glitsj16
61351c0d06
New profile: reader ( #5934 )
...
* Create reader.profile
* firecfg.config: add reader support
* reader: integrate review suggestions
- blacklist whole ${RUNUSER}
- drop x11 none
* reader: fix 'x11 none'
2023-08-02 19:54:29 +00:00
glitsj16
b76dc25f1b
New profile: daisy ( #5935 )
...
* firecfg.config: add daisy support
* Create daisy.profile
2023-08-02 19:53:00 +00:00
glitsj16
95184d8c2e
gramps: bring in new config directory ( #5933 )
...
* disable-programs.inc: add new gramps dir
* gramps: add new config dir
2023-07-31 11:23:19 +00:00
glitsj16
a7d92e1d8b
thunderbird: D-Bus hardening ( #5913 )
2023-07-31 11:22:31 +00:00
dependabot[bot]
5986fe1ae4
build(deps): bump github/codeql-action from 2.21.0 to 2.21.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.0 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1813ca74c3...0ba4244466
2023-07-31 11:08:25 +00:00
dependabot[bot]
b4cef6dfbd
build(deps): bump step-security/harden-runner from 2.4.1 to 2.5.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](55d479fb1c...cba0d00b1f
2023-07-31 11:08:20 +00:00
Kelvin M. Klann
c9666ebd08
RELNOTES: add build items
...
Relates to #5916 #5927 .
2023-07-29 21:57:17 -03:00
Kelvin M. Klann
4a26d91ae2
Merge pull request #5927 from kmk3/build-use-config-sh
...
build: fix some shellcheck issues & use config.sh in more scripts
2023-07-30 00:54:04 +00:00
Kelvin M. Klann
200f389ed0
build: use config.sh in more scripts
...
This removes the need to manually pass variables such as `$(TARNAME)`
and `$(VERSION)` to shell scripts in the root Makefile.
Relates to #5140 .
2023-07-28 14:10:31 -03:00
Kelvin M. Klann
59ed39ec46
build: fix shellcheck issues in mkrpm.sh/compile.sh
2023-07-28 14:08:01 -03:00
netblue30
bf8229dde7
Merge branch 'master' of ssh://github.com/netblue30/firejail
2023-07-27 19:47:37 -04:00
netblue30
f1d4cf9bfd
cleanup
2023-07-27 19:47:24 -04:00
Kelvin M. Klann
701c0282b8
Merge pull request #5916 from kmk3/build-improve-dist
...
build: dist and asc improvements
2023-07-27 12:48:15 +00:00
Kelvin M. Klann
e0e597ab55
build: make asc use config.sh
...
Similarly to mkdeb.sh.
Relates to #5140 .
2023-07-27 09:33:23 -03:00
Kelvin M. Klann
640bb303d1
build: make dist depend on just clean
...
The clean target is currently enough to remove all generated files other
than the ones directly in the root directory, so to simplify the dist
target, make it depend on clean instead of distclean.
See commit 5f2785290#5911 .
Relates to #5142 #5182 .
2023-07-27 09:33:23 -03:00
Kelvin M. Klann
16dc7448ca
fnetlock: fix unused bw variable warning
...
This is breaking build-clang on CI[1]:
make -C src/fnetlock/
make[1]: Entering directory '/home/runner/work/firejail/firejail/src/fnetlock'
clang-14 [...] -c main.c -o main.o
main.c:97:11: error: variable 'bw' set but not used [-Werror,-Wunused-but-set-variable]
unsigned bw = 0; // bandwidth calculations
^
1 error generated.
make[1]: *** [../../src/prog.mk:16: main.o] Error 1
make: *** [Makefile:58: src/fnetlock/fnetlock] Error 2
Added on commit 8e4b847cdhttps://github.com/netblue30/firejail/actions/runs/5669072674/job/15361026508
Cc: @netblue30
2023-07-27 08:49:36 -03:00
netblue30
6d4bb95948
Merge branch 'master' of ssh://github.com/netblue30/firejail
2023-07-26 08:59:33 -04:00
netblue30
1d69791e80
netlock/nettrace cleanup
2023-07-26 08:59:18 -04:00
glitsj16
1c233b5360
spotify: D-Bus hardening ( #5923 )
2023-07-25 19:42:22 +00:00
glitsj16
5bcacba812
audacious: D-Bus hardening ( #5922 )
...
* audacious: D-Bus hardening
* audacious: add noprinters
2023-07-25 19:40:36 +00:00
glitsj16
142a2130f7
New profile: sniffnet ( #5920 )
...
* disable-programs.inc: add sniffnet support
* Create sniffnet.profile
* firecfg.config: add sniffnet support
2023-07-25 19:39:21 +00:00
glitsj16
a95a742727
profiles: fixes and cleanups for opening links with firefox ( #5919 )
2023-07-25 19:36:31 +00:00
glitsj16
63b306179f
profiles: Miscellaneous cleanups ( #5918 )
2023-07-25 19:32:12 +00:00
glitsj16
67f5ae8a4f
firefox(-based) profiles: refactor wusc ( #5914 )
2023-07-25 19:30:19 +00:00
pirate486743186
e71f226128
update mov-cli ( #5924 )
...
Co-authored-by: pirate486743186 <>
2023-07-25 19:28:17 +00:00
netblue30
8e4b847cdd
split nettrace executable ^Cto netrace and netlock
2023-07-25 10:22:59 -04:00
netblue30
97d6993f35
cleanup
2023-07-25 08:00:57 -04:00
netblue30
c95bdcf41b
Merge branch 'master' of ssh://github.com/netblue30/firejail
2023-07-24 17:55:23 -04:00
netblue30
c4b6af8f1c
integrating nettrace dnstrace and snitrace
2023-07-24 17:55:16 -04:00
Kelvin M. Klann
ce21a299aa
build: remove remaining svn-related code
...
The only other svn-related code seems to have been removed on commit
7e1c057ae
2023-07-24 13:18:43 -03:00
Kelvin M. Klann
64c5ebaf0b
build: sort DISTFILES_TEST
2023-07-24 13:18:43 -03:00
Kelvin M. Klann
de84b4d1cf
build: format DISTFILES / DISTFILES_TEST
2023-07-24 13:18:43 -03:00
dependabot[bot]
6fd85f4e58
build(deps): bump github/codeql-action from 2.20.4 to 2.21.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.4 to 2.21.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](489225d82a...1813ca74c3
2023-07-24 13:57:20 +00:00
netblue30
b093b66047
fnettrace: trace ICPM ECHO (ping) traffic
2023-07-23 10:30:50 -04:00
Kelvin M. Klann
61897ea50e
contrib/syntax: run make syntax
...
This adds the `shell` command. Note that it's still being parsed in
profile.c, even if it's just to return an error.
Commands used to remake them:
rm contrib/syntax/lists/*
make syntax
Relates to #5627 #5894 .
2023-07-23 05:27:20 -03:00
Kelvin M. Klann
e74c10aca8
RELNOTES: add modif and build items
...
Relates to #5894 #5911 .
2023-07-22 12:42:02 -03:00
Kelvin M. Klann
2f8edd6896
Merge pull request #5911 from kmk3/build-rm-distclean
...
build: fix hardcoded make & remove unnecessary distclean targets
2023-07-22 15:40:01 +00:00
glitsj16
e4913eb9cb
Create mullvad-browser.profile ( #5887 )
...
Homepage: https://mullvad.net/en/download/browser/linux
mullvad-browser: don't use restrict-namespaces
mullvad-browser: cover both installation paths
Suggested in review by @kmk3.
2023-07-22 12:38:28 +00:00
glitsj16
9057fd7a5e
torbrowser-launcher: hardening ( #5886 )
...
torbrowser-launcher: more hardening as per review
torbrowser-launcher: revert enabling restrict-namespaces
Suggested in review by @rusty-snake.
2023-07-22 12:37:24 +00:00
Kelvin M. Klann
09254ff747
firefox-common-addons.profile: restore vulkan whitelist
...
Multiple profiles include firefox-common.profile, but not all of them
include whitelist-usr-share-common.inc.
Suggested by @glitsj16[1].
This amends commit 094892dfd#5910 )", 2023-07-20).
[1] https://github.com/netblue30/firejail/pull/5910/files#r1269397348
2023-07-20 10:21:53 -03:00
glitsj16
094892dfdf
profiles: remove /usr/share/vulkan already whitelisted by wusc ( #5910 )
2023-07-20 12:03:32 +00:00
glitsj16
0fe0e9222a
sqlitebrowser remote support ( #5909 )
...
* disable-programs.inc: add remote sqlitebrowser support
* sqlitebrowser: add support for remote functionality
2023-07-20 12:02:45 +00:00
Kelvin M. Klann
5f27852906
build: remove unnecessary distclean targets
...
This also fixes the duplicate execution of the "clean" targets.
2023-07-20 05:03:47 -03:00
Kelvin M. Klann
8ee610eb10
build: fix hardcoded make in recursive make calls
...
Use the `$(MAKE)` macro to ensure that the same make program is used in
the recursive invocation.
Note: Most recursive calls already use `$(MAKE)`.
2023-07-20 05:03:47 -03:00
Kelvin M. Klann
142f551070
hostnames.c: fix scan-build warning
...
This is breaking scan-build in CI[1]:
/usr/share/clang/scan-build-14/bin/../libexec/ccc-analyzer [...] -c hostnames.c -o hostnames.o
hostnames.c:59:10: warning: Null pointer passed to 1st parameter expecting 'nonnull' [core.NonNullParamChecker]
return strdup(rv);
^~~~~~~~~~
1 warning generated.
Likely caused by commit d2802ce60https://github.com/netblue30/firejail/actions/runs/5568460702/jobs/10171098449
2023-07-20 05:01:43 -03:00
glitsj16
9863f982ca
modif: drop deprecated 'shell' option references ( #5894 )
...
The `shell` option has been removed. Remove stale references.
This does NOT remove `shell none`-related code comments in:
- src/firejail/fs_lib.c (L433-L441)
- src/firejail/join.c (L415-L417)
Relates to #5196 .
Suggested by #5891 .
2023-07-19 12:54:53 +00:00
Kelvin M. Klann
2c86cac362
zsh: add shell completion for --tab
...
Note: It already works for bash and it's already present in the syntax
files:
$ grep '^tab' contrib/syntax/lists/profile_commands_arg0.list
tab
Added on commit e6c50240f#4936 .
2023-07-19 04:45:32 -03:00
Kelvin M. Klann
bf379bb782
RELNOTES: add feature and modif items
...
Relates to #5871 #5899 #5900 .
2023-07-19 04:24:09 -03:00
Kelvin M. Klann
b2a7640c57
RELNOTES: clarify feature item
...
See the following commits:
* 6fa19aab980eb2848376bd5ad0f#5898 .
2023-07-19 04:23:33 -03:00
dependabot[bot]
dcb5bc0e45
build(deps): bump github/codeql-action from 2.20.3 to 2.20.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.20.3 to 2.20.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](46ed16ded9...489225d82a
2023-07-17 09:19:14 +00:00
