| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following errors:
$ make clean
[...]
cd test/compile; ./compile.sh --clean; cd ../..
./compile.sh: line 55: TARNAME: command not found
./compile.sh: line 55: VERSION: command not found
This amends commit 200f389ed ("build: use config.sh in more scripts",
2023-07-28) / PR #5927.
|
|\
| |
| | |
build(deps): Update step-security/harden-runner and update allowed endpoints
|
| |
| |
| |
| | |
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
|
|/
|
|
| |
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following errors:
$ make codespell
[...]
codespell --ignore-regex "UE|creat|doas|shotcut|ether" src test
src/firemon/procevent.c:188: duble ==> double
src/fnettrace/main.c:30: postive ==> positive
src/fnettrace/main.c:30: defiend ==> defined
src/fnettrace/main.c:482: isplay ==> display
make: *** [Makefile:371: codespell] Error 65
$ codespell --version
2.2.5
Added in the following commits:
* bef5d86a1 ("increase socket buffer size for firemon, bug #2700",
2019-09-29)
* c4962789f ("nettrace stats", 2023-08-08)
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes:
* comment `include whitelist-common.inc` when using `private`
* drop `private` on profiles that access files in `${HOME}`
* use `#` in comments
Relates to #903.
|
| |
| |
| |
| |
| |
| |
| | |
This fixes 0ad not opening on OpenSUSE Tumbleweed due to a "Permission
denied" error when trying to open "libmozjs-78.so.0".
See this issue that describes it all:
https://github.com/netblue30/firejail/issues/5938#issue-1833607321
|
| |
| |
| |
| |
| | |
* firecfg.config: add support for clac
* Create clac.profile
|
| | |
|
| |\
| | |
| | | |
build: firecfg.config sorting improvements
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently the CI check does not consider certain special characters
(such as `-`) when sorting due to `sort -d`.
So remove `-d`, sort firecfg using `LC_ALL=C` and enforce that order.
Also add `sort -u` to check for duplicates.
This also allows the CI check to ignore normal comments (lines starting
with `# `) anywhere in the file.
Relates to #4643.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Remove the space after `#` for commented code and use `#` instead of `-`
for comments at the end of the line.
Commands used to search and replace:
$ f=src/firecfg/firecfg.config; printf '%s\n' "$(sed -E \
-e '3,9999s/^# /#/' \
-e '3,9999s/^#([^ ]+) --? /#\1 # /' \
"$f")" >"$f"
|
| |\ \
| | |/
| |/| |
mpv.profile: add XDG_CACHE_HOME & missing paths
|
| | |
| | |
| | |
| | |
| | |
| | | |
On the profiles that allow ~/.config/mpv.
Relates to #5936.
|
| | |
| | |
| | |
| | |
| | | |
The programs in question do not create these files; they have to be
created manually.
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
mpv v0.36.0 uses ~/.cache/mpv[1] [2]:
Relates to #2838 #5936.
[1] https://github.com/mpv-player/mpv/releases/tag/v0.36.0
[2] https://github.com/mpv-player/mpv/pull/10838
|
| |
| |
| |
| |
| |
| |
| | |
The new version of mpv changed the path of the watch_later folder to
~/.local/state/mpv/watch_later.
See https://github.com/mpv-player/mpv/pull/10838
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Create reader.profile
* firecfg.config: add reader support
* reader: integrate review suggestions
- blacklist whole ${RUNUSER}
- drop x11 none
* reader: fix 'x11 none'
|
| |
| |
| |
| |
| | |
* firecfg.config: add daisy support
* Create daisy.profile
|
| |
| |
| |
| |
| | |
* disable-programs.inc: add new gramps dir
* gramps: add new config dir
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.0 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/1813ca74c3faaa3a2da2070b9b8a0b3e7373a0d8...0ba4244466797eb048eb91a6cd43d5c03ca8bd05)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/55d479fb1c5bcad5a4f9099a5d9f37c8857b2845...cba0d00b1fc9a034e1e642ea0f1103c282990604)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
| |
| |
| | |
Relates to #5916 #5927.
|
| |\
| | |
| | | |
build: fix some shellcheck issues & use config.sh in more scripts
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This removes the need to manually pass variables such as `$(TARNAME)`
and `$(VERSION)` to shell scripts in the root Makefile.
Relates to #5140.
|
| |/ |
|
|/ |
|
|\ |
|
| |\
| | |
| | | |
build: dist and asc improvements
|
| | |
| | |
| | |
| | |
| | |
| | | |
Similarly to mkdeb.sh.
Relates to #5140.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The clean target is currently enough to remove all generated files other
than the ones directly in the root directory, so to simplify the dist
target, make it depend on clean instead of distclean.
See commit 5f2785290 ("build: remove unnecessary distclean targets",
2023-07-15) / PR #5911.
Relates to #5142 #5182.
|
| | |
| | |
| | |
| | |
| | | |
The only other svn-related code seems to have been removed on commit
7e1c057ae ("make testing", 2016-04-23).
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is breaking build-clang on CI[1]:
make -C src/fnetlock/
make[1]: Entering directory '/home/runner/work/firejail/firejail/src/fnetlock'
clang-14 [...] -c main.c -o main.o
main.c:97:11: error: variable 'bw' set but not used [-Werror,-Wunused-but-set-variable]
unsigned bw = 0; // bandwidth calculations
^
1 error generated.
make[1]: *** [../../src/prog.mk:16: main.o] Error 1
make: *** [Makefile:58: src/fnetlock/fnetlock] Error 2
Added on commit 8e4b847cd ("split nettrace executable ^Cto netrace and
netlock", 2023-07-25).
[1]: https://github.com/netblue30/firejail/actions/runs/5669072674/job/15361026508
Cc: @netblue30
|
|/ / |
|
|\ \ |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
* audacious: D-Bus hardening
* audacious: add noprinters
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* disable-programs.inc: add sniffnet support
* Create sniffnet.profile
* firecfg.config: add sniffnet support
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | | |
Co-authored-by: pirate486743186 <>
|
| | | |
|
| | | |
|
|/ / |
|