Alexander GrafovNov 3

I switched from #AppArmor to #Firejail on my desktop. For me Firejail's configuration is much less cryptic than AppArmor's :) But I noticed there was no syntax highlighting for Firejail config files in #Emacs, so I created a simple mode using SMIE:

https://github.com/grafov/firejail-mode

Because GNU/Emacs should have a mode for any task, you know! #butterfly

Show threadDroppie
@grafov fwiw... atm posting this reply from my "normal" boot, #ArchLinux #KDE, wherein i've run #Firejail since the beginning [& in all distros before Arch]. Later today shall be booting back into my "new" boot, only ~week old & still finessing it; #KDELinux. Tis my first #immutable #atomic i've run on SSD rather than just in VMs. Really enjoying it, but not being able to use FJ anymore is a very unsettling feeling for me. 😳 I reckon FJ is pretty fab.
Nov 3 at 8:51pmWeb
Show threadjust a blåhajNov 3
@MsDropbear42 @grafov protip: your best bet for having a lot of apps in hand is nix (edit: or Guix if you want to avoid the effects of the nix incident)

flatpak is...well...containerized so it doesn't have quite a bit of stuff because you can't contain everything
brew is kinda niché
appimages are even rarer
and if you wanted to compile software manually you might've as well installed gentoo
Show threadAlexander GrafovNov 3
@MsDropbear42 I'm not a security fanatic, but I do try to restrict proprietary software that I occasionally need to run, regardless of how it was installed (from AppImage, Flatpak, or downloaded as a binary). Firejail is doing its job good, I agree.