aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* Arch Linux specific changes (#2788)Libravatar glitsj162019-06-20
| | | | | | | | | | | | * Arch Linux specific addition to gzip.profile * Arch Linux specifics for tar.profile * Arch Linux specifics for gzip.profile * Minor re-ordering and wording edits for makepkg.profile * Spacing fix for cower.profile
* Improve profile.templateLibravatar rusty-snake2019-06-20
| | | | | | | | | | | | | | | | | | | | | | | * uncomment .local includes * add options * ##ignore noexec /tmp * ##caps.keep CAPS * ##hostname NAME * ##writable-etc * ##writable-run-user * ##writable-var * ##writable-var-log * add disable x11 * x11 none * blacklist /tmp/.X11-unix * comment when which of the both option should be used * sort private-etc template Common * add comments * machine-id: breaks sound and sometime dbus related functions * private-bin: python should be added by 'python*' * protocol: auxiliary comment for protocol line * add 'packet' to protocol list * Sections structure: OPTIONS: now has seccomp* instead of seccomp
* add 'x11 none' to more profiles with 'net none'Libravatar rusty-snake2019-06-20
|
* Merge pull request #2781 from smitsohu/thunderbirdLibravatar smitsohu2019-06-18
|\ | | | | allow nodbus in thunderbird profile
| * thunderbird profile: comment fixLibravatar smitsohu2019-06-16
| |
| * allow nodbus in thunderbird profileLibravatar smitsohu2019-06-16
| | | | | | in order to maintain enigmail support - #1951
* | use 'x11 none' optionLibravatar smitsohu2019-06-18
| | | | | | | | | | | | | | ... instead of just blacklisting the X11 socket. Systematically added to all profiles with 'net none' and 'blacklist /tmp/.X11-unix', and a few more
* | three new blacklist in disable-common.incLibravatar rusty-snake2019-06-18
| | | | | | | | | | | | * ~/.viminfo * ~/.lesshst * ~/.python_history
* | Fix filename in commentLibravatar Jean-Philippe Eisenbarth2019-06-17
| | | | | | Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
* | Fix spotify.profileLibravatar Jean-Philippe Eisenbarth2019-06-17
| |
* | Minor fixes for udiskieLibravatar glitsj162019-06-17
| | | | | | | | | | Nitpicks: - it's common practice to refer to the python executable(s) in private-bin with `python*`, which covers both v2 and v3; - now that @rusty-snake handed us all the needed tools to check/fix sorting multi-value options, put it to use.
* | Merge pull request #2775 from jose1711/udiskie-profileLibravatar rusty-snake2019-06-17
|\ \ | | | | | | Add profile for udiskie
| * | Apply suggestions from code reviewLibravatar Jose Riha2019-06-17
| | | | | | | | | | | | Co-Authored-By: rusty-snake <print_hello_world+GitHub@protonmail.com>
| * | Add profile for udiskieLibravatar Jose Riha2019-06-15
| | |
* | | tighten gnome-mapsLibravatar rusty-snake2019-06-16
| | |
* | | some fixes in profile.templateLibravatar rusty-snake2019-06-16
| | |
* | | Fix writing places file for gnome-mapsLibravatar glitsj162019-06-16
| | |
* | | consequent order of writable-*Libravatar rusty-snake2019-06-16
| | |
* | | move noblacklist ~/.java to allow-java.incLibravatar rusty-snake2019-06-16
| | |
* | | coalesce comments in firefox-common profileLibravatar smitsohu2019-06-16
| | |
* | | Merge branch 'master' of github.com:netblue30/firejailLibravatar rusty-snake2019-06-16
|\ \ \
| * | | chromium-common profile: add nodbus conditionalLibravatar smitsohu2019-06-16
| | | |
* | | | many profile cleanup (4)Libravatar rusty-snake2019-06-16
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | containing: - files forgotten in 4beaf8f9 - workarounds for #903 - commented useless private-etc lines removed - remove commented seccomp.keep lines - much more
* | | Sort comented private-{bin,etc} linesLibravatar rusty-snake2019-06-16
| | | | | | | | | | | | in addition to 019fa047, c7d34b5e, 0a9beba3, cbdbb0f0.
* | | add rhythmbox-client.profileLibravatar rusty-snake2019-06-16
| | |
* | | Fix protocol lineLibravatar rusty-snake2019-06-16
| | | | | | | | | | | | only unknown-horizons was affected
* | | Sort caps.keep and seccomp.drop options (#2780)Libravatar glitsj162019-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Sort seccomp.drop in unbound.profile * Sort caps.keep in tor.profile * Sort seccomp.drop in qgjs.profile * Sort seccomp.drop in dnscrypt-proxy.profile * Sort caps.keep in chromium-common.profile
* | | Merge branch 'master' of github.com:netblue30/firejailLibravatar rusty-snake2019-06-15
|\ \ \
| * \ \ Merge pull request #2774 from Vincent43/Vincent43-chromium-nodbusLibravatar Vincent432019-06-15
| |\ \ \ | | | | | | | | | | chromium: disable nodbus
| | * | | chromium: disable nodbusLibravatar Vincent432019-06-15
| | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unfortunately nodbus prevents access to site passwords if they are stored in GNOME Keyring[1]. According to docs chromium can store password in 3 different ways: GNOME Keyring KWallet 4 plain text As KWallet storage may be broken in a same way, using nodbus will force chromium to store passwords in plain text which isn't best option for security and for firejail default. [1] https://wiki.gnome.org/Projects/GnomeKeyring [2] https://chromium.googlesource.com/chromium/src.git/+/master/docs/linux_password_storage.md
* | / / some profile fixesLibravatar rusty-snake2019-06-15
|/ / /
* | | More sorting private-etc (#2779)Libravatar glitsj162019-06-15
| | | | | | | | | | | | | | | | | | | | | | | | * Sort private-etc This .inc file got missed by https://github.com/netblue30/firejail/pull/2766. * Sort private-etc
* | | Sort private-lib (#2778)Libravatar glitsj162019-06-15
|/ / | | | | | | | | | | | | | | | | | | | | | | * Sort private-lib * Sort private-lib * Sort private-lib Don't know why there was a reference to /usr/bin/gedit in private-lib... * Sort private-lib
* | Merge pull request #2766 from rusty-snake/fix-all-private-bin_etc-linesLibravatar Vincent432019-06-15
|\ \ | | | | | | automatically fixed all private-{bin,etc} lines
| * | remove starting comma in kid3.profileLibravatar rusty-snake2019-06-14
| | |
| * | automatically fixed all private-{bin,etc} linesLibravatar rusty-snake2019-06-13
| | |
* | | Use private-etc directlyLibravatar glitsj162019-06-15
| | | | | | | | | Thanks to @rusty-snake for pointing this out.
* | | Update firefox-common-addons.incLibravatar rusty-snake2019-06-15
| | | | | | | | | remove 'noblacklist ${HOME}/.local/share/tridactyl', it will never blacklisted (see #2746)
* | | firefox-common-addons.inc: + tridactyl (#2746)Libravatar Sergey Alirzaev2019-06-15
| | |
* | | Fix youtube video in totem (#2764)Libravatar StelFux2019-06-15
| | | | | | | | | | | | | | | | | | | | | | | | * Fix youtube video in totem lua is required for youtube (online?) videos * Fix youtube video in totem with allow-lua.inc
* | | Refactoring as whitelist profile (#2773)Libravatar glitsj162019-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor artha as whitelist profile * Refactor clipit as whitelist profile * Refactor devilspie as whitelist profile * Refactor devilspie2 as whitelist profile * Refactor exfalso as whitelist profile * Refactor pavucontrol as whitelist profile * Refactor pdftotext as whitelist profile * Refactor redshift as whitelist profile * Refactor soundconverter as whitelist profile
* | | Remove private-cache in aria2c profileLibravatar glitsj162019-06-15
| | | | | | | | | Fixes #2772
* | | Re-order smplayer profileLibravatar glitsj162019-06-15
| | | | | | | | | Leaving alphabetical ordering of private-bin up to https://github.com/netblue30/firejail/pull/2766.
* | | Re-order seahorse profileLibravatar glitsj162019-06-15
| | |
* | | Re-order mpv profileLibravatar glitsj162019-06-15
| | | | | | | | | Leaving alphabetical ordering of private-bin up to https://github.com/netblue30/firejail/pull/2766.
* | | Re-order mpsyt profileLibravatar glitsj162019-06-15
| | | | | | | | | Leaving the alphabetical ordering up to https://github.com/netblue30/firejail/pull/2766.
* | | Harden mpDris2 profileLibravatar glitsj162019-06-15
| | |
* | | New profiles: newsbeuter, keepassxc-{cli,proxy}Libravatar rusty-snake2019-06-14
| | |
* | | Merge branch 'master' of http://github.com/netblue30/firejailLibravatar netblue302019-06-13
|\ \ \
| * | | Streamline mdwe comment (#2769)Libravatar glitsj162019-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Streamline mdwe comment for authenticator * Streamline mdwe comment for autokey-common * Streamline mdwe comment for baobab * Streamline mwde comment for bitwarden * Streamline mdwe comment for clawsker * Streamline mdwe comment for devhelp * Streamline mdwe comment for d-feet * Streamline mdwe comment for enpass * Streamline mdwe comment for eo-common * Streamline mdwe comment for exfalso * Streamline mdwe comment for font-manager * Streamline mdwe comment for geekbench * Streamline mdwe comment for mpDris2 * Streamline mdwe comment for ocenaudio * Streamline mdwe comment for QMediathekView * Streamline mdwe comment for subdownloader * Streamline mdwe comment for viewnior * Streamline mdwe comment for youtube-dl
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-28 14:18:41 +0000