Fixes (#2816)

* Unbreak gconf-editor

* Add x11 none to curl.profile

* Add x11 none to wget.profile

* Add x11 none to dnscrypt-proxy.profile

* Add tracelog to ssh-agent.profile

* Add x11 none to aria2c.profile

* Add x11 none to arch-audit.profile

* Add x11 none to archaudit-report.profile

etc/arch-audit.profile

@@ -35,6 +35,7 @@ novideo
 protocol inet,inet6
 seccomp
 shell none
+x11 none
 
 disable-mnt
 private

etc/archaudit-report.profile

@@ -30,6 +30,7 @@ novideo
 protocol unix,inet,inet6
 seccomp
 shell none
+x11 none
 
 disable-mnt
 private

etc/aria2c.profile

@@ -14,7 +14,6 @@ include disable-exec.inc
 include disable-interpreters.inc
 include disable-passwdmgr.inc
 include disable-programs.inc
-# include disable-xdg.inc
 
 caps.drop all
 ipc-namespace
@@ -32,6 +31,7 @@ novideo
 protocol unix,inet,inet6,netlink
 seccomp
 shell none
+x11 none
 
 # disable-mnt
 private-bin aria2c,gzip

etc/curl.profile

@@ -9,8 +9,6 @@ include globals.local
 
 noblacklist ${HOME}/.curlrc
 
-blacklist /tmp/.X11-unix
-
 include disable-common.inc
 include disable-exec.inc
 include disable-passwdmgr.inc
@@ -33,6 +31,7 @@ novideo
 protocol inet,inet6
 seccomp
 shell none
+x11 none
 
 # private-bin curl
 private-cache

etc/dnscrypt-proxy.profile

@@ -9,8 +9,6 @@ include globals.local
 noblacklist /sbin
 noblacklist /usr/sbin
 
-blacklist /tmp/.X11-unix
-
 include disable-common.inc
 include disable-devel.inc
 include disable-exec.inc
@@ -32,6 +30,7 @@ nou2f
 novideo
 protocol inet,inet6
 seccomp.drop _sysctl,acct,add_key,adjtimex,clock_adjtime,delete_module,fanotify_init,finit_module,get_mempolicy,init_module,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioperm,iopl,kcmp,kexec_file_load,kexec_load,keyctl,lookup_dcookie,mbind,migrate_pages,modify_ldt,mount,move_pages,open_by_handle_at,perf_event_open,perf_event_open,pivot_root,process_vm_readv,process_vm_writev,ptrace,remap_file_pages,request_key,set_mempolicy,swapoff,swapon,sysfs,syslog,umount2,uselib,vmsplice
+x11 none
 
 disable-mnt
 private

etc/gconf-editor.profile

@@ -7,5 +7,9 @@ include gconf-editor.local
 # added by included profile
 #include globals.local
 
+blacklist /tmp/.X11-unix
+
+ignore x11 none
+
 # Redirect
 include gconf.profile

etc/ssh-agent.profile

@@ -27,5 +27,6 @@ notv
 protocol unix,inet,inet6
 seccomp
 shell none
+tracelog
 
 writable-run-user

etc/wget.profile

@@ -10,8 +10,6 @@ include globals.local
 noblacklist ${HOME}/.wget-hsts
 noblacklist ${HOME}/.wgetrc
 
-blacklist /tmp/.X11-unix
-
 include disable-common.inc
 include disable-exec.inc
 include disable-passwdmgr.inc
@@ -33,6 +31,7 @@ novideo
 protocol unix,inet,inet6
 seccomp
 shell none
+x11 none
 
 # private-bin wget
 private-dev