New upstream version 0.9.62.4
Reiner Herrmann
3 years ago
136 | 136 | sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d; fi;" |
137 | 137 | install -c -m 0644 etc/firejail-default $(DESTDIR)/$(sysconfdir)/apparmor.d/. |
138 | 138 | sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d/local ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d/local; fi;" |
139 | install -c -m 0644 etc/firejail-local $(DESTDIR)/$(sysconfdir)/apparmor.d/local/firejail-default | |
139 | 140 | endif |
140 | 141 | # man pages |
141 | 142 | install -m 0755 -d $(DESTDIR)/$(mandir)/man1 |
62 | 62 | - fix flameshot raw screenshots |
63 | 63 | 1dnrr (https://github.com/1dnrr) |
64 | 64 | - add pybitmessage profile |
65 | Ádler Jonas Gross (https://github.com/adgross) | |
66 | - AppArmor fix | |
65 | 67 | Adrian L. Shaw (https://github.com/adrianlshaw) |
66 | 68 | - add profanity profile |
67 | 69 | - add barrirer profile |
0 | firejail (0.9.62.4) baseline; urgency=low | |
1 | * fix AppArmor broken in the previous release | |
2 | * miscellaneous fixes | |
3 | -- netblue30 <netblue30@yahoo.com> Mon, 17 Aug 2020 08:00:00 -0500 | |
4 | ||
0 | 5 | firejail (0.9.62.2) baseline; urgency=low |
1 | 6 | * patches from Debian (firejail 0.9.62-3, sid): |
2 | 7 | profile-fixes.patch, apparmor-include.patch |
0 | 0 | #! /bin/sh |
1 | 1 | # Guess values for system-dependent variables and create Makefiles. |
2 | # Generated by GNU Autoconf 2.69 for firejail 0.9.62.2. | |
2 | # Generated by GNU Autoconf 2.69 for firejail 0.9.62.4. | |
3 | 3 | # |
4 | 4 | # Report bugs to <netblue30@yahoo.com>. |
5 | 5 | # |
579 | 579 | # Identity of this package. |
580 | 580 | PACKAGE_NAME='firejail' |
581 | 581 | PACKAGE_TARNAME='firejail' |
582 | PACKAGE_VERSION='0.9.62.2' | |
583 | PACKAGE_STRING='firejail 0.9.62.2' | |
582 | PACKAGE_VERSION='0.9.62.4' | |
583 | PACKAGE_STRING='firejail 0.9.62.4' | |
584 | 584 | PACKAGE_BUGREPORT='netblue30@yahoo.com' |
585 | 585 | PACKAGE_URL='https://firejail.wordpress.com' |
586 | 586 | |
1275 | 1275 | # Omit some internal or obsolete options to make the list less imposing. |
1276 | 1276 | # This message is too long to be a string in the A/UX 3.1 sh. |
1277 | 1277 | cat <<_ACEOF |
1278 | \`configure' configures firejail 0.9.62.2 to adapt to many kinds of systems. | |
1278 | \`configure' configures firejail 0.9.62.4 to adapt to many kinds of systems. | |
1279 | 1279 | |
1280 | 1280 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1281 | 1281 | |
1336 | 1336 | |
1337 | 1337 | if test -n "$ac_init_help"; then |
1338 | 1338 | case $ac_init_help in |
1339 | short | recursive ) echo "Configuration of firejail 0.9.62.2:";; | |
1339 | short | recursive ) echo "Configuration of firejail 0.9.62.4:";; | |
1340 | 1340 | esac |
1341 | 1341 | cat <<\_ACEOF |
1342 | 1342 | |
1449 | 1449 | test -n "$ac_init_help" && exit $ac_status |
1450 | 1450 | if $ac_init_version; then |
1451 | 1451 | cat <<\_ACEOF |
1452 | firejail configure 0.9.62.2 | |
1452 | firejail configure 0.9.62.4 | |
1453 | 1453 | generated by GNU Autoconf 2.69 |
1454 | 1454 | |
1455 | 1455 | Copyright (C) 2012 Free Software Foundation, Inc. |
1751 | 1751 | This file contains any messages produced by compilers while |
1752 | 1752 | running configure, to aid debugging if configure makes a mistake. |
1753 | 1753 | |
1754 | It was created by firejail $as_me 0.9.62.2, which was | |
1754 | It was created by firejail $as_me 0.9.62.4, which was | |
1755 | 1755 | generated by GNU Autoconf 2.69. Invocation command line was |
1756 | 1756 | |
1757 | 1757 | $ $0 $@ |
4700 | 4700 | # report actual input values of CONFIG_FILES etc. instead of their |
4701 | 4701 | # values after options handling. |
4702 | 4702 | ac_log=" |
4703 | This file was extended by firejail $as_me 0.9.62.2, which was | |
4703 | This file was extended by firejail $as_me 0.9.62.4, which was | |
4704 | 4704 | generated by GNU Autoconf 2.69. Invocation command line was |
4705 | 4705 | |
4706 | 4706 | CONFIG_FILES = $CONFIG_FILES |
4754 | 4754 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
4755 | 4755 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
4756 | 4756 | ac_cs_version="\\ |
4757 | firejail config.status 0.9.62.2 | |
4757 | firejail config.status 0.9.62.4 | |
4758 | 4758 | configured by $0, generated by GNU Autoconf 2.69, |
4759 | 4759 | with options \\"\$ac_cs_config\\" |
4760 | 4760 |
11 | 11 | # |
12 | 12 | |
13 | 13 | AC_PREREQ([2.68]) |
14 | AC_INIT(firejail, 0.9.62.2, netblue30@yahoo.com, , https://firejail.wordpress.com) | |
14 | AC_INIT(firejail, 0.9.62.4, netblue30@yahoo.com, , https://firejail.wordpress.com) | |
15 | 15 | AC_CONFIG_SRCDIR([src/firejail/main.c]) |
16 | 16 | |
17 | 17 | AC_CONFIG_MACRO_DIR([m4]) |
243 | 243 | blacklist ${HOME}/.config/meld |
244 | 244 | blacklist ${HOME}/.config/meteo-qt |
245 | 245 | blacklist ${HOME}/.config/mfusion |
246 | blacklist ${HOME}/.config/Microsoft | |
246 | 247 | blacklist ${HOME}/.config/midori |
247 | 248 | blacklist ${HOME}/.config/mono |
248 | 249 | blacklist ${HOME}/.config/mpDris2 |
648 | 649 | blacklist ${HOME}/.sword |
649 | 650 | blacklist ${HOME}/.sylpheed-2.0 |
650 | 651 | blacklist ${HOME}/.synfig |
652 | blacklist ${HOME}/.config/teams | |
651 | 653 | blacklist ${HOME}/.config/teams-for-linux |
652 | 654 | blacklist ${HOME}/.tb |
653 | 655 | blacklist ${HOME}/.tconn |
0 | # Firejail profile for element-desktop | |
1 | # Description: All-in-one secure chat app for teams, friends and organisations | |
2 | # This file is overwritten after every install/update | |
3 | # Persistent local customizations | |
4 | include element-desktop.local | |
5 | # Persistent global definitions | |
6 | # added by included profile | |
7 | #include globals.local | |
8 | ||
9 | noblacklist ${HOME}/.config/Element | |
10 | noblacklist ${HOME}/.config/Element (Riot) | |
11 | ||
12 | mkdir ${HOME}/.config/Element | |
13 | mkdir ${HOME}/.config/Element (Riot) | |
14 | whitelist ${HOME}/.config/Element | |
15 | whitelist ${HOME}/.config/Element (Riot) | |
16 | whitelist /opt/Element | |
17 | ||
18 | private-opt Element | |
19 | ||
20 | # Redirect | |
21 | include riot-desktop.profile |
0 | # Firejail profile for teams | |
1 | # Description: Official Microsoft Teams client for Linux using Electron. | |
2 | # This file is overwritten after every install/update | |
3 | # Persistent local customizations | |
4 | include teams.local | |
5 | # Persistent global definitions | |
6 | # added by included profile | |
7 | #include globals.local | |
8 | ||
9 | # see #3404 | |
10 | ignore apparmor | |
11 | ignore nodbus | |
12 | ||
13 | noblacklist ${HOME}/.config/teams | |
14 | noblacklist ${HOME}/.config/Microsoft | |
15 | ||
16 | include disable-devel.inc | |
17 | include disable-exec.inc | |
18 | include disable-interpreters.inc | |
19 | ||
20 | mkdir ${HOME}/.config/teams | |
21 | mkdir ${HOME}/.config/Microsoft | |
22 | whitelist ${HOME}/.config/teams | |
23 | whitelist ${HOME}/.config/Microsoft | |
24 | include whitelist-common.inc | |
25 | include whitelist-var-common.inc | |
26 | ||
27 | nou2f | |
28 | shell none | |
29 | tracelog | |
30 | ||
31 | disable-mnt | |
32 | private-cache | |
33 | private-dev | |
34 | ||
35 | # Redirect | |
36 | include electron.profile |
578 | 578 | sysprof |
579 | 579 | sysprof-cli |
580 | 580 | tb-starter-wrapper |
581 | teams | |
581 | 582 | teams-for-linux |
582 | 583 | teamspeak3 |
583 | 584 | teeworlds |
24 | 24 | #include <dirent.h> |
25 | 25 | #include <fcntl.h> |
26 | 26 | #include <pwd.h> |
27 | #include <errno.h> | |
27 | 28 | #ifndef _BSD_SOURCE |
28 | 29 | #define _BSD_SOURCE |
29 | 30 | #endif |
147 | 148 | return; |
148 | 149 | |
149 | 150 | errexit: |
150 | fprintf(stderr, "Error: cannot create %s device\n", path); | |
151 | fprintf(stderr, "Error: cannot create %s device: %s\n", path, strerror(errno)); | |
151 | 152 | exit(1); |
152 | 153 | } |
153 | 154 |
62 | 62 | sleep(1); |
63 | 63 | monsec--; |
64 | 64 | |
65 | EUID_ROOT(); | |
65 | 66 | FILE *fp = fopen(monfile, "r"); |
67 | EUID_USER(); | |
66 | 68 | if (!fp) { |
67 | 69 | killdone = 1; |
68 | 70 | break; |
26 | 26 | } |
27 | 27 | expect { |
28 | 28 | timeout {puts "TESTING ERROR 1.4\n";exit} |
29 | "Max address space 123456789012 123456789012" | |
29 | "Max address space 1234567890 1234567890" | |
30 | 30 | } |
31 | 31 | expect { |
32 | 32 | timeout {puts "TESTING ERROR 1.5\n";exit} |
4 | 4 | spawn $env(SHELL) |
5 | 5 | match_max 100000 |
6 | 6 | |
7 | send -- "firejail --rlimit-fsize=1024 --rlimit-nproc=1000 --rlimit-nofile=500 --rlimit-sigpending=200 --rlimit-as=123456789012\r" | |
7 | send -- "firejail --rlimit-fsize=1024 --rlimit-nproc=1000 --rlimit-nofile=500 --rlimit-sigpending=200 --rlimit-as=1234567890\r" | |
8 | 8 | expect { |
9 | 9 | timeout {puts "TESTING ERROR 0\n";exit} |
10 | 10 | "Child process initialized" |
26 | 26 | } |
27 | 27 | expect { |
28 | 28 | timeout {puts "TESTING ERROR 1.4\n";exit} |
29 | "Max address space 123456789012 123456789012" | |
29 | "Max address space 1234567890 1234567890" | |
30 | 30 | } |
31 | 31 | expect { |
32 | 32 | timeout {puts "TESTING ERROR 1.5\n";exit} |
1 | 1 | rlimit-nproc 1000 |
2 | 2 | rlimit-nofile 500 |
3 | 3 | rlimit-sigpending 200 |
4 | rlimit-as 123456789012 | |
4 | rlimit-as 1234567890 |
29 | 29 | send -- "cd /lib; find .\r" |
30 | 30 | expect { |
31 | 31 | timeout {puts "TESTING ERROR 5\n";exit} |
32 | "modules" {puts "TESTING ERROR 6\n";exit} | |
33 | "firmware" {puts "TESTING ERROR 7\n";exit} | |
32 | "./modules" {puts "TESTING ERROR 6\n";exit} | |
33 | "./firmware" {puts "TESTING ERROR 7\n";exit} | |
34 | 34 | "libc.so" |
35 | 35 | } |
36 | 36 | after 100 |