| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using the "wildcard" internal functions.
This usage has been present since the first "real" commit in the
repository: commit 137985136 ("Baseline firejail 0.9.28").
> H_FILE_LIST = $(sort $(wildcard *.[h]))
> C_FILE_LIST = $(sort $(wildcard *.c))
There is only a single character (i.e.: "h") inside the character class,
so its usage should make no functional difference. It may stem from a
construct that could have originally looked something like this:
C_FILE_LIST = $(sort $(wildcard *.[ch]))
Which would match both the implementation files and the headers.
From Section 4.4, [Using Wildcard Characters in File Names][1] of the
GNU make manual:
> A single file name can specify many files using wildcard characters.
> The wildcard characters in make are ‘*’, ‘?’ and ‘[…]’, the same as in
> the Bourne shell. For example, *.c specifies a list of all the files
> (in the working directory) whose names end in ‘.c’.
See also Section 2.13, [Pattern Matching Notation][2] of POSIX.1-2017.
Commands used to search, replace and clean up:
$ find . -name .git -prune -o -type f \
\( -name Makefile -o -name Makefile.in \
-o -name '*.mk' -o -name '*.mk.in' \) -print0 |
xargs -0 grep -Fl '$(wildcard *.[h])' | tr '\n' '\000' |
xargs -0 sed -i.bak -e \
's/\$(wildcard \*.\[h\])/$(wildcard *.h)/'
$ find . -name .git -prune -o -type f \
-name '*.bak' -exec rm '{}' +
Note: To make sure that this doesn't actually change anything
functionally, I built firejail-git (AUR) on Artix from master and from
this commit and diffing the resulting files produced no output (other
than showing changes related to the build timestamps).
Misc: Reference to the previous makefile-related changes: commit
2465f9248 ("makefiles: make all, clean and distclean PHONY") /
https://github.com/netblue30/firejail/pull/4024
[1]: https://www.gnu.org/software/make/manual/html_node/Wildcards.html
[2]: https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html
|
| |
|
|\
| |
| | |
Clarify novideo
|
| | |
|
|\ \
| | |
| | | |
Create bcompare.profile
|
| | | |
|
| | |
| | |
| | |
| | | |
I can't seem to get it to work with seccomp enabled.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Add netlink to pcsxr fixing controller support
- Add openmw and PPSSPPSDL to firecfg
- Update readme for new profiles
Note: file picker in dolphin-emu is being weird (not showing or freezing)
|
| | | |
|
| | | |
|
| |/
|/|
| |
| | |
adds support to run appimage in a chroot
|
|\ \
| | |
| | | |
make appimage mounts private to sandbox
|
| | | |
|
| | | |
|
|\ \ \
| | | |
| | | | |
Add profile for youtube-dl-gui & some other changes
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
mount without stash locations, only using the file descriptors
|
|/ / / |
|
| | | |
|
|\ \ \
| |/ /
|/| | |
private-lib: move to mount-only
|
| | | |
|
| | | |
|
| | | |
|
|/ / |
|
|\ \
| | |
| | | |
Grammar
|
| |/ |
|
| | |
|
|\ \
| | |
| | | |
private-lib: mask /usr/local/lib[,64] directories, too
|
| | | |
|
|\| |
| | |
| | | |
private-lib hardening
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
ensure that libraries are loaded
from a default ld.so search path
it is reasonable for firejail to
expect that unprivileged users have
no write permission on these paths;
lax permissions there mean that the
system is probably screwed anyway
|
|\ \ \
| | | |
| | | | |
sandbox setup: postpone library preloading
|
| |/ /
| | |
| | |
| | |
| | | |
for now avoids mixing of traces from sandbox helpers
into application traces
|
|\ \ \
| | | |
| | | | |
sandbox setup: postpone fslogger
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
postpone writing of log file in order to
catch filesystem modifications from x11
functions
|
|\ \ \
| | | |
| | | | |
Zsh completion improvements
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I don't understand the current brace expansions, so let's use a easier
one:
--foo <> one-time; no argument
*--foo <> multi-time; no argument
--foo=- <> one-time; with argument (direct after the =)
*--foo=- <> multi-time; with argument (direct after the =)
|
|\ \ \ \
| | | | |
| | | | | |
Add new condition ?HAS_PRIVATE:
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Idea from @vinc17fr
https://github.com/netblue30/firejail/issues/4026#issuecomment-789178572
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Create nextcloud-desktop.profile
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
back in the days always the same default seccomp filter was loaded
for chroot/appimage/overlayfs sandboxes. Nowadays users can configure
their own filters, so allow postexecseccomp again.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
remove whitespaces in order to create
a uniform message layout. Compare with:
** Note: you can use --noprofile to disable default.profile **
when firejail loads the default profile.
|
| |/ / /
|/| | |
| | | |
| | | | |
fixes reversed /etc and /usr/etc timetraces
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Better for portability and consistency. Currently strerror() is used
everywhere else, so use it here as well. printf's %m is a glibc
extension that is supported also by some other libc implementations.
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Move error message after debug logging and add cause message.
Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>
|