aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
...
| | * Make sure that we are unprivileged before creating the trace log file.Libravatar Glenn Washburn2019-08-29
| | |
| | * When running builder trace output should go to separate file because (1) ↵Libravatar Glenn Washburn2019-08-29
| | | | | | | | | | | | trace output is logged to console, which is a pain to capture, and (2) it should not be mingled with program output anyway, which it was when sending to stdout.
| | * Update man page to note that --trace can now take an optional parameter.Libravatar Glenn Washburn2019-08-29
| | |
| | * Allow firejail --trace option to take an optional parameter which is the ↵Libravatar Glenn Washburn2019-08-29
| | | | | | | | | | | | trace log file path. The trace log file will be created if it does not exist and then bind mounted to RUN_TRACE_FILE so that the sandboxed program can access it.
| | * Allow libtrace preload library to use for trace output a logfile specified ↵Libravatar Glenn Washburn2019-08-29
| | | | | | | | | | | | by the environment variable FIREJAIL_TRACEFILE or as the RUN_TRACE_FILE if it exists ortherwise use the console as before.
| | * Fix issue where strace output file path has leading space making it an ↵Libravatar Glenn Washburn2019-08-29
| | | | | | | | | | | | invalid path.
| | * Better debug handling.Libravatar Glenn Washburn2019-08-29
| | |
| | * Profile builder helper should use correct firejail binary path.Libravatar Glenn Washburn2019-08-29
| |/ |/|
* | Merge branch 'master' of https://github.com/netblue30/firejailLibravatar netblue302019-08-29
|\ \
| * \ Merge pull request #2928 from topimiettinen/seccomp-more-groupsLibravatar netblue302019-08-29
| |\ \ | | | | | | | | Add further seccomp groups
| | * | Add further seccomp groupsLibravatar Topi Miettinen2019-08-28
| | | | | | | | | | | | | | | | Get further seccomp group definitions from systemd.
* | | | readme/relnotesLibravatar netblue302019-08-29
|/ / /
* | | fix previous mergeLibravatar netblue302019-08-29
| | |
* | | Merge pull request #2926 from topimiettinen/seccomp-allow-exceptionsLibravatar netblue302019-08-29
|\ \ \ | | | | | | | | Allow exceptions to seccomp lists
| * \ \ Merge branch 'master' into seccomp-allow-exceptionsLibravatar netblue302019-08-29
| |\ \ \ | |/ / / |/| | |
* | | | seccomp numeric testingLibravatar netblue302019-08-28
| | | |
* | | | Merge pull request #2929 from aoand/masterLibravatar netblue302019-08-28
|\ \ \ \ | | | | | | | | | | seccomp fix: allow numeric syscalls
| * | | | seccomp fix: allow numeric syscallsLibravatar aoand2019-08-26
|/ / / / | | | | | | | | | | | | as per man page, numeric syscall is indicated by the dollar sign '$'
* | | | Fix private-bin order in ghostwriter.profileLibravatar glitsj162019-08-26
| | | |
* | | | Fix order of private-cache in mpsyt.profileLibravatar glitsj162019-08-26
| | | |
* | | | Fic private-etc ordering for gnome-scheduleLibravatar glitsj162019-08-26
| | | |
* | | | misc fixesLibravatar rusty-snake2019-08-26
| | | | | | | | | | | | | | | | | | | | | | | | - fix for #2038 - update RELNOTES - fix #2925
* | | | many profile fixes (1)Libravatar rusty-snake2019-08-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - add novideo to a lot of profiles (there are still more profiles where novideo can be added) - remove commente mdwe from some gnome applications - add descriptions to some profiles - blacklist ${HOME}/.cargo/credentials - move ${HOME}/.git-credentials and ${HOME}/.git-credential-cache to 'top secret' in disable-common.inc - some ordering in disable-programs.inc - merge tor browser blacklists to ${HOME}/.tor-browser* - qupzilla.profile redirect to falkon.profile - blacklist gnome-builder paths - fix transmission profiles inlude - much more
* | | | add support for seccomp to sort.py [skip ci]Libravatar rusty-snake2019-08-25
| | | |
* | | | fix shebang in some contrib scripts [skip ci]Libravatar rusty-snake2019-08-25
| | | |
* | | | harden strings profileLibravatar smitsohu2019-08-25
| |/ / |/| |
| * | Allow exceptions to seccomp listsLibravatar Topi Miettinen2019-08-25
|/ / | | | | | | | | | | | | Prefix ! can be used to make exceptions to system call blacklists and whitelists used by seccomp, seccomp.drop and seccomp.keep. Closes #1366
* | Merge pull request #2921 from rusty-snake/allow-common-devel.incLibravatar rusty-snake2019-08-22
|\ \ | | | | | | Introduce allow-common-devel.inc
| * | add allow-common-devel to more profilesLibravatar rusty-snake2019-08-22
| | |
| * | Introduce allow-common-devel.incLibravatar rusty-snake2019-08-22
| | |
* | | update syscalls.txtLibravatar rusty-snake2019-08-22
| | |
* | | various fixes and improvementsLibravatar rusty-snake2019-08-22
|/ / | | | | | | | | | | | | | | | | | | | | | | - install contrib/syscalls.sh - add GitLab-CI status to README.md - read-only ${HOME}/.cargo/env - move blacklist ${HOME}/.cargo/registry, ${HOME}/.cargo/config to disable-programs - typo in man firejail firejail-profiles firecfg - better descriptions in man firejail-profiles - fixes in man firejail - template descriptions in firejail-profiles
* | Enable private-bin in transmission-daemonLibravatar glitsj162019-08-21
| |
* | Enable private-bin in transmission-cliLibravatar glitsj162019-08-21
| |
* | Fix private-etc order in i2prouterLibravatar glitsj162019-08-21
| |
* | Fix teamspeak3Libravatar glitsj162019-08-21
| | | | | | Fixes #2901.
* | Merge pull request #2919 from corecontingency/masterLibravatar rusty-snake2019-08-21
|\ \ | | | | | | Profiles: add I2P
| * | added i2prouter to firecfgLibravatar core_contingency2019-08-21
| | |
| * | Applied further suggestions from code reviewLibravatar core_contingency2019-08-21
| | |
| * | Apply suggestions from code review Libravatar corecontingency2019-08-21
| | | | | | | | | | | | | | | Changed to default seccomp Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
| * | profiles: add i2pLibravatar core_contingency2019-08-21
| | |
* | | Drop fonts from private-etc in transmission-remote-cliLibravatar glitsj162019-08-21
|/ / | | | | Thanks @rusty-snake for catching this!
* | Refactor transmission profiles (#2920)Libravatar glitsj162019-08-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor transmission-cli * Create transmission-common.profile * Refactor transmission-create * Refactor transmission-daemon * Refactor transmission-edit * Refactor transmission-gtk * Refactor transmission-qt * Refactor transmission-remote-cli * Refactor transmission-remote-gtk * Refactor transmission-remote * Refactor transmission-show
* | Fix revert of previous trace fix. The issue was that programs were crashing ↵Libravatar Glenn Washburn2019-08-21
| | | | | | | | because libtrace hooked libc calls were being executed before the libtrace library was initialized. This was due to other loaded libraries being initialized first.
* | fix #2912 and update CONTRIBUTING.mdLibravatar rusty-snake2019-08-19
| |
* | fix private-bin for tb-starter-wrapper #2863Libravatar rusty-snake2019-08-19
| |
* | noblacklist but no blacklist (#2886)Libravatar rusty-snake2019-08-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * beginn fixup * continue * continue * continue * continue * continue * continue
* | readmeLibravatar netblue302019-08-18
| |
* | Merge pull request #2909 from gm10/fix-get_userLibravatar netblue302019-08-18
|\ \ | | | | | | get_user() do not use the unreliable getlogin()
| * | get_user() do not use the unreliable getlogin()Libravatar gm102019-08-13
| | |
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-18 13:33:58 +0000