diff options
author | netblue30 <netblue30@protonmail.com> | 2021-12-28 13:55:47 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-12-28 13:55:47 -0500 |
commit | 15759cb51cf1a5fd2edfa9a386b86759b0a30888 (patch) | |
tree | 91bad51cde9907dc143e8618634e582b60869712 | |
parent | Merge pull request #4740 from WhyNotHugo/whitelist-ro (diff) | |
download | firejail-15759cb51cf1a5fd2edfa9a386b86759b0a30888.tar.gz firejail-15759cb51cf1a5fd2edfa9a386b86759b0a30888.tar.zst firejail-15759cb51cf1a5fd2edfa9a386b86759b0a30888.zip |
updates
-rw-r--r-- | README | 2 | ||||
-rw-r--r-- | RELNOTES | 1 | ||||
-rw-r--r-- | src/fnettrace/fnettrace.h | 19 | ||||
-rw-r--r-- | src/fnettrace/main.c | 19 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 5 |
5 files changed, 46 insertions, 0 deletions
@@ -564,6 +564,7 @@ Jose Riha (https://github.com/jose1711) | |||
564 | - drop noinput for games with gampad/joystick support | 564 | - drop noinput for games with gampad/joystick support |
565 | - goldendict profile fix | 565 | - goldendict profile fix |
566 | - whitelist /usr/share/nextcloud to allow access to translation files | 566 | - whitelist /usr/share/nextcloud to allow access to translation files |
567 | - fix clipgrab profile | ||
567 | jrabe (https://github.com/jrabe) | 568 | jrabe (https://github.com/jrabe) |
568 | - disallow access to kdbx files | 569 | - disallow access to kdbx files |
569 | - Epiphany profile | 570 | - Epiphany profile |
@@ -1108,6 +1109,7 @@ Vladislav Nepogodin (https://github.com/vnepogodin) | |||
1108 | - CachyBrowser profile | 1109 | - CachyBrowser profile |
1109 | Hugo Osvaldo Barrera (https://github.com/WhyNotHugo) | 1110 | Hugo Osvaldo Barrera (https://github.com/WhyNotHugo) |
1110 | - Skype profile tweaks | 1111 | - Skype profile tweaks |
1112 | - whitelist-ro command | ||
1111 | xee5ch (https://github.com/xee5ch) | 1113 | xee5ch (https://github.com/xee5ch) |
1112 | - skypeforlinux profile | 1114 | - skypeforlinux profile |
1113 | York Zhao (https://github.com/YorkZ) | 1115 | York Zhao (https://github.com/YorkZ) |
@@ -6,6 +6,7 @@ firejail (0.9.67) baseline; urgency=low | |||
6 | --deterministic-shutdown) (#4635) | 6 | --deterministic-shutdown) (#4635) |
7 | * noprinters command (#4607) | 7 | * noprinters command (#4607) |
8 | * network monitor (--nettrace) | 8 | * network monitor (--nettrace) |
9 | * whitelist-ro profile command | ||
9 | * build: firecfg.config is now installed to /etc/firejail/ (#4669) | 10 | * build: firecfg.config is now installed to /etc/firejail/ (#4669) |
10 | * removed --disable-whitelist at compile time | 11 | * removed --disable-whitelist at compile time |
11 | * removed whitelist=yes/no in /etc/firejail/firejail.config | 12 | * removed whitelist=yes/no in /etc/firejail/firejail.config |
diff --git a/src/fnettrace/fnettrace.h b/src/fnettrace/fnettrace.h index 9c34e17ca..699382838 100644 --- a/src/fnettrace/fnettrace.h +++ b/src/fnettrace/fnettrace.h | |||
@@ -1,3 +1,22 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2021 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
1 | #ifndef FNETTRACE_H | 20 | #ifndef FNETTRACE_H |
2 | #define FNETTRACE_H | 21 | #define FNETTRACE_H |
3 | 22 | ||
diff --git a/src/fnettrace/main.c b/src/fnettrace/main.c index f036d0c9e..9cbdc290d 100644 --- a/src/fnettrace/main.c +++ b/src/fnettrace/main.c | |||
@@ -1,3 +1,22 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2021 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
1 | #include "fnettrace.h" | 20 | #include "fnettrace.h" |
2 | #define MAX_BUF_SIZE (64 * 1024) | 21 | #define MAX_BUF_SIZE (64 * 1024) |
3 | 22 | ||
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 9c251ec34..e35f2837b 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -436,6 +436,11 @@ all directories in /usr. | |||
436 | .br | 436 | .br |
437 | Symbolic link handling: with the exception of user home, both the link and the real file should be in | 437 | Symbolic link handling: with the exception of user home, both the link and the real file should be in |
438 | the same top directory. For user home, both the link and the real file should be owned by the user. | 438 | the same top directory. For user home, both the link and the real file should be owned by the user. |
439 | |||
440 | .TP | ||
441 | \fBwhitelist-ro file_or_directory | ||
442 | Equivalent to "whitelist file_or_directory" followed by "read-only file_or_directory" | ||
443 | |||
439 | .TP | 444 | .TP |
440 | \fBwritable-etc | 445 | \fBwritable-etc |
441 | Mount /etc directory read-write. | 446 | Mount /etc directory read-write. |