| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* drop private-bin
* drop private-bin
* drop private-bin
* drop private-bin
* drop private-bin
* disable private-lib in tar.profile
Removing private-bin caused a test to fail - see discussion in https://github.com/netblue30/firejail/pull/3832. Thanks to @reinerh for explaining why I broke things!
|
|
|
|
|
|
|
|
|
|
|
| |
"Portable OpenBSD ksh, based on the Public Domain Korn Shell (pdksh)."
Project page: https://github.com/ibara/oksh
$ pacman -Q oksh
oksh 6.8.1-1
$ pacman -Qlq oksh | grep bin/
/usr/bin/
/usr/bin/oksh
|
|
|
|
|
|
|
| |
* New profiles for alacarte,tootle,photoflare
* Fix dbus
Co-authored-by: kortewegdevries <kortewegdevries@protonmail.ch>
|
|
|
|
|
| |
* fix gzip
* fix tar
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* harden 7z.profile
* harden atool.profile
* harden bsdtar.profile
* harden cpio.profile
* harden gzip.profile
* harden tar.profile
* harden unrar.profile
* harden unzip.profile
* harden xzdec.profile
* harden zstd.profile
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Create archiver-common.inc
* add apparmor to archiver-common.inc
* refactor 7z.profile
* refactor ar.profile
* refactor atool.profile
* refactor bsdtar.profile
* refactor cpio.profile
* refactor gzip.profile
* refactor tar.profile
* refactor unrar.profile
* refactor unzip.profile
* refactor xzdec.profile
* refactor zstd.profile
* rewording
* blacklist ${RUNUSER} in archiver-common.inc
Thanks to @rusty-snake for suggesting this.
* drop non-sensical ${RUNUSER}/wayland-* blacklisting in archiver-common.inc
See discussion in https://github.com/netblue30/firejail/pull/3820#discussion_r543523343
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
* drop non-sensical ${RUNUSER}/wayland-* blacklisting
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Rename etc/inc/softmaker-common.inc to etc/profile-m-z/softmaker-common.profile
As per suggestion by @rusty-snake in https://github.com/netblue30/firejail/pull/3819#issuecomment-745244982
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
* softmaker-common.profile name change
|
|
|
| |
Better fix for #3711, see discussion there.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Update and rename whitelist-players.inc to whitelist-player-common.inc
* renamed whitelist-player-common.inc
* renamed whitelist-player-common.inc
* renamed whitelist-player-common.inc
* renamed whitelist-player-common.inc
* renamed whitelist-player-common.inc
* renamed whitelist-player-common.inc
* renamed whitelist-player-common.inc
|
|
|
| |
Co-authored-by: fenuks <fenuks>
|
|
|
|
|
|
|
|
|
|
|
| |
* streamline comments
* streamline comments
* streamline comments
* streamline comments
* streamline comments
|
|\
| |
| | |
Create firejail-welcome.s
|
| |
| |
| |
| | |
typos, spelling and other fixes. thanks @reinerh for all these
|
| |
| |
| |
| | |
fix #3797 -- Get ride of all these u2f and drm issues
|
| | |
|
|\ \
| | |
| | | |
Dc add ldns
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
drill(1) from ldns is the first tool suggested on the Arch Wiki for DNS
lookup:
https://wiki.archlinux.org/index.php/Domain_name_resolution#Lookup_utilities
Home page: https://www.nlnetlabs.nl/projects/ldns/about/
$ pacman -Q ldns
ldns 1.7.1-2
$ pacman -Qlq ldns | grep bin
/usr/bin/
/usr/bin/drill
/usr/bin/ldns-chaos
/usr/bin/ldns-compare-zones
/usr/bin/ldns-config
/usr/bin/ldns-dane
/usr/bin/ldns-dpa
/usr/bin/ldns-gen-zone
/usr/bin/ldns-key2ds
/usr/bin/ldns-keyfetcher
/usr/bin/ldns-keygen
/usr/bin/ldns-mx
/usr/bin/ldns-notify
/usr/bin/ldns-nsec3-hash
/usr/bin/ldns-read-zone
/usr/bin/ldns-resolver
/usr/bin/ldns-revoke
/usr/bin/ldns-rrsig
/usr/bin/ldns-signzone
/usr/bin/ldns-test-edns
/usr/bin/ldns-testns
/usr/bin/ldns-update
/usr/bin/ldns-verify-zone
/usr/bin/ldns-version
/usr/bin/ldns-walk
/usr/bin/ldns-zcat
/usr/bin/ldns-zsplit
/usr/bin/ldnsd
|
| |/ |
|
| |
| |
| |
| |
| | |
* add curl HSTS support
* add HSTS support
|
| | |
|
|/
|
|
|
| |
* integrate relevant options into server.profile
* relax mdwe and dbus-system in server.profile
|
| |
|
| |
|
|
|
| |
Fixes #3805.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
- hopefully fix #3795 finally
- fix README.md codeblock
- blacklist ${HOME}/.texlive20*
|
| |
|
| |
|
| |
|
|\
| |
| | |
use openat2 syscall when available
|
| | |
|
| |
| |
| |
| | |
closes #3786; closes #3776
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add profile for authenticator-rs, improve falkon, balsa
* Fix
* Add private-tmp to falkon
* Revert balsa
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
Games folder must be whitelisted in a dolphin-emu.local
Its private-etc can likely be shortened
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- gimp: allow mbind syscall. no start on Fedora 33 without
- minetest: disable private-cache. without persistent cache connecting to servers can take many minutes
- supertuxkart: allow bluetooth protocol. stk can directly connect/pair to WiiMote controllers
- supertuxkart: comment private-dev to allow controller use
- profiles: unify controller support comments
- firecfg: comment evolution with a note, and add a note to epiphany #3647 + #2995
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Update build.yml
Currently we run all actions for all commits. This is not resource friendly. Let's tweak this a bit.
This commit adds support for "skip ci" tags (i.e. if the head commit contains [s k i p c i] (w/o the extra spaces used to escape here), no jobs are executed.
In addition are all commits which modify non-code files (e.g. README) only excluded.
Furthermore we should not run cppcheck and scan-build if only profiles are changed and sort.py need only to be execute if profiles are changed.
* Create sort.yml
* Update build.yml
profile-sort is now in sort.yml
* Update sort.yml
fix syntax
* Update codeql-analysis.yml
paths-ignore:
- CONTRIBUTING.md
- README
- README.md
- RELNOTES
- SECURITY.md
- 'etc/**'
* Create build-extra.yml
* Update build.yml
* Update build-extra.yml
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since version 3.0 Godot is supporting C# as a language for writing
scripts. The C# solution can be built directly in Godot editor using
MSBuild, which requires access to directory /etc/mono. This directory
contains configuration of Mono enviroment. If MSBuild don't have
access to this directory, it's not able to determine location of
DLL files and it's throwing System.DllNotFoundException at beginning
of the build process.
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| | |
cf. 9eb9e8d4c1b8995f0e7af4d604f3becd5dc91f62
No need to expect pid's in profile files.
|
| | |
|
| | |
|
| |
| |
| |
| | |
kernel >= 5.8 now translates mode "1" to "noaccess" and mode "2" to "invisible", which breaks
Firejail's hidepid detection
|
| | |
|