aboutsummaryrefslogtreecommitdiffstats
path: root/etc/profile-m-z
Commit message (Collapse)AuthorAge
* signal-desktop: Allow Signal to open links in Firefox again (#4872)Libravatar Reed Riley2022-01-20
| | | | Related to #4670. Firefox now does inter-process communication using dbus.
* profiles: enable deterministic shutdown for ssh (#4870)Libravatar Reiner Herrmann2022-01-20
| | | | | | | | | | | | | ssh can start in master mode, which will spawn an additional long running process, which keeps connections to a server open, so that it can be reused by later connection attempts. But the lingering master process will prevent the jail from shutting down, when `firejail ssh` tries to exit. This breaks for example ansible when using a firejailed ssh, as it calls ssh with ControlMaster flags. deterministic-shutdown will kill the other process when the parent exits.
* steam.profile: allow /etc/vulkan (#4862)Libravatar Anton Shestakov2022-01-19
| | | AMD Open Source Driver For Vulkan (amdvlk) installs ICD files to /etc/vulkan.
* profiles: extend raincat's private-etc listLibravatar Reiner Herrmann2022-01-14
|
* profiles: sort and drop trailing commasLibravatar Reiner Herrmann2022-01-14
|
* raincatLibravatar netblue302022-01-14
|
* profiles: sort pathsLibravatar Reiner Herrmann2022-01-14
|
* profiles: sort private-bin in warzone2100.profileLibravatar Reiner Herrmann2022-01-14
|
* fix warzone2100 (Debian 11)Libravatar netblue302022-01-13
|
* seperate wget/wget2 rc filesLibravatar glitsj162022-01-13
|
* support wget2 in youtube-viewers-common.profileLibravatar glitsj162022-01-13
|
* support wget2 in steam.profileLibravatar glitsj162022-01-13
|
* Create wget2.profileLibravatar glitsj162022-01-13
|
* Merge pull request #4826 from adrianlshaw/masterLibravatar netblue302022-01-08
|\ | | | | RPCS3 profile
| * Add rpcs3 profileLibravatar Adrian L. Shaw2022-01-06
| |
* | ordering fixesLibravatar glitsj162022-01-06
|/
* Create notable.profileLibravatar glitsj162022-01-05
|
* skypeforlinux: Whitelist downloads directoryLibravatar Hugo Osvaldo Barrera2021-12-30
| | | | It's used when saving files send in conversations.
* Merge pull request #4755 from kmk3/mpv-add-yt-dlpLibravatar netblue302021-12-28
|\ | | | | yt-dlp: add missing paths & mpv.profile: whitelist paths for yt-dlp
| * mpv.profile: whitelist paths for yt-dlpLibravatar Kelvin M. Klann2021-12-09
| | | | | | | | | | | | | | | | | | See etc/profile-m-z/yt-dlp.profile. Relates to commit d6ca41c19 ("update mpv.profile", 2021-10-24) / PR #4634. Fixes #4754.
| * mpv.profile: sort whitelistLibravatar Kelvin M. Klann2021-12-09
| |
| * mpv.profile: stop creating youtube-dl config dirLibravatar Kelvin M. Klann2021-12-09
| | | | | | | | | | | | | | | | If it does not already exist, mpv is unlikely to need or to create it, so just whitelist it if it exists. This amends commit 5d741795c ("Use whitelisting for video players (#3472)", 2020-08-15).
| * disable-programs.inc: blacklist missing yt-dlp pathsLibravatar Kelvin M. Klann2021-12-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This amends commit d6ca41c19 ("update mpv.profile", 2021-10-24) / PR #4634. These paths were taken from yt-dlp(1). They are used since yt-dlp commit e2e43aea2 ("Portable Configuration file (closes #19)", 2021-01-16)[1]. Environment: yt-dlp 2021.12.01-1 on Artix Linux. Relates to: https://github.com/yt-dlp/yt-dlp/issues/19 [1] https://github.com/yt-dlp/yt-dlp/commit/e2e43aea2159a235e151f56bd14383129a6b4355
* | updateLibravatar netblue302021-12-19
| |
* | Merge pull request #4759 from fenuks/tor-browser-update-fixLibravatar netblue302021-12-19
|\ \ | | | | | | Allow /opt/tor-browser for Tor Browser profile
| * | Allow /opt/tor-browser for Tor Browser profileLibravatar fenuks2021-12-09
| |/
* | Allow telegram to open hyperlinksLibravatar York Zhao2021-12-18
| |
* | Merge pull request #4782 from jose1711/nextcloud_usrshareLibravatar netblue302021-12-18
|\ \ | | | | | | Whitelist /usr/share/nextcloud to allow access to translation files.
| * | Whitelist /usr/share/nextcloud to allow access to translation files.Libravatar Jose Riha2021-12-17
| |/
* | Merge pull request #4779 from seonwoolee/fix-teamsLibravatar netblue302021-12-18
|\ \ | | | | | | Fix teams ignoring input sources e.g. microphones
| * | Move noinput outside of disabled until someone reported positive feedback blockLibravatar Seonwoo2021-12-14
| | |
| * | Fix teams ignoring input sources e.g. microphonesLibravatar Seonwoo2021-12-14
| |/
* / Whitelist ${HOME}/.local/opt/tor-browser to make tor-browser workLibravatar York Zhao2021-12-17
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | tor-browser 11.0.2-1 doesn't work without whitelisting this directory. The following was the message I got before whitelisting this directory. Reading profile /etc/firejail/tor-browser.profile Reading profile /etc/firejail/torbrowser-launcher.profile Reading profile /etc/firejail/allow-python2.inc Reading profile /etc/firejail/allow-python3.inc Reading profile /etc/firejail/disable-common.inc Reading profile /etc/firejail/disable-devel.inc Reading profile /etc/firejail/disable-exec.inc Reading profile /etc/firejail/disable-interpreters.inc Reading profile /etc/firejail/disable-passwdmgr.inc Reading profile /etc/firejail/disable-programs.inc Reading profile /etc/firejail/disable-xdg.inc Reading profile /etc/firejail/whitelist-common.inc Reading profile /etc/firejail/whitelist-var-common.inc Reading profile /etc/firejail/whitelist-runuser-common.inc Reading profile /etc/firejail/whitelist-usr-share-common.inc Warning: Warning: NVIDIA card detected, nogroups command disabled Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Parent pid 12653, child pid 12654 104 programs installed in 153.32 ms Warning: An abstract unix socket for session D-BUS might still be available. Use --net or remove unix from --protocol set. Warning: skipping asound.conf for private /etc Warning: skipping crypto-policies for private /etc Warning fcopy: skipping /etc/fonts/conf.d/11-lcdfilter-default.conf, cannot find inode Warning: skipping pki for private /etc Private /etc installed in 64.84 ms Private /usr/etc installed in 0.00 ms Warning: cleaning all supplementary groups Warning: cleaning all supplementary groups Warning: /sbin directory link was not blacklisted Warning: /usr/sbin directory link was not blacklisted Warning: cleaning all supplementary groups Seccomp list in: !chroot, check list: @default-keep, prelist: unknown, Warning: cleaning all supplementary groups Child process initialized in 325.75 ms /usr/bin/tor-browser: [Error] The tor-browser archive could not be extracted to your home directory. Check the permissions of ~/.local/opt/tor-browser/app. The error log can be found in ~/.local/opt/tor-browser/LOG. /usr/bin/tor-browser: line 218: ~/.local/opt/tor-browser/app/Browser/start-tor-browser: No such file or directory
* skype: Harden D-Bus profileLibravatar Hugo Osvaldo Barrera2021-12-07
| | | | | | | Tested these settings and they work fine, including a test call. I can't explain why, but if the `org.kde.StatusNotifierWatcher` entry is removed, Skype will immediately log out the previous session when started.
* skype: Create and whitelist config dirLibravatar Hugo Osvaldo Barrera2021-12-06
| | | | Without this, Skype's session isn't retained.
* etc: Remove comments about nogroups and noroot on nvidiaLibravatar Kelvin M. Klann2021-11-29
| | | | | | | | | | | | | | | | | | | | | | | | `nogroups` should not have been causing issues with rendering on nvidia since commit 623e68216 ("temporary fix for nvidia/nogroups/noroot issue (#3644, #841)", 2020-10-02) and commit cb460c32c ("more nvidia (#3644)", 2020-10-03), which had made it a no-op on nvidia. And the handling of the "render" and "video" groups are independent to the handling of `nogroups` now; see the previous 3 commits. Commits which introduced the comments on each profile: * kodi.profile: commit ce462b6b1 ("fix #3501", 2020-07-16) * mpsyt.profile: commit e17b48fca ("new profile mpsyt.profile", 2018-11-28) * mpv.profile: commit cc7c48983 ("Document #1945", 2018-07-25) * steam.profile: commit d6f8169dd ("steam fixes; #841, #3267", 2020-03-15) Commands used to find the comments: git grep -i nvidia -- etc/profile-* | grep -v private-etc Relates to #4632.
* cleanupLibravatar netblue302021-11-23
|
* Merge pull request #4438 from caydey/masterLibravatar netblue302021-11-23
|\ | | | | Added `quiet` to some CLI profiles
| * Added "quiet" to profileLibravatar caydey2021-08-03
| |
* | Merge pull request #4635 from smitsohu/noorphansLibravatar netblue302021-11-13
|\ \ | | | | | | deterministic-shutdown option
| * | deterministic-shutdown optionLibravatar smitsohu2021-10-28
| | |
* | | Merge pull request #4681 from jmetrius/openstego-profileLibravatar netblue302021-11-13
|\ \ \ | | | | | | | | Add OpenStego profile
| * | | implement review suggestionsLibravatar Jan Sonntag2021-11-12
| | | |
| * | | sort.py cleanupLibravatar Jan Sonntag2021-11-12
| | | |
| * | | Add OpenStego profileLibravatar Jan Sonntag2021-11-12
| | | |
* | | | Merge pull request #4679 from pirate486743186/patch-3Libravatar netblue302021-11-13
|\ \ \ \ | | | | | | | | | | update yt-dlp.profile
| * | | | update yt-dlp.profileLibravatar pirate4867431862021-11-11
| |/ / / | | | | | | | | ffprobe used for embedding images in difficult cases.
* / / / telnet and ftpLibravatar netblue302021-11-12
|/ / /
* | | disable-common.inc: vmware SUID binariesLibravatar netblue302021-11-09
| | |
* | | disable-common.inc: blacklist sshLibravatar netblue302021-11-09
| | |
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-19 20:19:59 +0000