From 93be5901928bb48f0bea31f8b0b5955ffb5cb235 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Thu, 19 Mar 2020 14:12:06 -0400
Subject: various profile fixes

---
 etc/catfish.profile     | 1 +
 etc/lrzuntar.profile    | 1 +
 etc/lzcat.profile       | 1 +
 etc/lzcmp.profile       | 1 +
 etc/lzegrep.profile     | 1 +
 etc/lzfgrep.profile     | 1 +
 etc/lzgrep.profile      | 1 +
 etc/lzip.profile        | 1 +
 etc/lzless.profile      | 1 +
 etc/lzma.profile        | 1 +
 etc/lzmainfo.profile    | 1 +
 etc/lzmore.profile      | 1 +
 etc/tuxguitar.profile   | 2 ++
 etc/unlzma.profile      | 1 +
 etc/unxz.profile        | 1 +
 etc/xfce4-dict.profile  | 3 +++
 etc/xfce4-notes.profile | 3 +++
 etc/xxd.profile         | 3 ++-
 etc/xz.profile          | 1 +
 etc/xzcat.profile       | 1 +
 etc/xzcmp.profile       | 1 +
 etc/xzdiff.profile      | 1 +
 etc/xzegrep.profile     | 1 +
 etc/xzfgrep.profile     | 1 +
 etc/xzmore.profile      | 1 +
 etc/zathura.profile     | 4 +++-
 26 files changed, 34 insertions(+), 2 deletions(-)

diff --git a/etc/catfish.profile b/etc/catfish.profile
index c6c2d7e8a..577391c5d 100644
--- a/etc/catfish.profile
+++ b/etc/catfish.profile
@@ -24,6 +24,7 @@ include disable-passwdmgr.inc
 whitelist /var/lib/mlocate
 include whitelist-var-common.inc
 
+apparmor
 caps.drop all
 net none
 no3d
diff --git a/etc/lrzuntar.profile b/etc/lrzuntar.profile
index 245d1c669..17215a5d7 100644
--- a/etc/lrzuntar.profile
+++ b/etc/lrzuntar.profile
@@ -7,6 +7,7 @@ include lrzuntar.local
 # Persistent global definitions
 # added by included profile
 #include globals.local
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzcat.profile b/etc/lzcat.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzcat.profile
+++ b/etc/lzcat.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzcmp.profile b/etc/lzcmp.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzcmp.profile
+++ b/etc/lzcmp.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzegrep.profile b/etc/lzegrep.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzegrep.profile
+++ b/etc/lzegrep.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzfgrep.profile b/etc/lzfgrep.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzfgrep.profile
+++ b/etc/lzfgrep.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzgrep.profile b/etc/lzgrep.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzgrep.profile
+++ b/etc/lzgrep.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzip.profile b/etc/lzip.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzip.profile
+++ b/etc/lzip.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzless.profile b/etc/lzless.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzless.profile
+++ b/etc/lzless.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzma.profile b/etc/lzma.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzma.profile
+++ b/etc/lzma.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzmainfo.profile b/etc/lzmainfo.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzmainfo.profile
+++ b/etc/lzmainfo.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/lzmore.profile b/etc/lzmore.profile
index f7410b928..d9c72407f 100644
--- a/etc/lzmore.profile
+++ b/etc/lzmore.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/tuxguitar.profile b/etc/tuxguitar.profile
index ae868a022..d2b13d9ee 100644
--- a/etc/tuxguitar.profile
+++ b/etc/tuxguitar.profile
@@ -15,6 +15,7 @@ include allow-java.inc
 
 include disable-common.inc
 include disable-devel.inc
+include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
@@ -22,6 +23,7 @@ include disable-xdg.inc
 
 include whitelist-var-common.inc
 
+apparmor
 caps.drop all
 netfilter
 no3d
diff --git a/etc/unlzma.profile b/etc/unlzma.profile
index f7410b928..d9c72407f 100644
--- a/etc/unlzma.profile
+++ b/etc/unlzma.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/unxz.profile b/etc/unxz.profile
index f7410b928..d9c72407f 100644
--- a/etc/unxz.profile
+++ b/etc/unxz.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xfce4-dict.profile b/etc/xfce4-dict.profile
index bc499bd30..a3e0c4633 100644
--- a/etc/xfce4-dict.profile
+++ b/etc/xfce4-dict.profile
@@ -15,6 +15,9 @@ include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
 
+include whitelist-var-common.inc
+
+apparmor
 caps.drop all
 netfilter
 no3d
diff --git a/etc/xfce4-notes.profile b/etc/xfce4-notes.profile
index 4dad1bf7a..c3d0930ff 100644
--- a/etc/xfce4-notes.profile
+++ b/etc/xfce4-notes.profile
@@ -17,6 +17,9 @@ include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
 
+include whitelist-var-common.inc
+
+apparmor
 caps.drop all
 netfilter
 no3d
diff --git a/etc/xxd.profile b/etc/xxd.profile
index 569f194d3..864e8ce9c 100644
--- a/etc/xxd.profile
+++ b/etc/xxd.profile
@@ -1,6 +1,7 @@
 # Firejail profile for xxd
 # Description: Tool to make (or reverse) a hex dump
 # This file is overwritten after every install/update
+quiet
 # Persistent local customizations
 include xxd.local
 # Persistent global definitions
@@ -8,4 +9,4 @@ include xxd.local
 #include globals.local
 
 # Redirect
-include vim.profile
+include cpio.profile
diff --git a/etc/xz.profile b/etc/xz.profile
index f7410b928..d9c72407f 100644
--- a/etc/xz.profile
+++ b/etc/xz.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xzcat.profile b/etc/xzcat.profile
index f7410b928..d9c72407f 100644
--- a/etc/xzcat.profile
+++ b/etc/xzcat.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xzcmp.profile b/etc/xzcmp.profile
index f7410b928..d9c72407f 100644
--- a/etc/xzcmp.profile
+++ b/etc/xzcmp.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xzdiff.profile b/etc/xzdiff.profile
index f7410b928..d9c72407f 100644
--- a/etc/xzdiff.profile
+++ b/etc/xzdiff.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xzegrep.profile b/etc/xzegrep.profile
index f7410b928..d9c72407f 100644
--- a/etc/xzegrep.profile
+++ b/etc/xzegrep.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xzfgrep.profile b/etc/xzfgrep.profile
index f7410b928..d9c72407f 100644
--- a/etc/xzfgrep.profile
+++ b/etc/xzfgrep.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/xzmore.profile b/etc/xzmore.profile
index f7410b928..d9c72407f 100644
--- a/etc/xzmore.profile
+++ b/etc/xzmore.profile
@@ -1,6 +1,7 @@
 # Firejail profile alias for cpio
 # Description: Library and command line tools for XZ and LZMA compressed files
 # This file is overwritten after every install/update
+quiet
 
 # Redirect
 include cpio.profile
diff --git a/etc/zathura.profile b/etc/zathura.profile
index 703c8edd4..9ca5fd862 100644
--- a/etc/zathura.profile
+++ b/etc/zathura.profile
@@ -25,6 +25,7 @@ whitelist /usr/share/zathura
 include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
 
+apparmor
 caps.drop all
 ipc-namespace
 machine-id
@@ -47,7 +48,8 @@ private-bin zathura
 private-cache
 private-dev
 private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id
-private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,libarchive.so.*,libdjvulibre.so.*,libgirara-gtk*,libpoppler-glib.so.*,libspectre.so.*,zathura
+# private-lib has problems on Debian 10
+#private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,libarchive.so.*,libdjvulibre.so.*,libgirara-gtk*,libpoppler-glib.so.*,libspectre.so.*,zathura
 private-tmp
 
 read-only ${HOME}
-- 
cgit v1.2.3-54-g00ecf