| Commit message (Collapse) | Author | Age |
... | |
| |
| |
| |
| |
| | |
* restrict D-Bus access in wireshark
* add private-cache to wireshark
|
|\ \
| | |
| | | |
Disable seccomp in wireshark profile
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
| | |
|
|\ \
| | |
| | | |
New profile for neochat
|
| | | |
|
| | |
| | |
| | | |
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| | |
| | |
| | |
| | |
| | | |
The dev did say it may be required on some platforms. He didn't sound
completely sure.
|
| | | |
|
| | |
| | |
| | |
| | | |
Seems to detect currently running instance even without that.
|
| | |
| | |
| | |
| | | |
Confirmed on neochat Matrix group that it is not required.
|
| | |
| | |
| | |
| | | |
Does not break dbus, despite the warning in the template.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
Signing in and so on works without this, so I'm not sure why it was
enabled in the flatpak.
|
| | |
| | |
| | |
| | |
| | | |
I had copied this from the flatpak listing, but the application works
without this.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
closes #4236
[skip ci]
|
|\ \ \
| | | |
| | | | |
steam.profile: fix rogue legacy paths and syntax
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Due to using globbing on mkdir, the current version causes this:
@davidebeatrici commented on 2021-04-23[1]:
> ```
> Error: "${HOME}/.local/share/RogueLegacy*" is an invalid filename: rejected character: "*"
> ```
Added on commit a603d4d39 ("steam: some more games added") / PR #4170.
The wildcard was used because Rogue Legacy apparently looks up multiple
different paths for the config and also for the data[1][2][3]:
1. ~/.config/RogueLegacy
2. ~/.config/RogueLegacyStorageContainer
3. ~/.local/share/RogueLegacy
4. ~/.local/share/RogueLegacyStorageContainer
The ones containing "RogueLegacyStorageContainer" appear to be legacy
paths (i.e.: paths which are only created by older versions of Rogue
Legacy)[2].
So replace all globs with the full paths because:
* The paths are known a priori (unlike, say, `/var/lib/libpcre*`)
* There aren't too many of them
And use only the non-legacy paths on mkdir. Besides mirroring what the
current version of Rogue Legacy does (and avoiding the creation of
unnecessary dirs), this is also done because _if_ the following applies
(i.e.: this was not tested):
* legacy paths take precedence over non-legacy paths
* the first path clobbers the other ones (i.e.: rather than "merge")
* save data exists in a non-legacy path (i.e.: path 3 in this case)
* firejail creates all 4 paths
Then it would make the newly-created and empty path 4 clobber the
non-legacy path 3 and thus make it seem like no save files exist. This
would persist even if steam is run without firejail afterwards, as the
empty directory would still be there. Losing (or appearing to lose)
game saves can be very unfortunate, so create just the non-legacy paths
to avoid confusion.
[1] https://github.com/netblue30/firejail/pull/4170#issuecomment-825405930
[2] https://steamcommunity.com/app/241600/discussions/1/846957366713233279/
[3] https://www.pcgamingwiki.com/wiki/Rogue_Legacy#Game_data
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
| | |
|
| | |
|
|\ \
| | |
| | | |
Some minor changes
|
| | | |
|
|\ \ \
| |/ /
|/| | |
Delete *.profie
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added on commit 41f69f7a7 ("Commons of opengl-game-wrapper.sh") /
PR #4071.
Each one is a duplicate of a .profile file that was added on the same
commit.
Commands used to search and replace (which is what causes their
deletion):
$ git ls-files -z -- '*.profie' | xargs -0 -I '{}' sh -c
"git mv -f '{}' \"\`printf '%s\n' '{}' | sed 's/.[^.]*$//'\`.profile\""
|
|/ / |
|
|\ \
| | |
| | | |
Commons of opengl-game-wrapper.sh
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
[skip ci]
- Add allow-opengl-game.inc
- Add profiles for alienarena-wrapper, ballbuster-wrapper,
colorful-wrapper, etr-wrapper, gl-117-wrapper, glaxium-wrapper,
neverball-wrapper, neverputt-wrapper, pinball-wrapper,
supertuxkart-wrapper
- Use allow-opengl-game.inc in xonotic.profile and the profiles above
- xonotic.profile: simplify private-bin by using xonotic*
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
β¦, gl-117, glaxium, pinball
alienarena is missing in firecfg.config by intention, I didn't tested
any online multiplayer.
|
|\ \ \
| | | |
| | | | |
Add examples how to allow browser access to Gnome extensions connector
|
| | | |
| | | |
| | | |
| | | | |
Fixes #4177.
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Add firedragon profile
* Point private-etc to firefox-common.local
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
* Add to firecfg.config
* Add firedragon to disable-programs.inc
* Correct dir
* Remove private-etc
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
as pointed out by @glitsj16 in 51e67fd4.
> FYI, a quick check shows atool,bsdtar,xzdec,unzstd are still missing
> from private-bin. Not sure if we actually need to bring those in too.
They add virtually no new permissions fr has already a long private-bin
with dozens of archivers. Before we break anything I add them.
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
README.md/RELNOTES:
- Add new profiles
etr.profile:
- adding passwd to private-etc makes it work for me
file-roller.profile
- add netfilter
- add zstd to private-bin
- add cp,mv,rm to private-bin which seems to be necessary in some
cases.
#4113 is likely fixed with this but wait for OP.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add Sway profile
* Fix issue
Not working then including firefox-common-addons.profile
* Allow sway's fallback config
* So I agree with @glitsj16 and @BL4CKH47H4CK3R
so..
`No its not needed as it reveals lots of important /usr/share folders like /usr/share/fonts which can used for font fingerprinting and OS detection. Like the site or attacker will know that which font you are using. Linux and windows common font are not same so its a problem. Besides there are so many other important folders as I see. Librewolf can launch and work perfectly without this options`
* well..
Revert `include whitelist-usr-share-common.inc`
Sync with Firefox profile
* π What just hapened
* π Sync with upstream
* Merge tested from PR
* π Sync with upstream
* Merge tested from PR
* Revert changes
* Add Sway profile
* Fix issue
Not working then including firefox-common-addons.profile
* Allow sway's fallback config
* So I agree with @glitsj16 and @BL4CKH47H4CK3R
so..
`No its not needed as it reveals lots of important /usr/share folders like /usr/share/fonts which can used for font fingerprinting and OS detection. Like the site or attacker will know that which font you are using. Linux and windows common font are not same so its a problem. Besides there are so many other important folders as I see. Librewolf can launch and work perfectly without this options`
* π Rebase
* π What just hapened
* Merge tested from PR
* π Sync with upstream
* Merge tested from PR
* Revert changes
* Update
* Update librewolf.profile
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|