github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6
6813 commits 10 branches 71 tags 33 MiB
Commit graph

6813 commits

This branch
This branch
All branches
Author SHA1 Message Date
netblue30
633378e103 temporary fix for profile tests 2021-01-27 15:51:50 -05:00
glitsj16
15b3b1f98a
revert #3920 (#3921) 
* revert #3920

* revert #3920
 2021-01-27 07:48:07 +00:00
glitsj16
c782ecbfb9
remove noblacklist without blacklist (#3920) 
* remove noblacklist without blacklist in aosp

${HOME}/.bash_history is not blacklisted anywhere. Hence a noblacklist doesn't make sense here.

* remove noblacklist without blacklist in gnome-builder

${HOME}/.bash_history is not blacklisted anywhere. Hence a noblacklist doesn't make sense here.
 2021-01-27 00:53:53 +00:00
netblue30
848aac1e6d rel 0.9.64.2 testing - make test-compile 2021-01-26 09:13:39 -05:00
netblue30
a04023acf9 rel 0.9.24.2 testing 2021-01-26 08:33:43 -05:00
netblue30
48630b151c release 0.9.64.2 testing 2021-01-26 07:20:10 -05:00
netblue30
964f334460 merge/readme update 2021-01-25 09:41:00 -05:00
netblue30
f45534d17d
Merge pull request #3853 from botherder/master 
New profile for CoyIM
 2021-01-25 09:05:54 -05:00
netblue30
91df583d93
Merge pull request #3899 from rootalc/nolocal6 
Create nolocal6.net
 2021-01-25 08:58:47 -05:00
netblue30
653432ab60
Merge pull request #3918 from Neo00001/master 
Add profile for kdiff3
 2021-01-25 08:55:46 -05:00
netblue30
43aa71f8c6 fix #3914 2021-01-24 19:01:33 -05:00
Neo00001
7d373bdc58
Update kdiff3.profile 2021-01-24 17:37:46 +00:00
netblue30
ec29c6acad profstats 2021-01-24 11:49:48 -05:00
Neo00001
60566656ee
Create kdiff3.profile 2021-01-24 10:48:55 +00:00
Neo00001
c6bb292ad1
Update firecfg.config 2021-01-24 10:45:54 +00:00
Neo00001
d46c4e7307
Update disable-programs.inc 2021-01-24 10:42:32 +00:00
Neo00001
df11d26d4f
Update vmware.profile (#3913) 
* Update vmware.profile

`private-etc` can be uncommented.

* Update vmware.profile
 2021-01-24 03:06:20 +00:00
glitsj16
26cfddfb6f
misc comment fixes (#3916) 
* fix comment in blackbox.profile

* fix comment in fluxbox.profile

* fix comment in i3.profile

* fix comment in krunner.profile

* fix comment in openbox.profile
 2021-01-24 03:03:29 +00:00
glitsj16
5264265309
refactor google-earth{-pro} (#3915) 
* refactor google-earth{-pro} blacklisting

* fix google-earth-pro.profile

I've included all binaries found in the Arch Linux AUR package to private-bin. But I also added a note on ignoring private-bin because I'm not sure what google-earth is doing on other distro's.

* unbreak google-earth.profile

Not sure why we need grep, ls and sed in private-bin exactly but keeping them around wouldn't hurt too much I guess.
 2021-01-23 20:13:28 +00:00
hhzek0014
fded293479
Update bibletime.profile, add new whitelist (#3908) 
To solve issue#3907, doc directory of the bibletime has to be
whitelisted. Otherwise, it always fails to start.

Co-authored-by: hhnb <hhnb@nanenient.cc>
 2021-01-22 02:28:05 +00:00
smitsohu
0b86b54400 refactoring 2021-01-20 22:02:35 +01:00
smitsohu
8546264478
Merge pull request #3900 from smitsohu/privatelib 
Add $PATH expansion to private-lib
 2021-01-20 16:02:47 +01:00
smitsohu
7094f3408a
Merge pull request #3903 from smitsohu/privatelib3 
private-lib: add new timetrace
 2021-01-20 16:02:21 +01:00
smitsohu
9399673618 misc fcopy fixes 2021-01-20 15:50:54 +01:00
smitsohu
c5ad45e505 private-lib: simplify installation of stdc 
as modern-day Debian only keeps a single symbolic link in
/lib64, going through both directories systematically adds
virtually no overhead (as indicated by the timetrace). At
the same time it is simpler and more robust in producing a correct
representation of the filesystem.
 2021-01-20 15:36:48 +01:00
smitsohu
e6adf8150f private-lib: search executables in $PATH 2021-01-20 14:36:32 +01:00
smitsohu
6842a44162 private-lib: add timetrace for Firejail libraries 2021-01-18 21:54:33 +01:00
glitsj16
698b3b5589
add pkglog to new profiles 2021-01-18 20:04:06 +00:00
glitsj16
e6d2e32c5e
add pkglog to new profiles 2021-01-18 20:02:43 +00:00
glitsj16
096df6df11
add new profile: pkglog (#3902) 
* add pkglog to new profiles

* Create pkglog.profile

* Update README.md

* fix ordering in pkglog.profile

* drop extra whitespace in pkglog.profile
 2021-01-18 19:59:31 +00:00
glitsj16
20a9eaa1aa
harden plv.profile (#3901) 2021-01-18 19:18:31 +00:00
rusty-snake
c878c8e47c Add 'seccomp-error-action log' to profile.template 2021-01-18 18:59:58 +01:00
rusty-snake
6613769d6c Add profile for guvcview 2021-01-18 18:59:35 +01:00
rusty-snake
0f65e7fa6a harden and fix cheese.profile 
hardening: wusc + wruc
fix: settings was immutable
 2021-01-18 18:26:27 +01:00
rootalc
aabd307266
Create nolocal6.net 2021-01-18 11:12:51 +03:00
rusty-snake
f18124baa4 Add new allow include allow-bin-sh.inc 
/bin/sh is usually just a symlink to bash. However this is not the case
for every distro, debian for example uses dash. bash,dash and sh have a
blacklist command in disable-shell.inc. An own allow-*.inc for it
enusres usage of all necessary nolacklists.

For private-bin sh is enough because it follows symlinks.
 2021-01-16 07:46:45 +00:00
glitsj16
365485409e
add realaltffour 
See #3895.
 2021-01-15 19:54:21 +00:00
altf_four
4e75a23cb6
newsboat: add lynx support (#3895) 
* newsboat: add lynx support

* newsboat: fix using sort.py

* newsboat: remove unneeded perms
 2021-01-15 19:48:34 +00:00
smitsohu
2211efc579 blacklist firejail appimage dir if not used 2021-01-15 15:31:48 +01:00
smitsohu
83548cf685 fbuilder: don't suggest to whitelist strace output file 2021-01-15 14:42:25 +01:00
smitsohu
6d17c545e8 fbuilder: undo variable shadowing 2021-01-15 14:41:38 +01:00
smitsohu
70379ac160 private-lib: install dhclient libraries 2021-01-15 14:39:26 +01:00
smitsohu
1e136df0f0
Merge pull request #3867 from smitsohu/non-dumpable 
return to non-dumpable plugins
 2021-01-15 14:31:16 +01:00
Kelvin M. Klann
2c54e65ab0 bug_report.md: improve wording (upstream/duplicates) 
Clarify that:

* "upstream profile" means the profile version on the master branch
* "duplicates" refer to duplicate issues

As suggested by @scruloose on
https://github.com/netblue30/firejail/issues/3884#issue-784605766
https://github.com/netblue30/firejail/issues/3884#issuecomment-759528185
 2021-01-14 11:20:30 +00:00
glitsj16
80b1cea642
fix mdr.profile 
Thanks @rusty-snake for [spotting](662ebd214b) this!
 2021-01-13 20:02:38 +00:00
glitsj16
73cd6ab5d6
add qnapi to new profiles 2021-01-13 09:22:49 +00:00
glitsj16
abf6ebd6e2
new profile: qnapi (#3890) 
* add new profile: qnapi

* add new profile: qnapi

* Create qnapi.profile

* add qnapi configs

* Update README.md

* Update README.md
 2021-01-13 09:20:55 +00:00
glitsj16
7fbe43ec20
add new profile: shotwell (#3889) 
* new profile: shotwell

* Create shotwell.profile

* new profile: shotwell

* add shotwell blacklists
 2021-01-13 08:06:37 +00:00
glitsj16
662ebd214b
new profile: mdr (#3888) 
* add new profile: mdr

* Create mdr.profile
 2021-01-13 07:23:15 +00:00
glitsj16
cba5ca031d
new profile: agetpkg (#3887) 
* Create agetpkg.profile

* new profile: agetpkg
 2021-01-13 07:02:34 +00:00