From 37ac96c28ea502118d2bcdab88ed61a2567ef390 Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+Public@protonmail.com>
Date: Thu, 19 Dec 2019 15:42:50 +0100
Subject: fix seahorse-tool

---
 etc/seahorse-tool.profile |  4 ++--
 etc/seahorse.profile      | 12 +++++++-----
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/etc/seahorse-tool.profile b/etc/seahorse-tool.profile
index 4bf23c512..e2ec5185e 100644
--- a/etc/seahorse-tool.profile
+++ b/etc/seahorse-tool.profile
@@ -7,9 +7,9 @@ include seahorse-tool.local
 # added by included profile
 #include globals.local
 
+# private-etc workaround for: #2877
+private-etc passwd,firejail,login.defs
 private-tmp
 
-memory-deny-write-execute
-
 # Redirect
 include seahorse.profile
diff --git a/etc/seahorse.profile b/etc/seahorse.profile
index 6acf8aa5d..5a742d05f 100644
--- a/etc/seahorse.profile
+++ b/etc/seahorse.profile
@@ -20,17 +20,19 @@ include disable-passwdmgr.inc
 include disable-programs.inc
 include disable-xdg.inc
 
-mkdir ${HOME}/.gnupg
-mkdir ${HOME}/.ssh
-whitelist ${HOME}/.gnupg
-whitelist ${HOME}/.ssh
+# whitelisting in ${HOME} breaks file encryption feature of nautilus.
+# once #2882 is fixed this can be uncommented and nowhitelisted in seahorse-tool.profile
+#mkdir ${HOME}/.gnupg
+#mkdir ${HOME}/.ssh
+#whitelist ${HOME}/.gnupg
+#whitelist ${HOME}/.ssh
 whitelist /tmp/ssh-*
 whitelist /usr/share/gnupg
 whitelist /usr/share/gnupg2
 whitelist /usr/share/seahorse
 whitelist /usr/share/seahorse-nautilus
+#include whitelist-common.inc
 include whitelist-usr-share-common.inc
-include whitelist-common.inc
 include whitelist-var-common.inc
 
 apparmor
-- 
cgit v1.2.3-70-g09d2