From 634cf3b49a4583439c30224b28f5965ffdb3178e Mon Sep 17 00:00:00 2001 From: rusty-snake Date: Fri, 17 Jan 2020 17:11:20 +0100 Subject: add 'blacklist ${RUNUSER}/wayland-*' to all profi… MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit …les with 'x11 none' --- etc/7z.profile | 2 ++ etc/ar.profile | 2 ++ etc/atool.profile | 2 ++ etc/audio-recorder.profile | 2 ++ etc/bsdtar.profile | 2 ++ etc/checkbashisms.profile | 2 ++ etc/clamav.profile | 2 ++ etc/cpio.profile | 2 ++ etc/dconf.profile | 2 ++ etc/ddgtk.profile | 2 ++ etc/devilspie.profile | 2 ++ etc/devilspie2.profile | 2 ++ etc/enchant.profile | 2 ++ etc/exiftool.profile | 2 ++ etc/file.profile | 2 ++ etc/gconf.profile | 2 ++ etc/gtk-update-icon-cache.profile | 2 ++ etc/gzip.profile | 2 ++ etc/hashcat.profile | 2 ++ etc/highlight.profile | 2 ++ etc/img2txt.profile | 2 ++ etc/less.profile | 2 ++ etc/mediainfo.profile | 2 ++ etc/mp3splt.profile | 2 ++ etc/nano.profile | 2 ++ etc/ncdu.profile | 2 ++ etc/odt2txt.profile | 2 ++ etc/pandoc.profile | 2 ++ etc/patch.profile | 2 ++ etc/pdftotext.profile | 2 ++ etc/pngquant.profile | 2 ++ etc/shellcheck.profile | 2 ++ etc/spectre-meltdown-checker.profile | 2 ++ etc/strings.profile | 2 ++ etc/tar.profile | 2 ++ etc/unf.profile | 2 ++ etc/unrar.profile | 2 ++ etc/unzip.profile | 2 ++ etc/uudeview.profile | 2 ++ etc/xzdec.profile | 2 ++ etc/zstd.profile | 2 ++ 41 files changed, 82 insertions(+) diff --git a/etc/7z.profile b/etc/7z.profile index 5ff02e1c0..b60bb9ee9 100644 --- a/etc/7z.profile +++ b/etc/7z.profile @@ -7,6 +7,8 @@ include 7z.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/ar.profile b/etc/ar.profile index 6b1fb830c..e28370450 100644 --- a/etc/ar.profile +++ b/etc/ar.profile @@ -7,6 +7,8 @@ include ar.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/atool.profile b/etc/atool.profile index fb75c8408..0250451fc 100644 --- a/etc/atool.profile +++ b/etc/atool.profile @@ -7,6 +7,8 @@ include atool.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + # Allow perl (blacklisted by disable-interpreters.inc) include allow-perl.inc diff --git a/etc/audio-recorder.profile b/etc/audio-recorder.profile index afd1033de..799405f1d 100644 --- a/etc/audio-recorder.profile +++ b/etc/audio-recorder.profile @@ -7,6 +7,8 @@ include audio-recorder.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${MUSIC} include disable-common.inc diff --git a/etc/bsdtar.profile b/etc/bsdtar.profile index 17c67ed26..5ce9b6406 100644 --- a/etc/bsdtar.profile +++ b/etc/bsdtar.profile @@ -6,6 +6,8 @@ include bsdtar.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc # include disable-devel.inc include disable-exec.inc diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile index c66776b9f..e15131dca 100644 --- a/etc/checkbashisms.profile +++ b/etc/checkbashisms.profile @@ -7,6 +7,8 @@ include checkbashisms.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} # Allow perl (blacklisted by disable-interpreters.inc) diff --git a/etc/clamav.profile b/etc/clamav.profile index 45e7723eb..51bc58108 100644 --- a/etc/clamav.profile +++ b/etc/clamav.profile @@ -7,6 +7,8 @@ include clamav.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-exec.inc caps.drop all diff --git a/etc/cpio.profile b/etc/cpio.profile index 17a765700..1156b7439 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile @@ -7,6 +7,8 @@ include cpio.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist /sbin noblacklist /usr/sbin diff --git a/etc/dconf.profile b/etc/dconf.profile index ebb362fb6..2ee573463 100644 --- a/etc/dconf.profile +++ b/etc/dconf.profile @@ -6,6 +6,8 @@ include dconf.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/ddgtk.profile b/etc/ddgtk.profile index ef65046e1..46386f09e 100644 --- a/etc/ddgtk.profile +++ b/etc/ddgtk.profile @@ -6,6 +6,8 @@ include ddgtk.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + # Allow python (blacklisted by disable-interpreters.inc) include allow-python2.inc include allow-python3.inc diff --git a/etc/devilspie.profile b/etc/devilspie.profile index 4a08ad5e2..b561787d8 100644 --- a/etc/devilspie.profile +++ b/etc/devilspie.profile @@ -6,6 +6,8 @@ include devilspie.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.devilspie include disable-common.inc diff --git a/etc/devilspie2.profile b/etc/devilspie2.profile index 2c1f7c9ac..0a1faf8d2 100644 --- a/etc/devilspie2.profile +++ b/etc/devilspie2.profile @@ -6,6 +6,8 @@ include devilspie2.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.config/devilspie2 # Allow lua (blacklisted by disable-interpreters.inc) diff --git a/etc/enchant.profile b/etc/enchant.profile index 82bd7174d..fa556c7d2 100644 --- a/etc/enchant.profile +++ b/etc/enchant.profile @@ -6,6 +6,8 @@ include enchant.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.config/enchant include disable-common.inc diff --git a/etc/exiftool.profile b/etc/exiftool.profile index e9c7d290a..9316a0585 100644 --- a/etc/exiftool.profile +++ b/etc/exiftool.profile @@ -6,6 +6,8 @@ include exiftool.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + # Allow perl (blacklisted by disable-interpreters.inc) include allow-perl.inc diff --git a/etc/file.profile b/etc/file.profile index 37c7ee9e7..9b21818f8 100644 --- a/etc/file.profile +++ b/etc/file.profile @@ -7,6 +7,8 @@ include file.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-exec.inc include disable-passwdmgr.inc diff --git a/etc/gconf.profile b/etc/gconf.profile index 25145c77d..f070e6944 100644 --- a/etc/gconf.profile +++ b/etc/gconf.profile @@ -6,6 +6,8 @@ include gconf.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.config/gconf # Allow python (blacklisted by disable-interpreters.inc) diff --git a/etc/gtk-update-icon-cache.profile b/etc/gtk-update-icon-cache.profile index fd35a563b..668a48f9a 100644 --- a/etc/gtk-update-icon-cache.profile +++ b/etc/gtk-update-icon-cache.profile @@ -7,6 +7,8 @@ include gtk-update-icon-cache.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/gzip.profile b/etc/gzip.profile index 48e495c60..1af15d227 100644 --- a/etc/gzip.profile +++ b/etc/gzip.profile @@ -7,6 +7,8 @@ include gzip.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. noblacklist /var/lib/pacman diff --git a/etc/hashcat.profile b/etc/hashcat.profile index da59984d7..b4d6d52f0 100644 --- a/etc/hashcat.profile +++ b/etc/hashcat.profile @@ -7,6 +7,8 @@ include hashcat.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.hashcat noblacklist /usr/include noblacklist ${DOCUMENTS} diff --git a/etc/highlight.profile b/etc/highlight.profile index 249d5cd17..036de8d99 100644 --- a/etc/highlight.profile +++ b/etc/highlight.profile @@ -6,6 +6,8 @@ include highlight.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-interpreters.inc diff --git a/etc/img2txt.profile b/etc/img2txt.profile index c17e82870..419da765d 100644 --- a/etc/img2txt.profile +++ b/etc/img2txt.profile @@ -5,6 +5,8 @@ include img2txt.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} noblacklist ${PICTURES} diff --git a/etc/less.profile b/etc/less.profile index 282b033a6..00624e0f1 100644 --- a/etc/less.profile +++ b/etc/less.profile @@ -7,6 +7,8 @@ include less.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.lesshst include disable-devel.inc diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index 00730c00b..fb8db3e3d 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile @@ -6,6 +6,8 @@ include mediainfo.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/mp3splt.profile b/etc/mp3splt.profile index 95173a890..7754d276b 100644 --- a/etc/mp3splt.profile +++ b/etc/mp3splt.profile @@ -6,6 +6,8 @@ include mp3splt.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${MUSIC} include disable-common.inc diff --git a/etc/nano.profile b/etc/nano.profile index af6fcc3fe..bc8c3dde0 100644 --- a/etc/nano.profile +++ b/etc/nano.profile @@ -7,6 +7,8 @@ include nano.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${HOME}/.config/nano noblacklist ${HOME}/.nanorc diff --git a/etc/ncdu.profile b/etc/ncdu.profile index 0d7915839..9fda6ebe0 100644 --- a/etc/ncdu.profile +++ b/etc/ncdu.profile @@ -6,6 +6,8 @@ include ncdu.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-exec.inc caps.drop all diff --git a/etc/odt2txt.profile b/etc/odt2txt.profile index 719753c87..c0c5b671c 100644 --- a/etc/odt2txt.profile +++ b/etc/odt2txt.profile @@ -6,6 +6,8 @@ include odt2txt.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} include disable-common.inc diff --git a/etc/pandoc.profile b/etc/pandoc.profile index 57b5d7e39..9a8d82a96 100644 --- a/etc/pandoc.profile +++ b/etc/pandoc.profile @@ -7,6 +7,8 @@ include pandoc.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} include disable-common.inc diff --git a/etc/patch.profile b/etc/patch.profile index 03f5a4b71..4a3365378 100644 --- a/etc/patch.profile +++ b/etc/patch.profile @@ -7,6 +7,8 @@ include patch.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} include disable-common.inc diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile index f8448f514..73ebf4615 100644 --- a/etc/pdftotext.profile +++ b/etc/pdftotext.profile @@ -6,6 +6,8 @@ include pdftotext.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} include disable-common.inc diff --git a/etc/pngquant.profile b/etc/pngquant.profile index 8c06cef1a..f9ce43c4c 100644 --- a/etc/pngquant.profile +++ b/etc/pngquant.profile @@ -7,6 +7,8 @@ include pngquant.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/shellcheck.profile b/etc/shellcheck.profile index d26096c77..f8744bdf8 100644 --- a/etc/shellcheck.profile +++ b/etc/shellcheck.profile @@ -7,6 +7,8 @@ include shellcheck.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${DOCUMENTS} include disable-common.inc diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile index 3306181e4..e27df4cc8 100644 --- a/etc/spectre-meltdown-checker.profile +++ b/etc/spectre-meltdown-checker.profile @@ -6,6 +6,8 @@ include spectre-meltdown-checker.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + noblacklist ${PATH}/mount noblacklist ${PATH}/umount diff --git a/etc/strings.profile b/etc/strings.profile index 52b762108..7dc453b1f 100644 --- a/etc/strings.profile +++ b/etc/strings.profile @@ -7,6 +7,8 @@ include strings.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + #include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/tar.profile b/etc/tar.profile index 455a370de..0858dcb26 100644 --- a/etc/tar.profile +++ b/etc/tar.profile @@ -7,6 +7,8 @@ include tar.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. noblacklist /var/lib/pacman diff --git a/etc/unf.profile b/etc/unf.profile index 1f0b2aa32..7687a1a53 100644 --- a/etc/unf.profile +++ b/etc/unf.profile @@ -7,6 +7,8 @@ include unf.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/unrar.profile b/etc/unrar.profile index 428173e7d..bf28746b0 100644 --- a/etc/unrar.profile +++ b/etc/unrar.profile @@ -7,6 +7,8 @@ include unrar.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/unzip.profile b/etc/unzip.profile index 60e447049..7882f2b63 100644 --- a/etc/unzip.profile +++ b/etc/unzip.profile @@ -7,6 +7,8 @@ include unzip.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + # GNOME Shell integration (chrome-gnome-shell) noblacklist ${HOME}/.local/share/gnome-shell diff --git a/etc/uudeview.profile b/etc/uudeview.profile index 60a7f0d20..bd2ee01d5 100644 --- a/etc/uudeview.profile +++ b/etc/uudeview.profile @@ -7,6 +7,8 @@ include uudeview.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/xzdec.profile b/etc/xzdec.profile index 93c288d6e..ca6aaf1d5 100644 --- a/etc/xzdec.profile +++ b/etc/xzdec.profile @@ -7,6 +7,8 @@ include xzdec.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc diff --git a/etc/zstd.profile b/etc/zstd.profile index ea7bbfb0d..93b849568 100644 --- a/etc/zstd.profile +++ b/etc/zstd.profile @@ -7,6 +7,8 @@ include zstd.local # Persistent global definitions include globals.local +blacklist ${RUNUSER}/wayland-* + include disable-common.inc include disable-devel.inc include disable-exec.inc -- cgit v1.2.3-54-g00ecf