Sort comented private-{bin,etc} lines

in addition to 019fa047, c7d34b5e, 0a9beba3, cbdbb0f0.
2026-05-15 14:16:14 -06:00 · 2019-06-16 12:50:04 +02:00 · 2019-06-16 12:50:04 +02:00 · 4beaf8f9da
commit 4beaf8f9da
parent 026de86a10
41 changed files with 49 additions and 50 deletions
--- a/etc/Xephyr.profile
+++ b/etc/Xephyr.profile
@ -34,8 +34,8 @@ shell none
 disable-mnt
 # using a private home directory
 private
-# private-bin Xephyr,sh,xkbcomp
-# private-bin Xephyr,sh,xkbcomp,strace,bash,cat,ls
+# private-bin sh,Xephyr,xkbcomp
+# private-bin bash,cat,ls,sh,strace,Xephyr,xkbcomp
 private-dev
-# private-etc alternatives,ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname
+# private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,nsswitch.conf,resolv.conf
 #private-tmp
--- a/etc/Xvfb.profile
+++ b/etc/Xvfb.profile
@ -37,8 +37,8 @@ shell none
 disable-mnt
 # using a private home directory
 private
-# private-bin Xvfb,sh,xkbcomp
-# private-bin Xvfb,sh,xkbcomp,strace,bash,cat,ls
+# private-bin sh,xkbcomp,Xvfb
+# private-bin bash,cat,ls,sh,strace,xkbcomp,Xvfb
 private-dev
 private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,nsswitch.conf,resolv.conf
 private-tmp
--- a/etc/ardour5.profile
+++ b/etc/ardour5.profile
@ -34,9 +34,9 @@ protocol unix
 seccomp
 shell none

-#private-bin sh,ardour4,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,sed,ldd,nm
+#private-bin ardour4,ardour5,ardour5-copy-mixer,ardour5-export,ardour5-fix_bbtppq,grep,ldd,nm,sed,sh
 private-cache
 private-dev
-#private-etc alternatives,pulse,X11,alternatives,ardour4,ardour5,fonts,machine-id,asound.conf
+#private-etc alternatives,ardour4,ardour5,asound.conf,fonts,machine-id,pulse,X11
 private-tmp

--- a/etc/ark.profile
+++ b/etc/ark.profile
@ -35,7 +35,7 @@ seccomp
 shell none

 private-bin 7z,ark,bash,lrzip,lsar,lz4,lzop,p7zip,rar,sh,tclsh,unar,unrar,unzip,zip,zipinfo
-#private-etc alternatives,smb.conf,samba,mtab,fonts,drirc,kde5rc,passwd,group,xdg
+#private-etc alternatives,drirc,fonts,group,kde5rc,mtab,passwd,samba,smb.conf,xdg

 private-dev
 private-tmp
--- a/etc/bitcoin-qt.profile
+++ b/etc/bitcoin-qt.profile
@ -43,7 +43,7 @@ tracelog
 private-bin bitcoin-qt
 private-dev
 # Causes problem with loading of libGL.so
-#private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies
+#private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl
 private-tmp

 memory-deny-write-execute
--- a/etc/bless.profile
+++ b/etc/bless.profile
@ -33,7 +33,7 @@ protocol unix
 seccomp
 shell none

-# private-bin bless,sh,bash,mono
+# private-bin bash,bless,mono,sh
 private-cache
 private-dev
 private-etc alternatives,fonts,mono
--- a/etc/cantata.profile
+++ b/etc/cantata.profile
@ -34,6 +34,6 @@ protocol unix,inet,inet6,netlink
 seccomp
 shell none

-# private-etc samba,gcrypt,drirc,fonts,mpd.conf,kde5rc,passwd,xdg,hosts,ssl
+# private-etc drirc,fonts,gcrypt,hosts,kde5rc,mpd.conf,passwd,samba,ssl,xdg
 private-bin cantata,mpd,perl
 private-dev
--- a/etc/curl.profile
+++ b/etc/curl.profile
@ -34,5 +34,5 @@ shell none
 # private-bin curl
 private-cache
 private-dev
-# private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,pki,resolv.conf,ssl
 private-tmp
--- a/etc/cyberfox.profile
+++ b/etc/cyberfox.profile
@ -13,7 +13,7 @@ mkdir ${HOME}/.cache/8pecxstudios
 whitelist ${HOME}/.8pecxstudios
 whitelist ${HOME}/.cache/8pecxstudios

-# private-bin cyberfox,which,sh,dbus-launch,dbus-send,env
+# private-bin cyberfox,dbus-launch,dbus-send,env,sh,which
 # private-etc must first be enabled in firefox-common.profile
 #private-etc cyberfox

--- a/etc/dino.profile
+++ b/etc/dino.profile
@ -37,6 +37,6 @@ shell none
 disable-mnt
 private-bin dino
 private-dev
-# private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies # breaks server connection
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl -- breaks server connection
 private-tmp

--- a/etc/elinks.profile
+++ b/etc/elinks.profile
@ -36,5 +36,5 @@ tracelog
 # private-bin elinks
 private-cache
 private-dev
-# private-etc alternatives,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,pki,ssl
 private-tmp
--- a/etc/fetchmail.profile
+++ b/etc/fetchmail.profile
@ -30,5 +30,5 @@ protocol unix,inet,inet6
 seccomp
 shell none

-#private-bin fetchmail,procmail,bash,chmod
+#private-bin bash,chmod,fetchmail,procmail
 private-dev
--- a/etc/firefox-common.profile
+++ b/etc/firefox-common.profile
@ -57,5 +57,5 @@ shell none
 disable-mnt
 private-dev
 # private-etc below works fine on most distributions. There are some problems on CentOS.
-#private-etc alternatives,ca-certificates,ssl,machine-id,dconf,selinux,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,xdg,gtk-2.0,gtk-3.0,X11,pango,fonts,mime.types,mailcap,asound.conf,pulse,pki,crypto-policies,ld.so.cache
+#private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg
 private-tmp
--- a/etc/firefox.profile
+++ b/etc/firefox.profile
@ -15,7 +15,7 @@ whitelist ${HOME}/.cache/mozilla/firefox
 whitelist ${HOME}/.mozilla

 # firefox requires a shell to launch on Arch.
-#private-bin firefox,which,sh,dbus-launch,dbus-send,env,bash
+#private-bin bash,dbus-launch,dbus-send,env,firefox,sh,which
 # private-etc must first be enabled in firefox-common.profile
 #private-etc firefox

--- a/etc/gjs.profile
+++ b/etc/gjs.profile
@ -32,7 +32,7 @@ seccomp
 shell none
 tracelog

-# private-bin gjs,gnome-books,gnome-documents,gnome-photos,gnome-maps,gnome-weather
+# private-bin gjs,gnome-books,gnome-documents,gnome-maps,gnome-photos,gnome-weather
 private-dev
-# private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl
 private-tmp
--- a/etc/gnome-maps.profile
+++ b/etc/gnome-maps.profile
@ -39,8 +39,8 @@ shell none
 tracelog

 disable-mnt
-# private-bin gjs gnome-maps
+# private-bin gjs,gnome-maps
 private-dev
-# private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl
 private-tmp

--- a/etc/gnome-weather.profile
+++ b/etc/gnome-weather.profile
@ -37,8 +37,8 @@ shell none
 tracelog

 disable-mnt
-# private-bin gjs gnome-weather
+# private-bin gjs,gnome-weather
 private-dev
-# private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl
 private-tmp

--- a/etc/goobox.profile
+++ b/etc/goobox.profile
@ -31,5 +31,5 @@ tracelog

 # private-bin goobox
 private-dev
-# private-etc alternatives,fonts,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,machine-id,pki,pulse,ssl
 # private-tmp
--- a/etc/kdenlive.profile
+++ b/etc/kdenlive.profile
@ -35,4 +35,4 @@ shell none

 private-bin dbus-launch,dvdauthor,ffmpeg,ffplay,ffprobe,genisoimage,kdeinit4,kdeinit4_shutdown,kdeinit4_wrapper,kdeinit5,kdeinit5_shutdown,kdeinit5_wrapper,kdenlive,kdenlive_render,kshell4,kshell5,melt,mlt-melt,vlc,xine
 private-dev
-# private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,machine-id,passwd,pulse,xdg,X11
+# private-etc alternatives,fonts,kde4rc,kde5rc,ld.so.cache,machine-id,passwd,pulse,X11,xdg
--- a/etc/lynx.profile
+++ b/etc/lynx.profile
@ -34,5 +34,5 @@ tracelog
 # private-bin lynx
 private-cache
 private-dev
-# private-etc alternatives,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,pki,ssl
 private-tmp
--- a/etc/minetest.profile
+++ b/etc/minetest.profile
@ -45,5 +45,5 @@ private-bin minetest
 private-cache
 private-dev
 # private-etc needs to be updated, see #1702
-#private-etc alternatives,asound.conf,ca-certificates,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pulse,resolv.conf,ssl,pki,crypto-policies,machine-id
+#private-etc alternatives,asound.conf,ca-certificates,crypto-policies,drirc,fonts,group,host.conf,hostname,hosts,ld.so.cache,ld.so.preload,localtime,machine-id,nsswitch.conf,passwd,pki,pulse,resolv.conf,ssl
 private-tmp
--- a/etc/mpd.profile
+++ b/etc/mpd.profile
@ -34,7 +34,7 @@ protocol unix,inet,inet6
 seccomp.drop @cpu-emulation,@debug,@obsolete,@privileged,@resources,add_key,fanotify_init,io_cancel,io_destroy,io_getevents,io_setup,io_submit,kcmp,keyctl,name_to_handle_at,ni_syscall,open_by_handle_at,personality,process_vm_readv,ptrace,remap_file_pages,request_key,syslog,umount,userfaultfd,vmsplice
 shell none

-#private-bin mpd,bash
+#private-bin bash,mpd
 private-cache
 private-dev
 private-tmp
--- a/etc/multimc5.profile
+++ b/etc/multimc5.profile
@ -43,7 +43,7 @@ shell none

 disable-mnt
 # private-bin works, but causes weirdness
-# private-bin multimc5,bash,mkdir,which,zenity,kdialog,ldd,chmod,valgrind,apt-file,pkgfile,dnf,yum,zypper,pfl,java,grep,sort,awk,readlink,dirname
+# private-bin apt-file,awk,bash,chmod,dirname,dnf,grep,java,kdialog,ldd,mkdir,multimc5,pfl,pkgfile,readlink,sort,valgrind,which,yum,zenity,zypper
 private-dev
 private-tmp

--- a/etc/mupdf.profile
+++ b/etc/mupdf.profile
@ -36,7 +36,7 @@ seccomp
 shell none
 tracelog

-# private-bin mupdf,sh,tempfile,rm
+# private-bin mupdf,rm,sh,tempfile
 private-dev
 private-etc alternatives,fonts
 private-tmp
--- a/etc/peek.profile
+++ b/etc/peek.profile
@ -34,7 +34,7 @@ seccomp
 shell none

 # private-bin breaks gif mode, mp4 and webm mode work fine however
-# private-bin peek,convert,ffmpeg
+# private-bin convert,ffmpeg,peek
 private-dev
 private-tmp

--- a/etc/qbittorrent.profile
+++ b/etc/qbittorrent.profile
@ -53,8 +53,7 @@ shell none

 private-bin python*,qbittorrent
 private-dev
-# private-etc alternatives,X11,fonts,xdg,resolv.conf,ca-certificates,ssl,pki,crypto-policies
-# private-lib - problems on Arch
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,resolv.conf,ssl,X11,xdg
 private-tmp

 # memory-deny-write-execute - problems on Arch, see #1690 on GitHub repo
--- a/etc/quiterss.profile
+++ b/etc/quiterss.profile
@ -50,5 +50,5 @@ tracelog
 disable-mnt
 private-bin quiterss
 private-dev
-# private-etc alternatives,X11,ssl,pki,ca-certificates,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,pki,ssl,X11

--- a/etc/ricochet.profile
+++ b/etc/ricochet.profile
@ -37,5 +37,5 @@ shell none
 disable-mnt
 private-bin ricochet,tor
 private-dev
-#private-etc alternatives,fonts,tor,X11,alternatives,ca-certificates,ssl,pki,crypto-policies
+#private-etc alternatives,alternatives,ca-certificates,crypto-policies,fonts,pki,ssl,tor,X11

--- a/etc/scribus.profile
+++ b/etc/scribus.profile
@ -56,7 +56,7 @@ seccomp
 shell none
 tracelog

-# private-bin scribus,gs,gimp*
+# private-bin gimp*,gs,scribus
 private-dev
 private-tmp

--- a/etc/seamonkey.profile
+++ b/etc/seamonkey.profile
@ -52,4 +52,4 @@ seccomp
 tracelog

 disable-mnt
-# private-etc alternatives,passwd,group,hostname,hosts,localtime,nsswitch.conf,resolv.conf,gtk-2.0,pango,fonts,iceweasel,firefox,adobe,mime.types,mailcap,asound.conf,pulse,machine-id,ca-certificates,ssl,pki,crypto-policies
+# private-etc adobe,alternatives,asound.conf,ca-certificates,crypto-policies,firefox,fonts,group,gtk-2.0,hostname,hosts,iceweasel,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,ssl
--- a/etc/simple-scan.profile
+++ b/etc/simple-scan.profile
@ -33,5 +33,5 @@ tracelog

 # private-bin simple-scan
 # private-dev
-# private-etc alternatives,fonts,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,pki,ssl
 # private-tmp
--- a/etc/skype.profile
+++ b/etc/skype.profile
@ -28,7 +28,7 @@ seccomp
 shell none

 disable-mnt
-#private-bin skype,bash
+#private-bin bash,skype
 private-cache
 private-dev
 private-tmp
--- a/etc/steam.profile
+++ b/etc/steam.profile
@ -60,7 +60,7 @@ shell none
 #tracelog

 # private-bin is disabled while in testing, but has been tested working with multiple games
-#private-bin awk,basename,bash,bsdtar,bzip2,cat,chmod,cksum,cmp,comm,compress,cp,curl,cut,date,dbus-launch,dbus-send,desktop-file-edit,desktop-file-install,desktop-file-validate,dirname,echo,env,expr,file,find,getopt,grep,gtar,gzip,head,hostname,id,lbzip2,ldconfig,ldd,ln,ls,lsb_release,lspci,lsof,lz4,lzip,lzma,lzop,md5sum,mkdir,mktemp,mv,netstat,ps,pulseaudio,python*,readlink,realpath,rm,sed,sh,sha1sum,sha256sum,sha512sum,sleep,sort,steam,steamdeps,steam-native,steam-runtime,sum,tail,tar,tclsh,test,touch,tr,umask,uname,update-desktop-database,wc,wget,which,whoami,xterm,xz,zenity
+#private-bin awk,basename,bash,bsdtar,bzip2,cat,chmod,cksum,cmp,comm,compress,cp,curl,cut,date,dbus-launch,dbus-send,desktop-file-edit,desktop-file-install,desktop-file-validate,dirname,echo,env,expr,file,find,getopt,grep,gtar,gzip,head,hostname,id,lbzip2,ldconfig,ldd,ln,ls,lsb_release,lsof,lspci,lz4,lzip,lzma,lzop,md5sum,mkdir,mktemp,mv,netstat,ps,pulseaudio,python*,readlink,realpath,rm,sed,sh,sha1sum,sha256sum,sha512sum,sleep,sort,steam,steamdeps,steam-native,steam-runtime,sum,tail,tar,tclsh,test,touch,tr,umask,uname,update-desktop-database,wc,wget,which,whoami,xterm,xz,zenity
 # extra programs are available which might be needed for select games
 #private-bin java,java-config,mono
 # picture viewers are needed for viewing screenshots
--- a/etc/synfigstudio.profile
+++ b/etc/synfigstudio.profile
@ -31,7 +31,7 @@ protocol unix
 seccomp
 shell none

-#private-bin synfigstudio,synfig,ffmpeg
+#private-bin ffmpeg,synfig,synfigstudio
 private-cache
 private-dev
 private-tmp
--- a/etc/totem.profile
+++ b/etc/totem.profile
@ -40,6 +40,6 @@ private-bin totem
 # totem needs access to ~/.cache/tracker or it exits
 #private-cache
 private-dev
-# private-etc alternatives,fonts,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,machine-id,pki,pulse,ssl
 private-tmp

--- a/etc/unknown-horizons.profile
+++ b/etc/unknown-horizons.profile
@ -29,5 +29,5 @@ shell none

 # private-bin unknown-horizons
 private-dev
-# private-etc alternatives,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,pki,ssl
 private-tmp
--- a/etc/waterfox.profile
+++ b/etc/waterfox.profile
@ -20,7 +20,7 @@ whitelist ${HOME}/.mozilla
 whitelist ${HOME}/.waterfox

 # waterfox requires a shell to launch on Arch. We can possibly remove sh though.
-#private-bin waterfox,which,sh,dbus-launch,dbus-send,env,bash
+#private-bin bash,dbus-launch,dbus-send,env,sh,waterfox,which
 # private-etc must first be enabled in firefox-common.profile
 #private-etc waterfox

--- a/etc/wget.profile
+++ b/etc/wget.profile
@ -36,6 +36,6 @@ shell none

 # private-bin wget
 private-dev
-# private-etc alternatives,resolv.conf,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policie,pki,resolv.conf,ssl
 # private-tmp

--- a/etc/wireshark.profile
+++ b/etc/wireshark.profile
@ -43,6 +43,6 @@ tracelog

 # private-bin wireshark
 private-dev
-# private-etc alternatives,fonts,group,hosts,machine-id,passwd,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,ca-certificates,crypto-policies,fonts,group,hosts,machine-id,passwd,pki,ssl
 private-tmp

--- a/etc/xplayer.profile
+++ b/etc/xplayer.profile
@ -39,6 +39,6 @@ tracelog

 private-bin xplayer,xplayer-audio-preview,xplayer-video-thumbnailer
 private-dev
-# private-etc alternatives,fonts,machine-id,pulse,asound.conf,ca-certificates,ssl,pki,crypto-policies
+# private-etc alternatives,asound.conf,ca-certificates,crypto-policies,fonts,machine-id,pki,pulse,ssl
 private-tmp

--- a/etc/xpra.profile
+++ b/etc/xpra.profile
@ -47,7 +47,7 @@ disable-mnt
 # private home directory doesn't work on some distros, so we go for a regular home
 # private
 # older Xpra versions also use Xvfb
-# private-bin xpra,python*,Xvfb,Xorg,sh,xkbcomp,xauth,dbus-launch,pactl,ldconfig,which,strace,bash,cat,ls
+# private-bin bash,cat,dbus-launch,ldconfig,ls,pactl,python*,sh,strace,which,xauth,xkbcomp,Xorg,xpra,Xvfb
 private-dev
-# private-etc alternatives,ld.so.conf,ld.so.cache,resolv.conf,host.conf,nsswitch.conf,gai.conf,hosts,hostname,machine-id,xpra,X11
+# private-etc alternatives,gai.conf,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,machine-id,nsswitch.conf,resolv.conf,X11,xpra
 private-tmp