny ${HOME}/.config/PacmanLogViewer |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.config/PacmanLogViewer | 19 | mkdir ${HOME}/.config/PacmanLogViewer |
20 | whitelist ${HOME}/.config/PacmanLogViewer | 20 | allow ${HOME}/.config/PacmanLogViewer |
21 | whitelist /var/log/pacman.log | 21 | allow /var/log/pacman.log |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/pngquant.profile b/etc/profile-m-z/pngquant.profile index 8a181d5a8..2c4dda43e 100644 --- a/etc/profile-m-z/pngquant.profile +++ b/etc/profile-m-z/pngquant.profile | |||
@@ -7,9 +7,9 @@ include pngquant.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${PICTURES} | 10 | nodeny ${PICTURES} |
11 | 11 | ||
12 | blacklist ${RUNUSER}/wayland-* | 12 | deny ${RUNUSER}/wayland-* |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/polari.profile b/etc/profile-m-z/polari.profile index a3d4f9851..115ac36ab 100644 --- a/etc/profile-m-z/polari.profile +++ b/etc/profile-m-z/polari.profile | |||
@@ -21,12 +21,12 @@ mkdir ${HOME}/.local/share/Empathy | |||
21 | mkdir ${HOME}/.local/share/TpLogger | 21 | mkdir ${HOME}/.local/share/TpLogger |
22 | mkdir ${HOME}/.local/share/telepathy | 22 | mkdir ${HOME}/.local/share/telepathy |
23 | mkdir ${HOME}/.purple | 23 | mkdir ${HOME}/.purple |
24 | whitelist ${HOME}/.cache/telepathy | 24 | allow ${HOME}/.cache/telepathy |
25 | whitelist ${HOME}/.config/telepathy-account-widgets | 25 | allow ${HOME}/.config/telepathy-account-widgets |
26 | whitelist ${HOME}/.local/share/Empathy | 26 | allow ${HOME}/.local/share/Empathy |
27 | whitelist ${HOME}/.local/share/TpLogger | 27 | allow ${HOME}/.local/share/TpLogger |
28 | whitelist ${HOME}/.local/share/telepathy | 28 | allow ${HOME}/.local/share/telepathy |
29 | whitelist ${HOME}/.purple | 29 | allow ${HOME}/.purple |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | 32 | ||
diff --git a/etc/profile-m-z/ppsspp.profile b/etc/profile-m-z/ppsspp.profile index 1f73c1d89..10c59ea32 100644 --- a/etc/profile-m-z/ppsspp.profile +++ b/etc/profile-m-z/ppsspp.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | # Note: you must whitelist your games folder in your ppsspp.local. | 9 | # Note: you must whitelist your games folder in your ppsspp.local. |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/ppsspp | 11 | nodeny ${HOME}/.config/ppsspp |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-write-mnt.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/ppsspp | 22 | mkdir ${HOME}/.config/ppsspp |
23 | whitelist ${HOME}/.config/ppsspp | 23 | allow ${HOME}/.config/ppsspp |
24 | whitelist /usr/share/ppsspp | 24 | allow /usr/share/ppsspp |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/pragha.profile b/etc/profile-m-z/pragha.profile index f138d785e..9b03bf632 100644 --- a/etc/profile-m-z/pragha.profile +++ b/etc/profile-m-z/pragha.profile | |||
@@ -6,8 +6,8 @@ include pragha.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/pragha | 9 | nodeny ${HOME}/.config/pragha |
10 | noblacklist ${MUSIC} | 10 | nodeny ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/profanity.profile b/etc/profile-m-z/profanity.profile index 743458725..137b4cb20 100644 --- a/etc/profile-m-z/profanity.profile +++ b/etc/profile-m-z/profanity.profile | |||
@@ -7,8 +7,8 @@ include profanity.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.config/profanity | 10 | nodeny ${HOME}/.config/profanity |
11 | noblacklist ${HOME}/.local/share/profanity | 11 | nodeny ${HOME}/.local/share/profanity |
12 | 12 | ||
13 | # Allow Python | 13 | # Allow Python |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/psi-plus.profile b/etc/profile-m-z/psi-plus.profile index 5ac58b0ac..b0e28baf7 100644 --- a/etc/profile-m-z/psi-plus.profile +++ b/etc/profile-m-z/psi-plus.profile | |||
@@ -6,8 +6,8 @@ include psi-plus.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/psi+ | 9 | nodeny ${HOME}/.config/psi+ |
10 | noblacklist ${HOME}/.local/share/psi+ | 10 | nodeny ${HOME}/.local/share/psi+ |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,10 +19,10 @@ include disable-programs.inc | |||
19 | mkdir ${HOME}/.cache/psi+ | 19 | mkdir ${HOME}/.cache/psi+ |
20 | mkdir ${HOME}/.config/psi+ | 20 | mkdir ${HOME}/.config/psi+ |
21 | mkdir ${HOME}/.local/share/psi+ | 21 | mkdir ${HOME}/.local/share/psi+ |
22 | whitelist ${DOWNLOADS} | 22 | allow ${DOWNLOADS} |
23 | whitelist ${HOME}/.cache/psi+ | 23 | allow ${HOME}/.cache/psi+ |
24 | whitelist ${HOME}/.config/psi+ | 24 | allow ${HOME}/.config/psi+ |
25 | whitelist ${HOME}/.local/share/psi+ | 25 | allow ${HOME}/.local/share/psi+ |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | 27 | ||
28 | caps.drop all | 28 | caps.drop all |
diff --git a/etc/profile-m-z/psi.profile b/etc/profile-m-z/psi.profile index 7e0ef99fc..2588c3b75 100644 --- a/etc/profile-m-z/psi.profile +++ b/etc/profile-m-z/psi.profile | |||
@@ -8,11 +8,11 @@ include globals.local | |||
8 | 8 | ||
9 | # Add the next line to your psi.local to enable GPG support. | 9 | # Add the next line to your psi.local to enable GPG support. |
10 | #noblacklist ${HOME}/.gnupg | 10 | #noblacklist ${HOME}/.gnupg |
11 | noblacklist ${HOME}/.cache/psi | 11 | nodeny ${HOME}/.cache/psi |
12 | noblacklist ${HOME}/.cache/Psi | 12 | nodeny ${HOME}/.cache/Psi |
13 | noblacklist ${HOME}/.config/psi | 13 | nodeny ${HOME}/.config/psi |
14 | noblacklist ${HOME}/.local/share/psi | 14 | nodeny ${HOME}/.local/share/psi |
15 | noblacklist ${HOME}/.local/share/Psi | 15 | nodeny ${HOME}/.local/share/Psi |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
@@ -32,16 +32,16 @@ mkdir ${HOME}/.local/share/psi | |||
32 | mkdir ${HOME}/.local/share/Psi | 32 | mkdir ${HOME}/.local/share/Psi |
33 | # Add the next line to your psi.local to enable GPG support. | 33 | # Add the next line to your psi.local to enable GPG support. |
34 | #whitelist ${HOME}/.gnupg | 34 | #whitelist ${HOME}/.gnupg |
35 | whitelist ${HOME}/.cache/psi | 35 | allow ${HOME}/.cache/psi |
36 | whitelist ${HOME}/.cache/Psi | 36 | allow ${HOME}/.cache/Psi |
37 | whitelist ${HOME}/.config/psi | 37 | allow ${HOME}/.config/psi |
38 | whitelist ${HOME}/.local/share/psi | 38 | allow ${HOME}/.local/share/psi |
39 | whitelist ${HOME}/.local/share/Psi | 39 | allow ${HOME}/.local/share/Psi |
40 | whitelist ${DOWNLOADS} | 40 | allow ${DOWNLOADS} |
41 | # Add the next lines to your psi.local to enable GPG support. | 41 | # Add the next lines to your psi.local to enable GPG support. |
42 | #whitelist /usr/share/gnupg | 42 | #whitelist /usr/share/gnupg |
43 | #whitelist /usr/share/gnupg2 | 43 | #whitelist /usr/share/gnupg2 |
44 | whitelist /usr/share/psi | 44 | allow /usr/share/psi |
45 | # Add the next lines to your psi.local to enable GPG support. | 45 | # Add the next lines to your psi.local to enable GPG support. |
46 | #whitelist ${RUNUSER}/gnupg | 46 | #whitelist ${RUNUSER}/gnupg |
47 | #whitelist ${RUNUSER}/keyring | 47 | #whitelist ${RUNUSER}/keyring |
diff --git a/etc/profile-m-z/pybitmessage.profile b/etc/profile-m-z/pybitmessage.profile index 60ae37930..1f0e83ab6 100644 --- a/etc/profile-m-z/pybitmessage.profile +++ b/etc/profile-m-z/pybitmessage.profile | |||
@@ -5,9 +5,9 @@ include pybitmessage.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist /sbin | 8 | nodeny /sbin |
9 | noblacklist /usr/local/sbin | 9 | nodeny /usr/local/sbin |
10 | noblacklist /usr/sbin | 10 | nodeny /usr/sbin |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/pycharm-community.profile b/etc/profile-m-z/pycharm-community.profile index 00d7239ae..b6c08290e 100644 --- a/etc/profile-m-z/pycharm-community.profile +++ b/etc/profile-m-z/pycharm-community.profile | |||
@@ -5,7 +5,7 @@ include pycharm-community.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.PyCharmCE* | 8 | nodeny ${HOME}/.PyCharmCE* |
9 | 9 | ||
10 | # Allow java (blacklisted by disable-devel.inc) | 10 | # Allow java (blacklisted by disable-devel.inc) |
11 | include allow-java.inc | 11 | include allow-java.inc |
diff --git a/etc/profile-m-z/pycharm-professional.profile b/etc/profile-m-z/pycharm-professional.profile index b754a18c9..fa0932cc0 100644 --- a/etc/profile-m-z/pycharm-professional.profile +++ b/etc/profile-m-z/pycharm-professional.profile | |||
@@ -6,7 +6,7 @@ include pyucharm-professional.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.PyCharm* | 9 | nodeny ${HOME}/.PyCharm* |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include pycharm-community.profile | 12 | include pycharm-community.profile |
diff --git a/etc/profile-m-z/qbittorrent.profile b/etc/profile-m-z/qbittorrent.profile index 506b738cc..fb8e622b0 100644 --- a/etc/profile-m-z/qbittorrent.profile +++ b/etc/profile-m-z/qbittorrent.profile | |||
@@ -6,10 +6,10 @@ include qbittorrent.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/qBittorrent | 9 | nodeny ${HOME}/.cache/qBittorrent |
10 | noblacklist ${HOME}/.config/qBittorrent | 10 | nodeny ${HOME}/.config/qBittorrent |
11 | noblacklist ${HOME}/.config/qBittorrentrc | 11 | nodeny ${HOME}/.config/qBittorrentrc |
12 | noblacklist ${HOME}/.local/share/data/qBittorrent | 12 | nodeny ${HOME}/.local/share/data/qBittorrent |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
@@ -27,11 +27,11 @@ mkdir ${HOME}/.cache/qBittorrent | |||
27 | mkdir ${HOME}/.config/qBittorrent | 27 | mkdir ${HOME}/.config/qBittorrent |
28 | mkfile ${HOME}/.config/qBittorrentrc | 28 | mkfile ${HOME}/.config/qBittorrentrc |
29 | mkdir ${HOME}/.local/share/data/qBittorrent | 29 | mkdir ${HOME}/.local/share/data/qBittorrent |
30 | whitelist ${DOWNLOADS} | 30 | allow ${DOWNLOADS} |
31 | whitelist ${HOME}/.cache/qBittorrent | 31 | allow ${HOME}/.cache/qBittorrent |
32 | whitelist ${HOME}/.config/qBittorrent | 32 | allow ${HOME}/.config/qBittorrent |
33 | whitelist ${HOME}/.config/qBittorrentrc | 33 | allow ${HOME}/.config/qBittorrentrc |
34 | whitelist ${HOME}/.local/share/data/qBittorrent | 34 | allow ${HOME}/.local/share/data/qBittorrent |
35 | include whitelist-common.inc | 35 | include whitelist-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | 37 | ||
diff --git a/etc/profile-m-z/qcomicbook.profile b/etc/profile-m-z/qcomicbook.profile index 0e52d7fc4..7bcc4b065 100644 --- a/etc/profile-m-z/qcomicbook.profile +++ b/etc/profile-m-z/qcomicbook.profile | |||
@@ -6,10 +6,10 @@ include qcomicbook.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/PawelStolowski | 9 | nodeny ${HOME}/.cache/PawelStolowski |
10 | noblacklist ${HOME}/.config/PawelStolowski | 10 | nodeny ${HOME}/.config/PawelStolowski |
11 | noblacklist ${HOME}/.local/share/PawelStolowski | 11 | nodeny ${HOME}/.local/share/PawelStolowski |
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 14 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
15 | include allow-bin-sh.inc | 15 | include allow-bin-sh.inc |
@@ -27,7 +27,7 @@ include disable-xdg.inc | |||
27 | mkdir ${HOME}/.cache/PawelStolowski | 27 | mkdir ${HOME}/.cache/PawelStolowski |
28 | mkdir ${HOME}/.config/PawelStolowski | 28 | mkdir ${HOME}/.config/PawelStolowski |
29 | mkdir ${HOME}/.local/share/PawelStolowski | 29 | mkdir ${HOME}/.local/share/PawelStolowski |
30 | whitelist /usr/share/qcomicbook | 30 | allow /usr/share/qcomicbook |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/qemu-launcher.profile b/etc/profile-m-z/qemu-launcher.profile index ac60384fd..d527a2b82 100644 --- a/etc/profile-m-z/qemu-launcher.profile +++ b/etc/profile-m-z/qemu-launcher.profile | |||
@@ -5,7 +5,7 @@ include qemu-launcher.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.qemu-launcher | 8 | nodeny ${HOME}/.qemu-launcher |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-passwdmgr.inc | 11 | include disable-passwdmgr.inc |
diff --git a/etc/profile-m-z/qgis.profile b/etc/profile-m-z/qgis.profile index 2e97daea2..e99140c22 100644 --- a/etc/profile-m-z/qgis.profile +++ b/etc/profile-m-z/qgis.profile | |||
@@ -6,10 +6,10 @@ include qgis.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/QGIS | 9 | nodeny ${HOME}/.config/QGIS |
10 | noblacklist ${HOME}/.local/share/QGIS | 10 | nodeny ${HOME}/.local/share/QGIS |
11 | noblacklist ${HOME}/.qgis2 | 11 | nodeny ${HOME}/.qgis2 |
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python3.inc | 15 | include allow-python3.inc |
@@ -25,10 +25,10 @@ include disable-xdg.inc | |||
25 | mkdir ${HOME}/.local/share/QGIS | 25 | mkdir ${HOME}/.local/share/QGIS |
26 | mkdir ${HOME}/.qgis2 | 26 | mkdir ${HOME}/.qgis2 |
27 | mkdir ${HOME}/.config/QGIS | 27 | mkdir ${HOME}/.config/QGIS |
28 | whitelist ${HOME}/.local/share/QGIS | 28 | allow ${HOME}/.local/share/QGIS |
29 | whitelist ${HOME}/.qgis2 | 29 | allow ${HOME}/.qgis2 |
30 | whitelist ${HOME}/.config/QGIS | 30 | allow ${HOME}/.config/QGIS |
31 | whitelist ${DOCUMENTS} | 31 | allow ${DOCUMENTS} |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-var-common.inc | 33 | include whitelist-var-common.inc |
34 | 34 | ||
diff --git a/etc/profile-m-z/qlipper.profile b/etc/profile-m-z/qlipper.profile index 6e94d5845..75dc58ae4 100644 --- a/etc/profile-m-z/qlipper.profile +++ b/etc/profile-m-z/qlipper.profile | |||
@@ -6,7 +6,7 @@ include qlipper.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Qlipper | 9 | nodeny ${HOME}/.config/Qlipper |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qmmp.profile b/etc/profile-m-z/qmmp.profile index c3d982c17..d37fce997 100644 --- a/etc/profile-m-z/qmmp.profile +++ b/etc/profile-m-z/qmmp.profile | |||
@@ -6,8 +6,8 @@ include qmmp.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.qmmp | 9 | nodeny ${HOME}/.qmmp |
10 | noblacklist ${MUSIC} | 10 | nodeny ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qnapi.profile b/etc/profile-m-z/qnapi.profile index ca11df5be..f12340052 100644 --- a/etc/profile-m-z/qnapi.profile +++ b/etc/profile-m-z/qnapi.profile | |||
@@ -6,7 +6,7 @@ include qnapi.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/qnapi.ini | 9 | nodeny ${HOME}/.config/qnapi.ini |
10 | 10 | ||
11 | ignore noexec /tmp | 11 | ignore noexec /tmp |
12 | 12 | ||
@@ -20,8 +20,8 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkfile ${HOME}/.config/qnapi.ini | 22 | mkfile ${HOME}/.config/qnapi.ini |
23 | whitelist ${HOME}/.config/qnapi.ini | 23 | allow ${HOME}/.config/qnapi.ini |
24 | whitelist ${DOWNLOADS} | 24 | allow ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/qpdfview.profile b/etc/profile-m-z/qpdfview.profile index be690ffa4..62fae324c 100644 --- a/etc/profile-m-z/qpdfview.profile +++ b/etc/profile-m-z/qpdfview.profile | |||
@@ -6,9 +6,9 @@ include qpdfview.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/qpdfview | 9 | nodeny ${HOME}/.config/qpdfview |
10 | noblacklist ${HOME}/.local/share/qpdfview | 10 | nodeny ${HOME}/.local/share/qpdfview |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qrencode.profile b/etc/profile-m-z/qrencode.profile index 6cbf8519f..5f0aec804 100644 --- a/etc/profile-m-z/qrencode.profile +++ b/etc/profile-m-z/qrencode.profile | |||
@@ -7,7 +7,7 @@ include qrencode.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | deny ${RUNUSER} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/qtox.profile b/etc/profile-m-z/qtox.profile index 8ffe24d11..1ad46814e 100644 --- a/etc/profile-m-z/qtox.profile +++ b/etc/profile-m-z/qtox.profile | |||
@@ -6,8 +6,8 @@ include qtox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/Tox | 9 | nodeny ${HOME}/.cache/Tox |
10 | noblacklist ${HOME}/.config/tox | 10 | nodeny ${HOME}/.config/tox |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/tox | 21 | mkdir ${HOME}/.config/tox |
22 | whitelist ${DOWNLOADS} | 22 | allow ${DOWNLOADS} |
23 | whitelist ${HOME}/.config/tox | 23 | allow ${HOME}/.config/tox |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/quadrapassel.profile b/etc/profile-m-z/quadrapassel.profile index 91e0d9d0d..aee24925c 100644 --- a/etc/profile-m-z/quadrapassel.profile +++ b/etc/profile-m-z/quadrapassel.profile | |||
@@ -6,11 +6,11 @@ include quadrapassel.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/quadrapassel | 9 | nodeny ${HOME}/.local/share/quadrapassel |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/quadrapassel | 11 | mkdir ${HOME}/.local/share/quadrapassel |
12 | whitelist ${HOME}/.local/share/quadrapassel | 12 | allow ${HOME}/.local/share/quadrapassel |
13 | whitelist /usr/share/quadrapassel | 13 | allow /usr/share/quadrapassel |
14 | 14 | ||
15 | private-bin quadrapassel | 15 | private-bin quadrapassel |
16 | 16 | ||
diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile index 1d146aa39..a319e1e12 100644 --- a/etc/profile-m-z/quaternion.profile +++ b/etc/profile-m-z/quaternion.profile | |||
@@ -6,8 +6,8 @@ include quaternion.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/Quotient/quaternion | 9 | nodeny ${HOME}/.cache/Quotient/quaternion |
10 | noblacklist ${HOME}/.config/Quotient | 10 | nodeny ${HOME}/.config/Quotient |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,10 +20,10 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.cache/Quotient/quaternion | 21 | mkdir ${HOME}/.cache/Quotient/quaternion |
22 | mkdir ${HOME}/.config/Quotient | 22 | mkdir ${HOME}/.config/Quotient |
23 | whitelist ${HOME}/.cache/Quotient/quaternion | 23 | allow ${HOME}/.cache/Quotient/quaternion |
24 | whitelist ${HOME}/.config/Quotient | 24 | allow ${HOME}/.config/Quotient |
25 | whitelist ${DOWNLOADS} | 25 | allow ${DOWNLOADS} |
26 | whitelist /usr/share/Quotient/quaternion | 26 | allow /usr/share/Quotient/quaternion |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/quiterss.profile b/etc/profile-m-z/quiterss.profile index 9490089b2..2693f2ed5 100644 --- a/etc/profile-m-z/quiterss.profile +++ b/etc/profile-m-z/quiterss.profile | |||
@@ -6,10 +6,10 @@ include quiterss.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/QuiteRss | 9 | nodeny ${HOME}/.cache/QuiteRss |
10 | noblacklist ${HOME}/.config/QuiteRss | 10 | nodeny ${HOME}/.config/QuiteRss |
11 | noblacklist ${HOME}/.config/QuiteRssrc | 11 | nodeny ${HOME}/.config/QuiteRssrc |
12 | noblacklist ${HOME}/.local/share/QuiteRss | 12 | nodeny ${HOME}/.local/share/QuiteRss |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -25,12 +25,12 @@ mkdir ${HOME}/.local/share/data | |||
25 | mkdir ${HOME}/.local/share/data/QuiteRss | 25 | mkdir ${HOME}/.local/share/data/QuiteRss |
26 | mkdir ${HOME}/.local/share/QuiteRss | 26 | mkdir ${HOME}/.local/share/QuiteRss |
27 | mkfile ${HOME}/quiterssfeeds.opml | 27 | mkfile ${HOME}/quiterssfeeds.opml |
28 | whitelist ${HOME}/.cache/QuiteRss | 28 | allow ${HOME}/.cache/QuiteRss |
29 | whitelist ${HOME}/.config/QuiteRss | 29 | allow ${HOME}/.config/QuiteRss |
30 | whitelist ${HOME}/.config/QuiteRssrc | 30 | allow ${HOME}/.config/QuiteRssrc |
31 | whitelist ${HOME}/.local/share/data/QuiteRss | 31 | allow ${HOME}/.local/share/data/QuiteRss |
32 | whitelist ${HOME}/.local/share/QuiteRss | 32 | allow ${HOME}/.local/share/QuiteRss |
33 | whitelist ${HOME}/quiterssfeeds.opml | 33 | allow ${HOME}/quiterssfeeds.opml |
34 | include whitelist-common.inc | 34 | include whitelist-common.inc |
35 | 35 | ||
36 | caps.drop all | 36 | caps.drop all |
diff --git a/etc/profile-m-z/quodlibet.profile b/etc/profile-m-z/quodlibet.profile index 92b02b2bf..52c120c08 100644 --- a/etc/profile-m-z/quodlibet.profile +++ b/etc/profile-m-z/quodlibet.profile | |||
@@ -6,10 +6,10 @@ include quodlibet.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/quodlibet | 9 | nodeny ${HOME}/.cache/quodlibet |
10 | noblacklist ${HOME}/.config/quodlibet | 10 | nodeny ${HOME}/.config/quodlibet |
11 | noblacklist ${HOME}/.quodlibet | 11 | nodeny ${HOME}/.quodlibet |
12 | noblacklist ${MUSIC} | 12 | nodeny ${MUSIC} |
13 | 13 | ||
14 | include allow-bin-sh.inc | 14 | include allow-bin-sh.inc |
15 | 15 | ||
@@ -30,11 +30,11 @@ mkdir ${HOME}/.cache/quodlibet | |||
30 | mkdir ${HOME}/.config/quodlibet | 30 | mkdir ${HOME}/.config/quodlibet |
31 | mkdir ${HOME}/.quodlibet | 31 | mkdir ${HOME}/.quodlibet |
32 | 32 | ||
33 | whitelist ${HOME}/.cache/quodlibet | 33 | allow ${HOME}/.cache/quodlibet |
34 | whitelist ${HOME}/.config/quodlibet | 34 | allow ${HOME}/.config/quodlibet |
35 | whitelist ${HOME}/.quodlibet | 35 | allow ${HOME}/.quodlibet |
36 | whitelist ${DOWNLOADS} | 36 | allow ${DOWNLOADS} |
37 | whitelist ${MUSIC} | 37 | allow ${MUSIC} |
38 | include whitelist-common.inc | 38 | include whitelist-common.inc |
39 | include whitelist-runuser-common.inc | 39 | include whitelist-runuser-common.inc |
40 | include whitelist-usr-share-common.inc | 40 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/qupzilla.profile b/etc/profile-m-z/qupzilla.profile index 7aa71c848..9bc91808b 100644 --- a/etc/profile-m-z/qupzilla.profile +++ b/etc/profile-m-z/qupzilla.profile | |||
@@ -6,8 +6,8 @@ include qupzilla.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/qupzilla | 9 | nodeny ${HOME}/.cache/qupzilla |
10 | noblacklist ${HOME}/.config/qupzilla | 10 | nodeny ${HOME}/.config/qupzilla |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-programs.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.cache/qupzilla | 19 | mkdir ${HOME}/.cache/qupzilla |
20 | mkdir ${HOME}/.config/qupzilla | 20 | mkdir ${HOME}/.config/qupzilla |
21 | whitelist ${HOME}/.cache/qupzilla | 21 | allow ${HOME}/.cache/qupzilla |
22 | whitelist ${HOME}/.config/qupzilla | 22 | allow ${HOME}/.config/qupzilla |
23 | 23 | ||
24 | # Redirect | 24 | # Redirect |
25 | include falkon.profile | 25 | include falkon.profile |
diff --git a/etc/profile-m-z/qutebrowser.profile b/etc/profile-m-z/qutebrowser.profile index fc910b589..a342e2acd 100644 --- a/etc/profile-m-z/qutebrowser.profile +++ b/etc/profile-m-z/qutebrowser.profile | |||
@@ -6,9 +6,9 @@ include qutebrowser.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/qutebrowser | 9 | nodeny ${HOME}/.cache/qutebrowser |
10 | noblacklist ${HOME}/.config/qutebrowser | 10 | nodeny ${HOME}/.config/qutebrowser |
11 | noblacklist ${HOME}/.local/share/qutebrowser | 11 | nodeny ${HOME}/.local/share/qutebrowser |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
@@ -22,10 +22,10 @@ include disable-programs.inc | |||
22 | mkdir ${HOME}/.cache/qutebrowser | 22 | mkdir ${HOME}/.cache/qutebrowser |
23 | mkdir ${HOME}/.config/qutebrowser | 23 | mkdir ${HOME}/.config/qutebrowser |
24 | mkdir ${HOME}/.local/share/qutebrowser | 24 | mkdir ${HOME}/.local/share/qutebrowser |
25 | whitelist ${DOWNLOADS} | 25 | allow ${DOWNLOADS} |
26 | whitelist ${HOME}/.cache/qutebrowser | 26 | allow ${HOME}/.cache/qutebrowser |
27 | whitelist ${HOME}/.config/qutebrowser | 27 | allow ${HOME}/.config/qutebrowser |
28 | whitelist ${HOME}/.local/share/qutebrowser | 28 | allow ${HOME}/.local/share/qutebrowser |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | 30 | ||
31 | caps.drop all | 31 | caps.drop all |
diff --git a/etc/profile-m-z/rambox.profile b/etc/profile-m-z/rambox.profile index ffa2022ee..b1059cee8 100644 --- a/etc/profile-m-z/rambox.profile +++ b/etc/profile-m-z/rambox.profile | |||
@@ -6,9 +6,9 @@ include rambox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Rambox | 9 | nodeny ${HOME}/.config/Rambox |
10 | noblacklist ${HOME}/.pki | 10 | nodeny ${HOME}/.pki |
11 | noblacklist ${HOME}/.local/share/pki | 11 | nodeny ${HOME}/.local/share/pki |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -18,10 +18,10 @@ include disable-programs.inc | |||
18 | mkdir ${HOME}/.config/Rambox | 18 | mkdir ${HOME}/.config/Rambox |
19 | mkdir ${HOME}/.pki | 19 | mkdir ${HOME}/.pki |
20 | mkdir ${HOME}/.local/share/pki | 20 | mkdir ${HOME}/.local/share/pki |
21 | whitelist ${DOWNLOADS} | 21 | allow ${DOWNLOADS} |
22 | whitelist ${HOME}/.config/Rambox | 22 | allow ${HOME}/.config/Rambox |
23 | whitelist ${HOME}/.pki | 23 | allow ${HOME}/.pki |
24 | whitelist ${HOME}/.local/share/pki | 24 | allow ${HOME}/.local/share/pki |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/redeclipse.profile b/etc/profile-m-z/redeclipse.profile index 9bc196a16..3b56f651f 100644 --- a/etc/profile-m-z/redeclipse.profile +++ b/etc/profile-m-z/redeclipse.profile | |||
@@ -6,7 +6,7 @@ include redeclipse.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.redeclipse | 9 | nodeny ${HOME}/.redeclipse |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.redeclipse | 19 | mkdir ${HOME}/.redeclipse |
20 | whitelist ${HOME}/.redeclipse | 20 | allow ${HOME}/.redeclipse |
21 | whitelist /usr/share/redeclipse | 21 | allow /usr/share/redeclipse |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | 23 | include whitelist-runuser-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/rednotebook.profile b/etc/profile-m-z/rednotebook.profile new file mode 100644 index 000000000..67281c518 --- /dev/null +++ b/etc/profile-m-z/rednotebook.profile | |||
@@ -0,0 +1,67 @@ | |||
1 | # Firejail profile for rednotebook | ||
2 | # Description: Daily journal with calendar, templates and keyword searching | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include rednotebook.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | nodeny ${HOME}/.cache/rednotebook | ||
10 | nodeny ${HOME}/.rednotebook | ||
11 | |||
12 | # Allow python (blacklisted by disable-interpreters.inc) | ||
13 | include allow-python3.inc | ||
14 | |||
15 | include disable-common.inc | ||
16 | include disable-devel.inc | ||
17 | include disable-exec.inc | ||
18 | include disable-interpreters.inc | ||
19 | include disable-passwdmgr.inc | ||
20 | include disable-programs.inc | ||
21 | include disable-shell.inc | ||
22 | |||
23 | mkdir ${HOME}/.cache/rednotebook | ||
24 | mkdir ${HOME}/.rednotebook | ||
25 | allow ${HOME}/.cache/rednotebook | ||
26 | allow ${HOME}/.rednotebook | ||
27 | allow ${DESKTOP} | ||
28 | allow ${DOCUMENTS} | ||
29 | allow ${DOWNLOADS} | ||
30 | allow ${MUSIC} | ||
31 | allow ${PICTURES} | ||
32 | allow ${VIDEOS} | ||
33 | allow /usr/libexec/webkit2gtk-4.0 | ||
34 | include whitelist-common.inc | ||
35 | include whitelist-runuser-common.inc | ||
36 | include whitelist-usr-share-common.inc | ||
37 | include whitelist-var-common.inc | ||
38 | |||
39 | apparmor | ||
40 | caps.drop all | ||
41 | machine-id | ||
42 | net none | ||
43 | no3d | ||
44 | nodvd | ||
45 | nogroups | ||
46 | noinput | ||
47 | nonewprivs | ||
48 | noroot | ||
49 | nosound | ||
50 | notv | ||
51 | nou2f | ||
52 | novideo | ||
53 | protocol unix | ||
54 | seccomp | ||
55 | seccomp.block-secondary | ||
56 | shell none | ||
57 | tracelog | ||
58 | |||
59 | disable-mnt | ||
60 | private-bin python3*,rednotebook | ||
61 | private-cache | ||
62 | private-dev | ||
63 | private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11 | ||
64 | private-tmp | ||
65 | |||
66 | dbus-user none | ||
67 | dbus-system none | ||
diff --git a/etc/profile-m-z/redshift.profile b/etc/profile-m-z/redshift.profile index f87c5f67c..3035e1d74 100644 --- a/etc/profile-m-z/redshift.profile +++ b/etc/profile-m-z/redshift.profile | |||
@@ -7,8 +7,8 @@ include redshift.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.config/redshift | 10 | nodeny ${HOME}/.config/redshift |
11 | noblacklist ${HOME}/.config/redshift.conf | 11 | nodeny ${HOME}/.config/redshift.conf |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-programs.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/redshift | 21 | mkdir ${HOME}/.config/redshift |
22 | whitelist ${HOME}/.config/redshift | 22 | allow ${HOME}/.config/redshift |
23 | whitelist ${HOME}/.config/redshift.conf | 23 | allow ${HOME}/.config/redshift.conf |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
26 | apparmor | 26 | apparmor |
diff --git a/etc/profile-m-z/regextester.profile b/etc/profile-m-z/regextester.profile index f5131c5d0..82feafab9 100644 --- a/etc/profile-m-z/regextester.profile +++ b/etc/profile-m-z/regextester.profile | |||
@@ -15,7 +15,7 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | whitelist /usr/share/com.github.artemanufrij.regextester | 18 | allow /usr/share/com.github.artemanufrij.regextester |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/remmina.profile b/etc/profile-m-z/remmina.profile index aca22f187..3f385f602 100644 --- a/etc/profile-m-z/remmina.profile +++ b/etc/profile-m-z/remmina.profile | |||
@@ -6,9 +6,9 @@ include remmina.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.remmina | 9 | nodeny ${HOME}/.remmina |
10 | noblacklist ${HOME}/.config/remmina | 10 | nodeny ${HOME}/.config/remmina |
11 | noblacklist ${HOME}/.local/share/remmina | 11 | nodeny ${HOME}/.local/share/remmina |
12 | 12 | ||
13 | # Allow ssh (blacklisted by disable-common.inc) | 13 | # Allow ssh (blacklisted by disable-common.inc) |
14 | include allow-ssh.inc | 14 | include allow-ssh.inc |
diff --git a/etc/profile-m-z/rhythmbox.profile b/etc/profile-m-z/rhythmbox.profile index 970e8ffba..c532d3dc1 100644 --- a/etc/profile-m-z/rhythmbox.profile +++ b/etc/profile-m-z/rhythmbox.profile | |||
@@ -6,9 +6,9 @@ include rhythmbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${MUSIC} | 9 | nodeny ${MUSIC} |
10 | noblacklist ${HOME}/.cache/rhythmbox | 10 | nodeny ${HOME}/.cache/rhythmbox |
11 | noblacklist ${HOME}/.local/share/rhythmbox | 11 | nodeny ${HOME}/.local/share/rhythmbox |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
@@ -26,10 +26,10 @@ include disable-programs.inc | |||
26 | include disable-shell.inc | 26 | include disable-shell.inc |
27 | include disable-xdg.inc | 27 | include disable-xdg.inc |
28 | 28 | ||
29 | whitelist /usr/share/rhythmbox | 29 | allow /usr/share/rhythmbox |
30 | whitelist /usr/share/lua | 30 | allow /usr/share/lua |
31 | whitelist /usr/share/libquvi-scripts | 31 | allow /usr/share/libquvi-scripts |
32 | whitelist /usr/share/tracker | 32 | allow /usr/share/tracker |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
35 | include whitelist-var-common.inc | 35 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/ricochet.profile b/etc/profile-m-z/ricochet.profile index b664a2be3..c3ee57ef3 100644 --- a/etc/profile-m-z/ricochet.profile +++ b/etc/profile-m-z/ricochet.profile | |||
@@ -5,7 +5,7 @@ include ricochet.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.local/share/Ricochet | 8 | nodeny ${HOME}/.local/share/Ricochet |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-programs.inc | |||
16 | include disable-shell.inc | 16 | include disable-shell.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.local/share/Ricochet | 18 | mkdir ${HOME}/.local/share/Ricochet |
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | whitelist ${HOME}/.local/share/Ricochet | 20 | allow ${HOME}/.local/share/Ricochet |
21 | include whitelist-common.inc | 21 | include whitelist-common.inc |
22 | 22 | ||
23 | caps.drop all | 23 | caps.drop all |
diff --git a/etc/profile-m-z/riot-web.profile b/etc/profile-m-z/riot-web.profile index 687c943b0..782396a50 100644 --- a/etc/profile-m-z/riot-web.profile +++ b/etc/profile-m-z/riot-web.profile | |||
@@ -8,11 +8,11 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec /tmp | 9 | ignore noexec /tmp |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/Riot | 11 | nodeny ${HOME}/.config/Riot |
12 | 12 | ||
13 | mkdir ${HOME}/.config/Riot | 13 | mkdir ${HOME}/.config/Riot |
14 | whitelist ${HOME}/.config/Riot | 14 | allow ${HOME}/.config/Riot |
15 | whitelist /usr/share/webapps/element | 15 | allow /usr/share/webapps/element |
16 | 16 | ||
17 | # Redirect | 17 | # Redirect |
18 | include electron.profile | 18 | include electron.profile |
diff --git a/etc/profile-m-z/ripperx.profile b/etc/profile-m-z/ripperx.profile index be815e714..c97ac8090 100644 --- a/etc/profile-m-z/ripperx.profile +++ b/etc/profile-m-z/ripperx.profile | |||
@@ -6,8 +6,8 @@ include ripperx.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.ripperXrc | 9 | nodeny ${HOME}/.ripperXrc |
10 | noblacklist ${MUSIC} | 10 | nodeny ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ristretto.profile b/etc/profile-m-z/ristretto.profile index 5572cab5a..109d2f8f1 100644 --- a/etc/profile-m-z/ristretto.profile +++ b/etc/profile-m-z/ristretto.profile | |||
@@ -6,9 +6,9 @@ include ristretto.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/ristretto | 9 | nodeny ${HOME}/.config/ristretto |
10 | noblacklist ${HOME}/.Steam | 10 | nodeny ${HOME}/.Steam |
11 | noblacklist ${HOME}/.steam | 11 | nodeny ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/rocketchat.profile b/etc/profile-m-z/rocketchat.profile index 8d3607c75..1a76c4211 100644 --- a/etc/profile-m-z/rocketchat.profile +++ b/etc/profile-m-z/rocketchat.profile | |||
@@ -21,10 +21,10 @@ ignore private-cache | |||
21 | ignore private-dev | 21 | ignore private-dev |
22 | ignore private-tmp | 22 | ignore private-tmp |
23 | 23 | ||
24 | noblacklist ${HOME}/.config/Rocket.Chat | 24 | nodeny ${HOME}/.config/Rocket.Chat |
25 | 25 | ||
26 | mkdir ${HOME}/.config/Rocket.Chat | 26 | mkdir ${HOME}/.config/Rocket.Chat |
27 | whitelist ${HOME}/.config/Rocket.Chat | 27 | allow ${HOME}/.config/Rocket.Chat |
28 | 28 | ||
29 | # Redirect | 29 | # Redirect |
30 | include electron.profile | 30 | include electron.profile |
diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index 690b44bb1..4807b7d36 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile | |||
@@ -11,8 +11,8 @@ include globals.local | |||
11 | # not as a daemon (rsync --daemon) nor to create backups. | 11 | # not as a daemon (rsync --daemon) nor to create backups. |
12 | # Usage: firejail --profile=rsync-download_only rsync | 12 | # Usage: firejail --profile=rsync-download_only rsync |
13 | 13 | ||
14 | blacklist /tmp/.X11-unix | 14 | deny /tmp/.X11-unix |
15 | blacklist ${RUNUSER} | 15 | deny ${RUNUSER} |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-m-z/rtv-addons.profile b/etc/profile-m-z/rtv-addons.profile index c9da0b628..6b7d6b155 100644 --- a/etc/profile-m-z/rtv-addons.profile +++ b/etc/profile-m-z/rtv-addons.profile | |||
@@ -11,13 +11,18 @@ ignore nosound | |||
11 | ignore private-bin | 11 | ignore private-bin |
12 | ignore dbus-user none | 12 | ignore dbus-user none |
13 | 13 | ||
14 | noblacklist ${HOME}/.config/mpv | 14 | nodeny ${HOME}/.config/mpv |
15 | noblacklist ${HOME}/.mailcap | 15 | nodeny ${HOME}/.mailcap |
16 | noblacklist ${HOME}/.netrc | 16 | nodeny ${HOME}/.netrc |
17 | noblacklist ${HOME}/.w3m | 17 | nodeny ${HOME}/.w3m |
18 | 18 | ||
19 | whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs | 19 | allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs |
20 | whitelist ${HOME}/.config/mpv | 20 | allow ${HOME}/.config/mpv |
21 | whitelist ${HOME}/.mailcap | 21 | allow ${HOME}/.mailcap |
22 | whitelist ${HOME}/.netrc | 22 | allow ${HOME}/.netrc |
23 | whitelist ${HOME}/.w3m | 23 | allow ${HOME}/.w3m |
24 | |||
25 | #private-bin w3m,mpv,youtube-dl | ||
26 | |||
27 | # tells rtv, which browser to use | ||
28 | #env RTV_BROWSER=w3m | ||
diff --git a/etc/profile-m-z/rtv.profile b/etc/profile-m-z/rtv.profile index f0b8d31e9..074050792 100644 --- a/etc/profile-m-z/rtv.profile +++ b/etc/profile-m-z/rtv.profile | |||
@@ -6,11 +6,14 @@ include rtv.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | 9 | deny /tmp/.X11-unix |
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | noblacklist ${HOME}/.config/rtv | 12 | nodeny ${HOME}/.config/rtv |
13 | noblacklist ${HOME}/.local/share/rtv | 13 | nodeny ${HOME}/.local/share/rtv |
14 | |||
15 | # Allow /bin/sh (blacklisted by disable-shell.inc) | ||
16 | include allow-bin-sh.inc | ||
14 | 17 | ||
15 | # Allow python (blacklisted by disable-interpreters.inc) | 18 | # Allow python (blacklisted by disable-interpreters.inc) |
16 | include allow-python2.inc | 19 | include allow-python2.inc |
@@ -30,8 +33,8 @@ include disable-xdg.inc | |||
30 | 33 | ||
31 | mkdir ${HOME}/.config/rtv | 34 | mkdir ${HOME}/.config/rtv |
32 | mkdir ${HOME}/.local/share/rtv | 35 | mkdir ${HOME}/.local/share/rtv |
33 | whitelist ${HOME}/.config/rtv | 36 | allow ${HOME}/.config/rtv |
34 | whitelist ${HOME}/.local/share/rtv | 37 | allow ${HOME}/.local/share/rtv |
35 | include whitelist-var-common.inc | 38 | include whitelist-var-common.inc |
36 | 39 | ||
37 | apparmor | 40 | apparmor |
@@ -54,10 +57,10 @@ shell none | |||
54 | tracelog | 57 | tracelog |
55 | 58 | ||
56 | disable-mnt | 59 | disable-mnt |
57 | private-bin python*,rtv,sh,xdg-settings | 60 | private-bin less,python*,rtv,sh,xdg-settings |
58 | private-cache | 61 | private-cache |
59 | private-dev | 62 | private-dev |
60 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl,terminfo,xdg | 63 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mailcap,mime.types,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl,terminfo,xdg |
61 | 64 | ||
62 | dbus-user none | 65 | dbus-user none |
63 | dbus-system none | 66 | dbus-system none |
diff --git a/etc/profile-m-z/sayonara.profile b/etc/profile-m-z/sayonara.profile index de79913cc..963f5da02 100644 --- a/etc/profile-m-z/sayonara.profile +++ b/etc/profile-m-z/sayonara.profile | |||
@@ -5,8 +5,8 @@ include sayonara.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.Sayonara | 8 | nodeny ${HOME}/.Sayonara |
9 | noblacklist ${MUSIC} | 9 | nodeny ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/scallion.profile b/etc/profile-m-z/scallion.profile index eb8468c3b..26550b5e0 100644 --- a/etc/profile-m-z/scallion.profile +++ b/etc/profile-m-z/scallion.profile | |||
@@ -6,10 +6,10 @@ include scallion.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${PATH}/llvm* | 9 | nodeny ${PATH}/llvm* |
10 | noblacklist ${PATH}/openssl | 10 | nodeny ${PATH}/openssl |
11 | noblacklist ${PATH}/openssl-1.0 | 11 | nodeny ${PATH}/openssl-1.0 |
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-exec.inc | 15 | include disable-exec.inc |
diff --git a/etc/profile-m-z/scorched3d.profile b/etc/profile-m-z/scorched3d.profile index b1989e474..921efb49e 100644 --- a/etc/profile-m-z/scorched3d.profile +++ b/etc/profile-m-z/scorched3d.profile | |||
@@ -6,7 +6,7 @@ include scorched3d.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.scorched3d | 9 | nodeny ${HOME}/.scorched3d |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.scorched3d | 19 | mkdir ${HOME}/.scorched3d |
20 | whitelist ${HOME}/.scorched3d | 20 | allow ${HOME}/.scorched3d |
21 | whitelist /usr/share/scorched3d | 21 | allow /usr/share/scorched3d |
22 | whitelist /usr/share/games/scorched3d | 22 | allow /usr/share/games/scorched3d |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/scorchwentbonkers.profile b/etc/profile-m-z/scorchwentbonkers.profile index 2cb1df6b5..54a6c3a01 100644 --- a/etc/profile-m-z/scorchwentbonkers.profile +++ b/etc/profile-m-z/scorchwentbonkers.profile | |||
@@ -6,7 +6,7 @@ include scorchwentbonkers.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.swb.ini | 9 | nodeny ${HOME}/.swb.ini |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.swb.ini | 20 | mkdir ${HOME}/.swb.ini |
21 | whitelist ${HOME}/.swb.ini | 21 | allow ${HOME}/.swb.ini |
22 | whitelist /usr/share/scorchwentbonkers | 22 | allow /usr/share/scorchwentbonkers |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/scribus.profile b/etc/profile-m-z/scribus.profile index 1fdeaa145..6519f8e87 100644 --- a/etc/profile-m-z/scribus.profile +++ b/etc/profile-m-z/scribus.profile | |||
@@ -7,24 +7,24 @@ include scribus.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Support for PDF readers comes with Scribus 1.5 and higher | 9 | # Support for PDF readers comes with Scribus 1.5 and higher |
10 | noblacklist ${HOME}/.cache/okular | 10 | nodeny ${HOME}/.cache/okular |
11 | noblacklist ${HOME}/.config/GIMP | 11 | nodeny ${HOME}/.config/GIMP |
12 | noblacklist ${HOME}/.config/okularpartrc | 12 | nodeny ${HOME}/.config/okularpartrc |
13 | noblacklist ${HOME}/.config/okularrc | 13 | nodeny ${HOME}/.config/okularrc |
14 | noblacklist ${HOME}/.config/scribus | 14 | nodeny ${HOME}/.config/scribus |
15 | noblacklist ${HOME}/.config/scribusrc | 15 | nodeny ${HOME}/.config/scribusrc |
16 | noblacklist ${HOME}/.gimp* | 16 | nodeny ${HOME}/.gimp* |
17 | noblacklist ${HOME}/.kde/share/apps/okular | 17 | nodeny ${HOME}/.kde/share/apps/okular |
18 | noblacklist ${HOME}/.kde/share/config/okularpartrc | 18 | nodeny ${HOME}/.kde/share/config/okularpartrc |
19 | noblacklist ${HOME}/.kde/share/config/okularrc | 19 | nodeny ${HOME}/.kde/share/config/okularrc |
20 | noblacklist ${HOME}/.kde4/share/apps/okular | 20 | nodeny ${HOME}/.kde4/share/apps/okular |
21 | noblacklist ${HOME}/.kde4/share/config/okularpartrc | 21 | nodeny ${HOME}/.kde4/share/config/okularpartrc |
22 | noblacklist ${HOME}/.kde4/share/config/okularrc | 22 | nodeny ${HOME}/.kde4/share/config/okularrc |
23 | noblacklist ${HOME}/.local/share/okular | 23 | nodeny ${HOME}/.local/share/okular |
24 | noblacklist ${HOME}/.local/share/scribus | 24 | nodeny ${HOME}/.local/share/scribus |
25 | noblacklist ${HOME}/.scribus | 25 | nodeny ${HOME}/.scribus |
26 | noblacklist ${DOCUMENTS} | 26 | nodeny ${DOCUMENTS} |
27 | noblacklist ${PICTURES} | 27 | nodeny ${PICTURES} |
28 | 28 | ||
29 | # Allow python (blacklisted by disable-interpreters.inc) | 29 | # Allow python (blacklisted by disable-interpreters.inc) |
30 | include allow-python2.inc | 30 | include allow-python2.inc |
diff --git a/etc/profile-m-z/seahorse-adventures.profile b/etc/profile-m-z/seahorse-adventures.profile index 7799ab7ed..95cedac3f 100644 --- a/etc/profile-m-z/seahorse-adventures.profile +++ b/etc/profile-m-z/seahorse-adventures.profile | |||
@@ -22,8 +22,8 @@ include disable-programs.inc | |||
22 | include disable-shell.inc | 22 | include disable-shell.inc |
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | whitelist /usr/share/seahorse-adventures | 25 | allow /usr/share/seahorse-adventures |
26 | whitelist /usr/share/games/seahorse-adventures | 26 | allow /usr/share/games/seahorse-adventures |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/seahorse.profile b/etc/profile-m-z/seahorse.profile index d3d8e453f..66605173b 100644 --- a/etc/profile-m-z/seahorse.profile +++ b/etc/profile-m-z/seahorse.profile | |||
@@ -6,9 +6,9 @@ include seahorse.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | 9 | deny /tmp/.X11-unix |
10 | 10 | ||
11 | noblacklist ${HOME}/.gnupg | 11 | nodeny ${HOME}/.gnupg |
12 | 12 | ||
13 | # Allow ssh (blacklisted by disable-common.inc) | 13 | # Allow ssh (blacklisted by disable-common.inc) |
14 | include allow-ssh.inc | 14 | include allow-ssh.inc |
@@ -27,13 +27,13 @@ include disable-xdg.inc | |||
27 | #mkdir ${HOME}/.ssh | 27 | #mkdir ${HOME}/.ssh |
28 | #whitelist ${HOME}/.gnupg | 28 | #whitelist ${HOME}/.gnupg |
29 | #whitelist ${HOME}/.ssh | 29 | #whitelist ${HOME}/.ssh |
30 | whitelist /tmp/ssh-* | 30 | allow /tmp/ssh-* |
31 | whitelist /usr/share/gnupg | 31 | allow /usr/share/gnupg |
32 | whitelist /usr/share/gnupg2 | 32 | allow /usr/share/gnupg2 |
33 | whitelist /usr/share/seahorse | 33 | allow /usr/share/seahorse |
34 | whitelist /usr/share/seahorse-nautilus | 34 | allow /usr/share/seahorse-nautilus |
35 | whitelist ${RUNUSER}/gnupg | 35 | allow ${RUNUSER}/gnupg |
36 | whitelist ${RUNUSER}/keyring | 36 | allow ${RUNUSER}/keyring |
37 | #include whitelist-common.inc | 37 | #include whitelist-common.inc |
38 | include whitelist-runuser-common.inc | 38 | include whitelist-runuser-common.inc |
39 | include whitelist-usr-share-common.inc | 39 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/seamonkey.profile b/etc/profile-m-z/seamonkey.profile index 807effbeb..c9867719a 100644 --- a/etc/profile-m-z/seamonkey.profile +++ b/etc/profile-m-z/seamonkey.profile | |||
@@ -6,10 +6,10 @@ include seamonkey.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/mozilla | 9 | nodeny ${HOME}/.cache/mozilla |
10 | noblacklist ${HOME}/.mozilla | 10 | nodeny ${HOME}/.mozilla |
11 | noblacklist ${HOME}/.pki | 11 | nodeny ${HOME}/.pki |
12 | noblacklist ${HOME}/.local/share/pki | 12 | nodeny ${HOME}/.local/share/pki |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -20,25 +20,25 @@ mkdir ${HOME}/.cache/mozilla | |||
20 | mkdir ${HOME}/.mozilla | 20 | mkdir ${HOME}/.mozilla |
21 | mkdir ${HOME}/.pki | 21 | mkdir ${HOME}/.pki |
22 | mkdir ${HOME}/.local/share/pki | 22 | mkdir ${HOME}/.local/share/pki |
23 | whitelist ${DOWNLOADS} | 23 | allow ${DOWNLOADS} |
24 | whitelist ${HOME}/.cache/gnome-mplayer/plugin | 24 | allow ${HOME}/.cache/gnome-mplayer/plugin |
25 | whitelist ${HOME}/.cache/mozilla | 25 | allow ${HOME}/.cache/mozilla |
26 | whitelist ${HOME}/.config/gnome-mplayer | 26 | allow ${HOME}/.config/gnome-mplayer |
27 | whitelist ${HOME}/.config/pipelight-silverlight5.1 | 27 | allow ${HOME}/.config/pipelight-silverlight5.1 |
28 | whitelist ${HOME}/.config/pipelight-widevine | 28 | allow ${HOME}/.config/pipelight-widevine |
29 | whitelist ${HOME}/.keysnail.js | 29 | allow ${HOME}/.keysnail.js |
30 | whitelist ${HOME}/.lastpass | 30 | allow ${HOME}/.lastpass |
31 | whitelist ${HOME}/.mozilla | 31 | allow ${HOME}/.mozilla |
32 | whitelist ${HOME}/.pentadactyl | 32 | allow ${HOME}/.pentadactyl |
33 | whitelist ${HOME}/.pentadactylrc | 33 | allow ${HOME}/.pentadactylrc |
34 | whitelist ${HOME}/.pki | 34 | allow ${HOME}/.pki |
35 | whitelist ${HOME}/.local/share/pki | 35 | allow ${HOME}/.local/share/pki |
36 | whitelist ${HOME}/.vimperator | 36 | allow ${HOME}/.vimperator |
37 | whitelist ${HOME}/.vimperatorrc | 37 | allow ${HOME}/.vimperatorrc |
38 | whitelist ${HOME}/.wine-pipelight | 38 | allow ${HOME}/.wine-pipelight |
39 | whitelist ${HOME}/.wine-pipelight64 | 39 | allow ${HOME}/.wine-pipelight64 |
40 | whitelist ${HOME}/.zotero | 40 | allow ${HOME}/.zotero |
41 | whitelist ${HOME}/dwhelper | 41 | allow ${HOME}/dwhelper |
42 | include whitelist-common.inc | 42 | include whitelist-common.inc |
43 | 43 | ||
44 | caps.drop all | 44 | caps.drop all |
diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile index 7d56684db..23f464637 100644 --- a/etc/profile-m-z/server.profile +++ b/etc/profile-m-z/server.profile | |||
@@ -32,12 +32,12 @@ include globals.local | |||
32 | # it allows /sbin and /usr/sbin directories - this is where servers are installed | 32 | # it allows /sbin and /usr/sbin directories - this is where servers are installed |
33 | # depending on your usage, you can enable some of the commands below: | 33 | # depending on your usage, you can enable some of the commands below: |
34 | 34 | ||
35 | noblacklist /sbin | 35 | nodeny /sbin |
36 | noblacklist /usr/sbin | 36 | nodeny /usr/sbin |
37 | # noblacklist /var/opt | 37 | # noblacklist /var/opt |
38 | 38 | ||
39 | blacklist /tmp/.X11-unix | 39 | deny /tmp/.X11-unix |
40 | blacklist ${RUNUSER}/wayland-* | 40 | deny ${RUNUSER}/wayland-* |
41 | 41 | ||
42 | include disable-common.inc | 42 | include disable-common.inc |
43 | # include disable-devel.inc | 43 | # include disable-devel.inc |
diff --git a/etc/profile-m-z/shellcheck.profile b/etc/profile-m-z/shellcheck.profile index b7f398f45..0cb9de45a 100644 --- a/etc/profile-m-z/shellcheck.profile +++ b/etc/profile-m-z/shellcheck.profile | |||
@@ -7,9 +7,9 @@ include shellcheck.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | deny ${RUNUSER} |
11 | 11 | ||
12 | noblacklist ${DOCUMENTS} | 12 | nodeny ${DOCUMENTS} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -19,7 +19,7 @@ include disable-passwdmgr.inc | |||
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | whitelist /usr/share/shellcheck | 22 | allow /usr/share/shellcheck |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
25 | 25 | ||
diff --git a/etc/profile-m-z/shortwave.profile b/etc/profile-m-z/shortwave.profile index d629240ec..a8e5f6b18 100644 --- a/etc/profile-m-z/shortwave.profile +++ b/etc/profile-m-z/shortwave.profile | |||
@@ -6,8 +6,8 @@ include shortwave.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/Shortwave | 9 | nodeny ${HOME}/.cache/Shortwave |
10 | noblacklist ${HOME}/.local/share/Shortwave | 10 | nodeny ${HOME}/.local/share/Shortwave |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/Shortwave | 20 | mkdir ${HOME}/.cache/Shortwave |
21 | mkdir ${HOME}/.local/share/Shortwave | 21 | mkdir ${HOME}/.local/share/Shortwave |
22 | whitelist ${HOME}/.cache/Shortwave | 22 | allow ${HOME}/.cache/Shortwave |
23 | whitelist ${HOME}/.local/share/Shortwave | 23 | allow ${HOME}/.local/share/Shortwave |
24 | whitelist /usr/share/shortwave | 24 | allow /usr/share/shortwave |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/shotcut.profile b/etc/profile-m-z/shotcut.profile index 63af4d367..1f3c39c46 100644 --- a/etc/profile-m-z/shotcut.profile +++ b/etc/profile-m-z/shotcut.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/Meltytech | 11 | nodeny ${HOME}/.config/Meltytech |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/shotwell.profile b/etc/profile-m-z/shotwell.profile index ddc8a7743..b653930c3 100644 --- a/etc/profile-m-z/shotwell.profile +++ b/etc/profile-m-z/shotwell.profile | |||
@@ -6,10 +6,10 @@ include shotwell.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/shotwell | 9 | nodeny ${HOME}/.cache/shotwell |
10 | noblacklist ${HOME}/.local/share/shotwell | 10 | nodeny ${HOME}/.local/share/shotwell |
11 | 11 | ||
12 | noblacklist ${PICTURES} | 12 | nodeny ${PICTURES} |
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
15 | include disable-exec.inc | 15 | include disable-exec.inc |
@@ -21,9 +21,9 @@ include disable-xdg.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.cache/shotwell | 22 | mkdir ${HOME}/.cache/shotwell |
23 | mkdir ${HOME}/.local/share/shotwell | 23 | mkdir ${HOME}/.local/share/shotwell |
24 | whitelist ${HOME}/.cache/shotwell | 24 | allow ${HOME}/.cache/shotwell |
25 | whitelist ${HOME}/.local/share/shotwell | 25 | allow ${HOME}/.local/share/shotwell |
26 | whitelist ${PICTURES} | 26 | allow ${PICTURES} |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/signal-cli.profile b/etc/profile-m-z/signal-cli.profile index 478377344..8a46899f1 100644 --- a/etc/profile-m-z/signal-cli.profile +++ b/etc/profile-m-z/signal-cli.profile | |||
@@ -6,10 +6,10 @@ include signal-cli.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | 9 | deny /tmp/.X11-unix |
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | noblacklist ${HOME}/.local/share/signal-cli | 12 | nodeny ${HOME}/.local/share/signal-cli |
13 | 13 | ||
14 | include allow-java.inc | 14 | include allow-java.inc |
15 | 15 | ||
@@ -22,7 +22,7 @@ include disable-programs.inc | |||
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | mkdir ${HOME}/.local/share/signal-cli | 24 | mkdir ${HOME}/.local/share/signal-cli |
25 | whitelist ${HOME}/.local/share/signal-cli | 25 | allow ${HOME}/.local/share/signal-cli |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/signal-desktop.profile b/etc/profile-m-z/signal-desktop.profile index 77a7f5b38..a12080748 100644 --- a/etc/profile-m-z/signal-desktop.profile +++ b/etc/profile-m-z/signal-desktop.profile | |||
@@ -9,15 +9,15 @@ ignore novideo | |||
9 | 9 | ||
10 | ignore noexec /tmp | 10 | ignore noexec /tmp |
11 | 11 | ||
12 | noblacklist ${HOME}/.config/Signal | 12 | nodeny ${HOME}/.config/Signal |
13 | 13 | ||
14 | # These lines are needed to allow Firefox to open links | 14 | # These lines are needed to allow Firefox to open links |
15 | noblacklist ${HOME}/.mozilla | 15 | nodeny ${HOME}/.mozilla |
16 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | 16 | allow ${HOME}/.mozilla/firefox/profiles.ini |
17 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 17 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
18 | 18 | ||
19 | mkdir ${HOME}/.config/Signal | 19 | mkdir ${HOME}/.config/Signal |
20 | whitelist ${HOME}/.config/Signal | 20 | allow ${HOME}/.config/Signal |
21 | 21 | ||
22 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 22 | private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl |
23 | 23 | ||
diff --git a/etc/profile-m-z/simple-scan.profile b/etc/profile-m-z/simple-scan.profile index 17920677b..589a44ffc 100644 --- a/etc/profile-m-z/simple-scan.profile +++ b/etc/profile-m-z/simple-scan.profile | |||
@@ -6,8 +6,8 @@ include simple-scan.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/simple-scan | 9 | nodeny ${HOME}/.cache/simple-scan |
10 | noblacklist ${DOCUMENTS} | 10 | nodeny ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -16,8 +16,8 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | whitelist /usr/share/hplip | 19 | allow /usr/share/hplip |
20 | whitelist /usr/share/simple-scan | 20 | allow /usr/share/simple-scan |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/simplescreenrecorder.profile b/etc/profile-m-z/simplescreenrecorder.profile index d664f8bf5..83f833508 100644 --- a/etc/profile-m-z/simplescreenrecorder.profile +++ b/etc/profile-m-z/simplescreenrecorder.profile | |||
@@ -6,8 +6,8 @@ include simplescreenrecorder.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${VIDEOS} | 9 | nodeny ${VIDEOS} |
10 | noblacklist ${HOME}/.ssr | 10 | nodeny ${HOME}/.ssr |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /usr/share/simplescreenrecorder | 20 | allow /usr/share/simplescreenrecorder |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/simutrans.profile b/etc/profile-m-z/simutrans.profile index afaa0f6d8..1d7f41579 100644 --- a/etc/profile-m-z/simutrans.profile +++ b/etc/profile-m-z/simutrans.profile | |||
@@ -6,7 +6,7 @@ include simutrans.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.simutrans | 9 | nodeny ${HOME}/.simutrans |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -16,7 +16,7 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | mkdir ${HOME}/.simutrans | 18 | mkdir ${HOME}/.simutrans |
19 | whitelist ${HOME}/.simutrans | 19 | allow ${HOME}/.simutrans |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
22 | 22 | ||
diff --git a/etc/profile-m-z/skanlite.profile b/etc/profile-m-z/skanlite.profile index 093a61398..98ed624f9 100644 --- a/etc/profile-m-z/skanlite.profile +++ b/etc/profile-m-z/skanlite.profile | |||
@@ -6,7 +6,7 @@ include skanlite.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/skypeforlinux.profile b/etc/profile-m-z/skypeforlinux.profile index ed04eda8e..e7f70eebe 100644 --- a/etc/profile-m-z/skypeforlinux.profile +++ b/etc/profile-m-z/skypeforlinux.profile | |||
@@ -21,7 +21,7 @@ ignore dbus-system none | |||
21 | ignore apparmor | 21 | ignore apparmor |
22 | ignore noexec /tmp | 22 | ignore noexec /tmp |
23 | 23 | ||
24 | noblacklist ${HOME}/.config/skypeforlinux | 24 | nodeny ${HOME}/.config/skypeforlinux |
25 | 25 | ||
26 | # private-dev - needs /dev/disk | 26 | # private-dev - needs /dev/disk |
27 | 27 | ||
diff --git a/etc/profile-m-z/slack.profile b/etc/profile-m-z/slack.profile index 51f6c8b00..b8299add3 100644 --- a/etc/profile-m-z/slack.profile +++ b/etc/profile-m-z/slack.profile | |||
@@ -16,14 +16,14 @@ ignore private-tmp | |||
16 | ignore dbus-user none | 16 | ignore dbus-user none |
17 | ignore dbus-system none | 17 | ignore dbus-system none |
18 | 18 | ||
19 | noblacklist ${HOME}/.config/Slack | 19 | nodeny ${HOME}/.config/Slack |
20 | 20 | ||
21 | include allow-bin-sh.inc | 21 | include allow-bin-sh.inc |
22 | 22 | ||
23 | include disable-shell.inc | 23 | include disable-shell.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.config/Slack | 25 | mkdir ${HOME}/.config/Slack |
26 | whitelist ${HOME}/.config/Slack | 26 | allow ${HOME}/.config/Slack |
27 | 27 | ||
28 | private-bin electron,electron[0-9],electron[0-9][0-9],locale,sh,slack | 28 | private-bin electron,electron[0-9],electron[0-9][0-9],locale,sh,slack |
29 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,debian_version,fedora-release,fonts,group,ld.so.cache,ld.so.conf,localtime,machine-id,os-release,passwd,pki,pulse,redhat-release,resolv.conf,ssl,system-release,system-release-cpe | 29 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,debian_version,fedora-release,fonts,group,ld.so.cache,ld.so.conf,localtime,machine-id,os-release,passwd,pki,pulse,redhat-release,resolv.conf,ssl,system-release,system-release-cpe |
diff --git a/etc/profile-m-z/slashem.profile b/etc/profile-m-z/slashem.profile index c5a31c237..36a0044dc 100644 --- a/etc/profile-m-z/slashem.profile +++ b/etc/profile-m-z/slashem.profile | |||
@@ -6,7 +6,7 @@ include slashem.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /var/games/slashem | 9 | nodeny /var/games/slashem |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -15,7 +15,7 @@ include disable-interpreters.inc | |||
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | 17 | ||
18 | whitelist /var/games/slashem | 18 | allow /var/games/slashem |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-var-common.inc | 20 | include whitelist-var-common.inc |
21 | 21 | ||
diff --git a/etc/profile-m-z/smplayer.profile b/etc/profile-m-z/smplayer.profile index 01547e5c1..4e4334dc0 100644 --- a/etc/profile-m-z/smplayer.profile +++ b/etc/profile-m-z/smplayer.profile | |||
@@ -6,9 +6,9 @@ include smplayer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/smplayer | 9 | nodeny ${HOME}/.config/smplayer |
10 | noblacklist ${HOME}/.config/youtube-dl | 10 | nodeny ${HOME}/.config/youtube-dl |
11 | noblacklist ${HOME}/.mplayer | 11 | nodeny ${HOME}/.mplayer |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | 13 | # Allow lua (blacklisted by disable-interpreters.inc) |
14 | include allow-lua.inc | 14 | include allow-lua.inc |
@@ -17,8 +17,8 @@ include allow-lua.inc | |||
17 | include allow-python2.inc | 17 | include allow-python2.inc |
18 | include allow-python3.inc | 18 | include allow-python3.inc |
19 | 19 | ||
20 | noblacklist ${MUSIC} | 20 | nodeny ${MUSIC} |
21 | noblacklist ${VIDEOS} | 21 | nodeny ${VIDEOS} |
22 | 22 | ||
23 | include disable-common.inc | 23 | include disable-common.inc |
24 | include disable-devel.inc | 24 | include disable-devel.inc |
@@ -29,9 +29,9 @@ include disable-programs.inc | |||
29 | include disable-shell.inc | 29 | include disable-shell.inc |
30 | include disable-xdg.inc | 30 | include disable-xdg.inc |
31 | 31 | ||
32 | whitelist /usr/share/lua* | 32 | allow /usr/share/lua* |
33 | whitelist /usr/share/smplayer | 33 | allow /usr/share/smplayer |
34 | whitelist /usr/share/vulkan | 34 | allow /usr/share/vulkan |
35 | include whitelist-usr-share-common.inc | 35 | include whitelist-usr-share-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | 37 | ||
diff --git a/etc/profile-m-z/smtube.profile b/etc/profile-m-z/smtube.profile index 196950eaf..99d02ffdf 100644 --- a/etc/profile-m-z/smtube.profile +++ b/etc/profile-m-z/smtube.profile | |||
@@ -6,14 +6,14 @@ include smtube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/smplayer | 9 | nodeny ${HOME}/.config/smplayer |
10 | noblacklist ${HOME}/.config/smtube | 10 | nodeny ${HOME}/.config/smtube |
11 | noblacklist ${HOME}/.config/mpv | 11 | nodeny ${HOME}/.config/mpv |
12 | noblacklist ${HOME}/.mplayer | 12 | nodeny ${HOME}/.mplayer |
13 | noblacklist ${HOME}/.config/vlc | 13 | nodeny ${HOME}/.config/vlc |
14 | noblacklist ${HOME}/.local/share/vlc | 14 | nodeny ${HOME}/.local/share/vlc |
15 | noblacklist ${MUSIC} | 15 | nodeny ${MUSIC} |
16 | noblacklist ${VIDEOS} | 16 | nodeny ${VIDEOS} |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -23,8 +23,8 @@ include disable-passwdmgr.inc | |||
23 | include disable-programs.inc | 23 | include disable-programs.inc |
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | whitelist /usr/share/smplayer | 26 | allow /usr/share/smplayer |
27 | whitelist /usr/share/smtube | 27 | allow /usr/share/smtube |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
30 | 30 | ||
diff --git a/etc/profile-m-z/smuxi-frontend-gnome.profile b/etc/profile-m-z/smuxi-frontend-gnome.profile index c3a9bb858..3a79890cc 100644 --- a/etc/profile-m-z/smuxi-frontend-gnome.profile +++ b/etc/profile-m-z/smuxi-frontend-gnome.profile | |||
@@ -6,9 +6,9 @@ include smuxi-frontend-gnome.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/smuxi | 9 | nodeny ${HOME}/.cache/smuxi |
10 | noblacklist ${HOME}/.config/smuxi | 10 | nodeny ${HOME}/.config/smuxi |
11 | noblacklist ${HOME}/.local/share/smuxi | 11 | nodeny ${HOME}/.local/share/smuxi |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -21,10 +21,10 @@ include disable-xdg.inc | |||
21 | mkdir ${HOME}/.cache/smuxi | 21 | mkdir ${HOME}/.cache/smuxi |
22 | mkdir ${HOME}/.config/smuxi | 22 | mkdir ${HOME}/.config/smuxi |
23 | mkdir ${HOME}/.local/share/smuxi | 23 | mkdir ${HOME}/.local/share/smuxi |
24 | whitelist ${HOME}/.cache/smuxi | 24 | allow ${HOME}/.cache/smuxi |
25 | whitelist ${HOME}/.config/smuxi | 25 | allow ${HOME}/.config/smuxi |
26 | whitelist ${HOME}/.local/share/smuxi | 26 | allow ${HOME}/.local/share/smuxi |
27 | whitelist ${DOWNLOADS} | 27 | allow ${DOWNLOADS} |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/snox.profile b/etc/profile-m-z/snox.profile index 83493652c..1d315404e 100644 --- a/etc/profile-m-z/snox.profile +++ b/etc/profile-m-z/snox.profile | |||
@@ -10,15 +10,15 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | noblacklist ${HOME}/.cache/snox | 13 | nodeny ${HOME}/.cache/snox |
14 | noblacklist ${HOME}/.config/snox | 14 | nodeny ${HOME}/.config/snox |
15 | 15 | ||
16 | #mkdir ${HOME}/.cache/dnox | 16 | #mkdir ${HOME}/.cache/dnox |
17 | #mkdir ${HOME}/.config/dnox | 17 | #mkdir ${HOME}/.config/dnox |
18 | mkdir ${HOME}/.cache/snox | 18 | mkdir ${HOME}/.cache/snox |
19 | mkdir ${HOME}/.config/snox | 19 | mkdir ${HOME}/.config/snox |
20 | whitelist ${HOME}/.cache/snox | 20 | allow ${HOME}/.cache/snox |
21 | whitelist ${HOME}/.config/snox | 21 | allow ${HOME}/.config/snox |
22 | 22 | ||
23 | # Redirect | 23 | # Redirect |
24 | include chromium-common.profile | 24 | include chromium-common.profile |
diff --git a/etc/profile-m-z/softmaker-common.profile b/etc/profile-m-z/softmaker-common.profile index 83315231f..bd4991e81 100644 --- a/etc/profile-m-z/softmaker-common.profile +++ b/etc/profile-m-z/softmaker-common.profile | |||
@@ -10,7 +10,7 @@ include softmaker-common.local | |||
10 | # with an absolute Exec line. These files are NOT handelt by firecfg, | 10 | # with an absolute Exec line. These files are NOT handelt by firecfg, |
11 | # therefore you must manualy copy them in you home and remove '/usr/bin/'. | 11 | # therefore you must manualy copy them in you home and remove '/usr/bin/'. |
12 | 12 | ||
13 | noblacklist ${HOME}/SoftMaker | 13 | nodeny ${HOME}/SoftMaker |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-interpreters.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist /usr/share/office2018 | 22 | allow /usr/share/office2018 |
23 | whitelist /usr/share/freeoffice2018 | 23 | allow /usr/share/freeoffice2018 |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/sound-juicer.profile b/etc/profile-m-z/sound-juicer.profile index ef00fdfff..16ee39e09 100644 --- a/etc/profile-m-z/sound-juicer.profile +++ b/etc/profile-m-z/sound-juicer.profile | |||
@@ -6,8 +6,8 @@ include sound-juicer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/sound-juicer | 9 | nodeny ${HOME}/.config/sound-juicer |
10 | noblacklist ${MUSIC} | 10 | nodeny ${MUSIC} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/soundconverter.profile b/etc/profile-m-z/soundconverter.profile index 4dbf34100..46da7a453 100644 --- a/etc/profile-m-z/soundconverter.profile +++ b/etc/profile-m-z/soundconverter.profile | |||
@@ -10,7 +10,7 @@ include globals.local | |||
10 | include allow-python2.inc | 10 | include allow-python2.inc |
11 | include allow-python3.inc | 11 | include allow-python3.inc |
12 | 12 | ||
13 | noblacklist ${MUSIC} | 13 | nodeny ${MUSIC} |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | whitelist ${DOWNLOADS} | 23 | allow ${DOWNLOADS} |
24 | whitelist ${MUSIC} | 24 | allow ${MUSIC} |
25 | whitelist /usr/share/soundconverter | 25 | allow /usr/share/soundconverter |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/spectacle.profile b/etc/profile-m-z/spectacle.profile index 4468f21e7..08adb5861 100644 --- a/etc/profile-m-z/spectacle.profile +++ b/etc/profile-m-z/spectacle.profile | |||
@@ -12,8 +12,8 @@ include globals.local | |||
12 | #private-etc ca-certificates,crypto-policies,pki,resolv.conf,ssl | 12 | #private-etc ca-certificates,crypto-policies,pki,resolv.conf,ssl |
13 | #protocol unix,inet,inet6 | 13 | #protocol unix,inet,inet6 |
14 | 14 | ||
15 | noblacklist ${HOME}/.config/spectaclerc | 15 | nodeny ${HOME}/.config/spectaclerc |
16 | noblacklist ${PICTURES} | 16 | nodeny ${PICTURES} |
17 | 17 | ||
18 | include disable-common.inc | 18 | include disable-common.inc |
19 | include disable-devel.inc | 19 | include disable-devel.inc |
@@ -24,10 +24,10 @@ include disable-programs.inc | |||
24 | include disable-xdg.inc | 24 | include disable-xdg.inc |
25 | 25 | ||
26 | mkfile ${HOME}/.config/spectaclerc | 26 | mkfile ${HOME}/.config/spectaclerc |
27 | whitelist ${HOME}/.config/spectaclerc | 27 | allow ${HOME}/.config/spectaclerc |
28 | whitelist ${PICTURES} | 28 | allow ${PICTURES} |
29 | whitelist /usr/share/kconf_update/spectacle_newConfig.upd | 29 | allow /usr/share/kconf_update/spectacle_newConfig.upd |
30 | whitelist /usr/share/kconf_update/spectacle_shortcuts.upd | 30 | allow /usr/share/kconf_update/spectacle_shortcuts.upd |
31 | include whitelist-common.inc | 31 | include whitelist-common.inc |
32 | include whitelist-runuser-common.inc | 32 | include whitelist-runuser-common.inc |
33 | include whitelist-usr-share-common.inc | 33 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile index 283674517..4c1b2d3e1 100644 --- a/etc/profile-m-z/spectral.profile +++ b/etc/profile-m-z/spectral.profile | |||
@@ -6,8 +6,8 @@ include spectral.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/ENCOM/Spectral | 9 | nodeny ${HOME}/.cache/ENCOM/Spectral |
10 | noblacklist ${HOME}/.config/ENCOM | 10 | nodeny ${HOME}/.config/ENCOM |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -20,9 +20,9 @@ include disable-xdg.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.cache/ENCOM/Spectral | 21 | mkdir ${HOME}/.cache/ENCOM/Spectral |
22 | mkdir ${HOME}/.config/ENCOM | 22 | mkdir ${HOME}/.config/ENCOM |
23 | whitelist ${HOME}/.cache/ENCOM/Spectral | 23 | allow ${HOME}/.cache/ENCOM/Spectral |
24 | whitelist ${HOME}/.config/ENCOM | 24 | allow ${HOME}/.config/ENCOM |
25 | whitelist ${DOWNLOADS} | 25 | allow ${DOWNLOADS} |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/spectre-meltdown-checker.profile b/etc/profile-m-z/spectre-meltdown-checker.profile index 984461f90..3a3fd838d 100644 --- a/etc/profile-m-z/spectre-meltdown-checker.profile +++ b/etc/profile-m-z/spectre-meltdown-checker.profile | |||
@@ -6,10 +6,10 @@ include spectre-meltdown-checker.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | 9 | deny ${RUNUSER}/wayland-* |
10 | 10 | ||
11 | noblacklist ${PATH}/mount | 11 | nodeny ${PATH}/mount |
12 | noblacklist ${PATH}/umount | 12 | nodeny ${PATH}/umount |
13 | 13 | ||
14 | # Allow perl (blacklisted by disable-interpreters.inc) | 14 | # Allow perl (blacklisted by disable-interpreters.inc) |
15 | include allow-perl.inc | 15 | include allow-perl.inc |
diff --git a/etc/profile-m-z/spotify.profile b/etc/profile-m-z/spotify.profile index 01bc2bc05..e1c830268 100644 --- a/etc/profile-m-z/spotify.profile +++ b/etc/profile-m-z/spotify.profile | |||
@@ -5,11 +5,11 @@ include spotify.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/spotify | 8 | nodeny ${HOME}/.cache/spotify |
9 | noblacklist ${HOME}/.config/spotify | 9 | nodeny ${HOME}/.config/spotify |
10 | noblacklist ${HOME}/.local/share/spotify | 10 | nodeny ${HOME}/.local/share/spotify |
11 | 11 | ||
12 | blacklist ${HOME}/.bashrc | 12 | deny ${HOME}/.bashrc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -21,9 +21,9 @@ include disable-programs.inc | |||
21 | mkdir ${HOME}/.cache/spotify | 21 | mkdir ${HOME}/.cache/spotify |
22 | mkdir ${HOME}/.config/spotify | 22 | mkdir ${HOME}/.config/spotify |
23 | mkdir ${HOME}/.local/share/spotify | 23 | mkdir ${HOME}/.local/share/spotify |
24 | whitelist ${HOME}/.cache/spotify | 24 | allow ${HOME}/.cache/spotify |
25 | whitelist ${HOME}/.config/spotify | 25 | allow ${HOME}/.config/spotify |
26 | whitelist ${HOME}/.local/share/spotify | 26 | allow ${HOME}/.local/share/spotify |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
29 | 29 | ||
diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index 4dd2c7262..aa577b63a 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile | |||
@@ -6,8 +6,8 @@ include sqlitebrowser.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/sqlitebrowser | 9 | nodeny ${HOME}/.config/sqlitebrowser |
10 | noblacklist ${DOCUMENTS} | 10 | nodeny ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile index 5802299a3..e456ebe07 100644 --- a/etc/profile-m-z/ssh-agent.profile +++ b/etc/profile-m-z/ssh-agent.profile | |||
@@ -9,8 +9,8 @@ include globals.local | |||
9 | # Allow ssh (blacklisted by disable-common.inc) | 9 | # Allow ssh (blacklisted by disable-common.inc) |
10 | include allow-ssh.inc | 10 | include allow-ssh.inc |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | 12 | deny /tmp/.X11-unix |
13 | blacklist ${RUNUSER}/wayland-* | 13 | deny ${RUNUSER}/wayland-* |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index a58642192..8a0d86150 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -8,8 +8,8 @@ include ssh.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | # nc can be used as ProxyCommand, e.g. when using tor | 10 | # nc can be used as ProxyCommand, e.g. when using tor |
11 | noblacklist ${PATH}/nc | 11 | nodeny ${PATH}/nc |
12 | noblacklist ${PATH}/ncat | 12 | nodeny ${PATH}/ncat |
13 | 13 | ||
14 | # Allow ssh (blacklisted by disable-common.inc) | 14 | # Allow ssh (blacklisted by disable-common.inc) |
15 | include allow-ssh.inc | 15 | include allow-ssh.inc |
@@ -19,8 +19,8 @@ include disable-exec.inc | |||
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
20 | include disable-programs.inc | 20 | include disable-programs.inc |
21 | 21 | ||
22 | whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh | 22 | allow ${RUNUSER}/gnupg/S.gpg-agent.ssh |
23 | whitelist ${RUNUSER}/keyring/ssh | 23 | allow ${RUNUSER}/keyring/ssh |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/standardnotes-desktop.profile b/etc/profile-m-z/standardnotes-desktop.profile index 48a532876..75de118ab 100644 --- a/etc/profile-m-z/standardnotes-desktop.profile +++ b/etc/profile-m-z/standardnotes-desktop.profile | |||
@@ -5,8 +5,8 @@ include standardnotes-desktop.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/Standard Notes Backups | 8 | nodeny ${HOME}/Standard Notes Backups |
9 | noblacklist ${HOME}/.config/Standard Notes | 9 | nodeny ${HOME}/.config/Standard Notes |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | mkdir ${HOME}/Standard Notes Backups | 18 | mkdir ${HOME}/Standard Notes Backups |
19 | mkdir ${HOME}/.config/Standard Notes | 19 | mkdir ${HOME}/.config/Standard Notes |
20 | whitelist ${HOME}/Standard Notes Backups | 20 | allow ${HOME}/Standard Notes Backups |
21 | whitelist ${HOME}/.config/Standard Notes | 21 | allow ${HOME}/.config/Standard Notes |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
24 | apparmor | 24 | apparmor |
diff --git a/etc/profile-m-z/start-tor-browser.desktop.profile b/etc/profile-m-z/start-tor-browser.desktop.profile index 2f73c9fee..8f75365e8 100644 --- a/etc/profile-m-z/start-tor-browser.desktop.profile +++ b/etc/profile-m-z/start-tor-browser.desktop.profile | |||
@@ -6,71 +6,71 @@ include start-tor-browser.desktop.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser* | 9 | nodeny ${HOME}/.tor-browser* |
10 | 10 | ||
11 | whitelist ${HOME}/.tor-browser-ar | 11 | allow ${HOME}/.tor-browser-ar |
12 | whitelist ${HOME}/.tor-browser-ca | 12 | allow ${HOME}/.tor-browser-ca |
13 | whitelist ${HOME}/.tor-browser-cs | 13 | allow ${HOME}/.tor-browser-cs |
14 | whitelist ${HOME}/.tor-browser-da | 14 | allow ${HOME}/.tor-browser-da |
15 | whitelist ${HOME}/.tor-browser-de | 15 | allow ${HOME}/.tor-browser-de |
16 | whitelist ${HOME}/.tor-browser-el | 16 | allow ${HOME}/.tor-browser-el |
17 | whitelist ${HOME}/.tor-browser-en | 17 | allow ${HOME}/.tor-browser-en |
18 | whitelist ${HOME}/.tor-browser-en-us | 18 | allow ${HOME}/.tor-browser-en-us |
19 | whitelist ${HOME}/.tor-browser-es | 19 | allow ${HOME}/.tor-browser-es |
20 | whitelist ${HOME}/.tor-browser-es-es | 20 | allow ${HOME}/.tor-browser-es-es |
21 | whitelist ${HOME}/.tor-browser-fa | 21 | allow ${HOME}/.tor-browser-fa |
22 | whitelist ${HOME}/.tor-browser-fr | 22 | allow ${HOME}/.tor-browser-fr |
23 | whitelist ${HOME}/.tor-browser-ga-ie | 23 | allow ${HOME}/.tor-browser-ga-ie |
24 | whitelist ${HOME}/.tor-browser-he | 24 | allow ${HOME}/.tor-browser-he |
25 | whitelist ${HOME}/.tor-browser-hu | 25 | allow ${HOME}/.tor-browser-hu |
26 | whitelist ${HOME}/.tor-browser-id | 26 | allow ${HOME}/.tor-browser-id |
27 | whitelist ${HOME}/.tor-browser-is | 27 | allow ${HOME}/.tor-browser-is |
28 | whitelist ${HOME}/.tor-browser-it | 28 | allow ${HOME}/.tor-browser-it |
29 | whitelist ${HOME}/.tor-browser-ja | 29 | allow ${HOME}/.tor-browser-ja |
30 | whitelist ${HOME}/.tor-browser-ka | 30 | allow ${HOME}/.tor-browser-ka |
31 | whitelist ${HOME}/.tor-browser-ko | 31 | allow ${HOME}/.tor-browser-ko |
32 | whitelist ${HOME}/.tor-browser-nb | 32 | allow ${HOME}/.tor-browser-nb |
33 | whitelist ${HOME}/.tor-browser-nl | 33 | allow ${HOME}/.tor-browser-nl |
34 | whitelist ${HOME}/.tor-browser-pl | 34 | allow ${HOME}/.tor-browser-pl |
35 | whitelist ${HOME}/.tor-browser-pt-br | 35 | allow ${HOME}/.tor-browser-pt-br |
36 | whitelist ${HOME}/.tor-browser-ru | 36 | allow ${HOME}/.tor-browser-ru |
37 | whitelist ${HOME}/.tor-browser-sv-se | 37 | allow ${HOME}/.tor-browser-sv-se |
38 | whitelist ${HOME}/.tor-browser-tr | 38 | allow ${HOME}/.tor-browser-tr |
39 | whitelist ${HOME}/.tor-browser-vi | 39 | allow ${HOME}/.tor-browser-vi |
40 | whitelist ${HOME}/.tor-browser-zh-cn | 40 | allow ${HOME}/.tor-browser-zh-cn |
41 | whitelist ${HOME}/.tor-browser-zh-tw | 41 | allow ${HOME}/.tor-browser-zh-tw |
42 | 42 | ||
43 | whitelist ${HOME}/.tor-browser_ar | 43 | allow ${HOME}/.tor-browser_ar |
44 | whitelist ${HOME}/.tor-browser_ca | 44 | allow ${HOME}/.tor-browser_ca |
45 | whitelist ${HOME}/.tor-browser_cs | 45 | allow ${HOME}/.tor-browser_cs |
46 | whitelist ${HOME}/.tor-browser_da | 46 | allow ${HOME}/.tor-browser_da |
47 | whitelist ${HOME}/.tor-browser_de | 47 | allow ${HOME}/.tor-browser_de |
48 | whitelist ${HOME}/.tor-browser_el | 48 | allow ${HOME}/.tor-browser_el |
49 | whitelist ${HOME}/.tor-browser_en | 49 | allow ${HOME}/.tor-browser_en |
50 | whitelist ${HOME}/.tor-browser_en_US | 50 | allow ${HOME}/.tor-browser_en_US |
51 | whitelist ${HOME}/.tor-browser_es | 51 | allow ${HOME}/.tor-browser_es |
52 | whitelist ${HOME}/.tor-browser_es-ES | 52 | allow ${HOME}/.tor-browser_es-ES |
53 | whitelist ${HOME}/.tor-browser_fa | 53 | allow ${HOME}/.tor-browser_fa |
54 | whitelist ${HOME}/.tor-browser_fr | 54 | allow ${HOME}/.tor-browser_fr |
55 | whitelist ${HOME}/.tor-browser_ga-IE | 55 | allow ${HOME}/.tor-browser_ga-IE |
56 | whitelist ${HOME}/.tor-browser_he | 56 | allow ${HOME}/.tor-browser_he |
57 | whitelist ${HOME}/.tor-browser_hu | 57 | allow ${HOME}/.tor-browser_hu |
58 | whitelist ${HOME}/.tor-browser_id | 58 | allow ${HOME}/.tor-browser_id |
59 | whitelist ${HOME}/.tor-browser_is | 59 | allow ${HOME}/.tor-browser_is |
60 | whitelist ${HOME}/.tor-browser_it | 60 | allow ${HOME}/.tor-browser_it |
61 | whitelist ${HOME}/.tor-browser_ja | 61 | allow ${HOME}/.tor-browser_ja |
62 | whitelist ${HOME}/.tor-browser_ka | 62 | allow ${HOME}/.tor-browser_ka |
63 | whitelist ${HOME}/.tor-browser_ko | 63 | allow ${HOME}/.tor-browser_ko |
64 | whitelist ${HOME}/.tor-browser_nb | 64 | allow ${HOME}/.tor-browser_nb |
65 | whitelist ${HOME}/.tor-browser_nl | 65 | allow ${HOME}/.tor-browser_nl |
66 | whitelist ${HOME}/.tor-browser_pl | 66 | allow ${HOME}/.tor-browser_pl |
67 | whitelist ${HOME}/.tor-browser_pt-BR | 67 | allow ${HOME}/.tor-browser_pt-BR |
68 | whitelist ${HOME}/.tor-browser_ru | 68 | allow ${HOME}/.tor-browser_ru |
69 | whitelist ${HOME}/.tor-browser_sv-SE | 69 | allow ${HOME}/.tor-browser_sv-SE |
70 | whitelist ${HOME}/.tor-browser_tr | 70 | allow ${HOME}/.tor-browser_tr |
71 | whitelist ${HOME}/.tor-browser_vi | 71 | allow ${HOME}/.tor-browser_vi |
72 | whitelist ${HOME}/.tor-browser_zh-CN | 72 | allow ${HOME}/.tor-browser_zh-CN |
73 | whitelist ${HOME}/.tor-browser_zh-TW | 73 | allow ${HOME}/.tor-browser_zh-TW |
74 | 74 | ||
75 | # Redirect | 75 | # Redirect |
76 | include torbrowser-launcher.profile | 76 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/steam.profile b/etc/profile-m-z/steam.profile index 06d08f3a2..09e29373d 100644 --- a/etc/profile-m-z/steam.profile +++ b/etc/profile-m-z/steam.profile | |||
@@ -6,40 +6,40 @@ include steam.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Epic | 9 | nodeny ${HOME}/.config/Epic |
10 | noblacklist ${HOME}/.config/Loop_Hero | 10 | nodeny ${HOME}/.config/Loop_Hero |
11 | noblacklist ${HOME}/.config/ModTheSpire | 11 | nodeny ${HOME}/.config/ModTheSpire |
12 | noblacklist ${HOME}/.config/RogueLegacy | 12 | nodeny ${HOME}/.config/RogueLegacy |
13 | noblacklist ${HOME}/.config/RogueLegacyStorageContainer | 13 | nodeny ${HOME}/.config/RogueLegacyStorageContainer |
14 | noblacklist ${HOME}/.killingfloor | 14 | nodeny ${HOME}/.killingfloor |
15 | noblacklist ${HOME}/.klei | 15 | nodeny ${HOME}/.klei |
16 | noblacklist ${HOME}/.local/share/3909/PapersPlease | 16 | nodeny ${HOME}/.local/share/3909/PapersPlease |
17 | noblacklist ${HOME}/.local/share/aspyr-media | 17 | nodeny ${HOME}/.local/share/aspyr-media |
18 | noblacklist ${HOME}/.local/share/bohemiainteractive | 18 | nodeny ${HOME}/.local/share/bohemiainteractive |
19 | noblacklist ${HOME}/.local/share/cdprojektred | 19 | nodeny ${HOME}/.local/share/cdprojektred |
20 | noblacklist ${HOME}/.local/share/Dredmor | 20 | nodeny ${HOME}/.local/share/Dredmor |
21 | noblacklist ${HOME}/.local/share/FasterThanLight | 21 | nodeny ${HOME}/.local/share/FasterThanLight |
22 | noblacklist ${HOME}/.local/share/feral-interactive | 22 | nodeny ${HOME}/.local/share/feral-interactive |
23 | noblacklist ${HOME}/.local/share/IntoTheBreach | 23 | nodeny ${HOME}/.local/share/IntoTheBreach |
24 | noblacklist ${HOME}/.local/share/Paradox Interactive | 24 | nodeny ${HOME}/.local/share/Paradox Interactive |
25 | noblacklist ${HOME}/.local/share/PillarsOfEternity | 25 | nodeny ${HOME}/.local/share/PillarsOfEternity |
26 | noblacklist ${HOME}/.local/share/RogueLegacy | 26 | nodeny ${HOME}/.local/share/RogueLegacy |
27 | noblacklist ${HOME}/.local/share/RogueLegacyStorageContainer | 27 | nodeny ${HOME}/.local/share/RogueLegacyStorageContainer |
28 | noblacklist ${HOME}/.local/share/Steam | 28 | nodeny ${HOME}/.local/share/Steam |
29 | noblacklist ${HOME}/.local/share/SteamWorldDig | 29 | nodeny ${HOME}/.local/share/SteamWorldDig |
30 | noblacklist ${HOME}/.local/share/SteamWorld Dig 2 | 30 | nodeny ${HOME}/.local/share/SteamWorld Dig 2 |
31 | noblacklist ${HOME}/.local/share/SuperHexagon | 31 | nodeny ${HOME}/.local/share/SuperHexagon |
32 | noblacklist ${HOME}/.local/share/Terraria | 32 | nodeny ${HOME}/.local/share/Terraria |
33 | noblacklist ${HOME}/.local/share/vpltd | 33 | nodeny ${HOME}/.local/share/vpltd |
34 | noblacklist ${HOME}/.local/share/vulkan | 34 | nodeny ${HOME}/.local/share/vulkan |
35 | noblacklist ${HOME}/.mbwarband | 35 | nodeny ${HOME}/.mbwarband |
36 | noblacklist ${HOME}/.paradoxinteractive | 36 | nodeny ${HOME}/.paradoxinteractive |
37 | noblacklist ${HOME}/.steam | 37 | nodeny ${HOME}/.steam |
38 | noblacklist ${HOME}/.steampath | 38 | nodeny ${HOME}/.steampath |
39 | noblacklist ${HOME}/.steampid | 39 | nodeny ${HOME}/.steampid |
40 | # needed for STEAM_RUNTIME_PREFER_HOST_LIBRARIES=1 to work | 40 | # needed for STEAM_RUNTIME_PREFER_HOST_LIBRARIES=1 to work |
41 | noblacklist /sbin | 41 | nodeny /sbin |
42 | noblacklist /usr/sbin | 42 | nodeny /usr/sbin |
43 | 43 | ||
44 | # Allow java (blacklisted by disable-devel.inc) | 44 | # Allow java (blacklisted by disable-devel.inc) |
45 | include allow-java.inc | 45 | include allow-java.inc |
@@ -84,38 +84,38 @@ mkdir ${HOME}/.paradoxinteractive | |||
84 | mkdir ${HOME}/.steam | 84 | mkdir ${HOME}/.steam |
85 | mkfile ${HOME}/.steampath | 85 | mkfile ${HOME}/.steampath |
86 | mkfile ${HOME}/.steampid | 86 | mkfile ${HOME}/.steampid |
87 | whitelist ${HOME}/.config/Epic | 87 | allow ${HOME}/.config/Epic |
88 | whitelist ${HOME}/.config/Loop_Hero | 88 | allow ${HOME}/.config/Loop_Hero |
89 | whitelist ${HOME}/.config/ModTheSpire | 89 | allow ${HOME}/.config/ModTheSpire |
90 | whitelist ${HOME}/.config/RogueLegacy | 90 | allow ${HOME}/.config/RogueLegacy |
91 | whitelist ${HOME}/.config/RogueLegacyStorageContainer | 91 | allow ${HOME}/.config/RogueLegacyStorageContainer |
92 | whitelist ${HOME}/.config/unity3d | 92 | allow ${HOME}/.config/unity3d |
93 | whitelist ${HOME}/.killingfloor | 93 | allow ${HOME}/.killingfloor |
94 | whitelist ${HOME}/.klei | 94 | allow ${HOME}/.klei |
95 | whitelist ${HOME}/.local/share/3909/PapersPlease | 95 | allow ${HOME}/.local/share/3909/PapersPlease |
96 | whitelist ${HOME}/.local/share/aspyr-media | 96 | allow ${HOME}/.local/share/aspyr-media |
97 | whitelist ${HOME}/.local/share/bohemiainteractive | 97 | allow ${HOME}/.local/share/bohemiainteractive |
98 | whitelist ${HOME}/.local/share/cdprojektred | 98 | allow ${HOME}/.local/share/cdprojektred |
99 | whitelist ${HOME}/.local/share/Dredmor | 99 | allow ${HOME}/.local/share/Dredmor |
100 | whitelist ${HOME}/.local/share/FasterThanLight | 100 | allow ${HOME}/.local/share/FasterThanLight |
101 | whitelist ${HOME}/.local/share/feral-interactive | 101 | allow ${HOME}/.local/share/feral-interactive |
102 | whitelist ${HOME}/.local/share/IntoTheBreach | 102 | allow ${HOME}/.local/share/IntoTheBreach |
103 | whitelist ${HOME}/.local/share/Paradox Interactive | 103 | allow ${HOME}/.local/share/Paradox Interactive |
104 | whitelist ${HOME}/.local/share/PillarsOfEternity | 104 | allow ${HOME}/.local/share/PillarsOfEternity |
105 | whitelist ${HOME}/.local/share/RogueLegacy | 105 | allow ${HOME}/.local/share/RogueLegacy |
106 | whitelist ${HOME}/.local/share/RogueLegacyStorageContainer | 106 | allow ${HOME}/.local/share/RogueLegacyStorageContainer |
107 | whitelist ${HOME}/.local/share/Steam | 107 | allow ${HOME}/.local/share/Steam |
108 | whitelist ${HOME}/.local/share/SteamWorldDig | 108 | allow ${HOME}/.local/share/SteamWorldDig |
109 | whitelist ${HOME}/.local/share/SteamWorld Dig 2 | 109 | allow ${HOME}/.local/share/SteamWorld Dig 2 |
110 | whitelist ${HOME}/.local/share/SuperHexagon | 110 | allow ${HOME}/.local/share/SuperHexagon |
111 | whitelist ${HOME}/.local/share/Terraria | 111 | allow ${HOME}/.local/share/Terraria |
112 | whitelist ${HOME}/.local/share/vpltd | 112 | allow ${HOME}/.local/share/vpltd |
113 | whitelist ${HOME}/.local/share/vulkan | 113 | allow ${HOME}/.local/share/vulkan |
114 | whitelist ${HOME}/.mbwarband | 114 | allow ${HOME}/.mbwarband |
115 | whitelist ${HOME}/.paradoxinteractive | 115 | allow ${HOME}/.paradoxinteractive |
116 | whitelist ${HOME}/.steam | 116 | allow ${HOME}/.steam |
117 | whitelist ${HOME}/.steampath | 117 | allow ${HOME}/.steampath |
118 | whitelist ${HOME}/.steampid | 118 | allow ${HOME}/.steampid |
119 | include whitelist-common.inc | 119 | include whitelist-common.inc |
120 | include whitelist-var-common.inc | 120 | include whitelist-var-common.inc |
121 | 121 | ||
diff --git a/etc/profile-m-z/stellarium.profile b/etc/profile-m-z/stellarium.profile index a752ab53c..003d3a079 100644 --- a/etc/profile-m-z/stellarium.profile +++ b/etc/profile-m-z/stellarium.profile | |||
@@ -6,8 +6,8 @@ include stellarium.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/stellarium | 9 | nodeny ${HOME}/.config/stellarium |
10 | noblacklist ${HOME}/.stellarium | 10 | nodeny ${HOME}/.stellarium |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.config/stellarium | 20 | mkdir ${HOME}/.config/stellarium |
21 | mkdir ${HOME}/.stellarium | 21 | mkdir ${HOME}/.stellarium |
22 | whitelist ${HOME}/.config/stellarium | 22 | allow ${HOME}/.config/stellarium |
23 | whitelist ${HOME}/.stellarium | 23 | allow ${HOME}/.stellarium |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/straw-viewer.profile b/etc/profile-m-z/straw-viewer.profile index d73927f2a..dd643bc20 100644 --- a/etc/profile-m-z/straw-viewer.profile +++ b/etc/profile-m-z/straw-viewer.profile | |||
@@ -7,13 +7,13 @@ include straw-viewer.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.cache/straw-viewer | 10 | nodeny ${HOME}/.cache/straw-viewer |
11 | noblacklist ${HOME}/.config/straw-viewer | 11 | nodeny ${HOME}/.config/straw-viewer |
12 | 12 | ||
13 | mkdir ${HOME}/.config/straw-viewer | 13 | mkdir ${HOME}/.config/straw-viewer |
14 | mkdir ${HOME}/.cache/straw-viewer | 14 | mkdir ${HOME}/.cache/straw-viewer |
15 | whitelist ${HOME}/.cache/straw-viewer | 15 | allow ${HOME}/.cache/straw-viewer |
16 | whitelist ${HOME}/.config/straw-viewer | 16 | allow ${HOME}/.config/straw-viewer |
17 | 17 | ||
18 | private-bin gtk-straw-viewer,straw-viewer | 18 | private-bin gtk-straw-viewer,straw-viewer |
19 | 19 | ||
diff --git a/etc/profile-m-z/strawberry.profile b/etc/profile-m-z/strawberry.profile index b87906f55..aed0b7910 100644 --- a/etc/profile-m-z/strawberry.profile +++ b/etc/profile-m-z/strawberry.profile | |||
@@ -6,10 +6,10 @@ include strawberry.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/strawberry | 9 | nodeny ${HOME}/.cache/strawberry |
10 | noblacklist ${HOME}/.config/strawberry | 10 | nodeny ${HOME}/.config/strawberry |
11 | noblacklist ${HOME}/.local/share/strawberry | 11 | nodeny ${HOME}/.local/share/strawberry |
12 | noblacklist ${MUSIC} | 12 | nodeny ${MUSIC} |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/strings.profile b/etc/profile-m-z/strings.profile index 1ebcded7f..5c820ef81 100644 --- a/etc/profile-m-z/strings.profile +++ b/etc/profile-m-z/strings.profile | |||
@@ -7,7 +7,7 @@ include strings.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER} | 10 | deny ${RUNUSER} |
11 | 11 | ||
12 | #include disable-common.inc | 12 | #include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/subdownloader.profile b/etc/profile-m-z/subdownloader.profile index bbe92fd38..0d07b5ea7 100644 --- a/etc/profile-m-z/subdownloader.profile +++ b/etc/profile-m-z/subdownloader.profile | |||
@@ -6,8 +6,8 @@ include subdownloader.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/SubDownloader | 9 | nodeny ${HOME}/.config/SubDownloader |
10 | noblacklist ${VIDEOS} | 10 | nodeny ${VIDEOS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile index cfd7a63ea..8cc547805 100644 --- a/etc/profile-m-z/supertux2.profile +++ b/etc/profile-m-z/supertux2.profile | |||
@@ -6,7 +6,7 @@ include supertux2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/supertux2 | 9 | nodeny ${HOME}/.local/share/supertux2 |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.local/share/supertux2 | 20 | mkdir ${HOME}/.local/share/supertux2 |
21 | whitelist ${HOME}/.local/share/supertux2 | 21 | allow ${HOME}/.local/share/supertux2 |
22 | whitelist /usr/share/supertux2 | 22 | allow /usr/share/supertux2 |
23 | whitelist /usr/share/games/supertux2 # Debian version | 23 | allow /usr/share/games/supertux2 # Debian version |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/supertuxkart.profile b/etc/profile-m-z/supertuxkart.profile index 4eb8f921c..44dc1524f 100644 --- a/etc/profile-m-z/supertuxkart.profile +++ b/etc/profile-m-z/supertuxkart.profile | |||
@@ -6,11 +6,11 @@ include supertuxkart.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/supertuxkart | 9 | nodeny ${HOME}/.config/supertuxkart |
10 | noblacklist ${HOME}/.cache/supertuxkart | 10 | nodeny ${HOME}/.cache/supertuxkart |
11 | noblacklist ${HOME}/.local/share/supertuxkart | 11 | nodeny ${HOME}/.local/share/supertuxkart |
12 | 12 | ||
13 | blacklist /usr/libexec | 13 | deny /usr/libexec |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -24,11 +24,11 @@ include disable-xdg.inc | |||
24 | mkdir ${HOME}/.config/supertuxkart | 24 | mkdir ${HOME}/.config/supertuxkart |
25 | mkdir ${HOME}/.cache/supertuxkart | 25 | mkdir ${HOME}/.cache/supertuxkart |
26 | mkdir ${HOME}/.local/share/supertuxkart | 26 | mkdir ${HOME}/.local/share/supertuxkart |
27 | whitelist ${HOME}/.config/supertuxkart | 27 | allow ${HOME}/.config/supertuxkart |
28 | whitelist ${HOME}/.cache/supertuxkart | 28 | allow ${HOME}/.cache/supertuxkart |
29 | whitelist ${HOME}/.local/share/supertuxkart | 29 | allow ${HOME}/.local/share/supertuxkart |
30 | whitelist /usr/share/supertuxkart | 30 | allow /usr/share/supertuxkart |
31 | whitelist /usr/share/games/supertuxkart # Debian version | 31 | allow /usr/share/games/supertuxkart # Debian version |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/surf.profile b/etc/profile-m-z/surf.profile index 8db7d2433..fd1e7f9e9 100644 --- a/etc/profile-m-z/surf.profile +++ b/etc/profile-m-z/surf.profile | |||
@@ -6,7 +6,7 @@ include surf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.surf | 9 | nodeny ${HOME}/.surf |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -15,8 +15,8 @@ include disable-passwdmgr.inc | |||
15 | include disable-programs.inc | 15 | include disable-programs.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.surf | 17 | mkdir ${HOME}/.surf |
18 | whitelist ${HOME}/.surf | 18 | allow ${HOME}/.surf |
19 | whitelist ${DOWNLOADS} | 19 | allow ${DOWNLOADS} |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | 21 | ||
22 | caps.drop all | 22 | caps.drop all |
diff --git a/etc/profile-m-z/swell-foop.profile b/etc/profile-m-z/swell-foop.profile index 9efae815d..55cd0965a 100644 --- a/etc/profile-m-z/swell-foop.profile +++ b/etc/profile-m-z/swell-foop.profile | |||
@@ -6,12 +6,12 @@ include swell-foop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.local/share/swell-foop | 9 | nodeny ${HOME}/.local/share/swell-foop |
10 | 10 | ||
11 | mkdir ${HOME}/.local/share/swell-foop | 11 | mkdir ${HOME}/.local/share/swell-foop |
12 | whitelist ${HOME}/.local/share/swell-foop | 12 | allow ${HOME}/.local/share/swell-foop |
13 | 13 | ||
14 | whitelist /usr/share/swell-foop | 14 | allow /usr/share/swell-foop |
15 | 15 | ||
16 | private-bin swell-foop | 16 | private-bin swell-foop |
17 | 17 | ||
diff --git a/etc/profile-m-z/sylpheed.profile b/etc/profile-m-z/sylpheed.profile index 328812b04..447cdc99e 100644 --- a/etc/profile-m-z/sylpheed.profile +++ b/etc/profile-m-z/sylpheed.profile | |||
@@ -6,12 +6,12 @@ include sylpheed.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.sylpheed-2.0 | 9 | nodeny ${HOME}/.sylpheed-2.0 |
10 | 10 | ||
11 | mkdir ${HOME}/.sylpheed-2.0 | 11 | mkdir ${HOME}/.sylpheed-2.0 |
12 | whitelist ${HOME}/.sylpheed-2.0 | 12 | allow ${HOME}/.sylpheed-2.0 |
13 | 13 | ||
14 | whitelist /usr/share/sylpheed | 14 | allow /usr/share/sylpheed |
15 | 15 | ||
16 | # private-bin curl,gpg,gpg2,gpg-agent,gpgsm,pinentry,pinentry-gtk-2,sylpheed | 16 | # private-bin curl,gpg,gpg2,gpg-agent,gpgsm,pinentry,pinentry-gtk-2,sylpheed |
17 | 17 | ||
diff --git a/etc/profile-m-z/synfigstudio.profile b/etc/profile-m-z/synfigstudio.profile index c60186c42..7cbbafd54 100644 --- a/etc/profile-m-z/synfigstudio.profile +++ b/etc/profile-m-z/synfigstudio.profile | |||
@@ -6,8 +6,8 @@ include synfigstudio.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/synfig | 9 | nodeny ${HOME}/.config/synfig |
10 | noblacklist ${HOME}/.synfig | 10 | nodeny ${HOME}/.synfig |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/sysprof.profile b/etc/profile-m-z/sysprof.profile index b52b25b96..f20f88791 100644 --- a/etc/profile-m-z/sysprof.profile +++ b/etc/profile-m-z/sysprof.profile | |||
@@ -6,7 +6,7 @@ include sysprof.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
12 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -24,15 +24,15 @@ include disable-xdg.inc | |||
24 | #nowhitelist /usr/share/yelp-tools | 24 | #nowhitelist /usr/share/yelp-tools |
25 | #nowhitelist /usr/share/yelp-xsl | 25 | #nowhitelist /usr/share/yelp-xsl |
26 | 26 | ||
27 | noblacklist ${HOME}/.config/yelp | 27 | nodeny ${HOME}/.config/yelp |
28 | mkdir ${HOME}/.config/yelp | 28 | mkdir ${HOME}/.config/yelp |
29 | whitelist ${HOME}/.config/yelp | 29 | allow ${HOME}/.config/yelp |
30 | whitelist /usr/share/help/C/sysprof | 30 | allow /usr/share/help/C/sysprof |
31 | whitelist /usr/share/yelp | 31 | allow /usr/share/yelp |
32 | whitelist /usr/share/yelp-tools | 32 | allow /usr/share/yelp-tools |
33 | whitelist /usr/share/yelp-xsl | 33 | allow /usr/share/yelp-xsl |
34 | 34 | ||
35 | whitelist ${DOCUMENTS} | 35 | allow ${DOCUMENTS} |
36 | include whitelist-common.inc | 36 | include whitelist-common.inc |
37 | include whitelist-runuser-common.inc | 37 | include whitelist-runuser-common.inc |
38 | include whitelist-usr-share-common.inc | 38 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/tar.profile b/etc/profile-m-z/tar.profile index 0d3a900e9..74c8a0849 100644 --- a/etc/profile-m-z/tar.profile +++ b/etc/profile-m-z/tar.profile | |||
@@ -12,7 +12,7 @@ ignore include disable-shell.inc | |||
12 | 12 | ||
13 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop | 13 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop |
14 | # all capabilities this is automatically read-only. | 14 | # all capabilities this is automatically read-only. |
15 | noblacklist /var/lib/pacman | 15 | nodeny /var/lib/pacman |
16 | 16 | ||
17 | private-etc alternatives,group,localtime,login.defs,passwd | 17 | private-etc alternatives,group,localtime,login.defs,passwd |
18 | #private-lib libfakeroot,liblzma.so.*,libreadline.so.* | 18 | #private-lib libfakeroot,liblzma.so.*,libreadline.so.* |
diff --git a/etc/profile-m-z/tb-starter-wrapper.profile b/etc/profile-m-z/tb-starter-wrapper.profile index ffe9605b6..691c33191 100644 --- a/etc/profile-m-z/tb-starter-wrapper.profile +++ b/etc/profile-m-z/tb-starter-wrapper.profile | |||
@@ -8,10 +8,10 @@ include tb-starter-wrapper.local | |||
8 | # added by included profile | 8 | # added by included profile |
9 | #include globals.local | 9 | #include globals.local |
10 | 10 | ||
11 | noblacklist ${HOME}/.tb | 11 | nodeny ${HOME}/.tb |
12 | 12 | ||
13 | mkdir ${HOME}/.tb | 13 | mkdir ${HOME}/.tb |
14 | whitelist ${HOME}/.tb | 14 | allow ${HOME}/.tb |
15 | 15 | ||
16 | private-bin tb-starter-wrapper | 16 | private-bin tb-starter-wrapper |
17 | 17 | ||
diff --git a/etc/profile-m-z/tcpdump.profile b/etc/profile-m-z/tcpdump.profile index e2ba5893c..b4c4873b3 100644 --- a/etc/profile-m-z/tcpdump.profile +++ b/etc/profile-m-z/tcpdump.profile | |||
@@ -6,9 +6,9 @@ include tcpdump.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /sbin | 9 | nodeny /sbin |
10 | noblacklist /usr/sbin | 10 | nodeny /usr/sbin |
11 | noblacklist ${PATH}/tcpdump | 11 | nodeny ${PATH}/tcpdump |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/teams-for-linux.profile b/etc/profile-m-z/teams-for-linux.profile index eee083332..24cbb42da 100644 --- a/etc/profile-m-z/teams-for-linux.profile +++ b/etc/profile-m-z/teams-for-linux.profile | |||
@@ -14,10 +14,10 @@ ignore include whitelist-usr-share-common.inc | |||
14 | ignore dbus-user none | 14 | ignore dbus-user none |
15 | ignore dbus-system none | 15 | ignore dbus-system none |
16 | 16 | ||
17 | noblacklist ${HOME}/.config/teams-for-linux | 17 | nodeny ${HOME}/.config/teams-for-linux |
18 | 18 | ||
19 | mkdir ${HOME}/.config/teams-for-linux | 19 | mkdir ${HOME}/.config/teams-for-linux |
20 | whitelist ${HOME}/.config/teams-for-linux | 20 | allow ${HOME}/.config/teams-for-linux |
21 | 21 | ||
22 | private-bin bash,cut,echo,egrep,grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh | 22 | private-bin bash,cut,echo,egrep,grep,head,sed,sh,teams-for-linux,tr,xdg-mime,xdg-open,zsh |
23 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl | 23 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl |
diff --git a/etc/profile-m-z/teams.profile b/etc/profile-m-z/teams.profile index c8d98cbaa..8639edbc8 100644 --- a/etc/profile-m-z/teams.profile +++ b/etc/profile-m-z/teams.profile | |||
@@ -18,13 +18,13 @@ ignore apparmor | |||
18 | ignore dbus-user none | 18 | ignore dbus-user none |
19 | ignore dbus-system none | 19 | ignore dbus-system none |
20 | 20 | ||
21 | noblacklist ${HOME}/.config/teams | 21 | nodeny ${HOME}/.config/teams |
22 | noblacklist ${HOME}/.config/Microsoft | 22 | nodeny ${HOME}/.config/Microsoft |
23 | 23 | ||
24 | mkdir ${HOME}/.config/teams | 24 | mkdir ${HOME}/.config/teams |
25 | mkdir ${HOME}/.config/Microsoft | 25 | mkdir ${HOME}/.config/Microsoft |
26 | whitelist ${HOME}/.config/teams | 26 | allow ${HOME}/.config/teams |
27 | whitelist ${HOME}/.config/Microsoft | 27 | allow ${HOME}/.config/Microsoft |
28 | 28 | ||
29 | # Redirect | 29 | # Redirect |
30 | include electron.profile | 30 | include electron.profile |
diff --git a/etc/profile-m-z/teamspeak3.profile b/etc/profile-m-z/teamspeak3.profile index 02a2c8ae4..781a5f4eb 100644 --- a/etc/profile-m-z/teamspeak3.profile +++ b/etc/profile-m-z/teamspeak3.profile | |||
@@ -6,8 +6,8 @@ include teamspeak3.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.ts3client | 9 | nodeny ${HOME}/.ts3client |
10 | noblacklist ${PATH}/openssl | 10 | nodeny ${PATH}/openssl |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.ts3client | 19 | mkdir ${HOME}/.ts3client |
20 | whitelist ${DOWNLOADS} | 20 | allow ${DOWNLOADS} |
21 | whitelist ${HOME}/.ts3client | 21 | allow ${HOME}/.ts3client |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/teeworlds.profile b/etc/profile-m-z/teeworlds.profile index be01aee12..c9c444ffc 100644 --- a/etc/profile-m-z/teeworlds.profile +++ b/etc/profile-m-z/teeworlds.profile | |||
@@ -6,7 +6,7 @@ include teeworlds.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.teeworlds | 9 | nodeny ${HOME}/.teeworlds |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.teeworlds | 20 | mkdir ${HOME}/.teeworlds |
21 | whitelist ${HOME}/.teeworlds | 21 | allow ${HOME}/.teeworlds |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/telegram.profile b/etc/profile-m-z/telegram.profile index 05c621fb2..92689a461 100644 --- a/etc/profile-m-z/telegram.profile +++ b/etc/profile-m-z/telegram.profile | |||
@@ -5,8 +5,8 @@ include telegram.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.TelegramDesktop | 8 | nodeny ${HOME}/.TelegramDesktop |
9 | noblacklist ${HOME}/.local/share/TelegramDesktop | 9 | nodeny ${HOME}/.local/share/TelegramDesktop |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.TelegramDesktop | 20 | mkdir ${HOME}/.TelegramDesktop |
21 | mkdir ${HOME}/.local/share/TelegramDesktop | 21 | mkdir ${HOME}/.local/share/TelegramDesktop |
22 | whitelist ${HOME}/.TelegramDesktop | 22 | allow ${HOME}/.TelegramDesktop |
23 | whitelist ${HOME}/.local/share/TelegramDesktop | 23 | allow ${HOME}/.local/share/TelegramDesktop |
24 | whitelist ${DOWNLOADS} | 24 | allow ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
@@ -39,7 +39,6 @@ protocol unix,inet,inet6,netlink | |||
39 | seccomp | 39 | seccomp |
40 | seccomp.block-secondary | 40 | seccomp.block-secondary |
41 | shell none | 41 | shell none |
42 | tracelog | ||
43 | 42 | ||
44 | disable-mnt | 43 | disable-mnt |
45 | #private-bin telegram,Telegram,telegram-desktop | 44 | #private-bin telegram,Telegram,telegram-desktop |
diff --git a/etc/profile-m-z/terasology.profile b/etc/profile-m-z/terasology.profile index ce2ca1d17..b2f98fbac 100644 --- a/etc/profile-m-z/terasology.profile +++ b/etc/profile-m-z/terasology.profile | |||
@@ -7,7 +7,7 @@ include globals.local | |||
7 | 7 | ||
8 | ignore noexec /tmp | 8 | ignore noexec /tmp |
9 | 9 | ||
10 | noblacklist ${HOME}/.local/share/terasology | 10 | nodeny ${HOME}/.local/share/terasology |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
@@ -21,8 +21,8 @@ include disable-programs.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.java | 22 | mkdir ${HOME}/.java |
23 | mkdir ${HOME}/.local/share/terasology | 23 | mkdir ${HOME}/.local/share/terasology |
24 | whitelist ${HOME}/.java | 24 | allow ${HOME}/.java |
25 | whitelist ${HOME}/.local/share/terasology | 25 | allow ${HOME}/.local/share/terasology |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | 27 | ||
28 | caps.drop all | 28 | caps.drop all |
diff --git a/etc/profile-m-z/thunderbird.profile b/etc/profile-m-z/thunderbird.profile index b478fbe1e..a539cadf8 100644 --- a/etc/profile-m-z/thunderbird.profile +++ b/etc/profile-m-z/thunderbird.profile | |||
@@ -22,14 +22,14 @@ writable-run-user | |||
22 | #writable-var | 22 | #writable-var |
23 | 23 | ||
24 | # These lines are needed to allow Firefox to load your profile when clicking a link in an email | 24 | # These lines are needed to allow Firefox to load your profile when clicking a link in an email |
25 | noblacklist ${HOME}/.mozilla | 25 | nodeny ${HOME}/.mozilla |
26 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | 26 | allow ${HOME}/.mozilla/firefox/profiles.ini |
27 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 27 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
28 | 28 | ||
29 | noblacklist ${HOME}/.cache/thunderbird | 29 | nodeny ${HOME}/.cache/thunderbird |
30 | noblacklist ${HOME}/.gnupg | 30 | nodeny ${HOME}/.gnupg |
31 | # noblacklist ${HOME}/.icedove | 31 | # noblacklist ${HOME}/.icedove |
32 | noblacklist ${HOME}/.thunderbird | 32 | nodeny ${HOME}/.thunderbird |
33 | 33 | ||
34 | include disable-passwdmgr.inc | 34 | include disable-passwdmgr.inc |
35 | include disable-xdg.inc | 35 | include disable-xdg.inc |
@@ -42,15 +42,15 @@ mkdir ${HOME}/.cache/thunderbird | |||
42 | mkdir ${HOME}/.gnupg | 42 | mkdir ${HOME}/.gnupg |
43 | # mkdir ${HOME}/.icedove | 43 | # mkdir ${HOME}/.icedove |
44 | mkdir ${HOME}/.thunderbird | 44 | mkdir ${HOME}/.thunderbird |
45 | whitelist ${HOME}/.cache/thunderbird | 45 | allow ${HOME}/.cache/thunderbird |
46 | whitelist ${HOME}/.gnupg | 46 | allow ${HOME}/.gnupg |
47 | # whitelist ${HOME}/.icedove | 47 | # whitelist ${HOME}/.icedove |
48 | whitelist ${HOME}/.thunderbird | 48 | allow ${HOME}/.thunderbird |
49 | 49 | ||
50 | whitelist /usr/share/gnupg | 50 | allow /usr/share/gnupg |
51 | whitelist /usr/share/mozilla | 51 | allow /usr/share/mozilla |
52 | whitelist /usr/share/thunderbird | 52 | allow /usr/share/thunderbird |
53 | whitelist /usr/share/webext | 53 | allow /usr/share/webext |
54 | include whitelist-usr-share-common.inc | 54 | include whitelist-usr-share-common.inc |
55 | 55 | ||
56 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required | 56 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required |
diff --git a/etc/profile-m-z/tilp.profile b/etc/profile-m-z/tilp.profile index dd4a372c4..b0fa54f08 100644 --- a/etc/profile-m-z/tilp.profile +++ b/etc/profile-m-z/tilp.profile | |||
@@ -5,7 +5,7 @@ include tilp.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.tilp | 8 | nodeny ${HOME}/.tilp |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/tin.profile b/etc/profile-m-z/tin.profile index e0ed3090a..3ee696b8b 100644 --- a/etc/profile-m-z/tin.profile +++ b/etc/profile-m-z/tin.profile | |||
@@ -6,12 +6,12 @@ include tin.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.newsrc | 9 | nodeny ${HOME}/.newsrc |
10 | noblacklist ${HOME}/.tin | 10 | nodeny ${HOME}/.tin |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | 12 | deny /tmp/.X11-unix |
13 | blacklist ${RUNUSER} | 13 | deny ${RUNUSER} |
14 | blacklist /usr/libexec | 14 | deny /usr/libexec |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-m-z/tmux.profile b/etc/profile-m-z/tmux.profile index 0139d7515..d2e90e356 100644 --- a/etc/profile-m-z/tmux.profile +++ b/etc/profile-m-z/tmux.profile | |||
@@ -7,10 +7,10 @@ include tmux.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | deny /tmp/.X11-unix |
11 | blacklist ${RUNUSER} | 11 | deny ${RUNUSER} |
12 | 12 | ||
13 | noblacklist /tmp/tmux-* | 13 | nodeny /tmp/tmux-* |
14 | 14 | ||
15 | # include disable-common.inc | 15 | # include disable-common.inc |
16 | # include disable-devel.inc | 16 | # include disable-devel.inc |
diff --git a/etc/profile-m-z/tor-browser-ar.profile b/etc/profile-m-z/tor-browser-ar.profile index 59f1bc3b1..49158b93e 100644 --- a/etc/profile-m-z/tor-browser-ar.profile +++ b/etc/profile-m-z/tor-browser-ar.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ar.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ar | 9 | nodeny ${HOME}/.tor-browser-ar |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ar | 11 | mkdir ${HOME}/.tor-browser-ar |
12 | whitelist ${HOME}/.tor-browser-ar | 12 | allow ${HOME}/.tor-browser-ar |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ca.profile b/etc/profile-m-z/tor-browser-ca.profile index 68577e352..612f8bd7c 100644 --- a/etc/profile-m-z/tor-browser-ca.profile +++ b/etc/profile-m-z/tor-browser-ca.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ca.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ca | 9 | nodeny ${HOME}/.tor-browser-ca |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ca | 11 | mkdir ${HOME}/.tor-browser-ca |
12 | whitelist ${HOME}/.tor-browser-ca | 12 | allow ${HOME}/.tor-browser-ca |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-cs.profile b/etc/profile-m-z/tor-browser-cs.profile index 33e51fcd0..a400fde05 100644 --- a/etc/profile-m-z/tor-browser-cs.profile +++ b/etc/profile-m-z/tor-browser-cs.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-cs.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-cs | 9 | nodeny ${HOME}/.tor-browser-cs |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-cs | 11 | mkdir ${HOME}/.tor-browser-cs |
12 | whitelist ${HOME}/.tor-browser-cs | 12 | allow ${HOME}/.tor-browser-cs |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-da.profile b/etc/profile-m-z/tor-browser-da.profile index 440bb7fc3..9010025e3 100644 --- a/etc/profile-m-z/tor-browser-da.profile +++ b/etc/profile-m-z/tor-browser-da.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-da.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-da | 9 | nodeny ${HOME}/.tor-browser-da |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-da | 11 | mkdir ${HOME}/.tor-browser-da |
12 | whitelist ${HOME}/.tor-browser-da | 12 | allow ${HOME}/.tor-browser-da |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-de.profile b/etc/profile-m-z/tor-browser-de.profile index b2b98cf82..cd556c32b 100644 --- a/etc/profile-m-z/tor-browser-de.profile +++ b/etc/profile-m-z/tor-browser-de.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-de.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-de | 9 | nodeny ${HOME}/.tor-browser-de |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-de | 11 | mkdir ${HOME}/.tor-browser-de |
12 | whitelist ${HOME}/.tor-browser-de | 12 | allow ${HOME}/.tor-browser-de |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-el.profile b/etc/profile-m-z/tor-browser-el.profile index 626757dd5..ee2b0fea7 100644 --- a/etc/profile-m-z/tor-browser-el.profile +++ b/etc/profile-m-z/tor-browser-el.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-el.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-el | 9 | nodeny ${HOME}/.tor-browser-el |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-el | 11 | mkdir ${HOME}/.tor-browser-el |
12 | whitelist ${HOME}/.tor-browser-el | 12 | allow ${HOME}/.tor-browser-el |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-en-us.profile b/etc/profile-m-z/tor-browser-en-us.profile index 15e690748..2be71a5aa 100644 --- a/etc/profile-m-z/tor-browser-en-us.profile +++ b/etc/profile-m-z/tor-browser-en-us.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-en-us.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-en-us | 9 | nodeny ${HOME}/.tor-browser-en-us |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-en-us | 11 | mkdir ${HOME}/.tor-browser-en-us |
12 | whitelist ${HOME}/.tor-browser-en-us | 12 | allow ${HOME}/.tor-browser-en-us |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-en.profile b/etc/profile-m-z/tor-browser-en.profile index ef8c1eb8b..633c2f4f9 100644 --- a/etc/profile-m-z/tor-browser-en.profile +++ b/etc/profile-m-z/tor-browser-en.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-en.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-en | 9 | nodeny ${HOME}/.tor-browser-en |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-en | 11 | mkdir ${HOME}/.tor-browser-en |
12 | whitelist ${HOME}/.tor-browser-en | 12 | allow ${HOME}/.tor-browser-en |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-es-es.profile b/etc/profile-m-z/tor-browser-es-es.profile index ad734662e..f7c2302a7 100644 --- a/etc/profile-m-z/tor-browser-es-es.profile +++ b/etc/profile-m-z/tor-browser-es-es.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-es-es.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-es-es | 9 | nodeny ${HOME}/.tor-browser-es-es |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-es-es | 11 | mkdir ${HOME}/.tor-browser-es-es |
12 | whitelist ${HOME}/.tor-browser-es-es | 12 | allow ${HOME}/.tor-browser-es-es |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-es.profile b/etc/profile-m-z/tor-browser-es.profile index 97d8d8577..d88dcdec1 100644 --- a/etc/profile-m-z/tor-browser-es.profile +++ b/etc/profile-m-z/tor-browser-es.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-es.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-es | 9 | nodeny ${HOME}/.tor-browser-es |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-es | 11 | mkdir ${HOME}/.tor-browser-es |
12 | whitelist ${HOME}/.tor-browser-es | 12 | allow ${HOME}/.tor-browser-es |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-fa.profile b/etc/profile-m-z/tor-browser-fa.profile index 095be69e4..3f7074fdb 100644 --- a/etc/profile-m-z/tor-browser-fa.profile +++ b/etc/profile-m-z/tor-browser-fa.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-fa.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-fa | 9 | nodeny ${HOME}/.tor-browser-fa |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-fa | 11 | mkdir ${HOME}/.tor-browser-fa |
12 | whitelist ${HOME}/.tor-browser-fa | 12 | allow ${HOME}/.tor-browser-fa |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-fr.profile b/etc/profile-m-z/tor-browser-fr.profile index 37f61fc3a..ef14f44a2 100644 --- a/etc/profile-m-z/tor-browser-fr.profile +++ b/etc/profile-m-z/tor-browser-fr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-fr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-fr | 9 | nodeny ${HOME}/.tor-browser-fr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-fr | 11 | mkdir ${HOME}/.tor-browser-fr |
12 | whitelist ${HOME}/.tor-browser-fr | 12 | allow ${HOME}/.tor-browser-fr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ga-ie.profile b/etc/profile-m-z/tor-browser-ga-ie.profile index ab7141fc4..06baaf34f 100644 --- a/etc/profile-m-z/tor-browser-ga-ie.profile +++ b/etc/profile-m-z/tor-browser-ga-ie.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ga-ie.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ga-ie | 9 | nodeny ${HOME}/.tor-browser-ga-ie |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ga-ie | 11 | mkdir ${HOME}/.tor-browser-ga-ie |
12 | whitelist ${HOME}/.tor-browser-ga-ie | 12 | allow ${HOME}/.tor-browser-ga-ie |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-he.profile b/etc/profile-m-z/tor-browser-he.profile index ae56f3b7f..57588ffc7 100644 --- a/etc/profile-m-z/tor-browser-he.profile +++ b/etc/profile-m-z/tor-browser-he.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-he.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-he | 9 | nodeny ${HOME}/.tor-browser-he |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-he | 11 | mkdir ${HOME}/.tor-browser-he |
12 | whitelist ${HOME}/.tor-browser-he | 12 | allow ${HOME}/.tor-browser-he |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-hu.profile b/etc/profile-m-z/tor-browser-hu.profile index 65cd18ac8..a10b66a24 100644 --- a/etc/profile-m-z/tor-browser-hu.profile +++ b/etc/profile-m-z/tor-browser-hu.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-hu.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-hu | 9 | nodeny ${HOME}/.tor-browser-hu |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-hu | 11 | mkdir ${HOME}/.tor-browser-hu |
12 | whitelist ${HOME}/.tor-browser-hu | 12 | allow ${HOME}/.tor-browser-hu |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-id.profile b/etc/profile-m-z/tor-browser-id.profile index 57fe09f47..fcdb822cd 100644 --- a/etc/profile-m-z/tor-browser-id.profile +++ b/etc/profile-m-z/tor-browser-id.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-id.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-id | 9 | nodeny ${HOME}/.tor-browser-id |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-id | 11 | mkdir ${HOME}/.tor-browser-id |
12 | whitelist ${HOME}/.tor-browser-id | 12 | allow ${HOME}/.tor-browser-id |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-is.profile b/etc/profile-m-z/tor-browser-is.profile index 54f1df42d..45b47c108 100644 --- a/etc/profile-m-z/tor-browser-is.profile +++ b/etc/profile-m-z/tor-browser-is.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-is.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-is | 9 | nodeny ${HOME}/.tor-browser-is |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-is | 11 | mkdir ${HOME}/.tor-browser-is |
12 | whitelist ${HOME}/.tor-browser-is | 12 | allow ${HOME}/.tor-browser-is |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-it.profile b/etc/profile-m-z/tor-browser-it.profile index a7d46e875..b5a2f7c13 100644 --- a/etc/profile-m-z/tor-browser-it.profile +++ b/etc/profile-m-z/tor-browser-it.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-it.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-it | 9 | nodeny ${HOME}/.tor-browser-it |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-it | 11 | mkdir ${HOME}/.tor-browser-it |
12 | whitelist ${HOME}/.tor-browser-it | 12 | allow ${HOME}/.tor-browser-it |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ja.profile b/etc/profile-m-z/tor-browser-ja.profile index b89016141..e1f023bd4 100644 --- a/etc/profile-m-z/tor-browser-ja.profile +++ b/etc/profile-m-z/tor-browser-ja.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ja.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ja | 9 | nodeny ${HOME}/.tor-browser-ja |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ja | 11 | mkdir ${HOME}/.tor-browser-ja |
12 | whitelist ${HOME}/.tor-browser-ja | 12 | allow ${HOME}/.tor-browser-ja |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ka.profile b/etc/profile-m-z/tor-browser-ka.profile index b57cf10de..17930b58e 100644 --- a/etc/profile-m-z/tor-browser-ka.profile +++ b/etc/profile-m-z/tor-browser-ka.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ka.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ka | 9 | nodeny ${HOME}/.tor-browser-ka |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ka | 11 | mkdir ${HOME}/.tor-browser-ka |
12 | whitelist ${HOME}/.tor-browser-ka | 12 | allow ${HOME}/.tor-browser-ka |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ko.profile b/etc/profile-m-z/tor-browser-ko.profile index a9bedb6fd..b33d1edb4 100644 --- a/etc/profile-m-z/tor-browser-ko.profile +++ b/etc/profile-m-z/tor-browser-ko.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ko.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ko | 9 | nodeny ${HOME}/.tor-browser-ko |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ko | 11 | mkdir ${HOME}/.tor-browser-ko |
12 | whitelist ${HOME}/.tor-browser-ko | 12 | allow ${HOME}/.tor-browser-ko |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-nb.profile b/etc/profile-m-z/tor-browser-nb.profile index fbe9f92bd..b462eb9ac 100644 --- a/etc/profile-m-z/tor-browser-nb.profile +++ b/etc/profile-m-z/tor-browser-nb.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-nb.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-nb | 9 | nodeny ${HOME}/.tor-browser-nb |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-nb | 11 | mkdir ${HOME}/.tor-browser-nb |
12 | whitelist ${HOME}/.tor-browser-nb | 12 | allow ${HOME}/.tor-browser-nb |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-nl.profile b/etc/profile-m-z/tor-browser-nl.profile index 678ac1713..0225eb6fd 100644 --- a/etc/profile-m-z/tor-browser-nl.profile +++ b/etc/profile-m-z/tor-browser-nl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-nl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-nl | 9 | nodeny ${HOME}/.tor-browser-nl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-nl | 11 | mkdir ${HOME}/.tor-browser-nl |
12 | whitelist ${HOME}/.tor-browser-nl | 12 | allow ${HOME}/.tor-browser-nl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-pl.profile b/etc/profile-m-z/tor-browser-pl.profile index 25d473b1a..75604b458 100644 --- a/etc/profile-m-z/tor-browser-pl.profile +++ b/etc/profile-m-z/tor-browser-pl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-pl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-pl | 9 | nodeny ${HOME}/.tor-browser-pl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-pl | 11 | mkdir ${HOME}/.tor-browser-pl |
12 | whitelist ${HOME}/.tor-browser-pl | 12 | allow ${HOME}/.tor-browser-pl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-pt-br.profile b/etc/profile-m-z/tor-browser-pt-br.profile index 55adbd5ea..4d50d8034 100644 --- a/etc/profile-m-z/tor-browser-pt-br.profile +++ b/etc/profile-m-z/tor-browser-pt-br.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-pt-br.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-pt-br | 9 | nodeny ${HOME}/.tor-browser-pt-br |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-pt-br | 11 | mkdir ${HOME}/.tor-browser-pt-br |
12 | whitelist ${HOME}/.tor-browser-pt-br | 12 | allow ${HOME}/.tor-browser-pt-br |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-ru.profile b/etc/profile-m-z/tor-browser-ru.profile index aea13be9d..4bca3c46f 100644 --- a/etc/profile-m-z/tor-browser-ru.profile +++ b/etc/profile-m-z/tor-browser-ru.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-ru.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-ru | 9 | nodeny ${HOME}/.tor-browser-ru |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-ru | 11 | mkdir ${HOME}/.tor-browser-ru |
12 | whitelist ${HOME}/.tor-browser-ru | 12 | allow ${HOME}/.tor-browser-ru |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-sv-se.profile b/etc/profile-m-z/tor-browser-sv-se.profile index b7882bd04..1b319dc43 100644 --- a/etc/profile-m-z/tor-browser-sv-se.profile +++ b/etc/profile-m-z/tor-browser-sv-se.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-sv-se.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-sv-se | 9 | nodeny ${HOME}/.tor-browser-sv-se |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-sv-se | 11 | mkdir ${HOME}/.tor-browser-sv-se |
12 | whitelist ${HOME}/.tor-browser-sv-se | 12 | allow ${HOME}/.tor-browser-sv-se |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-tr.profile b/etc/profile-m-z/tor-browser-tr.profile index c52e8c4c4..0775a0c08 100644 --- a/etc/profile-m-z/tor-browser-tr.profile +++ b/etc/profile-m-z/tor-browser-tr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-tr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-tr | 9 | nodeny ${HOME}/.tor-browser-tr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-tr | 11 | mkdir ${HOME}/.tor-browser-tr |
12 | whitelist ${HOME}/.tor-browser-tr | 12 | allow ${HOME}/.tor-browser-tr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-vi.profile b/etc/profile-m-z/tor-browser-vi.profile index d5bf76655..c4d5a7a76 100644 --- a/etc/profile-m-z/tor-browser-vi.profile +++ b/etc/profile-m-z/tor-browser-vi.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-vi.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-vi | 9 | nodeny ${HOME}/.tor-browser-vi |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-vi | 11 | mkdir ${HOME}/.tor-browser-vi |
12 | whitelist ${HOME}/.tor-browser-vi | 12 | allow ${HOME}/.tor-browser-vi |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-zh-cn.profile b/etc/profile-m-z/tor-browser-zh-cn.profile index 6c8925a4a..4cd287e5d 100644 --- a/etc/profile-m-z/tor-browser-zh-cn.profile +++ b/etc/profile-m-z/tor-browser-zh-cn.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-zh-cn.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-zh-cn | 9 | nodeny ${HOME}/.tor-browser-zh-cn |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-zh-cn | 11 | mkdir ${HOME}/.tor-browser-zh-cn |
12 | whitelist ${HOME}/.tor-browser-zh-cn | 12 | allow ${HOME}/.tor-browser-zh-cn |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser-zh-tw.profile b/etc/profile-m-z/tor-browser-zh-tw.profile index 141a6701e..c75baf522 100644 --- a/etc/profile-m-z/tor-browser-zh-tw.profile +++ b/etc/profile-m-z/tor-browser-zh-tw.profile | |||
@@ -6,10 +6,10 @@ include tor-browser-zh-tw.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser-zh-tw | 9 | nodeny ${HOME}/.tor-browser-zh-tw |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser-zh-tw | 11 | mkdir ${HOME}/.tor-browser-zh-tw |
12 | whitelist ${HOME}/.tor-browser-zh-tw | 12 | allow ${HOME}/.tor-browser-zh-tw |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser.profile b/etc/profile-m-z/tor-browser.profile index 76a0e1fa5..8a2dbda53 100644 --- a/etc/profile-m-z/tor-browser.profile +++ b/etc/profile-m-z/tor-browser.profile | |||
@@ -6,10 +6,10 @@ include tor-browser.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser | 9 | nodeny ${HOME}/.tor-browser |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser | 11 | mkdir ${HOME}/.tor-browser |
12 | whitelist ${HOME}/.tor-browser | 12 | allow ${HOME}/.tor-browser |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ar.profile b/etc/profile-m-z/tor-browser_ar.profile index d811b7549..90b5a0960 100644 --- a/etc/profile-m-z/tor-browser_ar.profile +++ b/etc/profile-m-z/tor-browser_ar.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ar.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ar | 9 | nodeny ${HOME}/.tor-browser_ar |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ar | 11 | mkdir ${HOME}/.tor-browser_ar |
12 | whitelist ${HOME}/.tor-browser_ar | 12 | allow ${HOME}/.tor-browser_ar |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ca.profile b/etc/profile-m-z/tor-browser_ca.profile index 8bf1f7cd4..a04207ccd 100644 --- a/etc/profile-m-z/tor-browser_ca.profile +++ b/etc/profile-m-z/tor-browser_ca.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ca.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ca | 9 | nodeny ${HOME}/.tor-browser_ca |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ca | 11 | mkdir ${HOME}/.tor-browser_ca |
12 | whitelist ${HOME}/.tor-browser_ca | 12 | allow ${HOME}/.tor-browser_ca |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_cs.profile b/etc/profile-m-z/tor-browser_cs.profile index b41107bf1..b99ad14a8 100644 --- a/etc/profile-m-z/tor-browser_cs.profile +++ b/etc/profile-m-z/tor-browser_cs.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_cs.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_cs | 9 | nodeny ${HOME}/.tor-browser_cs |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_cs | 11 | mkdir ${HOME}/.tor-browser_cs |
12 | whitelist ${HOME}/.tor-browser_cs | 12 | allow ${HOME}/.tor-browser_cs |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_da.profile b/etc/profile-m-z/tor-browser_da.profile index cbec4ee2e..545e53b7e 100644 --- a/etc/profile-m-z/tor-browser_da.profile +++ b/etc/profile-m-z/tor-browser_da.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_da.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_da | 9 | nodeny ${HOME}/.tor-browser_da |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_da | 11 | mkdir ${HOME}/.tor-browser_da |
12 | whitelist ${HOME}/.tor-browser_da | 12 | allow ${HOME}/.tor-browser_da |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_de.profile b/etc/profile-m-z/tor-browser_de.profile index ea26765d3..545f82f72 100644 --- a/etc/profile-m-z/tor-browser_de.profile +++ b/etc/profile-m-z/tor-browser_de.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_de.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_de | 9 | nodeny ${HOME}/.tor-browser_de |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_de | 11 | mkdir ${HOME}/.tor-browser_de |
12 | whitelist ${HOME}/.tor-browser_de | 12 | allow ${HOME}/.tor-browser_de |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_el.profile b/etc/profile-m-z/tor-browser_el.profile index ff57a8722..3120b1701 100644 --- a/etc/profile-m-z/tor-browser_el.profile +++ b/etc/profile-m-z/tor-browser_el.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_el.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_el | 9 | nodeny ${HOME}/.tor-browser_el |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_el | 11 | mkdir ${HOME}/.tor-browser_el |
12 | whitelist ${HOME}/.tor-browser_el | 12 | allow ${HOME}/.tor-browser_el |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_en-US.profile b/etc/profile-m-z/tor-browser_en-US.profile index 18c92b638..6719ac057 100644 --- a/etc/profile-m-z/tor-browser_en-US.profile +++ b/etc/profile-m-z/tor-browser_en-US.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_en-US.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_en-US | 9 | nodeny ${HOME}/.tor-browser_en-US |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_en-US | 11 | mkdir ${HOME}/.tor-browser_en-US |
12 | whitelist ${HOME}/.tor-browser_en-US | 12 | allow ${HOME}/.tor-browser_en-US |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_en.profile b/etc/profile-m-z/tor-browser_en.profile index ebba83cc4..4cbd37109 100644 --- a/etc/profile-m-z/tor-browser_en.profile +++ b/etc/profile-m-z/tor-browser_en.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_en.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_en | 9 | nodeny ${HOME}/.tor-browser_en |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_en | 11 | mkdir ${HOME}/.tor-browser_en |
12 | whitelist ${HOME}/.tor-browser_en | 12 | allow ${HOME}/.tor-browser_en |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_es-ES.profile b/etc/profile-m-z/tor-browser_es-ES.profile index aecab38d5..6c8a5987c 100644 --- a/etc/profile-m-z/tor-browser_es-ES.profile +++ b/etc/profile-m-z/tor-browser_es-ES.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_es-ES.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_es-ES | 9 | nodeny ${HOME}/.tor-browser_es-ES |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_es-ES | 11 | mkdir ${HOME}/.tor-browser_es-ES |
12 | whitelist ${HOME}/.tor-browser_es-ES | 12 | allow ${HOME}/.tor-browser_es-ES |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_es.profile b/etc/profile-m-z/tor-browser_es.profile index e19e9b5e6..7d358b7ca 100644 --- a/etc/profile-m-z/tor-browser_es.profile +++ b/etc/profile-m-z/tor-browser_es.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_es.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_es | 9 | nodeny ${HOME}/.tor-browser_es |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_es | 11 | mkdir ${HOME}/.tor-browser_es |
12 | whitelist ${HOME}/.tor-browser_es | 12 | allow ${HOME}/.tor-browser_es |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_fa.profile b/etc/profile-m-z/tor-browser_fa.profile index 68414c277..fc4285c5d 100644 --- a/etc/profile-m-z/tor-browser_fa.profile +++ b/etc/profile-m-z/tor-browser_fa.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_fa.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_fa | 9 | nodeny ${HOME}/.tor-browser_fa |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_fa | 11 | mkdir ${HOME}/.tor-browser_fa |
12 | whitelist ${HOME}/.tor-browser_fa | 12 | allow ${HOME}/.tor-browser_fa |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_fr.profile b/etc/profile-m-z/tor-browser_fr.profile index 0a8bb30b7..2d0c0ff1f 100644 --- a/etc/profile-m-z/tor-browser_fr.profile +++ b/etc/profile-m-z/tor-browser_fr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_fr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_fr | 9 | nodeny ${HOME}/.tor-browser_fr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_fr | 11 | mkdir ${HOME}/.tor-browser_fr |
12 | whitelist ${HOME}/.tor-browser_fr | 12 | allow ${HOME}/.tor-browser_fr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ga-IE.profile b/etc/profile-m-z/tor-browser_ga-IE.profile index 12354b900..2880e1e2a 100644 --- a/etc/profile-m-z/tor-browser_ga-IE.profile +++ b/etc/profile-m-z/tor-browser_ga-IE.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ga-IE.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ga-IE | 9 | nodeny ${HOME}/.tor-browser_ga-IE |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ga-IE | 11 | mkdir ${HOME}/.tor-browser_ga-IE |
12 | whitelist ${HOME}/.tor-browser_ga-IE | 12 | allow ${HOME}/.tor-browser_ga-IE |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_he.profile b/etc/profile-m-z/tor-browser_he.profile index 19cbb0809..ac6993019 100644 --- a/etc/profile-m-z/tor-browser_he.profile +++ b/etc/profile-m-z/tor-browser_he.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_he.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_he | 9 | nodeny ${HOME}/.tor-browser_he |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_he | 11 | mkdir ${HOME}/.tor-browser_he |
12 | whitelist ${HOME}/.tor-browser_he | 12 | allow ${HOME}/.tor-browser_he |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_hu.profile b/etc/profile-m-z/tor-browser_hu.profile index 62b55e170..6877a6be4 100644 --- a/etc/profile-m-z/tor-browser_hu.profile +++ b/etc/profile-m-z/tor-browser_hu.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_hu.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_hu | 9 | nodeny ${HOME}/.tor-browser_hu |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_hu | 11 | mkdir ${HOME}/.tor-browser_hu |
12 | whitelist ${HOME}/.tor-browser_hu | 12 | allow ${HOME}/.tor-browser_hu |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_id.profile b/etc/profile-m-z/tor-browser_id.profile index 2970a7747..5f5601f74 100644 --- a/etc/profile-m-z/tor-browser_id.profile +++ b/etc/profile-m-z/tor-browser_id.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_id.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_id | 9 | nodeny ${HOME}/.tor-browser_id |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_id | 11 | mkdir ${HOME}/.tor-browser_id |
12 | whitelist ${HOME}/.tor-browser_id | 12 | allow ${HOME}/.tor-browser_id |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_is.profile b/etc/profile-m-z/tor-browser_is.profile index f922c7644..f0814d16e 100644 --- a/etc/profile-m-z/tor-browser_is.profile +++ b/etc/profile-m-z/tor-browser_is.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_is.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_is | 9 | nodeny ${HOME}/.tor-browser_is |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_is | 11 | mkdir ${HOME}/.tor-browser_is |
12 | whitelist ${HOME}/.tor-browser_is | 12 | allow ${HOME}/.tor-browser_is |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_it.profile b/etc/profile-m-z/tor-browser_it.profile index 406901759..fa01f6bca 100644 --- a/etc/profile-m-z/tor-browser_it.profile +++ b/etc/profile-m-z/tor-browser_it.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_it.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_it | 9 | nodeny ${HOME}/.tor-browser_it |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_it | 11 | mkdir ${HOME}/.tor-browser_it |
12 | whitelist ${HOME}/.tor-browser_it | 12 | allow ${HOME}/.tor-browser_it |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ja.profile b/etc/profile-m-z/tor-browser_ja.profile index 8f9d8d751..dde107dd3 100644 --- a/etc/profile-m-z/tor-browser_ja.profile +++ b/etc/profile-m-z/tor-browser_ja.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ja.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ja | 9 | nodeny ${HOME}/.tor-browser_ja |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ja | 11 | mkdir ${HOME}/.tor-browser_ja |
12 | whitelist ${HOME}/.tor-browser_ja | 12 | allow ${HOME}/.tor-browser_ja |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ka.profile b/etc/profile-m-z/tor-browser_ka.profile index 4de4135e1..7de4dff65 100644 --- a/etc/profile-m-z/tor-browser_ka.profile +++ b/etc/profile-m-z/tor-browser_ka.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ka.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ka | 9 | nodeny ${HOME}/.tor-browser_ka |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ka | 11 | mkdir ${HOME}/.tor-browser_ka |
12 | whitelist ${HOME}/.tor-browser_ka | 12 | allow ${HOME}/.tor-browser_ka |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ko.profile b/etc/profile-m-z/tor-browser_ko.profile index 125c733ce..7e3ceb4d9 100644 --- a/etc/profile-m-z/tor-browser_ko.profile +++ b/etc/profile-m-z/tor-browser_ko.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ko.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ko | 9 | nodeny ${HOME}/.tor-browser_ko |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ko | 11 | mkdir ${HOME}/.tor-browser_ko |
12 | whitelist ${HOME}/.tor-browser_ko | 12 | allow ${HOME}/.tor-browser_ko |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_nb.profile b/etc/profile-m-z/tor-browser_nb.profile index dc6ac876b..c11001960 100644 --- a/etc/profile-m-z/tor-browser_nb.profile +++ b/etc/profile-m-z/tor-browser_nb.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_nb.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_nb | 9 | nodeny ${HOME}/.tor-browser_nb |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_nb | 11 | mkdir ${HOME}/.tor-browser_nb |
12 | whitelist ${HOME}/.tor-browser_nb | 12 | allow ${HOME}/.tor-browser_nb |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_nl.profile b/etc/profile-m-z/tor-browser_nl.profile index 2a3a5b519..2d1044f9d 100644 --- a/etc/profile-m-z/tor-browser_nl.profile +++ b/etc/profile-m-z/tor-browser_nl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_nl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_nl | 9 | nodeny ${HOME}/.tor-browser_nl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_nl | 11 | mkdir ${HOME}/.tor-browser_nl |
12 | whitelist ${HOME}/.tor-browser_nl | 12 | allow ${HOME}/.tor-browser_nl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_pl.profile b/etc/profile-m-z/tor-browser_pl.profile index b7dec32db..2818320a0 100644 --- a/etc/profile-m-z/tor-browser_pl.profile +++ b/etc/profile-m-z/tor-browser_pl.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_pl.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_pl | 9 | nodeny ${HOME}/.tor-browser_pl |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_pl | 11 | mkdir ${HOME}/.tor-browser_pl |
12 | whitelist ${HOME}/.tor-browser_pl | 12 | allow ${HOME}/.tor-browser_pl |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_pt-BR.profile b/etc/profile-m-z/tor-browser_pt-BR.profile index 7a7d4726c..8c33e2545 100644 --- a/etc/profile-m-z/tor-browser_pt-BR.profile +++ b/etc/profile-m-z/tor-browser_pt-BR.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_pt-BR.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_pt-BR | 9 | nodeny ${HOME}/.tor-browser_pt-BR |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_pt-BR | 11 | mkdir ${HOME}/.tor-browser_pt-BR |
12 | whitelist ${HOME}/.tor-browser_pt-BR | 12 | allow ${HOME}/.tor-browser_pt-BR |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_ru.profile b/etc/profile-m-z/tor-browser_ru.profile index 7d2e6bc97..2553bb031 100644 --- a/etc/profile-m-z/tor-browser_ru.profile +++ b/etc/profile-m-z/tor-browser_ru.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_ru.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_ru | 9 | nodeny ${HOME}/.tor-browser_ru |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_ru | 11 | mkdir ${HOME}/.tor-browser_ru |
12 | whitelist ${HOME}/.tor-browser_ru | 12 | allow ${HOME}/.tor-browser_ru |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_sv-SE.profile b/etc/profile-m-z/tor-browser_sv-SE.profile index 585925e81..3152cb658 100644 --- a/etc/profile-m-z/tor-browser_sv-SE.profile +++ b/etc/profile-m-z/tor-browser_sv-SE.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_sv-SE.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_sv-SE | 9 | nodeny ${HOME}/.tor-browser_sv-SE |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_sv-SE | 11 | mkdir ${HOME}/.tor-browser_sv-SE |
12 | whitelist ${HOME}/.tor-browser_sv-SE | 12 | allow ${HOME}/.tor-browser_sv-SE |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_tr.profile b/etc/profile-m-z/tor-browser_tr.profile index 4b0cc3821..9808d4725 100644 --- a/etc/profile-m-z/tor-browser_tr.profile +++ b/etc/profile-m-z/tor-browser_tr.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_tr.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_tr | 9 | nodeny ${HOME}/.tor-browser_tr |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_tr | 11 | mkdir ${HOME}/.tor-browser_tr |
12 | whitelist ${HOME}/.tor-browser_tr | 12 | allow ${HOME}/.tor-browser_tr |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_vi.profile b/etc/profile-m-z/tor-browser_vi.profile index 4dcfbf56d..364fca40b 100644 --- a/etc/profile-m-z/tor-browser_vi.profile +++ b/etc/profile-m-z/tor-browser_vi.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_vi.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_vi | 9 | nodeny ${HOME}/.tor-browser_vi |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_vi | 11 | mkdir ${HOME}/.tor-browser_vi |
12 | whitelist ${HOME}/.tor-browser_vi | 12 | allow ${HOME}/.tor-browser_vi |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_zh-CN.profile b/etc/profile-m-z/tor-browser_zh-CN.profile index 1e03b8d6b..193e8a399 100644 --- a/etc/profile-m-z/tor-browser_zh-CN.profile +++ b/etc/profile-m-z/tor-browser_zh-CN.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_zh-CN.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_zh-CN | 9 | nodeny ${HOME}/.tor-browser_zh-CN |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_zh-CN | 11 | mkdir ${HOME}/.tor-browser_zh-CN |
12 | whitelist ${HOME}/.tor-browser_zh-CN | 12 | allow ${HOME}/.tor-browser_zh-CN |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/tor-browser_zh-TW.profile b/etc/profile-m-z/tor-browser_zh-TW.profile index a2dcf5cf1..047be9b8e 100644 --- a/etc/profile-m-z/tor-browser_zh-TW.profile +++ b/etc/profile-m-z/tor-browser_zh-TW.profile | |||
@@ -6,10 +6,10 @@ include tor-browser_zh-TW.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tor-browser_zh-TW | 9 | nodeny ${HOME}/.tor-browser_zh-TW |
10 | 10 | ||
11 | mkdir ${HOME}/.tor-browser_zh-TW | 11 | mkdir ${HOME}/.tor-browser_zh-TW |
12 | whitelist ${HOME}/.tor-browser_zh-TW | 12 | allow ${HOME}/.tor-browser_zh-TW |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include torbrowser-launcher.profile | 15 | include torbrowser-launcher.profile |
diff --git a/etc/profile-m-z/torbrowser-launcher.profile b/etc/profile-m-z/torbrowser-launcher.profile index 7659ed1e9..65a37db5f 100644 --- a/etc/profile-m-z/torbrowser-launcher.profile +++ b/etc/profile-m-z/torbrowser-launcher.profile | |||
@@ -8,15 +8,15 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/torbrowser | 11 | nodeny ${HOME}/.config/torbrowser |
12 | noblacklist ${HOME}/.local/share/torbrowser | 12 | nodeny ${HOME}/.local/share/torbrowser |
13 | 13 | ||
14 | # Allow python (blacklisted by disable-interpreters.inc) | 14 | # Allow python (blacklisted by disable-interpreters.inc) |
15 | include allow-python2.inc | 15 | include allow-python2.inc |
16 | include allow-python3.inc | 16 | include allow-python3.inc |
17 | 17 | ||
18 | blacklist /opt | 18 | deny /opt |
19 | blacklist /srv | 19 | deny /srv |
20 | 20 | ||
21 | include disable-common.inc | 21 | include disable-common.inc |
22 | include disable-devel.inc | 22 | include disable-devel.inc |
@@ -28,10 +28,10 @@ include disable-xdg.inc | |||
28 | 28 | ||
29 | mkdir ${HOME}/.config/torbrowser | 29 | mkdir ${HOME}/.config/torbrowser |
30 | mkdir ${HOME}/.local/share/torbrowser | 30 | mkdir ${HOME}/.local/share/torbrowser |
31 | whitelist ${DOWNLOADS} | 31 | allow ${DOWNLOADS} |
32 | whitelist ${HOME}/.config/torbrowser | 32 | allow ${HOME}/.config/torbrowser |
33 | whitelist ${HOME}/.local/share/torbrowser | 33 | allow ${HOME}/.local/share/torbrowser |
34 | whitelist /usr/share/torbrowser-launcher | 34 | allow /usr/share/torbrowser-launcher |
35 | include whitelist-common.inc | 35 | include whitelist-common.inc |
36 | include whitelist-var-common.inc | 36 | include whitelist-var-common.inc |
37 | include whitelist-runuser-common.inc | 37 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/torcs.profile b/etc/profile-m-z/torcs.profile index 0f98a8f64..c5d89c3e3 100644 --- a/etc/profile-m-z/torcs.profile +++ b/etc/profile-m-z/torcs.profile | |||
@@ -6,7 +6,7 @@ include torcs.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.torcs | 9 | nodeny ${HOME}/.torcs |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,9 +17,9 @@ include disable-programs.inc | |||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.torcs | 19 | mkdir ${HOME}/.torcs |
20 | whitelist ${HOME}/.torcs | 20 | allow ${HOME}/.torcs |
21 | whitelist /usr/share/games/torcs | 21 | allow /usr/share/games/torcs |
22 | whitelist /var/games/torcs | 22 | allow /var/games/torcs |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/totem.profile b/etc/profile-m-z/totem.profile index 70d9e0aee..77d3c55f8 100644 --- a/etc/profile-m-z/totem.profile +++ b/etc/profile-m-z/totem.profile | |||
@@ -13,8 +13,8 @@ include allow-lua.inc | |||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python3.inc | 14 | include allow-python3.inc |
15 | 15 | ||
16 | noblacklist ${HOME}/.config/totem | 16 | nodeny ${HOME}/.config/totem |
17 | noblacklist ${HOME}/.local/share/totem | 17 | nodeny ${HOME}/.local/share/totem |
18 | 18 | ||
19 | include disable-common.inc | 19 | include disable-common.inc |
20 | include disable-devel.inc | 20 | include disable-devel.inc |
@@ -27,9 +27,9 @@ include disable-shell.inc | |||
27 | read-only ${DESKTOP} | 27 | read-only ${DESKTOP} |
28 | mkdir ${HOME}/.config/totem | 28 | mkdir ${HOME}/.config/totem |
29 | mkdir ${HOME}/.local/share/totem | 29 | mkdir ${HOME}/.local/share/totem |
30 | whitelist ${HOME}/.config/totem | 30 | allow ${HOME}/.config/totem |
31 | whitelist ${HOME}/.local/share/totem | 31 | allow ${HOME}/.local/share/totem |
32 | whitelist /usr/share/totem | 32 | allow /usr/share/totem |
33 | include whitelist-common.inc | 33 | include whitelist-common.inc |
34 | include whitelist-player-common.inc | 34 | include whitelist-player-common.inc |
35 | include whitelist-runuser-common.inc | 35 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile index 87c5de076..26f4abd0b 100644 --- a/etc/profile-m-z/tracker.profile +++ b/etc/profile-m-z/tracker.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | # Tracker is started by systemd on most systems. Therefore it is not firejailed by default | 9 | # Tracker is started by systemd on most systems. Therefore it is not firejailed by default |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | 11 | deny /tmp/.X11-unix |
12 | blacklist ${RUNUSER}/wayland-* | 12 | deny ${RUNUSER}/wayland-* |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile index ea118a9f0..d5920e2a2 100644 --- a/etc/profile-m-z/transgui.profile +++ b/etc/profile-m-z/transgui.profile | |||
@@ -6,7 +6,7 @@ include transgui.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/transgui | 9 | nodeny ${HOME}/.config/transgui |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/transgui | 20 | mkdir ${HOME}/.config/transgui |
21 | whitelist ${HOME}/.config/transgui | 21 | allow ${HOME}/.config/transgui |
22 | whitelist ${DOWNLOADS} | 22 | allow ${DOWNLOADS} |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/transmission-common.profile b/etc/profile-m-z/transmission-common.profile index 82671b709..5c2cf9d9a 100644 --- a/etc/profile-m-z/transmission-common.profile +++ b/etc/profile-m-z/transmission-common.profile | |||
@@ -7,8 +7,8 @@ include transmission-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.cache/transmission | 10 | nodeny ${HOME}/.cache/transmission |
11 | noblacklist ${HOME}/.config/transmission | 11 | nodeny ${HOME}/.config/transmission |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/transmission | 20 | mkdir ${HOME}/.cache/transmission |
21 | mkdir ${HOME}/.config/transmission | 21 | mkdir ${HOME}/.config/transmission |
22 | whitelist ${DOWNLOADS} | 22 | allow ${DOWNLOADS} |
23 | whitelist ${HOME}/.cache/transmission | 23 | allow ${HOME}/.cache/transmission |
24 | whitelist ${HOME}/.config/transmission | 24 | allow ${HOME}/.config/transmission |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/transmission-daemon.profile b/etc/profile-m-z/transmission-daemon.profile index 348d3cb80..9f0c464fc 100644 --- a/etc/profile-m-z/transmission-daemon.profile +++ b/etc/profile-m-z/transmission-daemon.profile | |||
@@ -10,8 +10,8 @@ include globals.local | |||
10 | ignore caps.drop all | 10 | ignore caps.drop all |
11 | 11 | ||
12 | mkdir ${HOME}/.config/transmission-daemon | 12 | mkdir ${HOME}/.config/transmission-daemon |
13 | whitelist ${HOME}/.config/transmission-daemon | 13 | allow ${HOME}/.config/transmission-daemon |
14 | whitelist /var/lib/transmission | 14 | allow /var/lib/transmission |
15 | 15 | ||
16 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot | 16 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot |
17 | protocol packet | 17 | protocol packet |
diff --git a/etc/profile-m-z/transmission-remote-gtk.profile b/etc/profile-m-z/transmission-remote-gtk.profile index a6400e2c0..7c8eddcbc 100644 --- a/etc/profile-m-z/transmission-remote-gtk.profile +++ b/etc/profile-m-z/transmission-remote-gtk.profile | |||
@@ -7,10 +7,10 @@ include transmission-remote-gtk.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.config/transmission-remote-gtk | 10 | nodeny ${HOME}/.config/transmission-remote-gtk |
11 | 11 | ||
12 | mkdir ${HOME}/.config/transmission-remote-gtk | 12 | mkdir ${HOME}/.config/transmission-remote-gtk |
13 | whitelist ${HOME}/.config/transmission-remote-gtk | 13 | allow ${HOME}/.config/transmission-remote-gtk |
14 | 14 | ||
15 | private-etc fonts,hostname,hosts,resolv.conf | 15 | private-etc fonts,hostname,hosts,resolv.conf |
16 | # Problems with private-lib (see issue #2889) | 16 | # Problems with private-lib (see issue #2889) |
diff --git a/etc/profile-m-z/tremulous.profile b/etc/profile-m-z/tremulous.profile index aba563fac..c2797ddaa 100644 --- a/etc/profile-m-z/tremulous.profile +++ b/etc/profile-m-z/tremulous.profile | |||
@@ -6,7 +6,7 @@ include tremulous.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.tremulous | 9 | nodeny ${HOME}/.tremulous |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.tremulous | 20 | mkdir ${HOME}/.tremulous |
21 | whitelist ${HOME}/.tremulous | 21 | allow ${HOME}/.tremulous |
22 | whitelist /usr/share/tremulous | 22 | allow /usr/share/tremulous |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-runuser-common.inc | 24 | include whitelist-runuser-common.inc |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile index 2d95081f6..95f39b35d 100644 --- a/etc/profile-m-z/trojita.profile +++ b/etc/profile-m-z/trojita.profile | |||
@@ -6,10 +6,10 @@ include trojita.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.abook | 9 | nodeny ${HOME}/.abook |
10 | noblacklist ${HOME}/.mozilla | 10 | nodeny ${HOME}/.mozilla |
11 | noblacklist ${HOME}/.cache/flaska.net/trojita | 11 | nodeny ${HOME}/.cache/flaska.net/trojita |
12 | noblacklist ${HOME}/.config/flaska.net | 12 | nodeny ${HOME}/.config/flaska.net |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-xdg.inc | |||
23 | mkdir ${HOME}/.abook | 23 | mkdir ${HOME}/.abook |
24 | mkdir ${HOME}/.cache/flaska.net/trojita | 24 | mkdir ${HOME}/.cache/flaska.net/trojita |
25 | mkdir ${HOME}/.config/flaska.net | 25 | mkdir ${HOME}/.config/flaska.net |
26 | whitelist ${HOME}/.abook | 26 | allow ${HOME}/.abook |
27 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | 27 | allow ${HOME}/.mozilla/firefox/profiles.ini |
28 | whitelist ${HOME}/.cache/flaska.net/trojita | 28 | allow ${HOME}/.cache/flaska.net/trojita |
29 | whitelist ${HOME}/.config/flaska.net | 29 | allow ${HOME}/.config/flaska.net |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/truecraft.profile b/etc/profile-m-z/truecraft.profile index 749626475..76f289a27 100644 --- a/etc/profile-m-z/truecraft.profile +++ b/etc/profile-m-z/truecraft.profile | |||
@@ -5,8 +5,8 @@ include truecraft.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/mono | 8 | nodeny ${HOME}/.config/mono |
9 | noblacklist ${HOME}/.config/truecraft | 9 | nodeny ${HOME}/.config/truecraft |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | 17 | ||
18 | mkdir ${HOME}/.config/mono | 18 | mkdir ${HOME}/.config/mono |
19 | mkdir ${HOME}/.config/truecraft | 19 | mkdir ${HOME}/.config/truecraft |
20 | whitelist ${HOME}/.config/mono | 20 | allow ${HOME}/.config/mono |
21 | whitelist ${HOME}/.config/truecraft | 21 | allow ${HOME}/.config/truecraft |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | 23 | ||
24 | caps.drop all | 24 | caps.drop all |
diff --git a/etc/profile-m-z/ts3client_runscript.sh.profile b/etc/profile-m-z/ts3client_runscript.sh.profile index 8d4675454..cd6ae96df 100644 --- a/etc/profile-m-z/ts3client_runscript.sh.profile +++ b/etc/profile-m-z/ts3client_runscript.sh.profile | |||
@@ -9,11 +9,11 @@ include ts3client_runscript.sh.local | |||
9 | 9 | ||
10 | ignore noexec ${HOME} | 10 | ignore noexec ${HOME} |
11 | 11 | ||
12 | noblacklist ${HOME}/TeamSpeak3-Client-linux_x86 | 12 | nodeny ${HOME}/TeamSpeak3-Client-linux_x86 |
13 | noblacklist ${HOME}/TeamSpeak3-Client-linux_amd64 | 13 | nodeny ${HOME}/TeamSpeak3-Client-linux_amd64 |
14 | 14 | ||
15 | whitelist ${HOME}/TeamSpeak3-Client-linux_x86 | 15 | allow ${HOME}/TeamSpeak3-Client-linux_x86 |
16 | whitelist ${HOME}/TeamSpeak3-Client-linux_amd64 | 16 | allow ${HOME}/TeamSpeak3-Client-linux_amd64 |
17 | 17 | ||
18 | # Redirect | 18 | # Redirect |
19 | include teamspeak3.profile | 19 | include teamspeak3.profile |
diff --git a/etc/profile-m-z/tutanota-desktop.profile b/etc/profile-m-z/tutanota-desktop.profile index d2cb0cc8a..e59a86ce6 100644 --- a/etc/profile-m-z/tutanota-desktop.profile +++ b/etc/profile-m-z/tutanota-desktop.profile | |||
@@ -6,8 +6,8 @@ include tutanota-desktop.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/tuta_integration | 9 | nodeny ${HOME}/.config/tuta_integration |
10 | noblacklist ${HOME}/.config/tutanota-desktop | 10 | nodeny ${HOME}/.config/tutanota-desktop |
11 | 11 | ||
12 | ignore noexec /tmp | 12 | ignore noexec /tmp |
13 | 13 | ||
@@ -15,12 +15,12 @@ include disable-shell.inc | |||
15 | 15 | ||
16 | mkdir ${HOME}/.config/tuta_integration | 16 | mkdir ${HOME}/.config/tuta_integration |
17 | mkdir ${HOME}/.config/tutanota-desktop | 17 | mkdir ${HOME}/.config/tutanota-desktop |
18 | whitelist ${HOME}/.config/tuta_integration | 18 | allow ${HOME}/.config/tuta_integration |
19 | whitelist ${HOME}/.config/tutanota-desktop | 19 | allow ${HOME}/.config/tutanota-desktop |
20 | 20 | ||
21 | # These lines are needed to allow Firefox to open links | 21 | # These lines are needed to allow Firefox to open links |
22 | noblacklist ${HOME}/.mozilla | 22 | nodeny ${HOME}/.mozilla |
23 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | 23 | allow ${HOME}/.mozilla/firefox/profiles.ini |
24 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 24 | read-only ${HOME}/.mozilla/firefox/profiles.ini |
25 | 25 | ||
26 | ?HAS_APPIMAGE: ignore private-dev | 26 | ?HAS_APPIMAGE: ignore private-dev |
diff --git a/etc/profile-m-z/tuxguitar.profile b/etc/profile-m-z/tuxguitar.profile index 3cd496412..5bb97e161 100644 --- a/etc/profile-m-z/tuxguitar.profile +++ b/etc/profile-m-z/tuxguitar.profile | |||
@@ -9,9 +9,9 @@ include globals.local | |||
9 | # tuxguitar fails to launch | 9 | # tuxguitar fails to launch |
10 | ignore noexec ${HOME} | 10 | ignore noexec ${HOME} |
11 | 11 | ||
12 | noblacklist ${HOME}/.tuxguitar* | 12 | nodeny ${HOME}/.tuxguitar* |
13 | noblacklist ${DOCUMENTS} | 13 | nodeny ${DOCUMENTS} |
14 | noblacklist ${MUSIC} | 14 | nodeny ${MUSIC} |
15 | 15 | ||
16 | # Allow java (blacklisted by disable-devel.inc) | 16 | # Allow java (blacklisted by disable-devel.inc) |
17 | include allow-java.inc | 17 | include allow-java.inc |
diff --git a/etc/profile-m-z/tvbrowser.profile b/etc/profile-m-z/tvbrowser.profile index dae7d86da..8febcd337 100644 --- a/etc/profile-m-z/tvbrowser.profile +++ b/etc/profile-m-z/tvbrowser.profile | |||
@@ -6,8 +6,8 @@ include tvbrowser.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/tvbrowser | 9 | nodeny ${HOME}/.config/tvbrowser |
10 | noblacklist ${HOME}/.tvbrowser | 10 | nodeny ${HOME}/.tvbrowser |
11 | 11 | ||
12 | # Allow java (blacklisted by disable-devel.inc) | 12 | # Allow java (blacklisted by disable-devel.inc) |
13 | include allow-java.inc | 13 | include allow-java.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.config/tvbrowser | 23 | mkdir ${HOME}/.config/tvbrowser |
24 | mkdir ${HOME}/.tvbrowser | 24 | mkdir ${HOME}/.tvbrowser |
25 | whitelist ${HOME}/.config/tvbrowser | 25 | allow ${HOME}/.config/tvbrowser |
26 | whitelist ${HOME}/.tvbrowser | 26 | allow ${HOME}/.tvbrowser |
27 | whitelist /usr/share/tvbrowser | 27 | allow /usr/share/tvbrowser |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile index 2f573c872..abcc885e6 100644 --- a/etc/profile-m-z/twitch.profile +++ b/etc/profile-m-z/twitch.profile | |||
@@ -10,12 +10,12 @@ include globals.local | |||
10 | ignore nou2f | 10 | ignore nou2f |
11 | ignore novideo | 11 | ignore novideo |
12 | 12 | ||
13 | noblacklist ${HOME}/.config/Twitch | 13 | nodeny ${HOME}/.config/Twitch |
14 | 14 | ||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | 16 | ||
17 | mkdir ${HOME}/.config/Twitch | 17 | mkdir ${HOME}/.config/Twitch |
18 | whitelist ${HOME}/.config/Twitch | 18 | allow ${HOME}/.config/Twitch |
19 | 19 | ||
20 | private-bin twitch | 20 | private-bin twitch |
21 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 21 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/uefitool.profile b/etc/profile-m-z/uefitool.profile index 3e4fdbb03..8c705c95f 100644 --- a/etc/profile-m-z/uefitool.profile +++ b/etc/profile-m-z/uefitool.profile | |||
@@ -5,7 +5,7 @@ include uefitool.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${DOCUMENTS} | 8 | nodeny ${DOCUMENTS} |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/uget-gtk.profile b/etc/profile-m-z/uget-gtk.profile index 4420099ff..eed2db541 100644 --- a/etc/profile-m-z/uget-gtk.profile +++ b/etc/profile-m-z/uget-gtk.profile | |||
@@ -5,7 +5,7 @@ include uget-gtk.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/uGet | 8 | nodeny ${HOME}/.config/uGet |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
@@ -14,8 +14,8 @@ include disable-programs.inc | |||
14 | include disable-shell.inc | 14 | include disable-shell.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.config/uGet | 16 | mkdir ${HOME}/.config/uGet |
17 | whitelist ${DOWNLOADS} | 17 | allow ${DOWNLOADS} |
18 | whitelist ${HOME}/.config/uGet | 18 | allow ${HOME}/.config/uGet |
19 | include whitelist-common.inc | 19 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 20 | include whitelist-usr-share-common.inc |
21 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/unbound.profile b/etc/profile-m-z/unbound.profile index 0c077babf..7e7b3fbec 100644 --- a/etc/profile-m-z/unbound.profile +++ b/etc/profile-m-z/unbound.profile | |||
@@ -6,11 +6,11 @@ include unbound.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /sbin | 9 | nodeny /sbin |
10 | noblacklist /usr/sbin | 10 | nodeny /usr/sbin |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | 12 | deny /tmp/.X11-unix |
13 | blacklist ${RUNUSER}/wayland-* | 13 | deny ${RUNUSER}/wayland-* |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
@@ -22,8 +22,8 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | 24 | ||
25 | whitelist /var/lib/unbound | 25 | allow /var/lib/unbound |
26 | whitelist /var/run | 26 | allow /var/run |
27 | 27 | ||
28 | caps.keep net_admin,net_bind_service,setgid,setuid,sys_chroot,sys_resource | 28 | caps.keep net_admin,net_bind_service,setgid,setuid,sys_chroot,sys_resource |
29 | ipc-namespace | 29 | ipc-namespace |
diff --git a/etc/profile-m-z/unf.profile b/etc/profile-m-z/unf.profile index 6db7ba362..846271971 100644 --- a/etc/profile-m-z/unf.profile +++ b/etc/profile-m-z/unf.profile | |||
@@ -7,7 +7,7 @@ include unf.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-programs.inc | |||
18 | include disable-shell.inc | 18 | include disable-shell.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | whitelist ${DOWNLOADS} | 21 | allow ${DOWNLOADS} |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | 23 | include whitelist-usr-share-common.inc |
24 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/unknown-horizons.profile b/etc/profile-m-z/unknown-horizons.profile index 956492f52..3e1c6264d 100644 --- a/etc/profile-m-z/unknown-horizons.profile +++ b/etc/profile-m-z/unknown-horizons.profile | |||
@@ -6,7 +6,7 @@ include unknown-horizons.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.unknown-horizons | 9 | nodeny ${HOME}/.unknown-horizons |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-exec.inc | 12 | include disable-exec.inc |
@@ -14,10 +14,10 @@ include disable-passwdmgr.inc | |||
14 | include disable-programs.inc | 14 | include disable-programs.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.unknown-horizons | 16 | mkdir ${HOME}/.unknown-horizons |
17 | whitelist ${HOME}/.unknown-horizons | 17 | allow ${HOME}/.unknown-horizons |
18 | include whitelist-common.inc | 18 | include whitelist-common.inc |
19 | include whitelist-runuser-common.inc | 19 | include whitelist-runuser-common.inc |
20 | whitelist /usr/share/unknown-horizons | 20 | allow /usr/share/unknown-horizons |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
23 | 23 | ||
diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index 0231e3dba..99d2415ca 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile | |||
@@ -8,7 +8,7 @@ include unzip.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | # GNOME Shell integration (chrome-gnome-shell) | 10 | # GNOME Shell integration (chrome-gnome-shell) |
11 | noblacklist ${HOME}/.local/share/gnome-shell | 11 | nodeny ${HOME}/.local/share/gnome-shell |
12 | 12 | ||
13 | private-etc alternatives,group,localtime,passwd | 13 | private-etc alternatives,group,localtime,passwd |
14 | 14 | ||
diff --git a/etc/profile-m-z/utox.profile b/etc/profile-m-z/utox.profile index dd881f091..3b0f7c646 100644 --- a/etc/profile-m-z/utox.profile +++ b/etc/profile-m-z/utox.profile | |||
@@ -6,8 +6,8 @@ include utox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/Tox | 9 | nodeny ${HOME}/.cache/Tox |
10 | noblacklist ${HOME}/.config/tox | 10 | nodeny ${HOME}/.config/tox |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-shell.inc | |||
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/tox | 21 | mkdir ${HOME}/.config/tox |
22 | whitelist ${DOWNLOADS} | 22 | allow ${DOWNLOADS} |
23 | whitelist ${HOME}/.config/tox | 23 | allow ${HOME}/.config/tox |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
26 | 26 | ||
diff --git a/etc/profile-m-z/uudeview.profile b/etc/profile-m-z/uudeview.profile index 2adc044e5..3bda71666 100644 --- a/etc/profile-m-z/uudeview.profile +++ b/etc/profile-m-z/uudeview.profile | |||
@@ -7,7 +7,7 @@ include uudeview.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | 10 | deny ${RUNUSER}/wayland-* |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/uzbl-browser.profile b/etc/profile-m-z/uzbl-browser.profile index 41487a8f2..6899f4bf7 100644 --- a/etc/profile-m-z/uzbl-browser.profile +++ b/etc/profile-m-z/uzbl-browser.profile | |||
@@ -5,9 +5,9 @@ include uzbl-browser.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/uzbl | 8 | nodeny ${HOME}/.config/uzbl |
9 | noblacklist ${HOME}/.gnupg | 9 | nodeny ${HOME}/.gnupg |
10 | noblacklist ${HOME}/.local/share/uzbl | 10 | nodeny ${HOME}/.local/share/uzbl |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
13 | include allow-python2.inc | 13 | include allow-python2.inc |
@@ -22,11 +22,11 @@ mkdir ${HOME}/.config/uzbl | |||
22 | mkdir ${HOME}/.gnupg | 22 | mkdir ${HOME}/.gnupg |
23 | mkdir ${HOME}/.local/share/uzbl | 23 | mkdir ${HOME}/.local/share/uzbl |
24 | mkdir ${HOME}/.password-store | 24 | mkdir ${HOME}/.password-store |
25 | whitelist ${DOWNLOADS} | 25 | allow ${DOWNLOADS} |
26 | whitelist ${HOME}/.config/uzbl | 26 | allow ${HOME}/.config/uzbl |
27 | whitelist ${HOME}/.gnupg | 27 | allow ${HOME}/.gnupg |
28 | whitelist ${HOME}/.local/share/uzbl | 28 | allow ${HOME}/.local/share/uzbl |
29 | whitelist ${HOME}/.password-store | 29 | allow ${HOME}/.password-store |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | 31 | ||
32 | caps.drop all | 32 | caps.drop all |
diff --git a/etc/profile-m-z/viewnior.profile b/etc/profile-m-z/viewnior.profile index a9ba344dd..e0bf02706 100644 --- a/etc/profile-m-z/viewnior.profile +++ b/etc/profile-m-z/viewnior.profile | |||
@@ -6,11 +6,11 @@ include viewnior.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.Steam | 9 | nodeny ${HOME}/.Steam |
10 | noblacklist ${HOME}/.config/viewnior | 10 | nodeny ${HOME}/.config/viewnior |
11 | noblacklist ${HOME}/.steam | 11 | nodeny ${HOME}/.steam |
12 | 12 | ||
13 | blacklist ${HOME}/.bashrc | 13 | deny ${HOME}/.bashrc |
14 | 14 | ||
15 | include disable-common.inc | 15 | include disable-common.inc |
16 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/profile-m-z/viking.profile b/etc/profile-m-z/viking.profile index 8f8ef5939..b16f691d6 100644 --- a/etc/profile-m-z/viking.profile +++ b/etc/profile-m-z/viking.profile | |||
@@ -6,9 +6,9 @@ include viking.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.viking | 9 | nodeny ${HOME}/.viking |
10 | noblacklist ${HOME}/.viking-maps | 10 | nodeny ${HOME}/.viking-maps |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/vim.profile b/etc/profile-m-z/vim.profile index c3cfe5980..b535225dd 100644 --- a/etc/profile-m-z/vim.profile +++ b/etc/profile-m-z/vim.profile | |||
@@ -6,9 +6,9 @@ include vim.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.vim | 9 | nodeny ${HOME}/.vim |
10 | noblacklist ${HOME}/.viminfo | 10 | nodeny ${HOME}/.viminfo |
11 | noblacklist ${HOME}/.vimrc | 11 | nodeny ${HOME}/.vimrc |
12 | 12 | ||
13 | # Allows files commonly used by IDEs | 13 | # Allows files commonly used by IDEs |
14 | include allow-common-devel.inc | 14 | include allow-common-devel.inc |
diff --git a/etc/profile-m-z/virtualbox.profile b/etc/profile-m-z/virtualbox.profile index c22fb0ff9..f28828338 100644 --- a/etc/profile-m-z/virtualbox.profile +++ b/etc/profile-m-z/virtualbox.profile | |||
@@ -6,12 +6,12 @@ include virtualbox.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.VirtualBox | 9 | nodeny ${HOME}/.VirtualBox |
10 | noblacklist ${HOME}/.config/VirtualBox | 10 | nodeny ${HOME}/.config/VirtualBox |
11 | noblacklist ${HOME}/VirtualBox VMs | 11 | nodeny ${HOME}/VirtualBox VMs |
12 | # noblacklist /usr/bin/virtualbox | 12 | # noblacklist /usr/bin/virtualbox |
13 | noblacklist /usr/lib/virtualbox | 13 | nodeny /usr/lib/virtualbox |
14 | noblacklist /usr/lib64/virtualbox | 14 | nodeny /usr/lib64/virtualbox |
15 | 15 | ||
16 | include disable-common.inc | 16 | include disable-common.inc |
17 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -23,10 +23,10 @@ include disable-xdg.inc | |||
23 | 23 | ||
24 | mkdir ${HOME}/.config/VirtualBox | 24 | mkdir ${HOME}/.config/VirtualBox |
25 | mkdir ${HOME}/VirtualBox VMs | 25 | mkdir ${HOME}/VirtualBox VMs |
26 | whitelist ${HOME}/.config/VirtualBox | 26 | allow ${HOME}/.config/VirtualBox |
27 | whitelist ${HOME}/VirtualBox VMs | 27 | allow ${HOME}/VirtualBox VMs |
28 | whitelist ${DOWNLOADS} | 28 | allow ${DOWNLOADS} |
29 | whitelist /usr/share/virtualbox | 29 | allow /usr/share/virtualbox |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/vivaldi.profile b/etc/profile-m-z/vivaldi.profile index fdeb0307f..3858405db 100644 --- a/etc/profile-m-z/vivaldi.profile +++ b/etc/profile-m-z/vivaldi.profile | |||
@@ -8,26 +8,26 @@ include globals.local | |||
8 | # Allow HTML5 Proprietary Media & DRM/EME (Widevine) | 8 | # Allow HTML5 Proprietary Media & DRM/EME (Widevine) |
9 | ignore apparmor | 9 | ignore apparmor |
10 | ignore noexec /var | 10 | ignore noexec /var |
11 | noblacklist /var/opt | 11 | nodeny /var/opt |
12 | whitelist /var/opt/vivaldi | 12 | allow /var/opt/vivaldi |
13 | writable-var | 13 | writable-var |
14 | 14 | ||
15 | noblacklist ${HOME}/.cache/vivaldi | 15 | nodeny ${HOME}/.cache/vivaldi |
16 | noblacklist ${HOME}/.cache/vivaldi-snapshot | 16 | nodeny ${HOME}/.cache/vivaldi-snapshot |
17 | noblacklist ${HOME}/.config/vivaldi | 17 | nodeny ${HOME}/.config/vivaldi |
18 | noblacklist ${HOME}/.config/vivaldi-snapshot | 18 | nodeny ${HOME}/.config/vivaldi-snapshot |
19 | noblacklist ${HOME}/.local/lib/vivaldi | 19 | nodeny ${HOME}/.local/lib/vivaldi |
20 | 20 | ||
21 | mkdir ${HOME}/.cache/vivaldi | 21 | mkdir ${HOME}/.cache/vivaldi |
22 | mkdir ${HOME}/.cache/vivaldi-snapshot | 22 | mkdir ${HOME}/.cache/vivaldi-snapshot |
23 | mkdir ${HOME}/.config/vivaldi | 23 | mkdir ${HOME}/.config/vivaldi |
24 | mkdir ${HOME}/.config/vivaldi-snapshot | 24 | mkdir ${HOME}/.config/vivaldi-snapshot |
25 | mkdir ${HOME}/.local/lib/vivaldi | 25 | mkdir ${HOME}/.local/lib/vivaldi |
26 | whitelist ${HOME}/.cache/vivaldi | 26 | allow ${HOME}/.cache/vivaldi |
27 | whitelist ${HOME}/.cache/vivaldi-snapshot | 27 | allow ${HOME}/.cache/vivaldi-snapshot |
28 | whitelist ${HOME}/.config/vivaldi | 28 | allow ${HOME}/.config/vivaldi |
29 | whitelist ${HOME}/.config/vivaldi-snapshot | 29 | allow ${HOME}/.config/vivaldi-snapshot |
30 | whitelist ${HOME}/.local/lib/vivaldi | 30 | allow ${HOME}/.local/lib/vivaldi |
31 | 31 | ||
32 | #private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot | 32 | #private-bin bash,cat,dirname,readlink,rm,vivaldi,vivaldi-stable,vivaldi-snapshot |
33 | 33 | ||
diff --git a/etc/profile-m-z/vlc.profile b/etc/profile-m-z/vlc.profile index cd7dccd8a..ede2d4525 100644 --- a/etc/profile-m-z/vlc.profile +++ b/etc/profile-m-z/vlc.profile | |||
@@ -6,10 +6,10 @@ include vlc.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/vlc | 9 | nodeny ${HOME}/.cache/vlc |
10 | noblacklist ${HOME}/.config/vlc | 10 | nodeny ${HOME}/.config/vlc |
11 | noblacklist ${HOME}/.config/aacs | 11 | nodeny ${HOME}/.config/aacs |
12 | noblacklist ${HOME}/.local/share/vlc | 12 | nodeny ${HOME}/.local/share/vlc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -22,10 +22,10 @@ read-only ${DESKTOP} | |||
22 | mkdir ${HOME}/.cache/vlc | 22 | mkdir ${HOME}/.cache/vlc |
23 | mkdir ${HOME}/.config/vlc | 23 | mkdir ${HOME}/.config/vlc |
24 | mkdir ${HOME}/.local/share/vlc | 24 | mkdir ${HOME}/.local/share/vlc |
25 | whitelist ${HOME}/.cache/vlc | 25 | allow ${HOME}/.cache/vlc |
26 | whitelist ${HOME}/.config/vlc | 26 | allow ${HOME}/.config/vlc |
27 | whitelist ${HOME}/.config/aacs | 27 | allow ${HOME}/.config/aacs |
28 | whitelist ${HOME}/.local/share/vlc | 28 | allow ${HOME}/.local/share/vlc |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-player-common.inc | 30 | include whitelist-player-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/vmware-view.profile b/etc/profile-m-z/vmware-view.profile index f07c31b68..f23e90e84 100644 --- a/etc/profile-m-z/vmware-view.profile +++ b/etc/profile-m-z/vmware-view.profile | |||
@@ -6,10 +6,10 @@ include vmware-view.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.vmware | 9 | nodeny ${HOME}/.vmware |
10 | 10 | ||
11 | noblacklist /sbin | 11 | nodeny /sbin |
12 | noblacklist /usr/sbin | 12 | nodeny /usr/sbin |
13 | 13 | ||
14 | include allow-bin-sh.inc | 14 | include allow-bin-sh.inc |
15 | 15 | ||
@@ -23,7 +23,7 @@ include disable-shell.inc | |||
23 | include disable-xdg.inc | 23 | include disable-xdg.inc |
24 | 24 | ||
25 | mkdir ${HOME}/.vmware | 25 | mkdir ${HOME}/.vmware |
26 | whitelist ${HOME}/.vmware | 26 | allow ${HOME}/.vmware |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-runuser-common.inc | 28 | include whitelist-runuser-common.inc |
29 | include whitelist-usr-share-common.inc | 29 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/vmware.profile b/etc/profile-m-z/vmware.profile index 5241e27b3..3a535588f 100644 --- a/etc/profile-m-z/vmware.profile +++ b/etc/profile-m-z/vmware.profile | |||
@@ -6,8 +6,8 @@ include vmware.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/vmware | 9 | nodeny ${HOME}/.cache/vmware |
10 | noblacklist ${HOME}/.vmware | 10 | nodeny ${HOME}/.vmware |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
@@ -19,8 +19,8 @@ include disable-xdg.inc | |||
19 | 19 | ||
20 | mkdir ${HOME}/.cache/vmware | 20 | mkdir ${HOME}/.cache/vmware |
21 | mkdir ${HOME}/.vmware | 21 | mkdir ${HOME}/.vmware |
22 | whitelist ${HOME}/.cache/vmware | 22 | allow ${HOME}/.cache/vmware |
23 | whitelist ${HOME}/.vmware | 23 | allow ${HOME}/.vmware |
24 | # Add the next lines to your vmware.local if you need to use "shared VM". | 24 | # Add the next lines to your vmware.local if you need to use "shared VM". |
25 | #whitelist /var/lib/vmware | 25 | #whitelist /var/lib/vmware |
26 | #writable-var | 26 | #writable-var |
diff --git a/etc/profile-m-z/vscodium.profile b/etc/profile-m-z/vscodium.profile index a4a4fb7d8..7996113f5 100644 --- a/etc/profile-m-z/vscodium.profile +++ b/etc/profile-m-z/vscodium.profile | |||
@@ -6,7 +6,7 @@ include vscodium.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.VSCodium | 9 | nodeny ${HOME}/.VSCodium |
10 | 10 | ||
11 | # Redirect | 11 | # Redirect |
12 | include code.profile | 12 | include code.profile |
diff --git a/etc/profile-m-z/vulturesclaw.profile b/etc/profile-m-z/vulturesclaw.profile index fa6ddf1fb..a6c38c1f1 100644 --- a/etc/profile-m-z/vulturesclaw.profile +++ b/etc/profile-m-z/vulturesclaw.profile | |||
@@ -6,8 +6,8 @@ include vulturesclaw.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist /var/games/vulturesclaw | 9 | nodeny /var/games/vulturesclaw |
10 | whitelist /var/games/vulturesclaw | 10 | allow /var/games/vulturesclaw |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
13 | include nethack-vultures.profile | 13 | include nethack-vultures.profile |
diff --git a/etc/profile-m-z/vultureseye.profile b/etc/profile-m-z/vultureseye.profile index 49d3fa94f..763c50bf6 100644 --- a/etc/profile-m-z/vultureseye.profile +++ b/etc/profile-m-z/vultureseye.profile | |||
@@ -6,8 +6,8 @@ include vultureseye.local | |||
6 | # added by included profile | 6 | # added by included profile |
7 | #include globals.local | 7 | #include globals.local |
8 | 8 | ||
9 | noblacklist /var/games/vultureseye | 9 | nodeny /var/games/vultureseye |
10 | whitelist /var/games/vultureseye | 10 | allow /var/games/vultureseye |
11 | 11 | ||
12 | # Redirect | 12 | # Redirect |
13 | include nethack-vultures.profile | 13 | include nethack-vultures.profile |
diff --git a/etc/profile-m-z/vym.profile b/etc/profile-m-z/vym.profile index 5421c4e4b..1f2462c32 100644 --- a/etc/profile-m-z/vym.profile +++ b/etc/profile-m-z/vym.profile | |||
@@ -6,7 +6,7 @@ include vym.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/InSilmaril | 9 | nodeny ${HOME}/.config/InSilmaril |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index 69b2c6c59..6b38bbf13 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile | |||
@@ -12,10 +12,10 @@ include globals.local | |||
12 | #ignore private-dev | 12 | #ignore private-dev |
13 | #ignore private-etc | 13 | #ignore private-etc |
14 | 14 | ||
15 | noblacklist ${HOME}/.w3m | 15 | nodeny ${HOME}/.w3m |
16 | 16 | ||
17 | blacklist /tmp/.X11-unix | 17 | deny /tmp/.X11-unix |
18 | blacklist ${RUNUSER}/wayland-* | 18 | deny ${RUNUSER}/wayland-* |
19 | 19 | ||
20 | # Allow /bin/sh (blacklisted by disable-shell.inc) | 20 | # Allow /bin/sh (blacklisted by disable-shell.inc) |
21 | include allow-bin-sh.inc | 21 | include allow-bin-sh.inc |
@@ -33,9 +33,9 @@ include disable-shell.inc | |||
33 | include disable-xdg.inc | 33 | include disable-xdg.inc |
34 | 34 | ||
35 | mkdir ${HOME}/.w3m | 35 | mkdir ${HOME}/.w3m |
36 | whitelist /usr/share/w3m | 36 | allow /usr/share/w3m |
37 | whitelist ${DOWNLOADS} | 37 | allow ${DOWNLOADS} |
38 | whitelist ${HOME}/.w3m | 38 | allow ${HOME}/.w3m |
39 | include whitelist-runuser-common.inc | 39 | include whitelist-runuser-common.inc |
40 | include whitelist-usr-share-common.inc | 40 | include whitelist-usr-share-common.inc |
41 | include whitelist-var-common.inc | 41 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/warmux.profile b/etc/profile-m-z/warmux.profile index 1227a202c..6658ac5db 100644 --- a/etc/profile-m-z/warmux.profile +++ b/etc/profile-m-z/warmux.profile | |||
@@ -6,9 +6,9 @@ include warmux.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/wormux | 9 | nodeny ${HOME}/.config/wormux |
10 | noblacklist ${HOME}/.local/share/wormux | 10 | nodeny ${HOME}/.local/share/wormux |
11 | noblacklist ${HOME}/.wormux | 11 | nodeny ${HOME}/.wormux |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,10 +22,10 @@ include disable-xdg.inc | |||
22 | mkdir ${HOME}/.config/wormux | 22 | mkdir ${HOME}/.config/wormux |
23 | mkdir ${HOME}/.local/share/wormux | 23 | mkdir ${HOME}/.local/share/wormux |
24 | mkdir ${HOME}/.wormux | 24 | mkdir ${HOME}/.wormux |
25 | whitelist ${HOME}/.config/wormux | 25 | allow ${HOME}/.config/wormux |
26 | whitelist ${HOME}/.local/share/wormux | 26 | allow ${HOME}/.local/share/wormux |
27 | whitelist ${HOME}/.wormux | 27 | allow ${HOME}/.wormux |
28 | whitelist /usr/share/warmux | 28 | allow /usr/share/warmux |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/warsow.profile b/etc/profile-m-z/warsow.profile index e0cd3daad..fac4d0555 100644 --- a/etc/profile-m-z/warsow.profile +++ b/etc/profile-m-z/warsow.profile | |||
@@ -8,8 +8,8 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec ${HOME} | 9 | ignore noexec ${HOME} |
10 | 10 | ||
11 | noblacklist ${HOME}/.cache/warsow-2.1 | 11 | nodeny ${HOME}/.cache/warsow-2.1 |
12 | noblacklist ${HOME}/.local/share/warsow-2.1 | 12 | nodeny ${HOME}/.local/share/warsow-2.1 |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -22,9 +22,9 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.cache/warsow-2.1 | 23 | mkdir ${HOME}/.cache/warsow-2.1 |
24 | mkdir ${HOME}/.local/share/warsow-2.1 | 24 | mkdir ${HOME}/.local/share/warsow-2.1 |
25 | whitelist ${HOME}/.cache/warsow-2.1 | 25 | allow ${HOME}/.cache/warsow-2.1 |
26 | whitelist ${HOME}/.local/share/warsow-2.1 | 26 | allow ${HOME}/.local/share/warsow-2.1 |
27 | whitelist /usr/share/warsow | 27 | allow /usr/share/warsow |
28 | include whitelist-common.inc | 28 | include whitelist-common.inc |
29 | include whitelist-runuser-common.inc | 29 | include whitelist-runuser-common.inc |
30 | include whitelist-usr-share-common.inc | 30 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/warzone2100.profile b/etc/profile-m-z/warzone2100.profile index 420e8927e..081ae349b 100644 --- a/etc/profile-m-z/warzone2100.profile +++ b/etc/profile-m-z/warzone2100.profile | |||
@@ -6,7 +6,7 @@ include warzone2100.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.warzone2100-3.* | 9 | nodeny ${HOME}/.warzone2100-3.* |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,9 +18,9 @@ include disable-shell.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.warzone2100-3.1 | 19 | mkdir ${HOME}/.warzone2100-3.1 |
20 | mkdir ${HOME}/.warzone2100-3.2 | 20 | mkdir ${HOME}/.warzone2100-3.2 |
21 | whitelist ${HOME}/.warzone2100-3.1 | 21 | allow ${HOME}/.warzone2100-3.1 |
22 | whitelist ${HOME}/.warzone2100-3.2 | 22 | allow ${HOME}/.warzone2100-3.2 |
23 | whitelist /usr/share/games | 23 | allow /usr/share/games |
24 | include whitelist-common.inc | 24 | include whitelist-common.inc |
25 | include whitelist-runuser-common.inc | 25 | include whitelist-runuser-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/waterfox.profile b/etc/profile-m-z/waterfox.profile index 18f1ca79a..4081b29b9 100644 --- a/etc/profile-m-z/waterfox.profile +++ b/etc/profile-m-z/waterfox.profile | |||
@@ -5,13 +5,13 @@ include waterfox.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.cache/waterfox | 8 | nodeny ${HOME}/.cache/waterfox |
9 | noblacklist ${HOME}/.waterfox | 9 | nodeny ${HOME}/.waterfox |
10 | 10 | ||
11 | mkdir ${HOME}/.cache/waterfox | 11 | mkdir ${HOME}/.cache/waterfox |
12 | mkdir ${HOME}/.waterfox | 12 | mkdir ${HOME}/.waterfox |
13 | whitelist ${HOME}/.cache/waterfox | 13 | allow ${HOME}/.cache/waterfox |
14 | whitelist ${HOME}/.waterfox | 14 | allow ${HOME}/.waterfox |
15 | 15 | ||
16 | # Add the next lines to your watefox.local if you want to use the migration wizard. | 16 | # Add the next lines to your watefox.local if you want to use the migration wizard. |
17 | #noblacklist ${HOME}/.mozilla | 17 | #noblacklist ${HOME}/.mozilla |
diff --git a/etc/profile-m-z/webstorm.profile b/etc/profile-m-z/webstorm.profile index 69e96d0cd..1f42dae2c 100644 --- a/etc/profile-m-z/webstorm.profile +++ b/etc/profile-m-z/webstorm.profile | |||
@@ -5,12 +5,12 @@ include webstorm.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.WebStorm* | 8 | nodeny ${HOME}/.WebStorm* |
9 | noblacklist ${HOME}/.android | 9 | nodeny ${HOME}/.android |
10 | noblacklist ${HOME}/.local/share/JetBrains | 10 | nodeny ${HOME}/.local/share/JetBrains |
11 | noblacklist ${HOME}/.tooling | 11 | nodeny ${HOME}/.tooling |
12 | # Allow KDE file manager to open with log directories (blacklisted by disable-programs.inc) | 12 | # Allow KDE file manager to open with log directories (blacklisted by disable-programs.inc) |
13 | noblacklist ${HOME}/.config/dolphinrc | 13 | nodeny ${HOME}/.config/dolphinrc |
14 | 14 | ||
15 | # Allows files commonly used by IDEs | 15 | # Allows files commonly used by IDEs |
16 | include allow-common-devel.inc | 16 | include allow-common-devel.inc |
@@ -18,8 +18,8 @@ include allow-common-devel.inc | |||
18 | # Allow ssh (blacklisted by disable-common.inc) | 18 | # Allow ssh (blacklisted by disable-common.inc) |
19 | include allow-ssh.inc | 19 | include allow-ssh.inc |
20 | 20 | ||
21 | noblacklist ${PATH}/node | 21 | nodeny ${PATH}/node |
22 | noblacklist ${HOME}/.nvm | 22 | nodeny ${HOME}/.nvm |
23 | 23 | ||
24 | include disable-common.inc | 24 | include disable-common.inc |
25 | include disable-devel.inc | 25 | include disable-devel.inc |
diff --git a/etc/profile-m-z/webui-aria2.profile b/etc/profile-m-z/webui-aria2.profile index d5a998f35..d1bbcfb67 100644 --- a/etc/profile-m-z/webui-aria2.profile +++ b/etc/profile-m-z/webui-aria2.profile | |||
@@ -6,7 +6,7 @@ include webui-aria2.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${PATH}/node | 9 | nodeny ${PATH}/node |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/weechat.profile b/etc/profile-m-z/weechat.profile index 76935212f..99941a590 100644 --- a/etc/profile-m-z/weechat.profile +++ b/etc/profile-m-z/weechat.profile | |||
@@ -6,12 +6,12 @@ include weechat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.weechat | 9 | nodeny ${HOME}/.weechat |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-programs.inc | 12 | include disable-programs.inc |
13 | 13 | ||
14 | whitelist /usr/share/weechat | 14 | allow /usr/share/weechat |
15 | include whitelist-usr-share-common.inc | 15 | include whitelist-usr-share-common.inc |
16 | include whitelist-var-common.inc | 16 | include whitelist-var-common.inc |
17 | 17 | ||
diff --git a/etc/profile-m-z/wesnoth.profile b/etc/profile-m-z/wesnoth.profile index 199b3c6f0..47b923e6a 100644 --- a/etc/profile-m-z/wesnoth.profile +++ b/etc/profile-m-z/wesnoth.profile | |||
@@ -6,9 +6,9 @@ include wesnoth.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/wesnoth | 9 | nodeny ${HOME}/.cache/wesnoth |
10 | noblacklist ${HOME}/.config/wesnoth | 10 | nodeny ${HOME}/.config/wesnoth |
11 | noblacklist ${HOME}/.local/share/wesnoth | 11 | nodeny ${HOME}/.local/share/wesnoth |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -19,9 +19,9 @@ include disable-programs.inc | |||
19 | mkdir ${HOME}/.cache/wesnoth | 19 | mkdir ${HOME}/.cache/wesnoth |
20 | mkdir ${HOME}/.config/wesnoth | 20 | mkdir ${HOME}/.config/wesnoth |
21 | mkdir ${HOME}/.local/share/wesnoth | 21 | mkdir ${HOME}/.local/share/wesnoth |
22 | whitelist ${HOME}/.cache/wesnoth | 22 | allow ${HOME}/.cache/wesnoth |
23 | whitelist ${HOME}/.config/wesnoth | 23 | allow ${HOME}/.config/wesnoth |
24 | whitelist ${HOME}/.local/share/wesnoth | 24 | allow ${HOME}/.local/share/wesnoth |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | 26 | ||
27 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index 53c4711bd..3c4a4eb63 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile | |||
@@ -7,12 +7,12 @@ include wget.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.netrc | 10 | nodeny ${HOME}/.netrc |
11 | noblacklist ${HOME}/.wget-hsts | 11 | nodeny ${HOME}/.wget-hsts |
12 | noblacklist ${HOME}/.wgetrc | 12 | nodeny ${HOME}/.wgetrc |
13 | 13 | ||
14 | blacklist /tmp/.X11-unix | 14 | deny /tmp/.X11-unix |
15 | blacklist ${RUNUSER} | 15 | deny ${RUNUSER} |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-m-z/whalebird.profile b/etc/profile-m-z/whalebird.profile index 22a84274d..fdbd406c2 100644 --- a/etc/profile-m-z/whalebird.profile +++ b/etc/profile-m-z/whalebird.profile | |||
@@ -13,10 +13,10 @@ ignore include whitelist-usr-share-common.inc | |||
13 | ignore dbus-user none | 13 | ignore dbus-user none |
14 | ignore dbus-system none | 14 | ignore dbus-system none |
15 | 15 | ||
16 | noblacklist ${HOME}/.config/Whalebird | 16 | nodeny ${HOME}/.config/Whalebird |
17 | 17 | ||
18 | mkdir ${HOME}/.config/Whalebird | 18 | mkdir ${HOME}/.config/Whalebird |
19 | whitelist ${HOME}/.config/Whalebird | 19 | allow ${HOME}/.config/Whalebird |
20 | 20 | ||
21 | no3d | 21 | no3d |
22 | 22 | ||
diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile index 93871a5a4..35d7fe9cb 100644 --- a/etc/profile-m-z/whois.profile +++ b/etc/profile-m-z/whois.profile | |||
@@ -7,8 +7,8 @@ include whois.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | deny /tmp/.X11-unix |
11 | blacklist ${RUNUSER} | 11 | deny ${RUNUSER} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/widelands.profile b/etc/profile-m-z/widelands.profile index 0dc26b11d..8f5adb0fc 100644 --- a/etc/profile-m-z/widelands.profile +++ b/etc/profile-m-z/widelands.profile | |||
@@ -6,7 +6,7 @@ include widelands.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.widelands | 9 | nodeny ${HOME}/.widelands |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,7 +18,7 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.widelands | 20 | mkdir ${HOME}/.widelands |
21 | whitelist ${HOME}/.widelands | 21 | allow ${HOME}/.widelands |
22 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/wine.profile b/etc/profile-m-z/wine.profile index 0ea24aafd..6bc68c829 100644 --- a/etc/profile-m-z/wine.profile +++ b/etc/profile-m-z/wine.profile | |||
@@ -6,13 +6,13 @@ include wine.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/winetricks | 9 | nodeny ${HOME}/.cache/winetricks |
10 | noblacklist ${HOME}/.Steam | 10 | nodeny ${HOME}/.Steam |
11 | noblacklist ${HOME}/.local/share/Steam | 11 | nodeny ${HOME}/.local/share/Steam |
12 | noblacklist ${HOME}/.local/share/steam | 12 | nodeny ${HOME}/.local/share/steam |
13 | noblacklist ${HOME}/.steam | 13 | nodeny ${HOME}/.steam |
14 | noblacklist ${HOME}/.wine | 14 | nodeny ${HOME}/.wine |
15 | noblacklist /tmp/.wine-* | 15 | nodeny /tmp/.wine-* |
16 | 16 | ||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-m-z/wire-desktop.profile b/etc/profile-m-z/wire-desktop.profile index 151cd2adb..5f40bbd48 100644 --- a/etc/profile-m-z/wire-desktop.profile +++ b/etc/profile-m-z/wire-desktop.profile | |||
@@ -20,10 +20,10 @@ ignore private-cache | |||
20 | ignore dbus-user none | 20 | ignore dbus-user none |
21 | ignore dbus-system none | 21 | ignore dbus-system none |
22 | 22 | ||
23 | noblacklist ${HOME}/.config/Wire | 23 | nodeny ${HOME}/.config/Wire |
24 | 24 | ||
25 | mkdir ${HOME}/.config/Wire | 25 | mkdir ${HOME}/.config/Wire |
26 | whitelist ${HOME}/.config/Wire | 26 | allow ${HOME}/.config/Wire |
27 | 27 | ||
28 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop | 28 | private-bin bash,electron,electron[0-9],electron[0-9][0-9],env,sh,wire-desktop |
29 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl | 29 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl |
diff --git a/etc/profile-m-z/wireshark.profile b/etc/profile-m-z/wireshark.profile index 1824026a8..f3f347283 100644 --- a/etc/profile-m-z/wireshark.profile +++ b/etc/profile-m-z/wireshark.profile | |||
@@ -6,9 +6,9 @@ include wireshark.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/wireshark | 9 | nodeny ${HOME}/.config/wireshark |
10 | noblacklist ${HOME}/.wireshark | 10 | nodeny ${HOME}/.wireshark |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow lua (blacklisted by disable-interpreters.inc) | 13 | # Allow lua (blacklisted by disable-interpreters.inc) |
14 | include allow-lua.inc | 14 | include allow-lua.inc |
@@ -21,7 +21,7 @@ include disable-passwdmgr.inc | |||
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-xdg.inc | 22 | include disable-xdg.inc |
23 | 23 | ||
24 | whitelist /usr/share/wireshark | 24 | allow /usr/share/wireshark |
25 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-m-z/wordwarvi.profile b/etc/profile-m-z/wordwarvi.profile index 9c724a5d2..1f1541a20 100644 --- a/etc/profile-m-z/wordwarvi.profile +++ b/etc/profile-m-z/wordwarvi.profile | |||
@@ -6,7 +6,7 @@ include wordwarvi.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.wordwarvi | 9 | nodeny ${HOME}/.wordwarvi |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,8 +18,8 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.wordwarvi | 20 | mkdir ${HOME}/.wordwarvi |
21 | whitelist ${HOME}/.wordwarvi | 21 | allow ${HOME}/.wordwarvi |
22 | whitelist /usr/share/wordwarvi | 22 | allow /usr/share/wordwarvi |
23 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/wps.profile b/etc/profile-m-z/wps.profile index a44b6490e..6d16dfb04 100644 --- a/etc/profile-m-z/wps.profile +++ b/etc/profile-m-z/wps.profile | |||
@@ -6,9 +6,9 @@ include wps.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.kingsoft | 9 | nodeny ${HOME}/.kingsoft |
10 | noblacklist ${HOME}/.config/Kingsoft | 10 | nodeny ${HOME}/.config/Kingsoft |
11 | noblacklist ${HOME}/.local/share/Kingsoft | 11 | nodeny ${HOME}/.local/share/Kingsoft |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/x2goclient.profile b/etc/profile-m-z/x2goclient.profile index 557f07cd9..311746cd9 100644 --- a/etc/profile-m-z/x2goclient.profile +++ b/etc/profile-m-z/x2goclient.profile | |||
@@ -6,8 +6,8 @@ include x2goclient.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.x2go | 9 | nodeny ${HOME}/.x2go |
10 | noblacklist ${HOME}/.x2goclient | 10 | nodeny ${HOME}/.x2goclient |
11 | 11 | ||
12 | # Allow ssh (blacklisted by disable-common.inc) | 12 | # Allow ssh (blacklisted by disable-common.inc) |
13 | include allow-ssh.inc | 13 | include allow-ssh.inc |
diff --git a/etc/profile-m-z/xbill.profile b/etc/profile-m-z/xbill.profile index 384f76acc..e545aa3a0 100644 --- a/etc/profile-m-z/xbill.profile +++ b/etc/profile-m-z/xbill.profile | |||
@@ -15,8 +15,8 @@ include disable-programs.inc | |||
15 | include disable-shell.inc | 15 | include disable-shell.inc |
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | whitelist /usr/share/xbill | 18 | allow /usr/share/xbill |
19 | whitelist /var/games/xbill/scores | 19 | allow /var/games/xbill/scores |
20 | include whitelist-common.inc | 20 | include whitelist-common.inc |
21 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
22 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xchat.profile b/etc/profile-m-z/xchat.profile index a94444aab..7d0adbcc2 100644 --- a/etc/profile-m-z/xchat.profile +++ b/etc/profile-m-z/xchat.profile | |||
@@ -6,7 +6,7 @@ include xchat.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/xchat | 9 | nodeny ${HOME}/.config/xchat |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xed.profile b/etc/profile-m-z/xed.profile index 4a3022e83..5db709bd1 100644 --- a/etc/profile-m-z/xed.profile +++ b/etc/profile-m-z/xed.profile | |||
@@ -5,10 +5,10 @@ include xed.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/xed | 8 | nodeny ${HOME}/.config/xed |
9 | noblacklist ${HOME}/.python-history | 9 | nodeny ${HOME}/.python-history |
10 | noblacklist ${HOME}/.python_history | 10 | nodeny ${HOME}/.python_history |
11 | noblacklist ${HOME}/.pythonhist | 11 | nodeny ${HOME}/.pythonhist |
12 | 12 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 14 | include allow-python2.inc |
diff --git a/etc/profile-m-z/xfburn.profile b/etc/profile-m-z/xfburn.profile index cd9561e74..297ff6164 100644 --- a/etc/profile-m-z/xfburn.profile +++ b/etc/profile-m-z/xfburn.profile | |||
@@ -6,7 +6,7 @@ include xfburn.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/xfburn | 9 | nodeny ${HOME}/.config/xfburn |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xfce4-dict.profile b/etc/profile-m-z/xfce4-dict.profile index ecd321c7e..8ecd84116 100644 --- a/etc/profile-m-z/xfce4-dict.profile +++ b/etc/profile-m-z/xfce4-dict.profile | |||
@@ -6,7 +6,7 @@ include xfce4-dict.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/xfce4-dict | 9 | nodeny ${HOME}/.config/xfce4-dict |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xfce4-mixer.profile b/etc/profile-m-z/xfce4-mixer.profile index bb38dbebd..8a6f9e921 100644 --- a/etc/profile-m-z/xfce4-mixer.profile +++ b/etc/profile-m-z/xfce4-mixer.profile | |||
@@ -6,7 +6,7 @@ include xfce4-mixer.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 9 | nodeny ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,10 +18,10 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 20 | mkfile ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
21 | whitelist ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml | 21 | allow ${HOME}/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-mixer.xml |
22 | whitelist /usr/share/gstreamer-* | 22 | allow /usr/share/gstreamer-* |
23 | whitelist /usr/share/xfce4 | 23 | allow /usr/share/xfce4 |
24 | whitelist /usr/share/xfce4-mixer | 24 | allow /usr/share/xfce4-mixer |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-usr-share-common.inc | 26 | include whitelist-usr-share-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xfce4-notes.profile b/etc/profile-m-z/xfce4-notes.profile index ebfb4333c..fe88f9b27 100644 --- a/etc/profile-m-z/xfce4-notes.profile +++ b/etc/profile-m-z/xfce4-notes.profile | |||
@@ -6,9 +6,9 @@ include xfce4-notes.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/xfce4/xfce4-notes.gtkrc | 9 | nodeny ${HOME}/.config/xfce4/xfce4-notes.gtkrc |
10 | noblacklist ${HOME}/.config/xfce4/xfce4-notes.rc | 10 | nodeny ${HOME}/.config/xfce4/xfce4-notes.rc |
11 | noblacklist ${HOME}/.local/share/notes | 11 | nodeny ${HOME}/.local/share/notes |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xfce4-screenshooter.profile b/etc/profile-m-z/xfce4-screenshooter.profile index b1e5bafbf..baf222354 100644 --- a/etc/profile-m-z/xfce4-screenshooter.profile +++ b/etc/profile-m-z/xfce4-screenshooter.profile | |||
@@ -6,7 +6,7 @@ include xfce4-screenshooter.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${PICTURES} | 9 | nodeny ${PICTURES} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,7 +17,7 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /usr/share/xfce4 | 20 | allow /usr/share/xfce4 |
21 | include whitelist-runuser-common.inc | 21 | include whitelist-runuser-common.inc |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xiphos.profile b/etc/profile-m-z/xiphos.profile index 81d98db7a..5c11cbd66 100644 --- a/etc/profile-m-z/xiphos.profile +++ b/etc/profile-m-z/xiphos.profile | |||
@@ -6,10 +6,10 @@ include xiphos.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.sword | 9 | nodeny ${HOME}/.sword |
10 | noblacklist ${HOME}/.xiphos | 10 | nodeny ${HOME}/.xiphos |
11 | 11 | ||
12 | blacklist ${HOME}/.bashrc | 12 | deny ${HOME}/.bashrc |
13 | 13 | ||
14 | include disable-common.inc | 14 | include disable-common.inc |
15 | include disable-devel.inc | 15 | include disable-devel.inc |
@@ -21,8 +21,8 @@ include disable-shell.inc | |||
21 | 21 | ||
22 | mkdir ${HOME}/.sword | 22 | mkdir ${HOME}/.sword |
23 | mkdir ${HOME}/.xiphos | 23 | mkdir ${HOME}/.xiphos |
24 | whitelist ${HOME}/.sword | 24 | allow ${HOME}/.sword |
25 | whitelist ${HOME}/.xiphos | 25 | allow ${HOME}/.xiphos |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
28 | 28 | ||
diff --git a/etc/profile-m-z/xlinks.profile b/etc/profile-m-z/xlinks.profile index d5e25cfe7..da4801101 100644 --- a/etc/profile-m-z/xlinks.profile +++ b/etc/profile-m-z/xlinks.profile | |||
@@ -7,7 +7,7 @@ include xlinks.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist /tmp/.X11-unix | 10 | nodeny /tmp/.X11-unix |
11 | 11 | ||
12 | include whitelist-common.inc | 12 | include whitelist-common.inc |
13 | 13 | ||
diff --git a/etc/profile-m-z/xlinks2 b/etc/profile-m-z/xlinks2 index 1ae6a60ca..a7612cb2a 100644 --- a/etc/profile-m-z/xlinks2 +++ b/etc/profile-m-z/xlinks2 | |||
@@ -7,7 +7,7 @@ include xlinks2.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist /tmp/.X11-unix | 10 | nodeny /tmp/.X11-unix |
11 | 11 | ||
12 | include whitelist-common.inc | 12 | include whitelist-common.inc |
13 | 13 | ||
diff --git a/etc/profile-m-z/xmms.profile b/etc/profile-m-z/xmms.profile index 25261d925..1ed35f29a 100644 --- a/etc/profile-m-z/xmms.profile +++ b/etc/profile-m-z/xmms.profile | |||
@@ -5,8 +5,8 @@ include xmms.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.xmms | 8 | nodeny ${HOME}/.xmms |
9 | noblacklist ${MUSIC} | 9 | nodeny ${MUSIC} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xmr-stak.profile b/etc/profile-m-z/xmr-stak.profile index e7020f36b..c97c12f56 100644 --- a/etc/profile-m-z/xmr-stak.profile +++ b/etc/profile-m-z/xmr-stak.profile | |||
@@ -5,7 +5,7 @@ include xmr-stak.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.xmr-stak | 8 | nodeny ${HOME}/.xmr-stak |
9 | 9 | ||
10 | include disable-common.inc | 10 | include disable-common.inc |
11 | include disable-devel.inc | 11 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xonotic.profile b/etc/profile-m-z/xonotic.profile index 53c9a0a08..94a09198c 100644 --- a/etc/profile-m-z/xonotic.profile +++ b/etc/profile-m-z/xonotic.profile | |||
@@ -6,7 +6,7 @@ include xonotic.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.xonotic | 9 | nodeny ${HOME}/.xonotic |
10 | 10 | ||
11 | include allow-bin-sh.inc | 11 | include allow-bin-sh.inc |
12 | include allow-opengl-game.inc | 12 | include allow-opengl-game.inc |
@@ -21,8 +21,8 @@ include disable-shell.inc | |||
21 | include disable-xdg.inc | 21 | include disable-xdg.inc |
22 | 22 | ||
23 | mkdir ${HOME}/.xonotic | 23 | mkdir ${HOME}/.xonotic |
24 | whitelist ${HOME}/.xonotic | 24 | allow ${HOME}/.xonotic |
25 | whitelist /usr/share/xonotic | 25 | allow /usr/share/xonotic |
26 | include whitelist-common.inc | 26 | include whitelist-common.inc |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/xournal.profile b/etc/profile-m-z/xournal.profile index c4f092d50..34a188a4e 100644 --- a/etc/profile-m-z/xournal.profile +++ b/etc/profile-m-z/xournal.profile | |||
@@ -6,7 +6,7 @@ include xournal.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -17,8 +17,8 @@ include disable-programs.inc | |||
17 | include disable-shell.inc | 17 | include disable-shell.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /usr/share/xournal | 20 | allow /usr/share/xournal |
21 | whitelist /usr/share/poppler | 21 | allow /usr/share/poppler |
22 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | 23 | include whitelist-var-common.inc |
24 | 24 | ||
diff --git a/etc/profile-m-z/xournalpp.profile b/etc/profile-m-z/xournalpp.profile index 988b878b9..f82d2a5d3 100644 --- a/etc/profile-m-z/xournalpp.profile +++ b/etc/profile-m-z/xournalpp.profile | |||
@@ -7,13 +7,13 @@ include xournalpp.local | |||
7 | # added by included profile | 7 | # added by included profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.xournalpp | 10 | nodeny ${HOME}/.xournalpp |
11 | 11 | ||
12 | include allow-lua.inc | 12 | include allow-lua.inc |
13 | 13 | ||
14 | whitelist /usr/share/texlive | 14 | allow /usr/share/texlive |
15 | whitelist /usr/share/xournalpp | 15 | allow /usr/share/xournalpp |
16 | whitelist /var/lib/texmf | 16 | allow /var/lib/texmf |
17 | include whitelist-runuser-common.inc | 17 | include whitelist-runuser-common.inc |
18 | 18 | ||
19 | #mkdir ${HOME}/.xournalpp | 19 | #mkdir ${HOME}/.xournalpp |
diff --git a/etc/profile-m-z/xpdf.profile b/etc/profile-m-z/xpdf.profile index 1447ec9a7..9da63b52a 100644 --- a/etc/profile-m-z/xpdf.profile +++ b/etc/profile-m-z/xpdf.profile | |||
@@ -6,8 +6,8 @@ include xpdf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.xpdfrc | 9 | nodeny ${HOME}/.xpdfrc |
10 | noblacklist ${DOCUMENTS} | 10 | nodeny ${DOCUMENTS} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xplayer.profile b/etc/profile-m-z/xplayer.profile index c3bb3292c..4af4586e3 100644 --- a/etc/profile-m-z/xplayer.profile +++ b/etc/profile-m-z/xplayer.profile | |||
@@ -5,8 +5,8 @@ include xplayer.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.config/xplayer | 8 | nodeny ${HOME}/.config/xplayer |
9 | noblacklist ${HOME}/.local/share/xplayer | 9 | nodeny ${HOME}/.local/share/xplayer |
10 | 10 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 11 | # Allow python (blacklisted by disable-interpreters.inc) |
12 | include allow-python2.inc | 12 | include allow-python2.inc |
@@ -22,8 +22,8 @@ include disable-programs.inc | |||
22 | read-only ${DESKTOP} | 22 | read-only ${DESKTOP} |
23 | mkdir ${HOME}/.config/xplayer | 23 | mkdir ${HOME}/.config/xplayer |
24 | mkdir ${HOME}/.local/share/xplayer | 24 | mkdir ${HOME}/.local/share/xplayer |
25 | whitelist ${HOME}/.config/xplayer | 25 | allow ${HOME}/.config/xplayer |
26 | whitelist ${HOME}/.local/share/xplayer | 26 | allow ${HOME}/.local/share/xplayer |
27 | include whitelist-common.inc | 27 | include whitelist-common.inc |
28 | include whitelist-player-common.inc | 28 | include whitelist-player-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/xpra.profile b/etc/profile-m-z/xpra.profile index 6e409e1aa..28fbc94dd 100644 --- a/etc/profile-m-z/xpra.profile +++ b/etc/profile-m-z/xpra.profile | |||
@@ -25,7 +25,7 @@ include disable-interpreters.inc | |||
25 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
26 | include disable-programs.inc | 26 | include disable-programs.inc |
27 | 27 | ||
28 | whitelist /var/lib/xkb | 28 | allow /var/lib/xkb |
29 | # whitelisting home directory, or including whitelist-common.inc | 29 | # whitelisting home directory, or including whitelist-common.inc |
30 | # will crash xpra on some platforms | 30 | # will crash xpra on some platforms |
31 | 31 | ||
diff --git a/etc/profile-m-z/xreader.profile b/etc/profile-m-z/xreader.profile index 3ab35edfc..440f26af2 100644 --- a/etc/profile-m-z/xreader.profile +++ b/etc/profile-m-z/xreader.profile | |||
@@ -6,9 +6,9 @@ include xreader.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/xreader | 9 | nodeny ${HOME}/.cache/xreader |
10 | noblacklist ${HOME}/.config/xreader | 10 | nodeny ${HOME}/.config/xreader |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/xviewer.profile b/etc/profile-m-z/xviewer.profile index 4d454f81c..671e0cf5b 100644 --- a/etc/profile-m-z/xviewer.profile +++ b/etc/profile-m-z/xviewer.profile | |||
@@ -5,10 +5,10 @@ include xviewer.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | noblacklist ${HOME}/.Steam | 8 | nodeny ${HOME}/.Steam |
9 | noblacklist ${HOME}/.config/xviewer | 9 | nodeny ${HOME}/.config/xviewer |
10 | noblacklist ${HOME}/.local/share/Trash | 10 | nodeny ${HOME}/.local/share/Trash |
11 | noblacklist ${HOME}/.steam | 11 | nodeny ${HOME}/.steam |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/profile-m-z/yandex-browser.profile b/etc/profile-m-z/yandex-browser.profile index 81cd021f7..27d0eb411 100644 --- a/etc/profile-m-z/yandex-browser.profile +++ b/etc/profile-m-z/yandex-browser.profile | |||
@@ -10,19 +10,19 @@ ignore whitelist /usr/share/chromium | |||
10 | ignore include whitelist-runuser-common.inc | 10 | ignore include whitelist-runuser-common.inc |
11 | ignore include whitelist-usr-share-common.inc | 11 | ignore include whitelist-usr-share-common.inc |
12 | 12 | ||
13 | noblacklist ${HOME}/.cache/yandex-browser | 13 | nodeny ${HOME}/.cache/yandex-browser |
14 | noblacklist ${HOME}/.cache/yandex-browser-beta | 14 | nodeny ${HOME}/.cache/yandex-browser-beta |
15 | noblacklist ${HOME}/.config/yandex-browser | 15 | nodeny ${HOME}/.config/yandex-browser |
16 | noblacklist ${HOME}/.config/yandex-browser-beta | 16 | nodeny ${HOME}/.config/yandex-browser-beta |
17 | 17 | ||
18 | mkdir ${HOME}/.cache/yandex-browser | 18 | mkdir ${HOME}/.cache/yandex-browser |
19 | mkdir ${HOME}/.cache/yandex-browser-beta | 19 | mkdir ${HOME}/.cache/yandex-browser-beta |
20 | mkdir ${HOME}/.config/yandex-browser | 20 | mkdir ${HOME}/.config/yandex-browser |
21 | mkdir ${HOME}/.config/yandex-browser-beta | 21 | mkdir ${HOME}/.config/yandex-browser-beta |
22 | whitelist ${HOME}/.cache/yandex-browser | 22 | allow ${HOME}/.cache/yandex-browser |
23 | whitelist ${HOME}/.cache/yandex-browser-beta | 23 | allow ${HOME}/.cache/yandex-browser-beta |
24 | whitelist ${HOME}/.config/yandex-browser | 24 | allow ${HOME}/.config/yandex-browser |
25 | whitelist ${HOME}/.config/yandex-browser-beta | 25 | allow ${HOME}/.config/yandex-browser-beta |
26 | 26 | ||
27 | # Redirect | 27 | # Redirect |
28 | include chromium-common.profile | 28 | include chromium-common.profile |
diff --git a/etc/profile-m-z/yelp.profile b/etc/profile-m-z/yelp.profile index dee154409..b288993f2 100644 --- a/etc/profile-m-z/yelp.profile +++ b/etc/profile-m-z/yelp.profile | |||
@@ -6,7 +6,7 @@ include yelp.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/yelp | 9 | nodeny ${HOME}/.config/yelp |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | 12 | include disable-devel.inc |
@@ -18,15 +18,15 @@ include disable-shell.inc | |||
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | mkdir ${HOME}/.config/yelp | 20 | mkdir ${HOME}/.config/yelp |
21 | whitelist ${HOME}/.config/yelp | 21 | allow ${HOME}/.config/yelp |
22 | whitelist /usr/libexec/webkit2gtk-4.0 | 22 | allow /usr/libexec/webkit2gtk-4.0 |
23 | whitelist /usr/share/doc | 23 | allow /usr/share/doc |
24 | whitelist /usr/share/groff | 24 | allow /usr/share/groff |
25 | whitelist /usr/share/help | 25 | allow /usr/share/help |
26 | whitelist /usr/share/man | 26 | allow /usr/share/man |
27 | whitelist /usr/share/yelp | 27 | allow /usr/share/yelp |
28 | whitelist /usr/share/yelp-tools | 28 | allow /usr/share/yelp-tools |
29 | whitelist /usr/share/yelp-xsl | 29 | allow /usr/share/yelp-xsl |
30 | include whitelist-common.inc | 30 | include whitelist-common.inc |
31 | include whitelist-runuser-common.inc | 31 | include whitelist-runuser-common.inc |
32 | include whitelist-usr-share-common.inc | 32 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/youtube-dl-gui.profile b/etc/profile-m-z/youtube-dl-gui.profile index b52271a2c..26ea3acaa 100644 --- a/etc/profile-m-z/youtube-dl-gui.profile +++ b/etc/profile-m-z/youtube-dl-gui.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | include allow-python2.inc | 8 | include allow-python2.inc |
9 | include allow-python3.inc | 9 | include allow-python3.inc |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/youtube-dlg | 11 | nodeny ${HOME}/.config/youtube-dlg |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/youtube-dlg | 22 | mkdir ${HOME}/.config/youtube-dlg |
23 | whitelist ${HOME}/.config/youtube-dlg | 23 | allow ${HOME}/.config/youtube-dlg |
24 | whitelist ${DOWNLOADS} | 24 | allow ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
27 | include whitelist-usr-share-common.inc | 27 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/youtube-dl.profile b/etc/profile-m-z/youtube-dl.profile index 24c4d6db3..37f87d0b5 100644 --- a/etc/profile-m-z/youtube-dl.profile +++ b/etc/profile-m-z/youtube-dl.profile | |||
@@ -10,18 +10,18 @@ include globals.local | |||
10 | # breaks when installed under ${HOME} via `pip install --user` (see #2833) | 10 | # breaks when installed under ${HOME} via `pip install --user` (see #2833) |
11 | ignore noexec ${HOME} | 11 | ignore noexec ${HOME} |
12 | 12 | ||
13 | noblacklist ${HOME}/.cache/youtube-dl | 13 | nodeny ${HOME}/.cache/youtube-dl |
14 | noblacklist ${HOME}/.config/youtube-dl | 14 | nodeny ${HOME}/.config/youtube-dl |
15 | noblacklist ${HOME}/.netrc | 15 | nodeny ${HOME}/.netrc |
16 | noblacklist ${MUSIC} | 16 | nodeny ${MUSIC} |
17 | noblacklist ${VIDEOS} | 17 | nodeny ${VIDEOS} |
18 | 18 | ||
19 | # Allow python (blacklisted by disable-interpreters.inc) | 19 | # Allow python (blacklisted by disable-interpreters.inc) |
20 | include allow-python2.inc | 20 | include allow-python2.inc |
21 | include allow-python3.inc | 21 | include allow-python3.inc |
22 | 22 | ||
23 | blacklist /tmp/.X11-unix | 23 | deny /tmp/.X11-unix |
24 | blacklist ${RUNUSER} | 24 | deny ${RUNUSER} |
25 | 25 | ||
26 | include disable-common.inc | 26 | include disable-common.inc |
27 | include disable-devel.inc | 27 | include disable-devel.inc |
diff --git a/etc/profile-m-z/youtube-viewer.profile b/etc/profile-m-z/youtube-viewer.profile index b54dd37ad..84b8bbc6a 100644 --- a/etc/profile-m-z/youtube-viewer.profile +++ b/etc/profile-m-z/youtube-viewer.profile | |||
@@ -7,13 +7,13 @@ include youtube-viewer.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.cache/youtube-viewer | 10 | nodeny ${HOME}/.cache/youtube-viewer |
11 | noblacklist ${HOME}/.config/youtube-viewer | 11 | nodeny ${HOME}/.config/youtube-viewer |
12 | 12 | ||
13 | mkdir ${HOME}/.cache/youtube-viewer | 13 | mkdir ${HOME}/.cache/youtube-viewer |
14 | mkdir ${HOME}/.config/youtube-viewer | 14 | mkdir ${HOME}/.config/youtube-viewer |
15 | whitelist ${HOME}/.cache/youtube-viewer | 15 | allow ${HOME}/.cache/youtube-viewer |
16 | whitelist ${HOME}/.config/youtube-viewer | 16 | allow ${HOME}/.config/youtube-viewer |
17 | 17 | ||
18 | private-bin gtk-youtube-viewer,gtk2-youtube-viewer,gtk3-youtube-viewer,youtube-viewer | 18 | private-bin gtk-youtube-viewer,gtk2-youtube-viewer,gtk3-youtube-viewer,youtube-viewer |
19 | 19 | ||
diff --git a/etc/profile-m-z/youtube-viewers-common.profile b/etc/profile-m-z/youtube-viewers-common.profile index 25a073d4a..f531f815e 100644 --- a/etc/profile-m-z/youtube-viewers-common.profile +++ b/etc/profile-m-z/youtube-viewers-common.profile | |||
@@ -7,7 +7,7 @@ include youtube-viewers-common.local | |||
7 | # added by caller profile | 7 | # added by caller profile |
8 | #include globals.local | 8 | #include globals.local |
9 | 9 | ||
10 | noblacklist ${HOME}/.cache/youtube-dl | 10 | nodeny ${HOME}/.cache/youtube-dl |
11 | 11 | ||
12 | # Allow lua (blacklisted by disable-interpreters.inc) | 12 | # Allow lua (blacklisted by disable-interpreters.inc) |
13 | include allow-lua.inc | 13 | include allow-lua.inc |
@@ -27,8 +27,8 @@ include disable-passwdmgr.inc | |||
27 | include disable-programs.inc | 27 | include disable-programs.inc |
28 | include disable-xdg.inc | 28 | include disable-xdg.inc |
29 | 29 | ||
30 | whitelist ${DOWNLOADS} | 30 | allow ${DOWNLOADS} |
31 | whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs | 31 | allow ${HOME}/.cache/youtube-dl/youtube-sigfuncs |
32 | include whitelist-common.inc | 32 | include whitelist-common.inc |
33 | include whitelist-runuser-common.inc | 33 | include whitelist-runuser-common.inc |
34 | include whitelist-usr-share-common.inc | 34 | include whitelist-usr-share-common.inc |
diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile index ad7ceaee4..b015fb013 100644 --- a/etc/profile-m-z/youtube.profile +++ b/etc/profile-m-z/youtube.profile | |||
@@ -9,12 +9,12 @@ include globals.local | |||
9 | # Disabled until someone reported positive feedback | 9 | # Disabled until someone reported positive feedback |
10 | ignore nou2f | 10 | ignore nou2f |
11 | 11 | ||
12 | noblacklist ${HOME}/.config/Youtube | 12 | nodeny ${HOME}/.config/Youtube |
13 | 13 | ||
14 | include disable-shell.inc | 14 | include disable-shell.inc |
15 | 15 | ||
16 | mkdir ${HOME}/.config/Youtube | 16 | mkdir ${HOME}/.config/Youtube |
17 | whitelist ${HOME}/.config/Youtube | 17 | allow ${HOME}/.config/Youtube |
18 | 18 | ||
19 | private-bin youtube | 19 | private-bin youtube |
20 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 20 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile index 74b0e38b9..d594a3d0f 100644 --- a/etc/profile-m-z/youtubemusic-nativefier.profile +++ b/etc/profile-m-z/youtubemusic-nativefier.profile | |||
@@ -6,12 +6,12 @@ include youtube.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/youtubemusic-nativefier-040164 | 9 | nodeny ${HOME}/.config/youtubemusic-nativefier-040164 |
10 | 10 | ||
11 | include disable-shell.inc | 11 | include disable-shell.inc |
12 | 12 | ||
13 | mkdir ${HOME}/.config/youtubemusic-nativefier-040164 | 13 | mkdir ${HOME}/.config/youtubemusic-nativefier-040164 |
14 | whitelist ${HOME}/.config/youtubemusic-nativefier-040164 | 14 | allow ${HOME}/.config/youtubemusic-nativefier-040164 |
15 | 15 | ||
16 | private-bin youtubemusic-nativefier | 16 | private-bin youtubemusic-nativefier |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile index ab46fccc2..9987c953e 100644 --- a/etc/profile-m-z/ytmdesktop.profile +++ b/etc/profile-m-z/ytmdesktop.profile | |||
@@ -8,10 +8,10 @@ include globals.local | |||
8 | 8 | ||
9 | ignore dbus-user none | 9 | ignore dbus-user none |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/youtube-music-desktop-app | 11 | nodeny ${HOME}/.config/youtube-music-desktop-app |
12 | 12 | ||
13 | mkdir ${HOME}/.config/youtube-music-desktop-app | 13 | mkdir ${HOME}/.config/youtube-music-desktop-app |
14 | whitelist ${HOME}/.config/youtube-music-desktop-app | 14 | allow ${HOME}/.config/youtube-music-desktop-app |
15 | 15 | ||
16 | # private-bin env,ytmdesktop | 16 | # private-bin env,ytmdesktop |
17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 17 | private-etc alsa,alternatives,asound.conf,ati,bumblebee,ca-certificates,crypto-policies,drirc,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,mime.types,nsswitch.conf,nvidia,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
diff --git a/etc/profile-m-z/zaproxy.profile b/etc/profile-m-z/zaproxy.profile index 5a168feb6..2f18a8c45 100644 --- a/etc/profile-m-z/zaproxy.profile +++ b/etc/profile-m-z/zaproxy.profile | |||
@@ -6,7 +6,7 @@ include zaproxy.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.ZAP | 9 | nodeny ${HOME}/.ZAP |
10 | 10 | ||
11 | # Allow java (blacklisted by disable-devel.inc) | 11 | # Allow java (blacklisted by disable-devel.inc) |
12 | include allow-java.inc | 12 | include allow-java.inc |
@@ -20,8 +20,8 @@ include disable-programs.inc | |||
20 | 20 | ||
21 | mkdir ${HOME}/.java | 21 | mkdir ${HOME}/.java |
22 | mkdir ${HOME}/.ZAP | 22 | mkdir ${HOME}/.ZAP |
23 | whitelist ${HOME}/.java | 23 | allow ${HOME}/.java |
24 | whitelist ${HOME}/.ZAP | 24 | allow ${HOME}/.ZAP |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||
diff --git a/etc/profile-m-z/zart.profile b/etc/profile-m-z/zart.profile index 10f83aa30..32ff4f8ed 100644 --- a/etc/profile-m-z/zart.profile +++ b/etc/profile-m-z/zart.profile | |||
@@ -6,8 +6,8 @@ include zart.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${DOCUMENTS} | 9 | nodeny ${DOCUMENTS} |
10 | noblacklist ${PICTURES} | 10 | nodeny ${PICTURES} |
11 | 11 | ||
12 | include disable-common.inc | 12 | include disable-common.inc |
13 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/profile-m-z/zathura.profile b/etc/profile-m-z/zathura.profile index d0e68c980..4bc841f63 100644 --- a/etc/profile-m-z/zathura.profile +++ b/etc/profile-m-z/zathura.profile | |||
@@ -6,9 +6,9 @@ include zathura.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/zathura | 9 | nodeny ${HOME}/.config/zathura |
10 | noblacklist ${HOME}/.local/share/zathura | 10 | nodeny ${HOME}/.local/share/zathura |
11 | noblacklist ${DOCUMENTS} | 11 | nodeny ${DOCUMENTS} |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -22,8 +22,8 @@ include disable-xdg.inc | |||
22 | 22 | ||
23 | mkdir ${HOME}/.config/zathura | 23 | mkdir ${HOME}/.config/zathura |
24 | mkdir ${HOME}/.local/share/zathura | 24 | mkdir ${HOME}/.local/share/zathura |
25 | whitelist /usr/share/doc | 25 | allow /usr/share/doc |
26 | whitelist /usr/share/zathura | 26 | allow /usr/share/zathura |
27 | include whitelist-runuser-common.inc | 27 | include whitelist-runuser-common.inc |
28 | include whitelist-usr-share-common.inc | 28 | include whitelist-usr-share-common.inc |
29 | include whitelist-var-common.inc | 29 | include whitelist-var-common.inc |
diff --git a/etc/profile-m-z/zcat.profile b/etc/profile-m-z/zcat.profile index 5de13ab90..904ea9f05 100644 --- a/etc/profile-m-z/zcat.profile +++ b/etc/profile-m-z/zcat.profile | |||
@@ -9,7 +9,7 @@ include zcat.local | |||
9 | 9 | ||
10 | # Allow running kernel config check | 10 | # Allow running kernel config check |
11 | ignore include disable-shell.inc | 11 | ignore include disable-shell.inc |
12 | noblacklist /proc/config.gz | 12 | nodeny /proc/config.gz |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include gzip.profile | 15 | include gzip.profile |
diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile index 2c6f6910f..458df2a46 100644 --- a/etc/profile-m-z/zeal.profile +++ b/etc/profile-m-z/zeal.profile | |||
@@ -6,9 +6,9 @@ include zeal.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.config/Zeal | 9 | nodeny ${HOME}/.config/Zeal |
10 | noblacklist ${HOME}/.cache/Zeal | 10 | nodeny ${HOME}/.cache/Zeal |
11 | noblacklist ${HOME}/.local/share/Zeal | 11 | nodeny ${HOME}/.local/share/Zeal |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -23,9 +23,9 @@ mkdir ${HOME}/.cache/Zeal | |||
23 | mkdir ${HOME}/.config/qt5ct | 23 | mkdir ${HOME}/.config/qt5ct |
24 | mkdir ${HOME}/.config/Zeal | 24 | mkdir ${HOME}/.config/Zeal |
25 | mkdir ${HOME}/.local/share/Zeal | 25 | mkdir ${HOME}/.local/share/Zeal |
26 | whitelist ${HOME}/.cache/Zeal | 26 | allow ${HOME}/.cache/Zeal |
27 | whitelist ${HOME}/.config/Zeal | 27 | allow ${HOME}/.config/Zeal |
28 | whitelist ${HOME}/.local/share/Zeal | 28 | allow ${HOME}/.local/share/Zeal |
29 | include whitelist-common.inc | 29 | include whitelist-common.inc |
30 | include whitelist-var-common.inc | 30 | include whitelist-var-common.inc |
31 | 31 | ||
diff --git a/etc/profile-m-z/zgrep.profile b/etc/profile-m-z/zgrep.profile index f63dc871f..e2dfbd105 100644 --- a/etc/profile-m-z/zgrep.profile +++ b/etc/profile-m-z/zgrep.profile | |||
@@ -9,7 +9,7 @@ include zgrep.local | |||
9 | 9 | ||
10 | # Allow running kernel config check | 10 | # Allow running kernel config check |
11 | ignore include disable-shell.inc | 11 | ignore include disable-shell.inc |
12 | noblacklist /proc/config.gz | 12 | nodeny /proc/config.gz |
13 | 13 | ||
14 | # Redirect | 14 | # Redirect |
15 | include gzip.profile | 15 | include gzip.profile |
diff --git a/etc/profile-m-z/zim.profile b/etc/profile-m-z/zim.profile new file mode 100644 index 000000000..5ae9cddb3 --- /dev/null +++ b/etc/profile-m-z/zim.profile | |||
@@ -0,0 +1,72 @@ | |||
1 | # Firejail profile for Zim | ||
2 | # Description: Desktop wiki & notekeeper | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include zim.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | nodeny ${HOME}/.cache/zim | ||
10 | nodeny ${HOME}/.config/zim | ||
11 | |||
12 | # Allow python (blacklisted by disable-interpreters.inc) | ||
13 | include allow-python2.inc | ||
14 | include allow-python3.inc | ||
15 | |||
16 | deny /usr/libexec | ||
17 | |||
18 | include disable-common.inc | ||
19 | include disable-devel.inc | ||
20 | include disable-exec.inc | ||
21 | include disable-interpreters.inc | ||
22 | include disable-passwdmgr.inc | ||
23 | include disable-programs.inc | ||
24 | include disable-shell.inc | ||
25 | |||
26 | mkdir ${HOME}/.cache/zim | ||
27 | mkdir ${HOME}/.config/zim | ||
28 | mkdir ${HOME}/Notebooks | ||
29 | allow ${HOME}/.cache/zim | ||
30 | allow ${HOME}/.config/zim | ||
31 | allow ${HOME}/Notebooks | ||
32 | allow ${DESKTOP} | ||
33 | allow ${DOCUMENTS} | ||
34 | allow ${DOWNLOADS} | ||
35 | allow ${MUSIC} | ||
36 | allow ${PICTURES} | ||
37 | allow ${VIDEOS} | ||
38 | allow /usr/share/zim | ||
39 | include whitelist-common.inc | ||
40 | include whitelist-runuser-common.inc | ||
41 | include whitelist-usr-share-common.inc | ||
42 | include whitelist-var-common.inc | ||
43 | |||
44 | apparmor | ||
45 | caps.drop all | ||
46 | machine-id | ||
47 | net none | ||
48 | no3d | ||
49 | nodvd | ||
50 | nogroups | ||
51 | noinput | ||
52 | nonewprivs | ||
53 | noroot | ||
54 | nosound | ||
55 | notv | ||
56 | nou2f | ||
57 | novideo | ||
58 | protocol unix | ||
59 | seccomp | ||
60 | seccomp.block-secondary | ||
61 | shell none | ||
62 | tracelog | ||
63 | |||
64 | disable-mnt | ||
65 | private-bin python*,zim | ||
66 | private-cache | ||
67 | private-dev | ||
68 | private-etc alternatives,dconf,fonts,gconf,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,X11 | ||
69 | private-tmp | ||
70 | |||
71 | dbus-user none | ||
72 | dbus-system none | ||
diff --git a/etc/profile-m-z/zoom.profile b/etc/profile-m-z/zoom.profile index ac615d861..6b0417b56 100644 --- a/etc/profile-m-z/zoom.profile +++ b/etc/profile-m-z/zoom.profile | |||
@@ -16,17 +16,17 @@ ignore dbus-system none | |||
16 | # If you use such a system, add 'ignore nogroups' to your zoom.local. | 16 | # If you use such a system, add 'ignore nogroups' to your zoom.local. |
17 | #ignore nogroups | 17 | #ignore nogroups |
18 | 18 | ||
19 | noblacklist ${HOME}/.config/zoomus.conf | 19 | nodeny ${HOME}/.config/zoomus.conf |
20 | noblacklist ${HOME}/.zoom | 20 | nodeny ${HOME}/.zoom |
21 | 21 | ||
22 | nowhitelist ${DOWNLOADS} | 22 | noallow ${DOWNLOADS} |
23 | 23 | ||
24 | mkdir ${HOME}/.cache/zoom | 24 | mkdir ${HOME}/.cache/zoom |
25 | mkfile ${HOME}/.config/zoomus.conf | 25 | mkfile ${HOME}/.config/zoomus.conf |
26 | mkdir ${HOME}/.zoom | 26 | mkdir ${HOME}/.zoom |
27 | whitelist ${HOME}/.cache/zoom | 27 | allow ${HOME}/.cache/zoom |
28 | whitelist ${HOME}/.config/zoomus.conf | 28 | allow ${HOME}/.config/zoomus.conf |
29 | whitelist ${HOME}/.zoom | 29 | allow ${HOME}/.zoom |
30 | 30 | ||
31 | # Disable for now, see https://github.com/netblue30/firejail/issues/3726 | 31 | # Disable for now, see https://github.com/netblue30/firejail/issues/3726 |
32 | #private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl | 32 | #private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,nsswitch.conf,pki,resolv.conf,ssl |
diff --git a/etc/profile-m-z/zulip.profile b/etc/profile-m-z/zulip.profile index 093da5212..cdbbdccf1 100644 --- a/etc/profile-m-z/zulip.profile +++ b/etc/profile-m-z/zulip.profile | |||
@@ -8,7 +8,7 @@ include globals.local | |||
8 | 8 | ||
9 | ignore noexec /tmp | 9 | ignore noexec /tmp |
10 | 10 | ||
11 | noblacklist ${HOME}/.config/Zulip | 11 | nodeny ${HOME}/.config/Zulip |
12 | 12 | ||
13 | include disable-common.inc | 13 | include disable-common.inc |
14 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -20,8 +20,8 @@ include disable-shell.inc | |||
20 | include disable-xdg.inc | 20 | include disable-xdg.inc |
21 | 21 | ||
22 | mkdir ${HOME}/.config/Zulip | 22 | mkdir ${HOME}/.config/Zulip |
23 | whitelist ${HOME}/.config/Zulip | 23 | allow ${HOME}/.config/Zulip |
24 | whitelist ${DOWNLOADS} | 24 | allow ${DOWNLOADS} |
25 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
27 | 27 | ||