aboutsummaryrefslogtreecommitdiffstats
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/inc/disable-common.inc2
-rw-r--r--etc/profile-a-l/chromium-common.profile3
-rw-r--r--etc/profile-a-l/firefox-common.profile3
-rw-r--r--etc/profile-a-l/highlight.profile3
-rw-r--r--etc/profile-m-z/nextcloud.profile1
-rw-r--r--etc/profile-m-z/teams-for-linux.profile2
-rw-r--r--etc/profile-m-z/teams.profile2
-rw-r--r--etc/profile-m-z/telegram.profile5
-rw-r--r--etc/profile-m-z/tor-browser.profile3
9 files changed, 23 insertions, 1 deletions
diff --git a/etc/inc/disable-common.inc b/etc/inc/disable-common.inc
index 3ec13e482..b1ec25987 100644
--- a/etc/inc/disable-common.inc
+++ b/etc/inc/disable-common.inc
@@ -630,3 +630,5 @@ blacklist ${RUNUSER}/inaccessible
630blacklist ${RUNUSER}/pk-debconf-socket 630blacklist ${RUNUSER}/pk-debconf-socket
631blacklist ${RUNUSER}/update-notifier.pid 631blacklist ${RUNUSER}/update-notifier.pid
632 632
633# tor-browser
634blacklist ${HOME}/.local/opt/tor-browser
diff --git a/etc/profile-a-l/chromium-common.profile b/etc/profile-a-l/chromium-common.profile
index 7bfb61688..2992a2d6f 100644
--- a/etc/profile-a-l/chromium-common.profile
+++ b/etc/profile-a-l/chromium-common.profile
@@ -53,6 +53,9 @@ private-cache
53?BROWSER_DISABLE_U2F: private-dev 53?BROWSER_DISABLE_U2F: private-dev
54#private-tmp - issues when using multiple browser sessions 54#private-tmp - issues when using multiple browser sessions
55 55
56blacklist ${PATH}/curl
57blacklist ${PATH}/wget
58
56#dbus-user none - prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector. 59#dbus-user none - prevents access to passwords saved in GNOME Keyring and KWallet, also breaks Gnome connector.
57dbus-system none 60dbus-system none
58 61
diff --git a/etc/profile-a-l/firefox-common.profile b/etc/profile-a-l/firefox-common.profile
index ef647b5a0..e7d438b46 100644
--- a/etc/profile-a-l/firefox-common.profile
+++ b/etc/profile-a-l/firefox-common.profile
@@ -59,6 +59,9 @@ disable-mnt
59#private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg 59#private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
60private-tmp 60private-tmp
61 61
62blacklist ${PATH}/curl
63blacklist ${PATH}/wget
64
62# 'dbus-user none' breaks various desktop integration features like global menus, native notifications, 65# 'dbus-user none' breaks various desktop integration features like global menus, native notifications,
63# Gnome connector, KDE connect and power management on KDE Plasma. 66# Gnome connector, KDE connect and power management on KDE Plasma.
64dbus-user none 67dbus-user none
diff --git a/etc/profile-a-l/highlight.profile b/etc/profile-a-l/highlight.profile
index 0145f7ceb..97f190723 100644
--- a/etc/profile-a-l/highlight.profile
+++ b/etc/profile-a-l/highlight.profile
@@ -8,6 +8,9 @@ include globals.local
8 8
9blacklist ${RUNUSER} 9blacklist ${RUNUSER}
10 10
11# Allow lua (blacklisted by disable-interpreters.inc)
12include allow-lua.inc
13
11include disable-common.inc 14include disable-common.inc
12include disable-devel.inc 15include disable-devel.inc
13include disable-interpreters.inc 16include disable-interpreters.inc
diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile
index 354d3351e..2e4a95125 100644
--- a/etc/profile-m-z/nextcloud.profile
+++ b/etc/profile-m-z/nextcloud.profile
@@ -29,6 +29,7 @@ mkdir ${HOME}/.local/share/Nextcloud
29whitelist ${HOME}/Nextcloud 29whitelist ${HOME}/Nextcloud
30whitelist ${HOME}/.config/Nextcloud 30whitelist ${HOME}/.config/Nextcloud
31whitelist ${HOME}/.local/share/Nextcloud 31whitelist ${HOME}/.local/share/Nextcloud
32whitelist /usr/share/nextcloud
32# Add the next lines to your nextcloud.local to allow sync in more directories. 33# Add the next lines to your nextcloud.local to allow sync in more directories.
33#whitelist ${DOCUMENTS} 34#whitelist ${DOCUMENTS}
34#whitelist ${MUSIC} 35#whitelist ${MUSIC}
diff --git a/etc/profile-m-z/teams-for-linux.profile b/etc/profile-m-z/teams-for-linux.profile
index ee19bcd00..5711c1b36 100644
--- a/etc/profile-m-z/teams-for-linux.profile
+++ b/etc/profile-m-z/teams-for-linux.profile
@@ -11,6 +11,8 @@ ignore include disable-xdg.inc
11ignore include whitelist-runuser-common.inc 11ignore include whitelist-runuser-common.inc
12ignore include whitelist-usr-share-common.inc 12ignore include whitelist-usr-share-common.inc
13 13
14ignore noinput
15
14ignore dbus-user none 16ignore dbus-user none
15ignore dbus-system none 17ignore dbus-system none
16 18
diff --git a/etc/profile-m-z/teams.profile b/etc/profile-m-z/teams.profile
index c8d98cbaa..ad52ca45f 100644
--- a/etc/profile-m-z/teams.profile
+++ b/etc/profile-m-z/teams.profile
@@ -13,6 +13,8 @@ ignore include whitelist-usr-share-common.inc
13ignore novideo 13ignore novideo
14ignore private-tmp 14ignore private-tmp
15 15
16ignore novideo
17
16# see #3404 18# see #3404
17ignore apparmor 19ignore apparmor
18ignore dbus-user none 20ignore dbus-user none
diff --git a/etc/profile-m-z/telegram.profile b/etc/profile-m-z/telegram.profile
index dc1f77664..ce0119078 100644
--- a/etc/profile-m-z/telegram.profile
+++ b/etc/profile-m-z/telegram.profile
@@ -8,6 +8,9 @@ include globals.local
8noblacklist ${HOME}/.TelegramDesktop 8noblacklist ${HOME}/.TelegramDesktop
9noblacklist ${HOME}/.local/share/TelegramDesktop 9noblacklist ${HOME}/.local/share/TelegramDesktop
10 10
11# Allow opening hyperlinks
12include allow-bin-sh.inc
13
11include disable-common.inc 14include disable-common.inc
12include disable-devel.inc 15include disable-devel.inc
13include disable-exec.inc 16include disable-exec.inc
@@ -41,7 +44,7 @@ seccomp.block-secondary
41shell none 44shell none
42 45
43disable-mnt 46disable-mnt
44private-bin telegram,Telegram,telegram-desktop 47private-bin bash,sh,telegram,Telegram,telegram-desktop,xdg-open
45private-cache 48private-cache
46private-dev 49private-dev
47private-etc alsa,alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,localtime,machine-id,os-release,passwd,pki,pulse,resolv.conf,ssl,xdg 50private-etc alsa,alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,localtime,machine-id,os-release,passwd,pki,pulse,resolv.conf,ssl,xdg
diff --git a/etc/profile-m-z/tor-browser.profile b/etc/profile-m-z/tor-browser.profile
index 76a0e1fa5..13f422b0a 100644
--- a/etc/profile-m-z/tor-browser.profile
+++ b/etc/profile-m-z/tor-browser.profile
@@ -7,9 +7,12 @@ include tor-browser.local
7#include globals.local 7#include globals.local
8 8
9noblacklist ${HOME}/.tor-browser 9noblacklist ${HOME}/.tor-browser
10noblacklist ${HOME}/.local/opt/tor-browser
10 11
11mkdir ${HOME}/.tor-browser 12mkdir ${HOME}/.tor-browser
12whitelist ${HOME}/.tor-browser 13whitelist ${HOME}/.tor-browser
14mkdir ${HOME}/.local/opt/tor-browser
15whitelist ${HOME}/.local/opt/tor-browser
13 16
14# Redirect 17# Redirect
15include torbrowser-launcher.profile 18include torbrowser-launcher.profile
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-09 18:12:01 +0000