From f11f2ff0e70b29b158d6778a8bef828c68038160 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:20:26 +0000 Subject: [PATCH 01/11] amarok: fix private-etc comment --- etc/profile-a-l/amarok.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/amarok.profile b/etc/profile-a-l/amarok.profile index 3171d738e20..389aae60296 100644 --- a/etc/profile-a-l/amarok.profile +++ b/etc/profile-a-l/amarok.profile @@ -30,7 +30,7 @@ protocol unix,inet,inet6 # private-bin amarok private-dev -# private-etc alternatives,asound.conf,ca-certificates,crypto-policies,machine-id,pki,pulse,ssl +# private-etc alternatives,asound.conf,ca-certificates,crypto-policies,machine-id,pki,pulse,resolv.conf,ssl private-tmp dbus-user filter From 22bff8639517d0fd8a5b06616621e3ab1e9f86d0 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:22:11 +0000 Subject: [PATCH 02/11] arm: fix networking --- etc/profile-a-l/arm.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/arm.profile b/etc/profile-a-l/arm.profile index db388eee124..ed0629c9b4a 100644 --- a/etc/profile-a-l/arm.profile +++ b/etc/profile-a-l/arm.profile @@ -42,7 +42,7 @@ tracelog disable-mnt private-bin arm,bash,ldconfig,lsof,ps,python*,sh,tor private-dev -private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,passwd,pki,ssl,tor +private-etc alternatives,ca-certificates,crypto-policies,ld.so.cache,ld.so.preload,passwd,pki,resolv.conf,ssl,tor private-tmp restrict-namespaces From 9ccf6ad0bb7e6f5a28bfe7faed59ce22ebf27a66 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:23:35 +0000 Subject: [PATCH 03/11] gmpc: fix networking --- etc/profile-a-l/gmpc.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/gmpc.profile b/etc/profile-a-l/gmpc.profile index d4e4caebe55..b337dc4d55c 100644 --- a/etc/profile-a-l/gmpc.profile +++ b/etc/profile-a-l/gmpc.profile @@ -43,7 +43,7 @@ tracelog disable-mnt #private-bin gmpc private-cache -private-etc alternatives,fonts,ld.so.cache,ld.so.preload +private-etc alternatives,fonts,ld.so.cache,ld.so.preload,resolv.conf private-tmp writable-run-user From 5c5fd8e2019afed54b594c12d4ab3d260472cae8 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:25:19 +0000 Subject: [PATCH 04/11] gnome-clocks: fix networking --- etc/profile-a-l/gnome-clocks.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-a-l/gnome-clocks.profile b/etc/profile-a-l/gnome-clocks.profile index 8af9870bf3c..5563afcbd15 100644 --- a/etc/profile-a-l/gnome-clocks.profile +++ b/etc/profile-a-l/gnome-clocks.profile @@ -41,7 +41,7 @@ disable-mnt private-bin gnome-clocks,gsound-play private-cache private-dev -private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,pkcs11,pki,ssl +private-etc alternatives,ca-certificates,crypto-policies,dconf,fonts,gtk-3.0,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,pkcs11,pki,resolv.conf,ssl private-tmp restrict-namespaces From 0996e3eea39e14920ead47cb0e7d70a2acba1a3c Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:27:45 +0000 Subject: [PATCH 05/11] mpDris2: fix networking --- etc/profile-m-z/mpDris2.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/mpDris2.profile b/etc/profile-m-z/mpDris2.profile index 1d875c3c4de..94b34286561 100644 --- a/etc/profile-m-z/mpDris2.profile +++ b/etc/profile-m-z/mpDris2.profile @@ -48,7 +48,7 @@ seccomp private-bin mpDris2,notify-send,python* private-cache private-dev -private-etc alternatives,hosts,ld.so.cache,ld.so.preload,nsswitch.conf +private-etc alternatives,hosts,ld.so.cache,ld.so.preload,nsswitch.conf,resolv.conf private-lib libdbus-1.so.*,libdbus-glib-1.so.*,libgirepository-1.0.so.*,libnotify.so.*,libpython*,python2*,python3* private-tmp From f8e074461d509dedc94ea155465721f2dd0a736c Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:29:20 +0000 Subject: [PATCH 06/11] netactview: fix networking --- etc/profile-m-z/netactview.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/netactview.profile b/etc/profile-m-z/netactview.profile index 4d5265397af..1ede4240531 100644 --- a/etc/profile-m-z/netactview.profile +++ b/etc/profile-m-z/netactview.profile @@ -44,7 +44,7 @@ disable-mnt private-bin netactview,netactview_polkit private-cache private-dev -private-etc alternatives,fonts,ld.so.cache,ld.so.preload +private-etc alternatives,fonts,ld.so.cache,ld.so.preload,resolv.conf private-lib private-tmp From d7d5390e5cbd7d701431dae2d2990005ac401015 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:30:56 +0000 Subject: [PATCH 07/11] pavucontrol: fix networking --- etc/profile-m-z/pavucontrol.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/pavucontrol.profile b/etc/profile-m-z/pavucontrol.profile index 88cfd335227..1780f982c77 100644 --- a/etc/profile-m-z/pavucontrol.profile +++ b/etc/profile-m-z/pavucontrol.profile @@ -44,7 +44,7 @@ disable-mnt private-bin pavucontrol private-cache private-dev -private-etc alternatives,asound.conf,avahi,fonts,ld.so.cache,ld.so.preload,machine-id,pulse +private-etc alternatives,asound.conf,avahi,fonts,ld.so.cache,ld.so.preload,machine-id,pulse,resolv.conf private-lib private-tmp From aaacf48b279b7ca011fb6426d3014b3f748c1767 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:32:11 +0000 Subject: [PATCH 08/11] qnapi: fix networking --- etc/profile-m-z/qnapi.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/qnapi.profile b/etc/profile-m-z/qnapi.profile index 037cc96ec58..cafdb98e927 100644 --- a/etc/profile-m-z/qnapi.profile +++ b/etc/profile-m-z/qnapi.profile @@ -46,7 +46,7 @@ tracelog private-bin 7z,qnapi private-cache private-dev -private-etc alternatives,fonts,ld.so.cache,ld.so.preload +private-etc alternatives,fonts,ld.so.cache,ld.so.preload,resolv.conf private-opt none private-tmp From 24181e6dbacc11943f2cb2b90fcad2fad0f3bf67 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:33:36 +0000 Subject: [PATCH 09/11] sqlitebrowser: fix networking --- etc/profile-m-z/sqlitebrowser.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/sqlitebrowser.profile b/etc/profile-m-z/sqlitebrowser.profile index b6eee52933a..00df625c0ce 100644 --- a/etc/profile-m-z/sqlitebrowser.profile +++ b/etc/profile-m-z/sqlitebrowser.profile @@ -41,7 +41,7 @@ seccomp.block-secondary private-bin sqlitebrowser private-cache private-dev -private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd,pki,ssl +private-etc alternatives,ca-certificates,crypto-policies,fonts,group,ld.so.cache,ld.so.preload,machine-id,passwd,pki,resolv.conf,ssl private-tmp # breaks proxy creation From 9c4e545fae8e6afef3fee029336bdf8c5f7ca0d9 Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:34:55 +0000 Subject: [PATCH 10/11] transgui: fix networking --- etc/profile-m-z/transgui.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/transgui.profile b/etc/profile-m-z/transgui.profile index 9937b7c11bd..6069be500c9 100644 --- a/etc/profile-m-z/transgui.profile +++ b/etc/profile-m-z/transgui.profile @@ -44,7 +44,7 @@ tracelog private-bin geoiplookup,geoiplookup6,transgui private-cache private-dev -private-etc alternatives,fonts,ld.so.cache,ld.so.preload +private-etc alternatives,fonts,ld.so.cache,ld.so.preload,resolv.conf private-lib libgdk_pixbuf-2.0.so.*,libGeoIP.so*,libgthread-2.0.so.*,libgtk-x11-2.0.so.*,libX11.so.* private-tmp From 11d6fa957a18e8cbc90f1c2468dd8dee8ed7f65b Mon Sep 17 00:00:00 2001 From: glitsj16 Date: Sat, 21 Jan 2023 14:37:25 +0000 Subject: [PATCH 11/11] wireshark: fix private-etc comment --- etc/profile-m-z/wireshark.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/wireshark.profile b/etc/profile-m-z/wireshark.profile index 5823a2ad789..d1b757a2545 100644 --- a/etc/profile-m-z/wireshark.profile +++ b/etc/profile-m-z/wireshark.profile @@ -47,7 +47,7 @@ private-cache # private-dev prevents (some) interfaces from being shown. # Add the below line to your wirehsark.local if you only want to inspect pcap files. #private-dev -# private-etc alternatives,ca-certificates,crypto-policies,fonts,group,hosts,machine-id,passwd,pki,ssl +# private-etc alternatives,ca-certificates,crypto-policies,fonts,group,hosts,machine-id,passwd,pki,resolv.conf,ssl private-tmp dbus-user none