diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/profile-a-l/evolution.profile | 60 | ||||
-rw-r--r-- | etc/profile-a-l/kmail.profile | 81 |
2 files changed, 8 insertions, 133 deletions
diff --git a/etc/profile-a-l/evolution.profile b/etc/profile-a-l/evolution.profile index 1355c4337..422200ffe 100644 --- a/etc/profile-a-l/evolution.profile +++ b/etc/profile-a-l/evolution.profile | |||
@@ -6,16 +6,15 @@ include evolution.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /var/mail | ||
10 | noblacklist /var/spool/mail | ||
9 | noblacklist ${HOME}/.bogofilter | 11 | noblacklist ${HOME}/.bogofilter |
10 | noblacklist ${HOME}/.gnupg | ||
11 | noblacklist ${HOME}/.mozilla | ||
12 | noblacklist ${HOME}/.pki | ||
13 | noblacklist ${HOME}/.cache/evolution | 12 | noblacklist ${HOME}/.cache/evolution |
14 | noblacklist ${HOME}/.config/evolution | 13 | noblacklist ${HOME}/.config/evolution |
14 | noblacklist ${HOME}/.gnupg | ||
15 | noblacklist ${HOME}/.local/share/evolution | 15 | noblacklist ${HOME}/.local/share/evolution |
16 | noblacklist ${HOME}/.pki | ||
16 | noblacklist ${HOME}/.local/share/pki | 17 | noblacklist ${HOME}/.local/share/pki |
17 | noblacklist /var/mail | ||
18 | noblacklist /var/spool/mail | ||
19 | 18 | ||
20 | include disable-common.inc | 19 | include disable-common.inc |
21 | include disable-devel.inc | 20 | include disable-devel.inc |
@@ -23,42 +22,13 @@ include disable-exec.inc | |||
23 | include disable-interpreters.inc | 22 | include disable-interpreters.inc |
24 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 24 | include disable-programs.inc |
26 | include disable-shell.inc | ||
27 | include disable-xdg.inc | ||
28 | 25 | ||
29 | mkdir ${HOME}/.bogofilter | ||
30 | mkdir ${HOME}/.gnupg | ||
31 | mkdir ${HOME}/.pki | ||
32 | mkdir ${HOME}/.cache/evolution | ||
33 | mkdir ${HOME}/.config/evolution | ||
34 | mkdir ${HOME}/.local/share/evolution | ||
35 | mkdir ${HOME}/.local/share/pki | ||
36 | whitelist ${HOME}/.bogofilter | ||
37 | whitelist ${HOME}/.gnupg | ||
38 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
39 | whitelist ${HOME}/.pki | ||
40 | whitelist ${HOME}/.cache/evolution | ||
41 | whitelist ${HOME}/.config/evolution | ||
42 | whitelist ${HOME}/.local/share/evolution | ||
43 | whitelist ${HOME}/.local/share/pki | ||
44 | whitelist ${DOCUMENTS} | ||
45 | whitelist ${DOWNLOADS} | ||
46 | whitelist ${RUNUSER}/gnupg | ||
47 | whitelist /usr/share/evolution | ||
48 | whitelist /usr/share/gnupg | ||
49 | whitelist /usr/share/gnupg2 | ||
50 | whitelist /var/mail | ||
51 | whitelist /var/spool/mail | ||
52 | include whitelist-common.inc | ||
53 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
54 | include whitelist-usr-share-common.inc | ||
55 | include whitelist-var-common.inc | ||
56 | 27 | ||
57 | apparmor | ||
58 | caps.drop all | 28 | caps.drop all |
59 | netfilter | 29 | netfilter |
60 | # no3d breaks under wayland | 30 | # no3d breaks under wayland |
61 | # no3d | 31 | #no3d |
62 | nodvd | 32 | nodvd |
63 | nogroups | 33 | nogroups |
64 | nonewprivs | 34 | nonewprivs |
@@ -70,27 +40,7 @@ novideo | |||
70 | protocol unix,inet,inet6 | 40 | protocol unix,inet,inet6 |
71 | seccomp | 41 | seccomp |
72 | shell none | 42 | shell none |
73 | tracelog | ||
74 | 43 | ||
75 | # disable-mnt | ||
76 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg | ||
77 | # To use private-bin add all evolution,gpg,pinentry binaries and follow firefox.profile for hyperlink support | ||
78 | # private-bin evolution | ||
79 | private-cache | ||
80 | private-dev | 44 | private-dev |
81 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,groups,gtk-2.0,gtk-3.0,hostname,hosts,mailname,passwd,pki,resolv.conf,selinux,ssl,xdg | ||
82 | private-tmp | 45 | private-tmp |
83 | writable-run-user | ||
84 | writable-var | 46 | writable-var |
85 | |||
86 | dbus-user filter | ||
87 | dbus-user.own org.gnome.Evolution | ||
88 | dbus-user.talk ca.desrt.dconf | ||
89 | # Uncomment to have keyring access | ||
90 | # dbus-user.talk org.freedesktop.secrets | ||
91 | dbus-user.talk org.gnome.keyring.SystemPrompter | ||
92 | dbus-user.talk org.gnome.OnlineAccounts | ||
93 | dbus-user.talk org.freedesktop.Notifications | ||
94 | dbus-system none | ||
95 | |||
96 | read-only ${HOME}/.mozilla/firefox/profiles.ini | ||
diff --git a/etc/profile-a-l/kmail.profile b/etc/profile-a-l/kmail.profile index 8d99da3cf..ab4ff10b9 100644 --- a/etc/profile-a-l/kmail.profile +++ b/etc/profile-a-l/kmail.profile | |||
@@ -9,10 +9,6 @@ include globals.local | |||
9 | # kmail has problems launching akonadi in debian and ubuntu. | 9 | # kmail has problems launching akonadi in debian and ubuntu. |
10 | # one solution is to have akonadi already running when kmail is started | 10 | # one solution is to have akonadi already running when kmail is started |
11 | 11 | ||
12 | noblacklist ${HOME}/.gnupg | ||
13 | # noblacklist ${HOME}/.kde/ | ||
14 | # noblacklist ${HOME}/.kde4/ | ||
15 | noblacklist ${HOME}/.mozilla | ||
16 | noblacklist ${HOME}/.cache/akonadi* | 12 | noblacklist ${HOME}/.cache/akonadi* |
17 | noblacklist ${HOME}/.cache/kmail2 | 13 | noblacklist ${HOME}/.cache/kmail2 |
18 | noblacklist ${HOME}/.config/akonadi* | 14 | noblacklist ${HOME}/.config/akonadi* |
@@ -23,6 +19,7 @@ noblacklist ${HOME}/.config/kmail2rc | |||
23 | noblacklist ${HOME}/.config/kmailsearchindexingrc | 19 | noblacklist ${HOME}/.config/kmailsearchindexingrc |
24 | noblacklist ${HOME}/.config/mailtransports | 20 | noblacklist ${HOME}/.config/mailtransports |
25 | noblacklist ${HOME}/.config/specialmailcollectionsrc | 21 | noblacklist ${HOME}/.config/specialmailcollectionsrc |
22 | noblacklist ${HOME}/.gnupg | ||
26 | noblacklist ${HOME}/.local/share/akonadi* | 23 | noblacklist ${HOME}/.local/share/akonadi* |
27 | noblacklist ${HOME}/.local/share/apps/korganizer | 24 | noblacklist ${HOME}/.local/share/apps/korganizer |
28 | noblacklist ${HOME}/.local/share/contacts | 25 | noblacklist ${HOME}/.local/share/contacts |
@@ -33,8 +30,6 @@ noblacklist ${HOME}/.local/share/kxmlgui5/kmail2 | |||
33 | noblacklist ${HOME}/.local/share/local-mail | 30 | noblacklist ${HOME}/.local/share/local-mail |
34 | noblacklist ${HOME}/.local/share/notes | 31 | noblacklist ${HOME}/.local/share/notes |
35 | noblacklist /tmp/akonadi-* | 32 | noblacklist /tmp/akonadi-* |
36 | noblacklist /var/mail | ||
37 | noblacklist /var/spool/mail | ||
38 | 33 | ||
39 | include disable-common.inc | 34 | include disable-common.inc |
40 | include disable-devel.inc | 35 | include disable-devel.inc |
@@ -42,73 +37,10 @@ include disable-exec.inc | |||
42 | include disable-interpreters.inc | 37 | include disable-interpreters.inc |
43 | include disable-passwdmgr.inc | 38 | include disable-passwdmgr.inc |
44 | include disable-programs.inc | 39 | include disable-programs.inc |
45 | include disable-xdg.inc | ||
46 | 40 | ||
47 | mkdir ${HOME}/.gnupg | ||
48 | # mkdir ${HOME}/.kde/ | ||
49 | # mkdir ${HOME}/.kde4/ | ||
50 | mkdir ${HOME}/.cache/akonadi* | ||
51 | mkdir ${HOME}/.cache/kmail2 | ||
52 | mkdir ${HOME}/.config/akonadi* | ||
53 | mkdir ${HOME}/.config/baloorc | ||
54 | mkdir ${HOME}/.config/emaildefaults | ||
55 | mkdir ${HOME}/.config/emailidentities | ||
56 | mkdir ${HOME}/.config/kmail2rc | ||
57 | mkdir ${HOME}/.config/kmailsearchindexingrc | ||
58 | mkdir ${HOME}/.config/mailtransports | ||
59 | mkdir ${HOME}/.config/specialmailcollectionsrc | ||
60 | mkdir ${HOME}/.local/share/akonadi* | ||
61 | mkdir ${HOME}/.local/share/apps/korganizer | ||
62 | mkdir ${HOME}/.local/share/contacts | ||
63 | mkdir ${HOME}/.local/share/emailidentities | ||
64 | mkdir ${HOME}/.local/share/kmail2 | ||
65 | mkdir ${HOME}/.local/share/kxmlgui5/kmail | ||
66 | mkdir ${HOME}/.local/share/kxmlgui5/kmail2 | ||
67 | mkdir ${HOME}/.local/share/local-mail | ||
68 | mkdir ${HOME}/.local/share/notes | ||
69 | mkdir /tmp/akonadi-* | ||
70 | whitelist ${HOME}/.gnupg | ||
71 | # whitelist ${HOME}/.kde/ | ||
72 | # whitelist ${HOME}/.kde4/ | ||
73 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | ||
74 | whitelist ${HOME}/.cache/akonadi* | ||
75 | whitelist ${HOME}/.cache/kmail2 | ||
76 | whitelist ${HOME}/.config/akonadi* | ||
77 | whitelist ${HOME}/.config/baloorc | ||
78 | whitelist ${HOME}/.config/emaildefaults | ||
79 | whitelist ${HOME}/.config/emailidentities | ||
80 | whitelist ${HOME}/.config/kmail2rc | ||
81 | whitelist ${HOME}/.config/kmailsearchindexingrc | ||
82 | whitelist ${HOME}/.config/mailtransports | ||
83 | whitelist ${HOME}/.config/specialmailcollectionsrc | ||
84 | whitelist ${HOME}/.local/share/akonadi* | ||
85 | whitelist ${HOME}/.local/share/apps/korganizer | ||
86 | whitelist ${HOME}/.local/share/contacts | ||
87 | whitelist ${HOME}/.local/share/emailidentities | ||
88 | whitelist ${HOME}/.local/share/kmail2 | ||
89 | whitelist ${HOME}/.local/share/kxmlgui5/kmail | ||
90 | whitelist ${HOME}/.local/share/kxmlgui5/kmail2 | ||
91 | whitelist ${HOME}/.local/share/local-mail | ||
92 | whitelist ${HOME}/.local/share/notes | ||
93 | whitelist ${DOWNLOADS} | ||
94 | whitelist ${DOCUMENTS} | ||
95 | whitelist ${RUNUSER}/gnupg | ||
96 | whitelist /tmp/akonadi-* | ||
97 | whitelist /usr/share/akonadi | ||
98 | whitelist /usr/share/gnupg | ||
99 | whitelist /usr/share/gnupg2 | ||
100 | whitelist /usr/share/kconf_update | ||
101 | whitelist /usr/share/kf5 | ||
102 | whitelist /usr/share/kservices5 | ||
103 | whitelist /usr/share/qlogging-categories5 | ||
104 | whitelist /var/mail | ||
105 | whitelist /var/spool/mail | ||
106 | include whitelist-common.inc | ||
107 | include whitelist-runuser-common.inc | ||
108 | include whitelist-usr-share-common.inc | ||
109 | include whitelist-var-common.inc | 41 | include whitelist-var-common.inc |
110 | 42 | ||
111 | apparmor | 43 | # apparmor |
112 | caps.drop all | 44 | caps.drop all |
113 | netfilter | 45 | netfilter |
114 | nodvd | 46 | nodvd |
@@ -124,14 +56,7 @@ protocol unix,inet,inet6,netlink | |||
124 | seccomp !chroot,!io_getevents,!io_setup,!io_submit,!ioprio_set | 56 | seccomp !chroot,!io_getevents,!io_setup,!io_submit,!ioprio_set |
125 | # tracelog | 57 | # tracelog |
126 | 58 | ||
127 | private-cache | ||
128 | private-dev | 59 | private-dev |
129 | private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gcrypt,groups,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.preload,mailname,nsswitch.conf,passwd,pki,resolv.conf,selinux,ssl,xdg | ||
130 | # private-tmp - interrupts connection to akonadi, breaks opening of email attachments | 60 | # private-tmp - interrupts connection to akonadi, breaks opening of email attachments |
61 | # writable-run-user is needed for signing and encrypting emails | ||
131 | writable-run-user | 62 | writable-run-user |
132 | writable-var | ||
133 | |||
134 | # dbus-user none | ||
135 | dbus-system none | ||
136 | |||
137 | read-only ${HOME}/.mozilla/firefox/profiles.ini \ No newline at end of file | ||