Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | break out of libtrace file open loop | smitsohu | 2019-10-04 |
| | |||
* | commented out some debug code in libtrace | netblue30 | 2019-09-29 |
| | |||
* | increase socket buffer size for firemon, bug #2700 | netblue30 | 2019-09-29 |
| | |||
* | Merge branch 'master' of https://github.com/netblue30/firejail | smitsohu | 2019-09-22 |
|\ | |||
| * | Create pngquant.profile | rusty-snake | 2019-09-21 |
| | | |||
| * | Create gnome-latex.profile | rusty-snake | 2019-09-20 |
| | | |||
* | | minor optimization | smitsohu | 2019-09-22 |
| | | |||
* | | prevent trace from interfering with sandbox setup | smitsohu | 2019-09-22 |
| | | |||
* | | various clarifications, minor fixes | smitsohu | 2019-09-22 |
|/ | |||
* | break out fs_tracefile function | smitsohu | 2019-09-18 |
| | |||
* | fix the fix: tune file copy limit width | smitsohu | 2019-09-17 |
| | |||
* | fail gracefully if argc is zero | smitsohu | 2019-09-17 |
| | |||
* | add trace file validation | smitsohu | 2019-09-17 |
| | |||
* | move to fd based trace file mount | smitsohu | 2019-09-17 |
| | |||
* | Merge branch 'master' into fix-profile-builder | netblue30 | 2019-09-15 |
|\ | |||
| * | update seccomp in man firejail | rusty-snake | 2019-09-13 |
| | | |||
| * | libtrace cleanup | netblue30 | 2019-09-10 |
| | | |||
| * | Add ar profile (#2949) | glitsj16 | 2019-09-08 |
| | | | | | | | | | | | | * Add ar to firecfg * Create ar.profile | ||
| * | fix FIREJAIL_FILE_COPY_LIMIT larger than 2GB | smitsohu | 2019-09-05 |
| | | |||
| * | Revert changes in #2928 to seccomp group @default | Topi Miettinen | 2019-09-04 |
| | | | | | | | | | | Reconstruct @default by not relying on the changed system call groups @privileged and @resources. | ||
* | | Make sure that we are unprivileged before creating the trace log file. | Glenn Washburn | 2019-08-29 |
| | | |||
* | | When running builder trace output should go to separate file because (1) ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | trace output is logged to console, which is a pain to capture, and (2) it should not be mingled with program output anyway, which it was when sending to stdout. | ||
* | | Update man page to note that --trace can now take an optional parameter. | Glenn Washburn | 2019-08-29 |
| | | |||
* | | Allow firejail --trace option to take an optional parameter which is the ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | trace log file path. The trace log file will be created if it does not exist and then bind mounted to RUN_TRACE_FILE so that the sandboxed program can access it. | ||
* | | Allow libtrace preload library to use for trace output a logfile specified ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | by the environment variable FIREJAIL_TRACEFILE or as the RUN_TRACE_FILE if it exists ortherwise use the console as before. | ||
* | | Fix issue where strace output file path has leading space making it an ↵ | Glenn Washburn | 2019-08-29 |
| | | | | | | | | invalid path. | ||
* | | Better debug handling. | Glenn Washburn | 2019-08-29 |
| | | |||
* | | Profile builder helper should use correct firejail binary path. | Glenn Washburn | 2019-08-29 |
|/ | |||
* | Merge pull request #2928 from topimiettinen/seccomp-more-groups | netblue30 | 2019-08-29 |
|\ | | | | | Add further seccomp groups | ||
| * | Add further seccomp groups | Topi Miettinen | 2019-08-28 |
| | | | | | | | | Get further seccomp group definitions from systemd. | ||
* | | fix previous merge | netblue30 | 2019-08-29 |
| | | |||
* | | Merge branch 'master' into seccomp-allow-exceptions | netblue30 | 2019-08-29 |
|\ \ | |||
| * | | seccomp fix: allow numeric syscalls | aoand | 2019-08-26 |
| |/ | | | | | | | as per man page, numeric syscall is indicated by the dollar sign '$' | ||
* / | Allow exceptions to seccomp lists | Topi Miettinen | 2019-08-25 |
|/ | | | | | | | Prefix ! can be used to make exceptions to system call blacklists and whitelists used by seccomp, seccomp.drop and seccomp.keep. Closes #1366 | ||
* | various fixes and improvements | rusty-snake | 2019-08-22 |
| | | | | | | | | | | | | - install contrib/syscalls.sh - add GitLab-CI status to README.md - read-only ${HOME}/.cargo/env - move blacklist ${HOME}/.cargo/registry, ${HOME}/.cargo/config to disable-programs - typo in man firejail firejail-profiles firecfg - better descriptions in man firejail-profiles - fixes in man firejail - template descriptions in firejail-profiles | ||
* | added i2prouter to firecfg | core_contingency | 2019-08-21 |
| | |||
* | Fix revert of previous trace fix. The issue was that programs were crashing ↵ | Glenn Washburn | 2019-08-21 |
| | | | | because libtrace hooked libc calls were being executed before the libtrace library was initialized. This was due to other loaded libraries being initialized first. | ||
* | fix private-bin for tb-starter-wrapper #2863 | rusty-snake | 2019-08-19 |
| | |||
* | Merge pull request #2909 from gm10/fix-get_user | netblue30 | 2019-08-18 |
|\ | | | | | get_user() do not use the unreliable getlogin() | ||
| * | get_user() do not use the unreliable getlogin() | gm10 | 2019-08-13 |
| | | |||
* | | profiles: add kiwix-desktop | Tad | 2019-08-18 |
| | | |||
* | | fix --trace | netblue30 | 2019-08-17 |
|/ | |||
* | Add unzstd profile (#2903) | glitsj16 | 2019-08-12 |
| | | | | | | * Create unzstd.profile * Add unzstd to firecfg.config | ||
* | Add zstd (redirect) profile(s) (#2902) | glitsj16 | 2019-08-12 |
| | | | | | | | | | | | | | | | | * Create zstd.profile * Create pzstd.profile * Create zstdcat.profile * Create zstdgrep.profile * Create zstdless.profile * Create zstdmt.profile * Add zstd and its redirect profiles to firecfg.config | ||
* | add bzcat profile | smitsohu | 2019-08-12 |
| | |||
* | rewrite/partial revert of 8bff773d6a7bf70c97b3d5b751df9ec0dd6c8b5d | smitsohu | 2019-08-09 |
| | | | | | | | the commit in question introduced an early check of Firejail configuration file, which broke "firejail in firejail" for some sandboxes. see issue #2877 | ||
* | integrate private home options with nosound and x11 none | smitsohu | 2019-08-07 |
| | | | | fixes #2867 | ||
* | private home: don't create unused temporary files | smitsohu | 2019-08-07 |
| | |||
* | tune pam-tmpdir file permissions | smitsohu | 2019-08-01 |
| | |||
* | Merge pull request #2883 from flacks/profiles/whalebird | SkewedZeppelin | 2019-08-01 |
|\ | | | | | Add Whalebird profile |