-
Notifications
You must be signed in to change notification settings - Fork 554
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a profile for Flatseal #4724
Conversation
b344dea
to
e17dd7c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've updated based on most feedback.
Is there any way to, given a specific profile, make a list of all resulting whitelisted paths and permissions?
Rather than an overview of what's restricted, I'd kind want to see just what's being allowed.
I put in this morning a tool (profstats) to print whitelists/blacklists and several stats for profiles. It gets installed by default in /etc/firejail directory. As a regular user, go in /etc/firejail and start it:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Forgotten to submit.
Permissions is not a concrete defined concept in firejail, it's only used in an abstract way. |
Correction for #4724 (comment): the flag is |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Can be merged when requested change by @rusty-snake is resolved.
e934079
to
79bb081
Compare
All blocking comments are resolved. Only nice to have comments left.
3ecdf60
to
80776ae
Compare
I think all comments have been addressed, but lemme know if I've missed anything. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Anything blocking this merge? |
No. Merged, thanks. |
Flatseal is a GUI tool to configure permissions for Flatpak applications.
This restricts permissions as much as possible without affecting functionality.