| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
The makefiles that both build C programs and include src/common.mk are
nearly identical, save for the main target name and for any extra
headers and objects that they might use.
So move all of their (duplicated) code into src/common.mk, which (other
than the "lib" target on src/lib/Makefile) leaves only variables and the
includes of config.mk and src/common.mk in place.
|
| |
|
|
|
|
|
|
|
|
| |
Put the main target name into a new PROG variable, put PROG into a new
TARGET variable, make "all" depend on `$(TARGET)` and replace every
other occurrence of the main target name with `$(PROG)`.
On the makefiles that build non-shared objects, to make them more
similar. With this commit, all of their targets are identical (except
for the extra "lib" target on src/lib/Makefile).
|
| |
|
|
|
| |
For increased readability, list one item per line on lines that are
currently longer than 80 characters.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To make the makefiles more similar.
That is, add the following new variables:
* MOD_HDRS
* MOD_SRCS
* MOD_OBJS
And move existing module-specific header and object dependencies into
`MOD_HDRS` and `MOD_OBJS`, respectively. `MOD_SRCS` is added mostly for
symmetry/consistency.
Note: Use `MOD_` as a prefix instead of `EXTRA_` to avoid confusion, as
the latter is currently used for global variables (such as
`EXTRA_CFLAGS`), as opposed to module-specific variables.
Note2: Add them directly into the HDRS/SRCS/OBJS variables to avoid
cluttering the existing recipes with an extra variables unnecessarily.
This also allows, for example, referencing all of the object
dependencies with `$<` if `$(OBJS)` is the first dependency (at least in
GNU make).
Note3: Since HDRS/SRCS/OBJS use simple assignment (through `:=`), the
MOD variables should appear before including src/common.mk (or
src/so.mk).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use immediate expansion of the right-hand side (with `:=`) to set the
variables to the output of the commands rather than to the (text of the)
commands themselves.
This should prevent deferred/lazy evaluation, which is something that
might potentially result in the relevant files being looked up each time
that HDRS and SRCS are evaluated.
Commands used to search and replace:
git grep -Ilz '^SRCS' -- src | xargs -0 -I '{}' \
sh -c "printf '%s\n' \"\$(sed \
-e 's/^HDRS =/HDRS :=/' \
-e 's/^SRCS =/SRCS :=/' \
-e 's/^OBJS =/OBJS :=/' '{}')\" >'{}'"
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To HDRS and SRCS, respectively.
To be more consistent with the OBJS variable.
Misc: These names also appear to be more common from the makefiles that
I've seen.
Commands used to search and replace:
git grep -IFlz -e H_FILE_LIST -e C_FILE_LIST -- src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/^H_FILE_LIST *=/HDRS =/' \
-e 's/\$(H_FILE_LIST)/\$(HDRS)/g' \
-e 's/^C_FILE_LIST *=/SRCS =/' \
-e 's/\$(C_FILE_LIST:/\$(SRCS:/g' \
'{}')\" >'{}'"
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Compared to the objects that are actually used in a given recipe, some
program targets are missing object dependencies, while others appear to
have unused object dependencies.
Make each of those targets depend on the objects that are actually used
when linking.
Note: No check was done for extraneous/missing objects when linking;
this commit only makes the object dependencies equal to the objects
that are linked.
|
| |
|
|
|
|
|
| |
Instead of including it through src/common.mk.
This allows each makefile to directly override any value defined in
config.mk.
|
| |
|
|
|
|
|
| |
This should make it more consistent with the other makefiles (especially
considering the subsequent deduplication commits on this branch) and
enables it to depend on the variables in question (as variables in
dependencies are immediately expanded, at least by default).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "all" target is usually intended to be the default one and when
running make, the first target on a makefile is the one that gets built
if no target is specified (such as when running `make` with no
arguments).
Also, note that unlike config.mk, src/common.mk may define its own
targets, so move the "all" target to before the include of
src/common.mk, to ensure that "all" keeps being the default target
regardless of what is defined in src/common.mk.
Note: If the "all" target is defined as depending directly on `$(OBJS)`
while it is empty (that is, before src/common.mk is included), running
`make` (or `make all`) will result in make always concluding that there
is nothing to be done and exiting. So make "all" depend on an
intermediary phony "lib" target instead, which in turn depends on
`$(OBJS)` (and is declared after `$(OBJS)` is populated).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is unclear what its intended purpose would be. Example:
$ cat Makefile
OBJS = a b c
BINOBJS = $(foreach file, $(OBJS), $file)
all:
printf '"%s"\n' "$(BINOBJS)"
$ make
printf '"%s"\n' " ile ile ile"
" ile ile ile"
Added on commit 137985136 ("Baseline firejail 0.9.28", 2015-08-08).
|
| |
|
|
| |
Added on commit a627071b3 ("intrusion detection system", 2021-07-28).
|
| |
|
|
| |
Relates to #5398 #5402 #5451.
|
| |\
| |
| | |
docs: clarify that --appimage should appear before --profile
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
And fix the argument order in the examples to reflect that.
Background: The order in which these options appeared in the
documentation was inconsistent. src/man/firejail.txt used --appimage
before --profile and src/man/firejail-profile.txt used --profile before
--appimage. Then commit 44fefcac0 ("Make appimage examples consistent
with --appimage option short description", 2022-10-05) / PR #5402 was
made, which standardized on --profile before --appimage in both places.
But as mentioned by @rusty-snake[1], --appimage has be specified before
--profile in order for any `?HAS_APPIMAGE` conditionals inside of the
profile to evaluate to true.
So change the documentation to use and recommend the latter form.
Also, add --quiet to one example to make it clear that --appimage does
not have to be the first option (nor the last option before --profile).
[1] https://github.com/netblue30/firejail/pull/5402#issuecomment-1274889618
|
| | |
| |
| |
| |
| |
| |
| | |
* Create cinelerra-gg
* add cinelerra-gg to `New profiles` section
* Add cinelerra-gg to firecfg.config
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.29 to 2.1.31.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6...c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
| |
| | |
Fixes #5463 by adding netlink to the list of allowed protocols
|
| |/
|
|
|
| |
* Create godot3.profile
* Add godot3 redirect to firecfg.config
|
| |
|
|
| |
Relates to #5421 #5431.
|
| |
|
|
| |
Relates to #5356.
|
| |
|
| |
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.28 to 2.1.29.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/cc7986c02bac29104a72998e67239bb5ee2ee110...ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
|
|
| |
Closes #5437
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.27 to 2.1.28.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/807578363a7869ca324a79039e6db9c843e0e100...cc7986c02bac29104a72998e67239bb5ee2ee110)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Fix musl warnings
|
| | |
| |
| |
| | |
in musl they are just redefines of the non-64 versions
|
| |/ |
|
| | |
|
| | |
|
| |\ |
|
| | |\
| | |
| | | |
Harden qutebrowser profile
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | |\ \
| | | |
| | | | |
docs: Make appimage examples consistent with --appimage option short description
|
| | | | | |
|
| | |\ \ \
| | | | |
| | | | | |
electron-mail.profile refactoring
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changes:
- redirect to electron.profile
- fix program name
- update program description
- allow /bin/sh
- allow opening links in Firefox
- remove no3d, nonewprivs, noroot, protocol, seccomp
- add machine-id, nosound
- remove private-bin, disable-mnt
- harden private-etc
- allow D-Bus notifications, secrets
|
| |/ / / / |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/2541b1294d2704b0964813337f33b291d3f8596b...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.26 to 2.1.27.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e0e5ded33cabb451ae0a9768fc7b0410bad9ad44...807578363a7869ca324a79039e6db9c843e0e100)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenDoas is an alternative to sudo. It is an unofficial port of
OpenBSD's doas. Details:
$ LC_ALL=C pacman -Si galaxy/opendoas |
grep -e '^Version' -e '^Description' -e '^URL'
Version : 6.8.2-1
Description : Run commands as super user or another user
URL : https://github.com/Duncaen/OpenDoas
Environment: Artix Linux.
Also, add /etc/doas.conf to etc/ids.config.
|
Kelvin M. Klann
glitsj16
dependabot[bot]
Jan Sonntag
Frostbyte4664
StepSecurity Bot
rusty-snake
netblue30
Reiner Herrmann
slowpeek
pirate486743186