Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Map /dev/input with "--private-dev", add "--no-input" option to disable it #4209

Merged
merged 1 commit into from
May 4, 2021
Merged

Map /dev/input with "--private-dev", add "--no-input" option to disable it #4209

merged 1 commit into from
May 4, 2021

Conversation

davidebeatrici
Copy link
Contributor

Fixes #2203.

By default only joystick devices (/dev/input/js*) can be accessed.
At least, that's the case on Debian: the other entries have more restrictive permissions.
The original owner and group are root and input, respectively.
However, until we have granular input control options, allowing access to joysticks only is better than nothing.

$ ls -l /dev
total 0
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 cdrom -> /dev/sr0
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 cdrw -> /dev/sr0
drwxr-xr-x  3 nobody nogroup    100 22 apr 19.18 dri
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 dvd -> /dev/sr0
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 dvdrw -> /dev/sr0
lrwxrwxrwx  1 nobody nogroup     13 23 apr 07.22 fd -> /proc/self/fd
crw-rw-rw-  1 nobody nogroup   1, 7 23 apr 07.22 full
crw-rw----+ 1 nobody nogroup 244, 0 22 apr 19.18 hidraw0
crw-rw----+ 1 nobody nogroup 244, 1 22 apr 19.18 hidraw1
crw-rw----+ 1 nobody nogroup 244, 2 22 apr 19.18 hidraw2
crw-rw----+ 1 nobody nogroup 244, 3 22 apr 19.18 hidraw3
crw-rw----+ 1 nobody nogroup 244, 4 22 apr 19.18 hidraw4
crw-rw----+ 1 nobody nogroup 244, 5 22 apr 19.18 hidraw5
drwxr-xr-x  4 nobody nogroup    760 23 apr 07.22 input
srw-rw-rw-  1 nobody nogroup      0 22 apr 19.18 log
crw-rw-rw-  1 nobody nogroup   1, 3 23 apr 07.22 null
lrwxrwxrwx  1 nobody nogroup     13 23 apr 07.22 ptmx -> /dev/pts/ptmx
drwxr-xr-x  2 nobody nogroup      0 23 apr 07.22 pts
crw-rw-rw-  1 nobody nogroup   1, 8 23 apr 07.22 random
drwxrwxrwt  2 nobody nogroup     40 23 apr 07.22 shm
drwxr-xr-x  4 nobody nogroup    500 22 apr 19.18 snd
brw-rw----+ 1 nobody nogroup  11, 0 23 apr 00.24 sr0
lrwxrwxrwx  1 nobody nogroup     15 23 apr 07.22 stderr -> /proc/self/fd/2
lrwxrwxrwx  1 nobody nogroup     15 23 apr 07.22 stdin -> /proc/self/fd/0
lrwxrwxrwx  1 nobody nogroup     15 23 apr 07.22 stdout -> /proc/self/fd/1
crw-rw-rw-  1 nobody nogroup   5, 0 23 apr 07.22 tty
crw-rw-rw-  1 nobody nogroup   1, 9 23 apr 07.22 urandom
drwxr-xr-x  2 nobody nogroup    120 22 apr 19.18 usb
crw-rw----+ 1 nobody video    81, 0 22 apr 19.18 video0
crw-rw----+ 1 nobody video    81, 1 22 apr 19.18 video1
crw-rw----+ 1 nobody video    81, 2 22 apr 19.18 video2
crw-rw----+ 1 nobody video    81, 3 22 apr 19.18 video3
crw-rw-rw-  1 nobody nogroup   1, 5 23 apr 07.22 zero
$ ls -l /dev/input
total 0
drwxr-xr-x  2 nobody nogroup    280 23 apr 07.22 by-id
drwxr-xr-x  2 nobody nogroup    300 23 apr 07.22 by-path
crw-rw----  1 nobody nogroup 13, 64 22 apr 19.18 event0
crw-rw----  1 nobody nogroup 13, 65 22 apr 19.18 event1
crw-rw----  1 nobody nogroup 13, 74 22 apr 19.18 event10
crw-rw----  1 nobody nogroup 13, 75 22 apr 19.18 event11
crw-rw----  1 nobody nogroup 13, 76 22 apr 19.18 event12
crw-rw----  1 nobody nogroup 13, 77 22 apr 19.18 event13
crw-rw----  1 nobody nogroup 13, 78 22 apr 19.18 event14
crw-rw----  1 nobody nogroup 13, 79 22 apr 19.18 event15
crw-rw----  1 nobody nogroup 13, 80 22 apr 19.18 event16
crw-rw----  1 nobody nogroup 13, 81 22 apr 19.18 event17
crw-rw----  1 nobody nogroup 13, 82 22 apr 19.18 event18
crw-rw----  1 nobody nogroup 13, 83 22 apr 19.18 event19
crw-rw----  1 nobody nogroup 13, 66 22 apr 19.18 event2
crw-rw----  1 nobody nogroup 13, 84 22 apr 19.18 event20
crw-rw----  1 nobody nogroup 13, 85 22 apr 19.18 event21
crw-rw----  1 nobody nogroup 13, 86 22 apr 19.18 event22
crw-rw----  1 nobody nogroup 13, 87 22 apr 19.18 event23
crw-rw----  1 nobody nogroup 13, 88 22 apr 19.18 event24
crw-rw----  1 nobody nogroup 13, 89 22 apr 19.18 event25
crw-rw----  1 nobody nogroup 13, 90 22 apr 19.18 event26
crw-rw----  1 nobody nogroup 13, 91 22 apr 19.18 event27
crw-rw----+ 1 nobody nogroup 13, 92 23 apr 07.22 event28
crw-rw----  1 nobody nogroup 13, 67 22 apr 19.18 event3
crw-rw----  1 nobody nogroup 13, 68 22 apr 19.18 event4
crw-rw----  1 nobody nogroup 13, 69 22 apr 19.18 event5
crw-rw----  1 nobody nogroup 13, 70 22 apr 19.18 event6
crw-rw----  1 nobody nogroup 13, 71 22 apr 19.18 event7
crw-rw----  1 nobody nogroup 13, 72 22 apr 19.18 event8
crw-rw----  1 nobody nogroup 13, 73 22 apr 19.18 event9
crw-rw-r--  1 nobody nogroup 13,  0 22 apr 19.18 js0
crw-rw-r--+ 1 nobody nogroup 13,  1 23 apr 07.22 js1
crw-rw----  1 nobody nogroup 13, 63 22 apr 19.18 mice
crw-rw----  1 nobody nogroup 13, 32 22 apr 19.18 mouse0
crw-rw----  1 nobody nogroup 13, 33 22 apr 19.18 mouse1
$ ls -l /dev/input/by-id
total 0
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-BY_Tech_Usb-event-if01 -> ../event9
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-BY_Tech_Usb-event-kbd -> ../event8
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-BY_Tech_Usb-if01-event-kbd -> ../event11
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-BY_Tech_Usb-if01-event-mouse -> ../event12
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-BY_Tech_Usb-if01-mouse -> ../mouse1
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-event-if01 -> ../event5
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-event-mouse -> ../event2
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-if01-event-kbd -> ../event3
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-mouse -> ../mouse0
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-Sonix_Technology_Co.__Ltd._H264_USB_Camera_SN0001-event-if00 -> ../event27
lrwxrwxrwx 1 nobody nogroup 10 23 apr 07.22 usb-ZEROPLUS_Controller_3136303033313032354246323543-event-joystick -> ../event28
lrwxrwxrwx 1 nobody nogroup  6 23 apr 07.22 usb-ZEROPLUS_Controller_3136303033313032354246323543-joystick -> ../js1
$ ls -l /dev/input/by-path
total 0
lrwxrwxrwx 1 nobody nogroup 10 23 apr 07.22 pci-0000:05:00.1-usb-0:6.1:1.0-event-joystick -> ../event28
lrwxrwxrwx 1 nobody nogroup  6 23 apr 07.22 pci-0000:05:00.1-usb-0:6.1:1.0-joystick -> ../js1
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.0-event-mouse -> ../event2
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.0-mouse -> ../mouse0
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.1-event -> ../event5
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.1-event-kbd -> ../event3
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.0-event-kbd -> ../event8
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event -> ../event9
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event-kbd -> ../event11
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event-mouse -> ../event12
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-mouse -> ../mouse1
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:0c:00.3-usb-0:4:1.0-event -> ../event27
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 platform-pcspkr-event-spkr -> ../event13

@davidebeatrici
Map /dev/input with "--private-dev", add "--no-input" option to disab…
a90386d 
…le it

By default only joystick devices ("/dev/input/js*") can be accessed.
At least, that's the case on Debian: the other entries have more restrictive permissions.
The original owner and group are "root" and "input", respectively.
However, until we have granular input control options, allowing access to joysticks only is better than nothing.

$ ls -l /dev
total 0
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 cdrom -> /dev/sr0
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 cdrw -> /dev/sr0
drwxr-xr-x  3 nobody nogroup    100 22 apr 19.18 dri
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 dvd -> /dev/sr0
lrwxrwxrwx  1 nobody nogroup      8 23 apr 07.22 dvdrw -> /dev/sr0
lrwxrwxrwx  1 nobody nogroup     13 23 apr 07.22 fd -> /proc/self/fd
crw-rw-rw-  1 nobody nogroup   1, 7 23 apr 07.22 full
crw-rw----+ 1 nobody nogroup 244, 0 22 apr 19.18 hidraw0
crw-rw----+ 1 nobody nogroup 244, 1 22 apr 19.18 hidraw1
crw-rw----+ 1 nobody nogroup 244, 2 22 apr 19.18 hidraw2
crw-rw----+ 1 nobody nogroup 244, 3 22 apr 19.18 hidraw3
crw-rw----+ 1 nobody nogroup 244, 4 22 apr 19.18 hidraw4
crw-rw----+ 1 nobody nogroup 244, 5 22 apr 19.18 hidraw5
drwxr-xr-x  4 nobody nogroup    760 23 apr 07.22 input
srw-rw-rw-  1 nobody nogroup      0 22 apr 19.18 log
crw-rw-rw-  1 nobody nogroup   1, 3 23 apr 07.22 null
lrwxrwxrwx  1 nobody nogroup     13 23 apr 07.22 ptmx -> /dev/pts/ptmx
drwxr-xr-x  2 nobody nogroup      0 23 apr 07.22 pts
crw-rw-rw-  1 nobody nogroup   1, 8 23 apr 07.22 random
drwxrwxrwt  2 nobody nogroup     40 23 apr 07.22 shm
drwxr-xr-x  4 nobody nogroup    500 22 apr 19.18 snd
brw-rw----+ 1 nobody nogroup  11, 0 23 apr 00.24 sr0
lrwxrwxrwx  1 nobody nogroup     15 23 apr 07.22 stderr -> /proc/self/fd/2
lrwxrwxrwx  1 nobody nogroup     15 23 apr 07.22 stdin -> /proc/self/fd/0
lrwxrwxrwx  1 nobody nogroup     15 23 apr 07.22 stdout -> /proc/self/fd/1
crw-rw-rw-  1 nobody nogroup   5, 0 23 apr 07.22 tty
crw-rw-rw-  1 nobody nogroup   1, 9 23 apr 07.22 urandom
drwxr-xr-x  2 nobody nogroup    120 22 apr 19.18 usb
crw-rw----+ 1 nobody video    81, 0 22 apr 19.18 video0
crw-rw----+ 1 nobody video    81, 1 22 apr 19.18 video1
crw-rw----+ 1 nobody video    81, 2 22 apr 19.18 video2
crw-rw----+ 1 nobody video    81, 3 22 apr 19.18 video3
crw-rw-rw-  1 nobody nogroup   1, 5 23 apr 07.22 zero

$ ls -l /dev/input
total 0
drwxr-xr-x  2 nobody nogroup    280 23 apr 07.22 by-id
drwxr-xr-x  2 nobody nogroup    300 23 apr 07.22 by-path
crw-rw----  1 nobody nogroup 13, 64 22 apr 19.18 event0
crw-rw----  1 nobody nogroup 13, 65 22 apr 19.18 event1
crw-rw----  1 nobody nogroup 13, 74 22 apr 19.18 event10
crw-rw----  1 nobody nogroup 13, 75 22 apr 19.18 event11
crw-rw----  1 nobody nogroup 13, 76 22 apr 19.18 event12
crw-rw----  1 nobody nogroup 13, 77 22 apr 19.18 event13
crw-rw----  1 nobody nogroup 13, 78 22 apr 19.18 event14
crw-rw----  1 nobody nogroup 13, 79 22 apr 19.18 event15
crw-rw----  1 nobody nogroup 13, 80 22 apr 19.18 event16
crw-rw----  1 nobody nogroup 13, 81 22 apr 19.18 event17
crw-rw----  1 nobody nogroup 13, 82 22 apr 19.18 event18
crw-rw----  1 nobody nogroup 13, 83 22 apr 19.18 event19
crw-rw----  1 nobody nogroup 13, 66 22 apr 19.18 event2
crw-rw----  1 nobody nogroup 13, 84 22 apr 19.18 event20
crw-rw----  1 nobody nogroup 13, 85 22 apr 19.18 event21
crw-rw----  1 nobody nogroup 13, 86 22 apr 19.18 event22
crw-rw----  1 nobody nogroup 13, 87 22 apr 19.18 event23
crw-rw----  1 nobody nogroup 13, 88 22 apr 19.18 event24
crw-rw----  1 nobody nogroup 13, 89 22 apr 19.18 event25
crw-rw----  1 nobody nogroup 13, 90 22 apr 19.18 event26
crw-rw----  1 nobody nogroup 13, 91 22 apr 19.18 event27
crw-rw----+ 1 nobody nogroup 13, 92 23 apr 07.22 event28
crw-rw----  1 nobody nogroup 13, 67 22 apr 19.18 event3
crw-rw----  1 nobody nogroup 13, 68 22 apr 19.18 event4
crw-rw----  1 nobody nogroup 13, 69 22 apr 19.18 event5
crw-rw----  1 nobody nogroup 13, 70 22 apr 19.18 event6
crw-rw----  1 nobody nogroup 13, 71 22 apr 19.18 event7
crw-rw----  1 nobody nogroup 13, 72 22 apr 19.18 event8
crw-rw----  1 nobody nogroup 13, 73 22 apr 19.18 event9
crw-rw-r--  1 nobody nogroup 13,  0 22 apr 19.18 js0
crw-rw-r--+ 1 nobody nogroup 13,  1 23 apr 07.22 js1
crw-rw----  1 nobody nogroup 13, 63 22 apr 19.18 mice
crw-rw----  1 nobody nogroup 13, 32 22 apr 19.18 mouse0
crw-rw----  1 nobody nogroup 13, 33 22 apr 19.18 mouse1

$ ls -l /dev/input/by-id
total 0
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-BY_Tech_Usb-event-if01 -> ../event9
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-BY_Tech_Usb-event-kbd -> ../event8
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-BY_Tech_Usb-if01-event-kbd -> ../event11
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-BY_Tech_Usb-if01-event-mouse -> ../event12
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-BY_Tech_Usb-if01-mouse -> ../mouse1
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-event-if01 -> ../event5
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-event-mouse -> ../event2
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-if01-event-kbd -> ../event3
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 usb-SOAI_USB_Gaming_Mouse-mouse -> ../mouse0
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 usb-Sonix_Technology_Co.__Ltd._H264_USB_Camera_SN0001-event-if00 -> ../event27
lrwxrwxrwx 1 nobody nogroup 10 23 apr 07.22 usb-ZEROPLUS_Controller_3136303033313032354246323543-event-joystick -> ../event28
lrwxrwxrwx 1 nobody nogroup  6 23 apr 07.22 usb-ZEROPLUS_Controller_3136303033313032354246323543-joystick -> ../js1

$ ls -l /dev/input/by-path
total 0
lrwxrwxrwx 1 nobody nogroup 10 23 apr 07.22 pci-0000:05:00.1-usb-0:6.1:1.0-event-joystick -> ../event28
lrwxrwxrwx 1 nobody nogroup  6 23 apr 07.22 pci-0000:05:00.1-usb-0:6.1:1.0-joystick -> ../js1
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.0-event-mouse -> ../event2
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.0-mouse -> ../mouse0
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.1-event -> ../event5
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.3:1.1-event-kbd -> ../event3
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.0-event-kbd -> ../event8
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event -> ../event9
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event-kbd -> ../event11
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-event-mouse -> ../event12
lrwxrwxrwx 1 nobody nogroup  9 22 apr 19.18 pci-0000:05:00.3-usb-0:6.4:1.1-mouse -> ../mouse1
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 pci-0000:0c:00.3-usb-0:4:1.0-event -> ../event27
lrwxrwxrwx 1 nobody nogroup 10 22 apr 19.18 platform-pcspkr-event-spkr -> ../event13
@netblue30 netblue30 merged commit f5a1f84 into netblue30:master May 4, 2021
@netblue30
Copy link
Owner

Merged, thanks!

@rusty-snake
Copy link
Collaborator

FTR: I work on a follow-up PR to add noinput to the most profiles.

@davidebeatrici
Copy link
Contributor Author

Thanks for merging!

FTR: I work on a follow-up PR to add noinput to the most profiles.

Excellent! I would keep input support by default only for launchers (e.g. Steam) and non-FPS games.

@rusty-snake
Copy link
Collaborator

It's already there (#4239) steam has no private-dev (by default) and for all the games in the list IDK if they have joystick support or not.

@davidebeatrici
Copy link
Contributor Author

Steam has private-dev by default:

firejail/etc/profile-m-z/steam.profile

Lines 157 to 158 in 2431d8b

# comment the following line if you need controller support
private-dev

@rusty-snake
Copy link
Collaborator

You are, GH does not load all the 540 diffs at start and if you then crtl+f for steam ...

@davidebeatrici
Copy link
Contributor Author

Yeah, when large files are involved I always search locally.

kmk3 added a commit to kmk3/firejail that referenced this pull request May 8, 2021
@kmk3
contrib/vim: add missing noinput command to syn match
4f028ae 
Added on commit a90386d ("Map /dev/input with "--private-dev", add
"--no-input" option to disable it") / PR netblue30#4209.  See also commit
0cee0ba ("Add noinput to all profiles with private-dev").

Misc: I noticed that it was missing due to the lack of syntax
highlighting on etc/profile-m-z/webstorm.profile.
@kmk3 kmk3 mentioned this pull request May 8, 2021
Merged
kmk3 added a commit to kmk3/firejail that referenced this pull request May 8, 2021
@kmk3
contrib/vim: add missing noinput command to syn match
22a91ae 
Added on commit a90386d ("Map /dev/input with "--private-dev", add
"--no-input" option to disable it") / PR netblue30#4209.  See also commit
0cee0ba ("Add noinput to all profiles with private-dev") / PR netblue30#4239.

Misc: I noticed that it was missing due to the lack of syntax
highlighting on etc/profile-m-z/webstorm.profile.
@davidebeatrici davidebeatrici deleted the private-dev-input-support-and-noinput-option branch July 6, 2022 04:59
kmk3 pushed a commit to glitsj16/firejail that referenced this pull request Sep 1, 2024
@glitsj16 @kmk3
docs: man: sort commands and sections
dae5b5d 
Sort commands and sections in firejail.1.in and sync the result with
firejail-profile.5.in.

* Commands: `--dbus-system.*`, `--dbus-user.*`, `--icmptrace`,
  `--ip=none`, `memory-deny-write-execute`, `--noinput`
* Sections: "LANDLOCK", "NAME VALIDATION"

Relates to netblue30#3190 netblue30#3406 netblue30#4209 netblue30#5856 netblue30#6078.
@kmk3 kmk3 mentioned this pull request Sep 1, 2024
Merged
kmk3 pushed a commit that referenced this pull request Sep 10, 2024
@glitsj16 @kmk3
docs: man: sort commands and sections
cb9ef0f 
Sort commands and sections in firejail.1.in and sync the result with
firejail-profile.5.in.

* Commands: `--dbus-system.*`, `--dbus-user.*`, `--icmptrace`,
  `--ip=none`, `memory-deny-write-execute`, `--noinput`
* Sections: "LANDLOCK", "NAME VALIDATION"

Relates to #3190 #3406 #4209 #5856 #6078.
kmk3 pushed a commit to glitsj16/firejail that referenced this pull request Sep 10, 2024
@glitsj16 @kmk3
docs: man: sort commands (firejail.1)
3333a4c 
Sort commands in firejail.1.in and sync the result with
firejail-profile.5.in.

* Commands: `--dbus-system.*`, `--dbus-user.*`, `--icmptrace`,
  `--ip=none`, `memory-deny-write-execute`, `--noinput`

Relates to netblue30#3190 netblue30#3406 netblue30#4209.
kmk3 pushed a commit that referenced this pull request Sep 10, 2024
@glitsj16
docs: man: sort commands (firejail.1) (#6451)
780aea3 
Sort commands in firejail.1.in and sync the result with
firejail-profile.5.in.

* Commands: `--dbus-system.*`, `--dbus-user.*`, `--icmptrace`,
  `--ip=none`, `memory-deny-write-execute`, `--noinput`

Relates to #3190 #3406 #4209.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Consider keeping /dev/input/js0 (joystick device) with --private-dev
3 participants
@davidebeatrici @netblue30 @rusty-snake