| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
KeePassXC can offer a Secret Service to store secrets for other
programs.
See https://specifications.freedesktop.org/secret-service/latest/
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Command: sed -i "/^shell none/d" etc/*/*
TODO:
```
etc/profile-a-l/beaker.profile:ignore shell none
etc/profile-a-l/default.profile:# shell none
etc/profile-a-l/fdns.profile:#shell none
etc/profile-a-l/gnome-nettool.profile:#shell none
etc/profile-a-l/jitsi-meet-desktop.profile:ignore shell none
etc/profile-m-z/pidgin.profile:# shell none
etc/profile-m-z/rocketchat.profile:ignore shell none
etc/profile-m-z/server.profile:# shell none
etc/templates/profile.template:# OPTIONS (caps*, net*, no*, protocol, seccomp*, shell none, tracelog)
etc/templates/profile.template:#shell none
```
- manpage
- RELNOTES
- fbuilder
|
| |
|
|
|
|
|
| |
s/nou2f/private-dev/
This amends commit 8a718ff4a ("keepass*: note that private-dev blocks
access to new hardware keys", 2022-02-05).
|
| |
|
|
|
|
| |
Which may be surprising to some users (see #4883).
Fixes #4883.
|
| |
|
|
|
|
|
| |
At least keepassxc supports U2F and password managers seem like they
would be a common use case for it.
See the discussion on #4883.
|
| | |
|
| |
|
|
|
|
|
|
| |
Command:
sed -i -E "s/^private-etc /private-etc ld.so.preload,/" \
$(grep -LE "^private-etc .*ld.so.preload" etc/profile-*/*) \
&& python3 contrib/sort.py etc/profile-*/*
|
| |
|
|
|
|
|
|
|
|
| |
- disable-programs.inc: blacklist ${HOME}/.local/state/pipewire
If you did not yet noticed, on 08th May 2021 the XDG Base Directory
Specification 0.8 was resleased (the first update since 2010). New are
$XDG_STATE_HOME and $HOME/.local/bin.
- keepassxc: mkdirs are necessary
- gnote: harden
- pngquant: harden
|
| |
|
|
|
| |
(#4461)
See #4454
|
| |
|
|
|
|
|
| |
- Add whitelist-run-common.inc
- Drop netlink (there are no error or borken feature for me (including
auto-type))
- Second update for the dbus-policy
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit fe0f975f447d59977d90c3226cc8c623b31b20b3.
Note: This only reverts the changes from etc.
The 4 aliases introduced on commit 45f2ba544 are mere, well, aliases.
That is, they fail to address the different usability problems discussed
on [#3447][3447] and in fact only make things more confusing (as has
already been mentioned on [this][4379] and later comments). The main
reason is that the aliases do not meaningfully map to the original
commands. For example, the commands from each pair below seem like they
would do the exact same thing:
* `allow` and `nodeny`
* `deny` and `noallow`
Additionally, if these aliases are not the final commands, but only a
test/work-in-progress, then keeping the wide-scale search/replace
changes made on commit fe0f975f4 would only serve to cause confusion, as
users of firejail-git, contributors and downstream projects might start
changing the commands used on their profiles, only to later have to
change them again, potentially to completely different commands.
The sooner this is undone the better, as (besides the above reasons) the
more profile changes there are between the original commit and the
revert, the harder it is to e.g.: `git diff` versions of files across
the following revision ranges: before the commit, after the commit but
before the revert and after the revert. Note: This is still the case
even if a commit is [ignored by `git blame`][4390].
So let us revert fe0f975f4 and only reapply similar large-scale changes
once we have discussed and settled on better commands.
How the revert was applied: Despite using the auto-generated message
from `git revert`, to ensure correctness and to avoid conflicts the
changes were reverted in different steps: Firstly, revert the files
which can be safely reverted directly ("filestorevert"):
# Find out which files have been changed on fe0f975f44, but have not
# been changed afterwards and list them on "filestorevert"
git show --pretty='' --name-only fe0f975f44 -- etc | LC_ALL=C sort >allfiles
git diff --name-only fe0f975f44..master -- etc | LC_ALL=C sort >filestoignore
comm -2 -3 allfiles filestoignore >filestorevert
# Note: There are 3 extra files on filestoignore because they were
# added after commit fe0f975f44
wc -l allfiles filestoignore filestorevert | head -n 3
# 797 allfiles
# 8 filestoignore
# 792 filestorevert
# Automatically revert files in "filestorevert"
# See https://stackoverflow.com/a/23401018/10095231
tr '\n' '\000' <filestorevert | xargs -0 git show fe0f975f44 -- |
git apply --reverse
printf 'Total files reverted:\n'
git diff --name-only | wc -l
# 792
Secondly, do some search/replace on the rest:
tr '\n' '\000' <filestoignore | xargs -0 sed -i.bak \
-e 's/allow /whitelist /' -e 's/noallow /nowhitelist /' \
-e 's/deny /blacklist /' -e 's/nodeny /noblacklist /' \
-e 's/deny-nolog /blacklist-nolog /'
find etc -name '*.bak' -print0 | xargs -0 rm
Thirdly, verify the result. The following command shows the difference
between all the changes in etc from before fe0f975f44 and this commit
(inclusive):
git diff fe0f975f44~1 -- etc
From the output, it looks like all alias changes are fully reverted and
that the other changes to etc (from after fe0f975f44) remain, so the
revert seems to be done correctly.
[3447]: https://github.com/netblue30/firejail/issues/3447
[4379]: https://github.com/netblue30/firejail/issues/4379#issuecomment-876460222
[4390]: https://github.com/netblue30/firejail/issues/4390
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
* refactor local override comments
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5df1f27c638c487dfd664ea3a0f756565e1e57bd.
That commit breaks things, as pointed out by @rusty-snake[1]:
> @kmk3 @glitsj16 The xdg macros are treated literally if they have sub
> components (#2359):
>
> ```
> Error: "${DOCUMENTS}/KeePassXC" is an invalid filename: rejected character: "{"
> ```
[1]: https://github.com/netblue30/firejail/commit/3fa2927c3c1c5cf583864746538ea791c1ba2dc4#commitcomment-46913219
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, some paths are hard-coded:
$ grep -Fnr '${HOME}/Documents' etc etc-fixes
etc/profile-m-z/Mathematica.profile:19:mkdir ${HOME}/Documents/Wolfram Mathematica
etc/profile-m-z/Mathematica.profile:22:whitelist ${HOME}/Documents/Wolfram Mathematica
etc/profile-a-l/keepassxc.profile:34:# If you do so, you MUST store your database under ${HOME}/Documents/KeePassXC/foo.kdbx
etc/profile-a-l/keepassxc.profile:35:#mkdir ${HOME}/Documents/KeePassXC
etc/profile-a-l/keepassxc.profile:36:#whitelist ${HOME}/Documents/KeePassXC
Commands used to search and replace:
$ find etc etc-fixes/ -type f -exec \
sed -i.bak -e 's|\${HOME}/Documents|${DOCUMENTS}|' '{}' +
Related to that, the (lack of) usage of ${DOWNLOADS} has been recently
fixed on commit deae31301 ("use ${DOWNLOADS} in lutris.profile
(#3955)").
With the above change, all macros other than ${DOCUMENTS} seem to be
already used appropriately:
$ grep -Fnr '${HOME}/Desktop' etc etc-fixes
$ grep -Fnr '${HOME}/Downloads' etc etc-fixes
$ grep -Fnr '${HOME}/Music' etc etc-fixes
$ grep -Fnr '${HOME}/Pictures' etc etc-fixes
$ grep -Fnr '${HOME}/Videos' etc etc-fixes
See src/firejail/macros.c for details.
|
| |
|
|
| |
ungoogled-chromium won't work with keepassxc (#3941)
|
| |\
| |
| | |
keepassxc.profile: Fix hang due to seccomp
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With the current profile, keepassxc hangs on startup, before showing the
main window:
$ uname -r -m
5.9.1-artix1-1 x86_64
$ firejail --version | head -n 1
firejail version 0.9.64
$ firejail --quiet keepassxc --version
KeePassXC 2.6.2
$ firejail --quiet keepassxc
# (nothing happens)
^C
Seccomp debugging as explained on etc/templates/syscalls.txt:
$ sudo grep -Eo 'keepassxc.* syscall=[0-9]+' /var/log/messages.log | tail -n 1
keepassxc" exe="/usr/bin/keepassxc" sig=31 arch=c000003e syscall=303
$ firejail --debug-syscalls | grep 303
303 - name_to_handle_at
So allow the name_to_handle_at syscall.
Relates to #3549.
|
| |/
|
|
|
| |
- split notifications and tray
- fix tray policy
|
| |
|
|
|
|
|
|
| |
- add seccomp.block-secondary to a lot profiles
- add wruc to firefox-common and ignore it in TB and
firefox-common-addons
- harden dia, gnome-keyring, libreoffice, megaglest, pngquant,
ghostwriter, rhythmbox, sqlitebrowser
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* hardening some profiles
- harden and fix flameshot
- wruc: frogatto, ghostwriter
- harden gnome-latex
- add whitelist opt-in note to keepassxc
- add comment to minetest
- harden openarena, tremulous, xonotic
- add profile for xonotic-sdl-wrapper
* followup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* disable-shell.inc
* add disable-shell.inc to all profiles with a …
… private-bin line without bash/sh except profiles with redirect
profiles.
* add it to some more profiles
* exclude aria2c.profile
|
| |
|
|
|
|
|
| |
* dbus filter (1)
* dbus-filter: firefox
* drop org.gtk.vfs and com.canonical.AppMenu.Registrar
|
| |
|
Thijs Raymakers
netblue30
smitsohu
rusty-snake
Kelvin M. Klann
Neo00001
glitsj16
netblue30