| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
The latest Neochat package on Arch (23.08.0-2, with libquotient
0.8.1.1-1) crashes otherwise.
|
| |
|
|
|
|
| |
Commit 3077b2d1f blacklists `${PATH}/patch` in disable-devel.inc[1]. We
need to noblacklist it in the profiles that need it.
[1] https://github.com/netblue30/firejail/commit/3077b2d1ff6c6e26a83487ae460985157b5c61fd
|
| |\
| |
| | |
build: codespell improvements
|
| | |
| |
| |
| |
| |
| | |
Found by simply running `codespell .`.
Environment: codespell 2.2.5-2 on Artix Linux.
|
| |/
|
|
|
| |
mpDris2 brings MPRIS2 support to MPD:
https://github.com/eonpatapon/mpDris2
|
| |
|
|
|
|
|
|
|
| |
Changes:
* comment `include whitelist-common.inc` when using `private`
* drop `private` on profiles that access files in `${HOME}`
* use `#` in comments
Relates to #903.
|
| |
|
|
|
|
| |
On the profiles that allow ~/.config/mpv.
Relates to #5936.
|
| |
|
|
|
| |
The programs in question do not create these files; they have to be
created manually.
|
| |
|
|
|
|
|
|
|
| |
mpv v0.36.0 uses ~/.cache/mpv[1] [2]:
Relates to #2838 #5936.
[1] https://github.com/mpv-player/mpv/releases/tag/v0.36.0
[2] https://github.com/mpv-player/mpv/pull/10838
|
| |
|
|
|
|
|
| |
The new version of mpv changed the path of the watch_later folder to
~/.local/state/mpv/watch_later.
See https://github.com/mpv-player/mpv/pull/10838
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Create reader.profile
* firecfg.config: add reader support
* reader: integrate review suggestions
- blacklist whole ${RUNUSER}
- drop x11 none
* reader: fix 'x11 none'
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
* disable-programs.inc: add sniffnet support
* Create sniffnet.profile
* firecfg.config: add sniffnet support
|
| | |
|
| | |
|
| | |
|
| |
|
| |
Co-authored-by: pirate486743186 <>
|
| |
|
|
|
|
|
|
|
| |
Homepage: https://mullvad.net/en/download/browser/linux
mullvad-browser: don't use restrict-namespaces
mullvad-browser: cover both installation paths
Suggested in review by @kmk3.
|
| |
|
|
|
|
|
| |
torbrowser-launcher: more hardening as per review
torbrowser-launcher: revert enabling restrict-namespaces
Suggested in review by @rusty-snake.
|
| | |
|
| |
|
|
|
| |
* disable-programs.inc: add remote sqlitebrowser support
* sqlitebrowser: add support for remote functionality
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The `shell` option has been removed. Remove stale references.
This does NOT remove `shell none`-related code comments in:
- src/firejail/fs_lib.c (L433-L441)
- src/firejail/join.c (L415-L417)
Relates to #5196.
Suggested by #5891.
|
| |\
| |
| | |
New profile: rssguard
|
| | |\ |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | |/
|/| |
|
| | | |
|
| |/ |
|
| |
|
|
|
|
|
|
|
|
|
| |
It apparently fails on Linux Mint 20.3 (based on Ubuntu 20.04) due to
the "VMWare Kernel Module Updater" being unable to find gcc[1].
Relates to #3526.
[1] https://github.com/netblue30/firejail/issues/5861#issuecomment-1598407890
Reported-by: @MikeNavy
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As a redirect to vmware.profile.
This is apparently the filename for the "VMWare Workstation Player" on
Linux Mint 20.3 (based on Ubuntu 20.04)[1].
Relates to #3526.
[1] https://github.com/netblue30/firejail/issues/5861#issuecomment-1598132860
Reported-by: @MikeNavy
|
| |
|
|
| |
Relates to #3526.
|
| |\
| |
| | |
qutebrowser: update MPRIS name for qutebrowser-qt6
|
| | |
| |
| |
| | |
see https://github.com/qutebrowser/qutebrowser/issues/7431
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For consistency and to reduce confusion.
The toolkit has been renamed from "GTK+" to just "GTK" in 2019[1].
Note: This also fixes some adjacent typos.
Commands used to search and replace:
$ git grep -lz 'G[Tt][Kk]' -- etc | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\$(sed -E \
-e 's/G[Tt][Kk]\+?/GTK/g' \
-e 's/GTK-.\.0/GTK/g' \
-e 's/GTK base/GTK-base/g' \
-e 's/GTK-base /GTK-based /g' \
-e 's/Light weight/Lightweight/g' \
-e 's/client with GTK/client made with GTK/g' '{}')\" >'{}'"
Misc: I noticed this on #5722.
[1] https://mail.gnome.org/archives/gtk-devel-list/2019-February/msg00000.html
|
| |\
| |
| | |
youtube-viewers: refactor and add gtk-youtube-viewers-common
|
| | | |
|
| |/
|
|
|
| |
* Create url-eater.profile
* RELNOTES: add url-eater to 'new profiles'
|
| |\
| |
| | |
softmaker-common.profile: add fstab to private-etc
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When using `private-etc`, the app "forgets" its product key and
asks for license activation, even though it had already been done.
Allow access to "/etc/fstab" to avoid it & the related GUI error:
The application cannot create a unique identifier.
Please make sure the application has sufficient permissions.
Fixes #5773.
|
| |\ \
| | |
| | | |
profiles: move read-only config entries to disable-common.inc
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Command used to search for entries:
$ git grep '^read-only ${HOME}/' -- 'etc/profile*'
Note for gpg: ~/.gnupg/gpg.conf is apparently only managed by gpgconf(1)
rather than through gpg(1) itself, in which case it does not need to be
made read-write in gpg.profile.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead of duplicating them on every profile that tries to allow opening
links in Firefox.
And make that path read-write on firefox.profile.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Note: mpv itself does not modify anything in ~/.config/mpv as far as I
know, in which case it does not need a read-write entry.
Relates to #5706 #5707 #5710.
|
| | |/
|/| |
|
glitsj16
DefaultUser
Kelvin M. Klann
CodeWithMa
pirate486743186
netblue30
pirate486743186
Dieter Plaetinck
rusty-snake
Pedro Ribeiro
Hotty Capy