| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
The files in this directory are intended to be automatically executed
when the user logs in.
In which case, granting write access to this directory allows the
program to easily escape the sandbox (by autostarting itself outside of
firejail, for example).
Misc: This was noticed on #6244.
|
| |
|
|
|
|
|
|
|
|
| |
It is a GUI program.
It was apparently added by accident on commit 73321c597 ("Fixes
(#2816)", 2019-07-01).
Reported by @glitsj16 at
https://github.com/netblue30/firejail/pull/6286#discussion_r1536618241
|
| |
|
|
|
| |
Description: QEMU frontend without libvirt.
https://github.com/thanoulis/tqemu
|
| |
|
|
|
|
|
|
|
|
| |
@hedgehog29 commented[1]:
> It prevents k3b from detecting all dvd drives, incudling USB ones, and
> it seems that also SATA.
Fixes #6279.
[1] https://github.com/netblue30/firejail/issues/6279#issue-2191392448
|
| |
|
|
|
|
| |
Description: Python GTK3 application to view and clean metadata in
files, using mat2.
https://gitlab.com/rmnvgr/metadata-cleaner
|
| |
|
| |
Co-authored-by: exponential <echo ZXhwb25lbnRpYWxtYXRyaXhAcHJvdG9ubWFpbC5jb20K | base64 -d>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The warning is being produced on Arch since pacman 6.1, which changed
`-D_FORTIFY_SOURCE=2` to `-D_FORTIFY_SOURCE=3` in CFLAGS in
makepkg.conf:
$ pacman -Q gcc pacman
gcc 13.2.1-5
pacman 6.1.0-3
$ makepkg
[...]
make -C src/lib
gcc [...] -D_FORTIFY_SOURCE=2 [...] -Wp,-D_FORTIFY_SOURCE=3 [...] -c ../../src/lib/common.c -o ../../src/lib/common.o
<command-line>: warning: "_FORTIFY_SOURCE" redefined
<command-line>: note: this is the location of the previous definition
To fix this, only add `-D_FORTIFY_SOURCE` to EXTRA_CFLAGS if it does not
cause any warnings with CFLAGS and CPPFLAGS during compilation.
The effect remains the same: The build system still defines the macro by
default (if there are no warnings) and the user/distribution can still
override it through CFLAGS/CPPFLAGS.
Fixes #6282.
Reported-by: @glitsj16
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Description: Encrypted messenger.
https://github.com/oxen-io/session-desktop/
https://aur.archlinux.org/packages/session-desktop
https://aur.archlinux.org/packages/session-desktop-bin
https://aur.archlinux.org/packages/session-desktop-appimage
Note: The AUR packages all work with the profiles.
|
| |
|
|
|
|
| |
Description: Determines the file type.
https://metacpan.org/release/File-MimeInfo
https://archlinux.org/packages/extra/any/perl-file-mimeinfo/
|
| |
|
|
|
| |
Description: Automatic TV episode file renamer.
https://github.com/dbr/tvnamer
|
| |
|
|
|
|
|
| |
Description: Full Screen text editor heavily inspired by Q10 and
JDarkRoom.
https://code.google.com/p/textroom/
https://aur.archlinux.org/packages/textroom
|
| |
|
|
|
|
| |
Description: Encrypted sharing of files, folders, and text between
devices.
https://github.com/Jacalz/rymdport
|
| |
|
|
|
| |
Description: An open source cross-platform alternative to AirDrop.
https://github.com/localsend/localsend
|
| |
|
|
|
|
|
| |
Description: Plain tool to validate and compare .editorconfig files.
https://github.com/aegoroff/editorconfiger
https://aur.archlinux.org/packages/editorconfiger
https://aur.archlinux.org/packages/editorconfiger-bin
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/8a470fddafa5cbb6266ee11b37ef4d8aae19c571...3ab4101902695724f9365a384f86c1074d94e18c)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...9bb56186c3b09b4f86b1c65136769dd318469633)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |
|
|
|
| |
Description: Ebook reader application.
https://koreader.rocks/
|
| |
|
|
|
|
| |
Description: CLI encryption tool
https://github.com/brxken128/dexios
https://aur.archlinux.org/packages/dexios-bin
|
| |
|
| |
Cfr. https://github.com/netblue30/firejail/issues/6269#issuecomment-2002021790.
|
| |
|
|
|
|
| |
Description: Checks and fixes URLs in code and documentation.
https://github.com/nschloe/deadlink
https://aur.archlinux.org/packages/deadlink
|
| |
|
|
|
|
|
|
| |
Description: A CLI tool to download specific GitHub directories or
files.
https://github.com/alok8bb/cloneit
https://aur.archlinux.org/packages/cloneit-git
|
| |
|
|
|
| |
Description: Python script to check the status of a list of URLs.
https://github.com/Arthurdw/statusof
|
| |
|
|
|
|
| |
Description: A multi-threaded GTK application to fetch lyrics of
currently playing songs.
https://gitlab.com/bartwillems/lyriek
|
| |
|
|
|
|
|
|
|
|
| |
Description: Multi-threaded file-tree visualizer and disk usage
analyzer.
https://github.com/solidiquis/erdtree
https://archlinux.org/packages/extra/x86_64/erdtree/
Note: The repo and package are called `erdtree`, but the executable is
`erd`.
|
| |
|
|
|
|
|
|
| |
Description: Dynamic real-time view of running eBPF programs.
https://github.com/Netflix/bpftop
https://aur.archlinux.org/packages/bpftop
https://aur.archlinux.org/packages/bpftop-bin
https://aur.archlinux.org/packages/bpftop-git
|
| |
|
|
| |
Relates to #6260 #6261 #6268.
|
| |
|
|
|
|
|
|
| |
Based on the discussion at #5063.
Misc: The `\&` is used to escape the dot in `.desktop` (see roff(7)).
This amends commit a9c851ee4 ("firecfg: use ignorelist also for .desktop
files", 2024-01-08) / PR #6153.
|
| |
|
|
|
|
| |
Add support for qt6ct packages that use XDG desktop portal.
https://github.com/MikeWalrus/qt6ct#branch=colorscheme-portal
https://aur.archlinux.org/packages/qt6ct-xdg-colorscheme-git
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently Tor Browser 13.0.11 (based on Mozilla Firefox 115.8.0esr)
changed a few things. The former versions installed under
`${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser`
and now under
`${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser/Browser`.
All of our tor-browser-foo.profile profiles redirect to
torbrowser-launcher.profile and are covered by the fixes.
torbrowser.profile was not tested. It redirects to
firefox-common.profile and seems to be Gentoo-specific.
Fixes #6269.
|
| |\
| |
| | |
build: sort.py: filter empty and duplicate items
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Note: This seems to already be done for `protocol` lines.
Before:
$ ./contrib/sort.py test.profile
sort.py: checking 1 profile(s)...
test.profile:1:-private-etc ,,bar,,foo,,bar,,,
test.profile:1:+private-etc ,,,,,,,bar,bar,foo
test.profile:2:-protocol ,,unix,,bluetooth,,unix,,inet,,,
test.profile:2:+protocol unix,inet,bluetooth
[ Fixed ] test.profile
After:
$ ./contrib/sort.py test.profile
sort.py: checking 1 profile(s)...
test.profile:1:-private-etc ,,bar,,foo,,bar,,,
test.profile:1:+private-etc bar,foo
test.profile:2:-protocol ,,unix,,bluetooth,,unix,,inet,,,
test.profile:2:+protocol unix,inet,bluetooth
[ Fixed ] test.profile
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To reduce duplication.
Support for it was added on commit bf5a99360 ("landlock: add support for
PATH macro", 2023-12-22).
See also commit 19e108248 ("landlock: expand simple macros in commands",
2023-11-11) / PR #6125.
Relates to #6078.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Blacklisting qt5ct/qt6ct configuration and data paths breaks styling in all
apps that use them.
This was working as expected before #6249 and #6250, so remove the
blacklisting.
|
| | |
| |
| |
| |
| |
| |
| | |
Simple screen recorder for Linux desktop, supports Wayland & Xorg.
https://github.com/dvershinin/green-recorder
https://aur.archlinux.org/packages/green-recorder
https://aur.archlinux.org/packages/green-recorder-git
|
| | |
| |
| |
| |
| |
| |
| | |
Fix `noblacklist` entry without an equivalent `blacklist` entry.
Added on commit 1a2e8ab85 ("multimc: instances not running, because of
missing permissions", 2024-02-19) / PR #6216.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Since gnome-keyring 1.46, the ssh-agent functionality has been removed
and gcr-ssh-agent is the recommended alternative.
Source:
- https://gitlab.gnome.org/GNOME/gcr/-/merge_requests/67
- https://wiki.archlinux.org/title/GNOME/Keyring#SSH_keys
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
mkinitcpio (used to generate initramfs images) supports several
compression formats:
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/blob/master/mkinitcpio.conf#L54-L64.
On Arch Linux (based distributions) at least this implies the supported
archivers to have access to mkinitcpio-related files under /etc.
This was no problem before 29da82d added `private-etc` to
`archivers-common.profile`.
This adds the now needed extra private-etc items to
archiver-common.profile, for mkinitcpio's supported compressors (which
seem to be at least cpio, gzip and zstd).
Relates to #5610.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Commit 29da82d added `private-etc` to `archiver-common.profile`.
To avoid doubled options this PR removes it from archiver profiles which
already had it.
Relates to #5610.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/47b3d888fe66b639e431abf22ebca059152f1eea...8a470fddafa5cbb6266ee11b37ef4d8aae19c571)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |/ |
|
| |
|
|
| |
Relates to #6217 #6222 #6228 #6230.
|
Kelvin M. Klann
glitsj16
pirate486743186
dependabot[bot]
D357R0Y3R
Michele Sorcinelli
rusty-snake