From 2531759b80fbfcfbe296bd4bab329c61b7757c92 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Fri, 24 Feb 2023 20:37:35 -0500
Subject: more private-etc

---
 etc/profile-a-l/audacity.profile |  2 +-
 etc/profile-a-l/gimp.profile     |  2 +-
 etc/profile-a-l/iagno.profile    | 10 +++++++++-
 3 files changed, 11 insertions(+), 3 deletions(-)

(limited to 'etc/profile-a-l')

diff --git a/etc/profile-a-l/audacity.profile b/etc/profile-a-l/audacity.profile
index 392b189f8..c2a482b61 100644
--- a/etc/profile-a-l/audacity.profile
+++ b/etc/profile-a-l/audacity.profile
@@ -50,7 +50,7 @@ tracelog
 
 private-bin audacity
 private-dev
-private-etc @tls-ca,@x11
+private-etc @x11
 private-tmp
 
 # problems on Fedora 27
diff --git a/etc/profile-a-l/gimp.profile b/etc/profile-a-l/gimp.profile
index 717519112..6f350f8ac 100644
--- a/etc/profile-a-l/gimp.profile
+++ b/etc/profile-a-l/gimp.profile
@@ -59,7 +59,7 @@ seccomp !mbind
 tracelog
 
 private-dev
-private-etc @tls-ca,@x11,python*
+private-etc @x11,python*
 private-tmp
 
 dbus-user none
diff --git a/etc/profile-a-l/iagno.profile b/etc/profile-a-l/iagno.profile
index e16f3f1d5..82cba7887 100644
--- a/etc/profile-a-l/iagno.profile
+++ b/etc/profile-a-l/iagno.profile
@@ -13,6 +13,13 @@ include disable-interpreters.inc
 include disable-programs.inc
 include disable-shell.inc
 
+whitelist ${HOME}/.local/share/glib-2.0/schemas
+include whitelist-common.inc
+
+include whitelist-runuser-common.inc
+whitelist /usr/share/iagno
+whitelist /usr/share/gdm
+include whitelist-usr-share-common.inc
 include whitelist-var-common.inc
 
 apparmor
@@ -28,11 +35,12 @@ nou2f
 novideo
 protocol unix
 seccomp
+seccomp.block-secondary
 
 disable-mnt
-private
 private-bin iagno
 private-dev
+private-etc @x11,gconf
 private-tmp
 
 # dbus-user none
-- 
cgit v1.2.3-70-g09d2