diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/profile-a-l/balsa.profile | 12 | ||||
-rw-r--r-- | etc/profile-a-l/fractal.profile | 5 | ||||
-rw-r--r-- | etc/profile-a-l/gajim.profile | 30 | ||||
-rw-r--r-- | etc/profile-m-z/trojita.profile | 3 |
4 files changed, 41 insertions, 9 deletions
diff --git a/etc/profile-a-l/balsa.profile b/etc/profile-a-l/balsa.profile index cda6b1aa0..d755fd803 100644 --- a/etc/profile-a-l/balsa.profile +++ b/etc/profile-a-l/balsa.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | noblacklist ${HOME}/.balsa | 9 | noblacklist ${HOME}/.balsa |
10 | noblacklist ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | noblacklist ${HOME}/.mozilla | 11 | noblacklist ${HOME}/.mozilla |
12 | noblacklist ${HOME}/.signature | ||
12 | noblacklist ${HOME}/mail | 13 | noblacklist ${HOME}/mail |
13 | noblacklist /var/mail | 14 | noblacklist /var/mail |
14 | noblacklist /var/spool/mail | 15 | noblacklist /var/spool/mail |
@@ -24,10 +25,12 @@ include disable-xdg.inc | |||
24 | 25 | ||
25 | mkdir ${HOME}/.balsa | 26 | mkdir ${HOME}/.balsa |
26 | mkdir ${HOME}/.gnupg | 27 | mkdir ${HOME}/.gnupg |
28 | mkfile ${HOME}/.signature | ||
27 | mkdir ${HOME}/mail | 29 | mkdir ${HOME}/mail |
28 | whitelist ${HOME}/.balsa | 30 | whitelist ${HOME}/.balsa |
29 | whitelist ${HOME}/.gnupg | 31 | whitelist ${HOME}/.gnupg |
30 | whitelist ${HOME}/.mozilla/firefox/profiles.ini | 32 | whitelist ${HOME}/.mozilla/firefox/profiles.ini |
33 | whitelist ${HOME}/.signature | ||
31 | whitelist ${HOME}/mail | 34 | whitelist ${HOME}/mail |
32 | whitelist ${RUNUSER}/gnupg | 35 | whitelist ${RUNUSER}/gnupg |
33 | whitelist /usr/share/balsa | 36 | whitelist /usr/share/balsa |
@@ -58,9 +61,9 @@ shell none | |||
58 | tracelog | 61 | tracelog |
59 | 62 | ||
60 | # disable-mnt | 63 | # disable-mnt |
61 | # Add "gpg,gpg2,gpg-agent,pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg | 64 | # Add "pinentry-curses,pinentry-emacs,pinentry-fltk,pinentry-gnome3,pinentry-gtk,pinentry-gtk2,pinentry-gtk-2,pinentry-qt,pinentry-qt4,pinentry-tty,pinentry-x2go,pinentry-kwallet" for gpg |
62 | # Add "ignore private-bin" for hyperlinks or have a look at the private-bins in firefox.profile and firefox-common.profile. | 65 | # Add "ignore private-bin" for hyperlinks or have a look at the private-bins in firefox.profile and firefox-common.profile. |
63 | private-bin balsa,balsa-ab | 66 | private-bin balsa,balsa-ab,gpg,gpg-agent,gpg2,gpgsm |
64 | private-cache | 67 | private-cache |
65 | private-dev | 68 | private-dev |
66 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,groups,gtk-2.0,gtk-3.0,hostname,hosts,mailname,passwd,pki,resolv.conf,selinux,ssl,xdg | 69 | private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gcrypt,groups,gtk-2.0,gtk-3.0,hostname,hosts,mailname,passwd,pki,resolv.conf,selinux,ssl,xdg |
@@ -71,8 +74,9 @@ writable-var | |||
71 | dbus-user filter | 74 | dbus-user filter |
72 | dbus-user.own org.desktop.Balsa | 75 | dbus-user.own org.desktop.Balsa |
73 | dbus-user.talk ca.desrt.dconf | 76 | dbus-user.talk ca.desrt.dconf |
74 | dbus-user.talk org.freedesktop.secrets | ||
75 | dbus-user.talk org.freedesktop.Notifications | 77 | dbus-user.talk org.freedesktop.Notifications |
78 | dbus-user.talk org.freedesktop.secrets | ||
79 | dbus-user.talk org.gnome.keyring.SystemPrompter | ||
76 | dbus-system none | 80 | dbus-system none |
77 | 81 | ||
78 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 82 | read-only ${HOME}/.mozilla/firefox/profiles.ini \ No newline at end of file |
diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile index c3af29e15..dc8d6e3ad 100644 --- a/etc/profile-a-l/fractal.profile +++ b/etc/profile-a-l/fractal.profile | |||
@@ -8,6 +8,9 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/fractal | 9 | noblacklist ${HOME}/.cache/fractal |
10 | 10 | ||
11 | include allow-python2.inc | ||
12 | include allow-python3.inc | ||
13 | |||
11 | include disable-common.inc | 14 | include disable-common.inc |
12 | include disable-devel.inc | 15 | include disable-devel.inc |
13 | include disable-exec.inc | 16 | include disable-exec.inc |
@@ -49,6 +52,6 @@ private-tmp | |||
49 | dbus-user filter | 52 | dbus-user filter |
50 | dbus-user.own org.gnome.Fractal | 53 | dbus-user.own org.gnome.Fractal |
51 | dbus-user.talk ca.desrt.dconf | 54 | dbus-user.talk ca.desrt.dconf |
52 | dbus-user.talk org.freedesktop.secrets | ||
53 | dbus-user.talk org.freedesktop.Notifications | 55 | dbus-user.talk org.freedesktop.Notifications |
56 | dbus-user.talk org.freedesktop.secrets | ||
54 | dbus-system none | 57 | dbus-system none |
diff --git a/etc/profile-a-l/gajim.profile b/etc/profile-a-l/gajim.profile index 85d9b9bd9..125ddf79c 100644 --- a/etc/profile-a-l/gajim.profile +++ b/etc/profile-a-l/gajim.profile | |||
@@ -6,6 +6,7 @@ include gajim.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.gnupg | ||
9 | noblacklist ${HOME}/.cache/gajim | 10 | noblacklist ${HOME}/.cache/gajim |
10 | noblacklist ${HOME}/.config/gajim | 11 | noblacklist ${HOME}/.config/gajim |
11 | noblacklist ${HOME}/.local/share/gajim | 12 | noblacklist ${HOME}/.local/share/gajim |
@@ -20,19 +21,27 @@ include disable-exec.inc | |||
20 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
21 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 23 | include disable-programs.inc |
23 | # Comment the following line if you need to whitelist other folders than ~/Downloads | 24 | # Comment the following line if you need to whitelist folders other than ~/Downloads |
24 | include disable-xdg.inc | 25 | include disable-xdg.inc |
25 | 26 | ||
27 | mkdir ${HOME}/.gnupg | ||
26 | mkdir ${HOME}/.cache/gajim | 28 | mkdir ${HOME}/.cache/gajim |
27 | mkdir ${HOME}/.config/gajim | 29 | mkdir ${HOME}/.config/gajim |
28 | mkdir ${HOME}/.local/share/gajim | 30 | mkdir ${HOME}/.local/share/gajim |
31 | whitelist ${HOME}/.gnupg | ||
29 | whitelist ${HOME}/.cache/gajim | 32 | whitelist ${HOME}/.cache/gajim |
30 | whitelist ${HOME}/.config/gajim | 33 | whitelist ${HOME}/.config/gajim |
31 | whitelist ${HOME}/.local/share/gajim | 34 | whitelist ${HOME}/.local/share/gajim |
32 | whitelist ${DOWNLOADS} | 35 | whitelist ${DOWNLOADS} |
36 | whitelist ${RUNUSER}/gnupg | ||
37 | whitelist /usr/share/gnupg | ||
38 | whitelist /usr/share/gnupg2 | ||
33 | include whitelist-common.inc | 39 | include whitelist-common.inc |
40 | include whitelist-runuser-common.inc | ||
41 | include whitelist-usr-share-common.inc | ||
34 | include whitelist-var-common.inc | 42 | include whitelist-var-common.inc |
35 | 43 | ||
44 | apparmor | ||
36 | caps.drop all | 45 | caps.drop all |
37 | netfilter | 46 | netfilter |
38 | nodvd | 47 | nodvd |
@@ -47,9 +56,24 @@ shell none | |||
47 | tracelog | 56 | tracelog |
48 | 57 | ||
49 | disable-mnt | 58 | disable-mnt |
50 | private-bin bash,gajim,gajim-history-manager,gpg,gpg2,paplay,python,python3,sh,zsh | 59 | private-bin bash,gajim,gajim-history-manager,gpg,gpg2,paplay,python*,sh,zsh |
60 | private-cache | ||
51 | private-dev | 61 | private-dev |
52 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl | 62 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,group,hostname,hosts,ld.so.cache,ld.so.conf,localtime,machine-id,passwd,pki,pulse,resolv.conf,ssl,xdg |
53 | private-tmp | 63 | private-tmp |
64 | writable-run-user | ||
65 | |||
66 | dbus-user filter | ||
67 | dbus-user.own org.gajim.Gajim | ||
68 | dbus-user.talk org.gnome.Mutter.IdleMonitor | ||
69 | dbus-user.talk ca.desrt.dconf | ||
70 | dbus-user.talk org.freedesktop.Notifications | ||
71 | dbus-user.talk org.freedesktop.secrets | ||
72 | dbus-user.talk org.kde.kwalletd5 | ||
73 | dbus-user.talk org.mpris.MediaPlayer2.* | ||
74 | dbus-system filter | ||
75 | dbus-system.talk org.freedesktop.login1 | ||
76 | # Uncomment for location plugin support | ||
77 | #dbus-system.talk org.freedesktop.GeoClue2 | ||
54 | 78 | ||
55 | join-or-start gajim | 79 | join-or-start gajim |
diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile index a8641af85..b82aadd13 100644 --- a/etc/profile-m-z/trojita.profile +++ b/etc/profile-m-z/trojita.profile | |||
@@ -57,7 +57,8 @@ private-dev | |||
57 | private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,pki,resolv.conf,selinux,ssl,xdg | 57 | private-etc alternatives,ca-certificates,crypto-policies,fonts,hostname,hosts,pki,resolv.conf,selinux,ssl,xdg |
58 | private-tmp | 58 | private-tmp |
59 | 59 | ||
60 | dbus-user none | 60 | dbus-user filter |
61 | dbus-user.talk org.freedesktop.secrets | ||
61 | dbus-system none | 62 | dbus-system none |
62 | 63 | ||
63 | read-only ${HOME}/.mozilla/firefox/profiles.ini | 64 | read-only ${HOME}/.mozilla/firefox/profiles.ini |