Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | add a profile for 1password (#4874) | Reed Riley | 2022-01-21 |
| | |||
* | fix: some firejail output goes to stdout instead of stderr #4328 | netblue30 | 2022-01-21 |
| | |||
* | more on pass utility | netblue30 | 2022-01-21 |
| | |||
* | adding netlink to --protocol list (#4605) | netblue | 2022-01-21 |
| | |||
* | allow apostrophe in whitelist/blacklist ( #4614) | netblue30 | 2022-01-21 |
| | |||
* | fix #4078 | netblue30 | 2022-01-21 |
| | |||
* | cleanup for previous commit | netblue30 | 2022-01-21 |
| | |||
* | fix attribute for /tmp/user in --private-tmp, and fix #4151 | netblue30 | 2022-01-21 |
| | |||
* | blacklist password store directory for pass package | netblue30 | 2022-01-21 |
| | |||
* | CI: don't try to install hostnames file | Reiner Herrmann | 2022-01-20 |
| | |||
* | signal-desktop: Allow Signal to open links in Firefox again (#4872) | Reed Riley | 2022-01-20 |
| | | | | Related to #4670. Firefox now does inter-process communication using dbus. | ||
* | hostnames -> static-ip-map | netblue30 | 2022-01-20 |
| | |||
* | profiles: enable deterministic shutdown for ssh (#4870) | Reiner Herrmann | 2022-01-20 |
| | | | | | | | | | | | | | ssh can start in master mode, which will spawn an additional long running process, which keeps connections to a server open, so that it can be reused by later connection attempts. But the lingering master process will prevent the jail from shutting down, when `firejail ssh` tries to exit. This breaks for example ansible when using a firejailed ssh, as it calls ssh with ControlMaster flags. deterministic-shutdown will kill the other process when the parent exits. | ||
* | steam.profile: allow /etc/vulkan (#4862) | Anton Shestakov | 2022-01-19 |
| | | | AMD Open Source Driver For Vulkan (amdvlk) installs ICD files to /etc/vulkan. | ||
* | rc1 is out, moving to rc2 | netblue30 | 2022-01-19 |
| | |||
* | rel 0.9.68rc1 testing0.9.68rc1 | netblue30 | 2022-01-18 |
| | |||
* | compile fix | netblue30 | 2022-01-18 |
| | |||
* | nettrace fixes | netblue30 | 2022-01-18 |
| | |||
* | gitlab-ci: fix debian_ci build (dh_missing hostnames) (#4865) | Kelvin M. Klann | 2022-01-18 |
| | | | | | | | | | | | | | | | Likely caused by commit 500a56efd ("more on nettrace", 2022-01-07). From the build log of "debian_ci" for the above commit[1]: make[1]: Leaving directory '/builds/Firejail/firejail_ci' dh_fixperms -Nfirejail debian/rules override_dh_missing make[1]: Entering directory '/builds/Firejail/firejail_ci' dh_missing -pfirejail --fail-missing dh_missing: warning: etc/firejail/hostnames exists in debian/tmp but is not installed to anywhere dh_missing: error: missing files, aborting [1] https://gitlab.com/Firejail/firejail_ci/-/jobs/1952432676 | ||
* | relnotes | smitsohu | 2022-01-18 |
| | |||
* | following up 493a0ef306a8b610f3ed6a1b88a4dbea25e8498b | smitsohu | 2022-01-18 |
| | |||
* | keep-fd cleanup | smitsohu | 2022-01-17 |
| | |||
* | some hardening | smitsohu | 2022-01-17 |
| | |||
* | gcov | smitsohu | 2022-01-17 |
| | |||
* | Bump github/codeql-action from 1.0.26 to 1.0.27 | dependabot[bot] | 2022-01-17 |
| | | | | | | | | | | | | | | | Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.26 to 1.0.27. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5f532563584d71fdef14ee64d17bafb34f751ce5...cd783c8a29bdcf5a5c79c5137889e24651fa626c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> | ||
* | more compile warnings | netblue30 | 2022-01-16 |
| | |||
* | compile warnings | netblue30 | 2022-01-16 |
| | |||
* | disable pipewire with --nosound | netblue | 2022-01-16 |
| | |||
* | compile warnings | netblue30 | 2022-01-16 |
| | |||
* | more on nettrace | netblue30 | 2022-01-16 |
| | |||
* | Merge pull request #4856 from smitsohu/fildes | netblue30 | 2022-01-16 |
|\ | | | | | keep-fd option (#4845) | ||
| * | keep-fd option (#4845) | smitsohu | 2022-01-14 |
| | | |||
* | | Merge pull request #4851 from kmk3/groups-keep-vglusers | netblue30 | 2022-01-16 |
|\ \ | | | | | | | Keep vglusers group unless no3d is used (virtualgl) | ||
| * | | Keep vglusers group unless no3d is used (virtualgl) | Kelvin M. Klann | 2022-01-12 |
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | virtualgl[1] runs `chown root:vglusers` on `/dev/nvidia*` and on devices usually owned by the "render" group[2]. This makes them unavailable in the sandbox if `noroot` (which causes groups to be dropped) is used. Since firejail classifies all of the aforementioned devices as being `DEV_3D` on fs_dev.c (which means that they are controlled by `no3d`), treat the "vglusers" group the same as the "render" group (by always keeping "vglusers" unless `no3d` is used). See the discussion on #2042 (from this comment[3] onwards). [1] https://virtualgl.org [2] https://github.com/VirtualGL/virtualgl/blob/6f0b90be02d13171dfdfffb112485f4091a5904f/server/vglserver_config#L393 [3] https://github.com/netblue30/firejail/issues/2042#issuecomment-1007468715 Reported-by: @JCallicoat | ||
* | | RELNOTES: add missing noprinters pr reference | Kelvin M. Klann | 2022-01-16 |
| | | | | | | | | Relates to #4827. | ||
* | | profiles: extend raincat's private-etc list | Reiner Herrmann | 2022-01-14 |
| | | |||
* | | profiles: sort and drop trailing commas | Reiner Herrmann | 2022-01-14 |
| | | |||
* | | raincat | netblue30 | 2022-01-14 |
| | | |||
* | | profiles: sort paths | Reiner Herrmann | 2022-01-14 |
| | | |||
* | | profiles: sort private-bin in warzone2100.profile | Reiner Herrmann | 2022-01-14 |
| | | |||
* | | fix warzone2100 (Debian 11) | netblue30 | 2022-01-13 |
| | | |||
* | | Merge pull request #4853 from glitsj16/wget2-fixes | glitsj16 | 2022-01-13 |
|\ \ | | | | | | | wget2 fixes | ||
| * | | seperate wget/wget2 rc files | glitsj16 | 2022-01-13 |
| | | | |||
| * | | add wget2rc to disable-programs.inc | glitsj16 | 2022-01-13 |
|/ / | |||
* | | Merge pull request #4852 from glitsj16/wget2 | glitsj16 | 2022-01-13 |
|\ \ | |/ |/| | Add wget2 support | ||
| * | add wget2 to 'New profiles' section | glitsj16 | 2022-01-13 |
| | | |||
| * | add wget2 to firecfg.config | glitsj16 | 2022-01-13 |
| | | |||
| * | support wget2 in youtube-viewers-common.profile | glitsj16 | 2022-01-13 |
| | | |||
| * | support wget2 in steam.profile | glitsj16 | 2022-01-13 |
| | | |||
| * | blacklist wget2 in firefox-common.profile | glitsj16 | 2022-01-13 |
| | |