| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
To HDRS and SRCS, respectively.
To be more consistent with the OBJS variable.
Misc: These names also appear to be more common from the makefiles that
I've seen.
Commands used to search and replace:
git grep -IFlz -e H_FILE_LIST -e C_FILE_LIST -- src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/^H_FILE_LIST *=/HDRS =/' \
-e 's/\$(H_FILE_LIST)/\$(HDRS)/g' \
-e 's/^C_FILE_LIST *=/SRCS =/' \
-e 's/\$(C_FILE_LIST:/\$(SRCS:/g' \
'{}')\" >'{}'"
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Compared to the objects that are actually used in a given recipe, some
program targets are missing object dependencies, while others appear to
have unused object dependencies.
Make each of those targets depend on the objects that are actually used
when linking.
Note: No check was done for extraneous/missing objects when linking;
this commit only makes the object dependencies equal to the objects
that are linked.
|
| |
|
|
|
|
|
| |
Instead of including it through src/common.mk.
This allows each makefile to directly override any value defined in
config.mk.
|
| |
|
|
|
|
|
| |
This should make it more consistent with the other makefiles (especially
considering the subsequent deduplication commits on this branch) and
enables it to depend on the variables in question (as variables in
dependencies are immediately expanded, at least by default).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "all" target is usually intended to be the default one and when
running make, the first target on a makefile is the one that gets built
if no target is specified (such as when running `make` with no
arguments).
Also, note that unlike config.mk, src/common.mk may define its own
targets, so move the "all" target to before the include of
src/common.mk, to ensure that "all" keeps being the default target
regardless of what is defined in src/common.mk.
Note: If the "all" target is defined as depending directly on `$(OBJS)`
while it is empty (that is, before src/common.mk is included), running
`make` (or `make all`) will result in make always concluding that there
is nothing to be done and exiting. So make "all" depend on an
intermediary phony "lib" target instead, which in turn depends on
`$(OBJS)` (and is declared after `$(OBJS)` is populated).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It is unclear what its intended purpose would be. Example:
$ cat Makefile
OBJS = a b c
BINOBJS = $(foreach file, $(OBJS), $file)
all:
printf '"%s"\n' "$(BINOBJS)"
$ make
printf '"%s"\n' " ile ile ile"
" ile ile ile"
Added on commit 137985136 ("Baseline firejail 0.9.28", 2015-08-08).
|
| |
|
|
| |
Added on commit a627071b3 ("intrusion detection system", 2021-07-28).
|
| |
|
|
| |
Relates to #5398 #5402 #5451.
|
| |\
| |
| | |
docs: clarify that --appimage should appear before --profile
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
And fix the argument order in the examples to reflect that.
Background: The order in which these options appeared in the
documentation was inconsistent. src/man/firejail.txt used --appimage
before --profile and src/man/firejail-profile.txt used --profile before
--appimage. Then commit 44fefcac0 ("Make appimage examples consistent
with --appimage option short description", 2022-10-05) / PR #5402 was
made, which standardized on --profile before --appimage in both places.
But as mentioned by @rusty-snake[1], --appimage has be specified before
--profile in order for any `?HAS_APPIMAGE` conditionals inside of the
profile to evaluate to true.
So change the documentation to use and recommend the latter form.
Also, add --quiet to one example to make it clear that --appimage does
not have to be the first option (nor the last option before --profile).
[1] https://github.com/netblue30/firejail/pull/5402#issuecomment-1274889618
|
| | |
| |
| |
| |
| |
| |
| | |
* Create cinelerra-gg
* add cinelerra-gg to `New profiles` section
* Add cinelerra-gg to firecfg.config
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.29 to 2.1.31.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6...c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
| |
| | |
Fixes #5463 by adding netlink to the list of allowed protocols
|
| |/
|
|
|
| |
* Create godot3.profile
* Add godot3 redirect to firecfg.config
|
| |
|
|
| |
Relates to #5421 #5431.
|
| |
|
|
| |
Relates to #5356.
|
| |
|
| |
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.28 to 2.1.29.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/cc7986c02bac29104a72998e67239bb5ee2ee110...ec3cf9c605b848da5f1e41e8452719eb1ccfb9a6)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
|
|
| |
Closes #5437
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.27 to 2.1.28.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/807578363a7869ca324a79039e6db9c843e0e100...cc7986c02bac29104a72998e67239bb5ee2ee110)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |\
| |
| | |
Fix musl warnings
|
| | |
| |
| |
| | |
in musl they are just redefines of the non-64 versions
|
| |/ |
|
| | |
|
| | |
|
| |\ |
|
| | |\
| | |
| | | |
Harden qutebrowser profile
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | |\ \
| | | |
| | | | |
docs: Make appimage examples consistent with --appimage option short description
|
| | | | | |
|
| | |\ \ \
| | | | |
| | | | | |
electron-mail.profile refactoring
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Changes:
- redirect to electron.profile
- fix program name
- update program description
- allow /bin/sh
- allow opening links in Firefox
- remove no3d, nonewprivs, noroot, protocol, seccomp
- add machine-id, nosound
- remove private-bin, disable-mnt
- harden private-etc
- allow D-Bus notifications, secrets
|
| |/ / / / |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/2541b1294d2704b0964813337f33b291d3f8596b...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.26 to 2.1.27.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/e0e5ded33cabb451ae0a9768fc7b0410bad9ad44...807578363a7869ca324a79039e6db9c843e0e100)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
OpenDoas is an alternative to sudo. It is an unofficial port of
OpenBSD's doas. Details:
$ LC_ALL=C pacman -Si galaxy/opendoas |
grep -e '^Version' -e '^Description' -e '^URL'
Version : 6.8.2-1
Description : Run commands as super user or another user
URL : https://github.com/Duncaen/OpenDoas
Environment: Artix Linux.
Also, add /etc/doas.conf to etc/ids.config.
|
| |\ \ \ |
|
| | |\ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
netblue30/dependabot/github_actions/github/codeql-action-2.1.26
build(deps): bump github/codeql-action from 2.1.25 to 2.1.26
|
| | | | |/
| | |/|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.25 to 2.1.26.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/86f3159a697a097a813ad9bfa0002412d97690a4...e0e5ded33cabb451ae0a9768fc7b0410bad9ad44)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| | |\ \ \
| | | | |
| | | | | |
Revert "mpv: whitelist mpv-mpris (#5386)"
|
| | | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit 393c5beff2686d7732221dadb6730917f24835a0.
Which broke mpv:
$ mpv --version
Cannot start application: No such file or directory
Probably because mpv itself uses many libraries and it has plugins that
may depend on files in /usr/lib as well:
$ pacman -Qlq mpv | grep /lib/ | grep -v '/$'
/usr/lib/libmpv.so
/usr/lib/libmpv.so.1
/usr/lib/libmpv.so.1.109.0
/usr/lib/pkgconfig/mpv.pc
$ strings /usr/bin/mpv | grep '^lib.*\.so' | sort -u | wc -l
53
$ pacman -Qlq yt-dlp | grep /lib/ | grep -v '/$' |
cut -f -4 -d / | sort -u
/usr/lib/python3.10
$ pacman -Q mpv yt-dlp
mpv 1:0.34.1-5
yt-dlp 2022.09.01-1
Environment: Artix Linux.
Also, private-lib is disabled by default in firejail.config (see #5190)
and mpv.profile does not use private-lib, so there should be no need to
whitelist anything in /usr/lib in the default profile.
|
Kelvin M. Klann
glitsj16
dependabot[bot]
Jan Sonntag
Frostbyte4664
StepSecurity Bot
rusty-snake
netblue30
Reiner Herrmann
slowpeek
pirate486743186