summaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
...
* | | Fix #2866 -- private-etc needed debian_versionLibravatar Fred Barclay2019-08-04
| | |
* | | blacklist kwalletrcLibravatar smitsohu2019-08-01
| | |
* | | misc profile fixes (Debian 10 related)Libravatar smitsohu2019-08-01
| | |
* | | some profile fixups (followup)Libravatar rusty-snake2019-08-01
| | | | | | | | | | | | | | | - fix sorting and private-etc, thanks to @glitsj16 for catching this - add some missing to private-bin in firefox (still need more testing)
* | | some profile fixupsLibravatar rusty-snake2019-08-01
| | | | | | | | | | | | | | | | | | - add a private-bin to firefox for fedora (still need testing) - add a temporary workaround for #2877 ghostwriter sience this break export and preview with pandoc - remove 'name slack' from slack.profile sience this is the only profile with name
* | | Merge pull request #2883 from flacks/profiles/whalebirdLibravatar SkewedZeppelin2019-08-01
|\ \ \ | | | | | | | | Add Whalebird profile
| * | | Add Whalebird profileLibravatar Jean Lucas2019-07-31
| | | |
* | | | profiles: misc fixesLibravatar Tad2019-08-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - pluma: sync private-lib from gedit to fix crashes 5e220b2da502bdcaf0f6188779e8bb0e37c9c414 - checkbashisms: fix missing library needed under CentOS 7 of note: - yelp complains about /etc/pki but lacks network access anyway under openSUSE Tumbleweed - gedit is broken, see #2207 - onionshare-gui is broken, unrelated to firejail under CentOS 7 - chromium-common is broken, commenting private-dev fixes, potentially related to firejail, there are SELinux denials for /dev/urandom under Fedora and CentOS 7 - gnome-system-log is broken, as it is a script that calls logview using pkexec, consider commenting in firecfg?
* | | | Merge pull request #2885 from flacks/profiles/tor-browserLibravatar SkewedZeppelin2019-08-01
|\ \ \ \ | | | | | | | | | | Add new Tor Browser alias
| * | | | Add new Tor Browser aliasLibravatar Jean Lucas2019-07-31
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - tor-browser in the AUR is an international package; all other individual language variants have been removed, so, add new alias - Add 'tor-browser' and 'mv' to private-bin in launcher profile ('mv' is required when upgrading tor-browser versions) - Add 'tor-browser' to firecfg.config - Add config dir to disable-programs.inc
* / / / Update itch profileLibravatar Jean Lucas2019-07-31
|/ / / | | | | | | | | | itch now also uses ~/.itch for application updates
* | | CorrectionsLibravatar Jean Lucas2019-07-31
| | | | | | | | | | | | | | | | | | - Add Zulip config dir to disable-programs.inc - Add disable-xdg.inc to Zulip profile - Add Zulip to firecfg.config
* | | Add Zulip profileLibravatar Jean Lucas2019-07-31
| |/ |/|
* | Add tb-starter-wrapper.profile (#2863)Libravatar rusty-snake2019-07-28
| |
* | fix ghostwriterLibravatar rusty-snake2019-07-28
| |
* | Remove private-cache from unzipLibravatar glitsj162019-07-26
|/ | | The `private-cache` option breaks electron related builds (see [this](https://github.com/minbrowser/min/issues/793) for an example).
* fix file-roller.profileLibravatar rusty-snake2019-07-25
|
* update private-bin for tbbLibravatar rusty-snake2019-07-25
|
* Merge branch 'master' of https://github.com/netblue30/firejailLibravatar smitsohu2019-07-25
|\
| * Update syscalls.txtLibravatar rusty-snake2019-07-22
| | | | | | | | | | | | * remove mincore * add @default without chroot * add @default-nodebuggers without chroot
* | fix verbosity for non-authorized userLibravatar smitsohu2019-07-22
|/ | | | | | users not in firejail.users should only see the error, not the symlink warning. Also exposes less code to non- authorized users.
* fix gucharmap & add gnome-characters, gnome-character-mapLibravatar rusty-snake2019-07-18
|
* use allow-debuggers in spectre-meltdown-checkerLibravatar rusty-snake2019-07-18
|
* Harden gnome-scheduleLibravatar glitsj162019-07-18
| | | Let's disable using a terminal for cron job testing by default and make this a whitelist profile.
* apparmor: minor improvementsLibravatar Vincent432019-07-16
| | | | | | | Use @{PID} consistently. Remove 'deny /proc/** w,' suggestion as it will break all whitelisted entries.
* apparmor: allow writing to /proc/@{PID}/commLibravatar Vincent432019-07-14
| | | | | | This is needed by various electron apps, see: https://github.com/netblue30/firejail/issues/2538 https://github.com/netblue30/firejail/issues/2854
* issues with electron-based apps. see issue #2854Libravatar veloute2019-07-13
|
* Merge pull request #2855 from veloute/galc-fixLibravatar rusty-snake2019-07-12
|\ | | | | ipc-namespace breaks galculator on archlinux
| * ipc-namespace breaks galculator on archlinuxLibravatar veloute2019-07-12
| |
* | Support media on other drives in youtube-dl.profileLibravatar glitsj162019-07-11
| | | | | | Thanks to @SkewedZeppelin for catching this, see comments in https://github.com/netblue30/firejail/pull/2584.
* | less.profile: make ${HOME} read-onlyLibravatar Vincent432019-07-10
| | | | | | less is usually used to view various text files including configs so blacklisting many of them in ${HOME} make it less(sic!) usable. We can make them read-only instead.
* | Sort private-bin in obs.profile (#2848)Libravatar glitsj162019-07-09
| |
* | Add redirects for mpg123 (#2847)Libravatar glitsj162019-07-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Create conplay.profile * Create mpg123.bin.profile * Create mpg123-alsa.profile * Create mpg123-id3dump.profile * Create mpg123-jack.profile * Create mpg123-nas.profile * Create mpg123-openal.profile * Create mpg123-oss.profile * Create mpg123-portaudio.profile * Create mpg123-pulse.profile * Create mpg123-strip.profile * Create out123.profile * Add mpg123 redirects to fireconfig
* | Merge pull request #2845 from smitsohu/homedir2Libravatar netblue302019-07-09
|\ \ | | | | | | improve support for home directories outside /home
| * | add symlink resolution for home directoriesLibravatar smitsohu2019-07-09
| | |
* | | Fix #2726Libravatar Fred Barclay2019-07-08
| | | | | | | | | | | | private-bin was too restrictive and didn't allow desktop recording
* | | keep dconf database read-onlyLibravatar smitsohu2019-07-08
|/ /
* | Fix #2840Libravatar rusty-snake2019-07-08
| |
* | Add to comment on pip install in youtube-dl.profileLibravatar glitsj162019-07-07
| | | | | | Try to help users more explicitly when they have youtube installed under ${HOME}, see #2833.
* | Fix slow OSD in mpv.profileLibravatar glitsj162019-07-07
| | | | | | Fixes #2838.
* | Harden qpdfview.profile with `nodbus` (#2837)Libravatar Eduard Tolosa2019-07-07
| |
* | Fix #2834 (#2835)Libravatar Eduard Tolosa2019-07-07
| |
* | Add electron4 to allow it to launch on Arch Linux (#2832)Libravatar Nick Fox2019-07-06
| |
* | Add youtube-dl config handling (#2836)Libravatar glitsj162019-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add youtube-dl config to disable-programs.inc * Add config handling to youtube-dl * Add youtube-dl config handling to celluloid.profile * Add youtube-dl config handling to mpv.profile * Add youtube-dl config handling to smplayer.profile * Add youtube-dl config handling to mpsyt.profile
* | mpg123Libravatar startx20172019-07-06
| |
* | Fix seccomp sorting in riot-desktopLibravatar glitsj162019-07-04
| |
* | fix #2820 - adjustable file copy limit; export FIREJAIL_DEBUG into sboxLibravatar netblue302019-07-04
| |
* | Merge pull request #2825 from Bandie/masterLibravatar rusty-snake2019-07-04
|\ \ | | | | | | Fixes #2821, riot-desktop
| * | Fixes #2821, riot-desktopLibravatar Bandie2019-07-03
| |/
* | Add note to 'include disable-xdg.inc' instead of removing itLibravatar Eduard Tolosa2019-07-03
| |
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-08-19 04:47:57 +0000