Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | update and harden file.profile | smitsohu | 2019-08-11 |
| | |||
* | added 'noblacklist ${PICTURES}' to mpv.profile (#2898) | veloute | 2019-08-11 |
| | | | | | | | | * added 'noblacklist ${PICTURES}' to mpv.profile * Update mpv.profile fix typo | ||
* | rewrite/partial revert of 8bff773d6a7bf70c97b3d5b751df9ec0dd6c8b5d | smitsohu | 2019-08-09 |
| | | | | | | | the commit in question introduced an early check of Firejail configuration file, which broke "firejail in firejail" for some sandboxes. see issue #2877 | ||
* | Fix printer detection in okular and gwenview | Vincent43 | 2019-08-07 |
| | |||
* | integrate private home options with nosound and x11 none | smitsohu | 2019-08-07 |
| | | | | fixes #2867 | ||
* | private home: don't create unused temporary files | smitsohu | 2019-08-07 |
| | |||
* | update gitignore | smitsohu | 2019-08-07 |
| | |||
* | Fix #2866 -- private-etc needed fedora-release (#2890) | Jiri | 2019-08-05 |
| | | | | * Fix #2866 -- private-etc needed os-release,redhat-release,system-release,system-release-cpe | ||
* | Update README.md and RELNOTES [skip ci] | rusty-snake | 2019-08-05 |
| | |||
* | Merge pull request #2871 from rusty-snake/add-rsync.profile | rusty-snake | 2019-08-05 |
|\ | | | | | Create rsync.profile | ||
| * | add usage to rsync-download_only.profile | rusty-snake | 2019-08-05 |
| | | |||
| * | rename rsync.profile to rsync-download_only.profile | rusty-snake | 2019-08-01 |
| | | |||
| * | update comment | rusty-snake | 2019-07-30 |
| | | |||
| * | Create rsync.profile | rusty-snake | 2019-07-25 |
| | | |||
* | | Fix #2866 -- private-etc needed debian_version | Fred Barclay | 2019-08-04 |
| | | |||
* | | blacklist kwalletrc | smitsohu | 2019-08-01 |
| | | |||
* | | misc profile fixes (Debian 10 related) | smitsohu | 2019-08-01 |
| | | |||
* | | tune pam-tmpdir file permissions | smitsohu | 2019-08-01 |
| | | |||
* | | some profile fixups (followup) | rusty-snake | 2019-08-01 |
| | | | | | | | | | | - fix sorting and private-etc, thanks to @glitsj16 for catching this - add some missing to private-bin in firefox (still need more testing) | ||
* | | some profile fixups | rusty-snake | 2019-08-01 |
| | | | | | | | | | | | | - add a private-bin to firefox for fedora (still need testing) - add a temporary workaround for #2877 ghostwriter sience this break export and preview with pandoc - remove 'name slack' from slack.profile sience this is the only profile with name | ||
* | | Merge pull request #2883 from flacks/profiles/whalebird | SkewedZeppelin | 2019-08-01 |
|\ \ | | | | | | | Add Whalebird profile | ||
| * | | Add Whalebird profile | Jean Lucas | 2019-07-31 |
| | | | |||
* | | | profiles: misc fixes | Tad | 2019-08-01 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - pluma: sync private-lib from gedit to fix crashes 5e220b2da502bdcaf0f6188779e8bb0e37c9c414 - checkbashisms: fix missing library needed under CentOS 7 of note: - yelp complains about /etc/pki but lacks network access anyway under openSUSE Tumbleweed - gedit is broken, see #2207 - onionshare-gui is broken, unrelated to firejail under CentOS 7 - chromium-common is broken, commenting private-dev fixes, potentially related to firejail, there are SELinux denials for /dev/urandom under Fedora and CentOS 7 - gnome-system-log is broken, as it is a script that calls logview using pkexec, consider commenting in firecfg? | ||
* | | | Merge pull request #2885 from flacks/profiles/tor-browser | SkewedZeppelin | 2019-08-01 |
|\ \ \ | | | | | | | | | Add new Tor Browser alias | ||
| * | | | Add new Tor Browser alias | Jean Lucas | 2019-07-31 |
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | - tor-browser in the AUR is an international package; all other individual language variants have been removed, so, add new alias - Add 'tor-browser' and 'mv' to private-bin in launcher profile ('mv' is required when upgrading tor-browser versions) - Add 'tor-browser' to firecfg.config - Add config dir to disable-programs.inc | ||
* | | | Merge pull request #2884 from flacks/profiles/itch | SkewedZeppelin | 2019-08-01 |
|\ \ \ | |/ / |/| | | Update itch profile | ||
| * | | Update itch profile | Jean Lucas | 2019-07-31 |
|/ / | | | | | | | itch now also uses ~/.itch for application updates | ||
* | | Merge pull request #2881 from flacks/profiles/zulip | rusty-snake | 2019-07-31 |
|\ \ | | | | | | | Add Zulip profile | ||
| * | | Corrections | Jean Lucas | 2019-07-31 |
| | | | | | | | | | | | | | | | | | | - Add Zulip config dir to disable-programs.inc - Add disable-xdg.inc to Zulip profile - Add Zulip to firecfg.config | ||
| * | | Add Zulip profile | Jean Lucas | 2019-07-31 |
|/ / | |||
* | | Add tb-starter-wrapper.profile (#2863) | rusty-snake | 2019-07-28 |
| | | |||
* | | Update pull_request_template.md | rusty-snake | 2019-07-28 |
| | | |||
* | | fix ghostwriter | rusty-snake | 2019-07-28 |
| | | |||
* | | fix private-tmp/pam-tmpdir interaction - #2685 | smitsohu | 2019-07-27 |
| | | |||
* | | update version table | Reiner Herrmann | 2019-07-26 |
| | | |||
* | | Remove private-cache from unzip | glitsj16 | 2019-07-26 |
|/ | | | The `private-cache` option breaks electron related builds (see [this](https://github.com/minbrowser/min/issues/793) for an example). | ||
* | fix file-roller.profile | rusty-snake | 2019-07-25 |
| | |||
* | update private-bin for tbb | rusty-snake | 2019-07-25 |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2019-07-25 |
|\ | |||
| * | fix make scan-build for debian 10 and arch | netblue30 | 2019-07-22 |
| | | |||
| * | fix make cppcheck for debian 10 | netblue30 | 2019-07-22 |
| | | |||
| * | snap cleanup - #2865 | netblue30 | 2019-07-22 |
| | | |||
| * | Update syscalls.txt | rusty-snake | 2019-07-22 |
| | | | | | | | | | | | | * remove mincore * add @default without chroot * add @default-nodebuggers without chroot | ||
* | | fix whitelisting for homedirs outside /home | smitsohu | 2019-07-25 |
| | | |||
* | | fix verbosity for non-authorized user | smitsohu | 2019-07-22 |
|/ | | | | | | users not in firejail.users should only see the error, not the symlink warning. Also exposes less code to non- authorized users. | ||
* | merges | rusty-snake | 2019-07-18 |
| | |||
* | fix gucharmap & add gnome-characters, gnome-character-map | rusty-snake | 2019-07-18 |
| | |||
* | use allow-debuggers in spectre-meltdown-checker | rusty-snake | 2019-07-18 |
| | |||
* | Harden gnome-schedule | glitsj16 | 2019-07-18 |
| | | | Let's disable using a terminal for cron job testing by default and make this a whitelist profile. | ||
* | travis ci: add enable-fatal-warnings | smitsohu | 2019-07-18 |
| |