From ce41919d3683440db76045c023b1b3c4741d3e5f Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 15 Jun 2019 03:52:47 +0000 Subject: Refactoring as whitelist profile (#2773) * Refactor artha as whitelist profile * Refactor clipit as whitelist profile * Refactor devilspie as whitelist profile * Refactor devilspie2 as whitelist profile * Refactor exfalso as whitelist profile * Refactor pavucontrol as whitelist profile * Refactor pdftotext as whitelist profile * Refactor redshift as whitelist profile * Refactor soundconverter as whitelist profile --- etc/artha.profile | 7 +++++++ etc/clipit.profile | 7 +++++++ etc/devilspie.profile | 5 +++++ etc/devilspie2.profile | 5 +++++ etc/exfalso.profile | 8 ++++++++ etc/pavucontrol.profile | 3 +++ etc/pdftotext.profile | 2 ++ etc/redshift.profile | 3 +++ etc/soundconverter.profile | 7 +++++-- 9 files changed, 45 insertions(+), 2 deletions(-) (limited to 'etc') diff --git a/etc/artha.profile b/etc/artha.profile index 8ef5124de..f4fd0d201 100644 --- a/etc/artha.profile +++ b/etc/artha.profile @@ -16,6 +16,13 @@ include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc +mkdir ${HOME}/.config/artha.conf +mkdir ${HOME}/.config/enchant +whitelist ${HOME}/.config/artha.conf +whitelist ${HOME}/.config/enchant +include whitelist-common.inc +include whitelist-var-common.inc + apparmor caps.drop all ipc-namespace diff --git a/etc/clipit.profile b/etc/clipit.profile index 6e4d3fbaf..44cda0665 100644 --- a/etc/clipit.profile +++ b/etc/clipit.profile @@ -17,6 +17,13 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.config/clipit +mkdir ${HOME}/.local/share/clipit +whitelist ${HOME}/.config/clipit +whitelist ${HOME}/.local/share/clipit +include whitelist-common.inc +include whitelist-var-common.inc + apparmor caps.drop all ipc-namespace diff --git a/etc/devilspie.profile b/etc/devilspie.profile index 2d100c4b0..ca617983d 100644 --- a/etc/devilspie.profile +++ b/etc/devilspie.profile @@ -16,6 +16,11 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.devilspie +whitelist ${HOME}/.devilspie +include whitelist-common.inc +include whitelist-var-common.inc + apparmor caps.drop all ipc-namespace diff --git a/etc/devilspie2.profile b/etc/devilspie2.profile index 9d67ee76e..74b0dc939 100644 --- a/etc/devilspie2.profile +++ b/etc/devilspie2.profile @@ -19,6 +19,11 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.config/devilspie2 +whitelist ${HOME}/.config/devilspie2 +include whitelist-common.inc +include whitelist-var-common.inc + apparmor caps.drop all ipc-namespace diff --git a/etc/exfalso.profile b/etc/exfalso.profile index ff6398b94..b5eda059f 100644 --- a/etc/exfalso.profile +++ b/etc/exfalso.profile @@ -13,6 +13,9 @@ noblacklist ${MUSIC} include allow-python2.inc include allow-python3.inc +whitelist ${DOWNLOADS} +whitelist ${MUSIC} + include disable-common.inc include disable-devel.inc include disable-exec.inc @@ -21,6 +24,11 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.quodlibet +whitelist ${HOME}/.quodlibet +include whitelist-common.inc +include whitelist-var-common.inc + caps.drop all machine-id netfilter diff --git a/etc/pavucontrol.profile b/etc/pavucontrol.profile index 18b9b7fc6..3fd4f3668 100644 --- a/etc/pavucontrol.profile +++ b/etc/pavucontrol.profile @@ -16,6 +16,9 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.config/pavucontrol.ini +whitelist ${HOME}/.config/pavucontrol.ini +include whitelist-common.inc include whitelist-var-common.inc apparmor diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile index 85e28372e..87d7a87f1 100644 --- a/etc/pdftotext.profile +++ b/etc/pdftotext.profile @@ -16,6 +16,8 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +whitelist ${DOCUMENTS} +whitelist ${DOWNLOADS} include whitelist-var-common.inc caps.drop all diff --git a/etc/redshift.profile b/etc/redshift.profile index e60877172..0f6d34ed0 100644 --- a/etc/redshift.profile +++ b/etc/redshift.profile @@ -18,6 +18,9 @@ include disable-interpreters.inc include disable-programs.inc include disable-xdg.inc +mkdir ${HOME}/.config/redshift +whitelist ${HOME}/.config/redshift +whitelist ${HOME}/.config/redshift.conf include whitelist-var-common.inc apparmor diff --git a/etc/soundconverter.profile b/etc/soundconverter.profile index d875146de..efd600eb2 100644 --- a/etc/soundconverter.profile +++ b/etc/soundconverter.profile @@ -6,12 +6,12 @@ include soundconverter.local # Persistent global definitions include globals.local -noblacklist ${MUSIC} - # Allow python (blacklisted by disable-interpreters.inc) include allow-python2.inc include allow-python3.inc +noblacklist ${MUSIC} + include disable-common.inc include disable-devel.inc include disable-exec.inc @@ -20,6 +20,9 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc +whitelist ${DOWNLOADS} +whitelist ${MUSIC} +include whitelist-common.inc include whitelist-var-common.inc apparmor -- cgit v1.2.3-54-g00ecf