aboutsummaryrefslogtreecommitdiffstats
path: root/src/firecfg/firecfg.config
Commit message (Collapse)AuthorAge
* firecfg.config: drop geary (#6116)Libravatar glitsj162023-12-07
| | | | | Geary uses bubblewrap now. Fixes #6103.
* New profile: tiny-rdm (#6083)Libravatar glitsj162023-11-11
| | | | | | | * disable-programs.inc: add support for tiny-rdm * Create tiny-rdm.profile * firecfg.config: add support for tiny-rdm
* New profile: termshark (#6039)Libravatar glitsj162023-10-07
| | | | | | | * Create termshark.profile * firecfg.config: add termshark support * termshark: CLI hardening
* Merge pull request #6009 from jtrv/tidal-hifiLibravatar netblue302023-10-05
|\ | | | | New profile: tidal-hifi
| * New profile: tidal-hifi (#6008)Libravatar jtrv2023-09-25
| | | | | | | | | | | | | | | | | | | | | | modified src/firecfg/firecfg.config to add tidal-hifi created etc/profile-m-z/tidal-hifi.profile closes: #6008 Apply suggestions from code review Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
* | New profile: lettura (#6027)Libravatar glitsj162023-10-03
|/ | | | | | | * disable-programs.inc: add lettura support * Create lettura.profile * firecfg.config: add lettura
* create fluffychat.profile (#6007)Libravatar pirate4867431862023-09-23
| | | Co-authored-by: pirate486743186 <>
* Add blender-3.6 redirect (#6013)Libravatar Frostbyte46642023-09-18
|
* New profile: clac (#5947)Libravatar glitsj162023-08-10
| | | | | * firecfg.config: add support for clac * Create clac.profile
* New profile: journal-viewer (#5943)Libravatar glitsj162023-08-10
|
* build: use ASCII sort on firecfg and check for duplicatesLibravatar Kelvin M. Klann2023-08-05
| | | | | | | | | | | | | | Currently the CI check does not consider certain special characters (such as `-`) when sorting due to `sort -d`. So remove `-d`, sort firecfg using `LC_ALL=C` and enforce that order. Also add `sort -u` to check for duplicates. This also allows the CI check to ignore normal comments (lines starting with `# `) anywhere in the file. Relates to #4643.
* build: improve comments in firecfg.configLibravatar Kelvin M. Klann2023-08-05
| | | | | | | | | | | | Remove the space after `#` for commented code and use `#` instead of `-` for comments at the end of the line. Commands used to search and replace: $ f=src/firecfg/firecfg.config; printf '%s\n' "$(sed -E \ -e '3,9999s/^# /#/' \ -e '3,9999s/^#([^ ]+) --? /#\1 # /' \ "$f")" >"$f"
* New profile: reader (#5934)Libravatar glitsj162023-08-02
| | | | | | | | | | | | * Create reader.profile * firecfg.config: add reader support * reader: integrate review suggestions - blacklist whole ${RUNUSER} - drop x11 none * reader: fix 'x11 none'
* New profile: daisy (#5935)Libravatar glitsj162023-08-02
| | | | | * firecfg.config: add daisy support * Create daisy.profile
* New profile: sniffnet (#5920)Libravatar glitsj162023-07-25
| | | | | | | * disable-programs.inc: add sniffnet support * Create sniffnet.profile * firecfg.config: add sniffnet support
* Create mullvad-browser.profile (#5887)Libravatar glitsj162023-07-22
| | | | | | | | | Homepage: https://mullvad.net/en/download/browser/linux mullvad-browser: don't use restrict-namespaces mullvad-browser: cover both installation paths Suggested in review by @kmk3.
* firecfg.config: add rssguardLibravatar glitsj162023-07-03
|
* firecfg.config: actually fix sortingLibravatar Kelvin M. Klann2023-06-28
| | | | | | | | | | | And remove the comment, as firecfg does not appear to support end-of-line comments and normal comments break the linter: $ ./ci/check/profiles/sort-firecfg.config.sh src/firecfg/firecfg.config sort: -:13: disorder: #Debian 11 seems to be installing the same fbreader executable twice under two different names This amends commit 869333a5f ("firecfg.config: fix sorting", 2023-06-28).
* firecfg.config: fix sortingLibravatar Kelvin M. Klann2023-06-28
| | | | | | | | | It's currently breaking the profile-checks job in CI[1]. Tihs amends commit d88c8d439 ("fbreader/FBReader profile fixes; more on static ip map", 2023-06-27). [1] https://github.com/netblue30/firejail/actions/runs/5394764503/jobs/9796380881
* fbreader/FBReader profile fixes; more on static ip mapLibravatar netblue302023-06-27
|
* profiles: vmware: disable on firecfgLibravatar Kelvin M. Klann2023-06-21
| | | | | | | | | | | | It appears to be broken on Linux Mint 20.3 (based on Ubuntu 20.04), due to the "VMWare Kernel Module Updater" being unable to install kernel modules[1]. Relates to #3526. [1] https://github.com/netblue30/firejail/issues/5861#issuecomment-1598407890 Reported-by: @MikeNavy
* profiles: add vmplayer.profileLibravatar Kelvin M. Klann2023-06-21
| | | | | | | | | | | | | As a redirect to vmware.profile. This is apparently the filename for the "VMWare Workstation Player" on Linux Mint 20.3 (based on Ubuntu 20.04)[1]. Relates to #3526. [1] https://github.com/netblue30/firejail/issues/5861#issuecomment-1598132860 Reported-by: @MikeNavy
* New profile: url-eater (#5780)Libravatar glitsj162023-04-18
| | | | | * Create url-eater.profile * RELNOTES: add url-eater to 'new profiles'
* Merge pull request #5710 from pirate486743186/mov-cliLibravatar netblue302023-03-23
|\ | | | | add mov-cli.profile
| * add mov-cliLibravatar pirate4867431862023-03-04
| |
* | Add profiles for jami and postman (#5691)Libravatar Kobaxidze2562023-03-15
| |
* | microsoft-edge fixes (#5697)Libravatar glitsj162023-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | * microsoft-edge*: fix spacing * Create microsoft-edge-stable.profile Relates to #5696. * firecfg.config: add support for microsoft-edge-stable redirect * disable-common.inc: blacklist msedge SUID executables * microsoft-edge: add private-opt and allow internal sandbox access
* | Add Discord PTB profileLibravatar Neotamandua2023-03-12
| |
* | Merge pull request #5707 from pirate486743186/ani-cliLibravatar netblue302023-03-08
|\ \ | | | | | | add ani-cli.profile
| * | add ani-cli.profileLibravatar pirate4867431862023-03-05
| |/ | | | | | | https://github.com/pystardust/ani-cli
* | Merge pull request #5714 from pirate486743186/porn-cliLibravatar netblue302023-03-08
|\ \ | | | | | | add porn-cli.profile
| * | add porn-cli.profileLibravatar pirate4867431862023-03-05
| |/
* / add lobster.profileLibravatar pirate4867431862023-03-03
|/ | | | https://github.com/justchokingaround/lobster
* New profiles: qpdf and redirects (#5675)Libravatar glitsj162023-02-23
| | | | | | | | | | | | | | | | | | | | | * Create qpdf.profile and redirects qpdf (CLI) provides PDF metadata cleaning. See privacy-handbuch.de[1] for details. The site offers pdf-meta-clean.sh[2], which works very well with firejailed qpdf. [1] https://www.privacy-handbuch.de/handbuch_43a.htm [2] https://www.privacy-handbuch.de/download/pdf-meta-clean.sh * RELNOTES: add qpdf and redirects to new profiles section * firecfg.config: add qpdf and redirects * qpdf: use 'seccomp socket' instead of 'protocol unix' See https://github.com/netblue30/firejail/issues/639. Thanks @rusty-snake in code review.
* private-etc: libreoffice, audacity, forzen-bubble, transmission, ↵Libravatar netblue302023-02-08
| | | | md5sum/sha512sum, more sysutils testing, fix electron-hardened.inc.profile
* Merge branch 'netblue30:master' into linuxqqLibravatar glitsj162023-01-04
|\
| * Add Chatterino profileLibravatar Dpeta2022-12-25
| |
* | firecfg: add linuxqq/qqLibravatar glitsj162023-01-03
|/
* Add profile for avidemux3_jobs_qt5Libravatar Hartmut Knaack2022-12-13
| | | | | | | | Add a profile for the Qt5 GUI to process Avidemux jobs. Use a redirection to the avidemux3_qt5 profile to reuse translation files. The application needs to create a network socket on localhost and fails to run with protocol unix, so that entry in the default avidemux profile needs to be extended.
* Add profile for avidemux3_cliLibravatar Hartmut Knaack2022-12-12
| | | | | Add a profile for the command-line interface of Avidemux, which redirects to the existing avidemux profile.
* New profile: tesseract (#5516)Libravatar glitsj162022-12-09
| | | | | | | | | | | | | | | | | | | | | | | * Add firecfg support for tesseract * Add tesseract to 'New profiles' section in README.md * Create tesseract.profile * tesseract: fix private-etc * tesseract: fix XDG black/whitelisting * tesseract: use 'seccomp socket' instead of 'protocol unix' As kindly suggested by @rusty-snake. * tesseract: add 'restrict-namespaces' As kindly suggested by @rusty-snake. * tesseract: use full seccomp filtering The tesseract application works fine without 'protocol' or 'seccomp socket'.
* Add support for cinelerra-gg (#5467)Libravatar glitsj162022-11-13
| | | | | | | * Create cinelerra-gg * add cinelerra-gg to `New profiles` section * Add cinelerra-gg to firecfg.config
* Add godot3 redirect (#5456)Libravatar Frostbyte46642022-11-07
| | | | | * Create godot3.profile * Add godot3 redirect to firecfg.config
* Add profile for chafa (#5355)Libravatar alkim02022-09-04
| | | Co-authored-by: Albert Kim <alkim@alkim.org>
* Merge pull request #5331 from pirate486743186/lbry-viewer.profile-createLibravatar netblue302022-08-29
|\ | | | | lbry-viewer.profile create
| * lbry-viewer.profile createLibravatar pirate4867431862022-08-21
| |
* | tuir.profile creation (#5330)Libravatar pirate4867431862022-08-28
| | | | | | Co-authored-by: pirate486743186 <>
* | new profile: gdu (#5289)Libravatar glitsj162022-08-09
|/ | | | | | | | | | | | | | | * add gdu to 'new profiles' section * Create gdu.profile * add gdu to firecfg * harden gdu sandbox * fix protocol * simulate empty protocol in gdu * more user-friendly gdu sandboxing
* adding ping in firecfg list (#1912)Libravatar netblue302022-03-24
|
* add opera-developer.profile (#5001)Libravatar glitsj162022-03-03
| | | | | | | | | | | | | | | * add opera-developer to firecfg * add opera-developer * fix typo * add configs for opera-developer * Create opera-developer.profile * fixes for opera-developer * fix for opera-developer
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-06 00:40:49 +0000