| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
| |
Multiple profiles include firefox-common.profile, but not all of them
include whitelist-usr-share-common.inc.
Suggested by @glitsj16[1].
This amends commit 094892dfd ("profiles: remove /usr/share/vulkan
already whitelisted by wusc (#5910)", 2023-07-20).
[1] https://github.com/netblue30/firejail/pull/5910/files#r1269397348
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `shell` option has been removed. Remove stale references.
This does NOT remove `shell none`-related code comments in:
- src/firejail/fs_lib.c (L433-L441)
- src/firejail/join.c (L415-L417)
Relates to #5196.
Suggested by #5891.
|
|
|
|
|
|
|
| |
Bleachbit is used to permanently delete files by overwriting the memory.
So the most popular feature of Bleachbit is emptying the Trash.
Relates to #5337.
|
| |
|
|
|
| |
Co-authored-by: pirate486743186 <>
|
| |
|
| |
|
|\
| |
| | |
update lobster profile
|
| | |
|
|/ |
|
| |
|
|\ |
|
| | |
|
| |
| |
| |
| |
| | |
I assume most people want this on, since it is a messenger application,
and you can control whether you turn it on or off in the app.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For consistency and to reduce confusion.
The toolkit has been renamed from "GTK+" to just "GTK" in 2019[1].
Note: This also fixes some adjacent typos.
Commands used to search and replace:
$ git grep -lz 'G[Tt][Kk]' -- etc | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(sed -E \
-e 's/G[Tt][Kk]\+?/GTK/g' \
-e 's/GTK-.\.0/GTK/g' \
-e 's/GTK base/GTK-base/g' \
-e 's/GTK-base /GTK-based /g' \
-e 's/Light weight/Lightweight/g' \
-e 's/client with GTK/client made with GTK/g' '{}')\" >'{}'"
Misc: I noticed this on #5722.
[1] https://mail.gnome.org/archives/gtk-devel-list/2019-February/msg00000.html
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Command used to search for entries:
$ git grep '^read-only ${HOME}/' -- 'etc/profile*'
Note for gpg: ~/.gnupg/gpg.conf is apparently only managed by gpgconf(1)
rather than through gpg(1) itself, in which case it does not need to be
made read-write in gpg.profile.
|
| |
| |
| |
| |
| |
| |
| | |
Instead of duplicating them on every profile that tries to allow opening
links in Firefox.
And make that path read-write on firefox.profile.
|
| |
| |
| |
| |
| |
| |
| | |
Note: mpv itself does not modify anything in ~/.config/mpv as far as I
know, in which case it does not need a read-write entry.
Relates to #5706 #5707 #5710.
|
| |\
| | |
| | | |
create blink-common.profile
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
KeePassXC can offer a Secret Service to store secrets for other
programs.
See https://specifications.freedesktop.org/secret-service/latest/
|
| | | |
|
| | |
| | |
| | | |
Co-authored-by: pirate486743186 <>
|
| | |
| | |
| | | |
Co-authored-by: pirate486743186 <>
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Now that we have randomized UTS namespaces support[1] by default for
every sandbox, there's no longer a need to set hostname to a fixed
value. This commit removes such fixed hostname entries from all
profiles that have it.
[1] https://github.com/netblue30/firejail/discussions/5597#discussioncomment-4996357
|
| | |
| | |
| | |
| | |
| | | |
No functional changes.
Relates to #639.
|
| |\ \
| | | |
| | | | |
refactor yt-dlp
|
| | | | |
|
| | |/
| |/| |
|
| |\ \
| | | |
| | | | |
email-common.profile: allow bsfilter
|
| | |/
| | |
| | |
| | |
| | | |
https://bsfilter.org/
Signed-off-by: Marek Küthe <m.k@mk16.de>
|
| |\ \
| | | |
| | | | |
add ani-cli.profile
|
| | |/
| | |
| | |
| | | |
https://github.com/pystardust/ani-cli
|
| |/
| |
| |
| | |
https://github.com/justchokingaround/lobster
|
|/
|
|
|
|
| |
Closes #5716
Signed-off-by: Marek Küthe <m.k@mk16.de>
|
|
|
|
|
| |
Closes https://github.com/netblue30/firejail/issues/5704
Signed-off-by: Marek Küthe <m.k@mk16.de>
|
|
|
| |
Co-authored-by: pirate486743186 <>
|
|
|
| |
Co-authored-by: pirate486743186 <>
|
|\
| |
| | |
build: Fix whitespace and add .editorconfig
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commands used to search and replace:
$ git grep -Ilz '.' | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(cat '{}')\" >'{}'"
The above commands ensure that there is exaclty 1 line terminator at EOF
(rather than 0 or more than 1) on all non-empty text files.
This fixes all of the "new blank line at EOF" errors raised by git:
$ git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904..HEAD |
grep '^[^+]' | cut -f 3 -d : | LC_ALL=C sort | uniq -c
21 new blank line at EOF.
72 space before tab in indent.
4 trailing whitespace.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Create qpdf.profile and redirects
qpdf (CLI) provides PDF metadata cleaning.
See privacy-handbuch.de[1] for details.
The site offers pdf-meta-clean.sh[2], which works very well with
firejailed qpdf.
[1] https://www.privacy-handbuch.de/handbuch_43a.htm
[2] https://www.privacy-handbuch.de/download/pdf-meta-clean.sh
* RELNOTES: add qpdf and redirects to new profiles section
* firecfg.config: add qpdf and redirects
* qpdf: use 'seccomp socket' instead of 'protocol unix'
See https://github.com/netblue30/firejail/issues/639. Thanks @rusty-snake in code review.
|
|/ |
|
| |
|
| |
|
|
|
|
| |
profiles
|
| |
|