Reiner Herrmann
2946b0c04c
tests: check for sh instead of bash in nice.exp
...
(in Debian CI only sh is getting printed)
2023-01-18 19:20:20 +01:00
netblue30
ebb8d8390e
Merge branch 'master' of ssh://github.com/netblue30/firejail
2023-01-18 10:37:18 -05:00
netblue30
594fb293cd
merges
2023-01-18 10:37:03 -05:00
netblue30
70974170c7
Merge pull request #5589 from nya1/fix/apparmor-invalid-command-line-option
...
docs: remove apparmor options in --help when building without apparmor support
2023-01-18 10:29:57 -05:00
netblue30
347c0e3ada
update README.md
2023-01-18 10:26:51 -05:00
dependabot[bot]
f79f3394e9
build(deps): bump github/codeql-action from 2.1.37 to 2.1.38
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](959cbb7472...515828d974
2023-01-17 15:29:50 +00:00
dependabot[bot]
8b3ca5228e
build(deps): bump step-security/harden-runner from 2.0.0 to 2.1.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](ebacdc22ef...18bf8ad2ca
2023-01-17 15:29:05 +00:00
netblue30
252094f191
0.9.72 released, moving to 0.9.73
2023-01-16 11:04:11 -05:00
netblue30
2551bc71f1
relnotes update
2023-01-16 10:55:53 -05:00
Kelvin M. Klann
7b5f6278c2
RELNOTES: sort modif items
...
This amends commit a100cbe99
2023-01-16 11:19:07 -03:00
Kelvin M. Klann
a100cbe992
RELNOTES: move etc-hide-blacklisted item to modif
...
And clarify it.
Relates to #5010 #5230 #5591 #5595 .
2023-01-16 11:11:01 -03:00
netblue30
9562395d37
update RELNOTES date
2023-01-16 08:37:33 -05:00
netblue30
15c68e21df
merges
2023-01-16 08:34:09 -05:00
netblue30
bced772a1e
Merge pull request #5595 from kmk3/rename-etc-no-blacklisted
...
Rename etc-no-blacklisted to etc-hide-blacklisted
2023-01-16 08:30:33 -05:00
netblue30
0447f0e960
Merge pull request #5594 from bymoz089/master
...
add timezone access to make libical functional
2023-01-16 08:29:59 -05:00
Kelvin M. Klann
91cbbe1489
firejail.config: explain potential issues with etc-hide-blacklisted
...
Let users know that enabling this may break /etc/resolv.conf.
Added on commit ded50200e#5010 , #5230 ", 2023-01-15) / PR #5591 .
2023-01-16 09:29:47 -03:00
Kelvin M. Klann
bfb8f0e0ca
Reword CFG_ETC_HIDE_BLACKLISTED explanation
...
To make it clearer.
Added on commit ded50200e#5010 , #5230 ", 2023-01-15) / PR #5591 .
2023-01-16 09:29:47 -03:00
Kelvin M. Klann
a36a7a5dd8
Rename etc-no-blacklisted to etc-hide-blacklisted
...
To avoid boolean confusion (`no-foo no` / `no-foo yes`) in
firejail.config:
etc-no-blacklisted no
etc-no-blacklisted yes
Commands used to search and replace:
git grep -Ilz -i 'etc.no.blacklisted' -- etc src |
xargs -0 -I '{}' sh -c "printf '%s\n' \"\$(sed \
-e 's/etc-no-blacklisted/etc-hide-blacklisted/' \
-e 's/ETC_NO_BLACKLISTED/ETC_HIDE_BLACKLISTED/' \
'{}')\" >'{}'"
Added on commit ded50200e#5010 , #5230 ", 2023-01-15) / PR #5591 .
2023-01-16 09:26:51 -03:00
bymoz089
83fd9f7745
add timezone access to make libical functional
...
claws-mail vcalendar-plugin uses libical to get current timezone. Libical needs access to file `/etc/timezone` to work properly.
2023-01-16 10:23:48 +01:00
netblue30
e0f87dd76f
Merge pull request #5591 from smitsohu/private-etc-no-blacklisted
...
opt-in: hide blacklisted files in /etc
2023-01-15 20:13:21 -05:00
smitsohu
f754fd99e5
testing
2023-01-15 22:35:45 +01:00
smitsohu
ded50200e0
opt-in: skip blacklisted files in private-etc - #5010 , #5230
2023-01-15 19:41:04 +01:00
netblue30
c93ac41863
Merge pull request #5571 from glitsj16/ec-refactor
...
email-common refactoring
2023-01-15 09:24:30 -05:00
netblue30
8a7fc9988a
Merge pull request #5563 from glitsj16/linuxqq
...
New profiles: linuxqq/qq
2023-01-15 09:24:12 -05:00
Kelvin M. Klann
21093dde1f
RELNOTES: add related PR to --apparmor= item
...
Relates to #5274 #5475 .
2023-01-14 15:06:44 -03:00
Kelvin M. Klann
d3776e4ec4
RELNOTES: move --profile-path in --help item to docs
...
Added on commit 7902594e7#5585 #5586 .
2023-01-14 15:02:06 -03:00
netblue30
4380baacf6
fix restrict-namespaces for Debian 10 and older
2023-01-14 12:32:12 -05:00
netblue30
ecb408418f
bringing back whitelisting /dev
2023-01-14 10:41:08 -05:00
nya1
36eb222001
refactor: do not show apparmor CLI options if app armor is not supported
2023-01-14 16:21:49 +01:00
nya1
ed16bdfdfd
chore: update readme with flag to enable apparmor on ./configure
2023-01-14 16:04:43 +01:00
Kelvin M. Klann
7902594e7a
RELNOTES: add bugfix for --profile-path in --help
...
Relates to #5585 #5586 .
2023-01-14 04:54:51 -03:00
netblue30
16fc10fc34
Merge pull request #5586 from netblue30/rusty-snake-patch-1
...
Remove --profile-path from --help
2023-01-13 20:14:55 -05:00
rusty-snake
64126f7c79
Remove --profile-path from --help
...
Fixes #5585
2023-01-13 21:40:19 +00:00
Reiner Herrmann
ee89a263e2
bump release date
2023-01-12 19:17:01 +01:00
netblue30
9f5c42b2e7
fix make test-filters
2023-01-12 13:12:10 -05:00
netblue30
ac815a4e61
rel 0.9.72 testing: disable whitelisting /dev directory
2023-01-12 12:25:38 -05:00
netblue30
2d0d9a4080
rel 0.9.72 testing: cleanup make test-private-lib
2023-01-12 11:33:47 -05:00
glitsj16
de85a0fa6a
geary: fix opening hyperlinks via D-Bus ( #5565 )
2023-01-12 15:34:54 +00:00
netblue30
9154910908
Merge branch 'master' of ssh://github.com/netblue30/firejail
2023-01-12 10:09:26 -05:00
netblue30
455a3cb731
rel 0.9.72 testing
2023-01-12 09:50:23 -05:00
Kelvin M. Klann
ccd346f429
RELNOTES: add build item
...
Relates to #5577 .
2023-01-12 10:50:41 -03:00
Kelvin M. Klann
09e11920b8
RELNOTES: add --netlock bugfix
...
Relates to #5312 .
2023-01-12 10:48:56 -03:00
netblue30
c0eee56167
Merge pull request #5577 from kmk3/build-vim-sh-portability
...
build: make shell commands more portable in firejail.vim
2023-01-12 08:30:23 -05:00
netblue30
c2a249a232
Merge pull request #5583 from glitsj16/harden-qm
...
QMediathekView: hardening
2023-01-12 08:29:17 -05:00
glitsj16
0d64159b05
QMediathekView: add mkdir and reorder whitelist options
...
As suggested in review.
2023-01-12 02:38:42 +00:00
Kelvin M. Klann
b96955b816
RELNOTES: add docs item
...
Relates to #5554 .
2023-01-11 11:11:19 -03:00
glitsj16
14d3007f97
QMediathekView: hardening
2023-01-11 11:07:38 +00:00
dependabot[bot]
a4eb84d5e8
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-09 19:02:51 +00:00
Kelvin M. Klann
fefe8a9ade
firejail.vim: use sed instead of rg
...
To avoid depending on an extra package without need.
Commands used to search and replace:
$ f=contrib/vim/syntax/firejail.vim; \
printf '%s\n' "$(sed -E \
"s|rg -o '([^']+)' -r '\\\$1'|sed -En 's/.*\\1.*/\\\\1/p'|" "$f")" >"$f"
Note: `sed -E` is not in POSIX.1-2017 (Issue 7), but it has been
accepted into the upcoming POSIX standard version[1] and is supported by
at least GNU, busybox and OpenBSD grep.
Added on commit a1cc4a556#2679 )",
2019-05-06).
[1] https://www.austingroupbugs.net/view.php?id=528
2023-01-09 02:44:25 -03:00
Kelvin M. Klann
f6ea99dd1c
firejail.vim: remove redundant sed -e flags
...
Only a single script is passed by argument in each invocation.
Added on commit a1cc4a556#2679 )",
2019-05-06) and on commit d2e10f2f5#4318 .
2023-01-09 02:44:25 -03:00
