| Commit message (Collapse) | Author | Age | |
|---|---|---|---|
| * | Merge branch 'master' into fix-profile-builder |  netblue30 | 2019-09-15 |
| |\ | |||
| | * | update seccomp in man firejail |  rusty-snake | 2019-09-13 |
| | | | |||
| | * | libtrace cleanup | netblue30 | 2019-09-10 |
| | | | |||
| | * | Add ar profile (#2949) |  glitsj16 | 2019-09-08 |
| | | | | | | | | | | | | | * Add ar to firecfg * Create ar.profile | ||
| | * | fix FIREJAIL_FILE_COPY_LIMIT larger than 2GB |  smitsohu | 2019-09-05 |
| | | | |||
| | * | Revert changes in #2928 to seccomp group @default |  Topi Miettinen | 2019-09-04 |
| | | | | | | | | | | | Reconstruct @default by not relying on the changed system call groups @privileged and @resources. | ||
| * | | Make sure that we are unprivileged before creating the trace log file. |  Glenn Washburn | 2019-08-29 |
| | | | |||
| * | | When running builder trace output should go to separate file because (1) ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | | trace output is logged to console, which is a pain to capture, and (2) it should not be mingled with program output anyway, which it was when sending to stdout. | ||
| * | | Update man page to note that --trace can now take an optional parameter. | Glenn Washburn | 2019-08-29 |
| | | | |||
| * | | Allow firejail --trace option to take an optional parameter which is the ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | | trace log file path. The trace log file will be created if it does not exist and then bind mounted to RUN_TRACE_FILE so that the sandboxed program can access it. | ||
| * | | Allow libtrace preload library to use for trace output a logfile specified ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | | by the environment variable FIREJAIL_TRACEFILE or as the RUN_TRACE_FILE if it exists ortherwise use the console as before. | ||
| * | | Fix issue where strace output file path has leading space making it an ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | | invalid path. | ||
| * | | Better debug handling. | Glenn Washburn | 2019-08-29 |
| | | | |||
| * | | Profile builder helper should use correct firejail binary path. | Glenn Washburn | 2019-08-29 |
| |/ | |||
| * | Merge pull request #2928 from topimiettinen/seccomp-more-groups | netblue30 | 2019-08-29 |
| |\ | | | | | Add further seccomp groups | ||
| | * | Add further seccomp groups | Topi Miettinen | 2019-08-28 |
| | | | | | | | | | Get further seccomp group definitions from systemd. | ||
| * | | fix previous merge | netblue30 | 2019-08-29 |
| | | | |||
| * | | Merge branch 'master' into seccomp-allow-exceptions | netblue30 | 2019-08-29 |
| |\ \ | |||
| | * | | seccomp fix: allow numeric syscalls |  aoand | 2019-08-26 |
| | |/ | | | | | | | as per man page, numeric syscall is indicated by the dollar sign '$' | ||
| * / | Allow exceptions to seccomp lists | Topi Miettinen | 2019-08-25 |
| |/ | | | | | | | Prefix ! can be used to make exceptions to system call blacklists and whitelists used by seccomp, seccomp.drop and seccomp.keep. Closes #1366 | ||
| * | various fixes and improvements | rusty-snake | 2019-08-22 |
| | | | | | | | | | | | | | - install contrib/syscalls.sh - add GitLab-CI status to README.md - read-only ${HOME}/.cargo/env - move blacklist ${HOME}/.cargo/registry, ${HOME}/.cargo/config to disable-programs - typo in man firejail firejail-profiles firecfg - better descriptions in man firejail-profiles - fixes in man firejail - template descriptions in firejail-profiles | ||
| * | added i2prouter to firecfg |  core_contingency | 2019-08-21 |
| | | |||
| * | Fix revert of previous trace fix. The issue was that programs were crashing ↵ | Glenn Washburn | 2019-08-21 |
| | | | | | because libtrace hooked libc calls were being executed before the libtrace library was initialized. This was due to other loaded libraries being initialized first. | ||
| * | fix private-bin for tb-starter-wrapper #2863 | rusty-snake | 2019-08-19 |
| | | |||
| * | Merge pull request #2909 from gm10/fix-get_user | netblue30 | 2019-08-18 |
| |\ | | | | | get_user() do not use the unreliable getlogin() | ||
| | * | get_user() do not use the unreliable getlogin() |  gm10 | 2019-08-13 |
| | | | |||
| * | | profiles: add kiwix-desktop |  Tad | 2019-08-18 |
| | | | |||
| * | | fix --trace | netblue30 | 2019-08-17 |
| |/ | |||
| * | Add unzstd profile (#2903) | glitsj16 | 2019-08-12 |
| | | | | | | | * Create unzstd.profile * Add unzstd to firecfg.config | ||
| * | Add zstd (redirect) profile(s) (#2902) | glitsj16 | 2019-08-12 |
| | | | | | | | | | | | | | | | | | * Create zstd.profile * Create pzstd.profile * Create zstdcat.profile * Create zstdgrep.profile * Create zstdless.profile * Create zstdmt.profile * Add zstd and its redirect profiles to firecfg.config | ||
| * | add bzcat profile | smitsohu | 2019-08-12 |
| | | |||
| * | rewrite/partial revert of 8bff773d6a7bf70c97b3d5b751df9ec0dd6c8b5d | smitsohu | 2019-08-09 |
| | | | | | | | | the commit in question introduced an early check of Firejail configuration file, which broke "firejail in firejail" for some sandboxes. see issue #2877 | ||
| * | integrate private home options with nosound and x11 none | smitsohu | 2019-08-07 |
| | | | | | fixes #2867 | ||
| * | private home: don't create unused temporary files | smitsohu | 2019-08-07 |
| | | |||
| * | tune pam-tmpdir file permissions | smitsohu | 2019-08-01 |
| | | |||
| * | Merge pull request #2883 from flacks/profiles/whalebird |  SkewedZeppelin | 2019-08-01 |
| |\ | | | | | Add Whalebird profile | ||
| | * | Add Whalebird profile |  Jean Lucas | 2019-07-31 |
| | | | |||
| * | | Add new Tor Browser alias | Jean Lucas | 2019-07-31 |
| |/ | | | | | | | | | - tor-browser in the AUR is an international package; all other individual language variants have been removed, so, add new alias - Add 'tor-browser' and 'mv' to private-bin in launcher profile ('mv' is required when upgrading tor-browser versions) - Add 'tor-browser' to firecfg.config - Add config dir to disable-programs.inc | ||
| * | Corrections | Jean Lucas | 2019-07-31 |
| | | | | | | | - Add Zulip config dir to disable-programs.inc - Add disable-xdg.inc to Zulip profile - Add Zulip to firecfg.config | ||
| * | Add tb-starter-wrapper.profile (#2863) | rusty-snake | 2019-07-28 |
| | | |||
| * | fix private-tmp/pam-tmpdir interaction - #2685 | smitsohu | 2019-07-27 |
| | | |||
| * | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2019-07-25 |
| |\ | |||
| | * | fix make scan-build for debian 10 and arch | netblue30 | 2019-07-22 |
| | | | |||
| * | | fix whitelisting for homedirs outside /home | smitsohu | 2019-07-25 |
| | | | |||
| * | | fix verbosity for non-authorized user | smitsohu | 2019-07-22 |
| |/ | | | | | | users not in firejail.users should only see the error, not the symlink warning. Also exposes less code to non- authorized users. | ||
| * | fix gucharmap & add gnome-characters, gnome-character-map | rusty-snake | 2019-07-18 |
| | | |||
| * | document profile support for allow-debuggers in firejail-profile man page ↵ |  Sebastian Hafner | 2019-07-17 |
| | | | | | (#2861) | ||
| * | faudit: fix gcc stringop-truncation warning | smitsohu | 2019-07-17 |
| | | |||
| * | check for dir existence before private-* mount | smitsohu | 2019-07-16 |
| | | | | fixes #2859 | ||
| * | profile support for allow-debuggers (#2856) | Sebastian Hafner | 2019-07-15 |
| | | |||
 |
index : firejail | |
| Mirror of https://github.com/netblue30/firejail | Firejail Authors |
| summaryrefslogtreecommitdiffstats |