aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* Fix export in apostropheLibravatar rusty-snake2021-04-12
|
* profile fixesLibravatar rusty-snake2021-04-12
| | | | | | | | | | | | | | | | | | discord-canary.profile: fix #4175 flameshot.profile: - private-tmp break flameshot (wayland only?) - Screengrabbing (under wayland) is done via dbus, the following names must be allowed: - GNOME: org.gnome.Shell - KDE: org.kde.KWin - Sway: org.freedesktop.portal.Desktop - Allow notifications and tray too, because org.gnome.Shell (for example) is already totaly unsafe. mumble.profile: fix #4181
* Minor FixesLibravatar Neo000012021-04-09
|
* fix comment typoLibravatar glitsj162021-04-07
|
* Merge pull request #4170 from matthew-cline/steamLibravatar Reiner Herrmann2021-04-07
|\ | | | | steam: some more games added
| * steam: also added paths to disable-programs.incLibravatar Matthew Cline2021-04-05
| |
| * steam: some more games addedLibravatar Matthew Cline2021-04-05
| | | | | | | | | | | | | | | | | | | | | | | | Games added: * Don't Starve * Dungeons of Dredmor * Epic * Loop Hero * Pillars of Eternity I * Rogue Legacy I * Slay the Spire modding * Steam World Dig I & II
* | Fix #3783 -- Google Chrome (wayland ozone) is brokenLibravatar rusty-snake2021-04-06
| |
* | Merge pull request #4167 from tredondo/patch-7Libravatar rusty-snake2021-04-06
|\ \ | | | | | | WebStorm: allow Dolphin to access its config file
| * | WebStorm: allow Dolphin to access its config fileLibravatar Ted Robertson2021-04-05
| |/
* / Encourage making overrides in *.local files (#4165)Libravatar glitsj162021-04-06
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments * refactor local override comments
* drop some stuff based on discussion with @rusty-snakeLibravatar glitsj162021-04-04
|
* allow notifications + comment fixesLibravatar glitsj162021-04-04
|
* Add Librewolf Nightly profileLibravatar Vladislav Nepogodin2021-04-04
|
* dropbox: allow python3, fix for issue #4150Libravatar Matthew Cline2021-04-01
| | | | | | /usr/bin/dropbox needs access to python3, at least for dropbox command-line interface version 2020.03.04 as packaged by the RPM Fusion project. Fixes issue #4150
* Merge pull request #4148 from glitsj16/masterLibravatar glitsj162021-03-31
|\ | | | | Improve comments in apparmor files
| * Add examples to allow running programs from specific home dirLibravatar glitsj162021-03-30
| |
| * Recommend doing overrides in local apparmor dirLibravatar glitsj162021-03-30
| |
* | Add localtime to signal-desktop's profile.Libravatar Nolan Leake2021-03-30
|/ | | | Without it, all chat timestamps are in UTC.
* Fixes (man: allow rustup; Books -> gnome-books)Libravatar rusty-snake2021-03-28
|
* fix hardening commentLibravatar rusty-snake2021-03-24
| | | | [skip ci]
* fix hardening commentLibravatar glitsj162021-03-24
|
* fix network access commentLibravatar glitsj162021-03-24
|
* Merge pull request #4126 from rusty-snake/better-renamesLibravatar netblue302021-03-24
|\ | | | | Rename chromium-common-hardened and feh-network …
| * Rename chromium-common-hardened and feh-network …Libravatar rusty-snake2021-03-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | …again I am still not really happy about the rename from #4028, #4029, #4030 and #4031. I've no problem with moving away .inc but I don't like the result. So here's a proposal to make this better: | NAME | DESCRIPTION | | ------------------------- | ------------------------------------------------------------ | | `*-addons.profile` | (include) Allow external addons | | `*-common.profile` | (include) Common parts across multiple profiles | | `*-hardened.inc.profile` | Further hardening which can not be made default | | `*-network.inc.profile` | Allow optional network access | | `*-whitelist.inc.profile` | Enabled whitelisting (which can not be made default) ¹ | | `*.inc.profile` | Other profile specific includes | | `*.profile` | A profile for a program | | `allow-*.inc` | Multiple `noblacklist`s that should always be used together | | `disable-*.inc` | `blacklist`ing | | `whitelist-*-common.inc` | common `whitelist`s | | `*.inc` | Other generic includes | | `globals.local` | User overrides for all profiles | | `*.local` | Per profile user overrides | ¹ can be used for programs like KeePassXC or editors.
* | Merge pull request #4116 from Neo00001/masterLibravatar netblue302021-03-24
|\ \ | | | | | | Update vmware.profile & dbus-policy for amarok
| * | Update amarok.profileLibravatar Neo000012021-03-21
| | |
| * | Update vmware.profileLibravatar Neo000012021-03-21
| | |
| * | Update vmware.profileLibravatar Neo000012021-03-19
| | |
| * | Update amarok.profileLibravatar Neo000012021-03-19
| | |
* | | Update k3b.profileLibravatar Neo000012021-03-23
| |/ |/| | | #2989
* | fixes for gnome-logsLibravatar glitsj162021-03-21
| |
* | Merge pull request #4119 from pirate486743186/patch-14Libravatar Reiner Herrmann2021-03-21
|\ \ | | | | | | [minor] .cache/youtube-viewer in disable-programs.inc
| * | forgoten whitelistLibravatar pirate4867431862021-03-20
| | |
| * | .cacheLibravatar pirate4867431862021-03-20
| | |
| * | adding .cache/youtube-viewerLibravatar pirate4867431862021-03-20
| | |
* | | fix private-libLibravatar glitsj162021-03-20
|/ /
* | Fix nheko (#4117)Libravatar rusty-snake2021-03-19
| | | | | | closes #4115
* | man.progile: readonly instead of whitelistLibravatar rusty-snake2021-03-19
| |
* | Merge pull request #4069 from rusty-snake/hasher-profilesLibravatar netblue302021-03-19
|\ \ | | | | | | Add profile for checksum tools
| * | Add profile for checksum toolsLibravatar rusty-snake2021-03-14
| | | | | | | | | | | | | | | | | | * Oops! Thanks for catching. * Add quiet
* | | Merge pull request #3984 from nidamanx/patch-1Libravatar netblue302021-03-19
|\ \ \ | | | | | | | | Fix for KeePassXC plugin
| * | | SortingLibravatar Nicola Davide Mannarelli2021-02-14
| | | | | | | | | | | | | | | | Moved in the right place as in template https://github.com/netblue30/firejail/blob/master/etc/templates/profile.template
| * | | Update etc/profile-a-l/firefox.profileLibravatar Nicola Davide Mannarelli2021-02-13
| | | | | | | | | | | | Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
| * | | Fix for KeePassXC pluginLibravatar Nicola Davide Mannarelli2021-02-13
| | | | | | | | | | | | | | | | | | | | KeePassXC changed the socket name. https://github.com/keepassxreboot/keepassxc/commit/a145bf91191f0a4630a7e31654aff8a8dfd09bf0 Keep also old socket name in whitelist for back compatibility
* | | | Merge pull request #4102 from pirate486743186/patch-13Libravatar netblue302021-03-19
|\ \ \ \ | | | | | | | | | | fixing dbus filtering for engrampa
| * | | | fixing dbus filtering for engrampaLibravatar pirate4867431862021-03-15
| | | | |
* | | | | Merge pull request #4101 from pirate486743186/patch-12Libravatar netblue302021-03-19
|\ \ \ \ \ | | | | | | | | | | | | [minor] qcomicbook and pipe-viewer in disable-programs
| * | | | | adding mcomixLibravatar pirate4867431862021-03-18
| | | | | |
| * | | | | qcomicbook and pipe-viewer in disable-programsLibravatar pirate4867431862021-03-15
| | | | | | | | | | | | | | | | | | qcomicbook is the "PawelStolowski" folders
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-18 21:09:16 +0000