Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | refactor private-cache and tmpfs | smitsohu | 2018-11-26 |
| | | | | | | has the immediate benefit that the result of combining --noexec and --tmpfs does not depend on the sequence of the options | ||
* | removed ranger from firecfg.config | veloute | 2018-11-24 |
| | |||
* | removed vim from firecfg.config | veloute | 2018-11-24 |
| | |||
* | Misc. typos | luz.paz | 2018-11-19 |
| | | | Found using `codespell -q 3 -L shotcut,objext,als,ans,creat,varius,chage,tthe` | ||
* | Remove -c from usage completely. | Glenn Washburn | 2018-11-18 |
| | |||
* | Add better documentation for "-c" option. | Glenn Washburn | 2018-11-18 |
| | |||
* | Merge pull request #2255 from crass/fix-profile-name-handling | netblue30 | 2018-11-14 |
|\ | | | | | Allow prefixing colon to profile argument of --profile to for a profile search | ||
| * | Allow prefixing colon to profile argument of --profile to for a profile ↵ | Glenn Washburn | 2018-11-09 |
| | | | | | | | | search, and disallow a directory to match as a profile file. | ||
* | | still fixing indentation | smitsohu | 2018-11-13 |
| | | | | | | | | my editor is weird sometimes | ||
* | | identation fix | smitsohu | 2018-11-13 |
| | | |||
* | | misc small adjustments | smitsohu | 2018-11-13 |
| | | |||
* | | user database: improve error strings and checks | smitsohu | 2018-11-11 |
| | | |||
* | | fix the fix: ff6612fac86e1a79ba264167f0263ff12f62f346 | smitsohu | 2018-11-10 |
| | | |||
* | | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2018-11-10 |
|\| | |||
| * | Have appimage handling be the same with or with out special -- argument. | Glenn Washburn | 2018-11-08 |
| | | |||
| * | fix compile | netblue30 | 2018-11-08 |
| | | |||
| * | profile parser testing | netblue30 | 2018-11-08 |
| | | |||
| * | Merge pull request #2247 from SkewedZeppelin/u2f_cond | netblue30 | 2018-11-07 |
| |\ | | | | | | | Add new config option to disable U2F in browsers, enabled by default | ||
| | * | Add new config option to disable U2F in browsers, enabled by default | Tad | 2018-11-05 |
| | | | |||
* | | | unreadable firejail.users database fixes | smitsohu | 2018-11-10 |
|/ / | | | | | | | | | | | | | run firecfg with umask 022 and print a diagnostic message if the database is not readable. closes #2225 | ||
* / | Fixes for brave browser | Fred-Barclay | 2018-11-05 |
|/ | |||
* | fix --bandwidth command | netblue30 | 2018-11-05 |
| | |||
* | recursive remounts: add fallback for old kernels, some improvements | smitsohu | 2018-11-04 |
| | | | | | | | | | | | * vanilla kernels before 3.15 don't expose a mount id in /proc/pid/fdinfo files. This is still relevant on Ubuntu 14.04 with 3.13 kernel, CentOS 7 doesn't have this problem. In this case fall back to simple a remount and print a warning. * drop euid switching as it doesn't really serve a purpose here (paths are not opened in reading or writing mode, and we are not doing anything with it) and potentially causes problems when suid programs are sandboxed * more rigorous error handling | ||
* | mount appimages nodev,nosuid | smitsohu | 2018-11-04 |
| | |||
* | fs_whitelist: minor mountinfo check improvement, cleanup | smitsohu | 2018-11-04 |
| | |||
* | Add Mendeley profile | Fred-Barclay | 2018-11-02 |
| | |||
* | adding --net.print command line option | netblue30 | 2018-10-29 |
| | |||
* | aisleriot | netblue30 | 2018-10-28 |
| | |||
* | little tweaks, cosmetic changes | smitsohu | 2018-10-26 |
| | |||
* | fix: return with euid 0 | smitsohu | 2018-10-25 |
| | |||
* | experimental: remounts child mount points as well (read-only, read-write, ↵ | smitsohu | 2018-10-25 |
| | | | | noexec) | ||
* | Add QOwnNotes profile | Fred-Barclay | 2018-10-20 |
| | |||
* | improve some error messages | smitsohu | 2018-10-17 |
| | |||
* | improve clean_pathname function | smitsohu | 2018-10-17 |
| | |||
* | fs_whitelist: cache length of home directory string | smitsohu | 2018-10-17 |
| | |||
* | fix #2197 | netblue30 | 2018-10-17 |
| | |||
* | Merge pull request #2199 from crass/fix-2142-firefox-sandbox-appimage | netblue30 | 2018-10-17 |
|\ | | | | | Fix #2142: Firefox appimage fails because it needs non-default seccomp | ||
| * | Do not override user provided seccomp lists when in chroot/overlay/appimage, ↵ | Glenn Washburn | 2018-10-16 |
| | | | | | | | | but to use the default if none is provided. | ||
* | | Fix doc: A more accurate example of profile loading by profile name. | Glenn Washburn | 2018-10-17 |
| | | |||
* | | Fix docs on default seccomp list: change mfsservctl -> nfsservctl and ↵ | Glenn Washburn | 2018-10-17 |
| | | | | | | | | reorder, add ni_syscall, remove duplicate process_vm_writev, add sys_debug_setcontext. | ||
* | | Update profile manpage to detail added "include" functionality. | Glenn Washburn | 2018-10-17 |
| | | |||
* | | Allow include to search userdir then systemdir for "bare" profile file names. | Glenn Washburn | 2018-10-17 |
| | | |||
* | | Merge pull request #2158 from crass/profile_conditional | crass | 2018-10-17 |
|\ \ | | | | | | | #2158: Add support for rudimentary conditionals in profiles | ||
| * | | Update documentation for profile conditionals. | Glenn Washburn | 2018-10-16 |
| | | | |||
| * | | Add support for rudimentary conditionals in profiles, currently only the ↵ | Glenn Washburn | 2018-10-16 |
| |/ | | | | | | | HAS_APPIMAGE conditional is supported. | ||
* / | manpages: update disable-mnt description | Vincent43 | 2018-10-16 |
|/ | | | This will better match current code. | ||
* | Update man pages and usage to reflect --profile enhancement. | Glenn Washburn | 2018-10-15 |
| | |||
* | Allow specifying a profile "name" with the profile option (eg. ↵ | Glenn Washburn | 2018-10-15 |
| | | | | --profile=firefox). | ||
* | rename expand_home -> expand_macros to better reflect usage and remove ↵ | Glenn Washburn | 2018-10-15 |
| | | | | unneeded homedir argument. | ||
* | tentative fix: automatically mount libdir in chroot - #2176 | smitsohu | 2018-10-15 |
| |