Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Update dig.profile (#2236) | glitsj16 | 2018-11-05 |
| | |||
* | removed transfer.sh support from travis build | netblue30 | 2018-11-05 |
| | |||
* | fix --bandwidth command | netblue30 | 2018-11-05 |
| | |||
* | profile fixes for recursive read-write mounts | smitsohu | 2018-11-04 |
| | | | | | | | read-write and read-only are applied in sequence, don't override read-only restrictions in ~/.local/share issue #2200 | ||
* | recursive remounts: add fallback for old kernels, some improvements | smitsohu | 2018-11-04 |
| | | | | | | | | | | | * vanilla kernels before 3.15 don't expose a mount id in /proc/pid/fdinfo files. This is still relevant on Ubuntu 14.04 with 3.13 kernel, CentOS 7 doesn't have this problem. In this case fall back to simple a remount and print a warning. * drop euid switching as it doesn't really serve a purpose here (paths are not opened in reading or writing mode, and we are not doing anything with it) and potentially causes problems when suid programs are sandboxed * more rigorous error handling | ||
* | mount appimages nodev,nosuid | smitsohu | 2018-11-04 |
| | |||
* | fs_whitelist: minor mountinfo check improvement, cleanup | smitsohu | 2018-11-04 |
| | |||
* | Fix gitlab badge link | Fred-Barclay | 2018-11-03 |
| | |||
* | Begin using gitlab for building to save time on auto code tests. | Fred-Barclay | 2018-11-02 |
| | | | | | | | | | | | | | | | | | | Code tests are still run on Travis CI, but distro-specific builds are run on GitLab CI. Currently these are used: 1. Debian stable 2. Ubuntu latest 3. CentOS latest 4. Fedora latest 5. Alpine Debian and CentOS are for testing builds on older systems, for *.deb vs *.rpm, respectively. Ubuntu and Fedora are for testing builds on the latest **stable** systems for *.deb and *.rpm. Alpine is used to test building/installing from source. All run concurrently. In the future may expand tests on Gitlab to cover code testing as well. | ||
* | Add Mendeley profile | Fred-Barclay | 2018-11-02 |
| | |||
* | Merge pull request #2227 from alexara/alexara-patch-1 | Reiner Herrmann | 2018-11-01 |
|\ | | | | | Expanded the comment about nodbus breaking stuff | ||
| * | Expanded the comment about nodbus breaking stuff | alexara | 2018-10-30 |
|/ | | | | | | As I figured out nodbus may break the streaming experience with Firefox 63.0 on Plasma 5.14.2, Framework 5.51.0 * KDE Connect: Users won't be able to control a stream with KDE Connect anymore * power management: During a stream the screen may dim or turn off | ||
* | adding --net.print command line option | netblue30 | 2018-10-29 |
| | |||
* | aisleriot profile | netblue30 | 2018-10-28 |
| | |||
* | aisleriot | netblue30 | 2018-10-28 |
| | |||
* | fix busybox workaround | smitsohu | 2018-10-28 |
| | | | issue obtained with busybox 1.27.2 | ||
* | little tweaks, cosmetic changes | smitsohu | 2018-10-26 |
| | |||
* | Merge pull request #2218 from smitsohu/mounts2 | netblue30 | 2018-10-26 |
|\ | | | | | experimental: remounts child mount points as well | ||
| * | cleanup | smitsohu | 2018-10-25 |
| | | |||
| * | fix: return with euid 0 | smitsohu | 2018-10-25 |
| | | |||
| * | experimental: remounts child mount points as well (read-only, read-write, ↵ | smitsohu | 2018-10-25 |
|/ | | | | noexec) | ||
* | merges | netblue30 | 2018-10-24 |
| | |||
* | Merge pull request #2213 from announ/patch-1 | netblue30 | 2018-10-24 |
|\ | | | | | git.profile: Disable blacklist for default Oh My Zsh directory | ||
| * | git.profile: Disable blacklist for default Oh My Zsh directory | announ | 2018-10-24 |
| | | |||
* | | Merge pull request #2178 from glitsj16/atool | netblue30 | 2018-10-24 |
|\ \ | |/ |/| | Fix atool for UID/GID > 1000 | ||
| * | Fix atool for UID/GID > 1000 | glitsj16 | 2018-10-13 |
| | | |||
* | | reverting to 0.9.57 | netblue30 | 2018-10-21 |
| | | |||
* | | apparmor test | netblue30 | 2018-10-21 |
| | | |||
* | | Add QOwnNotes profile | Fred-Barclay | 2018-10-20 |
| | | |||
* | | improve some error messages | smitsohu | 2018-10-17 |
| | | |||
* | | improve clean_pathname function | smitsohu | 2018-10-17 |
| | | |||
* | | fs_whitelist: cache length of home directory string | smitsohu | 2018-10-17 |
| | | |||
* | | fix #2197 | netblue30 | 2018-10-17 |
| | | |||
* | | Merge pull request #2199 from crass/fix-2142-firefox-sandbox-appimage | netblue30 | 2018-10-17 |
|\ \ | | | | | | | Fix #2142: Firefox appimage fails because it needs non-default seccomp | ||
| * | | Do not override user provided seccomp lists when in chroot/overlay/appimage, ↵ | Glenn Washburn | 2018-10-16 |
| | | | | | | | | | | | | but to use the default if none is provided. | ||
* | | | Merge pull request #2201 from SkewedZeppelin/u2f-ap | netblue30 | 2018-10-17 |
|\ \ \ | | | | | | | | | Add nou2f to all profiles | ||
| * | | | Add nou2f to all profiles | Tad | 2018-10-15 |
| | | | | | | | | | | | | | | | | - Closes #2194 | ||
* | | | | Fix doc: A more accurate example of profile loading by profile name. | Glenn Washburn | 2018-10-17 |
| | | | | |||
* | | | | Fix docs on default seccomp list: change mfsservctl -> nfsservctl and ↵ | Glenn Washburn | 2018-10-17 |
| | | | | | | | | | | | | | | | | reorder, add ni_syscall, remove duplicate process_vm_writev, add sys_debug_setcontext. | ||
* | | | | Merge pull request #2156 from crass/improve-include-handling | crass | 2018-10-17 |
|\ \ \ \ | | | | | | | | | | | Improve include handling | ||
| * | | | | Remove "/etc/firejail/" from all include paths, now that profile_read will ↵ | Glenn Washburn | 2018-10-17 |
| | | | | | | | | | | | | | | | | | | | | search for the file. | ||
| * | | | | Update profile manpage to detail added "include" functionality. | Glenn Washburn | 2018-10-17 |
| | | | | | |||
| * | | | | Allow include to search userdir then systemdir for "bare" profile file names. | Glenn Washburn | 2018-10-17 |
|/ / / / | |||
* | | | | Merge pull request #2158 from crass/profile_conditional | crass | 2018-10-17 |
|\ \ \ \ | | | | | | | | | | | #2158: Add support for rudimentary conditionals in profiles | ||
| * | | | | Update documentation for profile conditionals. | Glenn Washburn | 2018-10-16 |
| | | | | | |||
| * | | | | Add support for rudimentary conditionals in profiles, currently only the ↵ | Glenn Washburn | 2018-10-16 |
| | |/ / | |/| | | | | | | | | | | HAS_APPIMAGE conditional is supported. | ||
* | | | | firejail.config: clarify disable-mnt behaviour | Vincent43 | 2018-10-16 |
| | | | | |||
* | | | | manpages: update disable-mnt description | Vincent43 | 2018-10-16 |
|/ / / | | | | | | | This will better match current code. | ||
* | | | Merge branch 'improve-profile-handling' | Glenn Washburn | 2018-10-15 |
|\ \ \ | |/ / |/| | | |||
| * | | Update man pages and usage to reflect --profile enhancement. | Glenn Washburn | 2018-10-15 |
| | | |