diff options
| -rw-r--r-- | RELNOTES | 1 | ||||
| -rw-r--r-- | etc/firejail.config | 6 | ||||
| -rw-r--r-- | src/firejail/checkcfg.c | 7 | ||||
| -rw-r--r-- | src/firejail/env.c | 2 |
4 files changed, 13 insertions, 3 deletions
| @@ -18,6 +18,7 @@ firejail (0.9.42~rc2) baseline; urgency=low | |||
| 18 | * seccomp filter updated | 18 | * seccomp filter updated |
| 19 | * compile time and run time support to disable whitelists | 19 | * compile time and run time support to disable whitelists |
| 20 | * compile time support to disable global configuration file | 20 | * compile time support to disable global configuration file |
| 21 | * added quiet-by-default config option in /etc/firejail/firejail.config | ||
| 21 | * added netfilter-default config option in /etc/firejail/firejail.config | 22 | * added netfilter-default config option in /etc/firejail/firejail.config |
| 22 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice | 23 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice |
| 23 | * new profiles: pix, audacity, xz, xzdec, gzip, cpio, less | 24 | * new profiles: pix, audacity, xz, xzdec, gzip, cpio, less |
diff --git a/etc/firejail.config b/etc/firejail.config index 20c4d7a5f..82fe65ac7 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
| @@ -15,12 +15,16 @@ | |||
| 15 | # Force use of nonewprivs. This mitigates the possibility of | 15 | # Force use of nonewprivs. This mitigates the possibility of |
| 16 | # a user abusing firejail's features to trick a privileged (suid | 16 | # a user abusing firejail's features to trick a privileged (suid |
| 17 | # or file capabilities) process into loading code or configuration | 17 | # or file capabilities) process into loading code or configuration |
| 18 | # that is partially under their control. Default disabled | 18 | # that is partially under their control. Default disabled. |
| 19 | # force-nonewprivs no | 19 | # force-nonewprivs no |
| 20 | 20 | ||
| 21 | # Enable or disable networking features, default enabled. | 21 | # Enable or disable networking features, default enabled. |
| 22 | # network yes | 22 | # network yes |
| 23 | 23 | ||
| 24 | # Enable --quiet as default every time the sandbox is started. Default disabled. | ||
| 25 | # quiet-by-default no | ||
| 26 | |||
| 27 | |||
| 24 | # Enable or disable restricted network support, default disabled. If enabled, | 28 | # Enable or disable restricted network support, default disabled. If enabled, |
| 25 | # networking features should also be enabled (network yes). | 29 | # networking features should also be enabled (network yes). |
| 26 | # Restricted networking grants access to --interface, --net=ethXXX and | 30 | # Restricted networking grants access to --interface, --net=ethXXX and |
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 12921e294..3b60dafb6 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
| @@ -220,7 +220,12 @@ int checkcfg(int val) { | |||
| 220 | if (!xephyr_extra_params) | 220 | if (!xephyr_extra_params) |
| 221 | errExit("strdup"); | 221 | errExit("strdup"); |
| 222 | } | 222 | } |
| 223 | 223 | ||
| 224 | // quiet by default | ||
| 225 | else if (strncmp(ptr, "quiet-by-default ", 17) == 0) { | ||
| 226 | if (strcmp(ptr + 17, "yes") == 0) | ||
| 227 | arg_quiet = 1; | ||
| 228 | } | ||
| 224 | else | 229 | else |
| 225 | goto errout; | 230 | goto errout; |
| 226 | 231 | ||
diff --git a/src/firejail/env.c b/src/firejail/env.c index a5b3ccfb3..79d6b81e3 100644 --- a/src/firejail/env.c +++ b/src/firejail/env.c | |||
| @@ -133,7 +133,7 @@ void env_defaults(void) { | |||
| 133 | errExit("setenv"); | 133 | errExit("setenv"); |
| 134 | 134 | ||
| 135 | // set the window title | 135 | // set the window title |
| 136 | printf("\033]0;firejail %s\007\n", cfg.window_title); | 136 | printf("\033]0;firejail %s\007", cfg.window_title);fflush(0); |
| 137 | } | 137 | } |
| 138 | 138 | ||
| 139 | // parse and store the environment setting | 139 | // parse and store the environment setting |