4 files changed, 15 insertions, 10 deletions
diff --git a/etc/profile-m-z/QOwnNotes.profile b/etc/profile-m-z/QOwnNotes.profile
index e7dba9cd5..023071f68 100644
--- a/etc/profile-m-z/QOwnNotes.profile
+++ b/etc/profile-m-z/QOwnNotes.profile
@@ -7,9 +7,10 @@ include QOwnNotes.local
 include globals.local
 noblacklist ${DOCUMENTS}
-noblacklist ${HOME}/Nextcloud/Notes
 noblacklist ${HOME}/.config/PBE
 noblacklist ${HOME}/.local/share/PBE
+noblacklist ${HOME}/Nextcloud
+noblacklist ${HOME}/Nextcloud/Notes
 include disable-common.inc
 include disable-devel.inc
@@ -19,13 +20,13 @@ include disable-programs.inc
 include disable-shell.inc
 include disable-xdg.inc
-mkdir ${HOME}/Nextcloud/Notes
 mkdir ${HOME}/.config/PBE
 mkdir ${HOME}/.local/share/PBE
+mkdir ${HOME}/Nextcloud/Notes
 whitelist ${DOCUMENTS}
-whitelist ${HOME}/Nextcloud/Notes
 whitelist ${HOME}/.config/PBE
 whitelist ${HOME}/.local/share/PBE
+whitelist ${HOME}/Nextcloud/Notes
 include whitelist-common.inc
 include whitelist-var-common.inc
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile
index 960c494db..b6453f6a9 100644
--- a/etc/profile-m-z/nextcloud.profile
+++ b/etc/profile-m-z/nextcloud.profile
@@ -6,9 +6,10 @@ include nextcloud.local
 # Persistent global definitions
 include globals.local
-noblacklist ${HOME}/Nextcloud
 noblacklist ${HOME}/.config/Nextcloud
 noblacklist ${HOME}/.local/share/Nextcloud
+noblacklist ${HOME}/Nextcloud
+noblacklist ${HOME}/Nextcloud/Notes
 # Add the next lines to your nextcloud.local to allow sync in more directories.
 #noblacklist ${DOCUMENTS}
 #noblacklist ${MUSIC}
@@ -23,12 +24,12 @@ include disable-programs.inc
 include disable-shell.inc
 include disable-xdg.inc
-mkdir ${HOME}/Nextcloud
 mkdir ${HOME}/.config/Nextcloud
 mkdir ${HOME}/.local/share/Nextcloud
-whitelist ${HOME}/Nextcloud
+mkdir ${HOME}/Nextcloud
 whitelist ${HOME}/.config/Nextcloud
 whitelist ${HOME}/.local/share/Nextcloud
+whitelist ${HOME}/Nextcloud
 whitelist /usr/share/nextcloud
 # Add the next lines to your nextcloud.local to allow sync in more directories.
 #whitelist ${DOCUMENTS}
@@ -61,15 +62,15 @@ tracelog
 disable-mnt
 private-bin nextcloud,nextcloud-desktop
 private-cache
-private-etc @tls-ca,@x11,Nextcloud,host.conf,os-release
 private-dev
+private-etc @tls-ca,@x11,Nextcloud,host.conf,os-release
 private-tmp
 # IMPORTANT: create ~/.local/share/dbus-1/services/com.nextcloudgmbh.Nextcloud.service
 # referencing the firejailed /usr/local/bin/nextcloud to keep nextcloud running sandboxed
 # even when its dbus name gets activated
 # see https://github.com/netblue30/firejail/wiki/Frequently-Asked-Questions#how-do-i-sandbox-applications-started-via-systemd-or-d-bus-services
-dbus-user filter 
+dbus-user filter
 dbus-user.own com.nextcloudgmbh.Nextcloud
 dbus-user.talk org.freedesktop.secrets
 ?ALLOW_TRAY: dbus-user.talk org.kde.StatusNotifierWatcher
diff --git a/etc/profile-m-z/ssh.profile b/etc/profile-m-z/ssh.profile
index 1c4d85ea0..018e05230 100644
--- a/etc/profile-m-z/ssh.profile
+++ b/etc/profile-m-z/ssh.profile
@@ -19,11 +19,11 @@ include disable-exec.inc
 include disable-programs.inc
 whitelist ${RUNUSER}/gcr/ssh
-whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh # default gpg homedir setup
 whitelist ${RUNUSER}/gnupg/*/S.gpg-agent.ssh # custom gpg homedir setup
+whitelist ${RUNUSER}/gnupg/S.gpg-agent.ssh # default gpg homedir setup
 whitelist ${RUNUSER}/keyring/ssh
-include whitelist-usr-share-common.inc
 include whitelist-runuser-common.inc
+include whitelist-usr-share-common.inc
 apparmor
 caps.drop all
diff --git a/etc/profile-m-z/wesnoth.profile b/etc/profile-m-z/wesnoth.profile
index b6f29cfbf..90de16bdb 100644
--- a/etc/profile-m-z/wesnoth.profile
+++ b/etc/profile-m-z/wesnoth.profile
@@ -10,6 +10,9 @@ noblacklist ${HOME}/.cache/wesnoth
 noblacklist ${HOME}/.config/wesnoth
 noblacklist ${HOME}/.local/share/wesnoth
+# Allow lua (blacklisted by disable-interpreters.inc)
+include allow-lua.inc
 include disable-common.inc
 include disable-devel.inc
 include disable-interpreters.inc