aboutsummaryrefslogtreecommitdiffstats
path: root/etc/profile-m-z
Commit message (Collapse)AuthorAge
* some profile updatesLibravatar netblue302023-01-18
|
* Merge pull request #5571 from glitsj16/ec-refactorLibravatar netblue302023-01-15
|\ | | | | email-common refactoring
| * sylpheed: refactoringLibravatar glitsj162023-01-04
| |
* | Merge pull request #5563 from glitsj16/linuxqqLibravatar netblue302023-01-15
|\ \ | | | | | | New profiles: linuxqq/qq
| * | Merge branch 'netblue30:master' into linuxqqLibravatar glitsj162023-01-04
| |\|
| * | Create qq.profileLibravatar glitsj162023-01-03
| | |
* | | QMediathekView: add mkdir and reorder whitelist optionsLibravatar glitsj162023-01-12
| | | | | | | | | As suggested in review.
* | | QMediathekView: hardeningLibravatar glitsj162023-01-11
| |/ |/|
* | Merge pull request #5564 from glitsj16/claws-mail+sylpheedLibravatar netblue302023-01-04
|\ \ | | | | | | claws-mail and sylpheed D-Bus hardening
| * | sylpheed: allow opening hyperlinks via D-BusLibravatar glitsj162023-01-03
| |/
* / ytmdesktop: fix typo (#5567)Libravatar glitsj162023-01-04
|/
* window manager profiles: fix browser/electron internal sandboxesLibravatar smitsohu2022-12-25
|
* New profile: ssmtp (#5544)Libravatar glitsj162022-12-21
| | | | | | | | | | | | | | | * disable-programs.inc: add ssmtp support * Create ssmtp.profile * ssmtp: support Debian/Ubuntu * README.md: add ssmtp to 'New profiles' section * disable-common.inc: move ssmtp support to keep CI happy * ssmtp: improve dead.letter comment Suggested in [review](https://github.com/netblue30/firejail/pull/5544#pullrequestreview-1225322546).
* spectre-meltdown-checker: fixes (#5546)Libravatar glitsj162022-12-21
|
* seahorse refactoring (#5543)Libravatar glitsj162022-12-21
| | | | | | | | | | | | | | | | | * seahorse: fixes and hardening * seahorse-daemon: hardening * seahorse-tool: move private-etc items to seahorse * seahorse: unbreak nautilus file encryption As suggested [in review](https://github.com/netblue30/firejail/pull/5543#pullrequestreview-1225250520). * seahorse-tool: move private-tmp to seahorse * seahorse: add private-tmp * seahorse: fix access to ssh-agent socket
* Rename xlinks2 to xlinks2.profileLibravatar rusty-snake2022-12-20
|
* add restrict-namespaces to (almost) all profilesLibravatar smitsohu2022-12-20
|
* Add support for Qt6 (#5527)Libravatar glitsj162022-12-14
| | | | | * qbittorrent: add support for Qt6 * wusc: add support for Qt6
* Fix whitelisting for wusc (#5526)Libravatar glitsj162022-12-14
| | | Overlooked [this comment](https://github.com/netblue30/firejail/pull/5389#discussion_r992471940) that pointed out a mistake I made.
* private-etc: always reference 'alternatives' (#5517)Libravatar glitsj162022-12-09
| | | | | | | | | * private-etc: always include 'alternatives' * private-etc: always include 'alternatives' * private-etc: always include 'alternatives' * private-etc: always include 'alternatives'
* New profile: tesseract (#5516)Libravatar glitsj162022-12-09
| | | | | | | | | | | | | | | | | | | | | | | * Add firecfg support for tesseract * Add tesseract to 'New profiles' section in README.md * Create tesseract.profile * tesseract: fix private-etc * tesseract: fix XDG black/whitelisting * tesseract: use 'seccomp socket' instead of 'protocol unix' As kindly suggested by @rusty-snake. * tesseract: add 'restrict-namespaces' As kindly suggested by @rusty-snake. * tesseract: use full seccomp filtering The tesseract application works fine without 'protocol' or 'seccomp socket'.
* spotify.profile: allow spotify-adblock pathsLibravatar Kelvin M. Klann2022-12-02
| | | | | | | | | | | | | | | | | As suggested by @glitsj16[1]. Project homepage: https://github.com/abba23/spotify-adblock Configuration paths: * /etc/spotify-adblock/config.toml * ~/.config/spotify-adblock/config.toml Fixes #5494. [1] https://github.com/netblue30/firejail/discussions/5494#discussioncomment-4280887 Reported-by: @Rewig95
* Merge pull request #5476 from k4leg/fix_pycharmLibravatar netblue302022-11-25
|\ | | | | fix: PyCharm profiles
| * fix: PyCharm profilesLibravatar Bogdan Ruslanovich Drozd2022-11-23
| | | | | | | | | | | | | | Do not use `private-cache`, because PyCharm places in cache directories stuff like spelling dictionary (i. e. if you download spelling dictionary with `private-cache`, on restart PyCharm you need to download spelling dictionary again).
* | Merge pull request #5442 from rusty-snake/fixesLibravatar Kelvin M. Klann2022-11-23
|\ \ | | | | | | Profile fixes
| * | Fix #5311 -- Whalebird-4.6.2 does not work with the default whalebird.profileLibravatar rusty-snake2022-10-30
| |/
* | fix opening links in firefox youtube-viewers-common.profile (#5352)Libravatar pirate4867431862022-11-23
| | | | | | Co-authored-by: pirate486743186 <>
* | Add python3 support/fixes to nicotine (#5459)Libravatar glitsj162022-11-22
|/ | | | | | | * Add python3 support to nicotine * Revert private-bin changes Adding shell and python3 support to private-bin kept breaking nicotine for the user who reported it on IRC. Let's revert it as suggested by @rusty-snake.
* Merge pull request #5389 from glitsj16/qutebrowser-fixesLibravatar netblue302022-10-11
|\ | | | | Harden qutebrowser profile
| * Harden qutebrowserLibravatar glitsj162022-10-03
| |
| * Fix D-Bus mpris supportLibravatar glitsj162022-10-02
| |
| * unbreak D-Bus mpris supportLibravatar glitsj162022-10-02
| |
| * Harden qutebrowser profileLibravatar glitsj162022-10-01
| |
* | Revert "mpv: whitelist mpv-mpris (#5386)"Libravatar Kelvin M. Klann2022-10-04
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 393c5beff2686d7732221dadb6730917f24835a0. Which broke mpv: $ mpv --version Cannot start application: No such file or directory Probably because mpv itself uses many libraries and it has plugins that may depend on files in /usr/lib as well: $ pacman -Qlq mpv | grep /lib/ | grep -v '/$' /usr/lib/libmpv.so /usr/lib/libmpv.so.1 /usr/lib/libmpv.so.1.109.0 /usr/lib/pkgconfig/mpv.pc $ strings /usr/bin/mpv | grep '^lib.*\.so' | sort -u | wc -l 53 $ pacman -Qlq yt-dlp | grep /lib/ | grep -v '/$' | cut -f -4 -d / | sort -u /usr/lib/python3.10 $ pacman -Q mpv yt-dlp mpv 1:0.34.1-5 yt-dlp 2022.09.01-1 Environment: Artix Linux. Also, private-lib is disabled by default in firejail.config (see #5190) and mpv.profile does not use private-lib, so there should be no need to whitelist anything in /usr/lib in the default profile.
* mpv: whitelist mpv-mpris (#5386)Libravatar Hugo2022-10-01
| | | | | This is an mpv plugin for MPRIS integration. See: https://github.com/hoyon/mpv-mpris
* De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
* De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
* tuir.profile creation (#5330)Libravatar pirate4867431862022-08-28
| | | Co-authored-by: pirate486743186 <>
* steam.profile: fix Proton-GE version in commentLibravatar Kelvin M. Klann2022-08-26
| | | | | This amends commit e2631b40d ("steam.profile: fix breakage with newer Proton-GE (process_vm_readv)", 2022-08-20).
* steam.profile: fix breakage with newer Proton-GE (process_vm_readv)Libravatar Kelvin M. Klann2022-08-26
| | | | | | | | | | | | | As reported by @rsramkis on #5185, upgrading from Proton-7.2-GE-2[1] (released on 2022-02-14) to GE-Proton7-18[2] (released on 2022-05-19) breaks logging in on World of Tanks Blitz unless the `process_vm_ready` 32-bit syscall is allowed[3], so allow it. Fixes #5185. [1] https://github.com/GloriousEggroll/proton-ge-custom/releases/tag/7.2-GE-2 [2] https://github.com/GloriousEggroll/proton-ge-custom/releases/tag/GE-Proton7-18 [3] https://github.com/netblue30/firejail/issues/5185#issuecomment-1152350336
* man.profile needs additional private-etc items on arch (#5322)Libravatar glitsj162022-08-18
|
* Merge pull request #5302 from pirate486743186/makedeb-profile-creationLibravatar netblue302022-08-14
|\ | | | | makedeb profile creation
| * makedeb profile creationLibravatar pirate4867431862022-08-10
| |
* | Merge pull request #5309 from qretornaz-adapei42/masterLibravatar netblue302022-08-14
|\ \ | | | | | | microsoft-edge.profile rewritten for stable channel and moved microsoft-edge{,-beta,-dev} from private-opt to whitelist
| * | microsoft-edge-{dev,beta}: replaced private-opt by whitelist #5307Libravatar Quentin RETORNAZ2022-08-11
| | |
| * | microsoft-edge.profile: rewrite profile for stable channelLibravatar Quentin RETORNAZ2022-08-11
| | | | | | | | | | | | | | | | | | * replaced private-opt by whitelist #5307 * added stable channel config dirs to disable-programs.inc
* | | Merge pull request #5285 from ra1nb0w/vmware-snapshotLibravatar netblue302022-08-14
|\ \ \ | | | | | | | | vmware.profile: snapshot requires /etc/mtab
| * | | vmware.profile: snapshot requires /etc/mtabLibravatar Davide Gerhard2022-08-02
| | |/ | |/| | | | | | | | | | | | | | | | This patch avoid the following error: Error: One of the parameters supplied is invalid Tested with VMware Workstation 16.2.4
* | | neomutt: Avoid creating empty files/directoriesLibravatar Hugo Osvaldo Barrera2022-08-11
| |/ |/| | | | | | | | | | | | | | | | | | | | | neomutt won't write to these locations. Processes it spawns might read to some of them, but creating an empty file doesn't help. This just pollutes user's $HOME with empty files and directories. I've kept a few paths that MAY be written to by neomutt; it's not ideal, but I want to minimise the risk of potential data loss, even if it is corener cases. See: https://github.com/netblue30/firejail/discussions/5276
* | makepkg.profile: add descriptionLibravatar pirate4867431862022-08-10
|/
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-02 15:45:20 +0000