aboutsummaryrefslogtreecommitdiffstats
path: root/etc
Commit message (Collapse)AuthorAge
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* drop redundant ignoreLibravatar glitsj162022-03-04
|
* whitelist /usr/share/gnupg2 for consistency (#5007)Libravatar glitsj162022-03-04
|
* drop redundant whitelisting (#5005)Libravatar glitsj162022-03-03
|
* fix sylpheed (#5003)Libravatar glitsj162022-03-03
|
* more fixes for opera-beta (#5002)Libravatar glitsj162022-03-03
|
* add opera-developer.profile (#5001)Libravatar glitsj162022-03-03
| | | | | | | | | | | | | | | * add opera-developer to firecfg * add opera-developer * fix typo * add configs for opera-developer * Create opera-developer.profile * fixes for opera-developer * fix for opera-developer
* opera fixes/hardening (#4999)Libravatar glitsj162022-03-03
| | | | | * harden opera-beta * harden opera
* geary fixes (#4992)Libravatar glitsj162022-03-01
| | | | | * geary fixes * comment ipc-namespace
* fix mupdf redirect profiles (#4977)Libravatar glitsj162022-02-25
|
* gconf-editor fix (#4976)Libravatar glitsj162022-02-24
|
* update noprofile.profileLibravatar smitsohu2022-02-24
|
* hardening zeal.profile (#4970)Libravatar glitsj162022-02-23
|
* evince fixLibravatar netblue302022-02-22
|
* openSUSE Leap - whitelist-run-common.inc (#4954)Libravatar netblue302022-02-22
|
* allow printing in evinceLibravatar netblue302022-02-22
|
* Add support for changing appearance of the Qt6 apps with qt6ct (#4966)Libravatar avallach20002022-02-21
| | | | | | | * Add support for changing appearance of the Qt6 apps with qt6ct * Remove qt5ct artifact from zeal.profile * Remove qt5ct artifact from bibletime.profile
* Merge pull request #4964 from avallach2000/fix-qbittorrent-profileLibravatar netblue302022-02-20
|\ | | | | qbittorrent.profile: fix data directory location
| * disable-programs.inc: blacklist new qbittorrent data directoryLibravatar Andrew Kotsyuba2022-02-20
| |
| * qbittorrent.profile: fix data directory locationLibravatar Andrew Kotsyuba2022-02-20
| |
* | Merge pull request #4963 from crocket/masterLibravatar netblue302022-02-20
|\ \ | | | | | | wireshark.profile: Add dac_read_search to caps.keep
| * | wireshark.profile: Add dac_read_search to caps.keepLibravatar crocket2022-02-20
| |/ | | | | | | | | On gentoo linux, /usr/bin/dumpcap requires dac_read_search instead of dac_override.
* | Merge pull request #4946 from kmk3/add-warn-allow-trayLibravatar netblue302022-02-20
|\ \ | |/ |/| firejail.config: add warning about allow-tray
| * firejail.config: add warning about allow-trayLibravatar Kelvin M. Klann2022-02-16
| | | | | | | | | | | | | | | | | | | | | | According to #4053, there is currently no safe (in the sense of not allowing to escape the sandbox) implementation of `org.kde.StatusNotifierWatcher`, but it is required by multiple programs for tray functionality. Users may not be aware of this (for example, see #4508), so add a warning about it. Note: allow-tray was added on commit c86cae2d0 ("Add new condition ALLOW_TRAY", 2021-09-04) / PR #4510.
* | Merge pull request #4948 from crocket/masterLibravatar Fred Barclay2022-02-19
|\ \ | | | | | | Improve dino.profile.
| * | dino.profile: Allow functionalities that require dbus.Libravatar crocket2022-02-20
| |/
* | drop private-dev from wireshark.profile (#4958)Libravatar glitsj162022-02-18
| | | | | | | | | | | | | | * drop private-dev from wireshark.profile * add comment about private-dev in wireshark.profile Add a comment as suggested in https://github.com/netblue30/firejail/pull/4958#issuecomment-1044732769.
* | add onionshare redirects (#4957)Libravatar glitsj162022-02-18
| | | | | | | | | | | | | | * Create onionshare.profile * Create onionshare-cli.profile * add onionshare redirects to firecfg.config
* | man.profile: remove read-only tmp to fix mandoc (#4950)Libravatar Kelvin M. Klann2022-02-16
|/ | | | | | | | | | | | | | | | | Having `read-only /tmp` yields the following: $ man ls [...] man: /usr/share/man/man1/ls.1.gz: SYSERR: mkstemp: /tmp/man.XXXXxxxxxx: Read-only file system [...] It also causes the pager (e.g.: less(1)) to not be called, which means that the entire man page is just printed all at once on the terminal. Environment: mandoc 1.14.6-1 on Artix Linux. Fixes #4927. Reported-by: @hyder365
* Fix iridium.profileLibravatar rusty-snake2022-02-09
| | | | | | 0319fbd enabled whitelisting in /usr/share for iridium but wusc was still ignore causing iridium to crash. Fixes #4917
* Merge pull request #4915 from kmk3/keepassx-restore-nou2fLibravatar Fred Barclay2022-02-09
|\ | | | | keepassx: restore nou2f
| * keepassx: restore nou2fLibravatar Kelvin M. Klann2022-02-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I could not find anything to confirm that keepassx supports hardware keys. And as mentioned by @rusty-snake[1]: > The yubikey support in kpxc seems to be based on > https://github.com/kylemanna/keepassx / > https://github.com/keepassx/keepassx/pull/52 > which was never merged. For me it looks like kpx never got official > support for it. > > keepass seems to support hw keys (via plugin). Also of note is the PR that added yubikey support to keepassxc: https://github.com/keepassxreboot/keepassxc/pull/127 This partially reverts commit 09ac1a73e ("keepass*: remove nou2f", 2022-02-05) / PR #4903. See also commit 91b04172b ("keepass*: fix typo in private-dev note", 2022-02-06). Closes #4883. [1] https://github.com/netblue30/firejail/issues/4883#issuecomment-1031172309
* | fix private-cwd for hyperrogue - issue 4910 (Debian 11, Mint, UbuntuLibravatar netblue302022-02-07
|/
* keepass*: fix typo in private-dev noteLibravatar Kelvin M. Klann2022-02-06
| | | | | | | s/nou2f/private-dev/ This amends commit 8a718ff4a ("keepass*: note that private-dev blocks access to new hardware keys", 2022-02-05).
* keepass*: note that private-dev blocks access to new hardware keysLibravatar Kelvin M. Klann2022-02-05
| | | | | | Which may be surprising to some users (see #4883). Fixes #4883.
* keepass*: remove nou2fLibravatar Kelvin M. Klann2022-02-05
| | | | | | | At least keepassxc supports U2F and password managers seem like they would be a common use case for it. See the discussion on #4883.
* mediainfo.profile: add quiet (#4901)Libravatar Kelvin M. Klann2022-02-04
| | | | | | | It's a CLI tool and its output is a key part of the functionality. Fixes #4900. Reported-by: @rieje
* mergesLibravatar netblue302022-02-04
|
* Merge pull request #4897 from Eklektisk/librewolf-update-dbusLibravatar netblue302022-02-04
|\ | | | | Update librewolf.profile: use new d-bus message bus
| * Update librewolf.profile: use new message busLibravatar Eklektisk2022-02-03
| | | | | | Starting Librewolf 96.0, Librewolf switched from using d-bus org.mozilla.librewolf.* to io.gitlab.librewolf.*
* | shellcheck.profile: remove mdweLibravatar Kelvin M. Klann2022-02-04
| | | | | | | | | | | | | | | | | | It breaks non-binary builds of shellcheck on Arch (e.g.: shellcheck-bin vs shellcheck-git from the AUR). Fixes #4875. Reported-by: @redxef
* | profile checksLibravatar netblue302022-02-03
| |
* | Merge branch 'master' of ssh://github.com/netblue30/firejailLibravatar netblue302022-02-03
|\ \
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-20 04:45:25 +0000