| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | |
| | |
| | | |
Co-authored-by: pirate486743186 <>
|
| | | |
| | |
| | |
| | |
| | | |
This amends commit e2631b40d ("steam.profile: fix breakage with newer
Proton-GE (process_vm_readv)", 2022-08-20).
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As reported by @rsramkis on #5185, upgrading from Proton-7.2-GE-2[1]
(released on 2022-02-14) to GE-Proton7-18[2] (released on 2022-05-19)
breaks logging in on World of Tanks Blitz unless the `process_vm_ready`
32-bit syscall is allowed[3], so allow it.
Fixes #5185.
[1] https://github.com/GloriousEggroll/proton-ge-custom/releases/tag/7.2-GE-2
[2] https://github.com/GloriousEggroll/proton-ge-custom/releases/tag/GE-Proton7-18
[3] https://github.com/netblue30/firejail/issues/5185#issuecomment-1152350336
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.18 to 2.1.19.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/2ca79b6fa8d3ec278944088b4aa5f46912db5d63...f5d217be74900c6ac8fbbe53f3c10376ba4e64da)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | | |
| | |
| | |
| | |
| | | |
This amends commit 7f3b6c19a ("Add support for custom AppArmor profiles
(--apparmor=)", 2022-07-25) / PR #5274.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Some man pages are missing it.
This amends commit aacd2e7d8 ("docs: set vim filetype on man pages for
syntax highlighting", 2022-08-04) / PR #5296.
|
| | | |
| | |
| | |
| | | |
Relates to #5207.
|
| | | |
| | |
| | |
| | | |
Relates to #4939 #5259.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Relates to #5288 #5290 #5296 #5310.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
And fix a typo of "implemented".
Relates to #4939 #5259.
|
| | | |
| | |
| | |
| | | |
Relates to #5274 #5316 #5317.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Which were removed on commit d4323ae26 ("merges", 2022-08-14).
Relates to #5283 #5284.
|
| | |/
|/| |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
makedeb profile creation
|
| | |/ |
|
| |\ \
| | |
| | | |
build: add and use TARNAME instead of NAME for paths
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
PACKAGE_TARNAME is the same as PACKAGE_NAME but normalized, so it should
be safer to use in paths. For example, on a downstream project, if
spaces or shell metacharacters are added to the package name, a path
that uses PACKAGE_TARNAME should keep working.
From the manual of GNU Autoconf (version 2.69):
> -- Macro: AC_INIT (PACKAGE, VERSION, [BUG-REPORT], [TARNAME], [URL])
> Process any command-line arguments and perform initialization and
> verification.
>
> Set the name of the PACKAGE and its VERSION. These are typically
> used in '--version' support, including that of 'configure'. The
> optional argument BUG-REPORT should be the email to which users
> should send bug reports. The package TARNAME differs from
> PACKAGE: the latter designates the full package name (e.g., 'GNU
> Autoconf'), while the former is meant for distribution tar ball
> names (e.g., 'autoconf'). It defaults to PACKAGE with 'GNU '
> stripped, lower-cased, and all characters other than
> alphanumerics and underscores are changed to '-'.
Note also that by default (on autoconf v2.69), `docdir=@docdir@` in
config.mk.in expands to the following in config.mk:
docdir=${datarootdir}/doc/${PACKAGE_TARNAME}
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
That expands to `@PACKAGE_TARNAME@`, similar to the existing
PACKAGE_TARNAME variable.
To make it easier to use (and read) and to be more consistent with the
surrounding variables (NAME and VERSION).
Note that the original PACKAGE_TARNAME is still needed, as by default
(on autoconf v2.69) `docdir=@docdir@` in config.mk.in expands to the
following in config.mk:
docdir=${datarootdir}/doc/${PACKAGE_TARNAME}
|
| | | |
| | |
| | |
| | | |
To match other similar variables, such as datarootdir and mandir.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Move up the variables that are defined in the `AC_INIT` call on
configure.ac.
And put VERSION last, to match the usual `$(NAME)-$(VERSION)` usage.
|
| | | |
| | |
| | |
| | | |
Move it to the bottom, near other compilation-related flags.
|
| |\ \ \
| | | |
| | | | |
microsoft-edge.profile rewritten for stable channel and moved microsoft-edge{,-beta,-dev} from private-opt to whitelist
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* replaced private-opt by whitelist #5307
* added stable channel config dirs to disable-programs.inc
|
| |\ \ \ \
| | | | |
| | | | | |
docs: set vim filetype on man pages for syntax highlighting
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Since the man pages in src/man use a ".txt" file extension (rather than
".1" or ".5"), their filetype is detected by (neo)vim as "text".
So at the bottom of every man page, add a vim modeline in a comment and
set the filetype to "groff", to enable syntax highlighting.
Note: All of the generated ".man", ".1" and ".5" files are currently
being detected as "nroff".
Note2: Set the filetype to "groff" rather than "nroff" because at least
.UR and .UE are groff extensions. These macros look the same with
either filetype, but there may be more extensions being used and the
nroff.vim syntax file (which is included by groff.vim) does things
differently based on which filetype is used.
Based on the following example from (neo)vim's filetype.txt:
or add this modeline to the file:
/* vim: set filetype=idl : */
See `:help groff.vim` and `:help filetype.txt` in (neo)vim.
See also groff_man(7) for the man page macros (including extensions).
Environment: neovim 0.7.2-3 on Artix Linux.
Misc: I noticed this on #5290.
|
| |\ \ \ \
| | | | |
| | | | | |
docs: mention risk of SUID binaries and also firejail-users(5)
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
On the introduction of firejail(1), mention the main risk of SUID
binaries and that by default, only trusted users should be allowed to
run firejail (and how to accomplish that).
Note: The added comment line is completely discarded (so there is no
extraneous blank line); see groff_man(7) for details.
Suggested by @emerajid on #5288.
Relates to #4601.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
vmware.profile: snapshot requires /etc/mtab
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This patch avoid the following error:
Error: One of the parameters supplied is invalid
Tested with VMware Workstation 16.2.4
|
| | | | | | |
|
| |\ \ \ \ \
| |_|_|_|/
|/| | | | |
Add support for custom AppArmor profiles (--apparmor=)
|
| | |/ / / |
|
| | | | |
| | | |
| | | |
| | | | |
Relates to #5283 #5284.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
neomutt won't write to these locations. Processes it spawns might read
to some of them, but creating an empty file doesn't help. This just
pollutes user's $HOME with empty files and directories.
I've kept a few paths that MAY be written to by neomutt; it's not ideal,
but I want to minimise the risk of potential data loss, even if it is
corener cases.
See: https://github.com/netblue30/firejail/discussions/5276
|
| |\ \ \ \
| | | | |
| | | | | |
build: config.sh.in: quote variables and fix shellcheck issues
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix the following error and warnings:
$ shellcheck --version | grep ^version:
version: 0.8.0
$ shellcheck config.sh.in
In config.sh.in line 1:
# @configure_input@
^-- SC2148 (error): Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
In config.sh.in line 3:
NAME=@PACKAGE_NAME@
^--^ SC2034 (warning): NAME appears unused. Verify use (or export if used externally).
In config.sh.in line 4:
VERSION=@PACKAGE_VERSION@
^-----^ SC2034 (warning): VERSION appears unused. Verify use (or export if used externally).
For more information:
https://www.shellcheck.net/wiki/SC2148 -- Tips depend on target shell and y...
https://www.shellcheck.net/wiki/SC2034 -- NAME appears unused. Verify use (...
Relates to #5140.
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Output variables in general may contain values with spaces in them.
Example: `CC=gcc -foo`.
Relates to #5140.
|
| |\ \ \ \
| |_|_|/
|/| | | |
build: Add files `make uninstall` forgot to remove
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
There were a couple of files leftover after `make uninstall`. This
patch fixes that.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* fix(audacity): !5281 sharedlib bug on Arch/Fedora
removed `private-bin` line from audacity profile as it appears to block
access to shared libraries needed to start audacity on some
distributions.
Relates to github issue #5281
* fix(audacity): Disabling apparmor and reenabling private-bin
|
| |\ \ \ \
| | | | |
| | | | | |
makepkg: add description
|
| | | |_|/
| |/| | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* add gdu to 'new profiles' section
* Create gdu.profile
* add gdu to firecfg
* harden gdu sandbox
* fix protocol
* simulate empty protocol in gdu
* more user-friendly gdu sandboxing
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/0c670bbf0414f39666df6ce8e718ec5662c21e03...2ca79b6fa8d3ec278944088b4aa5f46912db5d63)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/3e7e3b32d0fb8283594bb0a76cc60a00918b0969...0c670bbf0414f39666df6ce8e718ec5662c21e03)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
| |
| |
| | |
Relates to #5248 #5249 #5251.
|
pirate486743186
Kelvin M. Klann
dependabot[bot]
glitsj16
Азалия Смарагдова
netblue30
pirate486743186
Quentin RETORNAZ
Davide Gerhard
Азалия Смарагдова
Hugo Osvaldo Barrera
Tommy Nguyen
Christopher Morrow