diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/allow-ssh.inc | 8 | ||||
-rw-r--r-- | etc/inc/disable-common.inc | 14 | ||||
-rw-r--r-- | etc/inc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/profile-a-l/android-studio.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/aosp.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/clion.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/filezilla.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/git-cola.profile | 5 | ||||
-rw-r--r-- | etc/profile-a-l/git.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/gitg.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/idea.sh.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/meld.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/remmina.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/seahorse.profile | 5 | ||||
-rw-r--r-- | etc/profile-m-z/ssh-agent.profile | 5 | ||||
-rw-r--r-- | etc/profile-m-z/ssh.profile | 6 | ||||
-rw-r--r-- | etc/profile-m-z/webstorm.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/x2goclient.profile | 4 | ||||
-rw-r--r-- | etc/templates/profile.template | 3 |
19 files changed, 69 insertions, 22 deletions
diff --git a/etc/inc/allow-ssh.inc b/etc/inc/allow-ssh.inc new file mode 100644 index 000000000..67c78a483 --- /dev/null +++ b/etc/inc/allow-ssh.inc | |||
@@ -0,0 +1,8 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-ssh.local | ||
4 | |||
5 | noblacklist ${HOME}/.ssh | ||
6 | noblacklist /etc/ssh | ||
7 | noblacklist /etc/ssh/ssh_config | ||
8 | noblacklist /tmp/ssh-* | ||
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 0de539d57..d724e3b52 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -291,7 +291,15 @@ read-only ${HOME}/.zshrc | |||
291 | read-only ${HOME}/.zshrc.local | 291 | read-only ${HOME}/.zshrc.local |
292 | 292 | ||
293 | # Remote access | 293 | # Remote access |
294 | read-only ${HOME}/.ssh/authorized_keys | 294 | blacklist ${HOME}/.rhosts |
295 | blacklist ${HOME}/.shosts | ||
296 | blacklist ${HOME}/.ssh/authorized_keys | ||
297 | blacklist ${HOME}/.ssh/authorized_keys2 | ||
298 | blacklist ${HOME}/.ssh/environment | ||
299 | blacklist ${HOME}/.ssh/rc | ||
300 | blacklist /etc/hosts.equiv | ||
301 | read-only ${HOME}/.ssh/config | ||
302 | read-only ${HOME}/.ssh/config.d | ||
295 | 303 | ||
296 | # Initialization files that allow arbitrary command execution | 304 | # Initialization files that allow arbitrary command execution |
297 | read-only ${HOME}/.caffrc | 305 | read-only ${HOME}/.caffrc |
@@ -347,6 +355,9 @@ read-only ${HOME}/.local/share/mime | |||
347 | # Write-protection for thumbnailer dir | 355 | # Write-protection for thumbnailer dir |
348 | read-only ${HOME}/.local/share/thumbnailers | 356 | read-only ${HOME}/.local/share/thumbnailers |
349 | 357 | ||
358 | # prevent access to ssh-agent | ||
359 | blacklist /tmp/ssh-* | ||
360 | |||
350 | # top secret | 361 | # top secret |
351 | blacklist ${HOME}/*.kdb | 362 | blacklist ${HOME}/*.kdb |
352 | blacklist ${HOME}/*.kdbx | 363 | blacklist ${HOME}/*.kdbx |
@@ -393,6 +404,7 @@ blacklist /etc/shadow | |||
393 | blacklist /etc/shadow+ | 404 | blacklist /etc/shadow+ |
394 | blacklist /etc/shadow- | 405 | blacklist /etc/shadow- |
395 | blacklist /etc/ssh | 406 | blacklist /etc/ssh |
407 | blacklist /etc/ssh/* | ||
396 | blacklist /home/.ecryptfs | 408 | blacklist /home/.ecryptfs |
397 | blacklist /home/.fscrypt | 409 | blacklist /home/.fscrypt |
398 | blacklist /var/backup | 410 | blacklist /var/backup |
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 153ced0f4..5910d3543 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -860,7 +860,6 @@ blacklist ${HOME}/.yarncache | |||
860 | blacklist ${HOME}/.yarnrc | 860 | blacklist ${HOME}/.yarnrc |
861 | blacklist ${HOME}/.zoom | 861 | blacklist ${HOME}/.zoom |
862 | blacklist /tmp/akonadi-* | 862 | blacklist /tmp/akonadi-* |
863 | blacklist /tmp/ssh-* | ||
864 | blacklist /tmp/.wine-* | 863 | blacklist /tmp/.wine-* |
865 | blacklist /var/games/nethack | 864 | blacklist /var/games/nethack |
866 | blacklist /var/games/slashem | 865 | blacklist /var/games/slashem |
diff --git a/etc/profile-a-l/android-studio.profile b/etc/profile-a-l/android-studio.profile index 2e4e564dd..2cdd3a90c 100644 --- a/etc/profile-a-l/android-studio.profile +++ b/etc/profile-a-l/android-studio.profile | |||
@@ -10,12 +10,14 @@ noblacklist ${HOME}/.android | |||
10 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
11 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
12 | noblacklist ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
13 | noblacklist ${HOME}/.ssh | ||
14 | noblacklist ${HOME}/.tooling | 13 | noblacklist ${HOME}/.tooling |
15 | 14 | ||
16 | # Allows files commonly used by IDEs | 15 | # Allows files commonly used by IDEs |
17 | include allow-common-devel.inc | 16 | include allow-common-devel.inc |
18 | 17 | ||
18 | # Allow ssh (blacklisted by disable-common.inc) | ||
19 | include allow-ssh.inc | ||
20 | |||
19 | include disable-common.inc | 21 | include disable-common.inc |
20 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 23 | include disable-programs.inc |
diff --git a/etc/profile-a-l/aosp.profile b/etc/profile-a-l/aosp.profile index a5b1ba9f1..e7b09283e 100644 --- a/etc/profile-a-l/aosp.profile +++ b/etc/profile-a-l/aosp.profile | |||
@@ -11,12 +11,14 @@ noblacklist ${HOME}/.jack-server | |||
11 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
12 | noblacklist ${HOME}/.repo_.gitconfig.json | 12 | noblacklist ${HOME}/.repo_.gitconfig.json |
13 | noblacklist ${HOME}/.repoconfig | 13 | noblacklist ${HOME}/.repoconfig |
14 | noblacklist ${HOME}/.ssh | ||
15 | noblacklist ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
16 | 15 | ||
17 | # Allows files commonly used by IDEs | 16 | # Allows files commonly used by IDEs |
18 | include allow-common-devel.inc | 17 | include allow-common-devel.inc |
19 | 18 | ||
19 | # Allow ssh (blacklisted by disable-common.inc) | ||
20 | include allow-ssh.inc | ||
21 | |||
20 | include disable-common.inc | 22 | include disable-common.inc |
21 | include disable-passwdmgr.inc | 23 | include disable-passwdmgr.inc |
22 | include disable-programs.inc | 24 | include disable-programs.inc |
diff --git a/etc/profile-a-l/clion.profile b/etc/profile-a-l/clion.profile index b27d93684..09246ccbc 100644 --- a/etc/profile-a-l/clion.profile +++ b/etc/profile-a-l/clion.profile | |||
@@ -11,9 +11,11 @@ noblacklist ${HOME}/.gitconfig | |||
11 | noblacklist ${HOME}/.git-credentials | 11 | noblacklist ${HOME}/.git-credentials |
12 | noblacklist ${HOME}/.java | 12 | noblacklist ${HOME}/.java |
13 | noblacklist ${HOME}/.local/share/JetBrains | 13 | noblacklist ${HOME}/.local/share/JetBrains |
14 | noblacklist ${HOME}/.ssh | ||
15 | noblacklist ${HOME}/.tooling | 14 | noblacklist ${HOME}/.tooling |
16 | 15 | ||
16 | # Allow ssh (blacklisted by disable-common.inc) | ||
17 | include allow-ssh.inc | ||
18 | |||
17 | include disable-common.inc | 19 | include disable-common.inc |
18 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 21 | include disable-programs.inc |
diff --git a/etc/profile-a-l/filezilla.profile b/etc/profile-a-l/filezilla.profile index 43e877fd0..728929638 100644 --- a/etc/profile-a-l/filezilla.profile +++ b/etc/profile-a-l/filezilla.profile | |||
@@ -8,12 +8,14 @@ include globals.local | |||
8 | 8 | ||
9 | noblacklist ${HOME}/.config/filezilla | 9 | noblacklist ${HOME}/.config/filezilla |
10 | noblacklist ${HOME}/.filezilla | 10 | noblacklist ${HOME}/.filezilla |
11 | noblacklist ${HOME}/.ssh | ||
12 | 11 | ||
13 | # Allow python (blacklisted by disable-interpreters.inc) | 12 | # Allow python (blacklisted by disable-interpreters.inc) |
14 | include allow-python2.inc | 13 | include allow-python2.inc |
15 | include allow-python3.inc | 14 | include allow-python3.inc |
16 | 15 | ||
16 | # Allow ssh (blacklisted by disable-common.inc) | ||
17 | include allow-ssh.inc | ||
18 | |||
17 | include disable-common.inc | 19 | include disable-common.inc |
18 | include disable-devel.inc | 20 | include disable-devel.inc |
19 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
diff --git a/etc/profile-a-l/git-cola.profile b/etc/profile-a-l/git-cola.profile index 4708078dd..312655b9b 100644 --- a/etc/profile-a-l/git-cola.profile +++ b/etc/profile-a-l/git-cola.profile | |||
@@ -11,16 +11,19 @@ ignore noexec ${HOME} | |||
11 | noblacklist ${HOME}/.gitconfig | 11 | noblacklist ${HOME}/.gitconfig |
12 | noblacklist ${HOME}/.git-credentials | 12 | noblacklist ${HOME}/.git-credentials |
13 | noblacklist ${HOME}/.gnupg | 13 | noblacklist ${HOME}/.gnupg |
14 | noblacklist ${HOME}/.ssh | ||
15 | noblacklist ${HOME}/.subversion | 14 | noblacklist ${HOME}/.subversion |
16 | noblacklist ${HOME}/.config/git | 15 | noblacklist ${HOME}/.config/git |
17 | noblacklist ${HOME}/.config/git-cola | 16 | noblacklist ${HOME}/.config/git-cola |
18 | # Put your editor,diff viewer config path below and uncomment to load settings | 17 | # Put your editor,diff viewer config path below and uncomment to load settings |
19 | # noblacklist ${HOME}/ | 18 | # noblacklist ${HOME}/ |
20 | 19 | ||
20 | # Allow python (blacklisted by disable-interpreters.inc) | ||
21 | include allow-python2.inc | 21 | include allow-python2.inc |
22 | include allow-python3.inc | 22 | include allow-python3.inc |
23 | 23 | ||
24 | # Allow ssh (blacklisted by disable-common.inc) | ||
25 | include allow-ssh.inc | ||
26 | |||
24 | include disable-common.inc | 27 | include disable-common.inc |
25 | include disable-devel.inc | 28 | include disable-devel.inc |
26 | include disable-exec.inc | 29 | include disable-exec.inc |
diff --git a/etc/profile-a-l/git.profile b/etc/profile-a-l/git.profile index e5a2f3985..aefb2917d 100644 --- a/etc/profile-a-l/git.profile +++ b/etc/profile-a-l/git.profile | |||
@@ -15,10 +15,12 @@ noblacklist ${HOME}/.gitconfig | |||
15 | noblacklist ${HOME}/.git-credentials | 15 | noblacklist ${HOME}/.git-credentials |
16 | noblacklist ${HOME}/.gnupg | 16 | noblacklist ${HOME}/.gnupg |
17 | noblacklist ${HOME}/.nanorc | 17 | noblacklist ${HOME}/.nanorc |
18 | noblacklist ${HOME}/.ssh | ||
19 | noblacklist ${HOME}/.vim | 18 | noblacklist ${HOME}/.vim |
20 | noblacklist ${HOME}/.viminfo | 19 | noblacklist ${HOME}/.viminfo |
21 | 20 | ||
21 | # Allow ssh (blacklisted by disable-common.inc) | ||
22 | include allow-ssh.inc | ||
23 | |||
22 | blacklist /tmp/.X11-unix | 24 | blacklist /tmp/.X11-unix |
23 | blacklist ${RUNUSER}/wayland-* | 25 | blacklist ${RUNUSER}/wayland-* |
24 | 26 | ||
diff --git a/etc/profile-a-l/gitg.profile b/etc/profile-a-l/gitg.profile index 3d80c1ed2..93b90eb9e 100644 --- a/etc/profile-a-l/gitg.profile +++ b/etc/profile-a-l/gitg.profile | |||
@@ -10,7 +10,9 @@ noblacklist ${HOME}/.config/git | |||
10 | noblacklist ${HOME}/.gitconfig | 10 | noblacklist ${HOME}/.gitconfig |
11 | noblacklist ${HOME}/.git-credentials | 11 | noblacklist ${HOME}/.git-credentials |
12 | noblacklist ${HOME}/.local/share/gitg | 12 | noblacklist ${HOME}/.local/share/gitg |
13 | noblacklist ${HOME}/.ssh | 13 | |
14 | # Allow ssh (blacklisted by disable-common.inc) | ||
15 | include allow-ssh.inc | ||
14 | 16 | ||
15 | include disable-common.inc | 17 | include disable-common.inc |
16 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/profile-a-l/idea.sh.profile b/etc/profile-a-l/idea.sh.profile index a7d0d531f..0a048a38a 100644 --- a/etc/profile-a-l/idea.sh.profile +++ b/etc/profile-a-l/idea.sh.profile | |||
@@ -10,12 +10,14 @@ noblacklist ${HOME}/.android | |||
10 | noblacklist ${HOME}/.jack-server | 10 | noblacklist ${HOME}/.jack-server |
11 | noblacklist ${HOME}/.jack-settings | 11 | noblacklist ${HOME}/.jack-settings |
12 | noblacklist ${HOME}/.local/share/JetBrains | 12 | noblacklist ${HOME}/.local/share/JetBrains |
13 | noblacklist ${HOME}/.ssh | ||
14 | noblacklist ${HOME}/.tooling | 13 | noblacklist ${HOME}/.tooling |
15 | 14 | ||
16 | # Allows files commonly used by IDEs | 15 | # Allows files commonly used by IDEs |
17 | include allow-common-devel.inc | 16 | include allow-common-devel.inc |
18 | 17 | ||
18 | # Allow ssh (blacklisted by disable-common.inc) | ||
19 | include allow-ssh.inc | ||
20 | |||
19 | include disable-common.inc | 21 | include disable-common.inc |
20 | include disable-passwdmgr.inc | 22 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 23 | include disable-programs.inc |
diff --git a/etc/profile-m-z/meld.profile b/etc/profile-m-z/meld.profile index 1a68cd37d..d76522fce 100644 --- a/etc/profile-m-z/meld.profile +++ b/etc/profile-m-z/meld.profile | |||
@@ -18,7 +18,6 @@ noblacklist ${HOME}/.config/git | |||
18 | noblacklist ${HOME}/.gitconfig | 18 | noblacklist ${HOME}/.gitconfig |
19 | noblacklist ${HOME}/.git-credentials | 19 | noblacklist ${HOME}/.git-credentials |
20 | noblacklist ${HOME}/.local/share/meld | 20 | noblacklist ${HOME}/.local/share/meld |
21 | noblacklist ${HOME}/.ssh | ||
22 | noblacklist ${HOME}/.subversion | 21 | noblacklist ${HOME}/.subversion |
23 | 22 | ||
24 | # Allow python (blacklisted by disable-interpreters.inc) | 23 | # Allow python (blacklisted by disable-interpreters.inc) |
@@ -26,6 +25,9 @@ noblacklist ${HOME}/.subversion | |||
26 | #include allow-python2.inc | 25 | #include allow-python2.inc |
27 | include allow-python3.inc | 26 | include allow-python3.inc |
28 | 27 | ||
28 | # Allow ssh (blacklisted by disable-common.inc) | ||
29 | include allow-ssh.inc | ||
30 | |||
29 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-common.inc. | 31 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-common.inc. |
30 | #include disable-common.inc | 32 | #include disable-common.inc |
31 | include disable-devel.inc | 33 | include disable-devel.inc |
diff --git a/etc/profile-m-z/remmina.profile b/etc/profile-m-z/remmina.profile index 6311c91df..d4c7bdf31 100644 --- a/etc/profile-m-z/remmina.profile +++ b/etc/profile-m-z/remmina.profile | |||
@@ -9,7 +9,9 @@ include globals.local | |||
9 | noblacklist ${HOME}/.remmina | 9 | noblacklist ${HOME}/.remmina |
10 | noblacklist ${HOME}/.config/remmina | 10 | noblacklist ${HOME}/.config/remmina |
11 | noblacklist ${HOME}/.local/share/remmina | 11 | noblacklist ${HOME}/.local/share/remmina |
12 | noblacklist ${HOME}/.ssh | 12 | |
13 | # Allow ssh (blacklisted by disable-common.inc) | ||
14 | include allow-ssh.inc | ||
13 | 15 | ||
14 | include disable-common.inc | 16 | include disable-common.inc |
15 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-m-z/seahorse.profile b/etc/profile-m-z/seahorse.profile index 8bb1f53a7..065409e78 100644 --- a/etc/profile-m-z/seahorse.profile +++ b/etc/profile-m-z/seahorse.profile | |||
@@ -9,8 +9,9 @@ include globals.local | |||
9 | blacklist /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | 10 | ||
11 | noblacklist ${HOME}/.gnupg | 11 | noblacklist ${HOME}/.gnupg |
12 | noblacklist ${HOME}/.ssh | 12 | |
13 | noblacklist /tmp/ssh-* | 13 | # Allow ssh (blacklisted by disable-common.inc) |
14 | include allow-ssh.inc | ||
14 | 15 | ||
15 | include disable-common.inc | 16 | include disable-common.inc |
16 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile index 01b63d3ce..5802299a3 100644 --- a/etc/profile-m-z/ssh-agent.profile +++ b/etc/profile-m-z/ssh-agent.profile | |||
@@ -6,9 +6,8 @@ include ssh-agent.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist /etc/ssh | 9 | # Allow ssh (blacklisted by disable-common.inc) |
10 | noblacklist /tmp/ssh-* | 10 | include allow-ssh.inc |
11 | noblacklist ${HOME}/.ssh | ||
12 | 11 | ||
13 | blacklist /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
14 | blacklist ${RUNUSER}/wayland-* | 13 | blacklist ${RUNUSER}/wayland-* |
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile index e3e2b4541..641c3a79d 100644 --- a/etc/profile-m-z/ssh.profile +++ b/etc/profile-m-z/ssh.profile | |||
@@ -7,13 +7,13 @@ include ssh.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | noblacklist /etc/ssh | ||
11 | noblacklist /tmp/ssh-* | ||
12 | noblacklist ${HOME}/.ssh | ||
13 | # nc can be used as ProxyCommand, e.g. when using tor | 10 | # nc can be used as ProxyCommand, e.g. when using tor |
14 | noblacklist ${PATH}/nc | 11 | noblacklist ${PATH}/nc |
15 | noblacklist ${PATH}/ncat | 12 | noblacklist ${PATH}/ncat |
16 | 13 | ||
14 | # Allow ssh (blacklisted by disable-common.inc) | ||
15 | include allow-ssh.inc | ||
16 | |||
17 | include disable-common.inc | 17 | include disable-common.inc |
18 | include disable-exec.inc | 18 | include disable-exec.inc |
19 | include disable-passwdmgr.inc | 19 | include disable-passwdmgr.inc |
diff --git a/etc/profile-m-z/webstorm.profile b/etc/profile-m-z/webstorm.profile index fc4e8e571..a4adf2896 100644 --- a/etc/profile-m-z/webstorm.profile +++ b/etc/profile-m-z/webstorm.profile | |||
@@ -8,12 +8,14 @@ include globals.local | |||
8 | noblacklist ${HOME}/.WebStorm* | 8 | noblacklist ${HOME}/.WebStorm* |
9 | noblacklist ${HOME}/.android | 9 | noblacklist ${HOME}/.android |
10 | noblacklist ${HOME}/.local/share/JetBrains | 10 | noblacklist ${HOME}/.local/share/JetBrains |
11 | noblacklist ${HOME}/.ssh | ||
12 | noblacklist ${HOME}/.tooling | 11 | noblacklist ${HOME}/.tooling |
13 | 12 | ||
14 | # Allows files commonly used by IDEs | 13 | # Allows files commonly used by IDEs |
15 | include allow-common-devel.inc | 14 | include allow-common-devel.inc |
16 | 15 | ||
16 | # Allow ssh (blacklisted by disable-common.inc) | ||
17 | include allow-ssh.inc | ||
18 | |||
17 | noblacklist ${PATH}/node | 19 | noblacklist ${PATH}/node |
18 | noblacklist ${HOME}/.nvm | 20 | noblacklist ${HOME}/.nvm |
19 | 21 | ||
diff --git a/etc/profile-m-z/x2goclient.profile b/etc/profile-m-z/x2goclient.profile index bc9603835..6146016b2 100644 --- a/etc/profile-m-z/x2goclient.profile +++ b/etc/profile-m-z/x2goclient.profile | |||
@@ -6,10 +6,12 @@ include x2goclient.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.ssh | ||
10 | noblacklist ${HOME}/.x2go | 9 | noblacklist ${HOME}/.x2go |
11 | noblacklist ${HOME}/.x2goclient | 10 | noblacklist ${HOME}/.x2goclient |
12 | 11 | ||
12 | # Allow ssh (blacklisted by disable-common.inc) | ||
13 | include allow-ssh.inc | ||
14 | |||
13 | include disable-common.inc | 15 | include disable-common.inc |
14 | include disable-devel.inc | 16 | include disable-devel.inc |
15 | include disable-exec.inc | 17 | include disable-exec.inc |
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 8b44b0bc0..9e9fc3fe9 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
@@ -103,6 +103,9 @@ include globals.local | |||
103 | # Allows files commonly used by IDEs | 103 | # Allows files commonly used by IDEs |
104 | #include allow-common-devel.inc | 104 | #include allow-common-devel.inc |
105 | 105 | ||
106 | # Allow ssh (blacklisted by disable-common.inc) | ||
107 | #include allow-ssh.inc | ||
108 | |||
106 | #include disable-common.inc | 109 | #include disable-common.inc |
107 | #include disable-devel.inc | 110 | #include disable-devel.inc |
108 | #include disable-exec.inc | 111 | #include disable-exec.inc |