From 7f7b5632ecfa87025abe108c256a5a4d43bfc4ad Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 15:21:59 +0530 Subject: [PATCH 01/20] Initial profile for neochat --- etc/profile-m-z/neochat.profile | 79 +++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 etc/profile-m-z/neochat.profile diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile new file mode 100644 index 000000000..bfee8b2fc --- /dev/null +++ b/etc/profile-m-z/neochat.profile @@ -0,0 +1,79 @@ +# Firejail profile for neochat +# Description: Matrix Client +# This file is overwritten after every install/update +# Persistent local customizations +include neochat.local +# Persistent global definitions +include globals.local + +#TODO: Add these to disable-programs +noblacklist ${HOME}/.cache/KDE/neochat +noblacklist ${HOME}/.config/KDE/neochat +noblacklist ${HOME}/.config/neochatrc +noblacklist ${HOME}/.config/neochat.notifyrc +noblacklist ${HOME}/.local/share/KDE/neochat +noblacklist ${DOWNLOADS} + +include disable-common.inc +include disable-devel.inc +include disable-exec.inc +include disable-interpreters.inc +include disable-passwdmgr.inc +include disable-programs.inc +include disable-shell.inc +include disable-write-mnt.inc +include disable-xdg.inc + +mkdir ${HOME}/.cache/KDE/neochat +mkdir ${HOME}/.config/KDE/neochat.conf +mkdir ${HOME}/.local/share/KDE/neochat +mkfile ${HOME}/.config/neochatrc +mkfile ${HOME}/.config/neochat.notifyrc + +whitelist ${HOME}/.cache/KDE/neochat +whitelist ${HOME}/.config/KDE/neochat.conf +whitelist ${HOME}/.config/neochatrc +whitelist ${HOME}/.local/share/KDE/neochat +whitelist ${HOME}/.config/neochat.notifyrc +whitelist ${DOWNLOADS} +include whitelist-common.inc + +include whitelist-runuser-common.inc +include whitelist-usr-share-common.inc +include whitelist-var-common.inc + +apparmor +caps.drop all +netfilter +nodvd +nogroups +nonewprivs +noroot +nosound +notv +nou2f +novideo +protocol unix,inet,inet6 +seccomp +shell none +tracelog + +disable-mnt +private-bin neochat +private-dev +##private-etc Common,Networking,GUI,Qt,KDE,D-Bus +private-etc alternatives,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,xdg,ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf,hosts,host.conf,hostname,protocols,services,rpc,fonts,pango,X11,Trolltech.conf,kde4rc,kde5rc,dbus-1,machine-id +##private-lib LIBS +##private-opt NAME +private-tmp + +## dbus-user permissions copied from the flatpak package +dbus-user filter +dbus-user.own org.kde.neochat +dbus-user.talk org.freedesktop.Notifications +dbus-user.talk com.canonical.AppMenu.Registrar +dbus-user.talk org.kde.StatusNotifierWatcher +dbus-user.talk org.kde.kwalletd5 +dbus-system none + +join-or-start neochat From e51c4e9a667ed5ce56c74c1d6256b65e39d014f8 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 15:23:23 +0530 Subject: [PATCH 02/20] Add neochat files to disable-programs.inc --- etc/inc/disable-programs.inc | 4 ++++ etc/profile-m-z/neochat.profile | 1 - 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index cf9ef44bf..5660b5d39 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc @@ -106,6 +106,7 @@ blacklist ${HOME}/.config/Gpredict blacklist ${HOME}/.config/INRIA blacklist ${HOME}/.config/InSilmaril blacklist ${HOME}/.config/Jitsi Meet +blacklist ${HOME}/.config/KDE/neochat blacklist ${HOME}/.config/Kid3 blacklist ${HOME}/.config/Kingsoft blacklist ${HOME}/.config/Loop_Hero @@ -341,6 +342,8 @@ blacklist ${HOME}/.config/mypaint blacklist ${HOME}/.config/nano blacklist ${HOME}/.config/nautilus blacklist ${HOME}/.config/nemo +blacklist ${HOME}/.config/neochatrc +blacklist ${HOME}/.config/neochat.notifyrc blacklist ${HOME}/.config/neomutt blacklist ${HOME}/.config/netsurf blacklist ${HOME}/.config/newsbeuter @@ -600,6 +603,7 @@ blacklist ${HOME}/.local/share/Empathy blacklist ${HOME}/.local/share/Enpass blacklist ${HOME}/.local/share/Flavio Tordini blacklist ${HOME}/.local/share/JetBrains +blacklist ${HOME}/.local/share/KDE/neochat blacklist ${HOME}/.local/share/Kingsoft blacklist ${HOME}/.local/share/Mendeley Ltd. blacklist ${HOME}/.local/share/Mumble diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index bfee8b2fc..c9007d457 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -6,7 +6,6 @@ include neochat.local # Persistent global definitions include globals.local -#TODO: Add these to disable-programs noblacklist ${HOME}/.cache/KDE/neochat noblacklist ${HOME}/.config/KDE/neochat noblacklist ${HOME}/.config/neochatrc From 2b6d963174b8bbfe0960aeb8296d8f64159830b2 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 15:23:30 +0530 Subject: [PATCH 03/20] Remove comments. --- etc/profile-m-z/neochat.profile | 3 --- 1 file changed, 3 deletions(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index c9007d457..dec6b552f 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -62,11 +62,8 @@ private-bin neochat private-dev ##private-etc Common,Networking,GUI,Qt,KDE,D-Bus private-etc alternatives,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,xdg,ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf,hosts,host.conf,hostname,protocols,services,rpc,fonts,pango,X11,Trolltech.conf,kde4rc,kde5rc,dbus-1,machine-id -##private-lib LIBS -##private-opt NAME private-tmp -## dbus-user permissions copied from the flatpak package dbus-user filter dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications From ccc5baf7c62b6fb4bb524d1c819e84592cada9d5 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 15:33:20 +0530 Subject: [PATCH 04/20] Sort options using sort.py --- etc/profile-m-z/neochat.profile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index dec6b552f..6cf477c50 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -61,7 +61,7 @@ disable-mnt private-bin neochat private-dev ##private-etc Common,Networking,GUI,Qt,KDE,D-Bus -private-etc alternatives,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,xdg,ca-certificates,ssl,pki,crypto-policies,nsswitch.conf,resolv.conf,hosts,host.conf,hostname,protocols,services,rpc,fonts,pango,X11,Trolltech.conf,kde4rc,kde5rc,dbus-1,machine-id +private-etc alternatives,ca-certificates,crypto-policies,dbus-1,fonts,host.conf,hostname,hosts,kde4rc,kde5rc,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssl,Trolltech.conf,X11,xdg private-tmp dbus-user filter From b530e0466ea735458d0bd497222189be4eff1167 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 16:01:23 +0530 Subject: [PATCH 05/20] Add neochat to enabled programs. --- src/firecfg/firecfg.config | 1 + 1 file changed, 1 insertion(+) diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 35954cfb8..474904ebf 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config @@ -555,6 +555,7 @@ mypaint mypaint-ora-thumbnailer natron ncdu +neochat neomutt netactview nethack From 98a2388870feea7d237d1c02ae7c0f804ef2f31e Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 17:48:20 +0530 Subject: [PATCH 06/20] Remove newlines and comments. --- etc/profile-m-z/neochat.profile | 3 --- 1 file changed, 3 deletions(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 6cf477c50..cfef352ca 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -28,7 +28,6 @@ mkdir ${HOME}/.config/KDE/neochat.conf mkdir ${HOME}/.local/share/KDE/neochat mkfile ${HOME}/.config/neochatrc mkfile ${HOME}/.config/neochat.notifyrc - whitelist ${HOME}/.cache/KDE/neochat whitelist ${HOME}/.config/KDE/neochat.conf whitelist ${HOME}/.config/neochatrc @@ -36,7 +35,6 @@ whitelist ${HOME}/.local/share/KDE/neochat whitelist ${HOME}/.config/neochat.notifyrc whitelist ${DOWNLOADS} include whitelist-common.inc - include whitelist-runuser-common.inc include whitelist-usr-share-common.inc include whitelist-var-common.inc @@ -60,7 +58,6 @@ tracelog disable-mnt private-bin neochat private-dev -##private-etc Common,Networking,GUI,Qt,KDE,D-Bus private-etc alternatives,ca-certificates,crypto-policies,dbus-1,fonts,host.conf,hostname,hosts,kde4rc,kde5rc,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,resolv.conf,rpc,services,ssl,Trolltech.conf,X11,xdg private-tmp From 5e16d4c4904b358b93495b773ea5299d099c0b18 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 17:48:33 +0530 Subject: [PATCH 07/20] Remove unnecessary noblacklist. --- etc/profile-m-z/neochat.profile | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index cfef352ca..f38fd6542 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -11,7 +11,6 @@ noblacklist ${HOME}/.config/KDE/neochat noblacklist ${HOME}/.config/neochatrc noblacklist ${HOME}/.config/neochat.notifyrc noblacklist ${HOME}/.local/share/KDE/neochat -noblacklist ${DOWNLOADS} include disable-common.inc include disable-devel.inc From 37d0fab4a639ea0f2e439cfff63c5e2c62a1a753 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 17:49:03 +0530 Subject: [PATCH 08/20] Add cache directory to disable-programs.inc --- etc/inc/disable-programs.inc | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/inc/disable-programs.inc b/etc/inc/disable-programs.inc index 5660b5d39..cc0c69df2 100644 --- a/etc/inc/disable-programs.inc +++ b/etc/inc/disable-programs.inc @@ -995,6 +995,7 @@ blacklist ${HOME}/.cache/inkscape blacklist ${HOME}/.cache/inox blacklist ${HOME}/.cache/iridium blacklist ${HOME}/.cache/kcmshell5 +blacklist ${HOME}/.cache/KDE/neochat blacklist ${HOME}/.cache/kdenlive blacklist ${HOME}/.cache/keepassxc blacklist ${HOME}/.cache/kfind From 6db30fc76b44f2c038f3a46b8b4526faacc699b1 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 17:50:28 +0530 Subject: [PATCH 09/20] Remove unnecessary include. --- etc/profile-m-z/neochat.profile | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index f38fd6542..33cbc8ffc 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -19,7 +19,6 @@ include disable-interpreters.inc include disable-passwdmgr.inc include disable-programs.inc include disable-shell.inc -include disable-write-mnt.inc include disable-xdg.inc mkdir ${HOME}/.cache/KDE/neochat From 9d743906929f336ae8e55805b4de4860514546cf Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 18:02:28 +0530 Subject: [PATCH 10/20] Remove apparently unnecessary dbus permission. I had copied this from the flatpak listing, but the application works without this. --- etc/profile-m-z/neochat.profile | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 33cbc8ffc..0903cdb5e 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -62,7 +62,6 @@ private-tmp dbus-user filter dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications -dbus-user.talk com.canonical.AppMenu.Registrar dbus-user.talk org.kde.StatusNotifierWatcher dbus-user.talk org.kde.kwalletd5 dbus-system none From 0195901ff8707b29f0f89c9c2520ebd58ae09dc3 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 18:54:44 +0530 Subject: [PATCH 11/20] Remove unnecessary permission. Signing in and so on works without this, so I'm not sure why it was enabled in the flatpak. --- etc/profile-m-z/neochat.profile | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 0903cdb5e..2523c449b 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -63,7 +63,6 @@ dbus-user filter dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications dbus-user.talk org.kde.StatusNotifierWatcher -dbus-user.talk org.kde.kwalletd5 dbus-system none join-or-start neochat From 8790f0c8bc2457903b359ec02da37b6276abe421 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 18:58:58 +0530 Subject: [PATCH 12/20] Leave the kwallet dbus stuff commented for now. --- etc/profile-m-z/neochat.profile | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 2523c449b..c39ae326c 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -63,6 +63,7 @@ dbus-user filter dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications dbus-user.talk org.kde.StatusNotifierWatcher +# dbus-user.talk org.kde.kwalletd5 dbus-system none join-or-start neochat From 2910ce3b0afa0fcb69a06ebed342f17a8047f475 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 19:13:53 +0530 Subject: [PATCH 13/20] Add command suggested by rusty-snake --- etc/profile-m-z/neochat.profile | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index c39ae326c..de58bb6aa 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -50,6 +50,7 @@ nou2f novideo protocol unix,inet,inet6 seccomp +seccomp.block-secondary shell none tracelog From ad98696b58c34dbb76cbf08a02eefa5dcd4dad64 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 19:18:24 +0530 Subject: [PATCH 14/20] Add machine-id Does not break dbus, despite the warning in the template. --- etc/profile-m-z/neochat.profile | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index de58bb6aa..72ecea308 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -39,6 +39,7 @@ include whitelist-var-common.inc apparmor caps.drop all +machine-id netfilter nodvd nogroups From 0dd3f12b9ec865c7be82f594dfea33c7b174cb29 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Sun, 2 May 2021 21:38:36 +0530 Subject: [PATCH 15/20] Remove kwallet dbus permission Confirmed on neochat Matrix group that it is not required. --- etc/profile-m-z/neochat.profile | 1 - 1 file changed, 1 deletion(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 72ecea308..52ad2a24b 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -65,7 +65,6 @@ dbus-user filter dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications dbus-user.talk org.kde.StatusNotifierWatcher -# dbus-user.talk org.kde.kwalletd5 dbus-system none join-or-start neochat From 55781f36fb166e54cf39a11178f1a99636b9bca8 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Mon, 3 May 2021 21:17:01 +0530 Subject: [PATCH 16/20] Remove unnecessary command. Seems to detect currently running instance even without that. --- etc/profile-m-z/neochat.profile | 2 -- 1 file changed, 2 deletions(-) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 52ad2a24b..9fb5ead14 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -66,5 +66,3 @@ dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications dbus-user.talk org.kde.StatusNotifierWatcher dbus-system none - -join-or-start neochat From 7bc20ebb7d3e475ce0233a3b7cf5f77d842afe4b Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Tue, 4 May 2021 19:08:07 +0530 Subject: [PATCH 17/20] Move the 1793 workaround stuff to a separate file. --- etc/inc/whitelist-1793-workaround.inc | 26 ++++++++++++++++++++++++++ etc/profile-m-z/neochat.profile | 8 ++------ 2 files changed, 28 insertions(+), 6 deletions(-) create mode 100644 etc/inc/whitelist-1793-workaround.inc diff --git a/etc/inc/whitelist-1793-workaround.inc b/etc/inc/whitelist-1793-workaround.inc new file mode 100644 index 000000000..6261b4221 --- /dev/null +++ b/etc/inc/whitelist-1793-workaround.inc @@ -0,0 +1,26 @@ +# This file is overwritten during software install. +# Persistent customizations should go in a .local file. +include allow-nodejs.local +# This works around bug 1793, and allows whitelisting to be used for some KDE applications. + +whitelist ${HOME}/.config/ibus +whitelist ${HOME}/.config/mimeapps.list +whitelist ${HOME}/.config/pkcs11 +read-only ${HOME}/.config/pkcs11 +whitelist ${HOME}/.config/user-dirs.dirs +read-only ${HOME}/.config/user-dirs.dirs +whitelist ${HOME}/.config/user-dirs.locale +read-only ${HOME}/.config/user-dirs.locale +whitelist ${HOME}/.config/fontconfig +whitelist ${HOME}/.config/Kvantum +whitelist ${HOME}/.config/Trolltech.conf +whitelist ${HOME}/.config/QtProject.conf +whitelist ${HOME}/.config/kdeglobals +whitelist ${HOME}/.config/kio_httprc +whitelist ${HOME}/.config/kioslaverc +whitelist ${HOME}/.config/ksslcablacklist +whitelist ${HOME}/.config/qt5ct +whitelist ${HOME}/.config/qtcurve + +blacklist ${HOME}/.config/* +whitelist ${HOME}/.config diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index 9fb5ead14..b2dde9baf 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -7,6 +7,7 @@ include neochat.local include globals.local noblacklist ${HOME}/.cache/KDE/neochat +noblacklist ${HOME}/.config/KDE noblacklist ${HOME}/.config/KDE/neochat noblacklist ${HOME}/.config/neochatrc noblacklist ${HOME}/.config/neochat.notifyrc @@ -22,16 +23,11 @@ include disable-shell.inc include disable-xdg.inc mkdir ${HOME}/.cache/KDE/neochat -mkdir ${HOME}/.config/KDE/neochat.conf mkdir ${HOME}/.local/share/KDE/neochat -mkfile ${HOME}/.config/neochatrc -mkfile ${HOME}/.config/neochat.notifyrc whitelist ${HOME}/.cache/KDE/neochat -whitelist ${HOME}/.config/KDE/neochat.conf -whitelist ${HOME}/.config/neochatrc whitelist ${HOME}/.local/share/KDE/neochat -whitelist ${HOME}/.config/neochat.notifyrc whitelist ${DOWNLOADS} +include whitelist-1793-workaround.inc include whitelist-common.inc include whitelist-runuser-common.inc include whitelist-usr-share-common.inc From 88a831d4f6af19b01c6907fffeb954dffc32e572 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Tue, 4 May 2021 19:24:46 +0530 Subject: [PATCH 18/20] Add back the kwallet dbus stuff. The dev did say it may be required on some platforms. He didn't sound completely sure. --- etc/profile-m-z/neochat.profile | 1 + 1 file changed, 1 insertion(+) diff --git a/etc/profile-m-z/neochat.profile b/etc/profile-m-z/neochat.profile index b2dde9baf..9185574b7 100644 --- a/etc/profile-m-z/neochat.profile +++ b/etc/profile-m-z/neochat.profile @@ -61,4 +61,5 @@ dbus-user filter dbus-user.own org.kde.neochat dbus-user.talk org.freedesktop.Notifications dbus-user.talk org.kde.StatusNotifierWatcher +dbus-user.talk org.kde.kwalletd5 dbus-system none From f925053bb5b9e1775e49fe13c624e4a5caf496ea Mon Sep 17 00:00:00 2001 From: Kishore96in Date: Tue, 4 May 2021 14:17:22 +0000 Subject: [PATCH 19/20] Update etc/inc/whitelist-1793-workaround.inc Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com> --- etc/inc/whitelist-1793-workaround.inc | 39 ++++++++++++++------------- 1 file changed, 21 insertions(+), 18 deletions(-) diff --git a/etc/inc/whitelist-1793-workaround.inc b/etc/inc/whitelist-1793-workaround.inc index 6261b4221..ad428303e 100644 --- a/etc/inc/whitelist-1793-workaround.inc +++ b/etc/inc/whitelist-1793-workaround.inc @@ -3,24 +3,27 @@ include allow-nodejs.local # This works around bug 1793, and allows whitelisting to be used for some KDE applications. -whitelist ${HOME}/.config/ibus -whitelist ${HOME}/.config/mimeapps.list -whitelist ${HOME}/.config/pkcs11 -read-only ${HOME}/.config/pkcs11 -whitelist ${HOME}/.config/user-dirs.dirs -read-only ${HOME}/.config/user-dirs.dirs -whitelist ${HOME}/.config/user-dirs.locale -read-only ${HOME}/.config/user-dirs.locale -whitelist ${HOME}/.config/fontconfig -whitelist ${HOME}/.config/Kvantum -whitelist ${HOME}/.config/Trolltech.conf -whitelist ${HOME}/.config/QtProject.conf -whitelist ${HOME}/.config/kdeglobals -whitelist ${HOME}/.config/kio_httprc -whitelist ${HOME}/.config/kioslaverc -whitelist ${HOME}/.config/ksslcablacklist -whitelist ${HOME}/.config/qt5ct -whitelist ${HOME}/.config/qtcurve +noblacklist ${HOME}/.config/ibus +noblacklist ${HOME}/.config/mimeapps.list +noblacklist ${HOME}/.config/pkcs11 +noblacklist ${HOME}/.config/user-dirs.dirs +noblacklist ${HOME}/.config/user-dirs.locale +noblacklist ${HOME}/.config/dconf +noblacklist ${HOME}/.config/fontconfig +noblacklist ${HOME}/.config/gtk-2.0 +noblacklist ${HOME}/.config/gtk-3.0 +noblacklist ${HOME}/.config/gtk-4.0 +noblacklist ${HOME}/.config/gtkrc +noblacklist ${HOME}/.config/gtkrc-2.0 +noblacklist ${HOME}/.config/Kvantum +noblacklist ${HOME}/.config/Trolltech.conf +noblacklist ${HOME}/.config/QtProject.conf +noblacklist ${HOME}/.config/kdeglobals +noblacklist ${HOME}/.config/kio_httprc +noblacklist ${HOME}/.config/kioslaverc +noblacklist ${HOME}/.config/ksslcablacklist +noblacklist ${HOME}/.config/qt5ct +noblacklist ${HOME}/.config/qtcurve blacklist ${HOME}/.config/* whitelist ${HOME}/.config From cdbcc8bcace7edb2d9f00e5919f71624f182ded7 Mon Sep 17 00:00:00 2001 From: Kishore Gopalakrishnan Date: Tue, 4 May 2021 19:52:18 +0530 Subject: [PATCH 20/20] Correct name for local file. --- etc/inc/whitelist-1793-workaround.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/etc/inc/whitelist-1793-workaround.inc b/etc/inc/whitelist-1793-workaround.inc index ad428303e..862837f12 100644 --- a/etc/inc/whitelist-1793-workaround.inc +++ b/etc/inc/whitelist-1793-workaround.inc @@ -1,6 +1,6 @@ # This file is overwritten during software install. # Persistent customizations should go in a .local file. -include allow-nodejs.local +include whitelist-1793-workaround.local # This works around bug 1793, and allows whitelisting to be used for some KDE applications. noblacklist ${HOME}/.config/ibus