github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6
10657 commits 10 branches 71 tags 33 MiB
Commit graph

10657 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kelvin M. Klann
381c3cf1a3 build: remove remnants of IDS/fids 
Remove what remains of the Intrusion Detection System (IDS)/fids,
`--ids` commands and the `--enable-ids` configure option.

Commands:

* `--ids-check`
* `--ids-init`

Related commits:

* 5e962ff78 ("removed IDS feature, it was never enabled by default in
  our builds", 2025-12-17)

Relates to #6995.
 2025-12-19 15:24:37 -03:00
Kelvin M. Klann
8d927220b5 build: remove remnants of --disable-globalcfg 2 
This amends commit 901ba4fc9 ("build: remove remnants of
--disable-globalcfg", 2025-12-05).

Relates to #6984.
 2025-12-19 15:24:37 -03:00
Kelvin M. Klann
6804120894 ci: run sort.py to fix ci 
Command used:

    $ ./ci/check/profiles/sort.py etc/inc/*.inc etc/profile-*/*.profile

Related commits:

* 411b97fdc ("profile fixes: allow bwrap inside the sandbox",
  2025-12-18)
* bb5c1391c ("added gnome-text-editor profile", 2025-12-19)
 2025-12-19 15:23:17 -03:00
netblue30
b00ff53fe0 gnome-text-editor 2025-12-19 10:29:02 -05:00
netblue30
bb5c1391cd added gnome-text-editor profile 2025-12-19 10:26:10 -05:00
netblue30
61870e35dc remove warning cannot find /var/log/utmp file 2025-12-19 08:03:22 -05:00
netblue30
05b9d88da8 bwrap replacement - part5 2025-12-18 20:34:36 -05:00
netblue30
180e3f4640 bwrap replacement - part4 2025-12-18 20:22:06 -05:00
netblue30
582036ba07 update gimp profile 2025-12-18 20:03:44 -05:00
netblue30
8c14d83f38 bwrap replacement - part3 2025-12-18 19:56:22 -05:00
netblue30
b537aa57b9 fixed /sys mounting broken during overlayfs cleanup 2025-12-18 11:46:14 -05:00
netblue30
890b578bfd bwrap replacement - part2 2025-12-18 11:28:58 -05:00
netblue30
33d07c2320 bwrap replacement - part 1 2025-12-18 08:04:12 -05:00
netblue30
411b97fdc9 profile fixes: allow bwrap inside the sandbox 2025-12-18 07:59:07 -05:00
netblue30
5e962ff78e removed IDS feature, it was never enabled by default in our builds 2025-12-17 09:09:44 -05:00
netblue30
489cc25c2f cleaned up old overlayfs code; the feature was disabled by default in 2021 because of security problems 2025-12-16 20:28:28 -05:00
netblue30
f061dbd549 fix lincity-ng profile 2025-12-15 21:07:04 -05:00
Kelvin M. Klann
e92d25656a docs: github: specify the supported version directly 
Bug reports were opened by multiple users with the item checked even
when using version 0.9.74 or earlier.

So be explicit and write "0.9.76 or later" in the item, which should
help clarify that earlier versions are not supported.

This amends commit be065d130 ("docs: clarify that only latest and dev
versions are supported (#6965)", 2025-11-15).
 2025-12-15 09:59:24 -03:00
Kelvin M. Klann
31b662d7b3 profiles: youtube-music-desktop-app: re-comment globals include 
globals.local is already included by etc/profile-m-z/ytmdesktop.profile.

This amends commit 62492e3eb ("profile updates", 2025-12-06).
 2025-12-14 09:20:05 -03:00
Kelvin M. Klann
7313b7ca1a ci: run sort.py to fix ci 
Command used:

    $ ./ci/check/profiles/sort.py etc/inc/*.inc etc/profile-*/*.profile

This amends commit 62492e3eb ("profile updates", 2025-12-06).
 2025-12-14 09:17:18 -03:00
Kelvin M. Klann
3106e1cce0 Revert "electrum.profile add noblacklist /usr/share/fonts" 
This reverts commit 74fab15f97.

This path is not blacklisted anywhere.

Relates to #6985.
 2025-12-14 09:10:18 -03:00
netblue30
be92d316f6 merges 2025-12-12 08:57:18 -05:00
netblue30
817efb9724
Merge pull request #6985 from ipaqmaster/master 
electrum.profile add noblacklist /usr/share/fonts
 2025-12-12 08:25:40 -05:00
netblue30
fcbb6d6044 profiles update 2025-12-12 07:34:15 -05:00
netblue30
a264d17ce0 remove warning fcopy warning, more etc-groups fixing 2025-12-07 12:01:46 -05:00
Jared J
74fab15f97 electrum.profile add noblacklist /usr/share/fonts 2025-12-07 11:40:42 +11:00
netblue30
62492e3eb6 profile updates 2025-12-06 15:19:21 -05:00
netblue30
75bd4b410a firecfg updates and fixes 2025-12-06 15:18:04 -05:00
netblue30
918ffa8471 profstats fixes 2025-12-06 15:17:26 -05:00
netblue30
54dffdbd3a private-etc updates 2025-12-06 15:16:52 -05:00
netblue30
4797000ba7 merges 2025-12-05 09:14:47 -05:00
netblue30
d5a64700b2
Merge pull request #6972 from kmk3/check-version-init 
modif: check for --version during early init
 2025-12-05 09:11:47 -05:00
netblue30
76322d1bb8
Merge pull request #6888 from hlein/hashcat-profile 
profiles: hashcat: fix runtime errors
 2025-12-05 09:10:00 -05:00
Kelvin M. Klann
901ba4fc9e build: remove remnants of --disable-globalcfg 
Related commits:

* ee879a2f2 ("fix arg-max-count and arg-max-len options in
  firejail.config", 2025-11-30)
* 65571c3cc ("remove --enable-globalcfg software config option",
  2025-11-30)

Relates to #6984.
 2025-12-05 08:49:05 -03:00
Kelvin M. Klann
93a15c840d profiles: seahorse: sort whitelist 
Misc: The relevant entries were added on commit 4747e0ed7 ("Whitelist
runuser common (#3286)", 2020-03-31).

This is a follow-up to #6975.
 2025-12-05 06:18:20 -03:00
netblue30
220cce6483 still fighting firejail config file not found! Removed the earlier pull request: sandbox check before checkcfg() 2025-12-04 19:16:25 -05:00
netblue30
7cd2c208fe merges 2025-12-04 08:03:12 -05:00
netblue30
a04ab09ab6
Merge pull request #6980 from amano-kenji/master 
Add mpris support to brave.profile
 2025-12-04 08:00:26 -05:00
netblue30
36b0af374c
Merge pull request #6975 from redrampage/master 
ssh: add `${RUNUSER}/openssh_agent` socket path
 2025-12-04 07:57:10 -05:00
netblue30
57e16df572
Merge pull request #6971 from kmk3/fix-sandbox-check-before-checkcfg 
bugfix: do sandbox check before checkcfg()
 2025-12-04 07:54:44 -05:00
netblue30
af57dec211
Merge pull request #6961 from pierretom/patch4 
update and add system calls for several architectures
 2025-12-04 07:44:43 -05:00
netblue30
4125cf04b5
Merge pull request #6960 from pierretom/patch3 
build: add script to generate syscall headers
 2025-12-04 07:42:07 -05:00
amano.kenji
6ea5eba991
Add mpris support to brave.profile 2025-12-03 13:42:31 +00:00
netblue30
163c8a0d9e fix landlock setting in software config script 2025-12-02 19:08:52 -05:00
RedRampage
b2d5d173cb profiles: Add socket-activated ssh-agent socket 
Added another default ssh-agent socket path, that is used in Debian for
socket-activated agent.
 2025-12-02 00:15:52 +03:00
dependabot[bot]
599960144d build(deps): bump step-security/harden-runner from 2.13.1 to 2.13.2 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.1 to 2.13.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](f4a75cfd61...95d9a5deda)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:13:03 +00:00
dependabot[bot]
48035653de build(deps): bump github/codeql-action from 4.31.2 to 4.31.5 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.2 to 4.31.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0499de31b9...fdbfb4d275)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:12:55 +00:00
dependabot[bot]
2891fc6956 build(deps): bump actions/checkout from 5.0.0 to 6.0.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](08c6903cd8...1af3b93b68)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:12:45 +00:00
netblue30
5935c370ea private-etc updates, qbittorrent profile fixes 2025-12-01 08:20:33 -05:00
netblue30
65571c3cc1 remove --enable-globalcfg software config option 2025-11-30 08:34:05 -05:00