| Commit message (Collapse) | Author | Age |
| |
|
|\
| |
| | |
Clarify novideo
|
| | |
|
|\ \
| | |
| | | |
Create bcompare.profile
|
| | | |
|
| | |
| | |
| | |
| | | |
I can't seem to get it to work with seccomp enabled.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Add netlink to pcsxr fixing controller support
- Add openmw and PPSSPPSDL to firecfg
- Update readme for new profiles
Note: file picker in dolphin-emu is being weird (not showing or freezing)
|
| | | |
|
| | | |
|
| |/
|/|
| |
| | |
adds support to run appimage in a chroot
|
|\ \
| | |
| | | |
make appimage mounts private to sandbox
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Add profile for youtube-dl-gui & some other changes
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
mount without stash locations, only using the file descriptors
|
|/ / / |
|
| | | |
|
|\ \ \
| |/ /
|/| | |
private-lib: move to mount-only
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
|\ \
| | |
| | | |
Grammar
|
| |/ |
|
| | |
|
|\ \
| | |
| | | |
private-lib: mask /usr/local/lib[,64] directories, too
|
| | | |
|
|\| |
| | |
| | | |
private-lib hardening
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
ensure that libraries are loaded
from a default ld.so search path
it is reasonable for firejail to
expect that unprivileged users have
no write permission on these paths;
lax permissions there mean that the
system is probably screwed anyway
|
|\ \ \
| | | |
| | | | |
sandbox setup: postpone library preloading
|
| |/ /
| | |
| | |
| | |
| | | |
for now avoids mixing of traces from sandbox helpers
into application traces
|
|\ \ \
| | | |
| | | | |
sandbox setup: postpone fslogger
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
postpone writing of log file in order to
catch filesystem modifications from x11
functions
|
|\ \ \
| | | |
| | | | |
Zsh completion improvements
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I don't understand the current brace expansions, so let's use a easier
one:
--foo <> one-time; no argument
*--foo <> multi-time; no argument
--foo=- <> one-time; with argument (direct after the =)
*--foo=- <> multi-time; with argument (direct after the =)
|
|\ \ \ \
| | | | |
| | | | | |
Add new condition ?HAS_PRIVATE:
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Idea from @vinc17fr
https://github.com/netblue30/firejail/issues/4026#issuecomment-789178572
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Create nextcloud-desktop.profile
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
back in the days always the same default seccomp filter was loaded
for chroot/appimage/overlayfs sandboxes. Nowadays users can configure
their own filters, so allow postexecseccomp again.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
remove whitespaces in order to create
a uniform message layout. Compare with:
** Note: you can use --noprofile to disable default.profile **
when firejail loads the default profile.
|
| |/ / /
|/| | |
| | | |
| | | | |
fixes reversed /etc and /usr/etc timetraces
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Better for portability and consistency. Currently strerror() is used
everywhere else, so use it here as well. printf's %m is a glibc
extension that is supported also by some other libc implementations.
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Move error message after debug logging and add cause message.
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | | | |
|