| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
- spelling suggestion from @glitsj16 on fda62527
- drop python2 from openshot it never has a python2 version
- #3126 note in manpage: cannot combine --private with --private=
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add profile for offical Linux Teams application
* fix: add mkdir suggestions in Teams profile
* Merge suggestions for Teams profile
* Add suggestion to Teams profile
* Add Teams to firecfg.config
* Add paths from Teams profile to disable-programs
* Remove the duplicated whitelist for downloads in Teams profile
Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
* Cleanup teams profile after testing
* Add comment to Teams profile
Co-authored-by: rusty-snake <print_hello_world+GitHub@protonmail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Running `firejail --noprofile --private-bin=bash,ls ls -1Za /usr/bin`
shows that the SELinux labels are not correct:
```
user_u:object_r:user_tmpfs_t:s0 .
system_u:object_r:usr_t:s0 ..
user_u:object_r:user_tmpfs_t:s0 bash
user_u:object_r:user_tmpfs_t:s0 ls
```
After fixing this:
```
system_u:object_r:bin_t:s0 .
system_u:object_r:usr_t:s0 ..
system_u:object_r:shell_exec_t:s0 bash
system_u:object_r:bin_t:s0 ls
```
Most copied files and created directories should now have correct
labels (bind mounted objects keep their labels). This is useful to
avoid having to change the SELinux rules when using Firejail.
|
| |
|
|
|
|
|
|
|
| |
Some distributions include fonts in the texmf and texlive subdirectories
of /usr/share. This makes those fonts accessible, addressing buggy
behavior in okular where some text fails to render.
This also whitelists /usr/share/config.kcfg which contains default
settings that should be available to many applications.
|
| | |
|
| |
|
| |
Allow writing some proc paths used by browsers but restrict it to their owner.
|
| |
|
| |
Openshot 2.5.0 needs networking. This fixes #3221.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
- mdwe broken
- ${HOME}/.ssr
|
| |
|
|
| |
see issue #3145
|
| |
|
|
| |
see issue #3145
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* include wvc in aria2c.profile
* include wvc in clawsker.profile
* include wvc in conky.profile
* include wvc in dconf.profile
* include wvc in dconf-editor.profile
* include wvc in exiftool.profile
* include wvc in font-manager.profile
* include wvc in gconf.profile
* include wvc in git.profile
* include wvc in gjs.profile
* include wvc in gpg.profile
* include wvc in img2txt.profile
* include wvc in mediainfo.profile
* include wvc in mpd.profile
* include wvc in nitroshare.profile
* include wvc in ocenaudio.profile
* include wvc to ping.profile
* include wvc in simple-scan.profile
* include wvc in simplescreenrecorder.profile
* include wvc in sysprof.profile
* include wvc in tshark.profile
* include wvc in uget-gtk.profile
* include wvc in viewnior.profile
* include wvc in weechat.profile
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Added typing.
Replaced os.path with pathlib.
Made it work.
Fixes in .gitignore.
|
| | |
|
| |
|
| |
It is still undecided what causes #2681 for the OP. Let's not change the seccomp filter for everyone until we have reproducible issues.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
print rejected character in invalid filenames
|
| | |
| |
| | |
issue #3001
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| | |
Thanks to @rusty-snake for his comment in #3198.
|
| | |
| |
| | |
Thanks to @rusty-snake for suggesting to move /usr/share/file to wusc in #3198.
|
| | |
| |
| | |
This fixes #3198.
|
| | | |
|
| | | |
|
| | |
| |
| | |
Thanks to @s-hamman for reporting this in the comments of #3193.
|
| | |
| |
| | |
Thanks to @s-hamman for reporting this in the comments of #3193.
|
| | | |
|
| | | |
|
rusty-snake
Andreas Hunkeler
Quentin Minster
Topi Miettinen
Antonio Russo
smitsohu
Vincent43
glitsj16
KOLANICH
KOLANICH
Fred Barclay
Reiner Herrmann
Tad