diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-02-05 08:43:07 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2023-02-17 10:42:08 -0300 |
commit | f33e452b044af0b651784a43e6981078eb0c0540 (patch) | |
tree | 9ea59c0ac99b311f7fee9797053cedc6ba0937fc | |
parent | ci: deb: remove redundant --prefix arguments (diff) | |
download | firejail-f33e452b044af0b651784a43e6981078eb0c0540.tar.gz firejail-f33e452b044af0b651784a43e6981078eb0c0540.tar.zst firejail-f33e452b044af0b651784a43e6981078eb0c0540.zip |
build: deb: enable apparmor by default & remove deb-apparmor
The official .deb package is always built with apparmor support, so use
`--enable-apparmor` in mkdeb.sh and remove the "deb-apparmor" target in
order to reduce redundancy.
Note that custom configure options may be specified by calling
./mkdeb.sh directly.
For example, to build the .deb package without apparmor support, instead
of running `make deb`, the following commands can be used:
make dist
./mkdeb.sh --disable-apparmor
Also, change the `build_apparmor` GitLab CI job into
`build_no_apparmor`, which is intended to check that building without
apparmor still works.
Note: This commit makes the resulting .deb package not have an
"-apparmor" suffix (see `EXTRA_VERSION` in mkdeb.sh), to avoid
redundancy (as having apparmor support becomes the default).
Misc: This is a follow-up to #5654.
Relates to #5154 #5176 #5547.
-rw-r--r-- | .gitlab-ci.yml | 12 | ||||
-rw-r--r-- | Makefile | 4 | ||||
-rw-r--r-- | README | 2 | ||||
-rwxr-xr-x | contrib/update_deb.sh | 2 | ||||
-rwxr-xr-x | mkdeb.sh | 2 |
5 files changed, 9 insertions, 13 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b0af96cf9..6dcb40e67 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml | |||
@@ -9,7 +9,7 @@ build_ubuntu_package: | |||
9 | image: ubuntu:rolling | 9 | image: ubuntu:rolling |
10 | script: | 10 | script: |
11 | - apt-get update -qq | 11 | - apt-get update -qq |
12 | - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian pkg-config python3 gawk | 12 | - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config python3 gawk |
13 | - ./configure && make deb && dpkg -i firejail*.deb | 13 | - ./configure && make deb && dpkg -i firejail*.deb |
14 | - command -V firejail && firejail --version | 14 | - command -V firejail && firejail --version |
15 | - python3 contrib/sort.py etc/profile-*/*.profile etc/inc/*.inc | 15 | - python3 contrib/sort.py etc/profile-*/*.profile etc/inc/*.inc |
@@ -18,7 +18,7 @@ build_debian_package: | |||
18 | image: debian:stretch | 18 | image: debian:stretch |
19 | script: | 19 | script: |
20 | - apt-get update -qq | 20 | - apt-get update -qq |
21 | - apt-get install -y -qq build-essential lintian pkg-config gawk | 21 | - apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config gawk |
22 | - ./configure && make deb && dpkg -i firejail*.deb | 22 | - ./configure && make deb && dpkg -i firejail*.deb |
23 | - command -V firejail && firejail --version | 23 | - command -V firejail && firejail --version |
24 | 24 | ||
@@ -49,14 +49,14 @@ build_src_package: | |||
49 | - command -V firejail && firejail --version | 49 | - command -V firejail && firejail --version |
50 | # - python3 contrib/sort.py etc/*.{profile,inc} | 50 | # - python3 contrib/sort.py etc/*.{profile,inc} |
51 | 51 | ||
52 | build_apparmor: | 52 | build_no_apparmor: |
53 | image: ubuntu:latest | 53 | image: ubuntu:latest |
54 | script: | 54 | script: |
55 | - apt-get update -qq | 55 | - apt-get update -qq |
56 | - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian libapparmor-dev pkg-config gawk | 56 | - DEBIAN_FRONTEND=noninteractive apt-get install -y -qq build-essential lintian pkg-config gawk |
57 | - ./configure && make deb-apparmor && dpkg -i firejail*.deb | 57 | - ./configure && make dist && ./mkdeb.sh --disable-apparmor && dpkg -i firejail*.deb |
58 | - command -V firejail && firejail --version | 58 | - command -V firejail && firejail --version |
59 | - firejail --version | grep -F 'AppArmor support is enabled' | 59 | - firejail --version | grep -F 'AppArmor support is disabled' |
60 | 60 | ||
61 | debian_ci: | 61 | debian_ci: |
62 | image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage:latest | 62 | image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage:latest |
@@ -339,10 +339,6 @@ asc: config.mk | |||
339 | deb: dist config.sh | 339 | deb: dist config.sh |
340 | ./mkdeb.sh | 340 | ./mkdeb.sh |
341 | 341 | ||
342 | .PHONY: deb-apparmor | ||
343 | deb-apparmor: dist config.sh | ||
344 | env EXTRA_VERSION=-apparmor ./mkdeb.sh --enable-apparmor | ||
345 | |||
346 | .PHONY: test-compile | 342 | .PHONY: test-compile |
347 | test-compile: dist config.mk | 343 | test-compile: dist config.mk |
348 | cd test/compile; ./compile.sh $(TARNAME)-$(VERSION) | 344 | cd test/compile; ./compile.sh $(TARNAME)-$(VERSION) |
@@ -34,7 +34,7 @@ $ sudo apt-get install git build-essential libapparmor-dev pkg-config gawk | |||
34 | For --selinux option, add libselinux1-dev (libselinux-devel for Fedora). | 34 | For --selinux option, add libselinux1-dev (libselinux-devel for Fedora). |
35 | 35 | ||
36 | We build our release firejail.tar.xz and firejail.deb packages using the following command: | 36 | We build our release firejail.tar.xz and firejail.deb packages using the following command: |
37 | $ make distclean && ./configure && make deb-apparmor | 37 | $ make distclean && ./configure && make deb |
38 | 38 | ||
39 | 39 | ||
40 | Maintainer: | 40 | Maintainer: |
diff --git a/contrib/update_deb.sh b/contrib/update_deb.sh index 4ee652024..ad6e728f1 100755 --- a/contrib/update_deb.sh +++ b/contrib/update_deb.sh | |||
@@ -15,7 +15,7 @@ cd firejail | |||
15 | sed -i "s/# restricted-network .*/restricted-network yes/" \ | 15 | sed -i "s/# restricted-network .*/restricted-network yes/" \ |
16 | etc/firejail.config | 16 | etc/firejail.config |
17 | 17 | ||
18 | make deb-apparmor | 18 | make deb |
19 | sudo dpkg -i firejail*.deb | 19 | sudo dpkg -i firejail*.deb |
20 | echo "Firejail updated." | 20 | echo "Firejail updated." |
21 | cd .. | 21 | cd .. |
@@ -25,7 +25,7 @@ echo "*****************************************" | |||
25 | tar -xJvf "$CODE_ARCHIVE" | 25 | tar -xJvf "$CODE_ARCHIVE" |
26 | #mkdir -p "$INSTALL_DIR" | 26 | #mkdir -p "$INSTALL_DIR" |
27 | cd "$CODE_DIR" | 27 | cd "$CODE_DIR" |
28 | ./configure --prefix=/usr "$@" | 28 | ./configure --prefix=/usr --enable-apparmor "$@" |
29 | make -j2 | 29 | make -j2 |
30 | mkdir debian | 30 | mkdir debian |
31 | DESTDIR=debian make install-strip | 31 | DESTDIR=debian make install-strip |