| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
With a fun little script:
$ git ls-files -z -- '*Makefile*' |
xargs -0 -I '{}' sh -c \
"test -s '{}' && printf '%s\n' \"\`git stripspace <'{}'\`\" >'{}'"
|
| |
|
| |
|
|
|
|
|
|
| |
The current message misses the info that nnp and nogroups is applied
too. The new mentions nnp too, but is very long. If anyone has a better
wording, say it.
|
|
|
|
| |
This will always set 'nonewprivs', 'caps.drop all' and 'nogroups'.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- RELNOTS: protocol now accumulates
- fix #3978 -- Android Studio: cannot create the directory
Unresolved:
> google-earth.profile has a 'noblacklist ${HOME}/.config/Google' too,
> so we should consider to add additional blacklists for ~/.config/Google/*.
- marker.profile: allow ${DOCUMENTS}
- profile.template: add bluetooth protocol
- profile.template: add DBus portal note
- firejail-profile.txt: revert 17fe4b9e -- fix private=directory in man firejail-profile
see https://github.com/netblue30/firejail/pull/3970#discussion_r574411745
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
Allow changing protocol list after initial set
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Firejail uses set-once logic for "protocol" list. This makes it
impossible to accumulate list of allowed protocols from multiple
include files.
Use profile_list_augment() for maintaining list of protocols. This
implicitly means protocols can be added/removed via any number of
command line options / profile configuration files.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A lot of profile options deal with manipulating strings containing
comma separated list of things, using several strains of similar but
not exactly the same code, duplicated for the purposes of processing
command line arguments and parsing configuration files.
Having utility functions available for handling such list strings can
make higher level logic shorter, cleaner and function in more uniform
manner.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Profile files are defined as a means to "pass several command line
arguments to firejail" but apparently for example mkdir and mkfile
options are available in context of profile files, but can't be
specified directly from command line.
Add support for -mkdir and --mkfile options so that executing:
firejail --mkdir=${HOME}/directory/path\
--whitelist=${HOME}/directory/path
behaves similarly as having profile file content:
mkdir ${HOME}/directory/path
whitelist ${HOME}/directory/path
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
|\
| |
| | |
fix firecfg links in restrictive sandboxes
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
firejail symbolic link redirection currently depends
on a shell, but in restrictive sandboxes there
might be no execute permission, or private-lib might
have removed necessary libraries, or seccomp might
block required syscalls ...
Fix this by forcing --shell=none.
closes #3911
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| | |
musl stdlib (Alpine Linux) doesn't know about canonicalize_file_name,
replace with equivalent realpath calls
|
| | |
|
|\ \
| | |
| | | |
add PATH_FCOPY to private-lib automatically
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
restore 45304621a6c600d8e30e98bfbef05149caaf56c5, but now run
fldd as root user. This became necessary because in the meantime
read permission on helper executables was removed.
Puts infrastructure in place to add other helper binaries to
private-lib as well, should the need arise.
|
|\ \
| | |
| | | |
Upstreaming a set of fixes from Sailfish's packaging
|
| | |
| | |
| | |
| | |
| | |
| | | |
Check that the directory exists before attempting to mount it.
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Lacking linefeed chars cause messages to get concatenated.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Firejail uses file bind-mounts to filter /etc/passwd and /etc/group
content. If private-etc is used, these mounts are left underneath
the /etc directory mount and this seems to be causing problems in
devices with older kernels: attempts to modify passwd or group
data fails with EBUSY.
Make it possible to perform fs_private_dir_list() actions in two
separate phases.
Undo the file mounts in /etc before mounting private-etc content.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
These have little consequences as the tool exits anyway,
but fs_copydir() leaks memory on success path and check()
on failure path.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When constructing sandbox fs, /etc/mtab which is symlink to
/proc/self/mounts gets resolved as /proc/PID/mounts. Where
PID is not the pid of the process that is going to get
executed in the firejail -> the result is broken/unaccessible
symlink from the application point of view.
Use /proc/self/xxx type symlink target if it resolves similarly
as the /proc/PID/xxx type would at the time of mapping.
Signed-off-by: Simo Piiroinen <simo.piiroinen@jolla.com>
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
|\ \ \
| | | |
| | | | |
Minor fixes for vmware
|
| | | | |
|
| |_|/
|/| | |
|
|/ / |
|
| | |
|
| | |
|
| | |
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
as no length checks are performed any more on environment variables,
remove obsoleted code
|
| |
|
|\
| |
| | |
Add first version of zsh completion
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Don't have duplicate descriptions and put = signs where they belong to
zsh completion function now dynamically adjusts for options (e.g. no --apparmor option without AppArmor configured)
No EXTRA_CFLAGS for cpp
Found main.c which does the argument processing. Moved some arguments into the correct #ifdef blocks
Profile selection now much better
Not more cpp. Using preproc.awk instead.
Updated bash firejail command completion to add profiles
ignore bash and zsh dynamically created completion scripts
Moved bash/zsh completions out of ALL_ITEMS to fix make install
Cleanup
|
| |
| |
| |
| |
| | |
readability/making it more obvious buffers
are properly initialized
|
| | |
|
| |
| |
| |
| |
| | |
the check was introduced some time ago in fs_x11(), but
fs_chroot() does the same thing and needs it as well
|
| |
| |
| |
| |
| |
| |
| | |
With the recent changes to environment variable handling, it should be
safe to always allow empty variables.
Closes: #3965
|
| | |
|
|\ \
| | |
| | | |
add support for faccessat2 syscall
|