| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
| |
Simple screen recorder for Linux desktop, supports Wayland & Xorg.
https://github.com/dvershinin/green-recorder
https://aur.archlinux.org/packages/green-recorder
https://aur.archlinux.org/packages/green-recorder-git
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Warnings:
$ make codespell
Running codespell...
./README:757: Manuel ==> Manual
./RELNOTES:269: relpaced ==> replaced
./src/firecfg/desktop_files.c:60: diectory ==> directory
./platform/debian/control.i386:11: namepaces ==> namespaces
./platform/debian/control.amd64:11: namepaces ==> namespaces
make: *** [Makefile:383: codespell] Error 65
$ codespell --version
2.2.6
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of manually specifying which source files depend on which
headers, use compiler flags to automatically generate depfiles (.d),
which declare the correct header (make) dependencies for each source
file (.c).
Use `-MMD` (which ignores system headers) to generate the dependencies
and `-MP` to prevent make from complaining when a header file is removed
while it is listed as a dependency in a depfile.
If depfiles exist, just include them. If not, make each object file
(.o) unconditionally depend on all header files in its source directory
and in src/include, to ensure that rebuilds are done when needed. The
latter case applies to the first build after `make clean` (which would
build everything anyway) and when the compiler does not support
generating depfiles.
Note that both gcc and clang have supported these options for a long
time.
Misc: This depends on the changes from commit 5b1bd33c7 ("build: use
full paths on compile/link targets", 2023-07-02) / PR #6158 to avoid
issues with make dependency tracking.
|
| |\
| |
| | |
build: use full paths on compile/link targets
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the compile commands clearer when building in parallel (with
`make -j`) and ensures that `__FILE__` includes the full build-time path
(relative to the root of the repository) whenever it is referenced, such
as in failed assert() messages (currently the full path is only shown in
errExit() messages). Example:
Before:
firejail: main.c:100: main: Assertion `1 == 2' failed.
Error src/firecfg/main.c:100: main: malloc: Cannot allocate memory
After:
firejail: ../../src/firejail/main.c:100: main: Assertion `1 == 2' failed.
Error ../../src/firecfg/main.c:100: main: malloc: Cannot allocate memory
Commands used to search and replace:
$ git grep -Ilz '^MOD_DIR =' -- '*Makefile' | xargs -0 -I '{}' \
sh -c "printf '%s\n' \"\$(sed -E \
-e 's|^MOD_DIR = src/(.*)|MOD = \\1\\nMOD_DIR = \$(ROOT)/src/\$(MOD)|' \
-e 's:^(PROG|SO) = [^.]+(\.so)?$:\\1 = \$(MOD_DIR)/\$(MOD)\2:' \
'{}')\" >'{}'"
$ git grep -Ilz '^HDRS :=' -- '*.mk' | xargs -0 -I '{}' \
sh -c "printf '%s\n' \"\$(sed -E \
-e 's|wildcard (\*\..)|wildcard \$(MOD_DIR)/\\1|' '{}')\" >'{}'"
Note: config.mk.in, src/fnettrace/Makefile and src/include/common.h were
edited manually.
This is a follow-up to #5871.
|
| |\ \
| | |
| | | |
firecfg: use ignorelist also for .profile/.desktop files
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Closes #5245.
Relates to #5876.
|
| | | |
| | |
| | |
| | | |
And make it const.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes:
* Export `in_ignorelist` function
* Allow only building the ignorelist without setting the symlinks
* Rename the functions to reflect the above
* Add a function that parses all config files (`parse_config_all`)
Also, make sure that `parse_config_all` only parses config files once,
even if called multiple times.
Relates to #5876.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently it is only used when parsing the configuration files:
* /etc/firecfg.d/*.conf
* /etc/firecfg.config
Use it when searching for profile filenames as well:
* ~/.config/firejail/*.profile
Relates to #5876.
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Committer note: For each profile there is both XXX-gtk and gtk-XXX (such
as lbry-viewer-gtk and gtk-lbry-viewer).
XXX-gtk is the symlink
gtk-XXX is the actual file
Co-authored-by: exponential <echo ZXhwb25lbnRpYWxtYXRyaXhAcHJvdG9ubWFpbC5jb20K | base64 -d>
|
| |/ |
|
| |
|
|
|
| |
Geary uses bubblewrap now.
Fixes #6103.
|
| |\
| |
| | |
feature: firecfg: add firecfg.d & add ignore command
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add ignore command (`!PROGRAM`), as suggested by @WhyNotHugo[1].
It prevents firecfg from creating a symlink for the given program.
Also, document the paths used and the config file syntax.
Note that `/etc/firejail/firecfg.d/*.conf` files are parsed before
/etc/firejail/firecfg.config, so the former can ignore/override any item
in the latter.
Closes #2097.
[1] https://github.com/netblue30/firejail/issues/2097#issuecomment-1179160459
|
| | |
| |
| |
| |
| |
| | |
As suggested by @WhyNotHugo[1].
[1] https://github.com/netblue30/firejail/issues/2097#issuecomment-1179160459
|
| | |
| |
| |
| |
| |
| | |
Instead of using asprintf + free.
Also, use LIBDIR instead of hardcoded "/usr/lib" for fzenity.
|
| | |
| |
| |
| |
| |
| |
| | |
Changes:
* fix inconsistent indentation/braces
* add missing free
|
| | |
| |
| |
| |
| |
| |
| | |
* disable-programs.inc: add support for tiny-rdm
* Create tiny-rdm.profile
* firecfg.config: add support for tiny-rdm
|
| | |
| |
| |
| |
| |
| |
| | |
* Create termshark.profile
* firecfg.config: add termshark support
* termshark: CLI hardening
|
| |\ \
| | |
| | | |
New profile: tidal-hifi
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
modified src/firecfg/firecfg.config to add tidal-hifi
created etc/profile-m-z/tidal-hifi.profile
closes: #6008
Apply suggestions from code review
Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
|
| |/ /
| |
| |
| |
| |
| |
| | |
* disable-programs.inc: add lettura support
* Create lettura.profile
* firecfg.config: add lettura
|
| | |
| |
| | |
Co-authored-by: pirate486743186 <>
|
| | | |
|
| | |
| |
| |
| |
| | |
* firecfg.config: add support for clac
* Create clac.profile
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the CI check does not consider certain special characters
(such as `-`) when sorting due to `sort -d`.
So remove `-d`, sort firecfg using `LC_ALL=C` and enforce that order.
Also add `sort -u` to check for duplicates.
This also allows the CI check to ignore normal comments (lines starting
with `# `) anywhere in the file.
Relates to #4643.
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Remove the space after `#` for commented code and use `#` instead of `-`
for comments at the end of the line.
Commands used to search and replace:
$ f=src/firecfg/firecfg.config; printf '%s\n' "$(sed -E \
-e '3,9999s/^# /#/' \
-e '3,9999s/^#([^ ]+) --? /#\1 # /' \
"$f")" >"$f"
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Create reader.profile
* firecfg.config: add reader support
* reader: integrate review suggestions
- blacklist whole ${RUNUSER}
- drop x11 none
* reader: fix 'x11 none'
|
| |
|
|
|
| |
* firecfg.config: add daisy support
* Create daisy.profile
|
| |
|
|
|
|
|
| |
* disable-programs.inc: add sniffnet support
* Create sniffnet.profile
* firecfg.config: add sniffnet support
|
| |
|
|
|
|
|
|
|
| |
Homepage: https://mullvad.net/en/download/browser/linux
mullvad-browser: don't use restrict-namespaces
mullvad-browser: cover both installation paths
Suggested in review by @kmk3.
|
| |
|
|
|
|
| |
Closes #5899.
Suggested-by: @shaggonit
|
| |
|
|
| |
To make it clearer that they are not modified later.
|
| |
|
|
| |
To make it match the function used in src/jailcheck/utils.c.
|
| | |
|
| |\
| |
| | |
modif: improve errExit error messages
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes:
* Move msg to the end of errExit (right before perror(3p))
* Include the full file path (within the repository)
* Add "()" to function name for clarity
Before:
Error malloc: main.c:123 main: Cannot allocate memory
After:
Error src/firejail/main.c:123 main(): malloc: Cannot allocate memory
Note: This clarifies which is the exact file that the error message
comes from, as there are many source files with the same name. For
example:
$ git ls-files 'src/*/main.c' | wc -l
20
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
And remove the comment, as firecfg does not appear to support
end-of-line comments and normal comments break the linter:
$ ./ci/check/profiles/sort-firecfg.config.sh src/firecfg/firecfg.config
sort: -:13: disorder: #Debian 11 seems to be installing the same fbreader executable twice under two different names
This amends commit 869333a5f ("firecfg.config: fix sorting",
2023-06-28).
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
It's currently breaking the profile-checks job in CI[1].
Tihs amends commit d88c8d439 ("fbreader/FBReader profile fixes; more on
static ip map", 2023-06-27).
[1] https://github.com/netblue30/firejail/actions/runs/5394764503/jobs/9796380881
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To make them less confusing, as they are extra dependencies, not files
that are specific to the module.
Commands used to search and replace:
$ git grep -IFlz -e 'MOD_HDRS' -e 'MOD_OBJS' -- src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/MOD_HDRS/EXTRA_HDRS/g' \
-e 's/MOD_OBJS/EXTRA_OBJS/g' '{}')\" >'{}'"
Added on commit f5b1ccaad ("makefiles: move extra deps into new MOD
vars", 2022-05-07) / PR #5478.
|
| |/ |
|
| |
|
|
|
|
|
| |
To reduce the amount of boilerplate in the makefiles.
This amends commit 9789c263a ("build: disable all built-in implicit make
rules", 2023-06-21) / PR #5864.
|
D357R0Y3R
glitsj16
Kelvin M. Klann
pirate486743186
netblue30
jtrv
Frostbyte4664