| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
| |
Description: CLI encryption tool
https://github.com/brxken128/dexios
https://aur.archlinux.org/packages/dexios-bin
|
| |
|
| |
Cfr. https://github.com/netblue30/firejail/issues/6269#issuecomment-2002021790.
|
| |
|
|
|
|
| |
Description: Checks and fixes URLs in code and documentation.
https://github.com/nschloe/deadlink
https://aur.archlinux.org/packages/deadlink
|
| |
|
|
|
|
|
|
| |
Description: A CLI tool to download specific GitHub directories or
files.
https://github.com/alok8bb/cloneit
https://aur.archlinux.org/packages/cloneit-git
|
| |
|
|
|
| |
Description: Python script to check the status of a list of URLs.
https://github.com/Arthurdw/statusof
|
| |
|
|
|
|
| |
Description: A multi-threaded GTK application to fetch lyrics of
currently playing songs.
https://gitlab.com/bartwillems/lyriek
|
| |
|
|
|
|
|
|
|
|
| |
Description: Multi-threaded file-tree visualizer and disk usage
analyzer.
https://github.com/solidiquis/erdtree
https://archlinux.org/packages/extra/x86_64/erdtree/
Note: The repo and package are called `erdtree`, but the executable is
`erd`.
|
| |
|
|
|
|
|
|
| |
Description: Dynamic real-time view of running eBPF programs.
https://github.com/Netflix/bpftop
https://aur.archlinux.org/packages/bpftop
https://aur.archlinux.org/packages/bpftop-bin
https://aur.archlinux.org/packages/bpftop-git
|
| |
|
|
|
|
| |
Add support for qt6ct packages that use XDG desktop portal.
https://github.com/MikeWalrus/qt6ct#branch=colorscheme-portal
https://aur.archlinux.org/packages/qt6ct-xdg-colorscheme-git
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently Tor Browser 13.0.11 (based on Mozilla Firefox 115.8.0esr)
changed a few things. The former versions installed under
`${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser_en-US/Browser`
and now under
`${HOME}/.local/share/torbrowser/tbb/x86_64/tor-browser/Browser`.
All of our tor-browser-foo.profile profiles redirect to
torbrowser-launcher.profile and are covered by the fixes.
torbrowser.profile was not tested. It redirects to
firefox-common.profile and seems to be Gentoo-specific.
Fixes #6269.
|
| |\
| |
| | |
build: sort.py: filter empty and duplicate items
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Note: This seems to already be done for `protocol` lines.
Before:
$ ./contrib/sort.py test.profile
sort.py: checking 1 profile(s)...
test.profile:1:-private-etc ,,bar,,foo,,bar,,,
test.profile:1:+private-etc ,,,,,,,bar,bar,foo
test.profile:2:-protocol ,,unix,,bluetooth,,unix,,inet,,,
test.profile:2:+protocol unix,inet,bluetooth
[ Fixed ] test.profile
After:
$ ./contrib/sort.py test.profile
sort.py: checking 1 profile(s)...
test.profile:1:-private-etc ,,bar,,foo,,bar,,,
test.profile:1:+private-etc bar,foo
test.profile:2:-protocol ,,unix,,bluetooth,,unix,,inet,,,
test.profile:2:+protocol unix,inet,bluetooth
[ Fixed ] test.profile
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To reduce duplication.
Support for it was added on commit bf5a99360 ("landlock: add support for
PATH macro", 2023-12-22).
See also commit 19e108248 ("landlock: expand simple macros in commands",
2023-11-11) / PR #6125.
Relates to #6078.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Blacklisting qt5ct/qt6ct configuration and data paths breaks styling in all
apps that use them.
This was working as expected before #6249 and #6250, so remove the
blacklisting.
|
| | |
| |
| |
| |
| |
| |
| | |
Simple screen recorder for Linux desktop, supports Wayland & Xorg.
https://github.com/dvershinin/green-recorder
https://aur.archlinux.org/packages/green-recorder
https://aur.archlinux.org/packages/green-recorder-git
|
| | |
| |
| |
| |
| |
| |
| | |
Fix `noblacklist` entry without an equivalent `blacklist` entry.
Added on commit 1a2e8ab85 ("multimc: instances not running, because of
missing permissions", 2024-02-19) / PR #6216.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Since gnome-keyring 1.46, the ssh-agent functionality has been removed
and gcr-ssh-agent is the recommended alternative.
Source:
- https://gitlab.gnome.org/GNOME/gcr/-/merge_requests/67
- https://wiki.archlinux.org/title/GNOME/Keyring#SSH_keys
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
mkinitcpio (used to generate initramfs images) supports several
compression formats:
https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/blob/master/mkinitcpio.conf#L54-L64.
On Arch Linux (based distributions) at least this implies the supported
archivers to have access to mkinitcpio-related files under /etc.
This was no problem before 29da82d added `private-etc` to
`archivers-common.profile`.
This adds the now needed extra private-etc items to
archiver-common.profile, for mkinitcpio's supported compressors (which
seem to be at least cpio, gzip and zstd).
Relates to #5610.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Commit 29da82d added `private-etc` to `archiver-common.profile`.
To avoid doubled options this PR removes it from archiver profiles which
already had it.
Relates to #5610.
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| |\
| |
| | |
Profile for Ledger Live desktop app
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
/opt/ledger-live installation currently sits at 345 MiB, so I decided to
whitelist it instead of using private-opt ledger-live, in case future
installations grow in size.
Not using private-dev was the only way I managed to get my USB wallet to
work.
|
| |\ \
| | |
| | | |
landlock: use "landlock.fs." prefix in filesystem commands
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since Landlock ABI v4 it is possible to restrict actions related to the
network and potentially more areas will be added in the future.
So use `landlock.fs.` as the prefix in the current filesystem-related
commands (and later `landlock.net.` for the network-related commands) to
keep them organized and to match what is used in the kernel.
Examples of filesystem and network access flags:
* `LANDLOCK_ACCESS_FS_EXECUTE`: Execute a file.
* `LANDLOCK_ACCESS_FS_READ_DIR`: Open a directory or list its content.
* `LANDLOCK_ACCESS_NET_BIND_TCP`: Bind a TCP socket to a local port.
* `LANDLOCK_ACCESS_NET_CONNECT_TCP`: Connect an active TCP socket to a
remote port.
Relates to #6078.
|
| |\ \
| | |
| | | |
New profile: virt-manager
|
| | | | |
|
| | |/ |
|
| |\ \
| | |
| | | |
New profile: gnome-boxes
|
| | |/ |
|
| |\ \
| |/
|/| |
multimc: instances not running, because of missing permissions
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When starting an instance, in the logs, a failed attempt to load the lwjgl
library is shown and the game doesn't run.
The library is in the /tmp directory. The reason for this appears to
be, in the lwjgl source code, the shared library loading function,
extracts in the temporary directory and continues from there.
This is fixed by whitelisting.
The reason for adding "ignore noexec /tmp" as well, is that without it, the game
can't run, even if the directory is whitelisted. It seems the library needs
to be loaded from /tmp.
A second error for a failed attempt to access /home/user/.cache/JNA is also
shown in the logs. This is also fixed by whitelisting.
|
| |/
|
|
| |
Drop paths present in etc/inc/whitelist-usr-share-common.inc from
profiles that include it.
|
| | |
|
| |\
| |
| | |
nextcloud: D-Bus filtering changes
|
| | | |
|
| | | |
|
| | | |
|
| |\ \
| | |
| | | |
Profile for Electron Cash
|
| | | | |
|
| | | | |
|
| |\ \ \
| |_|/
|/| | |
Profile for RawTherapee
|
| | |/ |
|
| |\ \
| | |
| | | |
gnome-keyring: harden and add gnome-keyring-daemon.profile
|
glitsj16
Kelvin M. Klann
Michele Sorcinelli
rusty-snake
netblue30
Fidel Ramos
powerjungle