From 2ad4b8f4096096e3e5553f0802891ed7b5d7d15a Mon Sep 17 00:00:00 2001
From: Simon Rettberg
Date: Fri, 30 Aug 2013 19:01:50 +0200
Subject: [clone_stage4] Extend and refine filterlist and filtering process

---
 server/blacklists/essential/console-kit     |  8 +++++
 server/blacklists/essential/dbus            | 47 +++++++++++++++++++++++++++++
 server/blacklists/essential/linux-base      | 47 ++++++++++++++++-------------
 server/blacklists/essential/linux-extended  |  5 ++-
 server/blacklists/essential/policykit       |  7 +++++
 server/blacklists/essential/pulseaudio      |  5 +++
 server/blacklists/package-managers/apt      |  3 +-
 server/blacklists/package-managers/yum      |  1 -
 server/blacklists/package-managers/zypper   |  1 -
 server/blacklists/pam/gnome                 |  4 +++
 server/blacklists/x-autostart/kde-autostart |  8 ++---
 server/blacklists/x-autostart/xdg-autostart |  5 +--
 12 files changed, 109 insertions(+), 32 deletions(-)
 create mode 100644 server/blacklists/essential/console-kit
 create mode 100644 server/blacklists/essential/dbus
 create mode 100644 server/blacklists/essential/policykit
 create mode 100644 server/blacklists/essential/pulseaudio
 create mode 100644 server/blacklists/pam/gnome

(limited to 'server')

diff --git a/server/blacklists/essential/console-kit b/server/blacklists/essential/console-kit
new file mode 100644
index 00000000..a176cac9
--- /dev/null
+++ b/server/blacklists/essential/console-kit
@@ -0,0 +1,8 @@
+# Consolekit is removed and replaced by a dummy in stage32
+- console-kit*
+- consolekit*
+- libck-connector*
+- *-ck-connector*
+- *Console-Kit*
+- *ConsoleKit*
+
diff --git a/server/blacklists/essential/dbus b/server/blacklists/essential/dbus
new file mode 100644
index 00000000..42afc286
--- /dev/null
+++ b/server/blacklists/essential/dbus
@@ -0,0 +1,47 @@
+# system.d
+- dbus-1**avahi-dbus.conf
+- dbus-1**bluetooth.conf
+- dbus-1**com.hp.hplip.conf
+- dbus-1**com.redhat.NewPrinterNotification.conf
+- dbus-1**com.redhat.PrinterDriversInstaller.conf
+- dbus-1**dnsmasq.conf
+- dbus-1**Mountall.Server.conf
+- dbus-1**nm-*
+- dbus-1**org.debian.apt.conf
+- dbus-1**org.debian.AptXapianIndex.conf
+- dbus-1**org.freedesktop.hostname1.conf
+- dbus-1**org.freedesktop.locale1.conf
+- dbus-1**org.freedesktop.login1.conf
+- dbus-1**org.freedesktop.ModemManager.conf
+- dbus-1**org.freedesktop.NetworkManager.conf
+- dbus-1**org.freedesktop.PolicyKit1.conf
+- dbus-1**org.freedesktop.PackageKit-aptd.conf
+- dbus-1**org.freedesktop.systemd1.conf
+- dbus-1**org.freedesktop.timedate1.conf
+- dbus-1**org.opensuse.CupsPkHelper.Mechanism.conf
+- dbus-1**pulseaudio-system.conf
+- dbus-1**Upstart.conf
+- dbus-1**wpa_supplicant.conf
+# interfaces
+- dbus-1**mm-*
+- dbus-1**org.fedoraproject.Config.Printing.xml
+- dbus-1**org.freedesktop.Avahi.*
+- dbus-1**org.freedesktop.hostname1.xml
+- dbus-1**org.freedesktop.locale1.xml
+- dbus-1**org.freedesktop.ModemManager.*
+- dbus-1**org.freedesktop.timedate1.xml
+- dbus-1**com.ubuntuone.*
+- dbus-1**musicstore-scope.service
+- dbus-1**org.freedesktop.Geoclue.*
+- dbus-1**org.gnome.zeitgeist.*
+- dbus-1**unity-lens-shopping.service
+# systen-services
+- dbus-1**fi.epitest.hostap.WPASupplicant.service
+- dbus-1**fi.w1.wpa_supplicant1.service
+- dbus-1**org.freedesktop.hostname1.service
+- dbus-1**org.freedesktop.locale1.service
+- dbus-1**org.freedesktop.ModemManager.service
+- dbus-1**org.freedesktop.nm_dispatcher.service
+- dbus-1**org.freedesktop.systemd1.service
+- dbus-1**org.freedesktop.timedate1.service
+
diff --git a/server/blacklists/essential/linux-base b/server/blacklists/essential/linux-base
index a00dee78..522ae191 100644
--- a/server/blacklists/essential/linux-base
+++ b/server/blacklists/essential/linux-base
@@ -1,27 +1,32 @@
-- /boot
-- /cdrom
-- /dev
-- /lib/modules
-- /lost+found
-- /media
-- /mnt
-- /opt/openslx
-- /proc
-- /run
-- /srv
-- /sys
-- /tmp
-- /usr/src
-- /var/log
+- /boot/
+- /cdrom/
+- /dev/
+- /lib/modules/
+- /lost+found/
+- /media/
+- /mnt/
+- /opt/openslx/
+- /proc/
+- /run/
+- /srv/
+- /sys/
+- /tmp/
+- /usr/src/
+- /var/log/
 - /var/run
-- /var/www
-- /var/tmp
-- /var/cache/nscd
+- /var/www/
+- /var/tmp/
++ /var/cache/**/
+- /var/cache/**
+- /var/lock
++ /var/spool/**/
+- /var/spool/**
 - /etc/resolv.conf
-- /etc/resolvconf
-- */tm-scripts
+- /etc/resolvconf/
+- **/tm-scripts/
 - /initrd.img
 - /initrd.img.old
 - /vmlinuz
 - /vmlinuz.old
-
+# This is where the bind-mount of mltk resides...
+- /export/build
diff --git a/server/blacklists/essential/linux-extended b/server/blacklists/essential/linux-extended
index c558c16e..d9d7ef97 100644
--- a/server/blacklists/essential/linux-extended
+++ b/server/blacklists/essential/linux-extended
@@ -1,4 +1,3 @@
-- /export
 - /home
 - /root
 - /usr/src
@@ -6,4 +5,8 @@
 - /etc/init
 - /var/lib/init.d
 - /usr/share/upstart
+- /lib/systemd
+- /usr/lib/systemd
+- /etc/systemd
+- /var/lib/NetworkManager
 
diff --git a/server/blacklists/essential/policykit b/server/blacklists/essential/policykit
new file mode 100644
index 00000000..68ff5a44
--- /dev/null
+++ b/server/blacklists/essential/policykit
@@ -0,0 +1,7 @@
+# Also get rid of polkit
+- libpolkit*
+- polkit*
+- policykit*
+- *PolicyKit*
+- *PolKit*
+
diff --git a/server/blacklists/essential/pulseaudio b/server/blacklists/essential/pulseaudio
new file mode 100644
index 00000000..7c1c1337
--- /dev/null
+++ b/server/blacklists/essential/pulseaudio
@@ -0,0 +1,5 @@
+- *pulseaudio*
+- libpulse*
+- *sound**pulse*
+- *alsa**pulse*
+
diff --git a/server/blacklists/package-managers/apt b/server/blacklists/package-managers/apt
index b4e2c9ba..5e019138 100644
--- a/server/blacklists/package-managers/apt
+++ b/server/blacklists/package-managers/apt
@@ -1,3 +1,2 @@
-- /var/cache/apt/archives/*
-+ /var/cache/apt/archives/partial
++ /var/cache/apt/archives/partial/**
 
diff --git a/server/blacklists/package-managers/yum b/server/blacklists/package-managers/yum
index 2ddd04d9..8b137891 100644
--- a/server/blacklists/package-managers/yum
+++ b/server/blacklists/package-managers/yum
@@ -1,2 +1 @@
-- /var/cache/yum
 
diff --git a/server/blacklists/package-managers/zypper b/server/blacklists/package-managers/zypper
index 6999340d..fbab85d7 100644
--- a/server/blacklists/package-managers/zypper
+++ b/server/blacklists/package-managers/zypper
@@ -1,3 +1,2 @@
 - /var/lib/zypp
-- /var/cache/zypp
 
diff --git a/server/blacklists/pam/gnome b/server/blacklists/pam/gnome
new file mode 100644
index 00000000..d1c85b72
--- /dev/null
+++ b/server/blacklists/pam/gnome
@@ -0,0 +1,4 @@
++ /etc/pam.d/gdm
++ /etc/pam.d/gdm-*
++ /etc/pam.d/gnome-*
+
diff --git a/server/blacklists/x-autostart/kde-autostart b/server/blacklists/x-autostart/kde-autostart
index 64294578..4d384303 100644
--- a/server/blacklists/x-autostart/kde-autostart
+++ b/server/blacklists/x-autostart/kde-autostart
@@ -1,5 +1,5 @@
-- /usr/share/autostart/*
-+ /usr/share/autostart
-- /opt/kde3/share/autostart/*
-+ /opt/kde3/share/autostart
++ /usr/share/autostart/**/
+- /usr/share/autostart/**
++ /opt/kde3/share/autostart/**/
+- /opt/kde3/share/autostart/**
 
diff --git a/server/blacklists/x-autostart/xdg-autostart b/server/blacklists/x-autostart/xdg-autostart
index 2160919f..bd4dd467 100644
--- a/server/blacklists/x-autostart/xdg-autostart
+++ b/server/blacklists/x-autostart/xdg-autostart
@@ -1,3 +1,4 @@
-- /etc/xdg/autostart/*
-+ /usr/share/autostart
++ /etc/xdg/autostart/**/
++ /etc/xdg/autostart/gnome-settings-daemon.desktop
+- /etc/xdg/autostart/**
 
-- 
cgit v1.2.3-55-g7522