diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/allow-common-devel.inc | 6 | ||||
-rw-r--r-- | etc/inc/disable-common.inc | 10 | ||||
-rw-r--r-- | etc/inc/disable-programs.inc | 30 | ||||
-rw-r--r-- | etc/inc/whitelist-common.inc | 1 | ||||
-rw-r--r-- | etc/profile-a-l/etr.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/frozen-bubble.profile | 5 | ||||
-rw-r--r-- | etc/profile-a-l/gnome-chess.profile | 4 | ||||
-rw-r--r-- | etc/profile-a-l/gnome-hexgl.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/megaglest.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/minetest.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/ostrichriders.profile | 2 | ||||
-rw-r--r-- | etc/profile-m-z/pingus.profile | 10 | ||||
-rw-r--r-- | etc/profile-m-z/scorched3d-wrapper.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/scorched3d.profile | 3 | ||||
-rw-r--r-- | etc/profile-m-z/supertux2.profile | 5 | ||||
-rw-r--r-- | etc/profile-m-z/torcs.profile | 4 | ||||
-rw-r--r-- | etc/profile-m-z/transmission-gtk.profile | 1 |
17 files changed, 91 insertions, 6 deletions
diff --git a/etc/inc/allow-common-devel.inc b/etc/inc/allow-common-devel.inc index 63174eda6..7cd087b14 100644 --- a/etc/inc/allow-common-devel.inc +++ b/etc/inc/allow-common-devel.inc | |||
@@ -12,10 +12,16 @@ noblacklist ${HOME}/.gradle | |||
12 | noblacklist ${HOME}/.java | 12 | noblacklist ${HOME}/.java |
13 | 13 | ||
14 | # Python | 14 | # Python |
15 | noblacklist ${HOME}/.pylint.d | ||
15 | noblacklist ${HOME}/.python-history | 16 | noblacklist ${HOME}/.python-history |
16 | noblacklist ${HOME}/.python_history | 17 | noblacklist ${HOME}/.python_history |
17 | noblacklist ${HOME}/.pythonhist | 18 | noblacklist ${HOME}/.pythonhist |
18 | 19 | ||
19 | # Rust | 20 | # Rust |
21 | noblacklist ${HOME}/.cargo/advisory-db | ||
20 | noblacklist ${HOME}/.cargo/config | 22 | noblacklist ${HOME}/.cargo/config |
23 | noblacklist ${HOME}/.cargo/git | ||
21 | noblacklist ${HOME}/.cargo/registry | 24 | noblacklist ${HOME}/.cargo/registry |
25 | noblacklist ${HOME}/.cargo/.crates.toml | ||
26 | noblacklist ${HOME}/.cargo/.crates2.json | ||
27 | noblacklist ${HOME}/.cargo/.package-cache | ||
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc index 92c6cd2a8..3fd3cc7b2 100644 --- a/etc/inc/disable-common.inc +++ b/etc/inc/disable-common.inc | |||
@@ -149,8 +149,9 @@ read-only ${HOME}/.config/dconf | |||
149 | blacklist ${HOME}/.config/systemd | 149 | blacklist ${HOME}/.config/systemd |
150 | blacklist ${HOME}/.local/share/systemd | 150 | blacklist ${HOME}/.local/share/systemd |
151 | blacklist /var/lib/systemd | 151 | blacklist /var/lib/systemd |
152 | # blacklist /var/run/systemd | 152 | blacklist ${PATH}/systemd-run |
153 | # creates problems on Arch where /etc/resolv.conf is a symlink to /var/run/systemd/resolve/resolv.conf | 153 | # creates problems on Arch where /etc/resolv.conf is a symlink to /var/run/systemd/resolve/resolv.conf |
154 | #blacklist /var/run/systemd | ||
154 | 155 | ||
155 | # openrc | 156 | # openrc |
156 | blacklist /etc/runlevels/ | 157 | blacklist /etc/runlevels/ |
@@ -308,13 +309,17 @@ read-only ${HOME}/bin | |||
308 | read-only ${HOME}/.bin | 309 | read-only ${HOME}/.bin |
309 | read-only ${HOME}/.local/bin | 310 | read-only ${HOME}/.local/bin |
310 | read-only ${HOME}/.cargo/bin | 311 | read-only ${HOME}/.cargo/bin |
311 | read-only ${HOME}/.cargo/env | ||
312 | 312 | ||
313 | # Write-protection for desktop entries | 313 | # Write-protection for desktop entries |
314 | read-only ${HOME}/.config/menus | 314 | read-only ${HOME}/.config/menus |
315 | read-only ${HOME}/.gnome/apps | 315 | read-only ${HOME}/.gnome/apps |
316 | read-only ${HOME}/.local/share/applications | 316 | read-only ${HOME}/.local/share/applications |
317 | 317 | ||
318 | read-only ${HOME}/.config/mimeapps.list | ||
319 | read-only ${HOME}/.config/user-dirs.dirs | ||
320 | read-only ${HOME}/.config/user-dirs.locale | ||
321 | read-only ${HOME}/.local/share/mime | ||
322 | |||
318 | # Write-protection for thumbnailer dir | 323 | # Write-protection for thumbnailer dir |
319 | read-only ${HOME}/.local/share/thumbnailers | 324 | read-only ${HOME}/.local/share/thumbnailers |
320 | 325 | ||
@@ -451,6 +456,7 @@ blacklist /vmlinuz* | |||
451 | blacklist /.snapshots | 456 | blacklist /.snapshots |
452 | 457 | ||
453 | # flatpak | 458 | # flatpak |
459 | blacklist ${HOME}/.cache/flatpak | ||
454 | blacklist ${HOME}/.config/flatpak | 460 | blacklist ${HOME}/.config/flatpak |
455 | blacklist ${HOME}/.local/share/flatpak/app | 461 | blacklist ${HOME}/.local/share/flatpak/app |
456 | blacklist ${HOME}/.local/share/flatpak/appstream | 462 | blacklist ${HOME}/.local/share/flatpak/appstream |
diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 9e6af8785..89189b533 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc | |||
@@ -54,8 +54,13 @@ blacklist ${HOME}/.bibletime | |||
54 | blacklist ${HOME}/.bitcoin | 54 | blacklist ${HOME}/.bitcoin |
55 | blacklist ${HOME}/.bogofilter | 55 | blacklist ${HOME}/.bogofilter |
56 | blacklist ${HOME}/.bzf | 56 | blacklist ${HOME}/.bzf |
57 | blacklist ${HOME}/.cargo/registry | 57 | blacklist ${HOME}/.cargo/advisory-db |
58 | blacklist ${HOME}/.cargo/config | 58 | blacklist ${HOME}/.cargo/config |
59 | blacklist ${HOME}/.cargo/git | ||
60 | blacklist ${HOME}/.cargo/registry | ||
61 | blacklist ${HOME}/.cargo/.crates.toml | ||
62 | blacklist ${HOME}/.cargo/.crates2.json | ||
63 | blacklist ${HOME}/.cargo/.package-cache | ||
59 | blacklist ${HOME}/.claws-mail | 64 | blacklist ${HOME}/.claws-mail |
60 | blacklist ${HOME}/.cliqz | 65 | blacklist ${HOME}/.cliqz |
61 | blacklist ${HOME}/.clonk | 66 | blacklist ${HOME}/.clonk |
@@ -75,6 +80,7 @@ blacklist ${HOME}/.config/Code - OSS | |||
75 | blacklist ${HOME}/.config/Code Industry | 80 | blacklist ${HOME}/.config/Code Industry |
76 | blacklist ${HOME}/.config/Cryptocat | 81 | blacklist ${HOME}/.config/Cryptocat |
77 | blacklist ${HOME}/.config/Debauchee/Barrier.conf | 82 | blacklist ${HOME}/.config/Debauchee/Barrier.conf |
83 | blacklist ${HOME}/.config/Dharkael | ||
78 | blacklist ${HOME}/.config/Enox | 84 | blacklist ${HOME}/.config/Enox |
79 | blacklist ${HOME}/.config/Ferdi | 85 | blacklist ${HOME}/.config/Ferdi |
80 | blacklist ${HOME}/.config/Franz | 86 | blacklist ${HOME}/.config/Franz |
@@ -118,6 +124,7 @@ blacklist ${HOME}/.config/Slack | |||
118 | blacklist ${HOME}/.config/Standard Notes | 124 | blacklist ${HOME}/.config/Standard Notes |
119 | blacklist ${HOME}/.config/SubDownloader | 125 | blacklist ${HOME}/.config/SubDownloader |
120 | blacklist ${HOME}/.config/Thunar | 126 | blacklist ${HOME}/.config/Thunar |
127 | blacklist ${HOME}/.config/Unknown Organization | ||
121 | blacklist ${HOME}/.config/VirtualBox | 128 | blacklist ${HOME}/.config/VirtualBox |
122 | blacklist ${HOME}/.config/Wire | 129 | blacklist ${HOME}/.config/Wire |
123 | blacklist ${HOME}/.config/Zeal | 130 | blacklist ${HOME}/.config/Zeal |
@@ -125,6 +132,7 @@ blacklist ${HOME}/.config/abiword | |||
125 | blacklist ${HOME}/.config/agenda | 132 | blacklist ${HOME}/.config/agenda |
126 | blacklist ${HOME}/.config/akonadi* | 133 | blacklist ${HOME}/.config/akonadi* |
127 | blacklist ${HOME}/.config/akregatorrc | 134 | blacklist ${HOME}/.config/akregatorrc |
135 | blacklist ${HOME}/.config/alacritty | ||
128 | blacklist ${HOME}/.config/ardour4 | 136 | blacklist ${HOME}/.config/ardour4 |
129 | blacklist ${HOME}/.config/ardour5 | 137 | blacklist ${HOME}/.config/ardour5 |
130 | blacklist ${HOME}/.config/aria2 | 138 | blacklist ${HOME}/.config/aria2 |
@@ -136,6 +144,7 @@ blacklist ${HOME}/.config/atril | |||
136 | blacklist ${HOME}/.config/audacious | 144 | blacklist ${HOME}/.config/audacious |
137 | blacklist ${HOME}/.config/autokey | 145 | blacklist ${HOME}/.config/autokey |
138 | blacklist ${HOME}/.config/aweather | 146 | blacklist ${HOME}/.config/aweather |
147 | blacklist ${HOME}/.config/backintime | ||
139 | blacklist ${HOME}/.config/baloofilerc | 148 | blacklist ${HOME}/.config/baloofilerc |
140 | blacklist ${HOME}/.config/baloorc | 149 | blacklist ${HOME}/.config/baloorc |
141 | blacklist ${HOME}/.config/blender | 150 | blacklist ${HOME}/.config/blender |
@@ -195,14 +204,18 @@ blacklist ${HOME}/.config/geeqie | |||
195 | blacklist ${HOME}/.config/ghb | 204 | blacklist ${HOME}/.config/ghb |
196 | blacklist ${HOME}/.config/ghostwriter | 205 | blacklist ${HOME}/.config/ghostwriter |
197 | blacklist ${HOME}/.config/git | 206 | blacklist ${HOME}/.config/git |
207 | blacklist ${HOME}/.config/glade.conf | ||
198 | blacklist ${HOME}/.config/globaltime | 208 | blacklist ${HOME}/.config/globaltime |
199 | blacklist ${HOME}/.config/gmpc | 209 | blacklist ${HOME}/.config/gmpc |
200 | blacklist ${HOME}/.config/gnome-builder | 210 | blacklist ${HOME}/.config/gnome-builder |
201 | blacklist ${HOME}/.config/gnome-chess | 211 | blacklist ${HOME}/.config/gnome-chess |
212 | blacklist ${HOME}/.config/gnome-control-center | ||
213 | blacklist ${HOME}/.config/gnome-initial-setup-done | ||
202 | blacklist ${HOME}/.config/gnome-latex | 214 | blacklist ${HOME}/.config/gnome-latex |
203 | blacklist ${HOME}/.config/gnome-mplayer | 215 | blacklist ${HOME}/.config/gnome-mplayer |
204 | blacklist ${HOME}/.config/gnome-mpv | 216 | blacklist ${HOME}/.config/gnome-mpv |
205 | blacklist ${HOME}/.config/gnome-pie | 217 | blacklist ${HOME}/.config/gnome-pie |
218 | blacklist ${HOME}/.config/gnome-session | ||
206 | blacklist ${HOME}/.config/godot | 219 | blacklist ${HOME}/.config/godot |
207 | blacklist ${HOME}/.config/google-chrome | 220 | blacklist ${HOME}/.config/google-chrome |
208 | blacklist ${HOME}/.config/google-chrome-beta | 221 | blacklist ${HOME}/.config/google-chrome-beta |
@@ -255,6 +268,7 @@ blacklist ${HOME}/.config/mate/eom | |||
255 | blacklist ${HOME}/.config/mate/mate-dictionary | 268 | blacklist ${HOME}/.config/mate/mate-dictionary |
256 | blacklist ${HOME}/.config/meld | 269 | blacklist ${HOME}/.config/meld |
257 | blacklist ${HOME}/.config/meteo-qt | 270 | blacklist ${HOME}/.config/meteo-qt |
271 | blacklist ${HOME}/.config/menulibre.cfg | ||
258 | blacklist ${HOME}/.config/mfusion | 272 | blacklist ${HOME}/.config/mfusion |
259 | blacklist ${HOME}/.config/Microsoft | 273 | blacklist ${HOME}/.config/Microsoft |
260 | blacklist ${HOME}/.config/midori | 274 | blacklist ${HOME}/.config/midori |
@@ -264,6 +278,7 @@ blacklist ${HOME}/.config/mpd | |||
264 | blacklist ${HOME}/.config/mps-youtube | 278 | blacklist ${HOME}/.config/mps-youtube |
265 | blacklist ${HOME}/.config/mpv | 279 | blacklist ${HOME}/.config/mpv |
266 | blacklist ${HOME}/.config/mupen64plus | 280 | blacklist ${HOME}/.config/mupen64plus |
281 | blacklist ${HOME}/.config/mutter | ||
267 | blacklist ${HOME}/.config/mypaint | 282 | blacklist ${HOME}/.config/mypaint |
268 | blacklist ${HOME}/.config/nano | 283 | blacklist ${HOME}/.config/nano |
269 | blacklist ${HOME}/.config/nautilus | 284 | blacklist ${HOME}/.config/nautilus |
@@ -362,6 +377,7 @@ blacklist ${HOME}/.config/zoomus.conf | |||
362 | blacklist ${HOME}/.config/Zulip | 377 | blacklist ${HOME}/.config/Zulip |
363 | blacklist ${HOME}/.conkeror.mozdev.org | 378 | blacklist ${HOME}/.conkeror.mozdev.org |
364 | blacklist ${HOME}/.crawl | 379 | blacklist ${HOME}/.crawl |
380 | blacklist ${HOME}/.cups | ||
365 | blacklist ${HOME}/.curlrc | 381 | blacklist ${HOME}/.curlrc |
366 | blacklist ${HOME}/.dashcore | 382 | blacklist ${HOME}/.dashcore |
367 | blacklist ${HOME}/.devilspie | 383 | blacklist ${HOME}/.devilspie |
@@ -400,6 +416,7 @@ blacklist ${HOME}/.gradle | |||
400 | blacklist ${HOME}/.gramps | 416 | blacklist ${HOME}/.gramps |
401 | blacklist ${HOME}/.guayadeque | 417 | blacklist ${HOME}/.guayadeque |
402 | blacklist ${HOME}/.hashcat | 418 | blacklist ${HOME}/.hashcat |
419 | blacklist ${HOME}/.hex-a-hop | ||
403 | blacklist ${HOME}/.hedgewars | 420 | blacklist ${HOME}/.hedgewars |
404 | blacklist ${HOME}/.hugin | 421 | blacklist ${HOME}/.hugin |
405 | blacklist ${HOME}/.i2p | 422 | blacklist ${HOME}/.i2p |
@@ -515,6 +532,7 @@ blacklist ${HOME}/.local/share/agenda | |||
515 | blacklist ${HOME}/.local/share/apps/korganizer | 532 | blacklist ${HOME}/.local/share/apps/korganizer |
516 | blacklist ${HOME}/.local/share/aspyr-media | 533 | blacklist ${HOME}/.local/share/aspyr-media |
517 | blacklist ${HOME}/.local/share/autokey | 534 | blacklist ${HOME}/.local/share/autokey |
535 | blacklist ${HOME}/.local/share/backintime | ||
518 | blacklist ${HOME}/.local/share/baloo | 536 | blacklist ${HOME}/.local/share/baloo |
519 | blacklist ${HOME}/.local/share/barrier | 537 | blacklist ${HOME}/.local/share/barrier |
520 | blacklist ${HOME}/.local/share/bibletime | 538 | blacklist ${HOME}/.local/share/bibletime |
@@ -545,8 +563,9 @@ blacklist ${HOME}/.local/share/geeqie | |||
545 | blacklist ${HOME}/.local/share/ghostwriter | 563 | blacklist ${HOME}/.local/share/ghostwriter |
546 | blacklist ${HOME}/.local/share/gitg | 564 | blacklist ${HOME}/.local/share/gitg |
547 | blacklist ${HOME}/.local/share/gnome-2048 | 565 | blacklist ${HOME}/.local/share/gnome-2048 |
548 | blacklist ${HOME}/.local/share/gnome-chess | 566 | blacklist ${HOME}/.local/share/gnome-boxes |
549 | blacklist ${HOME}/.local/share/gnome-builder | 567 | blacklist ${HOME}/.local/share/gnome-builder |
568 | blacklist ${HOME}/.local/share/gnome-chess | ||
550 | blacklist ${HOME}/.local/share/gnome-klotski | 569 | blacklist ${HOME}/.local/share/gnome-klotski |
551 | blacklist ${HOME}/.local/share/gnome-latex | 570 | blacklist ${HOME}/.local/share/gnome-latex |
552 | blacklist ${HOME}/.local/share/gnome-mines | 571 | blacklist ${HOME}/.local/share/gnome-mines |
@@ -672,6 +691,7 @@ blacklist ${HOME}/.penguin-command | |||
672 | blacklist ${HOME}/.pingus | 691 | blacklist ${HOME}/.pingus |
673 | blacklist ${HOME}/.pioneer | 692 | blacklist ${HOME}/.pioneer |
674 | blacklist ${HOME}/.purple | 693 | blacklist ${HOME}/.purple |
694 | blacklist ${HOME}/.pylint.d | ||
675 | blacklist ${HOME}/.qemu-launcher | 695 | blacklist ${HOME}/.qemu-launcher |
676 | blacklist ${HOME}/.qgis2 | 696 | blacklist ${HOME}/.qgis2 |
677 | blacklist ${HOME}/.qmmp | 697 | blacklist ${HOME}/.qmmp |
@@ -702,6 +722,7 @@ blacklist ${HOME}/.config/teams-for-linux | |||
702 | blacklist ${HOME}/.tb | 722 | blacklist ${HOME}/.tb |
703 | blacklist ${HOME}/.tconn | 723 | blacklist ${HOME}/.tconn |
704 | blacklist ${HOME}/.teeworlds | 724 | blacklist ${HOME}/.teeworlds |
725 | blacklist ${HOME}/.texlive2018 | ||
705 | blacklist ${HOME}/.thunderbird | 726 | blacklist ${HOME}/.thunderbird |
706 | blacklist ${HOME}/.tilp | 727 | blacklist ${HOME}/.tilp |
707 | blacklist ${HOME}/.tooling | 728 | blacklist ${HOME}/.tooling |
@@ -779,6 +800,7 @@ blacklist ${HOME}/.cache/chromium-dev | |||
779 | blacklist ${HOME}/.cache/cliqz | 800 | blacklist ${HOME}/.cache/cliqz |
780 | blacklist ${HOME}/.cache/com.github.johnfactotum.Foliate | 801 | blacklist ${HOME}/.cache/com.github.johnfactotum.Foliate |
781 | blacklist ${HOME}/.cache/darktable | 802 | blacklist ${HOME}/.cache/darktable |
803 | blacklist ${HOME}/.cache/deja-dup | ||
782 | blacklist ${HOME}/.cache/discover | 804 | blacklist ${HOME}/.cache/discover |
783 | blacklist ${HOME}/.cache/dnox | 805 | blacklist ${HOME}/.cache/dnox |
784 | blacklist ${HOME}/.cache/dolphin | 806 | blacklist ${HOME}/.cache/dolphin |
@@ -795,9 +817,12 @@ blacklist ${HOME}/.cache/gegl-0.4 | |||
795 | blacklist ${HOME}/.cache/geeqie | 817 | blacklist ${HOME}/.cache/geeqie |
796 | blacklist ${HOME}/.cache/gfeeds | 818 | blacklist ${HOME}/.cache/gfeeds |
797 | blacklist ${HOME}/.cache/gimp | 819 | blacklist ${HOME}/.cache/gimp |
820 | blacklist ${HOME}/.cache/gnome-boxes | ||
798 | blacklist ${HOME}/.cache/gnome-builder | 821 | blacklist ${HOME}/.cache/gnome-builder |
822 | blacklist ${HOME}/.cache/gnome-control-center | ||
799 | blacklist ${HOME}/.cache/gnome-recipes | 823 | blacklist ${HOME}/.cache/gnome-recipes |
800 | blacklist ${HOME}/.cache/gnome-screenshot | 824 | blacklist ${HOME}/.cache/gnome-screenshot |
825 | blacklist ${HOME}/.cache/gnome-software | ||
801 | blacklist ${HOME}/.cache/gnome-twitch | 826 | blacklist ${HOME}/.cache/gnome-twitch |
802 | blacklist ${HOME}/.cache/godot | 827 | blacklist ${HOME}/.cache/godot |
803 | blacklist ${HOME}/.cache/google-chrome | 828 | blacklist ${HOME}/.cache/google-chrome |
@@ -848,6 +873,7 @@ blacklist ${HOME}/.cache/org.gnome.Books | |||
848 | blacklist ${HOME}/.cache/org.gnome.Maps | 873 | blacklist ${HOME}/.cache/org.gnome.Maps |
849 | blacklist ${HOME}/.cache/pdfmod | 874 | blacklist ${HOME}/.cache/pdfmod |
850 | blacklist ${HOME}/.cache/peek | 875 | blacklist ${HOME}/.cache/peek |
876 | blacklist ${HOME}/.cache/pip | ||
851 | blacklist ${HOME}/.cache/plasmashell | 877 | blacklist ${HOME}/.cache/plasmashell |
852 | blacklist ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite* | 878 | blacklist ${HOME}/.cache/plasmashellbookmarkrunnerfirefoxdbfile.sqlite* |
853 | blacklist ${HOME}/.cache/qBittorrent | 879 | blacklist ${HOME}/.cache/qBittorrent |
diff --git a/etc/inc/whitelist-common.inc b/etc/inc/whitelist-common.inc index 9c1b7b92c..a691b306c 100644 --- a/etc/inc/whitelist-common.inc +++ b/etc/inc/whitelist-common.inc | |||
@@ -38,6 +38,7 @@ whitelist ${HOME}/.pangorc | |||
38 | # gtk | 38 | # gtk |
39 | whitelist ${HOME}/.config/gtk-2.0 | 39 | whitelist ${HOME}/.config/gtk-2.0 |
40 | whitelist ${HOME}/.config/gtk-3.0 | 40 | whitelist ${HOME}/.config/gtk-3.0 |
41 | whitelist ${HOME}/.config/gtk-4.0 | ||
41 | whitelist ${HOME}/.config/gtkrc | 42 | whitelist ${HOME}/.config/gtkrc |
42 | whitelist ${HOME}/.config/gtkrc-2.0 | 43 | whitelist ${HOME}/.config/gtkrc-2.0 |
43 | whitelist ${HOME}/.gnome2 | 44 | whitelist ${HOME}/.gnome2 |
diff --git a/etc/profile-a-l/etr.profile b/etc/profile-a-l/etr.profile index 7afcd01d7..72f588366 100644 --- a/etc/profile-a-l/etr.profile +++ b/etc/profile-a-l/etr.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | noblacklist ${HOME}/.etr | 9 | noblacklist ${HOME}/.etr |
10 | 10 | ||
11 | include disable-common.inc | 11 | include disable-common.inc |
12 | include disable-devel.inc | ||
12 | include disable-exec.inc | 13 | include disable-exec.inc |
13 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
14 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
@@ -17,7 +18,10 @@ include disable-xdg.inc | |||
17 | 18 | ||
18 | mkdir ${HOME}/.etr | 19 | mkdir ${HOME}/.etr |
19 | whitelist ${HOME}/.etr | 20 | whitelist ${HOME}/.etr |
21 | whitelist /usr/share/etr | ||
20 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
22 | 26 | ||
23 | apparmor | 27 | apparmor |
diff --git a/etc/profile-a-l/frozen-bubble.profile b/etc/profile-a-l/frozen-bubble.profile index d1dc64bb9..9245ae3a9 100644 --- a/etc/profile-a-l/frozen-bubble.profile +++ b/etc/profile-a-l/frozen-bubble.profile | |||
@@ -17,10 +17,14 @@ include disable-exec.inc | |||
17 | include disable-interpreters.inc | 17 | include disable-interpreters.inc |
18 | include disable-passwdmgr.inc | 18 | include disable-passwdmgr.inc |
19 | include disable-programs.inc | 19 | include disable-programs.inc |
20 | include disable-xdg.inc | ||
20 | 21 | ||
21 | mkdir ${HOME}/.frozen-bubble | 22 | mkdir ${HOME}/.frozen-bubble |
22 | whitelist ${HOME}/.frozen-bubble | 23 | whitelist ${HOME}/.frozen-bubble |
24 | whitelist /usr/share/perl5 | ||
23 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | ||
27 | include whitelist-usr-share-common.inc | ||
24 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
25 | 29 | ||
26 | apparmor | 30 | apparmor |
@@ -36,6 +40,7 @@ novideo | |||
36 | protocol unix,netlink | 40 | protocol unix,netlink |
37 | seccomp | 41 | seccomp |
38 | shell none | 42 | shell none |
43 | tracelog | ||
39 | 44 | ||
40 | disable-mnt | 45 | disable-mnt |
41 | # private-bin frozen-bubble | 46 | # private-bin frozen-bubble |
diff --git a/etc/profile-a-l/gnome-chess.profile b/etc/profile-a-l/gnome-chess.profile index 2e2e86ac9..c1d2a34c0 100644 --- a/etc/profile-a-l/gnome-chess.profile +++ b/etc/profile-a-l/gnome-chess.profile | |||
@@ -17,6 +17,10 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | #mkdir ${HOME}/.local/share/gnome-chess | ||
21 | #whitelist ${HOME}/.local/share/gnome-chess | ||
22 | #include whitelist-common.inc | ||
23 | |||
20 | whitelist /usr/share/gnuchess | 24 | whitelist /usr/share/gnuchess |
21 | whitelist /usr/share/gnome-chess | 25 | whitelist /usr/share/gnome-chess |
22 | include whitelist-runuser-common.inc | 26 | include whitelist-runuser-common.inc |
diff --git a/etc/profile-a-l/gnome-hexgl.profile b/etc/profile-a-l/gnome-hexgl.profile index 873a47ea9..59fe330a1 100644 --- a/etc/profile-a-l/gnome-hexgl.profile +++ b/etc/profile-a-l/gnome-hexgl.profile | |||
@@ -40,7 +40,7 @@ private | |||
40 | private-bin gnome-hexgl | 40 | private-bin gnome-hexgl |
41 | private-cache | 41 | private-cache |
42 | private-dev | 42 | private-dev |
43 | private-etc machine-id | 43 | private-etc alsa,asound.conf,machine-id,pulse |
44 | private-tmp | 44 | private-tmp |
45 | 45 | ||
46 | dbus-user none | 46 | dbus-user none |
diff --git a/etc/profile-m-z/megaglest.profile b/etc/profile-m-z/megaglest.profile index 86e7f129e..19f9edf05 100644 --- a/etc/profile-m-z/megaglest.profile +++ b/etc/profile-m-z/megaglest.profile | |||
@@ -18,9 +18,13 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.megaglest | 19 | mkdir ${HOME}/.megaglest |
20 | whitelist ${HOME}/.megaglest | 20 | whitelist ${HOME}/.megaglest |
21 | whitelist /usr/share/megaglest | ||
21 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
23 | 26 | ||
27 | apparmor | ||
24 | caps.drop all | 28 | caps.drop all |
25 | ipc-namespace | 29 | ipc-namespace |
26 | netfilter | 30 | netfilter |
diff --git a/etc/profile-m-z/minetest.profile b/etc/profile-m-z/minetest.profile index 619173024..f201b13d7 100644 --- a/etc/profile-m-z/minetest.profile +++ b/etc/profile-m-z/minetest.profile | |||
@@ -21,7 +21,10 @@ mkdir ${HOME}/.cache/minetest | |||
21 | mkdir ${HOME}/.minetest | 21 | mkdir ${HOME}/.minetest |
22 | whitelist ${HOME}/.cache/minetest | 22 | whitelist ${HOME}/.cache/minetest |
23 | whitelist ${HOME}/.minetest | 23 | whitelist ${HOME}/.minetest |
24 | whitelist /usr/share/minetest | ||
24 | include whitelist-common.inc | 25 | include whitelist-common.inc |
26 | include whitelist-runuser-common.inc | ||
27 | include whitelist-usr-share-common.inc | ||
25 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
26 | 29 | ||
27 | caps.drop all | 30 | caps.drop all |
diff --git a/etc/profile-m-z/ostrichriders.profile b/etc/profile-m-z/ostrichriders.profile index 378d267f6..4cd4dae17 100644 --- a/etc/profile-m-z/ostrichriders.profile +++ b/etc/profile-m-z/ostrichriders.profile | |||
@@ -18,7 +18,9 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.ostrichriders | 19 | mkdir ${HOME}/.ostrichriders |
20 | whitelist ${HOME}/.ostrichriders | 20 | whitelist ${HOME}/.ostrichriders |
21 | whitelist /usr/share/ostrichriders | ||
21 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
23 | 25 | ||
24 | caps.drop all | 26 | caps.drop all |
diff --git a/etc/profile-m-z/pingus.profile b/etc/profile-m-z/pingus.profile index cfe45b9c9..0b6a9ad5f 100644 --- a/etc/profile-m-z/pingus.profile +++ b/etc/profile-m-z/pingus.profile | |||
@@ -14,10 +14,14 @@ include disable-exec.inc | |||
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | ||
17 | 18 | ||
18 | mkdir ${HOME}/.pingus | 19 | mkdir ${HOME}/.pingus |
19 | whitelist ${HOME}/.pingus | 20 | whitelist ${HOME}/.pingus |
21 | whitelist /usr/share/pingus | ||
20 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
22 | 26 | ||
23 | apparmor | 27 | apparmor |
@@ -33,9 +37,13 @@ novideo | |||
33 | protocol unix,netlink | 37 | protocol unix,netlink |
34 | seccomp | 38 | seccomp |
35 | shell none | 39 | shell none |
40 | tracelog | ||
36 | 41 | ||
37 | # private-bin pingus | 42 | disbale-mnt |
43 | private-bin pingus,pingus.bin,sh | ||
44 | private-cache | ||
38 | private-dev | 45 | private-dev |
46 | private-etc machine-id | ||
39 | private-tmp | 47 | private-tmp |
40 | 48 | ||
41 | dbus-user none | 49 | dbus-user none |
diff --git a/etc/profile-m-z/scorched3d-wrapper.profile b/etc/profile-m-z/scorched3d-wrapper.profile index 9cbb19bff..507d0827e 100644 --- a/etc/profile-m-z/scorched3d-wrapper.profile +++ b/etc/profile-m-z/scorched3d-wrapper.profile | |||
@@ -3,5 +3,8 @@ | |||
3 | # Persistent local customizations | 3 | # Persistent local customizations |
4 | include scorched3d-wrapper.local | 4 | include scorched3d-wrapper.local |
5 | 5 | ||
6 | whitelist /usr/share/opengl-games-utils | ||
7 | private-bin basename,bash,cut,glxinfo,grep,head,sed,zenity | ||
8 | |||
6 | # Redirect | 9 | # Redirect |
7 | include scorched3d.profile | 10 | include scorched3d.profile |
diff --git a/etc/profile-m-z/scorched3d.profile b/etc/profile-m-z/scorched3d.profile index b5e51198b..6a1003c33 100644 --- a/etc/profile-m-z/scorched3d.profile +++ b/etc/profile-m-z/scorched3d.profile | |||
@@ -18,7 +18,10 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.scorched3d | 19 | mkdir ${HOME}/.scorched3d |
20 | whitelist ${HOME}/.scorched3d | 20 | whitelist ${HOME}/.scorched3d |
21 | whitelist /usr/share/scorched3d | ||
21 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
23 | 26 | ||
24 | caps.drop all | 27 | caps.drop all |
diff --git a/etc/profile-m-z/supertux2.profile b/etc/profile-m-z/supertux2.profile index e1cdb114c..ceaae8fbf 100644 --- a/etc/profile-m-z/supertux2.profile +++ b/etc/profile-m-z/supertux2.profile | |||
@@ -14,10 +14,14 @@ include disable-exec.inc | |||
14 | include disable-interpreters.inc | 14 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | 15 | include disable-passwdmgr.inc |
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | ||
17 | 18 | ||
18 | mkdir ${HOME}/.local/share/supertux2 | 19 | mkdir ${HOME}/.local/share/supertux2 |
19 | whitelist ${HOME}/.local/share/supertux2 | 20 | whitelist ${HOME}/.local/share/supertux2 |
21 | whitelist /usr/share/supertux2 | ||
20 | include whitelist-common.inc | 22 | include whitelist-common.inc |
23 | include whitelist-runuser-common.inc | ||
24 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
22 | 26 | ||
23 | apparmor | 27 | apparmor |
@@ -33,6 +37,7 @@ novideo | |||
33 | protocol unix,netlink | 37 | protocol unix,netlink |
34 | seccomp | 38 | seccomp |
35 | shell none | 39 | shell none |
40 | tracelog | ||
36 | 41 | ||
37 | disable-mnt | 42 | disable-mnt |
38 | # private-bin supertux2 | 43 | # private-bin supertux2 |
diff --git a/etc/profile-m-z/torcs.profile b/etc/profile-m-z/torcs.profile index 8dcd7447b..1ed78934e 100644 --- a/etc/profile-m-z/torcs.profile +++ b/etc/profile-m-z/torcs.profile | |||
@@ -18,7 +18,10 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.torcs | 19 | mkdir ${HOME}/.torcs |
20 | whitelist ${HOME}/.torcs | 20 | whitelist ${HOME}/.torcs |
21 | whitelist /usr/share/games/torcs | ||
22 | whitelist /var/games/torcs | ||
21 | include whitelist-common.inc | 23 | include whitelist-common.inc |
24 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | 25 | include whitelist-var-common.inc |
23 | 26 | ||
24 | caps.drop all | 27 | caps.drop all |
@@ -37,6 +40,7 @@ shell none | |||
37 | tracelog | 40 | tracelog |
38 | 41 | ||
39 | disable-mnt | 42 | disable-mnt |
43 | private-bin bash,chmod,cp,mkdir,rm,torcs | ||
40 | private-cache | 44 | private-cache |
41 | private-dev | 45 | private-dev |
42 | private-tmp | 46 | private-tmp |
diff --git a/etc/profile-m-z/transmission-gtk.profile b/etc/profile-m-z/transmission-gtk.profile index baa970307..03111ec56 100644 --- a/etc/profile-m-z/transmission-gtk.profile +++ b/etc/profile-m-z/transmission-gtk.profile | |||
@@ -10,6 +10,7 @@ include globals.local | |||
10 | include whitelist-runuser-common.inc | 10 | include whitelist-runuser-common.inc |
11 | 11 | ||
12 | private-bin transmission-gtk | 12 | private-bin transmission-gtk |
13 | private-cache | ||
13 | 14 | ||
14 | ignore memory-deny-write-execute | 15 | ignore memory-deny-write-execute |
15 | 16 | ||