Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | add gnome-screenshot.profile | rusty-snake | 2020-03-15 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | patch for xdg-dbus-proxy ``` --- a/etc/gnome-screenshot.profile +++ b/etc/gnome-screenshot.profile @@ -45,3 +45,8 @@ private-bin gnome-screenshot private-dev private-etc dconf,fonts,gtk-3.0,localtime,machine-id private-tmp + +dbus-user filter +dbus-user.own org.gnome.Screenshot +dbus-user.talk org.gnome.Shell.Screenshot +dbus-system block ``` patch for whitelist-runuser-common.inc ``` --- a/etc/gnome-screenshot.profile +++ b/etc/gnome-screenshot.profile @@ -17,11 +17,8 @@ include disable-passwdmgr.inc include disable-programs.inc include disable-xdg.inc -whitelist ${RUNUSER}/bus -whitelist ${RUNUSER}/pulse -whitelist ${RUNUSER}/gdm/Xauthority -whitelist ${RUNUSER}/wayland-0 include whitelist-usr-share-common.inc +include whitelist-runuser-common.inc include whitelist-var-common.inc apparmor ``` | ||
* | add xournal.profile | Hans-Christoph Steiner | 2020-02-27 |
| | |||
* | merges & RELNOTES | rusty-snake | 2020-02-23 |
| | |||
* | Add support for SELinux labeling | Topi Miettinen | 2020-02-22 |
| | | | | | | | | | | | | | | | | | | | | | | | Running `firejail --noprofile --private-bin=bash,ls ls -1Za /usr/bin` shows that the SELinux labels are not correct: ``` user_u:object_r:user_tmpfs_t:s0 . system_u:object_r:usr_t:s0 .. user_u:object_r:user_tmpfs_t:s0 bash user_u:object_r:user_tmpfs_t:s0 ls ``` After fixing this: ``` system_u:object_r:bin_t:s0 . system_u:object_r:usr_t:s0 .. system_u:object_r:shell_exec_t:s0 bash system_u:object_r:bin_t:s0 ls ``` Most copied files and created directories should now have correct labels (bind mounted objects keep their labels). This is useful to avoid having to change the SELinux rules when using Firejail. | ||
* | Add a lot of profiles | rusty-snake | 2020-02-10 |
| | |||
* | Add gnome-hexgl.profile | rusty-snake | 2020-02-03 |
| | |||
* | Add profiles for the WPS-Office | rusty-snake | 2020-01-29 |
| | |||
* | new profile: gnome-passwordsafe | rusty-snake | 2020-01-25 |
| | |||
* | Add a profile for clipgrab | rusty-snake | 2020-01-25 |
| | | | | Thanks @DurtyDev for testing (netblue30/firetools#47) | ||
* | create rtv.profile | rusty-snake | 2020-01-19 |
| | |||
* | add tvbrowser.profile | rusty-snake | 2020-01-18 |
| | | | | Thanks @Micha-Btz for all the testing. | ||
* | Update RELNOTES, README.md|Add firefox-x11.profile | rusty-snake | 2020-01-13 |
| | |||
* | spelling | netblue30 | 2019-12-14 |
| | |||
* | new release branch | netblue30 | 2019-12-14 |
| | |||
* | mainline moving to 0.9.63 for new development; release 0.9.62 is handled on ↵ | netblue30 | 2019-12-06 |
| | | | | release-0.9.62 branch | ||
* | Update README.md | glitsj16 | 2019-11-25 |
| | |||
* | Add new profile: gist (#3061) | glitsj16 | 2019-11-25 |
| | | | | | | | | | | | | * Create gist.profile * Add gist config to disable-programs.inc * Add gist to firecfg.config * Update RELNOTES * Update README.md | ||
* | various fixups | rusty-snake | 2019-11-25 |
| | |||
* | merges | Tad | 2019-11-24 |
| | |||
* | add kfind profile | smitsohu | 2019-11-09 |
| | |||
* | Add amuled profile (redirect from amule) | Fred Barclay | 2019-10-27 |
| | | | | | See https://github.com/netblue30/firejail/issues/1139#issuecomment-546683127 | ||
* | readme/relnotes update | netblue30 | 2019-10-24 |
| | |||
* | kalgebra.profile, kalgebramobile.profile | rusty-snake | 2019-10-12 |
| | |||
* | Create pngquant.profile | rusty-snake | 2019-09-21 |
| | |||
* | Create gnome-latex.profile | rusty-snake | 2019-09-20 |
| | |||
* | various fixes and improvements | rusty-snake | 2019-08-22 |
| | | | | | | | | | | | | - install contrib/syscalls.sh - add GitLab-CI status to README.md - read-only ${HOME}/.cargo/env - move blacklist ${HOME}/.cargo/registry, ${HOME}/.cargo/config to disable-programs - typo in man firejail firejail-profiles firecfg - better descriptions in man firejail-profiles - fixes in man firejail - template descriptions in firejail-profiles | ||
* | profiles: add kiwix-desktop | Tad | 2019-08-18 |
| | |||
* | add bzcat profile | smitsohu | 2019-08-12 |
| | |||
* | Update README.md and RELNOTES [skip ci] | rusty-snake | 2019-08-05 |
| | |||
* | merges | rusty-snake | 2019-07-18 |
| | |||
* | packaging badge | netblue30 | 2019-07-16 |
| | |||
* | mpg123 | startx2017 | 2019-07-06 |
| | |||
* | Update FAQ link in README.md | rusty-snake | 2019-07-02 |
| | |||
* | add profile for zeal | rusty-snake | 2019-06-30 |
| | |||
* | Add profile for jerry chess | Fred Barclay | 2019-06-26 |
| | |||
* | docs update: pkg-config package required on Debian/Ubuntu when running ↵ | netblue30 | 2019-06-25 |
| | | | | ./configure --apparmor | ||
* | Update README.md | rusty-snake | 2019-06-18 |
| | | | | * add link to wiki * now link to contrib/syscalls (#2754) | ||
* | add rhythmbox-client.profile | rusty-snake | 2019-06-16 |
| | |||
* | New profiles: newsbeuter, keepassxc-{cli,proxy} | rusty-snake | 2019-06-14 |
| | |||
* | tcpdump and tshark profiles | netblue30 | 2019-06-13 |
| | |||
* | Create godot.profile | rusty-snake | 2019-06-13 |
| | |||
* | OpenArena profile | netblue30 | 2019-06-13 |
| | |||
* | merges & fixes | rusty-snake | 2019-06-06 |
| | |||
* | Add pandoc.profile | rusty-snake | 2019-06-02 |
| | |||
* | Add profiles for klatexformula, klatexformula_cmdl | rusty-snake | 2019-06-02 |
| | |||
* | 0.9.60 is out, movin to 0.9.61 | netblue30 | 2019-05-27 |
| | |||
* | add cantata to relnotes | smitsohu | 2019-05-26 |
| | |||
* | Add yelp.profile | rusty-snake | 2019-05-25 |
| | |||
* | Add ktouch.profile | rusty-snake | 2019-05-25 |
| | |||
* | Add note about syscall enumerating program (Fixes #2095) | ಚಿರಾಗ್ ನಟರಾಜ್ | 2019-05-21 |
| |