diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-21 08:48:38 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-21 08:48:38 -0500 |
commit | 8e932c019367bc270b3ae258077392f90feb7fa3 (patch) | |
tree | 644029d0b62ce603e899ffdd52fdc468471bf908 /src | |
parent | testing (diff) | |
parent | profiles (diff) | |
download | firejail-8e932c019367bc270b3ae258077392f90feb7fa3.tar.gz firejail-8e932c019367bc270b3ae258077392f90feb7fa3.tar.zst firejail-8e932c019367bc270b3ae258077392f90feb7fa3.zip |
Merge branch 'master' of https://github.com/netblue30/firejail
Diffstat (limited to 'src')
-rw-r--r-- | src/firecfg/firecfg.config | 60 | ||||
-rw-r--r-- | src/fseccomp/main.c | 4 | ||||
-rw-r--r-- | src/man/firejail.txt | 4 |
3 files changed, 64 insertions, 4 deletions
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index d10d59657..7d7fad0a6 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -14,6 +14,8 @@ qbittorrent | |||
14 | rtorrent | 14 | rtorrent |
15 | transmission-gtk | 15 | transmission-gtk |
16 | transmission-qt | 16 | transmission-qt |
17 | transmission-cli | ||
18 | transmission-show | ||
17 | uget-gtk | 19 | uget-gtk |
18 | 20 | ||
19 | # browsers/email | 21 | # browsers/email |
@@ -51,6 +53,9 @@ thunderbird | |||
51 | vivaldi-beta | 53 | vivaldi-beta |
52 | vivaldi | 54 | vivaldi |
53 | evolution | 55 | evolution |
56 | elinks | ||
57 | lynx | ||
58 | w3m | ||
54 | 59 | ||
55 | # chat/messaging | 60 | # chat/messaging |
56 | bitlbee | 61 | bitlbee |
@@ -94,21 +99,41 @@ wesnot | |||
94 | warzone2100 | 99 | warzone2100 |
95 | 100 | ||
96 | # Media | 101 | # Media |
102 | amarok | ||
97 | audacious | 103 | audacious |
98 | audacity | 104 | audacity |
105 | bleachbit | ||
106 | brasero | ||
99 | clementine | 107 | clementine |
100 | cmus | 108 | cmus |
101 | deadbeef | 109 | deadbeef |
102 | display | 110 | display |
111 | dolphin | ||
112 | dragon | ||
113 | exiftool | ||
103 | feh | 114 | feh |
115 | gjs | ||
116 | gnome-books | ||
117 | gnome-clocks | ||
118 | gnome-documents | ||
119 | gnome-maps | ||
104 | gnome-mplayer | 120 | gnome-mplayer |
121 | gnome-music | ||
122 | goobox | ||
105 | google-play-music-desktop-player | 123 | google-play-music-desktop-player |
124 | img2txt | ||
125 | k3b | ||
126 | mediainfo | ||
106 | mpv | 127 | mpv |
128 | nautilus | ||
107 | parole | 129 | parole |
108 | rhythmbox | 130 | rhythmbox |
131 | simple-scan | ||
132 | skanlite | ||
109 | spotify | 133 | spotify |
110 | totem | 134 | totem |
111 | vlc | 135 | vlc |
136 | xfburn | ||
112 | xplayer | 137 | xplayer |
113 | xviewer | 138 | xviewer |
114 | eom | 139 | eom |
@@ -121,10 +146,13 @@ atril | |||
121 | cherrytree | 146 | cherrytree |
122 | evince | 147 | evince |
123 | fbreader | 148 | fbreader |
149 | gedit | ||
124 | gimp | 150 | gimp |
125 | gthumb | 151 | gthumb |
126 | gwenview | 152 | gwenview |
153 | highlight | ||
127 | inkscape | 154 | inkscape |
155 | kate | ||
128 | libreoffice | 156 | libreoffice |
129 | localc | 157 | localc |
130 | lodraw | 158 | lodraw |
@@ -141,7 +169,9 @@ soffice | |||
141 | synfigstudio | 169 | synfigstudio |
142 | Mathematica | 170 | Mathematica |
143 | mathematica | 171 | mathematica |
172 | odt2txt | ||
144 | okular | 173 | okular |
174 | pdftotext | ||
145 | pix | 175 | pix |
146 | xpdf | 176 | xpdf |
147 | xreader | 177 | xreader |
@@ -151,14 +181,40 @@ flowblade | |||
151 | eog | 181 | eog |
152 | 182 | ||
153 | # other | 183 | # other |
154 | ssh | ||
155 | atom-beta | ||
156 | atom | 184 | atom |
185 | atom-beta | ||
186 | gpa | ||
187 | gpg | ||
188 | # don't run ssh-agent and gpg-agent with firejail by default | ||
189 | # this will break many processes using them in the background | ||
190 | # ssh-agent | ||
191 | # gpg-agent | ||
192 | git | ||
157 | ranger | 193 | ranger |
158 | keepass | 194 | keepass |
159 | keepass2 | 195 | keepass2 |
160 | keepassx | 196 | keepassx |
197 | ssh | ||
198 | tracker | ||
161 | xiphos | 199 | xiphos |
200 | xpra | ||
162 | 201 | ||
163 | # weather/climate | 202 | # weather/climate |
164 | aweather | 203 | aweather |
204 | gnome-weather | ||
205 | |||
206 | # compressing tools | ||
207 | ark | ||
208 | atool | ||
209 | file-roller | ||
210 | |||
211 | # when used by other processes in the background, it will break stuff | ||
212 | #7z | ||
213 | #cpio | ||
214 | #gtar | ||
215 | #gzip | ||
216 | #tar | ||
217 | #unrar | ||
218 | #unzip | ||
219 | #xz | ||
220 | #xzdec | ||
diff --git a/src/fseccomp/main.c b/src/fseccomp/main.c index 471e0b193..2f85a786b 100644 --- a/src/fseccomp/main.c +++ b/src/fseccomp/main.c | |||
@@ -38,7 +38,7 @@ static void usage(void) { | |||
38 | } | 38 | } |
39 | 39 | ||
40 | int main(int argc, char **argv) { | 40 | int main(int argc, char **argv) { |
41 | //#if 0 | 41 | #if 0 |
42 | { | 42 | { |
43 | //system("cat /proc/self/status"); | 43 | //system("cat /proc/self/status"); |
44 | int i; | 44 | int i; |
@@ -46,7 +46,7 @@ for (i = 0; i < argc; i++) | |||
46 | printf("*%s* ", argv[i]); | 46 | printf("*%s* ", argv[i]); |
47 | printf("\n"); | 47 | printf("\n"); |
48 | } | 48 | } |
49 | //#endif | 49 | #endif |
50 | if (argc < 2) { | 50 | if (argc < 2) { |
51 | usage(); | 51 | usage(); |
52 | return 1; | 52 | return 1; |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index bb9ae270c..8441f25d5 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1341,6 +1341,10 @@ both 32-bit and 64-bit filters are installed. | |||
1341 | .br | 1341 | .br |
1342 | 1342 | ||
1343 | .br | 1343 | .br |
1344 | Firejail will print seccomp violations to the audit log if the kernel was compiled with audit support (CONFIG_AUDIT flag). | ||
1345 | .br | ||
1346 | |||
1347 | .br | ||
1344 | Example: | 1348 | Example: |
1345 | .br | 1349 | .br |
1346 | $ firejail \-\-seccomp | 1350 | $ firejail \-\-seccomp |