diff --git a/etc/profile-a-l/anki.profile b/etc/profile-a-l/anki.profile index 442b5a481..2d0bfcb6c 100644 --- a/etc/profile-a-l/anki.profile +++ b/etc/profile-a-l/anki.profile @@ -49,7 +49,7 @@ disable-mnt private-bin anki,python* private-cache private-dev -private-etc @tls-ca,@x11,Trolltech.conf +private-etc @tls-ca,@x11 private-tmp dbus-user none diff --git a/etc/profile-a-l/celluloid.profile b/etc/profile-a-l/celluloid.profile index f06ac3b01..7b0f7bdf0 100644 --- a/etc/profile-a-l/celluloid.profile +++ b/etc/profile-a-l/celluloid.profile @@ -52,7 +52,7 @@ tracelog private-bin celluloid,env,gnome-mpv,python*,youtube-dl private-cache -private-etc @tls-ca,@x11,libva.conf,pkcs11,selinux +private-etc @tls-ca,@x11,libva.conf,pkcs11 private-dev private-tmp diff --git a/etc/profile-a-l/chatterino.profile b/etc/profile-a-l/chatterino.profile index ed3153ec7..2df03b10b 100644 --- a/etc/profile-a-l/chatterino.profile +++ b/etc/profile-a-l/chatterino.profile @@ -70,7 +70,7 @@ private-bin chatterino,cvlc,env,ffmpeg,mpv,nvlc,pgrep,python*,qvlc,rvlc,streamli # private-cache may cause issues with mpv (see #2838) private-cache private-dev -private-etc @tls-ca,@x11,dbus-1,rpc,services,Trolltech.conf +private-etc @tls-ca,@x11,dbus-1,rpc,services private-srv none private-tmp diff --git a/etc/profile-a-l/dolphin-emu.profile b/etc/profile-a-l/dolphin-emu.profile index d4734bf22..9743ebfbd 100644 --- a/etc/profile-a-l/dolphin-emu.profile +++ b/etc/profile-a-l/dolphin-emu.profile @@ -54,7 +54,7 @@ private-bin bash,dolphin-emu,dolphin-emu-x11,sh private-cache # Add the next line to your dolphin-emu.local if you do not need controller support. #private-dev -private-etc @tls-ca,@x11,bumblebee,gconf,glvnd,host.conf,mime.types,rpc,services,Trolltech.conf +private-etc @tls-ca,@x11,bumblebee,gconf,glvnd,host.conf,mime.types,rpc,services private-opt none private-tmp diff --git a/etc/profile-a-l/email-common.profile b/etc/profile-a-l/email-common.profile index d989e850a..e57e94338 100644 --- a/etc/profile-a-l/email-common.profile +++ b/etc/profile-a-l/email-common.profile @@ -69,7 +69,7 @@ tracelog # disable-mnt private-cache private-dev -private-etc @tls-ca,@x11,gnupg,groups,hosts.conf,mailname,selinux,timezone +private-etc @tls-ca,@x11,gnupg,groups,hosts.conf,mailname,timezone private-tmp # encrypting and signing email writable-run-user diff --git a/etc/profile-a-l/equalx.profile b/etc/profile-a-l/equalx.profile index fa6674f6e..8cbdccbb5 100644 --- a/etc/profile-a-l/equalx.profile +++ b/etc/profile-a-l/equalx.profile @@ -53,7 +53,7 @@ disable-mnt private-bin equalx,gs,pdflatex,pdftocairo private-cache private-dev -private-etc @x11,equalx,equalx.conf,latexmk.conf,papersize,texlive,Trolltech.conf +private-etc @x11,equalx,equalx.conf,latexmk.conf,papersize,texlive private-tmp dbus-user none diff --git a/etc/profile-a-l/falkon.profile b/etc/profile-a-l/falkon.profile index 0d260f429..d805766eb 100644 --- a/etc/profile-a-l/falkon.profile +++ b/etc/profile-a-l/falkon.profile @@ -47,7 +47,7 @@ disable-mnt # private-bin falkon private-cache private-dev -private-etc @tls-ca,@x11,adobe,mailcap,mime.types,selinux +private-etc @tls-ca,@x11,adobe,mailcap,mime.types private-tmp # dbus-user filter diff --git a/etc/profile-a-l/fractal.profile b/etc/profile-a-l/fractal.profile index 24d8e4c2f..fe0bc8756 100644 --- a/etc/profile-a-l/fractal.profile +++ b/etc/profile-a-l/fractal.profile @@ -46,7 +46,7 @@ disable-mnt private-bin fractal private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user filter diff --git a/etc/profile-a-l/ghostwriter.profile b/etc/profile-a-l/ghostwriter.profile index 1c023f369..f7b9230f4 100644 --- a/etc/profile-a-l/ghostwriter.profile +++ b/etc/profile-a-l/ghostwriter.profile @@ -51,7 +51,7 @@ private-bin context,gettext,ghostwriter,latex,mktexfmt,pandoc,pdflatex,pdfroff,p private-cache private-dev # passwd,login.defs,firejail are a temporary workaround for #2877 and can be removed once it is fixed -private-etc @tls-ca,@x11,dbus-1,firejail,gconf,groups,host.conf,mime.types,rpc,services,texlive,Trolltech.conf +private-etc @tls-ca,@x11,dbus-1,firejail,gconf,groups,host.conf,mime.types,rpc,services,texlive private-tmp dbus-user filter diff --git a/etc/profile-a-l/git-cola.profile b/etc/profile-a-l/git-cola.profile index 34203ad4a..49568ba23 100644 --- a/etc/profile-a-l/git-cola.profile +++ b/etc/profile-a-l/git-cola.profile @@ -69,7 +69,7 @@ tracelog private-bin basename,bash,cola,envsubst,gettext,git,git-cola,git-dag,git-gui,gitk,gpg,gpg-agent,nano,ps,python*,sh,ssh,ssh-agent,tclsh,tr,wc,which,xed private-cache private-dev -private-etc @tls-ca,@x11,gitconfig,host.conf,mime.types,selinux,ssh +private-etc @tls-ca,@x11,gitconfig,host.conf,mime.types,ssh private-tmp writable-run-user diff --git a/etc/profile-a-l/gnome-music.profile b/etc/profile-a-l/gnome-music.profile index 087353d45..22d5f87ea 100644 --- a/etc/profile-a-l/gnome-music.profile +++ b/etc/profile-a-l/gnome-music.profile @@ -41,7 +41,7 @@ tracelog # private-bin calls a file manager - whatever is installed! #private-bin env,gio-launch-desktop,gnome-music,python*,yelp private-dev -private-etc @x11,selinux +private-etc @x11 private-tmp restrict-namespaces diff --git a/etc/profile-a-l/homebank.profile b/etc/profile-a-l/homebank.profile index ffe65c762..ccbb66333 100644 --- a/etc/profile-a-l/homebank.profile +++ b/etc/profile-a-l/homebank.profile @@ -49,7 +49,7 @@ disable-mnt private-bin homebank private-cache private-dev -private-etc @tls-ca,@x11,mime.types,selinux +private-etc @tls-ca,@x11,mime.types private-tmp dbus-user none diff --git a/etc/profile-a-l/kazam.profile b/etc/profile-a-l/kazam.profile index 0ed2cf48a..70414eeea 100644 --- a/etc/profile-a-l/kazam.profile +++ b/etc/profile-a-l/kazam.profile @@ -48,7 +48,7 @@ disable-mnt # private-bin kazam,python* private-cache private-dev -private-etc @x11,selinux +private-etc @x11 private-tmp dbus-system none diff --git a/etc/profile-a-l/kube.profile b/etc/profile-a-l/kube.profile index 7204549e2..5183a9327 100644 --- a/etc/profile-a-l/kube.profile +++ b/etc/profile-a-l/kube.profile @@ -67,7 +67,7 @@ tracelog private-bin kube,sink_synchronizer private-cache private-dev -private-etc @tls-ca,@x11,selinux +private-etc @tls-ca,@x11 private-tmp writable-run-user diff --git a/etc/profile-m-z/man.profile b/etc/profile-m-z/man.profile index 6cb523727..cdf1d807f 100644 --- a/etc/profile-m-z/man.profile +++ b/etc/profile-m-z/man.profile @@ -56,7 +56,7 @@ disable-mnt #private-bin apropos,bash,cat,catman,col,gpreconv,groff,grotty,gunzip,gzip,less,man,most,nroff,preconv,sed,sh,tbl,tr,troff,whatis,which,xtotroff,zcat,zsoelim private-cache private-dev -private-etc @x11,groff,man_db.conf,manpath.config,selinux,sysless +private-etc @x11,groff,man_db.conf,manpath.config,sysless #private-tmp dbus-user none diff --git a/etc/profile-m-z/menulibre.profile b/etc/profile-m-z/menulibre.profile index a67ef9101..fcac70fb3 100644 --- a/etc/profile-m-z/menulibre.profile +++ b/etc/profile-m-z/menulibre.profile @@ -51,7 +51,7 @@ tracelog disable-mnt private-cache private-dev -private-etc @tls-ca,@x11,mime.types,selinux +private-etc @tls-ca,@x11,mime.types private-tmp dbus-user none diff --git a/etc/profile-m-z/minecraft-launcher.profile b/etc/profile-m-z/minecraft-launcher.profile index 86378527b..d82854bed 100644 --- a/etc/profile-m-z/minecraft-launcher.profile +++ b/etc/profile-m-z/minecraft-launcher.profile @@ -50,7 +50,7 @@ private-cache private-dev # If multiplayer or realms break, add 'private-etc ' # or 'ignore private-etc' to your minecraft-launcher.local. -private-etc @tls-ca,@x11,host.conf,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-14-openjdk,java-7-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk,mime.types,selinux,services,timezone +private-etc @tls-ca,@x11,host.conf,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-14-openjdk,java-7-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk,mime.types,services,timezone private-opt minecraft-launcher private-tmp diff --git a/etc/profile-m-z/minitube.profile b/etc/profile-m-z/minitube.profile index 20e956cff..9e72f9996 100644 --- a/etc/profile-m-z/minitube.profile +++ b/etc/profile-m-z/minitube.profile @@ -53,7 +53,7 @@ disable-mnt private-bin minitube private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user none diff --git a/etc/profile-m-z/mirage.profile b/etc/profile-m-z/mirage.profile index 7c5b3aee4..665b32ecf 100644 --- a/etc/profile-m-z/mirage.profile +++ b/etc/profile-m-z/mirage.profile @@ -53,7 +53,7 @@ disable-mnt private-bin ldconfig,mirage private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user none diff --git a/etc/profile-m-z/musictube.profile b/etc/profile-m-z/musictube.profile index 0da6a8c3d..3387ed5de 100644 --- a/etc/profile-m-z/musictube.profile +++ b/etc/profile-m-z/musictube.profile @@ -49,7 +49,7 @@ disable-mnt private-bin musictube private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user none diff --git a/etc/profile-m-z/mutt.profile b/etc/profile-m-z/mutt.profile index c96dca73a..288ffedf1 100644 --- a/etc/profile-m-z/mutt.profile +++ b/etc/profile-m-z/mutt.profile @@ -124,7 +124,7 @@ tracelog # disable-mnt private-cache private-dev -private-etc @tls-ca,@x11,gai.conf,gnupg,gnutls,hosts.conf,mail,mailname,Mutt,Muttrc,Muttrc.d,nntpserver,terminfo +private-etc @tls-ca,@x11,Mutt,Muttrc,Muttrc.d,gai.conf,gnupg,gnutls,hosts.conf,mail,mailname,nntpserver,terminfo private-tmp writable-run-user writable-var diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 244e01cc5..80e28a5e5 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -53,7 +53,7 @@ tracelog disable-mnt private-bin neochat private-dev -private-etc @tls-ca,@x11,dbus-1,host.conf,mime.types,rpc,services,Trolltech.conf +private-etc @tls-ca,@x11,dbus-1,host.conf,mime.types,rpc,services private-tmp dbus-user filter diff --git a/etc/profile-m-z/neomutt.profile b/etc/profile-m-z/neomutt.profile index 4f311b155..5bd1e7cba 100644 --- a/etc/profile-m-z/neomutt.profile +++ b/etc/profile-m-z/neomutt.profile @@ -116,7 +116,7 @@ tracelog # disable-mnt private-cache private-dev -private-etc @tls-ca,@x11,gnupg,hosts.conf,mail,mailname,Mutt,Muttrc,Muttrc.d,neomuttrc,neomuttrc.d,nntpserver +private-etc @tls-ca,@x11,Mutt,Muttrc,Muttrc.d,gnupg,hosts.conf,mail,mailname,neomuttrc,neomuttrc.d,nntpserver private-tmp writable-run-user writable-var diff --git a/etc/profile-m-z/nextcloud.profile b/etc/profile-m-z/nextcloud.profile index 32a65f0c5..d4bad2f67 100644 --- a/etc/profile-m-z/nextcloud.profile +++ b/etc/profile-m-z/nextcloud.profile @@ -61,7 +61,7 @@ tracelog disable-mnt private-bin nextcloud,nextcloud-desktop private-cache -private-etc @tls-ca,@x11,host.conf,Nextcloud,os-release,selinux +private-etc @tls-ca,@x11,Nextcloud,host.conf,os-release private-dev private-tmp diff --git a/etc/profile-m-z/nheko.profile b/etc/profile-m-z/nheko.profile index a0565c77d..cdd2ffc3f 100644 --- a/etc/profile-m-z/nheko.profile +++ b/etc/profile-m-z/nheko.profile @@ -47,7 +47,7 @@ disable-mnt private-bin nheko private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user filter diff --git a/etc/profile-m-z/nuclear.profile b/etc/profile-m-z/nuclear.profile index 452cda5e5..6ab21af5b 100644 --- a/etc/profile-m-z/nuclear.profile +++ b/etc/profile-m-z/nuclear.profile @@ -18,7 +18,7 @@ whitelist ${HOME}/.config/nuclear no3d # private-bin nuclear -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-opt nuclear # Redirect diff --git a/etc/profile-m-z/onboard.profile b/etc/profile-m-z/onboard.profile index a142598b7..f8be5819b 100644 --- a/etc/profile-m-z/onboard.profile +++ b/etc/profile-m-z/onboard.profile @@ -49,7 +49,7 @@ disable-mnt private-cache private-bin onboard,python*,tput private-dev -private-etc @x11,dbus-1,mime.types,selinux +private-etc @x11,dbus-1,mime.types private-tmp dbus-system none diff --git a/etc/profile-m-z/openarena.profile b/etc/profile-m-z/openarena.profile index 1600db144..46d0bb86b 100644 --- a/etc/profile-m-z/openarena.profile +++ b/etc/profile-m-z/openarena.profile @@ -42,7 +42,7 @@ disable-mnt private-bin bash,cut,glxinfo,grep,head,openarena,openarena_ded,quake3,zenity private-cache private-dev -private-etc @games,@x11,selinux,udev +private-etc @games,@x11,udev private-tmp dbus-user none diff --git a/etc/profile-m-z/openmw.profile b/etc/profile-m-z/openmw.profile index 507d6d634..721b06117 100644 --- a/etc/profile-m-z/openmw.profile +++ b/etc/profile-m-z/openmw.profile @@ -52,7 +52,7 @@ tracelog private-bin bsatool,esmtool,niftest,openmw,openmw-cs,openmw-essimporter,openmw-iniimporter,openmw-launcher,openmw-wizard private-cache private-dev -private-etc @x11,bumblebee,glvnd,mime.types,openmw,Trolltech.conf +private-etc @x11,bumblebee,glvnd,mime.types,openmw private-opt none private-tmp diff --git a/etc/profile-m-z/otter-browser.profile b/etc/profile-m-z/otter-browser.profile index 420ceece3..a1c0462ba 100644 --- a/etc/profile-m-z/otter-browser.profile +++ b/etc/profile-m-z/otter-browser.profile @@ -52,7 +52,7 @@ disable-mnt private-bin bash,otter-browser,sh,which private-cache ?BROWSER_DISABLE_U2F: private-dev -private-etc @tls-ca,@x11,mailcap,mime.types,selinux +private-etc @tls-ca,@x11,mailcap,mime.types private-tmp dbus-system none diff --git a/etc/profile-m-z/psi.profile b/etc/profile-m-z/psi.profile index 9d9d6e6c5..a1a0606b9 100644 --- a/etc/profile-m-z/psi.profile +++ b/etc/profile-m-z/psi.profile @@ -70,7 +70,7 @@ disable-mnt private-bin getopt,psi private-cache private-dev -private-etc @tls-ca,@x11,selinux +private-etc @tls-ca,@x11 private-tmp dbus-user none diff --git a/etc/profile-m-z/pybitmessage.profile b/etc/profile-m-z/pybitmessage.profile index e057ee565..0789450cb 100644 --- a/etc/profile-m-z/pybitmessage.profile +++ b/etc/profile-m-z/pybitmessage.profile @@ -40,7 +40,7 @@ seccomp disable-mnt private-bin bash,env,ldconfig,pybitmessage,python*,sh,stat private-dev -private-etc @tls-ca,@x11,PyBitmessage,PyBitmessage.conf,selinux,sni-qt.conf,system-fips,Trolltech.conf +private-etc @tls-ca,@x11,PyBitmessage,PyBitmessage.conf,sni-qt.conf,system-fips private-tmp restrict-namespaces diff --git a/etc/profile-m-z/qcomicbook.profile b/etc/profile-m-z/qcomicbook.profile index cb807c69e..19ef7a464 100644 --- a/etc/profile-m-z/qcomicbook.profile +++ b/etc/profile-m-z/qcomicbook.profile @@ -52,7 +52,7 @@ tracelog private-bin 7z,7zr,qcomicbook,rar,sh,tar,unace,unrar,unzip private-cache private-dev -private-etc @x11,mime.types,Trolltech.conf +private-etc @x11,mime.types private-tmp dbus-user none diff --git a/etc/profile-m-z/qgis.profile b/etc/profile-m-z/qgis.profile index 9635c2e06..1f378e004 100644 --- a/etc/profile-m-z/qgis.profile +++ b/etc/profile-m-z/qgis.profile @@ -51,7 +51,7 @@ tracelog disable-mnt private-cache private-dev -private-etc @tls-ca,QGIS,QGIS.conf,Trolltech.conf +private-etc @tls-ca,@x11,QGIS,QGIS.conf private-tmp dbus-user none diff --git a/etc/profile-m-z/quaternion.profile b/etc/profile-m-z/quaternion.profile index ddd4800d8..fbc003d65 100644 --- a/etc/profile-m-z/quaternion.profile +++ b/etc/profile-m-z/quaternion.profile @@ -46,7 +46,7 @@ disable-mnt private-bin quaternion private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user none diff --git a/etc/profile-m-z/smuxi-frontend-gnome.profile b/etc/profile-m-z/smuxi-frontend-gnome.profile index 566d72733..89342aad8 100644 --- a/etc/profile-m-z/smuxi-frontend-gnome.profile +++ b/etc/profile-m-z/smuxi-frontend-gnome.profile @@ -47,7 +47,7 @@ disable-mnt private-bin bash,mono,mono-sgen,sh,smuxi-frontend-gnome private-cache private-dev -private-etc @tls-ca,@x11,mono,selinux +private-etc @tls-ca,@x11,mono private-tmp dbus-user none diff --git a/etc/profile-m-z/spectral.profile b/etc/profile-m-z/spectral.profile index 492a5bbeb..41b1f6507 100644 --- a/etc/profile-m-z/spectral.profile +++ b/etc/profile-m-z/spectral.profile @@ -45,7 +45,7 @@ disable-mnt private-cache private-bin spectral private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,host.conf,mime.types private-tmp dbus-user filter diff --git a/etc/profile-m-z/trojita.profile b/etc/profile-m-z/trojita.profile index 8acc6f763..378c8a1b7 100644 --- a/etc/profile-m-z/trojita.profile +++ b/etc/profile-m-z/trojita.profile @@ -53,7 +53,7 @@ tracelog private-bin trojita private-cache private-dev -private-etc @tls-ca,@x11,selinux +private-etc @tls-ca,@x11 private-tmp dbus-user filter diff --git a/etc/profile-m-z/twitch.profile b/etc/profile-m-z/twitch.profile index 1e759a760..1f548a92d 100644 --- a/etc/profile-m-z/twitch.profile +++ b/etc/profile-m-z/twitch.profile @@ -18,7 +18,7 @@ mkdir ${HOME}/.config/Twitch whitelist ${HOME}/.config/Twitch private-bin electron,electron[0-9],electron[0-9][0-9],twitch -private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types private-opt Twitch # Redirect diff --git a/etc/profile-m-z/youtube.profile b/etc/profile-m-z/youtube.profile index 5049b740e..9bb1991c2 100644 --- a/etc/profile-m-z/youtube.profile +++ b/etc/profile-m-z/youtube.profile @@ -17,7 +17,7 @@ mkdir ${HOME}/.config/Youtube whitelist ${HOME}/.config/Youtube private-bin electron,electron[0-9],electron[0-9][0-9],youtube -private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types private-opt Youtube # Redirect diff --git a/etc/profile-m-z/youtubemusic-nativefier.profile b/etc/profile-m-z/youtubemusic-nativefier.profile index 570399557..09a8a446f 100644 --- a/etc/profile-m-z/youtubemusic-nativefier.profile +++ b/etc/profile-m-z/youtubemusic-nativefier.profile @@ -14,7 +14,7 @@ mkdir ${HOME}/.config/youtubemusic-nativefier-040164 whitelist ${HOME}/.config/youtubemusic-nativefier-040164 private-bin electron,electron[0-9],electron[0-9][0-9],youtubemusic-nativefier -private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types private-opt youtubemusic-nativefier # Redirect diff --git a/etc/profile-m-z/ytmdesktop.profile b/etc/profile-m-z/ytmdesktop.profile index f74887185..43b624705 100644 --- a/etc/profile-m-z/ytmdesktop.profile +++ b/etc/profile-m-z/ytmdesktop.profile @@ -14,7 +14,7 @@ mkdir ${HOME}/.config/youtube-music-desktop-app whitelist ${HOME}/.config/youtube-music-desktop-app # private-bin env,ytmdesktop -private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types,selinux +private-etc @tls-ca,@x11,bumblebee,host.conf,mime.types # private-opt # Redirect diff --git a/etc/profile-m-z/zeal.profile b/etc/profile-m-z/zeal.profile index 7505fb575..caf9eab63 100644 --- a/etc/profile-m-z/zeal.profile +++ b/etc/profile-m-z/zeal.profile @@ -60,7 +60,7 @@ disable-mnt private-bin zeal private-cache private-dev -private-etc @tls-ca,@x11,host.conf,mime.types,rpc,services,Trolltech.conf +private-etc @tls-ca,@x11,host.conf,mime.types,rpc,services private-tmp dbus-user filter diff --git a/src/include/etc_groups.h b/src/include/etc_groups.h index e3f8bcc7e..fffc5f9b9 100644 --- a/src/include/etc_groups.h +++ b/src/include/etc_groups.h @@ -39,6 +39,7 @@ static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer "login.defs", // firejail reading UID/GID MIN and MAX at startup "nsswitch.conf", "passwd", + "selinux", NULL }; @@ -89,6 +90,7 @@ static char *etc_group_x11[] = { "kde5rc", "nvidia", // 3D "pango", // text rendering/internationalization + "Trolltech.conf", // old QT config file "X11", "xdg", NULL diff --git a/src/tools/cleanup_etc.c b/src/tools/cleanup_etc.c index 3b368b116..f57a1ddb1 100644 --- a/src/tools/cleanup_etc.c +++ b/src/tools/cleanup_etc.c @@ -38,6 +38,8 @@ static int arr_x11 = 0; static int arr_games = 0; static char outbuf[256 * 1024]; static char *outptr; +static int arg_replace = 0; +static int arg_debug = 0; void outprintf(char* fmt, ...) { va_list args; @@ -78,6 +80,17 @@ static void arr_add(const char *fname) { arr_cnt++; } +int arr_cmp(const void *p1, const void *p2) { + char **ptr1 = (char **) p1; + char **ptr2 = (char **) p2; + + return strcmp(*ptr1, *ptr2); +} + +static void arr_sort(void) { + qsort(&arr[0], arr_cnt, sizeof(char *), arr_cmp); +} + static void arr_clean(void) { int i; for (i = 0; i < arr_cnt; i++) { @@ -119,7 +132,7 @@ static void process_file(const char *fname) { FILE *fp = fopen(fname, "r"); if (!fp) { - fprintf(stderr, "Error: cannot open profile file\n"); + fprintf(stderr, "Error: cannot open %s file\n", fname); exit(1); } @@ -133,10 +146,11 @@ static void process_file(const char *fname) { int print = 0; while (fgets(line, MAX_BUF, fp)) { cnt++; - if (strncmp(line, "private-etc ", 12) != 0) { + if (strncmp(line, "private-etc", 11) != 0) { outprintf("%s", line); continue; } + strcpy(orig_line,line); char *ptr = strchr(line, '\n'); if (ptr) @@ -158,6 +172,8 @@ static void process_file(const char *fname) { ptr = strtok(ptr, ","); while (ptr) { + if (arg_debug) + printf("%s\n", ptr); if (arr_check(ptr, &etc_list[0])); else if (arr_check(ptr, &etc_group_sound[0])); else if (arr_check(ptr, &etc_group_network[0])); @@ -179,34 +195,36 @@ static void process_file(const char *fname) { ptr = strtok(NULL, ","); } + arr_sort(); char *last_line = arr_print(); if (strcmp(last_line, orig_line) == 0) { fclose(fp); return; } - printf("\n********************\n%s\n\n%s\n%s\n", fname, orig_line, last_line); + printf("\n********************\nfile: %s\n\nold: %s\nnew: %s\n", fname, orig_line, last_line); print = 1; } fclose(fp); - if (print) { -// printf("Replace? (Y/N): ", fname); -// fgets(line, MAX_BUF, stdin); -// if (*line == 'y' || *line == 'Y') { - fp = fopen(fname, "w"); - if (!fp) { - fprintf(stderr, "Error: cannot open profile file\n"); - exit(1); - } - fprintf(fp, "%s", outbuf); - fclose(fp); -// } + if (print && arg_replace) { + fp = fopen(fname, "w"); + if (!fp) { + fprintf(stderr, "Error: cannot open profile file\n"); + exit(1); + } + fprintf(fp, "%s", outbuf); + fclose(fp); } } static void usage(void) { - printf("usage: cleanup-etc file.profile\n"); + printf("usage: cleanup-etc [options] file.profile [file.profile]\n"); + printf("Group and clean private-etc entries in one or more profile files.\n"); + printf("Options:\n"); + printf(" --debug - print debug messages\n"); + printf(" --help - this help screen\n"); + printf(" --replace - replace profile file\n"); } int main(int argc, char **argv) { @@ -218,13 +236,25 @@ int main(int argc, char **argv) { int i; for (i = 1; i < argc; i++) { - if (strcmp(argv[i], "-h") == 0) { + if (strcmp(argv[i], "-h") == 0 || + strcmp(argv[i], "-?") == 0 || + strcmp(argv[i], "--help") == 0) { usage(); return 0; } + else if (strcmp(argv[i], "--debug") == 0) + arg_debug = 1; + else if (strcmp(argv[i], "--replace") == 0) + arg_replace = 1; + else if (*argv[i] == '-') { + fprintf(stderr, "Error: invalid program option %s\n", argv[i]); + return 1; + } + else + break; } - for (i = 1; i < argc; i++) + for (; i < argc; i++) process_file(argv[i]); return 0;