| Commit message (Collapse) | Author | Age |
... | |
| | |
| | |
| | |
| | |
| | | |
- fix sorting and private-etc, thanks to @glitsj16 for catching this
- add some missing to private-bin in firefox (still need more testing)
|
| | |
| | |
| | |
| | |
| | |
| | | |
- add a private-bin to firefox for fedora (still need testing)
- add a temporary workaround for #2877 ghostwriter sience this break export and preview with pandoc
- remove 'name slack' from slack.profile sience this is the only profile with name
|
|\ \ \
| | | |
| | | | |
Add Whalebird profile
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- pluma: sync private-lib from gedit to fix crashes
5e220b2da502bdcaf0f6188779e8bb0e37c9c414
- checkbashisms: fix missing library needed under CentOS 7
of note:
- yelp complains about /etc/pki but lacks network access anyway
under openSUSE Tumbleweed
- gedit is broken, see #2207
- onionshare-gui is broken, unrelated to firejail
under CentOS 7
- chromium-common is broken, commenting private-dev fixes,
potentially related to firejail, there are SELinux denials
for /dev/urandom
under Fedora and CentOS 7
- gnome-system-log is broken, as it is a script that calls logview
using pkexec, consider commenting in firecfg?
|
|\ \ \ \
| | | | |
| | | | | |
Add new Tor Browser alias
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
- tor-browser in the AUR is an international package; all other
individual language variants have been removed, so, add new alias
- Add 'tor-browser' and 'mv' to private-bin in launcher profile ('mv' is
required when upgrading tor-browser versions)
- Add 'tor-browser' to firecfg.config
- Add config dir to disable-programs.inc
|
|/ / /
| | |
| | |
| | | |
itch now also uses ~/.itch for application updates
|
| | |
| | |
| | |
| | |
| | |
| | | |
- Add Zulip config dir to disable-programs.inc
- Add disable-xdg.inc to Zulip profile
- Add Zulip to firecfg.config
|
| |/
|/| |
|
| | |
|
| | |
|
|/
|
| |
The `private-cache` option breaks electron related builds (see [this](https://github.com/minbrowser/min/issues/793) for an example).
|
| |
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
* remove mincore
* add @default without chroot
* add @default-nodebuggers without chroot
|
|/
|
|
|
|
| |
users not in firejail.users should only see the error,
not the symlink warning. Also exposes less code to non-
authorized users.
|
| |
|
| |
|
|
|
| |
Let's disable using a terminal for cron job testing by default and make this a whitelist profile.
|
|
|
|
|
|
|
| |
Use @{PID} consistently.
Remove 'deny /proc/** w,' suggestion as it will break all
whitelisted entries.
|
|
|
|
|
|
| |
This is needed by various electron apps, see:
https://github.com/netblue30/firejail/issues/2538
https://github.com/netblue30/firejail/issues/2854
|
| |
|
|\
| |
| | |
ipc-namespace breaks galculator on archlinux
|
| | |
|
| |
| |
| | |
Thanks to @SkewedZeppelin for catching this, see comments in https://github.com/netblue30/firejail/pull/2584.
|
| |
| |
| | |
less is usually used to view various text files including configs so blacklisting many of them in ${HOME} make it less(sic!) usable. We can make them read-only instead.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Create conplay.profile
* Create mpg123.bin.profile
* Create mpg123-alsa.profile
* Create mpg123-id3dump.profile
* Create mpg123-jack.profile
* Create mpg123-nas.profile
* Create mpg123-openal.profile
* Create mpg123-oss.profile
* Create mpg123-portaudio.profile
* Create mpg123-pulse.profile
* Create mpg123-strip.profile
* Create out123.profile
* Add mpg123 redirects to fireconfig
|
|\ \
| | |
| | | |
improve support for home directories outside /home
|
| | | |
|
| | |
| | |
| | |
| | | |
private-bin was too restrictive and didn't allow desktop recording
|
|/ / |
|
| | |
|
| |
| |
| | |
Try to help users more explicitly when they have youtube installed under ${HOME}, see #2833.
|
| |
| |
| | |
Fixes #2838.
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add youtube-dl config to disable-programs.inc
* Add config handling to youtube-dl
* Add youtube-dl config handling to celluloid.profile
* Add youtube-dl config handling to mpv.profile
* Add youtube-dl config handling to smplayer.profile
* Add youtube-dl config handling to mpsyt.profile
|
| | |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Fixes #2821, riot-desktop
|
| |/ |
|
| | |
|
|/
|
| |
Reverting https://github.com/netblue30/firejail/commit/75cd6d2f393752acd2db674c34c25bcd9a206f3b fix the issue.
|
| |
|
|
|
|
|
| |
When clicking a link in an email in Thunderbird, Firefox profile is not loaded.
This fix add the commented parameters required to load the Firefox profile when the user clicked in an email.
|