github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-16 14:16:16 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions

profiles: ensure allow-lua where mpv is allowed (#6555)

Browse source 
mpv crashes if luajit is blocked:

    $ firejail --quiet --noprofile \
      --include=/etc/firejail/disable-interpreters.inc /usr/bin/mpv
    /usr/bin/mpv: error while loading shared libraries: libluajit-5.1.so.2: cannot open shared object file: Permission denied

So make sure that allow-lua.inc is always included when mpv paths (such
as ~/.config/mpv) are allowed.

Environment: luajit 2.1.1727870382-1, mpv 1:0.39.0-3 on Artix Linux.

Related commits:

* db2bdaadd ("add lua support for mpv (#3243)", 2020-02-24) /
  PR #3243
* d6a6fb905 ("Allow Lua for mpv in dolphin.profile", 2020-04-18) /
  issue #3363
* f3585e539 ("fixes, closes, enhances, improvements, and so on",
  2020-11-09) /
  issue #3686
* 3ec523f11 ("profiles: anki: allow lua", 2024-11-14) /
  PR #6545
This commit is contained in:
Kelvin M. Klann 2024-11-29 06:10:46 +00:00 committed by GitHub
parent e99d10f2b8
commit e4ebbfafea
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
etc/profile-a-l/firefox-common-addons.profile
View file

@ -37,6 +37,9 @@ noblacklist ${HOME}/.local/share/qpdfview
noblacklist ${HOME}/.local/state/mpv
noblacklist ${HOME}/.netrc
# Allow lua (blacklisted by disable-interpreters.inc)
include allow-lua.inc
whitelist ${HOME}/.cache/gnome-mplayer/plugin
whitelist ${HOME}/.cache/mpv
whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs

3
etc/profile-m-z/QMediathekView.profile
View file

@ -21,6 +21,9 @@ noblacklist ${HOME}/.local/state/mpv
noblacklist ${HOME}/.mplayer
noblacklist ${VIDEOS}
# Allow lua (blacklisted by disable-interpreters.inc)
include allow-lua.inc
include disable-common.inc
include disable-devel.inc
include disable-exec.inc

3
etc/profile-m-z/mediathekview.profile
View file

@ -24,6 +24,9 @@ ignore noexec /tmp
# Allow java (blacklisted by disable-devel.inc)
include allow-java.inc
# Allow lua (blacklisted by disable-interpreters.inc)
include allow-lua.inc
include disable-common.inc
include disable-devel.inc
include disable-exec.inc

3
etc/profile-m-z/rtv-addons.profile
View file

@ -18,6 +18,9 @@ noblacklist ${HOME}/.mailcap
noblacklist ${HOME}/.netrc
noblacklist ${HOME}/.w3m
# Allow lua (blacklisted by disable-interpreters.inc)
include allow-lua.inc
whitelist ${HOME}/.cache/mpv
whitelist ${HOME}/.cache/youtube-dl/youtube-sigfuncs
whitelist ${HOME}/.config/mpv

3
etc/profile-m-z/smtube.profile
View file

@ -17,6 +17,9 @@ noblacklist ${HOME}/.mplayer
noblacklist ${MUSIC}
noblacklist ${VIDEOS}
# Allow lua (blacklisted by disable-interpreters.inc)
include allow-lua.inc
include disable-common.inc
include disable-devel.inc
include disable-exec.inc