| Commit message (Collapse) | Author | Age |
|---|
| |\ |
|
| | |\ |
|
| | | |\
| | | |
| | | | |
fix compilation on musl (#4578)
|
| | | | | |
|
| | | |\ \
| | | | |
| | | | | |
Revert "allow/deny fbuilder"
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit 4438f14f2892b5c88d158ae8fad0a80a2eebfd44.
Also, partially revert related commit e4307b409 ("fix whitelist/allow in
make test-utils") to keep the tests working.
The profiles are being generated using aliases, which are not used on
the profiles in the repository. So generate them using the normal
commands for consistency. See also commit dd13595b8 ("Revert
"allow/deny help and man pages"") / PR #4502.
Relates to #4410.
Misc: I noticed this on issue #4592.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Added on commit 9af2c1472 ("Better debug handling.").
|
| | | |\ \ \
| | | | | |
| | | | | | |
Fix vscodium
|
| | | | |/ /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Both base names are valid:
$ grep '^NAME' /etc/os-release
NAME="Artix Linux"
$ pacman -Q vscodium-bin
vscodium-bin 1.60.2-2
$ pacman -Qlq vscodium-bin | grep -v -e '/$' -e /resources/ |
grep /bin/
/usr/bin/codium
/usr/bin/vscodium
/usr/share/vscodium-bin/bin/codium
Note: The first two paths are symlinks to the third one.
Fixes #3871.
|
| | | |\ \ \
| | | | | |
| | | | | | |
trace, tracelog: don't truncate /etc/ld.so.preload in sandbox
|
| | | | | | | |
|
| | | |\ \ \ \
| | | | | | |
| | | | | | | |
Add new condition ALLOW_TRAY
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
results from a systematic search for strncmp
calls with a suspicious (non-fitting) integer
literal as third argument
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Enables recursive remounting on very old kernels, which has some relevance
for SailfishOS community ports.
|
| | | | |_|/ /
| | |/| | | |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
firejail.h uses PATH_MAX when defining a macro. Note that ARG_MAX and
PATH_MAX are not guaranteed to be (and potentially should not be)
defined. From POSIX.1-2017's limits.h(0p)[1]:
> A definition of one of the symbolic constants in the following list
> shall be omitted from the <limits.h> header on specific
> implementations where the corresponding value is equal to or greater
> than the stated minimum, but where the value can vary depending on the
> file to which it is applied. The actual value supported for a
> specific pathname shall be provided by the pathconf() function.
Use linux/limits.h instead of limits.h because glibc's limits.h
deliberately undefines ARG_MAX. See glibc commit f96853beaf
("* sysdeps/unix/sysv/linux/bits/local_lim.h: Undefined ARG_MAX if",
2008-03-27)[2].
From /usr/include/bits/local_lim.h (glibc 2.33-5 on Artix Linux):
#ifndef ARG_MAX
# define __undef_ARG_MAX
#endif
/* The kernel sources contain a file with all the needed information. */
#include <linux/limits.h>
/* [...] */
/* Have to remove ARG_MAX? */
#ifdef __undef_ARG_MAX
# undef ARG_MAX
# undef __undef_ARG_MAX
#endif
So if a file uses ARG_MAX (currently only cmdline.c) and limits.h (or a
firejail.h that includes limits.h) is included before linux/limits.h,
then the build will fail on glibc. Build log from using limits.h
(instead of linux/limits.h) on firejail.h:
$ make clean >/dev/null && make >/dev/null
cmdline.c:145:12: error: use of undeclared identifier 'ARG_MAX'; did you mean 'CFG_MAX'?
if (len > ARG_MAX) {
^~~~~~~
CFG_MAX
./firejail.h:805:2: note: 'CFG_MAX' declared here
CFG_MAX // this should always be the last entry
^
[...]
Fixes #4578.
[1] https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/limits.h.html
[2] https://sourceware.org/git/?p=glibc.git;a=commit;h=f96853beafc26d4f030961b0b67a79b5bfad5733
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
None of the files affected use any macros from linux/limits.h:
$ git grep -Fl 'NGROUPS_MAX
ARG_MAX
LINK_MAX
MAX_CANON
MAX_INPUT
NAME_MAX
PATH_MAX
PIPE_BUF
XATTR_NAME_MAX
XATTR_SIZE_MAX
XATTR_LIST_MAX
RTSIG_MAX' -- src
src/firejail/cmdline.c
src/firejail/firejail.h
src/libtrace/libtrace.c
src/libtracelog/libtracelog.c
Environment:
$ grep '^NAME' /etc/os-release
NAME="Artix Linux"
$ pacman -Qo /usr/include/linux/limits.h
/usr/include/linux/limits.h is owned by linux-api-headers 5.12.3-1
Note: This include has been present on all of the affected files since
their inception. For restrict_users.c, that's on commit 4f003daec
("prevent leaking user information by modifying /home directory,
/etc/passwd and /etc/group") and for every other file, it's on commit
137985136 ("Baseline firejail 0.9.28").
Relates to #4578.
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | | |
Relates to #4578.
|
| | |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
They are equivalent, but only the latter is POSIX. See sys_stat.h(0p)
of POSIX.1-2017[1]. From Section 14.9.5, The Mode Bits for Access
Permission of the glibc manual[2]:
> S_IWUSR
> S_IWRITE
>
> Write permission bit for the owner of the file. Usually 0200.
> S_IWRITE is an obsolete synonym provided for BSD compatibility.
Current usage:
$ git grep -F S_IWRITE -- src | wc -l
11
$ git grep -F S_IWUSR -- src | wc -l
26
Commands used to search and replace:
$ git grep -l -z S_IWRITE -- src | xargs -0 -I '{}' sh -c \
"printf '%s\n' \"\`sed 's/S_IWRITE/S_IWUSR/g' '{}'\`\" >'{}'"
Note: The other related non-POSIX macros are not used anywhere:
$ git grep -F -e S_IREAD -e S_IEXEC -- src
$
[1] https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_stat.h.html
[2] https://www.gnu.org/software/libc/manual/html_node/Permission-Bits.html
|
| |\ \ \ \
| |/ / /
|/| | | |
add more EUID improvements
|
| | | |/
| |/| |
|
| |/ / |
|
| | |
| |
| |
| |
| | |
don't try to read /usr/bin/firejail if private-bin removed it
from the sandbox filesystem
|
| | |
| |
| |
| |
| |
| | |
users, and fldd in particular, might have no read permission
on the firejail executable, make that ok by running fldd
as root
|
| |\ \
| | |
| | | |
Create goldendict.profile
|
| | |/ |
|
| |\ \
| | |
| | | |
Add missing final newlines
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Remove /etc/hosts is_link check
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | |/ /
|/| | |
|
| |\ \ \
| | | |
| | | | |
rework exitcodes
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
* add 128 to exitcode if child receives a fatal signal
(this is similar to what bash and other shells do)
* unify exitcodes across firejail: treat join'ed processes
the same as processes in the primary process tree
|
| | | | |
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit a11707ea273e5665047f8a7d9387ba07f08d72f6.
The man pages currently direct users to use the aliases instead of the
commands, which some users of firejail-git may end up doing. Example:
https://github.com/netblue30/firejail/discussions/4496
So revert the man page changes as well to avoid confusion.
Note: This is not a full revert. The commit in question also contains
some string formatting fixes on src/firejail/usage.c (related to dbus
and netmask), which are left intact.
Relates to #4410.
|
| |\ \
| | |
| | | |
create yt-dlp.profile
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
creating gallery-dl.profile
|
| | |/ / |
|
| |/ /
| |
| |
| |
| |
| |
| | |
arp_check relied on select(2) decreasing the timeout. This doesn't seem
to be the case on Linux anymore, thus arp_check tends to hang when the
interface sees a lot of traffic. Calculating the timeout explicitly
solves the problem.
|
| | |
| |
| |
| | |
Closes: #4460
|
| | |
| |
| |
| | |
follow up
|
| | |
| |
| |
| |
| | |
machine-id is not affected by --disable-network and matches in "User
Environment" as well.
|
| | | |
|
| | | |
|
| | | |
|
netblue30
dm9pZCAq
Kelvin M. Klann
smitsohu
rusty-snake
a1346054
lecso7
Jonas Heinrich
pirate486743186
minus
Topi Miettinen