| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | |
|
| |\
| |
| | |
use openat2 syscall when available
|
| | | |
|
| | |
| |
| |
| | |
closes #3786; closes #3776
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add profile for authenticator-rs, improve falkon, balsa
* Fix
* Add private-tmp to falkon
* Revert balsa
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
Games folder must be whitelisted in a dolphin-emu.local
Its private-etc can likely be shortened
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
- gimp: allow mbind syscall. no start on Fedora 33 without
- minetest: disable private-cache. without persistent cache connecting to servers can take many minutes
- supertuxkart: allow bluetooth protocol. stk can directly connect/pair to WiiMote controllers
- supertuxkart: comment private-dev to allow controller use
- profiles: unify controller support comments
- firecfg: comment evolution with a note, and add a note to epiphany #3647 + #2995
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Update build.yml
Currently we run all actions for all commits. This is not resource friendly. Let's tweak this a bit.
This commit adds support for "skip ci" tags (i.e. if the head commit contains [s k i p c i] (w/o the extra spaces used to escape here), no jobs are executed.
In addition are all commits which modify non-code files (e.g. README) only excluded.
Furthermore we should not run cppcheck and scan-build if only profiles are changed and sort.py need only to be execute if profiles are changed.
* Create sort.yml
* Update build.yml
profile-sort is now in sort.yml
* Update sort.yml
fix syntax
* Update codeql-analysis.yml
paths-ignore:
- CONTRIBUTING.md
- README
- README.md
- RELNOTES
- SECURITY.md
- 'etc/**'
* Create build-extra.yml
* Update build.yml
* Update build-extra.yml
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Since version 3.0 Godot is supporting C# as a language for writing
scripts. The C# solution can be built directly in Godot editor using
MSBuild, which requires access to directory /etc/mono. This directory
contains configuration of Mono enviroment. If MSBuild don't have
access to this directory, it's not able to determine location of
DLL files and it's throwing System.DllNotFoundException at beginning
of the build process.
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| | |
cf. 9eb9e8d4c1b8995f0e7af4d604f3becd5dc91f62
No need to expect pid's in profile files.
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
kernel >= 5.8 now translates mode "1" to "noaccess" and mode "2" to "invisible", which breaks
Firejail's hidepid detection
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* allow access to gnome-shell search-provider in firefox.profile
Firefox has gnome-shell search-provider support since version 78:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1239694
- https://mastransky.wordpress.com/2020/09/25/firefox-gnome-shell-search-provider/
* add dbus filter for gnome-shell search-provider
|
| | |
| |
| |
| |
| |
| |
| |
| | |
- Lutris isn't added to firecfg just yet, needs more testing
- aria2c profile has a comment regarding Lutris/Winetricks,
but it shouldn't matter since it can't be nested
- Add commented wusc to wine.profile
- Add vulkan and zenity to wusc.inc
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| | |
Nitpick wording + added a commented disable-shell.inc
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
Miscellaneous whitelist-runuser-common fixes
|
| | | |
| | |
| | |
| | |
| | |
| | | |
If the GDM display manager runs with Wayland support, and it starts a
desktop environment other than (?) GNOME, the desktop environment will
use the `wayland-1` socket instead of the `wayland-0` socket.
|
| | | |
| | |
| | |
| | |
| | | |
We must ignore include `whitelist-runuser-common.profile`,
because it breaks Enigmail (TB 68) and GnuPG smartcard (TB 78) support.
|
| |\ \ \
| | | |
| | | | |
reimplement --private-cache using --tmpfs
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
reimplement --get using --cat
|
| | | | | | |
|
| | |_|/ /
|/| | |
| | | | |
Cfr. https://github.com/netblue30/firejail/pull/3517#issuecomment-664715880: element-desktop no longer uses ${HOME}/.config/Element (Riot).
|
| | | | |
| | | |
| | | | |
rm is needed to uninstall mods and delete game saves (worlds).
|
| | |/ /
|/| |
| | |
| | |
| | |
| | | |
- disable-common: read-only ${HOME}/.zfunc
- fix #3761 -- w3m with w3m-img installed does not display images when on virtual console/framebuffer
- yelp can be used to display manpages
|
| | | | |
|
| | | | |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
install libraries needed by fcopy when using private-lib
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Fixes #3741
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
* Add profile for straw-viewer
* Remove blacklist, fixes
|
| |\ \ \ \
| | | | |
| | | | | |
from my overrides
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
- add seccomp.block-secondary to a lot profiles
- add wruc to firefox-common and ignore it in TB and
firefox-common-addons
- harden dia, gnome-keyring, libreoffice, megaglest, pngquant,
ghostwriter, rhythmbox, sqlitebrowser
|
netblue30
netblue30
smitsohu
rusty-snake
kortewegdevries
Tad
RandomVoid
glitsj16
Kristóf Marussy
Liorst4
Reiner Herrmann