| Commit message (Collapse) | Author | Age |
|\
| |
| | |
add ncdu2 redirect profile
|
| | |
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
[skip ci]
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Create node.profile
* Create node-gyp.profile
* refactor npm as redirect
* Create npx.profile
* Create nvm.profile
* Create semver.profile
* refactor yarn as redirect
* collect node.js stack configuration in common profile
* add ~/.nvm to node section
* account for node-gyp python dependency
* read-only ~/.nvm for node.js stack
* blacklist ~/.nvm for node.js stack
* move env var comment cfr. profile.template
* Delete node-gyp.profile
node-gyp is a shell script with a node shebang. We've got that covered via node.profile.
* Delete npx.profile
npx is a shell script with a node shebang. We've got that covered via node.profile.
* Delete semver.profile
semver is a shell script that calls node. We've got that covered via node.profile.
* add node and nvm to new profiles section
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
README.md/RELNOTES:
- Add new profiles
etr.profile:
- adding passwd to private-etc makes it work for me
file-roller.profile
- add netfilter
- add zstd to private-bin
- add cp,mv,rm to private-bin which seems to be necessary in some
cases.
#4113 is likely fixed with this but wait for OP.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
discord-canary.profile:
fix #4175
flameshot.profile:
- private-tmp break flameshot (wayland only?)
- Screengrabbing (under wayland) is done via dbus, the following names
must be allowed:
- GNOME: org.gnome.Shell
- KDE: org.kde.KWin
- Sway: org.freedesktop.portal.Desktop
- Allow notifications and tray too, because org.gnome.Shell (for
example) is already totaly unsafe.
mumble.profile:
fix #4181
|
| |
|
| |
|
|
|
|
| |
I can't seem to get it to work with seccomp enabled.
|
|
|
|
|
|
|
|
| |
- Add netlink to pcsxr fixing controller support
- Add openmw and PPSSPPSDL to firecfg
- Update readme for new profiles
Note: file picker in dolphin-emu is being weird (not showing or freezing)
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
blacklist ${HOME}/.vwmare is already in disable-programs.inc
I did not add it to firecfg.config because it has many extra features
such as usb-redirection that I could not test.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
* new profile: shotwell
* Create shotwell.profile
* new profile: shotwell
* add shotwell blacklists
|
|
|
|
|
| |
* add new profile: mdr
* Create mdr.profile
|
|
|
|
|
| |
* Create agetpkg.profile
* new profile: agetpkg
|
|
|
|
|
|
|
| |
* Create lsar.profile
* Create unar.profile
* new profiles lsar & unar
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add yarn & reorder
* add node-gyp & yarn files
* Create nodejs-common.profile
* Create yarn.profile
* refactor npm.profile
* add new profile: yarn
* read-only's for npm/yarn
Thanks to the [suggestion](https://github.com/netblue30/firejail/pull/3876#pullrequestreview-564682989) from @kmk3.
* ignore read-only's for npm
As [suggested](https://github.com/netblue30/firejail/pull/3876#pullrequestreview-564682989) by @kmk3.
* ignore read-only for yarn
As suggested in https://github.com/netblue30/firejail/pull/3876#pullrequestreview-564682989 by @kmk3.
* remove quiet from nodejs-common.profile
quiet should go into the caller profiles instead
* add quiet to npm.profile
Thanks @rusty-snake for the review.
* re-ordering some options
* re-ordering
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
* new profile: tutanota-desktop
* add tutanota-desktop to firecfg
* blacklist tutanota-desktop files
* Create tutanota-desktop.profile
|