diff --git a/etc/inc/disable-X11.inc b/etc/inc/disable-X11.inc index d227c7a0bc7..9f2bb47aec4 100644 --- a/etc/inc/disable-X11.inc +++ b/etc/inc/disable-X11.inc @@ -2,14 +2,7 @@ # Persistent customizations should go in a .local file. include disable-X11.local -blacklist /tmp/.X11-unix -blacklist ${HOME}/.Xauthority -blacklist ${RUNUSER}/gdm/Xauthority -blacklist ${RUNUSER}/.mutter-Xwaylandauth* -blacklist ${RUNUSER}/xauth_* -#blacklist ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] -blacklist /tmp/xauth* -blacklist /tmp/.ICE-unix -blacklist ${RUNUSER}/ICEauthority -rmenv DISPLAY -rmenv XAUTHORITY +# Warning: This file is deprecated; use disable-x11.inc (lowercase) instead. + +# Redirect +include disable-x11.inc diff --git a/etc/inc/disable-x11.inc b/etc/inc/disable-x11.inc new file mode 100644 index 00000000000..d78329046d8 --- /dev/null +++ b/etc/inc/disable-x11.inc @@ -0,0 +1,15 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include disable-x11.local + +blacklist /tmp/.X11-unix +blacklist ${HOME}/.Xauthority +blacklist ${RUNUSER}/gdm/Xauthority +blacklist ${RUNUSER}/.mutter-Xwaylandauth* +blacklist ${RUNUSER}/xauth_* +#blacklist ${RUNUSER}/[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]]-[[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]][[:xdigit:]] +blacklist /tmp/xauth* +blacklist /tmp/.ICE-unix +blacklist ${RUNUSER}/ICEauthority +rmenv DISPLAY +rmenv XAUTHORITY diff --git a/etc/profile-a-l/agetpkg.profile b/etc/profile-a-l/agetpkg.profile index e455a17dbcb..1bf954e3a4d 100644 --- a/etc/profile-a-l/agetpkg.profile +++ b/etc/profile-a-l/agetpkg.profile @@ -19,7 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${DOWNLOADS} diff --git a/etc/profile-a-l/alpine.profile b/etc/profile-a-l/alpine.profile index 2ded329592e..7ff2058a522 100644 --- a/etc/profile-a-l/alpine.profile +++ b/etc/profile-a-l/alpine.profile @@ -38,7 +38,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #whitelist ${DOCUMENTS} diff --git a/etc/profile-a-l/aria2c.profile b/etc/profile-a-l/aria2c.profile index 0d70cf3811c..a3add6a4d8c 100644 --- a/etc/profile-a-l/aria2c.profile +++ b/etc/profile-a-l/aria2c.profile @@ -18,7 +18,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc diff --git a/etc/profile-a-l/bpftop.profile b/etc/profile-a-l/bpftop.profile index 8c64a77c678..d7a3612d59e 100644 --- a/etc/profile-a-l/bpftop.profile +++ b/etc/profile-a-l/bpftop.profile @@ -17,7 +17,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/build-systems-common.profile b/etc/profile-a-l/build-systems-common.profile index 8616996d2be..9761efc72b7 100644 --- a/etc/profile-a-l/build-systems-common.profile +++ b/etc/profile-a-l/build-systems-common.profile @@ -25,7 +25,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #whitelist ${HOME}/Projects diff --git a/etc/profile-a-l/clac.profile b/etc/profile-a-l/clac.profile index cd2b2522d64..7a8104b63d4 100644 --- a/etc/profile-a-l/clac.profile +++ b/etc/profile-a-l/clac.profile @@ -16,7 +16,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -#include disable-X11.inc # x11 none +#include disable-x11.inc # x11 none include disable-xdg.inc #include whitelist-common.inc # see #903 diff --git a/etc/profile-a-l/cloneit.profile b/etc/profile-a-l/cloneit.profile index 445ef4890e9..b203c5e12f9 100644 --- a/etc/profile-a-l/cloneit.profile +++ b/etc/profile-a-l/cloneit.profile @@ -17,7 +17,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-run-common.inc diff --git a/etc/profile-a-l/cointop.profile b/etc/profile-a-l/cointop.profile index aa053e2f750..fa30331e184 100644 --- a/etc/profile-a-l/cointop.profile +++ b/etc/profile-a-l/cointop.profile @@ -17,7 +17,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.config/cointop diff --git a/etc/profile-a-l/curl.profile b/etc/profile-a-l/curl.profile index 1d9ec5fa458..9044e9ac092 100644 --- a/etc/profile-a-l/curl.profile +++ b/etc/profile-a-l/curl.profile @@ -25,7 +25,7 @@ blacklist ${RUNUSER} include disable-common.inc include disable-exec.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc # Depending on workflow you can add 'include disable-xdg.inc' to your curl.local. #include disable-xdg.inc diff --git a/etc/profile-a-l/daisy.profile b/etc/profile-a-l/daisy.profile index 40b29a1f533..c6e6164146e 100644 --- a/etc/profile-a-l/daisy.profile +++ b/etc/profile-a-l/daisy.profile @@ -15,7 +15,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -#include disable-X11.inc # x11 none +#include disable-x11.inc # x11 none include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-a-l/dbus-send.profile b/etc/profile-a-l/dbus-send.profile index 3a552b92956..b54724aa52b 100644 --- a/etc/profile-a-l/dbus-send.profile +++ b/etc/profile-a-l/dbus-send.profile @@ -16,7 +16,7 @@ include disable-interpreters.inc include disable-programs.inc include disable-shell.inc include disable-write-mnt.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #include whitelist-common.inc # see #903 diff --git a/etc/profile-a-l/deadlink.profile b/etc/profile-a-l/deadlink.profile index f7535c5977d..8f35290db55 100644 --- a/etc/profile-a-l/deadlink.profile +++ b/etc/profile-a-l/deadlink.profile @@ -22,7 +22,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-run-common.inc diff --git a/etc/profile-a-l/dexios.profile b/etc/profile-a-l/dexios.profile index 55d6c83cea5..04f6f129604 100644 --- a/etc/profile-a-l/dexios.profile +++ b/etc/profile-a-l/dexios.profile @@ -17,7 +17,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${DOWNLOADS} diff --git a/etc/profile-a-l/dig.profile b/etc/profile-a-l/dig.profile index 80eef569c8f..6a00475f9b8 100644 --- a/etc/profile-a-l/dig.profile +++ b/etc/profile-a-l/dig.profile @@ -17,7 +17,7 @@ include disable-common.inc include disable-exec.inc #include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #mkfile ${HOME}/.digrc # see #903 diff --git a/etc/profile-a-l/dnscrypt-proxy.profile b/etc/profile-a-l/dnscrypt-proxy.profile index e27fa202ba9..49d201d7691 100644 --- a/etc/profile-a-l/dnscrypt-proxy.profile +++ b/etc/profile-a-l/dnscrypt-proxy.profile @@ -17,7 +17,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist /usr/share/dnscrypt-proxy diff --git a/etc/profile-a-l/dnsmasq.profile b/etc/profile-a-l/dnsmasq.profile index b41eff3aebc..2ce980cb112 100644 --- a/etc/profile-a-l/dnsmasq.profile +++ b/etc/profile-a-l/dnsmasq.profile @@ -17,7 +17,7 @@ include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist /var/lib/libvirt/dnsmasq diff --git a/etc/profile-a-l/drill.profile b/etc/profile-a-l/drill.profile index 95e86e5b95f..2205f52a0a4 100644 --- a/etc/profile-a-l/drill.profile +++ b/etc/profile-a-l/drill.profile @@ -16,7 +16,7 @@ include disable-common.inc include disable-exec.inc #include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #include whitelist-common.inc # see #903 diff --git a/etc/profile-a-l/editorconfiger.profile b/etc/profile-a-l/editorconfiger.profile index a921ae2d560..012d833bf45 100644 --- a/etc/profile-a-l/editorconfiger.profile +++ b/etc/profile-a-l/editorconfiger.profile @@ -16,7 +16,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc apparmor diff --git a/etc/profile-a-l/erd.profile b/etc/profile-a-l/erd.profile index d821f5882e8..e72b75e75ec 100644 --- a/etc/profile-a-l/erd.profile +++ b/etc/profile-a-l/erd.profile @@ -8,7 +8,7 @@ include erd.local include globals.local include disable-exec.inc -#include disable-X11.inc # x11 none +#include disable-x11.inc # x11 none apparmor caps.drop all diff --git a/etc/profile-a-l/fdns.profile b/etc/profile-a-l/fdns.profile index cacd7025db0..2d956f5a463 100644 --- a/etc/profile-a-l/fdns.profile +++ b/etc/profile-a-l/fdns.profile @@ -15,7 +15,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #include whitelist-usr-share-common.inc diff --git a/etc/profile-a-l/ftp.profile b/etc/profile-a-l/ftp.profile index f448ab93227..e133deba217 100644 --- a/etc/profile-a-l/ftp.profile +++ b/etc/profile-a-l/ftp.profile @@ -17,7 +17,7 @@ include disable-proc.inc include disable-programs.inc #include disable-shell.inc include disable-write-mnt.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc apparmor diff --git a/etc/profile-a-l/gget.profile b/etc/profile-a-l/gget.profile index e0268a68c91..eff215381d2 100644 --- a/etc/profile-a-l/gget.profile +++ b/etc/profile-a-l/gget.profile @@ -15,7 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${DOWNLOADS} diff --git a/etc/profile-a-l/gist.profile b/etc/profile-a-l/gist.profile index c7be8dcc5db..4dff73c5449 100644 --- a/etc/profile-a-l/gist.profile +++ b/etc/profile-a-l/gist.profile @@ -19,7 +19,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.gist diff --git a/etc/profile-a-l/git.profile b/etc/profile-a-l/git.profile index a900e10f31d..f2fd63e1baa 100644 --- a/etc/profile-a-l/git.profile +++ b/etc/profile-a-l/git.profile @@ -33,7 +33,7 @@ blacklist ${RUNUSER}/wayland-* include disable-common.inc include disable-exec.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc whitelist /usr/share/git whitelist /usr/share/git-core diff --git a/etc/profile-a-l/gnome-keyring-daemon.profile b/etc/profile-a-l/gnome-keyring-daemon.profile index 0370b04728a..b8c51991c78 100644 --- a/etc/profile-a-l/gnome-keyring-daemon.profile +++ b/etc/profile-a-l/gnome-keyring-daemon.profile @@ -14,8 +14,8 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -#include disable-X11.inc # x11 none -include disable-X11.inc +#include disable-x11.inc # x11 none +include disable-x11.inc include disable-xdg.inc whitelist ${RUNUSER}/gnupg diff --git a/etc/profile-a-l/googler-common.profile b/etc/profile-a-l/googler-common.profile index e1ec5f4b97e..823228612ae 100644 --- a/etc/profile-a-l/googler-common.profile +++ b/etc/profile-a-l/googler-common.profile @@ -22,7 +22,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${HOME}/.w3m diff --git a/etc/profile-a-l/gpg-agent.profile b/etc/profile-a-l/gpg-agent.profile index 29249cf2107..102a4ef2496 100644 --- a/etc/profile-a-l/gpg-agent.profile +++ b/etc/profile-a-l/gpg-agent.profile @@ -15,7 +15,7 @@ include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.gnupg diff --git a/etc/profile-a-l/gpg.profile b/etc/profile-a-l/gpg.profile index 02dd3b07642..6becc80ebe4 100644 --- a/etc/profile-a-l/gpg.profile +++ b/etc/profile-a-l/gpg.profile @@ -15,7 +15,7 @@ include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc whitelist ${RUNUSER}/gnupg whitelist ${RUNUSER}/keyring diff --git a/etc/profile-a-l/links-common.profile b/etc/profile-a-l/links-common.profile index 4bab6b0cc45..fd0aab879db 100644 --- a/etc/profile-a-l/links-common.profile +++ b/etc/profile-a-l/links-common.profile @@ -13,7 +13,7 @@ include disable-interpreters.inc # Additional noblacklist files/directories (blacklisted in disable-programs.inc) # used as associated programs can be added in your links-common.local. include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${DOWNLOADS} diff --git a/etc/profile-a-l/lynx.profile b/etc/profile-a-l/lynx.profile index 2c61147ec56..233bdafb633 100644 --- a/etc/profile-a-l/lynx.profile +++ b/etc/profile-a-l/lynx.profile @@ -13,7 +13,7 @@ include disable-common.inc include disable-devel.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-runuser-common.inc diff --git a/etc/profile-m-z/makepkg.profile b/etc/profile-m-z/makepkg.profile index 3bda47fad1e..a13e7b3e961 100644 --- a/etc/profile-m-z/makepkg.profile +++ b/etc/profile-m-z/makepkg.profile @@ -32,7 +32,7 @@ noblacklist /var/lib/pacman include disable-common.inc include disable-exec.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc caps.drop all ipc-namespace diff --git a/etc/profile-m-z/mimetype.profile b/etc/profile-m-z/mimetype.profile index 4b62624bbbe..6d9af90cb06 100644 --- a/etc/profile-m-z/mimetype.profile +++ b/etc/profile-m-z/mimetype.profile @@ -11,7 +11,7 @@ blacklist ${RUNUSER}/wayland-* include disable-exec.inc include disable-proc.inc -include disable-X11.inc +include disable-x11.inc apparmor caps.drop all diff --git a/etc/profile-m-z/mocp.profile b/etc/profile-m-z/mocp.profile index d80e263b6e4..18e7331f3bc 100644 --- a/etc/profile-m-z/mocp.profile +++ b/etc/profile-m-z/mocp.profile @@ -18,7 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-proc.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.moc diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index 447301d4611..0f43a9335c3 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile @@ -50,7 +50,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.Mail diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index 22720422be9..4101e74ee29 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile @@ -48,7 +48,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.Mail diff --git a/etc/profile-m-z/nodejs-common.profile b/etc/profile-m-z/nodejs-common.profile index f301196c6ea..43fafc3de78 100644 --- a/etc/profile-m-z/nodejs-common.profile +++ b/etc/profile-m-z/nodejs-common.profile @@ -39,7 +39,7 @@ include disable-common.inc include disable-exec.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc # If you want whitelisting, change ${HOME}/Projects below to your node projects directory diff --git a/etc/profile-m-z/nslookup.profile b/etc/profile-m-z/nslookup.profile index aae506b0b25..5313d2906de 100644 --- a/etc/profile-m-z/nslookup.profile +++ b/etc/profile-m-z/nslookup.profile @@ -16,7 +16,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${HOME}/.nslookuprc diff --git a/etc/profile-m-z/ping.profile b/etc/profile-m-z/ping.profile index c3aa0a5013d..785de68cbc4 100644 --- a/etc/profile-m-z/ping.profile +++ b/etc/profile-m-z/ping.profile @@ -15,7 +15,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-proc.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #include whitelist-common.inc # see #903 diff --git a/etc/profile-m-z/qpdf.profile b/etc/profile-m-z/qpdf.profile index edec7cf0ae3..a5b65aa8eef 100644 --- a/etc/profile-m-z/qpdf.profile +++ b/etc/profile-m-z/qpdf.profile @@ -18,7 +18,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist ${DOCUMENTS} diff --git a/etc/profile-m-z/rsync-download_only.profile b/etc/profile-m-z/rsync-download_only.profile index 52ccb4309a1..12724a07737 100644 --- a/etc/profile-m-z/rsync-download_only.profile +++ b/etc/profile-m-z/rsync-download_only.profile @@ -19,7 +19,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc # Add the next line to your rsync-download_only.local to enable extra hardening. diff --git a/etc/profile-m-z/rtv.profile b/etc/profile-m-z/rtv.profile index e719b0d0de2..5219f73f643 100644 --- a/etc/profile-m-z/rtv.profile +++ b/etc/profile-m-z/rtv.profile @@ -27,7 +27,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.config/rtv diff --git a/etc/profile-m-z/seahorse-daemon.profile b/etc/profile-m-z/seahorse-daemon.profile index b3ead71919c..f409b1930d6 100644 --- a/etc/profile-m-z/seahorse-daemon.profile +++ b/etc/profile-m-z/seahorse-daemon.profile @@ -9,7 +9,7 @@ include seahorse-daemon.local #include globals.local blacklist ${RUNUSER}/wayland-* -include disable-X11.inc +include disable-x11.inc memory-deny-write-execute diff --git a/etc/profile-m-z/server.profile b/etc/profile-m-z/server.profile index a77cf7e0b7d..a2978ab1902 100644 --- a/etc/profile-m-z/server.profile +++ b/etc/profile-m-z/server.profile @@ -44,7 +44,7 @@ include disable-common.inc #include disable-interpreters.inc include disable-programs.inc include disable-write-mnt.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc #include whitelist-runuser-common.inc diff --git a/etc/profile-m-z/signal-cli.profile b/etc/profile-m-z/signal-cli.profile index 979d71b3339..67bb45141d5 100644 --- a/etc/profile-m-z/signal-cli.profile +++ b/etc/profile-m-z/signal-cli.profile @@ -17,7 +17,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.local/share/signal-cli diff --git a/etc/profile-m-z/ssh-agent.profile b/etc/profile-m-z/ssh-agent.profile index 6630244becd..97ddfd29253 100644 --- a/etc/profile-m-z/ssh-agent.profile +++ b/etc/profile-m-z/ssh-agent.profile @@ -13,7 +13,7 @@ blacklist ${RUNUSER}/wayland-* include disable-common.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/ssmtp.profile b/etc/profile-m-z/ssmtp.profile index 356a732e76a..8e2c21498c7 100644 --- a/etc/profile-m-z/ssmtp.profile +++ b/etc/profile-m-z/ssmtp.profile @@ -24,7 +24,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkfile ${HOME}/dead.letter diff --git a/etc/profile-m-z/statusof.profile b/etc/profile-m-z/statusof.profile index 25c8df6800d..b81eac9aca1 100644 --- a/etc/profile-m-z/statusof.profile +++ b/etc/profile-m-z/statusof.profile @@ -20,7 +20,7 @@ include disable-interpreters.inc include disable-proc.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-common.inc diff --git a/etc/profile-m-z/telnet.profile b/etc/profile-m-z/telnet.profile index 13a47c9588b..ec27b89a805 100644 --- a/etc/profile-m-z/telnet.profile +++ b/etc/profile-m-z/telnet.profile @@ -17,7 +17,7 @@ include disable-proc.inc include disable-programs.inc #include disable-shell.inc include disable-write-mnt.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc apparmor diff --git a/etc/profile-m-z/termshark.profile b/etc/profile-m-z/termshark.profile index bdee14e6401..64f52cf6d6d 100644 --- a/etc/profile-m-z/termshark.profile +++ b/etc/profile-m-z/termshark.profile @@ -10,7 +10,7 @@ include termshark.local blacklist ${RUNUSER} -include disable-X11.inc +include disable-x11.inc # Redirect include wireshark.profile diff --git a/etc/profile-m-z/tin.profile b/etc/profile-m-z/tin.profile index 7c1d534e9e0..865735a7925 100644 --- a/etc/profile-m-z/tin.profile +++ b/etc/profile-m-z/tin.profile @@ -18,7 +18,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.tin diff --git a/etc/profile-m-z/tmux.profile b/etc/profile-m-z/tmux.profile index 55d84a61827..a846b7f0251 100644 --- a/etc/profile-m-z/tmux.profile +++ b/etc/profile-m-z/tmux.profile @@ -15,7 +15,7 @@ noblacklist /tmp/tmux-* #include disable-devel.inc #include disable-exec.inc #include disable-programs.inc -include disable-X11.inc +include disable-x11.inc caps.drop all ipc-namespace diff --git a/etc/profile-m-z/tracker.profile b/etc/profile-m-z/tracker.profile index 8a34644966d..d7de4310f68 100644 --- a/etc/profile-m-z/tracker.profile +++ b/etc/profile-m-z/tracker.profile @@ -15,7 +15,7 @@ include disable-devel.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include whitelist-runuser-common.inc diff --git a/etc/profile-m-z/tshark.profile b/etc/profile-m-z/tshark.profile index fab45a334d5..8e57de6cba0 100644 --- a/etc/profile-m-z/tshark.profile +++ b/etc/profile-m-z/tshark.profile @@ -9,7 +9,7 @@ include tshark.local blacklist ${RUNUSER} -include disable-X11.inc +include disable-x11.inc # Redirect include wireshark.profile diff --git a/etc/profile-m-z/tvnamer.profile b/etc/profile-m-z/tvnamer.profile index 24439672a4c..29a83e89b71 100644 --- a/etc/profile-m-z/tvnamer.profile +++ b/etc/profile-m-z/tvnamer.profile @@ -23,7 +23,7 @@ include disable-interpreters.inc include disable-programs.inc include disable-proc.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.config/tvnamer diff --git a/etc/profile-m-z/unbound.profile b/etc/profile-m-z/unbound.profile index dfce92e2d77..c12054d47f5 100644 --- a/etc/profile-m-z/unbound.profile +++ b/etc/profile-m-z/unbound.profile @@ -16,7 +16,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc whitelist /usr/share/dns diff --git a/etc/profile-m-z/w3m.profile b/etc/profile-m-z/w3m.profile index 4e2f1bb3e44..6c8d84ea43f 100644 --- a/etc/profile-m-z/w3m.profile +++ b/etc/profile-m-z/w3m.profile @@ -28,7 +28,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc mkdir ${HOME}/.w3m diff --git a/etc/profile-m-z/wget.profile b/etc/profile-m-z/wget.profile index 90a1d3d7a72..dacfd739e23 100644 --- a/etc/profile-m-z/wget.profile +++ b/etc/profile-m-z/wget.profile @@ -23,7 +23,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc # Depending on workflow you can add the next line to your wget.local. #include disable-xdg.inc diff --git a/etc/profile-m-z/whois.profile b/etc/profile-m-z/whois.profile index e7f66cf760f..42ce3bc5cf9 100644 --- a/etc/profile-m-z/whois.profile +++ b/etc/profile-m-z/whois.profile @@ -14,7 +14,7 @@ include disable-devel.inc include disable-exec.inc include disable-interpreters.inc include disable-programs.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/profile-m-z/yt-dlp.profile b/etc/profile-m-z/yt-dlp.profile index 6dd9d03a385..41cf907bd9b 100644 --- a/etc/profile-m-z/yt-dlp.profile +++ b/etc/profile-m-z/yt-dlp.profile @@ -37,7 +37,7 @@ include disable-exec.inc include disable-interpreters.inc include disable-programs.inc include disable-shell.inc -include disable-X11.inc +include disable-x11.inc include disable-xdg.inc include whitelist-usr-share-common.inc diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 29ea55439b4..347cbeb3c00 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template @@ -120,7 +120,7 @@ include globals.local #include disable-programs.inc #include disable-shell.inc #include disable-write-mnt.inc -#include disable-X11.inc +#include disable-x11.inc #include disable-xdg.inc # This section often mirrors noblacklist section above. The idea is @@ -181,7 +181,7 @@ include globals.local #seccomp.block-secondary ##seccomp-error-action log (only for debugging seccomp issues) #tracelog -# Prefer 'x11 none' instead of 'disable-X11.inc' if 'net none' is set +# Prefer 'x11 none' instead of 'disable-x11.inc' if 'net none' is set ##x11 none #disable-mnt