aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAge
* Add profiles for build-systems (/package-managers)Libravatar rusty-snake2021-09-08
| | | | | | | | | | Profiles: bunler, cargo (refactor), cmake (untested), make, meson, pip All redirect to build-systems-common.profile Other fixes: - blacklist ${HOME}/.bundle - blacklist ${HOME}/.cargo/* -> blacklist ${HOME}/.cargo - blacklist /usr/lib64/ruby
* Fix #4509 -- Nextcloud profile broken - needs 3D and system tray accessLibravatar rusty-snake2021-09-08
|
* Merge pull request #4493 from pirate486743186/fix-duplicate-globalLibravatar rusty-snake2021-09-08
|\ | | | | fix duplicate globals
| * fix duplicate globalLibravatar pirate4867431862021-08-30
| |
* | Fix #4367 -- gimp 2.10.22-3: gegl:introspect brokenLibravatar rusty-snake2021-09-08
| |
* | Update profile.template to use disable-X11.incLibravatar rusty-snake2021-09-08
| |
* | Rework pipewire/waylandLibravatar rusty-snake2021-09-07
| | | | | | | | | | | | | | | | | | | | | | - closes #4483 -- mpv requires whitelisting /usr/share/pipewire - wruc: whitelist pipewire-?, pipewire is becoming more popular and was developed with isolation (container/sandbox) in mind. - wruc: whitelist wayland-? instead of only -0 and -1 - wusc: whitelist /usr/share/pipewire - remove these wruc/wusc lines from other profiles - firefox-common-addons: Make ignore wruc work again (#4512) - firefox: org.freedesktop.portal.Desktop should be enough
* | Blacklist ~/.minisign in disable-commonLibravatar rusty-snake2021-09-07
| |
* | Profile fixesLibravatar rusty-snake2021-09-04
| | | | | | | | | | | | | | | | | | | | - disable-programs.inc: blacklist ${HOME}/.local/state/pipewire If you did not yet noticed, on 08th May 2021 the XDG Base Directory Specification 0.8 was resleased (the first update since 2010). New are $XDG_STATE_HOME and $HOME/.local/bin. - keepassxc: mkdirs are necessary - gnote: harden - pngquant: harden
* | Update RELNOTESLibravatar rusty-snake2021-09-04
| |
* | Update wrc for Arch Linux (#4507)Libravatar Martynas Janonis2021-09-03
| | | | | | This is a quick fix of #4482 for distributions that link /etc/resolv.conf to /run/systemd/resolve/stub-resolv.conf (Arch Linux is one of them).
* | Fix #4506 -- Freetube does not startLibravatar rusty-snake2021-09-03
| | | | | | | | Freetube from AUR uses a wrapper script
* | sort.py: pylint: consider-using-sys-exitLibravatar rusty-snake2021-09-03
| |
* | Update wrcLibravatar rusty-snake2021-09-03
|/ | | | | | - whitelist /run/resolvconf/resolv.conf -- Fixes #4482 - Drop whitelist for /run/systemd/resolve/stub-resolv.conf, /run/systemd/resolve/resolv.conf is the right path AIUI.
* mergesLibravatar netblue302021-08-30
|
* Merge pull request #4487 from kmk3/blame-ignore-add-big-revertLibravatar netblue302021-08-30
|\ | | | | .git-blame-ignore-revs: add revert of allow/deny move
| * .git-blame-ignore-revs: add revert of allow/deny moveLibravatar Kelvin M. Klann2021-08-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add commit f43382f1e ("Revert "move whitelist/blacklist to allow/deny"") from PR #4410. As mentioned on commit b023b9a6f ("Exclude allow/deny move in profile from git blame") / PR #4390, commit fe0f975f4 ("move whitelist/blacklist to allow/deny") "is just a huge rename", and so is the revert of it. Note that there is a follow-up to f43382f1e: commit 2e4d52ec6 ("Revert allow/deny additional files") (sort of related to #4421). It renames a bit too much, which is later fixed by commit 3836131f3 ("Fix zim and rednotebook"). Since these are small changes and since they involve regressions, neither commit is added.
* | Merge pull request #4481 from kmk3/readme-add-artixLibravatar netblue302021-08-30
|\ \ | | | | | | README.md: add artix linux to distro list
| * | README.md: add artix linux to distro listLibravatar Kelvin M. Klann2021-08-25
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Home page: https://artixlinux.org A few months ago, running `pacman -S firejail` would install it from Arch's "community" repository by default. But currently, Artix has its own firejail package, in the "galaxy" repository: * https://gitea.artixlinux.org/packagesF/firejail * https://repology.org/project/firejail/versions See also the following article from 2021-06-09: https://artixlinux.org/news.php#Arch_repositories_made_optional > Arch repositories made optional > > Artix has reached the stage where it can operate without the help of > the Arch repositories, including the preparation of its installation > media. As such, all new weekly ISO images will ship without [extra], > [community] and [multilib] enabled in pacman.conf. Existing setups > will not be affected, but new users may want to enable them and > benefit from the additional packages. Instructions are provided in > our wiki[1]. > > TL;DR: > > # pacman -Syu artix-archlinux-support For reference, the distro list was added on commit ee03888ab ("prioritize installing via OS (#3442)") / PR #3442. [1] https://wiki.artixlinux.org/Main/Repositories#Arch_repositories
* | Merge pull request #4479 from kmk3/issue-template-improvementsLibravatar netblue302021-08-30
|\ \ | | | | | | Issue template improvements
| * | bug_report.md: add log sectionLibravatar Kelvin M. Klann2021-08-25
| | | | | | | | | | | | Currently, the log portion seems to be part of the Checklist section.
| * | bug_report.md: format the details sectionLibravatar Kelvin M. Klann2021-08-25
| | | | | | | | | | | | | | | And put the code block inside of an HTML paragraph, so that it's not just free floating after the `<summary>`.
| * | bug_report.md: trim leading spaces on list itemsLibravatar Kelvin M. Klann2021-08-25
| | |
| * | bug_report.md: turn section titles into headersLibravatar Kelvin M. Klann2021-08-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | This properly separates the document into sections and makes the titles stand out more. It is also more consistent with what is generated by GitHub issue forms (YAML). See also the following discussion: https://github.com/netblue30/firejail/discussions/4468
| * | bug_report.md: add missing blank linesLibravatar Kelvin M. Klann2021-08-25
| |/ | | | | | | | | | | | | | | | | Isolate each section title and each list from other elements, to make them more visually distinguishable. This should also make it easier to find and edit only the parts that are meant to be edited. See also the following discussion: https://github.com/netblue30/firejail/discussions/4468
* | Merge pull request #4477 from bjpbakker/multimc5-lwjglLibravatar netblue302021-08-30
|\ \ | | | | | | multimc5: fix exec of LWJGL libraries
| * | multimc5: fix exec of LWJGL librariesLibravatar Bart Bakker2021-08-24
| |/
* | Merge pull request #4475 from davidebeatrici/telegram-desktop-2.6.1-fixLibravatar netblue302021-08-30
|\ \ | | | | | | telegram.profile: whitelist /usr/share/TelegramDesktop
| * | telegram.profile: whitelist /usr/share/TelegramDesktopLibravatar Davide Beatrici2021-08-21
| |/ | | | | | | | | | | | | | | Telegram loads packed resources dynamically since 443eef3202ee43c2e820cc550fbcc70a7609f452. In the official Debian package, the relevant file can be found at /usr/share/TelegramDesktop/tresources.rcc. If the file cannot be loaded, the program fails to launch and prints "Packed resources not found".
* | Merge pull request #4486 from pirate486743186/yt-dlp-profileLibravatar netblue302021-08-30
|\ \ | | | | | | create yt-dlp.profile
| * | create yt-dlp.profileLibravatar pirate4867431862021-08-27
| |/
* | Merge pull request #4484 from pirate486743186/gallery-dlLibravatar netblue302021-08-30
|\ \ | | | | | | creating gallery-dl.profile
| * | creating gallery-dl.profileLibravatar pirate4867431862021-08-27
| |/
* | Merge pull request #4476 from minus7/masterLibravatar netblue302021-08-30
|\ \ | | | | | | Fix hanging arp_check
| * | Fix hanging arp_checkLibravatar minus2021-08-22
| |/ | | | | | | | | | | | | arp_check relied on select(2) decreasing the timeout. This doesn't seem to be the case on Linux anymore, thus arp_check tends to hang when the interface sees a lot of traffic. Calculating the timeout explicitly solves the problem.
* / updating youtube-viewers-common.profile (#4485)Libravatar pirate4867431862021-08-29
|/
* Give fbuilder full original environmentLibravatar Topi Miettinen2021-08-16
| | | | Closes: #4460
* Update celluloid.profileLibravatar rusty-snake2021-08-16
| | | | Fix #4469
* add disable-X11.inc to profile templateLibravatar Reiner Herrmann2021-08-14
|
* Move disable-passwordmgr.inc into disable-common.inc/disable-programs.inc ↵Libravatar rusty-snake2021-08-12
| | | | follow up
* Move disable-passwordmgr.inc into disable-common.inc/disable-programs.inc ↵Libravatar rusty-snake2021-08-12
| | | | | (#4461) See #4454
* Create disable-X11.inc (#4462)Libravatar rusty-snake2021-08-11
|
* fix man firejail-profileLibravatar rusty-snake2021-08-09
| | | | | machine-id is not affected by --disable-network and matches in "User Environment" as well.
* Update keepassxc.profileLibravatar rusty-snake2021-08-09
| | | | | | | - Add whitelist-run-common.inc - Drop netlink (there are no error or borken feature for me (including auto-type)) - Second update for the dbus-policy
* Add /run/media to whitelist-run-common.incLibravatar rusty-snake2021-08-09
|
* Add rmenv RESTIC_* to disable-passwdmgr.incLibravatar rusty-snake2021-08-09
|
* Fix zim and rednotebookLibravatar rusty-snake2021-08-09
| | | | Introduced in 2e4d52ec
* Correct directory for sway.profile and io.github.lainsce.Notejot.profileLibravatar rusty-snake2021-08-09
|
* remove cargo registry token for crates.io from environmentLibravatar Reiner Herrmann2021-08-06
|
* Respect quiet if no dbus-user (filter|none) is setLibravatar rusty-snake2021-08-05
|
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-03 06:32:03 +0000