Skip to content

Commit

Permalink
Revert "private-etc: big profile changes"
Browse files Browse the repository at this point in the history
This reverts commit 5d0822c and later
commits that touch the same files (which is necessary in order to revert
the commit in question).

There seems to be a non-trivial amount of changes done in error in the
big refactor from commit 5d0822c ("private-etc: big profile changes",
2023-02-05).  For example, there are profiles for CLI programs
(including man.profile) and servers that now contain the @X11 group:

    $ git grep -l '^private-etc .*@X11' -- etc
    # [...]
    etc/profile-a-l/email-common.profile:private-etc @tls-ca,@X11,gnupg,hosts.conf,mailname,timezone
    etc/profile-m-z/man.profile:private-etc @X11,groff,man_db.conf,manpath.config,sysless
    etc/profile-m-z/mutt.profile:private-etc @tls-ca,@X11,Mutt,Muttrc,Muttrc.d,gai.conf,gnupg,gnutls,hosts.conf,mail,mailname,nntpserver,terminfo
    etc/profile-m-z/neomutt.profile:private-etc @tls-ca,@X11,Mutt,Muttrc,Muttrc.d,gnupg,hosts.conf,mail,mailname,neomuttrc,neomuttrc.d,nntpserver
    etc/profile-m-z/nextcloud.profile:private-etc @tls-ca,@X11,Nextcloud,host.conf,os-release
    etc/profile-m-z/nodejs-common.profile:private-etc @tls-ca,@X11,host.conf,mime.types,rpc,services

Note: These are just the ones that I immediately noticed; it is possible
that there are many that I missed.

Part of the issue is that the groups appear to be inconsistent and
rather broad.  For exmaple, paths related to 3D graphics (vulkan) and
audio (openal) are in the @games group, which are not used only by games
and not all games use those standards/libraries.  As another example,
the @X11 group contains paths related to GTK, KDE and GPU hardware
acceleration, even though those are not necessarily tied to X11 (and
even though hardware acceleration may be used by headless programs).
Replacing the known paths with groups that are not very granular results
in loss of information about what exactly a profile actually needs and
so makes the profiles less self-documenting.  Note also that a given
path could potentially belong to multiple groups, which would preclude
using the "etc-cleanup" tool (in its current form at least), as it would
not know which is the correct group to replace the path with.

Command used to revert the changes:

    $ git revert \
      1be9bb3 \
      e889db0 \
      e6f2374 \
      acb0154 \
      740f502 \
      5649bd4 \
      2e4e9d1 \
      0f996ea \
      5d0822c

Note: This reverts commits from PRs netblue30#5641 netblue30#5642 netblue30#5643, most of which are
later re-applied.

Relates to netblue30#5610.
  • Loading branch information
kmk3 committed Feb 7, 2023
1 parent 45a641d commit 8de8cce
Show file tree
Hide file tree
Showing 326 changed files with 371 additions and 408 deletions.
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,6 @@ src/fcopy/fcopy
src/fldd/fldd
src/fbuilder/fbuilder
src/profstats/profstats
src/etc-cleanup/etc-cleanup
src/bash_completion/firejail.bash_completion
src/zsh_completion/_firejail
src/jailcheck/jailcheck
Expand Down
3 changes: 1 addition & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ endif

COMPLETIONDIRS = src/zsh_completion src/bash_completion

APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats src/jailcheck/jailcheck src/etc-cleanup/etc-cleanup
APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats src/jailcheck/jailcheck
SBOX_APPS = src/fbuilder/fbuilder src/ftee/ftee src/fids/fids
SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter src/fzenity/fzenity
SBOX_APPS_NON_DUMPABLE += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp
Expand Down Expand Up @@ -200,7 +200,6 @@ endif
install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS)
install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS)
install -m 0755 -t $(DESTDIR)$(libdir)/firejail src/profstats/profstats
install -m 0755 -t $(DESTDIR)$(libdir)/firejail src/etc-cleanup/etc-cleanup
# plugins w/o read permission (non-dumpable)
install -m 0711 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS_NON_DUMPABLE)
install -m 0711 -t $(DESTDIR)$(libdir)/firejail src/fshaper/fshaper.sh
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/1password.profile
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ noblacklist ${HOME}/.config/1Password
mkdir ${HOME}/.config/1Password
whitelist ${HOME}/.config/1Password

private-etc @tls-ca
private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,nsswitch.conf,pki,resolv.conf,ssl

# Needed for keychain things, talking to Firefox, possibly other things? Not sure how to narrow down
ignore dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/abiword.profile
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ tracelog
private-bin abiword
private-cache
private-dev
private-etc @x11
private-etc alternatives,fonts,gtk-3.0,ld.so.cache,ld.so.preload,passwd
private-tmp

# dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/agetpkg.profile
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ tracelog
private-bin agetpkg,python3
private-cache
private-dev
private-etc @tls-ca
private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/alacarte.profile
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ disable-mnt
# private-bin alacarte,bash,python*,sh
private-cache
private-dev
private-etc @tls-ca,@x11,mime.types
private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload,locale.alias,locale.conf,login.defs,mime.types,nsswitch.conf,passwd,pki,X11,xdg
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/alienarena.profile
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ disable-mnt
private-bin alienarena
private-cache
private-dev
private-etc @tls-ca,@x11,bumblebee,glvnd,host.conf,rpc,services
private-etc alsa,alternatives,asound.conf,bumblebee,ca-certificates,crypto-policies,drirc,fonts,glvnd,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,nsswitch.conf,nvidia,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,X11
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/alpine.profile
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,7 @@ disable-mnt
private-bin alpine
private-cache
private-dev
private-etc @tls-ca,@x11,c-client.cf,host.conf,krb5.keytab,mailcap,mime.types,pine.conf,pinerc.fixed,rpc,services,terminfo
private-etc alternatives,c-client.cf,ca-certificates,crypto-policies,host.conf,hostname,hosts,krb5.keytab,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mailcap,mime.types,nsswitch.conf,passwd,pine.conf,pinerc.fixed,pki,protocols,resolv.conf,rpc,services,ssl,terminfo,xdg
private-tmp
writable-run-user
writable-var
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/anki.profile
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ disable-mnt
private-bin anki,python*
private-cache
private-dev
private-etc @tls-ca,@x11
private-etc alternatives,ca-certificates,fonts,gtk-2.0,hostname,hosts,ld.so.cache,ld.so.preload,machine-id,pki,resolv.conf,ssl,Trolltech.conf
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/apostrophe.profile
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ disable-mnt
private-bin apostrophe,fmtutil,kpsewhich,mktexfmt,pandoc,pdftex,perl,python3*,sh,xdvipdfmx,xelatex,xetex
private-cache
private-dev
private-etc @x11,texlive
private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,pango,texlive,X11
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/aria2c.profile
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ private-bin aria2c,gzip
# Add 'private-cache' to your aria2c.local if you don't use Lutris/winetricks (see issue #2772).
#private-cache
private-dev
private-etc @tls-ca
private-etc alternatives,ca-certificates,crypto-policies,groups,ld.so.cache,ld.so.preload,login.defs,machine-id,nsswitch.conf,passwd,pki,resolv.conf,ssl
private-lib libreadline.so.*
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/arm.profile
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ tracelog
disable-mnt
private-bin arm,bash,ldconfig,lsof,ps,python*,sh,tor
private-dev
private-etc @tls-ca,tor
private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,passwd,pki,resolv.conf,ssl,tor
private-tmp

restrict-namespaces
2 changes: 1 addition & 1 deletion etc/profile-a-l/artha.profile
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ disable-mnt
private-bin artha,enchant,notify-send
private-cache
private-dev
private-etc
private-etc alternatives,fonts,ld.so.cache,ld.so.preload,machine-id
private-lib libnotify.so.*
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/atool.profile
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ include allow-perl.inc
noroot

# without login.defs atool complains and uses UID/GID 1000 by default
private-etc
private-etc alternatives,group,ld.so.cache,ld.so.preload,login.defs,passwd,resolv.conf
private-tmp

# Redirect
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/atril.profile
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ tracelog

private-bin 7z,7za,7zr,atril,atril-previewer,atril-thumbnailer,sh,tar,unrar,unzip,zipnote
private-dev
private-etc
private-etc alternatives,fonts,ld.so.cache,ld.so.preload
# atril uses webkit gtk to display epub files
# waiting for globbing support in private-lib; for now hardcoding it to webkit2gtk-4.0
#private-lib webkit2gtk-4.0 - problems on Arch with the new version of WebKit
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/audio-recorder.profile
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ tracelog
disable-mnt
# private-bin audio-recorder
private-cache
private-etc
private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/authenticator-rs.profile
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ disable-mnt
private-bin authenticator-rs
private-cache
private-dev
private-etc @tls-ca,@x11
private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl,xdg
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/authenticator.profile
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ seccomp
disable-mnt
# private-bin authenticator,python*
private-dev
private-etc @tls-ca
private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,pki,resolv.conf,ssl
private-tmp

# makes settings immutable
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/ballbuster.profile
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ disable-mnt
private-bin ballbuster
private-cache
private-dev
private-etc
private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,pulse
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/bibletime.profile
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ disable-mnt
# private-bin bibletime
private-cache
private-dev
private-etc @tls-ca,sword,sword.conf
private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,login.defs,machine-id,passwd,pki,resolv.conf,ssl,sword,sword.conf
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/bijiben.profile
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ disable-mnt
private-bin bijiben
# private-cache -- access to .cache/tracker is required
private-dev
private-etc @x11
private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/bitwarden.profile
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ no3d
nosound

?HAS_APPIMAGE: ignore private-dev
private-etc @tls-ca
private-etc alternatives,ca-certificates,crypto-policies,fonts,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,resolv.conf,ssl
private-opt Bitwarden

# Redirect
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/bless.profile
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ seccomp
# private-bin bash,bless,mono,sh
private-cache
private-dev
private-etc mono
private-etc alternatives,fonts,ld.so.cache,ld.so.preload,mono
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/blobby.profile
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ tracelog
disable-mnt
private-bin blobby
private-dev
private-etc @x11
private-etc alsa,alternatives,asound.conf,drirc,group,hosts,ld.so.cache,ld.so.preload,login.defs,machine-id,passwd,pulse
private-lib
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/blobwars.profile
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ disable-mnt
private-bin blobwars
private-cache
private-dev
private-etc
private-etc alternatives,ld.so.cache,ld.so.preload,machine-id
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/bsdtar.profile
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ include bsdtar.local
# Persistent global definitions
include globals.local

private-etc
private-etc alternatives,group,ld.so.cache,ld.so.preload,localtime,passwd

# Redirect
include archiver-common.profile
2 changes: 1 addition & 1 deletion etc/profile-a-l/cameramonitor.profile
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ tracelog
disable-mnt
private-bin cameramonitor,python*
private-cache
private-etc
private-etc alternatives,fonts,ld.so.cache,ld.so.preload
private-tmp

# dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/cargo.profile
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ noblacklist ${HOME}/.cargo/credentials.toml
#whitelist ${HOME}/.rustup

#private-bin cargo,rustc
private-etc @tls-ca,host.conf,magic,magic.mgc,rpc,services
private-etc alternatives,ca-certificates,crypto-policies,group,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,magic,magic.mgc,nsswitch.conf,passwd,pki,protocols,resolv.conf,rpc,services,ssl

memory-deny-write-execute

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/cawbird.profile
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ disable-mnt
private-bin cawbird
private-cache
private-dev
private-etc @tls-ca,@x11,host.conf,mime.types
private-etc alternatives,ca-certificates,crypto-policies,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,mime.types,nsswitch.conf,pki,resolv.conf,ssl,X11,xdg
private-tmp

# dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/celluloid.profile
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ tracelog

private-bin celluloid,env,gnome-mpv,python*,youtube-dl
private-cache
private-etc @tls-ca,@x11,libva.conf,pkcs11
private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.preload,libva.conf,localtime,machine-id,pkcs11,pki,resolv.conf,selinux,ssl,xdg
private-dev
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/chatterino.profile
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ private-bin chatterino,cvlc,env,ffmpeg,mpv,nvlc,pgrep,python*,qvlc,rvlc,streamli
# private-cache may cause issues with mpv (see #2838)
private-cache
private-dev
private-etc @tls-ca,@x11,dbus-1,rpc,services
private-etc alsa,alternatives,asound.conf,ca-certificates,dbus-1,fonts,hostname,hosts,kde4rc,kde5rc,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,nvidia,passwd,pulse,resolv.conf,rpc,services,ssl,Trolltech.conf,X11
private-srv none
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/cheese.profile
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ disable-mnt
private-bin cheese
private-cache
private-dev
private-etc @x11,clutter-1.0
private-etc alternatives,clutter-1.0,dconf,drirc,fonts,gtk-3.0,ld.so.cache,ld.so.preload
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/clawsker.profile
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ disable-mnt
private-bin bash,clawsker,perl,sh,which
private-cache
private-dev
private-etc
private-etc alternatives,fonts,ld.so.cache,ld.so.preload
private-lib girepository-1.*,libdbus-glib-1.so.*,libetpan.so.*,libgirepository-1.*,libgtk-3.so.*,libgtk-x11-2.0.so.*,libstartup-notification-1.so.*,perl*
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/cmus.profile
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,6 @@ protocol unix,inet,inet6
seccomp

private-bin cmus
private-etc @tls-ca
private-etc alternatives,asound.conf,ca-certificates,crypto-policies,group,ld.so.cache,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl

restrict-namespaces
2 changes: 1 addition & 1 deletion etc/profile-a-l/cointop.profile
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ disable-mnt
private-bin cointop
private-cache
private-dev
private-etc @tls-ca,host.conf,rpc,services
private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl
private-lib
private-tmp

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/colorful.profile
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ disable-mnt
private-bin colorful
private-cache
private-dev
private-etc
private-etc alsa,alternatives,asound.conf,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,pulse
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/com.github.bleakgrey.tootle.profile
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ disable-mnt
private-bin com.github.bleakgrey.tootle
private-cache
private-dev
private-etc @tls-ca,@x11,host.conf,mime.types
private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,gtk-2.0,gtk-3.0,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,machine-id mime.types,nsswitch.conf,pki,pulse,resolv.conf,ssl,X11,xdg
private-tmp

# Settings are immutable
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/com.github.dahenson.agenda.profile
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ disable-mnt
private-bin com.github.dahenson.agenda
private-cache
private-dev
private-etc @x11
private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/com.github.johnfactotum.Foliate.profile
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ disable-mnt
private-bin com.github.johnfactotum.Foliate,gjs
private-cache
private-dev
private-etc @x11,gconf
private-etc alternatives,dconf,fonts,gconf,gtk-3.0,ld.so.cache,ld.so.preload
private-tmp

read-only ${HOME}
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/com.github.phase1geo.minder.profile
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ disable-mnt
private-bin com.github.phase1geo.minder
private-cache
private-dev
private-etc @x11,mime.types
private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,pango,passwd,X11,xdg
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/com.github.tchx84.Flatseal.profile
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ disable-mnt
private-bin com.github.tchx84.Flatseal,gjs
private-cache
private-dev
private-etc @x11
private-etc alternatives,dconf,fonts,gtk-3.0,ld.so.cache,ld.so.preload
private-tmp

dbus-user filter
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/coyim.profile
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ tracelog
disable-mnt
private-cache
private-dev
private-etc @tls-ca
private-etc alternatives,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.preload,machine-id,pki,ssl
private-tmp

dbus-user none
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/crow.profile
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ seccomp
disable-mnt
private-bin crow
private-dev
private-etc @tls-ca,@x11
private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,ld.so.cache,ld.so.preload,machine-id,nsswitch.conf,pki,pulse,resolv.conf,ssl
private-opt none
private-tmp
private-srv none
Expand Down
Loading

0 comments on commit 8de8cce

Please sign in to comment.