From 311c697e367a7c340e9421354025164bc94c76b6 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:15:51 +0000 Subject: Rename etc/inc/archiver-common.inc to etc/profile-a-l/archiver-common.profile --- etc/inc/archiver-common.inc | 57 --------------------------------- etc/profile-a-l/archiver-common.profile | 57 +++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 57 deletions(-) delete mode 100644 etc/inc/archiver-common.inc create mode 100644 etc/profile-a-l/archiver-common.profile diff --git a/etc/inc/archiver-common.inc b/etc/inc/archiver-common.inc deleted file mode 100644 index 74b0b6ef6..000000000 --- a/etc/inc/archiver-common.inc +++ /dev/null @@ -1,57 +0,0 @@ -# This file is overwritten during software install. -# Persistent customizations should go in a .local file. -include archiver-common.local - -# common profile for archiver/compression tools - -blacklist ${RUNUSER} - -# WARNING: Users can (un)restrict file access for **all** archivers by -# commenting/uncommenting the needed include file(s) here or by putting those -# into archiver-common.local. -# -# Another option is to do this **per archiver** in the relevant -# .local. Just beware that things tend to break when overtightening -# profiles. For example, because you only need to (un)compress files in -# ${DOWNLOADS}, other applications may need access to ${HOME}/.local/share. - -# Uncomment the next line (or put it into your archiver-common.local) if you -# don't need to compress files in disable-common.inc. -#include disable-common.inc -include disable-devel.inc -include disable-exec.inc -include disable-interpreters.inc -include disable-passwdmgr.inc -# Uncomment the next line (or put it into your archiver-common.local) if you -# don't need to compress files in disable-programs.inc. -#include disable-programs.inc -include disable-shell.inc - -apparmor -caps.drop all -hostname archiver -ipc-namespace -machine-id -net none -no3d -nodvd -nogroups -nonewprivs -#noroot -nosound -notv -nou2f -novideo -protocol unix -seccomp -shell none -tracelog -x11 none - -private-cache -private-dev - -dbus-user none -dbus-system none - -memory-deny-write-execute diff --git a/etc/profile-a-l/archiver-common.profile b/etc/profile-a-l/archiver-common.profile new file mode 100644 index 000000000..74b0b6ef6 --- /dev/null +++ b/etc/profile-a-l/archiver-common.profile @@ -0,0 +1,57 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include archiver-common.local + +# common profile for archiver/compression tools + +blacklist ${RUNUSER} + +# WARNING: Users can (un)restrict file access for **all** archivers by +# commenting/uncommenting the needed include file(s) here or by putting those +# into archiver-common.local. +# +# Another option is to do this **per archiver** in the relevant +# .local. Just beware that things tend to break when overtightening +# profiles. For example, because you only need to (un)compress files in +# ${DOWNLOADS}, other applications may need access to ${HOME}/.local/share. + +# Uncomment the next line (or put it into your archiver-common.local) if you +# don't need to compress files in disable-common.inc. +#include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +# Uncomment the next line (or put it into your archiver-common.local) if you +# don't need to compress files in disable-programs.inc. +#include disable-programs.inc +include disable-shell.inc + +apparmor +caps.drop all +hostname archiver +ipc-namespace +machine-id +net none +no3d +nodvd +nogroups +nonewprivs +#noroot +nosound +notv +nou2f +novideo +protocol unix +seccomp +shell none +tracelog +x11 none + +private-cache +private-dev + +dbus-user none +dbus-system none + +memory-deny-write-execute -- cgit v1.2.3-54-g00ecf From b91293a56cef580551abcefb7af5a3a8a96c5043 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:17:34 +0000 Subject: rename archiver-common.inc --- etc/profile-a-l/7z.profile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/profile-a-l/7z.profile b/etc/profile-a-l/7z.profile index b2294c070..0d31255ad 100644 --- a/etc/profile-a-l/7z.profile +++ b/etc/profile-a-l/7z.profile @@ -7,8 +7,8 @@ include 7z.local # Persistent global definitions include globals.local -# Included in archiver-common.inc +# Included in archiver-common.profile ignore include disable-shell.inc # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 34017f645b7b24c5ce36cac7ba5bc39324a875e8 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:19:05 +0000 Subject: rename archiver-common.inc --- etc/profile-a-l/ar.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/ar.profile b/etc/profile-a-l/ar.profile index f99934e66..5a20a8181 100644 --- a/etc/profile-a-l/ar.profile +++ b/etc/profile-a-l/ar.profile @@ -8,4 +8,4 @@ include ar.local include globals.local # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 6dda6a60c0efda16ea411694ef0206a775daf4e1 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:20:17 +0000 Subject: rename archiver-common.inc --- etc/profile-a-l/atool.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/atool.profile b/etc/profile-a-l/atool.profile index 6e0ecb012..e377de2c8 100644 --- a/etc/profile-a-l/atool.profile +++ b/etc/profile-a-l/atool.profile @@ -17,4 +17,4 @@ private-etc alternatives,group,login.defs,passwd private-tmp # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 3fd23ca50408f76b07f9cb09a1dc5471c7b1fa64 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:21:32 +0000 Subject: rename archiver-common.inc --- etc/profile-a-l/bsdtar.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/bsdtar.profile b/etc/profile-a-l/bsdtar.profile index fb4f643c8..d731a6a6e 100644 --- a/etc/profile-a-l/bsdtar.profile +++ b/etc/profile-a-l/bsdtar.profile @@ -9,4 +9,4 @@ include globals.local private-etc alternatives,group,localtime,passwd # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From ff0ff4ce785d902c99c94ccdbbe85d2184a470dd Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:22:52 +0000 Subject: rename archiver-common.inc --- etc/profile-a-l/cpio.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/cpio.profile b/etc/profile-a-l/cpio.profile index 0e0299655..bdc4f21a6 100644 --- a/etc/profile-a-l/cpio.profile +++ b/etc/profile-a-l/cpio.profile @@ -11,4 +11,4 @@ noblacklist /sbin noblacklist /usr/sbin # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From d31a4c4df2292d003974f9a849576c1e06f5e771 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:24:20 +0000 Subject: rename archiver-common.inc --- etc/profile-a-l/gzip.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/gzip.profile b/etc/profile-a-l/gzip.profile index 035c6459c..b261c16f4 100644 --- a/etc/profile-a-l/gzip.profile +++ b/etc/profile-a-l/gzip.profile @@ -12,4 +12,4 @@ include globals.local noblacklist /var/lib/pacman # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From f39f53c3d0421755b0aee6661d82a3302122f448 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:26:07 +0000 Subject: rename archiver-common.inc --- etc/profile-m-z/tar.profile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etc/profile-m-z/tar.profile b/etc/profile-m-z/tar.profile index 9d7a23d43..0d3a900e9 100644 --- a/etc/profile-m-z/tar.profile +++ b/etc/profile-m-z/tar.profile @@ -7,7 +7,7 @@ include tar.local # Persistent global definitions include globals.local -# Included in archiver-common.inc +# Included in archiver-common.profile ignore include disable-shell.inc # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop @@ -20,4 +20,4 @@ private-etc alternatives,group,localtime,login.defs,passwd writable-var # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 068acd973e1b195603cceef560d00dd99ec0854f Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:27:30 +0000 Subject: rename archiver-common.inc --- etc/profile-m-z/unrar.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/unrar.profile b/etc/profile-m-z/unrar.profile index 65f1a425a..9d3d9b40e 100644 --- a/etc/profile-m-z/unrar.profile +++ b/etc/profile-m-z/unrar.profile @@ -12,4 +12,4 @@ private-etc alternatives,group,localtime,passwd private-tmp # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 4ae78560106a0db8314ef88d649c2b6af0e754e9 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:28:32 +0000 Subject: rename archiver-common.inc --- etc/profile-m-z/unzip.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index c94416b87..0231e3dba 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile @@ -13,4 +13,4 @@ noblacklist ${HOME}/.local/share/gnome-shell private-etc alternatives,group,localtime,passwd # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 651faa071c58be437d453a66de2b641fb92e0911 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:29:40 +0000 Subject: rename archiver-common.inc --- etc/profile-m-z/xzdec.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/xzdec.profile b/etc/profile-m-z/xzdec.profile index c5e8d1631..79f71f2fd 100644 --- a/etc/profile-m-z/xzdec.profile +++ b/etc/profile-m-z/xzdec.profile @@ -8,4 +8,4 @@ include xzdec.local include globals.local # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf From 44fa67ff1a0f19ebcf3dc90a7b80daa3ff1b456c Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 2 Mar 2021 09:30:41 +0000 Subject: rename archiver-common.inc --- etc/profile-m-z/zstd.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/zstd.profile b/etc/profile-m-z/zstd.profile index 07a75f97f..faeb5c5c5 100644 --- a/etc/profile-m-z/zstd.profile +++ b/etc/profile-m-z/zstd.profile @@ -8,4 +8,4 @@ include zstd.local include globals.local # Redirect -include archiver-common.inc +include archiver-common.profile -- cgit v1.2.3-54-g00ecf