| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, when running on CI, `firejail --version` only prints the
following line:
firejail version 0.9.69
Add a new print_version() function that always prints both the above and
the compile-time options (like it is done outside of CI) and call it in
both of the places that handle --version on main.c.
Misc: The printing of compile-time features was added on commit
48dd1fbec ("apparmor", 2016-08-02).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As caught by the Clang Static Analyzer:
$ make clean && NO_EXTRA_CFLAGS="yes" scan-build --status-bugs make -C src/fzenity
[...]
main.c:77:10: warning: Value stored to 'ptr' is never read [deadcode.DeadStores]
return ptr++;
^~~~~
1 warning generated.
[...]
scan-build: Analysis run complete.
scan-build: 1 bug found.
The above increment is a no-op, as it is equivalent to
`return ptr; ptr++;`.
For it to make any difference, the prefix increment operator would have
to be used in place of the postfix one:
return ++ptr;
Which would be equivalent to `++ptr; return ptr;`.
But in order to fix the warning (and CI) while avoiding to change the
current behavior, just remove the operator instead.
Added on commit 1cdfa6f95 ("more on firecfg --guide: fzenity",
2022-04-25).
|
| | |
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Partial error log when building firejail-git (afee8603f) with
--enable-fatal-warnings:
hostnames.c: In function ‘retrieve_hostname’:
hostnames.c:53:17: error: ‘fclose’ called on pointer returned from a mismatched allocation function [-Werror=mismatched-dealloc]
53 | fclose(fp);
| ^~~~~~~~~~
hostnames.c:38:20: note: returned from ‘popen’
38 | FILE *fp = popen(cmd, "r");
| ^~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
make[1]: *** [Makefile:7: hostnames.o] Error 1
Environment: gcc 11.2.0-4 on Artix Linux.
Added on commit 500a56efd ("more on nettrace", 2022-01-07).
|
| | | |
|
| |/
|
|
| |
/etc/alternatives on Debian
|
| |\ |
|
| | |\
| | |
| | | |
Stop warning on safe supplementary group clean
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When nogroups is used, the following warning may be issued (potentially
multiple times, as drop_privs may be called more than once):
Warning: cleaning all supplementary groups
But the warning is being shown even when it seems that all supplementary
groups can be safely dropped (and are thus dropped), which is likely a
common scenario. This commit prevents the warning from being printed in
that case, making it so that it is only shown in the non-happy paths (as
was the case on firejail 0.9.66).
Misc: The added code was copied from drop_privs.
This amends commit 7abce0b4c ("Fix keeping certain groups with
nogroups", 2021-11-30) / PR #4732.
Kind of relates to #4930.
|
| |/ / |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
- fix shellcheck
- break long lines
- remove unseless $? check
- remove needless \\
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
As hinted by @rusty-snake[1].
[1] https://github.com/netblue30/firejail/discussions/5064#discussioncomment-2417395
|
| | |
|
| |\
| |
| | |
docs: mention inconsistent homedir bug involving --private=dir
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
And the workaround suggested by @smitsohu[1] and @rusty-snake[2].
Relates to #903 #5048.
[1] https://github.com/netblue30/firejail/issues/903#issuecomment-946673346
[2] https://github.com/netblue30/firejail/discussions/5048#discussioncomment-2360034
|
| | |
| |
| |
| |
| |
| | |
It's currently only present on firejail.txt.
This amends commit 340699fbd ("misc things", 2020-02-22).
|
| |\ \
| |/
|/| |
man: mention that the protocol command accumulates
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As mentioned by @rusty-snake[1].
This amends commit 39654d016 ("adding netlink to --protocol list
(#4605)", 2022-01-21).
See also commit 75073e0e4 ("man: mention that private-bin and
private-etc are cumulative", 2022-01-22) and issue #4078.
[1] https://github.com/netblue30/firejail/pull/5042/files#r825477891
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
|
| |
tracelog is known to be incompatible with Chromium/Electron apps
keep it commented for the time being
|
| | |
|
| |\
| |
| | |
gcov: fix gcov functions always declared as dummy
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, the check to enable gcov relies on a non-existent macro due
to a typo, which looks like it would cause the dummy/empty versions of
the gcov functions to always be declared (even with --enable-gcov),
instead of the real ones from gcov.h. This commit fixes the typo
(HAS_GCOV -> HAVE_GCOV). See configure.ac for the macro declaration.
This amends commit 5106b2ec4 ("gcov: use no-op functions if not
enabled", 2021-06-20) / PR #4376.
Occurrences of each macro with this commit applied:
$ git grep -F HAVE_GCOV | wc -l
16
$ git grep -F HAS_GCOV | wc -l
0
|
| | | |
|
| |/ |
|
| |
|
|
| |
follow-up to fdee4dc1326bb2d5ce90ef2a0410dccba56beb70
|
| | |
|
| |
|
|
| |
remove all duplicate entries
|
| |\
| |
| | |
whitelist restructuring
|
smitsohu
netblue30
Kelvin M. Klann
rusty-snake
glitsj16