github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6
10974 commits 10 branches 71 tags 33 MiB
Commit graph

163 commits

Author SHA1 Message Date
rusty-snake
e7264f11f6 sort.py: pylint: consider-using-sys-exit 2021-09-03 07:58:09 +02:00
rusty-snake
0dc82f0bc3 Better error message for jail_prober.py cli usage 
Curerently sys.argv is accessed without checks, resulting in an
IndexError:
```
Traceback (most recent call last):
  File "/home/rusty-snake/Projects/firejail/contrib/jail_prober.py", line 205, in <module>
    main()
  File "/home/rusty-snake/Projects/firejail/contrib/jail_prober.py", line 170, in main
    profile_path = sys.argv[1]
IndexError: list index out of range
```

This commit catches this IndexError and prints a more helpfull message
instaed:
```
USAGE: jail_prober.py <PROFILE-PATH> <PROGRAM>
```
 2021-06-04 08:25:46 +02:00
Florian Begusch
015ab144cc jail_prober: enable absolut include directives 2021-06-03 08:30:21 +02:00
Reiner Herrmann
952264e2cc vim: escape dots in seccomp.32 2021-05-29 12:53:54 +02:00
Reiner Herrmann
91cc7e2688 vim: use setfiletype command for setting filetype 
this is a bit nicer, as it does not overwrite the filetype if it
already has been set.
 2021-05-29 12:53:50 +02:00
Reiner Herrmann
f964aaad2f vim: use type instead of constant for seccomp action 2021-05-29 12:53:46 +02:00
Reiner Herrmann
91dcea1a21 vim: support commands private-cwd, dbus-*, seccomp.32, allow-debuggers 2021-05-29 12:53:41 +02:00
Reiner Herrmann
7fee9c550f vim: update conditionals 2021-05-29 12:53:38 +02:00
Reiner Herrmann
27630857eb vim: update syscall groups 2021-05-29 12:53:35 +02:00
Reiner Herrmann
51469caa09 vim: highlight seccomp-error-action 2021-05-29 12:53:27 +02:00
Reiner Herrmann
d2e10f2f5d vim: update list of syscalls 2021-05-29 12:53:12 +02:00
Kelvin M. Klann
5a612029b6 rename noautopulse to keep-config-pulse 
Changes:

* add the keep-config-pulse option
* make noautopulse an alias for keep-config-pulse
* deprecate the noautopulse option
* misc: fix indentation of --keep-dev-shm on src/firejail/usage.c

Even though noautopulse is not intended for hardening, it looks like it
is, because it starts with "no", just like no3d, noroot, etc).  In fact,
it is the only "no" option that differs in such a way.

And it has been accidentally misused as such before; see PR #4269 and
commit e4beaeaa8 ("drop noautopulse from agetpkg").

So effectively rename it to keep-config-pulse in order to avoid
confusion.  This is similar to the keep-var-tmp and keep-dev-shm
options, which are used to "leave a path alone", just like noautopulse.

Note: The changes on this patch are based on the ones from commit
617ff40c9 ("add --noautopulse arg for complex pulse setups") / PR #1854.

See #4269 for the discussion.
 2021-05-14 08:56:02 -03:00
Kelvin M. Klann
22a91aedf7 contrib/vim: add missing noinput command to syn match 
Added on commit a90386d77 ("Map /dev/input with "--private-dev", add
"--no-input" option to disable it") / PR #4209.  See also commit
0cee0ba5a ("Add noinput to all profiles with private-dev") / PR #4239.

Misc: I noticed that it was missing due to the lack of syntax
highlighting on etc/profile-m-z/webstorm.profile.
 2021-05-07 23:15:12 -03:00
rusty-snake
eb69d30137
Rework sort_protocol (sort.py) (#4226) 
Support "+", "-" and "=" prefixes (introduced in cddc4832 + 5ffd9287)
 2021-04-30 11:09:59 +00:00
glitsj16
f7ef2ac32e
Merge pull request #3994 from kmk3/fix-copyright-bump 
contrib/firejail-welcome.sh: fix copyright year
 2021-02-17 16:21:27 +00:00
rusty-snake
bdabc874f3
Merge pull request #3985 from rusty-snake/sort.py-updates 
Sort.py updates
 2021-02-17 16:10:36 +00:00
Kelvin M. Klann
1af0d5a3af contrib/firejail-welcome.sh: fix copyright year 
Append the current year rather than replace the previous one.

This amends commit 2609e5cf0 ("copyright update").

Commands that helped catch this:

    $ git show --pretty='' 2609e5cf0 | sed -n 's/^-.*Copyright //p' |
      LC_ALL=C sort | uniq
    (C) 2014-2020 Firejail Authors
    (C) 2014-2020 Firejail Authors (see README file for more details)
    (C) 2020 Firejail Authors
    (C) 2020 Firejail and systemd authors
    (c) 2019,2020 rusty-snake
    $ git show --pretty='' 2609e5cf0 | sed -n 's/^+.*Copyright //p' |
      LC_ALL=C sort | uniq
    (C) 2014-2021 Firejail Authors
    (C) 2014-2021 Firejail Authors (see README file for more details)
    (C) 2020-2021 Firejail Authors
    (C) 2020-2021 Firejail and systemd authors
    (C) 2021 Firejail Authors
    (c) 2019-2021 rusty-snake
 2021-02-15 23:33:08 -03:00
startx2017
2609e5cf0b copyright update 2021-02-15 08:33:05 -05:00
rusty-snake
f1121cf441
sort.py: Remove whitespace in status output 
Co-authored-by: Kelvin M. Klann <kmk3.code@protonmail.com>
 2021-02-15 09:38:56 +00:00
rusty-snake
e9ec31ac92 sort.py: Always show the fix in a diff like format 2021-02-14 09:04:40 +01:00
rusty-snake
a203caa710 sort.py: Print how many profiles are checked 2021-02-14 09:04:35 +01:00
rusty-snake
455f75a7f4 sort.py: Print the fixed line when running in a CI 2021-02-14 09:04:35 +01:00
rusty-snake
53bcbfa231 sort.py: Better error message 2021-02-14 09:04:35 +01:00
glitsj16
81c9451b00
add support for fsaccessat2 syscall 2021-02-10 22:11:02 +00:00
rusty-snake
ffa82e068f Update firejail-welcome.sh 
typos, spelling and other fixes. thanks @reinerh for all these
 2020-12-12 09:58:56 +01:00
rusty-snake
e8d31279d4 Create firejail-welcome.s 
fix #3797 -- Get ride of all these u2f and drm issues
 2020-12-11 17:03:56 +01:00
Reiner Herrmann
6cf2f5c8d8 support bluetooth protocol in sort.py 2020-10-28 18:27:09 +01:00
Hank Leininger
9cb663b2ce
Strip out \r's. 
As is, this will not execute because env attempts to locate the
executable 'python\r', which does not exist.

Signed-off-by: Hank Leininger <hlein@korelogic.com>
 2020-10-15 18:12:01 -06:00
Fred Barclay
a3d415a1a4 Formatting for better PEP-8 compliance 
Will do a more in-depth review later, these are just style improvements
 2020-10-15 14:09:54 -05:00
Hank Leininger
1efe20f154
Updated shebang to use env python3 like other contrib/*.py scripts 
This will simplify some distro packagings of firejail.

Signed-off-by: Hank Leininger <hlein@korelogic.com>
 2020-10-14 15:40:45 -06:00
alpha
869e5e749f jail_prober : first pass without any argument 2020-10-09 08:21:25 +02:00
alpha
f78f8cfbde fix command test in jail_prober.py 2020-10-05 18:13:18 +02:00
laniakea64
ce3d68c0d1 Update fj-mkdeb.py 2020-09-03 11:48:03 -04:00
glitsj16
3490ba4fe2
enable apparmor support by default in update_deb.sh (#3450) 
* enable apparmor support by default in update_deb.sh

* Add fix for Debian bug 916920

This should bring the script in sync with packages installed from PPA.
 2020-06-12 10:13:35 +00:00
Avi Lumelsky
2a3f61bc6b
Improvements for syscalls.sh contib file 
Fixed the identation for copy/past problems and added a console character that returns the console to it's original colour after the SYSCALLS_OUTPUT_FILE param is printed.
 2020-04-09 16:25:23 +03:00
KOLANICH
91cefc6a46
Fixed formatting (autopep8 + black + manual postprocessing). (#3208) 
Added typing.
Replaced os.path with pathlib.
Made it work.
Fixes in .gitignore.
 2020-02-07 22:06:34 +00:00
Fred Barclay
248ec402aa housekeeping: strip unneeded whitespace 2020-02-01 11:08:48 -06:00
glitsj16
6f3867fdb8
move copyright to 2020 (part 2) (#3181) 
* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020

* move copyright statement to 2020
 2020-01-24 22:46:30 +00:00
Fred Barclay
2e14c1a1d0
Adding sort.py to GitLab CI (#2973) 
* Add contrib/sort.py to Gitlab CI

Not adding to Debian Jessie or CentOS since python >=3.6 is not
available

See https://github.com/netblue30/firejail/pull/2870

* Updates

Explicitly install python3 on Ubuntu (should be pre-installed but not
working as-is)

Remove running python3 code on CentOS

* ci: comment out contrib/sort.py for Alpine

Getting this error:
$ python3 contrib/sort.py etc/*.{profile,inc}
[ Error ] Can't find `etc/*.{profile,inc}'
ERROR: Job failed: exit code 1

For now it's better to debug later and enable this test for the other
jobs
 2019-09-21 10:19:38 -05:00
rusty-snake
17827a5b7f add support for seccomp to sort.py [skip ci] 2019-08-25 20:26:22 +02:00
rusty-snake
22878449ae fix shebang in some contrib scripts [skip ci] 2019-08-25 20:11:11 +02:00
Reiner Herrmann
412991b01c fix minor issues from lgtm.com 2019-07-11 21:24:44 +02:00
Glenn Washburn
5e09cfb4f9 Add gdb-firejail.sh to contrib for easy debugging of firejail with gdb. 2019-07-09 16:41:34 -05:00
rusty-snake
85e6645202
Improve profile PRs (Related to #2739) (#2784) 
* add contrib/sort.py and .github/pull_request_temp…

* Add usage to sort.py

* Install sort.py if contrib-install is set

* sort.py: 0644 -> 0755

* Update sort.py

* Update pull_request_template.md

* Remove checkboxes from PR-Template

* Update sort.py

* Add examples to sort.py

* Update pull_request_template.md

Fix path to sort.py, it depend on the distro.

* Update pull_request_template.md

* Update pull_request_template.md

add hint about template
 2019-06-24 17:13:29 +00:00
rusty-snake
b44b46294d
make syscalls.sh executable 2019-06-20 18:06:07 +02:00
curiosity-seeker
cedf414da5 Create syscalls file (#2754) 
* Create syscalls file

A little script to determine the necessary syscalls for a program.
 2019-06-14 10:49:21 +00:00
Quentin Minster
a1cc4a5568 Add vim syntax and ftdetect files (#2679) 2019-05-05 18:22:22 -05:00
Fred-Barclay
a179c7dc91
Various python cleanups -- note fix_private-bin.py is (still) broken 2018-11-19 17:45:11 -06:00
luz.paz
681e074681 Misc. typos 
Found using `codespell -q 3 -L shotcut,objext,als,ans,creat,varius,chage,tthe`
 2018-11-19 10:07:39 -05:00
Fred-Barclay
3da4898753
Use list for checking multiple possible values 2018-09-28 16:08:26 -05:00