aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAge
...
| * | add /run whitelist supportLibravatar smitsohu2021-05-08
| | |
| * | tweakLibravatar smitsohu2021-05-08
| | |
| * | add support for arbitrary whitelist directoriesLibravatar smitsohu2021-05-03
| | |
| * | introduce safer_openat functionLibravatar smitsohu2021-05-03
| | |
| * | enhance clean_pathname functionLibravatar smitsohu2021-05-03
| | |
* | | Merge pull request #4278 from kmk3/rename-noautopulseLibravatar Kelvin M. Klann2021-05-16
|\ \ \ | | | | | | | | rename noautopulse to keep-config-pulse
| * | | rename arg_noautopulse var to arg_keep_config_pulseLibravatar Kelvin M. Klann2021-05-14
| | | |
| * | | rename noautopulse to keep-config-pulseLibravatar Kelvin M. Klann2021-05-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: * add the keep-config-pulse option * make noautopulse an alias for keep-config-pulse * deprecate the noautopulse option * misc: fix indentation of --keep-dev-shm on src/firejail/usage.c Even though noautopulse is not intended for hardening, it looks like it is, because it starts with "no", just like no3d, noroot, etc). In fact, it is the only "no" option that differs in such a way. And it has been accidentally misused as such before; see PR #4269 and commit e4beaeaa8 ("drop noautopulse from agetpkg"). So effectively rename it to keep-config-pulse in order to avoid confusion. This is similar to the keep-var-tmp and keep-dev-shm options, which are used to "leave a path alone", just like noautopulse. Note: The changes on this patch are based on the ones from commit 617ff40c9 ("add --noautopulse arg for complex pulse setups") / PR #1854. See #4269 for the discussion.
* | | | O_CLOEXEC follow-upLibravatar smitsohu2021-05-16
| | | |
* | | | utmp follow-upLibravatar smitsohu2021-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Cosmetics, align RUN_UTMP_FILE open flags with others in 825ac9cdc38c4285584e69d6f29102b149914dfe Fix fslogger
* | | | fix firemon signal handler - #4274Libravatar smitsohu2021-05-16
| | | |
* | | | fix utmp error messageLibravatar smitsohu2021-05-16
| | | |
* | | | open files O_CLOEXEC|O_EXCLLibravatar smitsohu2021-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Dumb patch that adds O_CLOEXEC to all open/fopen calls, even where it is obviously pointless. While at it, also add O_EXCL where it might be considered useful, for example to clear Coverity warnings, or on files that subsequently are used to configure a join sandbox. Pure defense in depth, this patch should have no observable effects.
* | | | Add noinput to usage.c and _firejail.inLibravatar rusty-snake2021-05-16
|/ / /
* | | check if allocation was successfulLibravatar Reiner Herrmann2021-05-13
| | | | | | | | | | | | See #4274
* | | Manpage fixesLibravatar rusty-snake2021-05-13
| | | | | | | | | | | | Subdirs for private-etc has been implemented since 6ebe8925.
* | | force --noautopulse when running --noprofile in order to leave ↵Libravatar netblue302021-05-12
| | | | | | | | | | | | ~/.config/pulse directory unchanged
* | | more --buildLibravatar netblue302021-05-12
| |/ |/|
* | more --buildLibravatar netblue302021-05-06
| |
* | --build fixesLibravatar netblue302021-05-04
| |
* | Merge pull request #4209 from ↵Libravatar netblue302021-05-04
|\ \ | | | | | | | | | | | | davidebeatrici/private-dev-input-support-and-noinput-option Map /dev/input with "--private-dev", add "--no-input" option to disable it
| * | Map /dev/input with "--private-dev", add "--no-input" option to disable itLibravatar Davide Beatrici2021-04-23
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By default only joystick devices ("/dev/input/js*") can be accessed. At least, that's the case on Debian: the other entries have more restrictive permissions. The original owner and group are "root" and "input", respectively. However, until we have granular input control options, allowing access to joysticks only is better than nothing. $ ls -l /dev total 0 lrwxrwxrwx 1 nobody nogroup 8 23 apr 07.22 cdrom -> /dev/sr0 lrwxrwxrwx 1 nobody nogroup 8 23 apr 07.22 cdrw -> /dev/sr0 drwxr-xr-x 3 nobody nogroup 100 22 apr 19.18 dri lrwxrwxrwx 1 nobody nogroup 8 23 apr 07.22 dvd -> /dev/sr0 lrwxrwxrwx 1 nobody nogroup 8 23 apr 07.22 dvdrw -> /dev/sr0 lrwxrwxrwx 1 nobody nogroup 13 23 apr 07.22 fd -> /proc/self/fd crw-rw-rw- 1 nobody nogroup 1, 7 23 apr 07.22 full crw-rw----+ 1 nobody nogroup 244, 0 22 apr 19.18 hidraw0 crw-rw----+ 1 nobody nogroup 244, 1 22 apr 19.18 hidraw1 crw-rw----+ 1 nobody nogroup 244, 2 22 apr 19.18 hidraw2 crw-rw----+ 1 nobody nogroup 244, 3 22 apr 19.18 hidraw3 crw-rw----+ 1 nobody nogroup 244, 4 22 apr 19.18 hidraw4 crw-rw----+ 1 nobody nogroup 244, 5 22 apr 19.18 hidraw5 drwxr-xr-x 4 nobody nogroup 760 23 apr 07.22 input srw-rw-rw- 1 nobody nogroup 0 22 apr 19.18 log crw-rw-rw- 1 nobody nogroup 1, 3 23 apr 07.22 null lrwxrwxrwx 1 nobody nogroup 13 23 apr 07.22 ptmx -> /dev/pts/ptmx drwxr-xr-x 2 nobody nogroup 0 23 apr 07.22 pts crw-rw-rw- 1 nobody nogroup 1, 8 23 apr 07.22 random drwxrwxrwt 2 nobody nogroup 40 23 apr 07.22 shm drwxr-xr-x 4 nobody nogroup 500 22 apr 19.18 snd brw-rw----+ 1 nobody nogroup 11, 0 23 apr 00.24 sr0 lrwxrwxrwx 1 nobody nogroup 15 23 apr 07.22 stderr -> /proc/self/fd/2 lrwxrwxrwx 1 nobody nogroup 15 23 apr 07.22 stdin -> /proc/self/fd/0 lrwxrwxrwx 1 nobody nogroup 15 23 apr 07.22 stdout -> /proc/self/fd/1 crw-rw-rw- 1 nobody nogroup 5, 0 23 apr 07.22 tty crw-rw-rw- 1 nobody nogroup 1, 9 23 apr 07.22 urandom drwxr-xr-x 2 nobody nogroup 120 22 apr 19.18 usb crw-rw----+ 1 nobody video 81, 0 22 apr 19.18 video0 crw-rw----+ 1 nobody video 81, 1 22 apr 19.18 video1 crw-rw----+ 1 nobody video 81, 2 22 apr 19.18 video2 crw-rw----+ 1 nobody video 81, 3 22 apr 19.18 video3 crw-rw-rw- 1 nobody nogroup 1, 5 23 apr 07.22 zero $ ls -l /dev/input total 0 drwxr-xr-x 2 nobody nogroup 280 23 apr 07.22 by-id drwxr-xr-x 2 nobody nogroup 300 23 apr 07.22 by-path crw-rw---- 1 nobody nogroup 13, 64 22 apr 19.18 event0 crw-rw---- 1 nobody nogroup 13, 65 22 apr 19.18 event1 crw-rw---- 1 nobody nogroup 13, 74 22 apr 19.18 event10 crw-rw---- 1 nobody nogroup 13, 75 22 apr 19.18 event11 crw-rw---- 1 nobody nogroup 13, 76 22 apr 19.18 event12 crw-rw---- 1 nobody nogroup 13, 77 22 apr 19.18 event13 crw-rw---- 1 nobody nogroup 13, 78 22 apr 19.18 event14 crw-rw---- 1 nobody nogroup 13, 79 22 apr 19.18 event15 crw-rw---- 1 nobody nogroup 13, 80 22 apr 19.18 event16 crw-rw---- 1 nobody nogroup 13, 81 22 apr 19.18 event17 crw-rw---- 1 nobody nogroup 13, 82 22 apr 19.18 event18 crw-rw---- 1 nobody nogroup 13, 83 22 apr 19.18 event19 crw-rw---- 1 nobody nogroup 13, 66 22 apr 19.18 event2 crw-rw---- 1 nobody nogroup 13, 84 22 apr 19.18 event20 crw-rw---- 1 nobody nogroup 13, 85 22 apr 19.18 event21 crw-rw---- 1 nobody nogroup 13, 86 22 apr 19.18 event22 crw-rw---- 1 nobody nogroup 13, 87 22 apr 19.18 event23 crw-rw---- 1 nobody nogroup 13, 88 22 apr 19.18 event24 crw-rw---- 1 nobody nogroup 13, 89 22 apr 19.18 event25 crw-rw---- 1 nobody nogroup 13, 90 22 apr 19.18 event26 crw-rw---- 1 nobody nogroup 13, 91 22 apr 19.18 event27 crw-rw----+ 1 nobody nogroup 13, 92 23 apr 07.22 event28 crw-rw---- 1 nobody nogroup 13, 67 22 apr 19.18 event3 crw-rw---- 1 nobody nogroup 13, 68 22 apr 19.18 event4 crw-rw---- 1 nobody nogroup 13, 69 22 apr 19.18 event5 crw-rw---- 1 nobody nogroup 13, 70 22 apr 19.18 event6 crw-rw---- 1 nobody nogroup 13, 71 22 apr 19.18 event7 crw-rw---- 1 nobody nogroup 13, 72 22 apr 19.18 event8 crw-rw---- 1 nobody nogroup 13, 73 22 apr 19.18 event9 crw-rw-r-- 1 nobody nogroup 13, 0 22 apr 19.18 js0 crw-rw-r--+ 1 nobody nogroup 13, 1 23 apr 07.22 js1 crw-rw---- 1 nobody nogroup 13, 63 22 apr 19.18 mice crw-rw---- 1 nobody nogroup 13, 32 22 apr 19.18 mouse0 crw-rw---- 1 nobody nogroup 13, 33 22 apr 19.18 mouse1 $ ls -l /dev/input/by-id total 0 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-BY_Tech_Usb-event-if01 -> ../event9 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-BY_Tech_Usb-event-kbd -> ../event8 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-BY_Tech_Usb-if01-event-kbd -> ../event11 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-BY_Tech_Usb-if01-event-mouse -> ../event12 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-BY_Tech_Usb-if01-mouse -> ../mouse1 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-event-if01 -> ../event5 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-event-mouse -> ../event2 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-if01-event-kbd -> ../event3 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-mouse -> ../mouse0 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-Sonix_Technology_Co.__Ltd._H264_USB_Camera_SN0001-event-if00 -> ../event27 lrwxrwxrwx 1 nobody nogroup 10 23 apr 07.22 usb-ZEROPLUS_Controller_3136303033313032354246323543-event-joystick -> ../event28 lrwxrwxrwx 1 nobody nogroup 6 23 apr 07.22 usb-ZEROPLUS_Controller_3136303033313032354246323543-joystick -> ../js1 $ ls -l /dev/input/by-path total 0 lrwxrwxrwx 1 nobody nogroup 10 23 apr 07.22 pci-0000:05:00.1-usb-0:6.1:1.0-event-joystick -> ../event28 lrwxrwxrwx 1 nobody nogroup 6 23 apr 07.22 pci-0000:05:00.1-usb-0:6.1:1.0-joystick -> ../js1 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.0-event-mouse -> ../event2 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.0-mouse -> ../mouse0 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.1-event -> ../event5 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.1-event-kbd -> ../event3 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.0-event-kbd -> ../event8 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event -> ../event9 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event-kbd -> ../event11 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event-mouse -> ../event12 lrwxrwxrwx 1 nobody nogroup 9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-mouse -> ../mouse1 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:0c:00.3-usb-0:4:1.0-event -> ../event27 lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 platform-pcspkr-event-spkr -> ../event13
* | Merge pull request #4230 from Kishore96in/neochat_profileLibravatar netblue302021-05-04
|\ \ | | | | | | New profile for neochat
| * | Add neochat to enabled programs.Libravatar Kishore Gopalakrishnan2021-05-02
| | |
* | | Merge pull request #4215 from brisad/masterLibravatar netblue302021-05-04
|\ \ \ | | | | | | | | Add support for subdirs in private-etc
| * | | Add support for subdirs in private-etcLibravatar Michael Hoffmann2021-04-26
| |/ /
* | | Merge pull request #4204 from jsquyres/pr/man-page-correctionsLibravatar rusty-snake2021-05-04
|\ \ \ | | | | | | | | man: corrections regarding --private-FOO options
| * | | man: corrections regarding --private-FOO optionsLibravatar Jeff Squyres2021-04-20
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 0.9.60-1070-g40d3604f updated the man pages with respect to --private-opt, --private-etc, and --private-srv. It was made after testing firejail 0.9.52 (from Ubuntu 18.04). However, it unfortunately did not accurately reflect the the behavior of the current HEAD at the time, because commit 0.9.56-rc1-14-ga9242301 had previously slightly changed the behavior of these three options (after 0.9.52), and was released in 0.9.56. The man pages changes made in commit 40d3604f were therefore not entirely correct. This commit updates the man pages to describe the behavior as implemented in a9242301 (and is still the behavior as of the current HEAD: 0.9.64-737-g937815ba). Signed-off-by: Jeff Squyres <jsquyres@cisco.com>
* | | --build fixesLibravatar netblue302021-05-03
| |/ |/|
* | Merge pull request #4071 from rusty-snake/open-game-wrapperLibravatar rusty-snake2021-04-24
|\ \ | | | | | | Commons of opengl-game-wrapper.sh
| * | Commons of opengl-game-wrapper.shLibravatar rusty-snake2021-04-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [skip ci] - Add allow-opengl-game.inc - Add profiles for alienarena-wrapper, ballbuster-wrapper, colorful-wrapper, etr-wrapper, gl-117-wrapper, glaxium-wrapper, neverball-wrapper, neverputt-wrapper, pinball-wrapper, supertuxkart-wrapper - Use allow-opengl-game.inc in xonotic.profile and the profiles above - xonotic.profile: simplify private-bin by using xonotic*
| * | Add profiles for alienarena, ballbuster, colorful…Libravatar rusty-snake2021-04-24
| |/ | | | | | | | | | | | | …, gl-117, glaxium, pinball alienarena is missing in firecfg.config by intention, I didn't tested any online multiplayer.
* / Add FireDragon profile (#4203)Libravatar Nico2021-04-24
|/ | | | | | | | | | | | | | | | | * Add firedragon profile * Point private-etc to firefox-common.local Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com> * Add to firecfg.config * Add firedragon to disable-programs.inc * Correct dir * Remove private-etc Co-authored-by: rusty-snake <41237666+rusty-snake@users.noreply.github.com>
* Update main.cLibravatar pholodniak2021-04-15
| | | profstats - correct variable for include global
* Fix typo (#4176)Libravatar Jose Riha2021-04-10
|
* Add Librewolf Nightly profileLibravatar Vladislav Nepogodin2021-04-04
|
* Fixes (man: allow rustup; Books -> gnome-books)Libravatar rusty-snake2021-03-28
|
* private-lib: trim ending slashes and dotsLibravatar smitsohu2021-03-25
| | | | | | | | | | | | | | | | Currently pathological endings like in /foo/bar/./. are mapped to RUN_LIB_DIR, with the effect that the mount is skipped because this directory always exists at this point in time. Even though it's harmless, it is wrong behaviour, so handle trailing slashes and dots before doing the mounts. Also avoids running into an assertion if there is a trailing slash. Plus few small cosmetic changes to make things more explicit.
* makefiles: replace character class with plain charLibravatar Kelvin M. Klann2021-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using the "wildcard" internal functions. This usage has been present since the first "real" commit in the repository: commit 137985136 ("Baseline firejail 0.9.28"). > H_FILE_LIST = $(sort $(wildcard *.[h])) > C_FILE_LIST = $(sort $(wildcard *.c)) There is only a single character (i.e.: "h") inside the character class, so its usage should make no functional difference. It may stem from a construct that could have originally looked something like this: C_FILE_LIST = $(sort $(wildcard *.[ch])) Which would match both the implementation files and the headers. From Section 4.4, [Using Wildcard Characters in File Names][1] of the GNU make manual: > A single file name can specify many files using wildcard characters. > The wildcard characters in make are ‘*’, ‘?’ and ‘[…]’, the same as in > the Bourne shell. For example, *.c specifies a list of all the files > (in the working directory) whose names end in ‘.c’. See also Section 2.13, [Pattern Matching Notation][2] of POSIX.1-2017. Commands used to search, replace and clean up: $ find . -name .git -prune -o -type f \ \( -name Makefile -o -name Makefile.in \ -o -name '*.mk' -o -name '*.mk.in' \) -print0 | xargs -0 grep -Fl '$(wildcard *.[h])' | tr '\n' '\000' | xargs -0 sed -i.bak -e \ 's/\$(wildcard \*.\[h\])/$(wildcard *.h)/' $ find . -name .git -prune -o -type f \ -name '*.bak' -exec rm '{}' + Note: To make sure that this doesn't actually change anything functionally, I built firejail-git (AUR) on Artix from master and from this commit and diffing the resulting files produced no output (other than showing changes related to the build timestamps). Misc: Reference to the previous makefile-related changes: commit 2465f9248 ("makefiles: make all, clean and distclean PHONY") / https://github.com/netblue30/firejail/pull/4024 [1]: https://www.gnu.org/software/make/manual/html_node/Wildcards.html [2]: https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html
* Update README.md & RELONTS; Fix manpage HAVE_NETWORKLibravatar rusty-snake2021-03-19
|
* Merge pull request #4100 from tredondo/patch-2Libravatar netblue302021-03-19
|\ | | | | Clarify novideo
| * Clarify novideoLibravatar Ted Robertson2021-03-14
| |
* | Merge pull request #4098 from tredondo/masterLibravatar netblue302021-03-19
|\ \ | | | | | | Create bcompare.profile
| * | Add bcompare to firecfg.configLibravatar Ted Robertson2021-03-13
| | |
* | | Add a profile for PCSX2Libravatar Tad2021-03-17
| | | | | | | | | | | | I can't seem to get it to work with seccomp enabled.
* | | Small changesLibravatar Tad2021-03-16
| | | | | | | | | | | | | | | | | | | | | | | | - Add netlink to pcsxr fixing controller support - Add openmw and PPSSPPSDL to firecfg - Update readme for new profiles Note: file picker in dolphin-emu is being weird (not showing or freezing)
* | | Add a profile for pcsxrLibravatar Tad2021-03-15
| | |
* | | Really fixup openmw profileLibravatar Tad2021-03-15
| | |
* | | finding a place for appimage mountLibravatar smitsohu2021-03-15
| |/ |/| | | | | adds support to run appimage in a chroot
* | Merge pull request #4095 from smitsohu/appimageLibravatar netblue302021-03-14
|\ \ | | | | | | make appimage mounts private to sandbox
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-26 15:09:13 +0000