| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
User confirms snx-rs's SAML loopback no longer needs chromium routing.
Remove:
- dot_local/bin/snxctl-chromium (PATH-override wrapper)
- dot_local/share/snx-rs/bin/xdg-open (chromium shim)
- snx-rs LibreWolf SAML note in user-overrides.js
The waybar snx-vpn toggle now just runs `snxctl connect` detached,
no wrapper indirection.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd/user/teams-{sii,xsight}.service: autostart both Teams flatpak
profiles on sway-session.target login. KillMode=mixed so SIGTERM hits
only the wrapper process — both instances share the same flatpak app
id, so killing by app id would take down the sibling instance. A 15s
SIGKILL fallback covers the case where Electron tray-hides instead of
quitting. Both units listed in systemd-units/user.txt.
etc/pacman.conf: IgnorePkg = llama-cpp-vulkan. The AUR package rebuilds
on every llama.cpp commit (multi-hour build). Update manually with
`paru -S llama-cpp-vulkan` when intended.
snxctl-chromium wrapper:
- dot_local/share/snx-rs/bin/xdg-open: shim that flatpak-runs
ungoogled-chromium, used only by snx-rs.
- dot_config/systemd/user/snx-rs.service.d/10-chromium-saml.conf:
drop-in prepending that dir to the daemon's PATH so snx-rs's
opener-crate call to xdg-open lands in chromium, without affecting
xdg-open for any other process.
- dot_local/bin/snxctl-chromium: convenience wrapper that
daemon-reloads and restarts snx-rs.service if the drop-in isn't yet
applied, then execs `snxctl connect`.
firefox/user-overrides.js: revert the dom.security.https_only_mode.
upgrade_local and network.lna.local-network-to-localhost.skip-checks
prefs — they didn't actually fix the SAML flow. Replaced with a
comment pointing to the wrapper instead.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LibreWolf disables media.gmp-provider.enabled and media.gmp-gmpopenh264.enabled
and falls back to media.webrtc.hw.h264.enabled=true. On Linux this rarely
works because Mozilla's bundled FFmpeg doesn't ship H.264 encode support
(patent policy), so the SDP offers H.264 but the encoder produces no frames.
Result: local camera preview works (raw MediaStreamTrack, no encoding) but
remote participants see no video. Affects MS Teams (H.264 primary); does not
affect Google Meet (VP8/VP9 native). Same symptom in flatpak and native
LibreWolf builds, confirming sandbox is not the cause.
arkenfox 2020 deliberately leaves media.gmp-provider.enabled commented out
and does not touch the OpenH264 plugin pref. Re-enabling here brings us in
line with arkenfox. media.gmp-manager.url is restored from LibreWolf's
data:text/plain blank so the OpenH264 GMP can actually download.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
LibreWolf 149+ hardens beyond arkenfox by force-upgrading loopback to HTTPS
(dom.security.https_only_mode.upgrade_local=true) and enabling LNA blocking
of public->loopback redirects. Both break snx-rs / Forticlient / generic
VPN SAML callbacks that land on http://127.0.0.1:<port>/<token>.
Restore stock Firefox / arkenfox loopback behaviour. arkenfox 1245 leaves
upgrade_local intentionally commented out and does not touch network.lna.*,
so this brings us in line with arkenfox rather than weaker than it.
Refs: LibreWolf issues #2954 (Forticlient SSO broken in 149), #2962
(HTTPS-Only Mode locked in 149.0.2-1, reverted in 149.0.2-2).
|
| |
|
|
|
|
|
|
|
| |
- Remove 4 dead commented-out prefs (privatebrowsing.autostart,
sessionstore.privacy_level, media.eme.enabled, disableIPv6 duplicate)
- Remove deprecated pdfjs.disabled (dropped from arkenfox, no longer honored)
- Remove deprecated browser.fixup.domainsuffixwhitelist.i2p (FF120+)
- Strip arkenfox wiki comment bloat: 97 → 22 lines
- Organize remaining 15 active prefs by section
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
sommerfeld
Arnold Sommerfeld