| Commit message (Collapse) | Author | Age |
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
README.md: Mention security situation on Ubuntu and recommend PPA
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add the information posted by @reinerh on #4666 (related to
CVE-2021-26910 and Ubuntu's security policy) and also the instructions
from #4663 for installing from the PPA.
See also https://bugs.launchpad.net/ubuntu/+source/firejail/+bug/1916767
|
|/ |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
- Update RELNOTES and README.md
- disable-common.inc
- blacklist ${HOME}/.local/share/ibus-typing-booster
- blacklist /run/timeshift (closes #4660)
- fix audacity.profile (closes #4659)
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should make it easier for users, and distributions, to customize
which programs they want firejail to wrap. Also fixed some
firecfg.cfg -> firecfg.config references.
Signed-off-by: Hank Leininger <hlein@korelogic.com>
Closes: https://github.com/netblue30/firejail/issues/408
Bug: https://github.com/netblue30/firejail/issues/2097
Bug: https://github.com/netblue30/firejail/issues/2829
Bug: https://github.com/netblue30/firejail/issues/3665
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Home page: https://artixlinux.org
A few months ago, running `pacman -S firejail` would install it from
Arch's "community" repository by default. But currently, Artix has its
own firejail package, in the "galaxy" repository:
* https://gitea.artixlinux.org/packagesF/firejail
* https://repology.org/project/firejail/versions
See also the following article from 2021-06-09:
https://artixlinux.org/news.php#Arch_repositories_made_optional
> Arch repositories made optional
>
> Artix has reached the stage where it can operate without the help of
> the Arch repositories, including the preparation of its installation
> media. As such, all new weekly ISO images will ship without [extra],
> [community] and [multilib] enabled in pacman.conf. Existing setups
> will not be affected, but new users may want to enable them and
> benefit from the additional packages. Instructions are provided in
> our wiki[1].
>
> TL;DR:
>
> # pacman -Syu artix-archlinux-support
For reference, the distro list was added on commit ee03888ab
("prioritize installing via OS (#3442)") / PR #3442.
[1] https://wiki.artixlinux.org/Main/Repositories#Arch_repositories
|
|\
| |
| | |
add ncdu2 redirect profile
|
| | |
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
[skip ci]
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Create node.profile
* Create node-gyp.profile
* refactor npm as redirect
* Create npx.profile
* Create nvm.profile
* Create semver.profile
* refactor yarn as redirect
* collect node.js stack configuration in common profile
* add ~/.nvm to node section
* account for node-gyp python dependency
* read-only ~/.nvm for node.js stack
* blacklist ~/.nvm for node.js stack
* move env var comment cfr. profile.template
* Delete node-gyp.profile
node-gyp is a shell script with a node shebang. We've got that covered via node.profile.
* Delete npx.profile
npx is a shell script with a node shebang. We've got that covered via node.profile.
* Delete semver.profile
semver is a shell script that calls node. We've got that covered via node.profile.
* add node and nvm to new profiles section
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
README.md/RELNOTES:
- Add new profiles
etr.profile:
- adding passwd to private-etc makes it work for me
file-roller.profile
- add netfilter
- add zstd to private-bin
- add cp,mv,rm to private-bin which seems to be necessary in some
cases.
#4113 is likely fixed with this but wait for OP.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
discord-canary.profile:
fix #4175
flameshot.profile:
- private-tmp break flameshot (wayland only?)
- Screengrabbing (under wayland) is done via dbus, the following names
must be allowed:
- GNOME: org.gnome.Shell
- KDE: org.kde.KWin
- Sway: org.freedesktop.portal.Desktop
- Allow notifications and tray too, because org.gnome.Shell (for
example) is already totaly unsafe.
mumble.profile:
fix #4181
|