From 4a40e2a5f2009cf282dd783e73e1fb860ac758ba Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Tue, 15 Dec 2020 19:05:54 +0000 Subject: Refactor archivers (#3820) * Create archiver-common.inc * add apparmor to archiver-common.inc * refactor 7z.profile * refactor ar.profile * refactor atool.profile * refactor bsdtar.profile * refactor cpio.profile * refactor gzip.profile * refactor tar.profile * refactor unrar.profile * refactor unzip.profile * refactor xzdec.profile * refactor zstd.profile * rewording * blacklist ${RUNUSER} in archiver-common.inc Thanks to @rusty-snake for suggesting this. * drop non-sensical ${RUNUSER}/wayland-* blacklisting in archiver-common.inc See discussion in https://github.com/netblue30/firejail/pull/3820#discussion_r543523343 --- etc/profile-m-z/unzip.profile | 34 ++-------------------------------- 1 file changed, 2 insertions(+), 32 deletions(-) (limited to 'etc/profile-m-z/unzip.profile') diff --git a/etc/profile-m-z/unzip.profile b/etc/profile-m-z/unzip.profile index e08511c12..30ee3ec12 100644 --- a/etc/profile-m-z/unzip.profile +++ b/etc/profile-m-z/unzip.profile @@ -7,42 +7,12 @@ include unzip.local # Persistent global definitions include globals.local -blacklist ${RUNUSER}/wayland-* - # GNOME Shell integration (chrome-gnome-shell) noblacklist ${HOME}/.local/share/gnome-shell -include disable-common.inc -include disable-devel.inc -include disable-exec.inc -include disable-interpreters.inc -include disable-passwdmgr.inc -include disable-programs.inc -include disable-shell.inc - -caps.drop all -hostname unzip -ipc-namespace -machine-id -net none -no3d -nodvd -#nogroups -nonewprivs +ignore nogroups noroot -nosound -notv -nou2f -novideo -protocol unix -seccomp -shell none -tracelog -x11 none +include archiver-common.inc private-bin unzip -private-dev private-etc alternatives,group,localtime,passwd - -dbus-user none -dbus-system none -- cgit v1.2.3-70-g09d2