move whitelist/blacklist to allow/deny

kmk3 · Jul 5, 2021 · fe0f975 · fe0f975
1 parent c32924b
commit fe0f975
Show file tree

Hide file tree

Showing 799 changed files with 5,142 additions and 5,060 deletions.
diff --git a/etc/inc/allow-bin-sh.inc b/etc/inc/allow-bin-sh.inc
@@ -2,6 +2,6 @@
 # Persistent customizations should go in a .local file.
 include allow-bin-sh.local
 
-noblacklist ${PATH}/bash
-noblacklist ${PATH}/dash
-noblacklist ${PATH}/sh
+nodeny  ${PATH}/bash
+nodeny  ${PATH}/dash
+nodeny  ${PATH}/sh
diff --git a/etc/inc/allow-common-devel.inc b/etc/inc/allow-common-devel.inc
@@ -3,29 +3,29 @@
 include allow-common-devel.local
 
 # Git
-noblacklist ${HOME}/.config/git
-noblacklist ${HOME}/.gitconfig
-noblacklist ${HOME}/.git-credentials
+nodeny  ${HOME}/.config/git
+nodeny  ${HOME}/.gitconfig
+nodeny  ${HOME}/.git-credentials
 
 # Java
-noblacklist ${HOME}/.gradle
-noblacklist ${HOME}/.java
+nodeny  ${HOME}/.gradle
+nodeny  ${HOME}/.java
 
 # Node.js
-noblacklist ${HOME}/.node-gyp
-noblacklist ${HOME}/.npm
-noblacklist ${HOME}/.npmrc
-noblacklist ${HOME}/.nvm
-noblacklist ${HOME}/.yarn
-noblacklist ${HOME}/.yarn-config
-noblacklist ${HOME}/.yarncache
-noblacklist ${HOME}/.yarnrc
+nodeny  ${HOME}/.node-gyp
+nodeny  ${HOME}/.npm
+nodeny  ${HOME}/.npmrc
+nodeny  ${HOME}/.nvm
+nodeny  ${HOME}/.yarn
+nodeny  ${HOME}/.yarn-config
+nodeny  ${HOME}/.yarncache
+nodeny  ${HOME}/.yarnrc
 
 # Python
-noblacklist ${HOME}/.pylint.d
-noblacklist ${HOME}/.python-history
-noblacklist ${HOME}/.python_history
-noblacklist ${HOME}/.pythonhist
+nodeny  ${HOME}/.pylint.d
+nodeny  ${HOME}/.python-history
+nodeny  ${HOME}/.python_history
+nodeny  ${HOME}/.pythonhist
 
 # Rust
-noblacklist ${HOME}/.cargo/*
+nodeny  ${HOME}/.cargo/*
diff --git a/etc/inc/allow-gjs.inc b/etc/inc/allow-gjs.inc
@@ -2,11 +2,11 @@
 # Persistent customizations should go in a .local file.
 include allow-gjs.local
 
-noblacklist ${PATH}/gjs
-noblacklist ${PATH}/gjs-console
-noblacklist /usr/lib/gjs
-noblacklist /usr/lib/libgjs*
-noblacklist /usr/lib/libmozjs-*
-noblacklist /usr/lib64/gjs
-noblacklist /usr/lib64/libgjs*
-noblacklist /usr/lib64/libmozjs-*
+nodeny  ${PATH}/gjs
+nodeny  ${PATH}/gjs-console
+nodeny  /usr/lib/gjs
+nodeny  /usr/lib/libgjs*
+nodeny  /usr/lib/libmozjs-*
+nodeny  /usr/lib64/gjs
+nodeny  /usr/lib64/libgjs*
+nodeny  /usr/lib64/libmozjs-*
diff --git a/etc/inc/allow-java.inc b/etc/inc/allow-java.inc
@@ -2,8 +2,8 @@
 # Persistent customizations should go in a .local file.
 include allow-java.local
 
-noblacklist ${HOME}/.java
-noblacklist ${PATH}/java
-noblacklist /etc/java
-noblacklist /usr/lib/java
-noblacklist /usr/share/java
+nodeny  ${HOME}/.java
+nodeny  ${PATH}/java
+nodeny  /etc/java
+nodeny  /usr/lib/java
+nodeny  /usr/share/java
diff --git a/etc/inc/allow-lua.inc b/etc/inc/allow-lua.inc
@@ -2,11 +2,11 @@
 # Persistent customizations should go in a .local file.
 include allow-lua.local
 
-noblacklist ${PATH}/lua*
-noblacklist /usr/include
-noblacklist /usr/lib/liblua*
-noblacklist /usr/lib/lua
-noblacklist /usr/lib64/liblua*
-noblacklist /usr/lib64/lua
-noblacklist /usr/share/lua
-noblacklist /usr/share/lua*
+nodeny  ${PATH}/lua*
+nodeny  /usr/include
+nodeny  /usr/lib/liblua*
+nodeny  /usr/lib/lua
+nodeny  /usr/lib64/liblua*
+nodeny  /usr/lib64/lua
+nodeny  /usr/share/lua
+nodeny  /usr/share/lua*
diff --git a/etc/inc/allow-nodejs.inc b/etc/inc/allow-nodejs.inc
@@ -2,8 +2,8 @@
 # Persistent customizations should go in a .local file.
 include allow-nodejs.local
 
-noblacklist ${PATH}/node
-noblacklist /usr/include/node
+nodeny  ${PATH}/node
+nodeny  /usr/include/node
 
 # Allow python for node-gyp (blacklisted by disable-interpreters.inc)
 include allow-python2.inc

diff --git a/etc/inc/allow-opengl-game.inc b/etc/inc/allow-opengl-game.inc
@@ -2,6 +2,6 @@
 # Persistent customizations should go in a .local file.
 include allow-opengl-game.local
 
-noblacklist ${PATH}/bash
-whitelist /usr/share/opengl-games-utils/opengl-game-functions.sh
+nodeny  ${PATH}/bash
+allow  /usr/share/opengl-games-utils/opengl-game-functions.sh
 private-bin basename,bash,cut,glxinfo,grep,head,sed,zenity
diff --git a/etc/inc/allow-perl.inc b/etc/inc/allow-perl.inc
@@ -2,11 +2,11 @@
 # Persistent customizations should go in a .local file.
 include allow-perl.local
 
-noblacklist ${PATH}/core_perl
-noblacklist ${PATH}/cpan*
-noblacklist ${PATH}/perl
-noblacklist ${PATH}/site_perl
-noblacklist ${PATH}/vendor_perl
-noblacklist /usr/lib/perl*
-noblacklist /usr/lib64/perl*
-noblacklist /usr/share/perl*
+nodeny  ${PATH}/core_perl
+nodeny  ${PATH}/cpan*
+nodeny  ${PATH}/perl
+nodeny  ${PATH}/site_perl
+nodeny  ${PATH}/vendor_perl
+nodeny  /usr/lib/perl*
+nodeny  /usr/lib64/perl*
+nodeny  /usr/share/perl*
diff --git a/etc/inc/allow-php.inc b/etc/inc/allow-php.inc
@@ -2,6 +2,6 @@
 # Persistent customizations should go in a .local file.
 include allow-php.local
 
-noblacklist ${PATH}/php*
-noblacklist /usr/lib/php*
-noblacklist /usr/share/php*
+nodeny  ${PATH}/php*
+nodeny  /usr/lib/php*
+nodeny  /usr/share/php*
diff --git a/etc/inc/allow-python2.inc b/etc/inc/allow-python2.inc
@@ -2,8 +2,8 @@
 # Persistent customizations should go in a .local file.
 include allow-python2.local
 
-noblacklist ${PATH}/python2*
-noblacklist /usr/include/python2*
-noblacklist /usr/lib/python2*
-noblacklist /usr/local/lib/python2*
-noblacklist /usr/share/python2*
+nodeny  ${PATH}/python2*
+nodeny  /usr/include/python2*
+nodeny  /usr/lib/python2*
+nodeny  /usr/local/lib/python2*
+nodeny  /usr/share/python2*
diff --git a/etc/inc/allow-python3.inc b/etc/inc/allow-python3.inc
@@ -2,9 +2,9 @@
 # Persistent customizations should go in a .local file.
 include allow-python3.local
 
-noblacklist ${PATH}/python3*
-noblacklist /usr/include/python3*
-noblacklist /usr/lib/python3*
-noblacklist /usr/lib64/python3*
-noblacklist /usr/local/lib/python3*
-noblacklist /usr/share/python3*
+nodeny  ${PATH}/python3*
+nodeny  /usr/include/python3*
+nodeny  /usr/lib/python3*
+nodeny  /usr/lib64/python3*
+nodeny  /usr/local/lib/python3*
+nodeny  /usr/share/python3*
diff --git a/etc/inc/allow-ruby.inc b/etc/inc/allow-ruby.inc
@@ -2,5 +2,5 @@
 # Persistent customizations should go in a .local file.
 include allow-ruby.local
 
-noblacklist ${PATH}/ruby
-noblacklist /usr/lib/ruby
+nodeny  ${PATH}/ruby
+nodeny  /usr/lib/ruby
diff --git a/etc/inc/allow-ssh.inc b/etc/inc/allow-ssh.inc
@@ -2,7 +2,7 @@
 # Persistent customizations should go in a .local file.
 include allow-ssh.local
 
-noblacklist ${HOME}/.ssh
-noblacklist /etc/ssh
-noblacklist /etc/ssh/ssh_config
-noblacklist /tmp/ssh-*
+nodeny  ${HOME}/.ssh
+nodeny  /etc/ssh
+nodeny  /etc/ssh/ssh_config
+nodeny  /tmp/ssh-*