rusty-snake
rusty-snake
It *seems* to relate to the automatic update features. Namley if you have daily update of hosts file and synchronize while updazeing enabled.
> I was wondering whether it's possible to mount the encrypted filesystem directly inside the bubblewrap's mount namespace, hiding it from the host system. You seem to have a misunderstanding...
> It overrides syscalls via LD_PRELOAD. `LD_PRELOAD` overrides library functions not syscalls. Programs calling the raw syscalls will break. > Since, this will override the syscalls, instead of mounting an...
Your welcome. > to daemonize bubblejail as root (or make it setuid) and have it execute the jails as different UID Simplified yes. uid switching can be implemented in several...
> Is that expected? Yes because you can not LD_PRELOAD libraries into SUIDs for security reasons (https://github.com/netblue30/firejail/discussions/4156).
Looking at the code, you can set `export XDG_DESKTOP_PORTAL_DIR=/usr/local/share/xdg-desktop-portal` to load portals from there, only from there. So to load portals from e.g. `/usr/share/xdg-desktop-portal` too you need to symlink I...
The document portal already supports this (to the point I understand it) and at least the gtk/gnome file-chooser exposes an checkbox to open files read-only. A write-only portal hasn't much...
User data (e.g. documents, pictures, ...) shouldn't be deleted with `--delete-data` and for config/cache directories not following xdg-base-dirs we have `--persist`. Is there anything that I'm missing? Do you have...