aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* Update wording in templates (#2815)Libravatar glitsj162019-06-30
| | | | | | | | * Change wording in redirect_alias-profile.template * Change wording in profile.template * Update wording in redirect_alias-profile.template
* Change include/redirect logic in autokey profiles (#2814)Libravatar glitsj162019-06-30
| | | | | | | | | | | | * Change redirect logic * Change redirect logic * Change redirect logic * Change redirect logic * Change redirect logic
* thunderbird-beta: use private-opt instead of whitelistLibravatar rusty-snake2019-06-30
|
* add profile for zealLibravatar rusty-snake2019-06-30
|
* Update profile templatesLibravatar rusty-snake2019-06-30
|
* Fix steam.profileLibravatar rusty-snake2019-06-30
|
* add allusers to file manager profilesLibravatar smitsohu2019-06-29
|
* harden bsdtar profile (net none, x11 none)Libravatar smitsohu2019-06-29
|
* Add fonts to private-etc in udiskie profileLibravatar Jose Riha2019-06-28
| | | | This prevents from seeing Fontconfig error in udiskie output.
* Streamline redirect profiles (follow-up) (#2803)Libravatar glitsj162019-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (2) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3) * Streamline redirect profiles (3)
* Streamline redirect profiles (#2802)Libravatar glitsj162019-06-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirct profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profile * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles * Streamline redirect profiles
* Fixup 1cc468607637da1144b2d75be25dea348010c5d5Libravatar Tad2019-06-27
|
* profiles: add two aliases for existing gamesLibravatar Tad2019-06-27
|
* Fix private-bin order in jerryLibravatar glitsj162019-06-27
|
* Add profile for jerry chessLibravatar Fred Barclay2019-06-26
|
* Hardening a few profiles (#2800)Libravatar glitsj162019-06-26
| | | | | | | | | | * Harden curl.profile * Harden dnscrypt-proxy.profile * Harden unbound.profile * Harden unbound.profile
* Tighten SSH with nodbus (#2789)Libravatar glitsj162019-06-24
| | | | | | * nodbus for ssh-agent * nodbus for ssh.profile
* Arch Linux specific changes (#2788)Libravatar glitsj162019-06-20
| | | | | | | | | | | | * Arch Linux specific addition to gzip.profile * Arch Linux specifics for tar.profile * Arch Linux specifics for gzip.profile * Minor re-ordering and wording edits for makepkg.profile * Spacing fix for cower.profile
* Improve profile.templateLibravatar rusty-snake2019-06-20
| | | | | | | | | | | | | | | | | | | | | | | * uncomment .local includes * add options * ##ignore noexec /tmp * ##caps.keep CAPS * ##hostname NAME * ##writable-etc * ##writable-run-user * ##writable-var * ##writable-var-log * add disable x11 * x11 none * blacklist /tmp/.X11-unix * comment when which of the both option should be used * sort private-etc template Common * add comments * machine-id: breaks sound and sometime dbus related functions * private-bin: python should be added by 'python*' * protocol: auxiliary comment for protocol line * add 'packet' to protocol list * Sections structure: OPTIONS: now has seccomp* instead of seccomp
* add 'x11 none' to more profiles with 'net none'Libravatar rusty-snake2019-06-20
|
* Merge pull request #2781 from smitsohu/thunderbirdLibravatar smitsohu2019-06-18
|\ | | | | allow nodbus in thunderbird profile
| * thunderbird profile: comment fixLibravatar smitsohu2019-06-16
| |
| * allow nodbus in thunderbird profileLibravatar smitsohu2019-06-16
| | | | | | in order to maintain enigmail support - #1951
* | use 'x11 none' optionLibravatar smitsohu2019-06-18
| | | | | | | | | | | | | | ... instead of just blacklisting the X11 socket. Systematically added to all profiles with 'net none' and 'blacklist /tmp/.X11-unix', and a few more
* | three new blacklist in disable-common.incLibravatar rusty-snake2019-06-18
| | | | | | | | | | | | * ~/.viminfo * ~/.lesshst * ~/.python_history
* | Fix filename in commentLibravatar Jean-Philippe Eisenbarth2019-06-17
| | | | | | Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
* | Fix spotify.profileLibravatar Jean-Philippe Eisenbarth2019-06-17
| |
* | Minor fixes for udiskieLibravatar glitsj162019-06-17
| | | | | | | | | | Nitpicks: - it's common practice to refer to the python executable(s) in private-bin with `python*`, which covers both v2 and v3; - now that @rusty-snake handed us all the needed tools to check/fix sorting multi-value options, put it to use.
* | Merge pull request #2775 from jose1711/udiskie-profileLibravatar rusty-snake2019-06-17
|\ \ | | | | | | Add profile for udiskie
| * | Apply suggestions from code reviewLibravatar Jose Riha2019-06-17
| | | | | | | | | | | | Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
| * | Add profile for udiskieLibravatar Jose Riha2019-06-15
| | |
* | | tighten gnome-mapsLibravatar rusty-snake2019-06-16
| | |
* | | some fixes in profile.templateLibravatar rusty-snake2019-06-16
| | |
* | | Fix writing places file for gnome-mapsLibravatar glitsj162019-06-16
| | |
* | | consequent order of writable-*Libravatar rusty-snake2019-06-16
| | |
* | | move noblacklist ~/.java to allow-java.incLibravatar rusty-snake2019-06-16
| | |
* | | coalesce comments in firefox-common profileLibravatar smitsohu2019-06-16
| | |
* | | Merge branch 'master' of github.com:netblue30/firejailLibravatar rusty-snake2019-06-16
|\ \ \
| * | | chromium-common profile: add nodbus conditionalLibravatar smitsohu2019-06-16
| | | |
* | | | many profile cleanup (4)Libravatar rusty-snake2019-06-16
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | containing: - files forgotten in 4beaf8f9 - workarounds for #903 - commented useless private-etc lines removed - remove commented seccomp.keep lines - much more
* | | Sort comented private-{bin,etc} linesLibravatar rusty-snake2019-06-16
| | | | | | | | | | | | in addition to 019fa047, c7d34b5e, 0a9beba3, cbdbb0f0.
* | | add rhythmbox-client.profileLibravatar rusty-snake2019-06-16
| | |
* | | Fix protocol lineLibravatar rusty-snake2019-06-16
| | | | | | | | | | | | only unknown-horizons was affected
* | | Sort caps.keep and seccomp.drop options (#2780)Libravatar glitsj162019-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Sort seccomp.drop in unbound.profile * Sort caps.keep in tor.profile * Sort seccomp.drop in qgjs.profile * Sort seccomp.drop in dnscrypt-proxy.profile * Sort caps.keep in chromium-common.profile
* | | Merge branch 'master' of github.com:netblue30/firejailLibravatar rusty-snake2019-06-15
|\ \ \
| * \ \ Merge pull request #2774 from Vincent43/Vincent43-chromium-nodbusLibravatar Vincent432019-06-15
| |\ \ \ | | | | | | | | | | chromium: disable nodbus
| | * | | chromium: disable nodbusLibravatar Vincent432019-06-15
| | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unfortunately nodbus prevents access to site passwords if they are stored in GNOME Keyring[1]. According to docs chromium can store password in 3 different ways: GNOME Keyring KWallet 4 plain text As KWallet storage may be broken in a same way, using nodbus will force chromium to store passwords in plain text which isn't best option for security and for firejail default. [1] https://wiki.gnome.org/Projects/GnomeKeyring [2] https://chromium.googlesource.com/chromium/src.git/+/master/docs/linux_password_storage.md
* | / / some profile fixesLibravatar rusty-snake2019-06-15
|/ / /
* | | More sorting private-etc (#2779)Libravatar glitsj162019-06-15
| | | | | | | | | | | | | | | | | | | | | | | | * Sort private-etc This .inc file got missed by https://github.com/netblue30/firejail/pull/2766. * Sort private-etc
* | | Sort private-lib (#2778)Libravatar glitsj162019-06-15
|/ / | | | | | | | | | | | | | | | | | | | | | | * Sort private-lib * Sort private-lib * Sort private-lib Don't know why there was a reference to /usr/bin/gedit in private-lib... * Sort private-lib
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 01:07:46 +0000