| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |\ \ \ \
| | | | |
| | | | | |
build: make shell commands more portable in firejail.vim
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
To avoid depending on an extra package without need.
Commands used to search and replace:
$ f=contrib/vim/syntax/firejail.vim; \
printf '%s\n' "$(sed -E \
"s|rg -o '([^']+)' -r '\\\$1'|sed -En 's/.*\\1.*/\\\\1/p'|" "$f")" >"$f"
Note: `sed -E` is not in POSIX.1-2017 (Issue 7), but it has been
accepted into the upcoming POSIX standard version[1] and is supported by
at least GNU, busybox and OpenBSD grep.
Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06).
[1] https://www.austingroupbugs.net/view.php?id=528
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Only a single script is passed by argument in each invocation.
Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06) and on commit d2e10f2f5 ("vim: update list of syscalls",
2021-05-29) / PR #4318.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It seems to be equivalent to just delimiting the beginning and the end
of the line with `^foo$`.
Also, put the regex mode (-E) first.
Commands used to search and replace:
$ f=contrib/vim/syntax/firejail.vim; \
printf '%s\n' "$(sed -E \
"s|grep -vEx '([^']+)'|grep -Ev '^\\1\$'|" "$f")" >"$f"
Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06).
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
POSIX tr understands '\n', so use that instead of the less portable
$'\n'.
Commands used to search and replace:
$ f=contrib/vim/syntax/firejail.vim; \
printf '%s\n' "$(sed -E \
"s/tr +\\\$'\\\\n'/tr '\\\\n'/g" "$f")" >"$f"
Added on commit a1cc4a556 ("Add vim syntax and ftdetect files (#2679)",
2019-05-06).
|
| |\ \ \ \
| | | | |
| | | | | |
QMediathekView: hardening
|
| | | | | |
| | | | |
| | | | | |
As suggested in review.
|
| | | | | | |
|
| |/ / / /
| | | |
| | | |
| | | | |
Relates to #5554.
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/755da8c3cf115ac066823e79a1e1788f8940201b...ac593985615ec2ede58e132d2e21d2b1cbd6127c)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \
| | |/
| |/| |
|
| | |\ \
| | | |
| | | | |
claws-mail and sylpheed D-Bus hardening
|
| | | | | |
|
| | | |/
| | |
| | | |
Relates to https://github.com/netblue30/firejail/issues/5477.
|
| | |\ \
| | | |
| | | | |
electron hardening fixes
|
| | | | | |
|
| | | |/ |
|
| |/ / |
|
| |\ \
| | |
| | | |
A temporary fix to the bug caused by apparmor profiles stacking.
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Add profile for Chatterino
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- Remove waf from private-bin
- Move optional commands to the top
- Reorder allow lua/python
|
| | | | |
| | | |
| | | | |
Co-authored-by: Kelvin M. Klann <kmk3.code@protonmail.com>
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
I'll try the rest manually soon
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Blacklist google-drive-ocamlfuse config
|
| | | | | | |
|
| | | | | | |
|
| | |_|_|/
|/| | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Update DBus wiki link
|
| | |/ / / |
|
| |\ \ \ \
| | | | |
| | | | | |
window manager profiles: fix browser/electron internal sandboxes
|
| | | |/ /
| |/| | |
|
| |/ / / |
|
| | | | |
|
| |/ / |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| | |
* gpg-agent: sort private-bin (even though it's commented)
* gpg-agent: fix private-bin
|
| | |
| |
| |
| |
| |
| |
| | |
* add comment on intentional duplication of blacklisted kernel configuration
* disable-proc.inc: update the duplication comment
* disable-common.inc: add duplication notice for kernel configuration
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* disable-programs.inc: add ssmtp support
* Create ssmtp.profile
* ssmtp: support Debian/Ubuntu
* README.md: add ssmtp to 'New profiles' section
* disable-common.inc: move ssmtp support to keep CI happy
* ssmtp: improve dead.letter comment
Suggested in [review](https://github.com/netblue30/firejail/pull/5544#pullrequestreview-1225322546).
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* seahorse: fixes and hardening
* seahorse-daemon: hardening
* seahorse-tool: move private-etc items to seahorse
* seahorse: unbreak nautilus file encryption
As suggested [in review](https://github.com/netblue30/firejail/pull/5543#pullrequestreview-1225250520).
* seahorse-tool: move private-tmp to seahorse
* seahorse: add private-tmp
* seahorse: fix access to ssh-agent socket
|
| | | |
|
| |\ \
| | |
| | | |
Revert "remove make deb and use make deb-apparmor to build packages"
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 82299440533f54bd45bd5ec69136233c04028c15.
The idea is to later enable building the .deb package with AppArmor by
default with `make deb` and to then remove `make deb-apparmor` (though
note that some ci changes might also be needed in tandem[1]). This
could potentially allow building a .deb package for all firejail
versions (including past and future ones) with just `make deb`.
Also, note that other options can be added/removed to the default `deb`
target (besides AppArmor-related ones), so ideally there would be only a
single `deb` target with all the desired options applied.
So instead of releasing a version without `make deb` and then
potentially adding it back and removing `make deb-apparmor`, just leave
the targets as is (considering the current release, 0.9.70) for now.
[1] https://github.com/netblue30/firejail/pull/5176#issuecomment-1146855467
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* audacity: networking updates
* audacity: fix allowing to run local server
* audacity: move comment so it's more visible
As suggested [in review](https://github.com/netblue30/firejail/pull/5540#pullrequestreview-1225225897).
|
netblue30
Kelvin M. Klann
glitsj16
dependabot[bot]
KOLANICH
Dpeta
slowpeek
smitsohu
rusty-snake