aboutsummaryrefslogtreecommitdiffstats
path: root/README.md
Commit message (Collapse)AuthorAge
...
* typoLibravatar Reiner Herrmann2020-10-25
|
* mergesLibravatar netblue302020-10-25
|
* harden peek; update README.md; add gnome-sound-…Libravatar rusty-snake2020-10-23
| | | | …recorder to firecfg.config
* document compile-time dependency on gawkLibravatar netblue302020-10-03
|
* New profile: equalxLibravatar rusty-snake2020-10-03
|
* chromium-freeworld profile (#3633)Libravatar rusty-snake2020-10-03
|
* changed email address to netblue30 at protonmail dot comLibravatar netblue302020-10-03
|
* profstats - add count for whitelisted home dir, dbus-user noneLibravatar netblue302020-10-02
|
* new profile: xournalppLibravatar rusty-snake2020-09-25
|
* New profiles + fixes + hardeningLibravatar rusty-snake2020-09-14
| | | | | | | | - blacklist ~/.rustup in disable-devel.inc - add note to mpv (See #3628) - harden warsow - update relnotes - new profile qrencode, dbus-send, notify-send
* profstats: track dbus-system noneLibravatar netblue302020-09-08
|
* variousLibravatar rusty-snake2020-09-03
| | | | | | | | | | | | * README.md & RELNOTES * Allow gnome-build do read and write .bash_history, it has a build-in terminal * D-Bus filter for gnome-passwordsafe * wruc for supertuxkart * wruc+wusc for totem * dbus-system none for totem * remove src/man/preproc.c it is replaced by preproc.awk * remove dead-code form preproc.awk
* readme and relnotesLibravatar rusty-snake2020-09-02
|
* Support to ingore a include foobar.incLibravatar rusty-snake2020-08-04
| | | | closes #1139
* new profile: gnome-calendarLibravatar rusty-snake2020-07-30
|
* add profile for sushi (#3558)Libravatar rusty-snake2020-07-30
|
* add newsflash profileLibravatar rusty-snake2020-07-25
|
* hardening some profiles (#3505)Libravatar rusty-snake2020-07-09
| | | | | | | | | | | | | * hardening some profiles - harden and fix flameshot - wruc: frogatto, ghostwriter - harden gnome-latex - add whitelist opt-in note to keepassxc - add comment to minetest - harden openarena, tremulous, xonotic - add profile for xonotic-sdl-wrapper * followup
* new profile: gapplicationLibravatar rusty-snake2020-07-03
|
* new profilesLibravatar rusty-snake2020-06-25
|
* Add strawberry profile to README{,.md} & RELNOTES (#3467)Libravatar Amin Vakil2020-06-15
|
* New profiles: apostrophe & quadrapasselLibravatar rusty-snake2020-06-11
|
* prioritize installing via OS (#3442)Libravatar glitsj162020-06-04
| | | | | | | * prioritize installing via OS * Update README.md Bring in changes discussed in #3442.
* install vim contib filesLibravatar rusty-snake2020-05-02
|
* misc fixesLibravatar rusty-snake2020-04-13
| | | | | | - Makefile.in: loops are slow - Makefile.in: firecfg.config wasn't installed - allow-gjs.inc: gjs uses libmozjs, forgotten to commit
* fdns profileLibravatar netblue302020-04-07
|
* cleanup, fixes, more profstatsLibravatar netblue302020-04-06
|
* gnome games: more + fixesLibravatar rusty-snake2020-04-04
| | | | | | | - fix description - add gnome-klotski, five-or-more, swell-foop [skip ci]
* more gamesLibravatar rusty-snake2020-04-04
| | | | | | | | | | | | | | | | | - blobwars - gravity-beams-and-evaporating-stars - hyperrogue - jumpnbump-menu (alias) - jumpnbump - magicor - mindless - mirrormagic - mrrescue - scorched3d-wrapper (alias) - scorchwentbonkers - seahorse-adventures - wordwarvi - xbill
* profstatsLibravatar netblue302020-04-01
|
* abiword and more gnome-gamesLibravatar rusty-snake2020-03-29
| | | | | | | | | | | - four-in-a-row - gnome-mahjongg - gnome-robots - gnome-sudoku - gnome-taquin - gnome-tetravex harden gnome-chess
* more game profilesLibravatar rusty-snake2020-03-29
| | | | | | | | | | | - frogatto - gnome_games-common.profile - gnome-2048 (make redirect) - gnome-mines - gnome-nibbles - lightsoff - ts3client_runscript.sh (fix #3279) - warmux (don't get confused with the warmux/wormux thing)
* Add a profile for X2GoClientLibravatar Tad2020-03-23
|
* penguin-commadLibravatar netblue302020-03-23
|
* kmplayer etcLibravatar netblue302020-03-22
|
* new profiles: agenda, gnome-pomodoro, gnome-todoLibravatar rusty-snake2020-03-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | rules for xdg-dbus-proxy: dbus-user filter dbus-user.own org.gnome.Pomodoro dbus-user.talk ca.desrt.dconf dbus-user.talk org.gnome.Shell dbus-system none dbus-user filter dbus-user.own org.gnome.Todo dbus-user.talk ca.desrt.dconf dbus-user.talk org.gnome.evolution.dataserver.AddressBook9 dbus-user.talk org.gnome.evolution.dataserver.Calendar8 dbus-user.talk org.gnome.evolution.dataserver.Sources5 dbus-user.talk org.gnome.evolution.dataserver.Subprocess.Backend.* dbus-user.talk org.gnome.OnlineAccounts dbus-user.talk org.gnome.SettingsDaemon.Color dbus-system filter dbus-system.talk org.freedesktop.login1 dbus-user filter dbus.own com.github.dahenson.agenda dbus.talk ca.desrt.dconf dbus-system block
* iagno profileLibravatar netblue302020-03-21
|
* new profiles: ripperx, sound-juicerLibravatar netblue302020-03-19
|
* fix readme.mdLibravatar netblue302020-03-19
|
* fix readme.mdLibravatar netblue302020-03-19
|
* profile statsLibravatar netblue302020-03-19
|
* add gnome-screenshot.profileLibravatar rusty-snake2020-03-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | patch for xdg-dbus-proxy ``` --- a/etc/gnome-screenshot.profile +++ b/etc/gnome-screenshot.profile @@ -45,3 +45,8 @@ private-bin gnome-screenshot private-dev private-etc dconf,fonts,gtk-3.0,localtime,machine-id private-tmp + +dbus-user filter +dbus-user.own org.gnome.Screenshot +dbus-user.talk org.gnome.Shell.Screenshot +dbus-system block ``` patch for whitelist-runuser-common.inc ``` --- a/etc/gnome-screenshot.profile +++ b/etc/gnome-screenshot.profile @@ -17,11 +17,8 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc -whitelist ${RUNUSER}/bus -whitelist ${RUNUSER}/pulse -whitelist ${RUNUSER}/gdm/Xauthority -whitelist ${RUNUSER}/wayland-0 include whitelist-usr-share-common.inc +include whitelist-runuser-common.inc include whitelist-var-common.inc apparmor ```
* add xournal.profileLibravatar Hans-Christoph Steiner2020-02-27
|
* merges & RELNOTESLibravatar rusty-snake2020-02-23
|
* Add support for SELinux labelingLibravatar Topi Miettinen2020-02-22
| | | | | | | | | | | | | | | | | | | | | | | Running `firejail --noprofile --private-bin=bash,ls ls -1Za /usr/bin` shows that the SELinux labels are not correct: ``` user_u:object_r:user_tmpfs_t:s0 . system_u:object_r:usr_t:s0 .. user_u:object_r:user_tmpfs_t:s0 bash user_u:object_r:user_tmpfs_t:s0 ls ``` After fixing this: ``` system_u:object_r:bin_t:s0 . system_u:object_r:usr_t:s0 .. system_u:object_r:shell_exec_t:s0 bash system_u:object_r:bin_t:s0 ls ``` Most copied files and created directories should now have correct labels (bind mounted objects keep their labels). This is useful to avoid having to change the SELinux rules when using Firejail.
* Add a lot of profilesLibravatar rusty-snake2020-02-10
|
* Add gnome-hexgl.profileLibravatar rusty-snake2020-02-03
|
* Add profiles for the WPS-OfficeLibravatar rusty-snake2020-01-29
|
* new profile: gnome-passwordsafeLibravatar rusty-snake2020-01-25
|
* Add a profile for clipgrabLibravatar rusty-snake2020-01-25
| | | | Thanks @DurtyDev for testing (netblue30/firetools#47)
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-28 18:25:49 +0000