aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* firefox-common-addons: fix whitelisting in ${RUNUSER} (#5497)Libravatar glitsj162022-12-01
| | | | | | | * fix whitelisting in ${RUNUSER} See discussions https://github.com/netblue30/firejail/discussions/5495 for context. * Prevent whitelisting ${RUNUSER} comment
* AppArmor: add more examples to firejail-local (#5493)Libravatar glitsj162022-12-01
| | | | | * AppArmor: add more examples to firejail-local * comments fixes
* [firefox-common.profile] Add DRM support when using psd (#5486)Libravatar glitsj162022-11-28
|
* Merge pull request #5415 from kmk3/ktorrent-fix-mkfileLibravatar netblue302022-11-25
|\ | | | | ktorrent.profile: fix mkfile without mkdir & comment legacy paths
| * ktorrent.profile: add missing private-bin pathsLibravatar Kelvin M. Klann2022-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | Package-provided binaries: $ pacman -Q ktorrent ktorrent 22.08.3-1.2 $ pacman -Qlq ktorrent | grep bin/. /usr/bin/ktmagnetdownloader /usr/bin/ktorrent /usr/bin/ktupnptest Environment: Artix Linux
| * ktorrent.profile: stop creating legacy KDE pathsLibravatar Kelvin M. Klann2022-11-22
| | | | | | | | Leave them commented.
| * ktorrent.profile: fix mkfile without mkdirLibravatar Kelvin M. Klann2022-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | firejail fails to create the following files: * ~/.kde/share/config/ktorrentrc * ~/.kde4/share/config/ktorrentrc Because it does not create the preceding directories beforehand: * ~/.kde/share/config * ~/.kde4/share/config Relates to #5414.
* | Merge pull request #5476 from k4leg/fix_pycharmLibravatar netblue302022-11-25
|\ \ | | | | | | fix: PyCharm profiles
| * | fix: PyCharm profilesLibravatar Bogdan Ruslanovich Drozd2022-11-23
| | | | | | | | | | | | | | | | | | | | | Do not use `private-cache`, because PyCharm places in cache directories stuff like spelling dictionary (i. e. if you download spelling dictionary with `private-cache`, on restart PyCharm you need to download spelling dictionary again).
* | | [email-common.profile] add localtime to private-etcLibravatar glitsj162022-11-25
| | |
* | | Merge pull request #5449 from kmk3/lutris-fix-lolLibravatar Kelvin M. Klann2022-11-23
|\ \ \ | | | | | | | | lutris.profile: fix running League of Legends
| * | | lutris.profile: fix running League of LegendsLibravatar Kelvin M. Klann2022-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | @Latrolage on Oct 20, 2022[1]: > When I open the game the only error line which appears is this > `modify_ldt: Operation not permitted` So as suggested by @Latrolage[1] and @rusty-snake[2], allow the `modify_ldt` syscall in seccomp. Fixes #5430. [1] https://github.com/netblue30/firejail/discussions/5430#discussion-4488996 [2] https://github.com/netblue30/firejail/discussions/5430#discussioncomment-3924098 Reported-by: @Latrolage
* | | | Merge pull request #5442 from rusty-snake/fixesLibravatar Kelvin M. Klann2022-11-23
|\ \ \ \ | | | | | | | | | | Profile fixes
| * | | | Update etc/profile-a-l/evince.profileLibravatar rusty-snake2022-10-30
| | | | |
| * | | | Fix #5311 -- Whalebird-4.6.2 does not work with the default whalebird.profileLibravatar rusty-snake2022-10-30
| | | | |
| * | | | Fix #4604 -- Brave browser takes a long time opening under FirejailLibravatar rusty-snake2022-10-30
| | | | |
| * | | | Fix #5392 -- Evince doesn't remember settingsLibravatar rusty-snake2022-10-30
| |/ / /
* | | | fix opening links in firefox youtube-viewers-common.profile (#5352)Libravatar pirate4867431862022-11-23
| | | | | | | | | | | | Co-authored-by: pirate486743186 <>
* | | | Add python3 support/fixes to nicotine (#5459)Libravatar glitsj162022-11-22
| |/ / |/| | | | | | | | | | | | | | | | | * Add python3 support to nicotine * Revert private-bin changes Adding shell and python3 support to private-bin kept breaking nicotine for the user who reported it on IRC. Let's revert it as suggested by @rusty-snake.
* | | Add support for cinelerra-gg (#5467)Libravatar glitsj162022-11-13
| | | | | | | | | | | | | | | | | | | | | * Create cinelerra-gg * add cinelerra-gg to `New profiles` section * Add cinelerra-gg to firecfg.config
* | | Add netlink to list of allowed protocols (#5464)Libravatar Jan Sonntag2022-11-10
| | | | | | | | | Fixes #5463 by adding netlink to the list of allowed protocols
* | | Add godot3 redirect (#5456)Libravatar Frostbyte46642022-11-07
|/ / | | | | | | | | * Create godot3.profile * Add godot3 redirect to firecfg.config
* | Fix freetube mpris supportLibravatar rusty-snake2022-10-30
| | | | | | | | Closes #5437
* | fix nolocal netfilterLibravatar netblue302022-10-25
|/
* Merge pull request #5389 from glitsj16/qutebrowser-fixesLibravatar netblue302022-10-11
|\ | | | | Harden qutebrowser profile
| * Harden qutebrowserLibravatar glitsj162022-10-03
| |
| * Fix D-Bus mpris supportLibravatar glitsj162022-10-02
| |
| * unbreak D-Bus mpris supportLibravatar glitsj162022-10-02
| |
| * Harden qutebrowser profileLibravatar glitsj162022-10-01
| |
* | Merge pull request #5298 from pirate486743186/patch-1Libravatar netblue302022-10-11
|\ \ | | | | | | electron-mail.profile refactoring
| * | electron-mail.profile: refactor and redirect to electron.profileLibravatar pirate4867431862022-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: - redirect to electron.profile - fix program name - update program description - allow /bin/sh - allow opening links in Firefox - remove no3d, nonewprivs, noroot, protocol, seccomp - add machine-id, nosound - remove private-bin, disable-mnt - harden private-etc - allow D-Bus notifications, secrets
* | | disable-common.inc: blacklist doas binaryLibravatar Kelvin M. Klann2022-10-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenDoas is an alternative to sudo. It is an unofficial port of OpenBSD's doas. Details: $ LC_ALL=C pacman -Si galaxy/opendoas | grep -e '^Version' -e '^Description' -e '^URL' Version : 6.8.2-1 Description : Run commands as super user or another user URL : https://github.com/Duncaen/OpenDoas Environment: Artix Linux. Also, add /etc/doas.conf to etc/ids.config.
* | | Revert "mpv: whitelist mpv-mpris (#5386)"Libravatar Kelvin M. Klann2022-10-04
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 393c5beff2686d7732221dadb6730917f24835a0. Which broke mpv: $ mpv --version Cannot start application: No such file or directory Probably because mpv itself uses many libraries and it has plugins that may depend on files in /usr/lib as well: $ pacman -Qlq mpv | grep /lib/ | grep -v '/$' /usr/lib/libmpv.so /usr/lib/libmpv.so.1 /usr/lib/libmpv.so.1.109.0 /usr/lib/pkgconfig/mpv.pc $ strings /usr/bin/mpv | grep '^lib.*\.so' | sort -u | wc -l 53 $ pacman -Qlq yt-dlp | grep /lib/ | grep -v '/$' | cut -f -4 -d / | sort -u /usr/lib/python3.10 $ pacman -Q mpv yt-dlp mpv 1:0.34.1-5 yt-dlp 2022.09.01-1 Environment: Artix Linux. Also, private-lib is disabled by default in firejail.config (see #5190) and mpv.profile does not use private-lib, so there should be no need to whitelist anything in /usr/lib in the default profile.
* | mpv: whitelist mpv-mpris (#5386)Libravatar Hugo2022-10-01
| | | | | | | | | | This is an mpv plugin for MPRIS integration. See: https://github.com/hoyon/mpv-mpris
* | Merge pull request #5360 from glitsj16/ff-dbusLibravatar netblue302022-09-26
|\ \ | | | | | | Streamline Firefoxes D-Bus filtering
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | De-complicate D-Bus naming schemesLibravatar glitsj162022-09-05
| | | | | | | | | Inspired by https://github.com/netblue30/firejail/pull/5352/files/c04ceb49c7001bb931a35667c831545cd64aeece#r963032151.
| * | Add CamelCase D-Bus filter for backward-compatibilityLibravatar glitsj162022-09-05
| | |
| * | Add CamelCase D-Bus filter for backward-compatibilityLibravatar glitsj162022-09-05
| | |
| * | Re-add CamelCase D-Bus filter for backward-compatibilityLibravatar glitsj162022-09-05
| | |
| * | Add CamelCase D-Bus filter for backward-compatibilityLibravatar glitsj162022-09-05
| | |
| * | Add CamelCase D-Bus name for backward-compatibilityLibravatar glitsj162022-09-05
| | |
| * | fix D-Bus filter in firefoxLibravatar glitsj162022-09-05
| | |
| * | add specific D-Bus filter in firefox-nightlyLibravatar glitsj162022-09-05
| | |
| * | add specific D-Bus filter in firefox-esrLibravatar glitsj162022-09-05
| | |
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-19 16:16:35 +0000