From 76e0bc8fb9fb4c5d4540fe2a86798218786bc035 Mon Sep 17 00:00:00 2001
From: rusty-snake <print_hello_world+GitHub@protonmail.com>
Date: Thu, 7 Mar 2019 20:22:00 +0000
Subject: Harden gnome-clocks.profile (#2534)

* Harden gnome-clocks.profile

* Review #2534
---
 etc/gnome-clocks.profile | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/etc/gnome-clocks.profile b/etc/gnome-clocks.profile
index 83ece0fce..32a7ca918 100644
--- a/etc/gnome-clocks.profile
+++ b/etc/gnome-clocks.profile
@@ -6,7 +6,6 @@ include gnome-clocks.local
 # Persistent global definitions
 include globals.local
 
-
 include disable-common.inc
 include disable-devel.inc
 include disable-interpreters.inc
@@ -14,8 +13,10 @@ include disable-passwdmgr.inc
 include disable-programs.inc
 include disable-xdg.inc
 
+include whitelist-common.inc
 include whitelist-var-common.inc
 
+apparmor
 caps.drop all
 netfilter
 no3d
@@ -32,9 +33,10 @@ shell none
 tracelog
 
 disable-mnt
-# private-bin gnome-clocks
+private-bin gnome-clocks,gsound-play
+private-cache
 private-dev
-# private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies
+private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies,machine-id,hosts,pkcs11,localtime,gtk-3.0,dconf
 private-tmp
 
 noexec ${HOME}
-- 
cgit v1.2.3-70-g09d2