Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | retiring --audit (replaced by jailtest) | netblue30 | 2021-03-01 |
| | |||
* | Add ./configure --enable-force-nonewprivs | rusty-snake | 2021-03-01 |
| | | | | This will always set 'nonewprivs', 'caps.drop all' and 'nogroups'. | ||
* | compile time: enable LTS | startx2017 | 2021-02-28 |
| | |||
* | compile time: disable --output | startx2017 | 2021-02-28 |
| | |||
* | jaitest - simple sandbox testing utility program | netblue30 | 2021-02-20 |
| | |||
* | Merge pull request #3864 from haraldkubota/master | rusty-snake | 2021-02-13 |
|\ | | | | | Add first version of zsh completion | ||
| * | Add first version of zsh completion | Harald Kubota | 2021-02-12 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't have duplicate descriptions and put = signs where they belong to zsh completion function now dynamically adjusts for options (e.g. no --apparmor option without AppArmor configured) No EXTRA_CFLAGS for cpp Found main.c which does the argument processing. Moved some arguments into the correct #ifdef blocks Profile selection now much better Not more cpp. Using preproc.awk instead. Updated bash firejail command completion to add profiles ignore bash and zsh dynamically created completion scripts Moved bash/zsh completions out of ALL_ITEMS to fix make install Cleanup | ||
* | | configure*: fix typo of HAVE_USERTMPFS | Kelvin M. Klann | 2021-02-09 |
| | | | | | | | | | | | | | | | | | | | | | | Added on commit 64a8d6a7f ("compile time option to disable --private-cache and --tmpfs for regular user"). These are the only occurrences: $ git ls-files -z | xargs -0 grep -Fin USERTMPS configure:3542:HAVE_USERTMPS="" configure.ac:80:HAVE_USERTMPS="" | ||
* | | disabled overlayfs, fixes pending; added video channels to README* files | netblue30 | 2021-02-06 |
| | | |||
* | | back to 0.9.65; rel 0.9.64.2 moved on a different branch, out in the next ↵ | netblue30 | 2021-01-27 |
| | | | | | | | | two days | ||
* | | release 0.9.64.2 testing | netblue30 | 2021-01-26 |
|/ | |||
* | compile time option to disable --private-cache and --tmpfs for regular user | netblue30 | 2020-10-27 |
| | |||
* | refactor test targets and let build fail on test errors | Reiner Herrmann | 2020-10-24 |
| | |||
* | bump version to new development version 0.9.65 | Reiner Herrmann | 2020-10-24 |
| | |||
* | 0.9.64 testing | netblue30 | 2020-10-21 |
| | |||
* | build: check for presence of gawk when manpages will be built | Reiner Herrmann | 2020-10-10 |
| | | | | Fixes: #3661 | ||
* | set as 0.9.64rc2 for development until we release the real one | netblue30 | 2020-10-05 |
| | |||
* | testing 0.9.64rc1 | netblue30 | 2020-10-04 |
| | |||
* | replaced --enable-man with --disable-man in ./configure | netblue30 | 2020-10-03 |
| | |||
* | compile support for GCC static analyzer (--enable-analyzer) | netblue30 | 2020-09-28 |
| | |||
* | disable dbus proxy at compile time (default enabled) - part 1 | netblue30 | 2020-09-09 |
| | |||
* | preprocessor for man pages | startx2017 | 2020-09-01 |
| | |||
* | removed --disable-seccomp from ./configure | startx2017 | 2020-09-01 |
| | |||
* | Configure Debian package with AA and SELinux options | Topi Miettinen | 2020-05-14 |
| | | | | | Configure Debian package with AA and SELinux options if they are enabled. | ||
* | profile stats | netblue30 | 2020-03-19 |
| | |||
* | Add support for SELinux labeling | Topi Miettinen | 2020-02-22 |
| | | | | | | | | | | | | | | | | | | | | | | | Running `firejail --noprofile --private-bin=bash,ls ls -1Za /usr/bin` shows that the SELinux labels are not correct: ``` user_u:object_r:user_tmpfs_t:s0 . system_u:object_r:usr_t:s0 .. user_u:object_r:user_tmpfs_t:s0 bash user_u:object_r:user_tmpfs_t:s0 ls ``` After fixing this: ``` system_u:object_r:bin_t:s0 . system_u:object_r:usr_t:s0 .. system_u:object_r:shell_exec_t:s0 bash system_u:object_r:bin_t:s0 ls ``` Most copied files and created directories should now have correct labels (bind mounted objects keep their labels). This is useful to avoid having to change the SELinux rules when using Firejail. | ||
* | mainline moving to 0.9.63 for new development; release 0.9.62 is handled on ↵ | netblue30 | 2019-12-06 |
| | | | | release-0.9.62 branch | ||
* | testing for -fstack-clash-protection and -fstack-protector-strong compile flags | netblue30 | 2019-06-26 |
| | |||
* | disable firetunnel at config time (#2793) | netblue30 | 2019-06-24 |
| | |||
* | use pkg-config macro to locate apparmor and flags | Reiner Herrmann | 2019-06-21 |
| | |||
* | use AX_CHECK_COMPILE_FLAG to check for spectre flags | Reiner Herrmann | 2019-06-21 |
| | | | | Fixes #2661 | ||
* | 0.9.60 is out, movin to 0.9.61 | netblue30 | 2019-05-27 |
| | |||
* | 0.9.60 testing | netblue30 | 2019-05-26 |
| | |||
* | moving to rc2 | netblue30 | 2019-04-21 |
| | |||
* | 0.9.60-rc1 testing0.9.60-rc1 | netblue30 | 2019-04-21 |
| | |||
* | 0.9.58.2 is out, moving back to 0.9.59 | netblue30 | 2019-02-08 |
| | |||
* | 0.9.58.2 testing | netblue30 | 2019-02-08 |
| | |||
* | moving to 0.9.59 | netblue30 | 2019-01-27 |
| | |||
* | release 0.9.58 testing | netblue30 | 2019-01-26 |
| | |||
* | release 0.9.58-rc1 | netblue30 | 2019-01-21 |
| | |||
* | reverting to 0.9.57 | netblue30 | 2018-10-21 |
| | |||
* | 0.9.56.1 - bugfix release | netblue30 | 2018-10-11 |
| | |||
* | configure.ac: set sysconfdir only if none was specified manually | Reiner Herrmann | 2018-10-03 |
| | | | | Fixes #2125 | ||
* | --version 0.9.57 | netblue30 | 2018-09-19 |
| | |||
* | 0.9.56 released0.9.56 | netblue30 | 2018-09-18 |
| | |||
* | removed --disable-bind configuration option; some ohter minor cleanup | startx2017 | 2018-08-22 |
| | |||
* | release 0.9.56~rc1 testing | netblue30 | 2018-08-11 |
| | |||
* | Replace all possible HTTP links with HTTPS | Tad | 2018-08-08 |
| | |||
* | removed compile time --enable-network=restricted, --net=none allowed even if ↵ | startx2017 | 2018-07-26 |
| | | | | networking was disabled at compile time or at run time, fixed issue #2061 | ||
* | 0.9.55 | netblue30 | 2018-05-16 |
| |