Skip to content

Commit

Permalink
profiles: replace x11 socket blacklist with include
Browse files Browse the repository at this point in the history
Replace all occurrences of `blacklist /tmp/.X11-unix` with
`include disable-X11.inc`, which blacklists more X11-related files.

Commands used to search and replace:

    $ git grep -Ilz '^blacklist /tmp/.X11-unix' -- \
      etc/profile*/*.profile | xargs -0 perl -0 -pi -e '\
      s/\nblacklist \/tmp\/.X11-unix\n/\n/; \
      s/(\ninclude disable-xdg.inc\n)/\ninclude disable-X11.inc$1/; \
      s/(\ninclude disable-[^Xx\n]+\n)(\n|# )/$1include disable-X11.inc\n$2/'

Note: The following files were also edited manually:

* etc/profile-a-l/erd.profile
* etc/profile-a-l/gconf-editor.profile
* etc/profile-a-l/links-common.profile
* etc/profile-m-z/termshark.profile
* etc/profile-m-z/tmux.profile
* etc/profile-m-z/tshark.profile

Relates to #4462 #4854.
  • Loading branch information
kmk3 committed Mar 23, 2024
1 parent 8330e79 commit e47861b
Show file tree
Hide file tree
Showing 49 changed files with 52 additions and 51 deletions.
2 changes: 1 addition & 1 deletion etc/profile-a-l/agetpkg.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include agetpkg.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

# Allow python (blacklisted by disable-interpreters.inc)
Expand All @@ -20,6 +19,7 @@ include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

whitelist ${DOWNLOADS}
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/alpine.profile
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,6 @@ noblacklist ${HOME}/.pinercex
noblacklist ${HOME}/.signature
noblacklist ${HOME}/mail

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
Expand All @@ -39,6 +38,7 @@ include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

#whitelist ${DOCUMENTS}
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/aria2c.profile
Original file line number Diff line number Diff line change
Expand Up @@ -11,14 +11,14 @@ noblacklist ${HOME}/.cache/winetricks # XXX: See #5238
noblacklist ${HOME}/.config/aria2
noblacklist ${HOME}/.netrc

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc

include whitelist-usr-share-common.inc
include whitelist-var-common.inc
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/bpftop.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include bpftop.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist /usr/libexec
blacklist ${RUNUSER}

Expand All @@ -18,6 +17,7 @@ include disable-interpreters.inc
include disable-proc.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

include whitelist-common.inc
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/cloneit.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include cloneit.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist /usr/libexec
blacklist ${RUNUSER}

Expand All @@ -18,6 +17,7 @@ include disable-interpreters.inc
include disable-proc.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

include whitelist-run-common.inc
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/curl.profile
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ noblacklist ${HOME}/.config/curlrc # since curl 7.73.0
noblacklist ${HOME}/.curl-hsts
noblacklist ${HOME}/.curlrc

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}

# If you use nvm, add the below lines to your curl.local
Expand All @@ -26,6 +25,7 @@ blacklist ${RUNUSER}
include disable-common.inc
include disable-exec.inc
include disable-programs.inc
include disable-X11.inc
# Depending on workflow you can add 'include disable-xdg.inc' to your curl.local.
#include disable-xdg.inc

Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/dbus-send.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include dbus-send.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
Expand All @@ -17,6 +16,7 @@ include disable-interpreters.inc
include disable-programs.inc
include disable-shell.inc
include disable-write-mnt.inc
include disable-X11.inc
include disable-xdg.inc

#include whitelist-common.inc # see #903
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/deadlink.profile
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ include deadlink.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist /usr/libexec
blacklist ${RUNUSER}

Expand All @@ -23,6 +22,7 @@ include disable-interpreters.inc
include disable-proc.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

include whitelist-run-common.inc
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/dexios.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include dexios.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist /usr/libexec
blacklist ${RUNUSER}

Expand All @@ -18,6 +17,7 @@ include disable-interpreters.inc
include disable-proc.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

whitelist ${DOWNLOADS}
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/dig.profile
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,14 @@ include globals.local
noblacklist ${HOME}/.digrc
noblacklist ${PATH}/dig

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}

include disable-common.inc
#include disable-devel.inc
include disable-exec.inc
#include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

#mkfile ${HOME}/.digrc # see #903
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/dnscrypt-proxy.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include dnscrypt-proxy.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

noblacklist /sbin
Expand All @@ -18,6 +17,7 @@ include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

whitelist /usr/share/dnscrypt-proxy
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/dnsmasq.profile
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,13 @@ noblacklist /sbin
noblacklist /usr/sbin
noblacklist /var/lib/libvirt

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}

include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

whitelist /var/lib/libvirt/dnsmasq
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/drill.profile
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,14 @@ include globals.local

noblacklist ${PATH}/drill

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}

include disable-common.inc
#include disable-devel.inc
include disable-exec.inc
#include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

#include whitelist-common.inc # see #903
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/editorconfiger.profile
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@ include editorconfiger.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist /usr/libexec
blacklist ${RUNUSER}

Expand All @@ -17,6 +16,7 @@ include disable-interpreters.inc
include disable-proc.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

apparmor
Expand Down
3 changes: 1 addition & 2 deletions etc/profile-a-l/erd.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,8 @@ include erd.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix

include disable-exec.inc
#include disable-X11.inc # x11 none

apparmor
caps.drop all
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/fdns.profile
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@ include globals.local
noblacklist /sbin
noblacklist /usr/sbin

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

#include whitelist-usr-share-common.inc
Expand Down
4 changes: 2 additions & 2 deletions etc/profile-a-l/gconf-editor.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ include gconf-editor.local
# added by included profile
#include globals.local

blacklist /tmp/.X11-unix

whitelist /usr/share/gconf-editor

ignore x11 none

ignore memory-deny-write-execute

include disable-X11.inc

# Redirect
include gconf.profile
2 changes: 1 addition & 1 deletion etc/profile-a-l/gget.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include gget.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}

include disable-common.inc
Expand All @@ -16,6 +15,7 @@ include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

whitelist ${DOWNLOADS}
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/gist.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include gist.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

noblacklist ${HOME}/.gist
Expand All @@ -20,6 +19,7 @@ include disable-devel.inc
include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

mkdir ${HOME}/.gist
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/git.profile
Original file line number Diff line number Diff line change
Expand Up @@ -28,12 +28,12 @@ ignore rmenv GITHUB_ENTERPRISE_TOKEN
# Allow ssh (blacklisted by disable-common.inc)
include allow-ssh.inc

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
include disable-exec.inc
include disable-programs.inc
include disable-X11.inc

whitelist /usr/share/git
whitelist /usr/share/git-core
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/gnome-keyring-daemon.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include gnome-keyring-daemon.local
# Persistent global definitions
include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
Expand All @@ -16,6 +15,7 @@ include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
#include disable-X11.inc # x11 none
include disable-X11.inc
include disable-xdg.inc

whitelist ${RUNUSER}/gnupg
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/googler-common.profile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ include googler-common.local
# added by caller profile
#include globals.local

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}

noblacklist ${HOME}/.w3m
Expand All @@ -23,6 +22,7 @@ include disable-exec.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-shell.inc
include disable-X11.inc
include disable-xdg.inc

whitelist ${HOME}/.w3m
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/gpg-agent.profile
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ include globals.local

noblacklist ${HOME}/.gnupg

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

mkdir ${HOME}/.gnupg
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/gpg.profile
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,13 @@ include globals.local

noblacklist ${HOME}/.gnupg

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
include disable-devel.inc
include disable-interpreters.inc
include disable-programs.inc
include disable-X11.inc

whitelist ${RUNUSER}/gnupg
whitelist ${RUNUSER}/keyring
Expand Down
2 changes: 1 addition & 1 deletion etc/profile-a-l/links-common.profile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@ include links-common.local

# common profile for links browsers

blacklist /tmp/.X11-unix
blacklist ${RUNUSER}/wayland-*

include disable-common.inc
Expand All @@ -14,6 +13,7 @@ include disable-interpreters.inc
# Additional noblacklist files/directories (blacklisted in disable-programs.inc)
# used as associated programs can be added in your links-common.local.
include disable-programs.inc
include disable-X11.inc
include disable-xdg.inc

whitelist ${DOWNLOADS}
Expand Down
Loading

0 comments on commit e47861b

Please sign in to comment.