| Commit message (Collapse) | Author | Age |
... | |
| |
|
| |
|
|\
| |
| | |
build: fix hardcoded make & remove unnecessary distclean targets
|
| |
| |
| |
| | |
This also fixes the duplicate execution of the "clean" targets.
|
|/
|
|
|
|
|
|
|
| |
Homepage: https://mullvad.net/en/download/browser/linux
mullvad-browser: don't use restrict-namespaces
mullvad-browser: cover both installation paths
Suggested in review by @kmk3.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is breaking scan-build in CI[1]:
/usr/share/clang/scan-build-14/bin/../libexec/ccc-analyzer [...] -c hostnames.c -o hostnames.o
hostnames.c:59:10: warning: Null pointer passed to 1st parameter expecting 'nonnull' [core.NonNullParamChecker]
return strdup(rv);
^~~~~~~~~~
1 warning generated.
Likely caused by commit d2802ce60 ("fnettrace cleanup", 2023-07-15).
This also fixes a memory leak of `cmd`.
[1] https://github.com/netblue30/firejail/actions/runs/5568460702/jobs/10171098449
|
|
|
|
|
|
|
|
|
|
|
|
| |
The `shell` option has been removed. Remove stale references.
This does NOT remove `shell none`-related code comments in:
- src/firejail/fs_lib.c (L433-L441)
- src/firejail/join.c (L415-L417)
Relates to #5196.
Suggested by #5891.
|
|
|
|
|
|
|
|
|
|
|
| |
Note: It already works for bash and it's already present in the syntax
files:
$ grep '^tab' contrib/syntax/lists/profile_commands_arg0.list
tab
Added on commit e6c50240f ("--tab: enable shell tab completion",
2022-02-20) / #4936.
|
| |
|
|\ |
|
| |
| |
| |
| |
| |
| | |
Closes #5899.
Suggested-by: @shaggonit
|
| |
| |
| |
| | |
To make it clearer that they are not modified later.
|
| |
| |
| |
| | |
To make it match the function used in src/jailcheck/utils.c.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commands used to find the relevant paths in /etc:
$ pacman -Qo /etc/* 2>/dev/null | grep sudo | LC_ALL=C sort
/etc/pam.d/ is owned by sudo 1.9.14.p1-1
/etc/sudo.conf is owned by sudo 1.9.14.p1-1
/etc/sudo_logsrvd.conf is owned by sudo 1.9.14.p1-1
/etc/sudoers is owned by sudo 1.9.14.p1-1
/etc/sudoers.d/ is owned by sudo 1.9.14.p1-1
Environment: Artix Linux.
Also, add missing paths sudo/doas to etc/ids.config and jailcheck.
See also commit dbebd71db ("disable-common.inc: blacklist doas binary",
2022-10-05).
Relates to #5385.
Reported-by: Dieter Plaetinck <dieter@plaetinck.be>
|
| |\
| | |
| | | |
New profile: rssguard
|
| | |\ |
|
| | | | |
|
|/ / / |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Simplify the main targets and use wildcards instead of repeating the
filenames manually.
Also, restore the `man` target and building only when `HAVE_MAN` is
enabled.
Note: Make automatically removes intermediate files (.1 and .5), so in
general only the .gz files have to be cleaned.
Commands used to rename the man pages:
cd src/man
git mv firecfg.txt firecfg.1.in
git mv firejail-login.txt firejail-login.5.in
git mv firejail-profile.txt firejail-profile.5.in
git mv firejail-users.txt firejail-users.5.in
git mv firejail.txt firejail.1.in
git mv firemon.txt firemon.1.in
git mv jailcheck.txt jailcheck.1.in
This is kind of a follow-up to commit 9e206b7f2 ("rework src/man
Makefile", 2023-07-07).
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Added in the following commits:
* f3774678f ("compress static ip map for fnettrace at compile time",
2023-07-06)
* 9e206b7f2 ("rework src/man Makefile", 2023-07-07)
|
|/ / / |
|
| | | |
|
| |/
|/| |
|
| | |
|
|/ |
|
|\
| |
| | |
modif: improve errExit error messages
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Changes:
* Move msg to the end of errExit (right before perror(3p))
* Include the full file path (within the repository)
* Add "()" to function name for clarity
Before:
Error malloc: main.c:123 main: Cannot allocate memory
After:
Error src/firejail/main.c:123 main(): malloc: Cannot allocate memory
Note: This clarifies which is the exact file that the error message
comes from, as there are many source files with the same name. For
example:
$ git ls-files 'src/*/main.c' | wc -l
20
|
| |
| |
| |
| |
| |
| | |
For increased portability.
The former is in C99, the latter is from gcc.
|
| | |
|
| |
| |
| |
| |
| |
| | |
Use errExit in every place that uses __FILE__ and __LINE__ manually.
Note: This currently only happens in the duplicated `is_dir` function.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
And remove the comment, as firecfg does not appear to support
end-of-line comments and normal comments break the linter:
$ ./ci/check/profiles/sort-firecfg.config.sh src/firecfg/firecfg.config
sort: -:13: disorder: #Debian 11 seems to be installing the same fbreader executable twice under two different names
This amends commit 869333a5f ("firecfg.config: fix sorting",
2023-06-28).
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It's currently breaking the profile-checks job in CI[1].
Tihs amends commit d88c8d439 ("fbreader/FBReader profile fixes; more on
static ip map", 2023-06-27).
[1] https://github.com/netblue30/firejail/actions/runs/5394764503/jobs/9796380881
|
|\| |
|
| |\
| | |
| | | |
build: organize and standardize make vars and targets
|
| | |
| | |
| | |
| | | |
Put all definitions in the same file.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes:
* Remove -fPIE, as it is mutually exclusive with -fPIC
* Remove -pie, as it is intended for executables (with -fPIE / -fpie)
* Remove duplicated `-z relro`
Note: The files built by the affected recipe are identical with and
without these changes when using gcc 13.1.1-1 on Artix Linux.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes:
* clean: remove the same types of files in src/prog.mk and src/so.mk
* distclean: remove unused recipes and DISTCLEANFILES variable
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To CLEANFILES and DISTCLEANFILES, respectively.
This matches what GNU automake uses.
Commands used to search and replace:
$ git grep -IFlz -e TOCLEAN -e TODISTCLEAN |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/TOCLEAN/CLEANFILES/g' \
-e 's/TODISTCLEAN/DISTCLEANFILES/g' '{}')\" >'{}'"
Added on commit cbdee6555 ("makefiles: add TOCLEAN and TODISTCLEAN
variables", 2022-07-15) / PR #5478.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
To make them less confusing, as they are extra dependencies, not files
that are specific to the module.
Commands used to search and replace:
$ git grep -IFlz -e 'MOD_HDRS' -e 'MOD_OBJS' -- src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/MOD_HDRS/EXTRA_HDRS/g' \
-e 's/MOD_OBJS/EXTRA_OBJS/g' '{}')\" >'{}'"
Added on commit f5b1ccaad ("makefiles: move extra deps into new MOD
vars", 2022-05-07) / PR #5478.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
It is unused and is unlikely to be used.
Added on commit f5b1ccaad ("makefiles: move extra deps into new MOD
vars", 2022-05-07) / PR #5478.
|
|/ / |
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
To reduce the amount of boilerplate in the makefiles.
This amends commit 9789c263a ("build: disable all built-in implicit make
rules", 2023-06-21) / PR #5864.
|
|\
| |
| | |
profiles: vmware improvements and new redirect
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It appears to be broken on Linux Mint 20.3 (based on Ubuntu 20.04), due
to the "VMWare Kernel Module Updater" being unable to install kernel
modules[1].
Relates to #3526.
[1] https://github.com/netblue30/firejail/issues/5861#issuecomment-1598407890
Reported-by: @MikeNavy
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As a redirect to vmware.profile.
This is apparently the filename for the "VMWare Workstation Player" on
Linux Mint 20.3 (based on Ubuntu 20.04)[1].
Relates to #3526.
[1] https://github.com/netblue30/firejail/issues/5861#issuecomment-1598132860
Reported-by: @MikeNavy
|