diff options
author | smitsohu <smitsohu@gmail.com> | 2018-03-24 17:12:01 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2018-03-24 17:12:01 +0100 |
commit | ba1fc01cb77573a205e88d4d5c786398384382c7 (patch) | |
tree | 76e1eca9fdd598b8f9fa3d288727c22f0e83961a | |
parent | add basic akonadi integration (diff) | |
parent | Fixup gnome-recipes and add it to firecfg (diff) | |
download | firejail-ba1fc01cb77573a205e88d4d5c786398384382c7.tar.gz firejail-ba1fc01cb77573a205e88d4d5c786398384382c7.tar.zst firejail-ba1fc01cb77573a205e88d4d5c786398384382c7.zip |
Merge branch 'master' of https://github.com/netblue30/firejail
-rw-r--r-- | Makefile.in | 4 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | RELNOTES | 5 | ||||
-rwxr-xr-x | configure | 34 | ||||
-rw-r--r-- | configure.ac | 24 | ||||
-rw-r--r-- | dummy.c | 3 | ||||
-rw-r--r-- | etc/disable-programs.inc | 1 | ||||
-rw-r--r-- | etc/gnome-recipes.profile | 45 | ||||
-rw-r--r-- | etc/libreoffice.profile | 3 | ||||
-rw-r--r-- | src/fbuilder/Makefile.in | 4 | ||||
-rw-r--r-- | src/fcopy/Makefile.in | 3 | ||||
-rw-r--r-- | src/firecfg/Makefile.in | 3 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 1 | ||||
-rw-r--r-- | src/firejail/Makefile.in | 3 | ||||
-rw-r--r-- | src/firemon/Makefile.in | 3 | ||||
-rw-r--r-- | src/fldd/Makefile.in | 4 | ||||
-rw-r--r-- | src/fnet/Makefile.in | 4 | ||||
-rw-r--r-- | src/fnetfilter/Makefile.in | 4 | ||||
-rw-r--r-- | src/fsec-optimize/Makefile.in | 4 | ||||
-rw-r--r-- | src/fsec-print/Makefile.in | 3 | ||||
-rw-r--r-- | src/fsec-print/print.c | 2 | ||||
-rw-r--r-- | src/fseccomp/Makefile.in | 4 | ||||
-rw-r--r-- | src/ftee/Makefile.in | 3 | ||||
-rw-r--r-- | src/lib/Makefile.in | 3 |
24 files changed, 135 insertions, 34 deletions
diff --git a/Makefile.in b/Makefile.in index 27187f53a..21055b694 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -75,7 +75,7 @@ distclean: clean | |||
75 | for dir in $(APPS) $(MYLIBS); do \ | 75 | for dir in $(APPS) $(MYLIBS); do \ |
76 | $(MAKE) -C $$dir distclean; \ | 76 | $(MAKE) -C $$dir distclean; \ |
77 | done | 77 | done |
78 | rm -fr Makefile autom4te.cache config.log config.status config.h uids.h | 78 | rm -fr Makefile autom4te.cache config.log config.status config.h uids.h dummy.o |
79 | 79 | ||
80 | realinstall: | 80 | realinstall: |
81 | # firejail executable | 81 | # firejail executable |
@@ -195,7 +195,7 @@ uninstall: | |||
195 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon | 195 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon |
196 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg | 196 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg |
197 | 197 | ||
198 | DISTFILES = "src etc platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" | 198 | DISTFILES = "src etc platform contrib configure configure.ac dummy.c Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" |
199 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot" | 199 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot" |
200 | 200 | ||
201 | dist: | 201 | dist: |
@@ -247,4 +247,4 @@ firefox-common-addons.inc in firefox-common.profile. | |||
247 | Basilisk browser, Tor Browser language packs, PlayOnLinux, sylpheed, discord-canary, | 247 | Basilisk browser, Tor Browser language packs, PlayOnLinux, sylpheed, discord-canary, |
248 | pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing, Kaffeine, pdfchain, | 248 | pycharm-community, pycharm-professional, Pitivi, OnionShare, Fritzing, Kaffeine, pdfchain, |
249 | tilp, vivaldi-snapshot, bitcoin-qt, VS Code, falkon, gnome-builder, lobase, asunder, | 249 | tilp, vivaldi-snapshot, bitcoin-qt, VS Code, falkon, gnome-builder, lobase, asunder, |
250 | akonadi_control | 250 | gnome-recipes, akonadi_control |
@@ -26,8 +26,9 @@ firejail (0.9.53) baseline; urgency=low | |||
26 | * added sandbox name support in firemon | 26 | * added sandbox name support in firemon |
27 | * new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed, | 27 | * new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed, |
28 | * new profiles: discord-canary, pycharm-community, pycharm-professional, | 28 | * new profiles: discord-canary, pycharm-community, pycharm-professional, |
29 | * new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine, VS Code, | 29 | * new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine, |
30 | * new profiles: falkon, gnome-builder, asunder, akonadi_control | 30 | * new profiles: falkon, gnome-builder, asunder, VS Code, gnome-recipes |
31 | * new profiles: akonadi_control | ||
31 | -- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500 | 32 | -- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500 |
32 | 33 | ||
33 | firejail (0.9.52) baseline; urgency=low | 34 | firejail (0.9.52) baseline; urgency=low |
@@ -646,6 +646,7 @@ EGREP | |||
646 | GREP | 646 | GREP |
647 | CPP | 647 | CPP |
648 | HAVE_APPARMOR | 648 | HAVE_APPARMOR |
649 | EXTRA_CFLAGS | ||
649 | RANLIB | 650 | RANLIB |
650 | INSTALL_DATA | 651 | INSTALL_DATA |
651 | INSTALL_SCRIPT | 652 | INSTALL_SCRIPT |
@@ -2099,7 +2100,6 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu | |||
2099 | 2100 | ||
2100 | #AC_CONFIG_HEADERS([config.h]) | 2101 | #AC_CONFIG_HEADERS([config.h]) |
2101 | 2102 | ||
2102 | |||
2103 | ac_ext=c | 2103 | ac_ext=c |
2104 | ac_cpp='$CPP $CPPFLAGS' | 2104 | ac_cpp='$CPP $CPPFLAGS' |
2105 | ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' | 2105 | ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' |
@@ -3105,6 +3105,31 @@ else | |||
3105 | fi | 3105 | fi |
3106 | 3106 | ||
3107 | 3107 | ||
3108 | HAVE_SPECTRE="no" | ||
3109 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Spectre mitigation support in gcc compiler" >&5 | ||
3110 | $as_echo_n "checking for Spectre mitigation support in gcc compiler... " >&6; } | ||
3111 | if test "$CC" = "gcc"; then : | ||
3112 | |||
3113 | HAVE_SPECTRE="yes" | ||
3114 | $CC -mindirect-branch=thunk -c dummy.c || HAVE_SPECTRE="no" | ||
3115 | rm -f dummy.o | ||
3116 | |||
3117 | fi | ||
3118 | if test "$HAVE_SPECTRE" = "yes"; then : | ||
3119 | |||
3120 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | ||
3121 | $as_echo "yes" >&6; } | ||
3122 | EXTRA_CFLAGS+=" -mindirect-branch=thunk " | ||
3123 | |||
3124 | fi | ||
3125 | if test "$HAVE_SPECTRE" = "no"; then : | ||
3126 | |||
3127 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: ... not available" >&5 | ||
3128 | $as_echo "... not available" >&6; } | ||
3129 | |||
3130 | fi | ||
3131 | |||
3132 | |||
3108 | HAVE_APPARMOR="" | 3133 | HAVE_APPARMOR="" |
3109 | # Check whether --enable-apparmor was given. | 3134 | # Check whether --enable-apparmor was given. |
3110 | if test "${enable_apparmor+set}" = set; then : | 3135 | if test "${enable_apparmor+set}" = set; then : |
@@ -3119,7 +3144,6 @@ if test "x$enable_apparmor" = "xyes"; then : | |||
3119 | fi | 3144 | fi |
3120 | 3145 | ||
3121 | 3146 | ||
3122 | |||
3123 | ac_ext=c | 3147 | ac_ext=c |
3124 | ac_cpp='$CPP $CPPFLAGS' | 3148 | ac_cpp='$CPP $CPPFLAGS' |
3125 | ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' | 3149 | ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' |
@@ -3531,7 +3555,7 @@ fi | |||
3531 | fi | 3555 | fi |
3532 | if test "x$enable_apparmor" = "xyes"; then : | 3556 | if test "x$enable_apparmor" = "xyes"; then : |
3533 | 3557 | ||
3534 | EXTRA_LDFLAGS+="-lapparmor " | 3558 | EXTRA_LDFLAGS+=" -lapparmor " |
3535 | 3559 | ||
3536 | fi | 3560 | fi |
3537 | 3561 | ||
@@ -3725,7 +3749,7 @@ fi | |||
3725 | if test "x$enable_gcov" = "xyes"; then : | 3749 | if test "x$enable_gcov" = "xyes"; then : |
3726 | 3750 | ||
3727 | HAVE_GCOV="--coverage -DHAVE_GCOV " | 3751 | HAVE_GCOV="--coverage -DHAVE_GCOV " |
3728 | EXTRA_LDFLAGS+="-lgcov --coverage " | 3752 | EXTRA_LDFLAGS+=" -lgcov --coverage " |
3729 | 3753 | ||
3730 | 3754 | ||
3731 | fi | 3755 | fi |
@@ -5024,7 +5048,9 @@ echo " file transfer support: $HAVE_FILE_TRANSFER" | |||
5024 | echo " overlayfs support: $HAVE_OVERLAYFS" | 5048 | echo " overlayfs support: $HAVE_OVERLAYFS" |
5025 | echo " git install support: $HAVE_GIT_INSTALL" | 5049 | echo " git install support: $HAVE_GIT_INSTALL" |
5026 | echo " busybox workaround: $BUSYBOX_WORKAROUND" | 5050 | echo " busybox workaround: $BUSYBOX_WORKAROUND" |
5051 | echo " Spectre compiler patch: $HAVE_SPECTRE" | ||
5027 | echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS" | 5052 | echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS" |
5053 | echo " EXTRA_CFLAGS: $EXTRA_CFLAGS" | ||
5028 | echo " fatal warnings: $HAVE_FATAL_WARNINGS" | 5054 | echo " fatal warnings: $HAVE_FATAL_WARNINGS" |
5029 | echo " Gcov instrumentation: $HAVE_GCOV" | 5055 | echo " Gcov instrumentation: $HAVE_GCOV" |
5030 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" | 5056 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" |
diff --git a/configure.ac b/configure.ac index 952dec3b8..9a7a9d65e 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -3,12 +3,27 @@ AC_INIT(firejail, 0.9.53, netblue30@yahoo.com, , http://firejail.wordpress.com) | |||
3 | AC_CONFIG_SRCDIR([src/firejail/main.c]) | 3 | AC_CONFIG_SRCDIR([src/firejail/main.c]) |
4 | #AC_CONFIG_HEADERS([config.h]) | 4 | #AC_CONFIG_HEADERS([config.h]) |
5 | 5 | ||
6 | |||
7 | AC_PROG_CC | 6 | AC_PROG_CC |
8 | #AC_PROG_CXX | 7 | #AC_PROG_CXX |
9 | AC_PROG_INSTALL | 8 | AC_PROG_INSTALL |
10 | AC_PROG_RANLIB | 9 | AC_PROG_RANLIB |
11 | 10 | ||
11 | HAVE_SPECTRE="no" | ||
12 | AC_MSG_CHECKING(for Spectre mitigation support in gcc compiler) | ||
13 | AS_IF([test "$CC" = "gcc"], [ | ||
14 | HAVE_SPECTRE="yes" | ||
15 | $CC -mindirect-branch=thunk -c dummy.c || HAVE_SPECTRE="no" | ||
16 | rm -f dummy.o | ||
17 | ]) | ||
18 | AS_IF([test "$HAVE_SPECTRE" = "yes"], [ | ||
19 | AC_MSG_RESULT(yes) | ||
20 | EXTRA_CFLAGS+=" -mindirect-branch=thunk " | ||
21 | ]) | ||
22 | AS_IF([test "$HAVE_SPECTRE" = "no"], [ | ||
23 | AC_MSG_RESULT(... not available) | ||
24 | ]) | ||
25 | AC_SUBST([EXTRA_CFLAGS]) | ||
26 | |||
12 | HAVE_APPARMOR="" | 27 | HAVE_APPARMOR="" |
13 | AC_ARG_ENABLE([apparmor], | 28 | AC_ARG_ENABLE([apparmor], |
14 | AS_HELP_STRING([--enable-apparmor], [enable apparmor])) | 29 | AS_HELP_STRING([--enable-apparmor], [enable apparmor])) |
@@ -17,13 +32,12 @@ AS_IF([test "x$enable_apparmor" = "xyes"], [ | |||
17 | AC_SUBST(HAVE_APPARMOR) | 32 | AC_SUBST(HAVE_APPARMOR) |
18 | ]) | 33 | ]) |
19 | 34 | ||
20 | |||
21 | AS_IF([test "x$enable_apparmor" = "xyes"], [ | 35 | AS_IF([test "x$enable_apparmor" = "xyes"], [ |
22 | AC_CHECK_HEADER(sys/apparmor.h, , [AC_MSG_ERROR( | 36 | AC_CHECK_HEADER(sys/apparmor.h, , [AC_MSG_ERROR( |
23 | [Couldn't find sys/apparmor.h... please install apparmor user space library and development files] )]) | 37 | [Couldn't find sys/apparmor.h... please install apparmor user space library and development files] )]) |
24 | ]) | 38 | ]) |
25 | AS_IF([test "x$enable_apparmor" = "xyes"], [ | 39 | AS_IF([test "x$enable_apparmor" = "xyes"], [ |
26 | EXTRA_LDFLAGS+="-lapparmor " | 40 | EXTRA_LDFLAGS+=" -lapparmor " |
27 | ]) | 41 | ]) |
28 | AC_SUBST([EXTRA_LDFLAGS]) | 42 | AC_SUBST([EXTRA_LDFLAGS]) |
29 | 43 | ||
@@ -142,7 +156,7 @@ AC_ARG_ENABLE([gcov], | |||
142 | AS_HELP_STRING([--enable-gcov], [Gcov instrumentation])) | 156 | AS_HELP_STRING([--enable-gcov], [Gcov instrumentation])) |
143 | AS_IF([test "x$enable_gcov" = "xyes"], [ | 157 | AS_IF([test "x$enable_gcov" = "xyes"], [ |
144 | HAVE_GCOV="--coverage -DHAVE_GCOV " | 158 | HAVE_GCOV="--coverage -DHAVE_GCOV " |
145 | EXTRA_LDFLAGS+="-lgcov --coverage " | 159 | EXTRA_LDFLAGS+=" -lgcov --coverage " |
146 | AC_SUBST(HAVE_GCOV) | 160 | AC_SUBST(HAVE_GCOV) |
147 | ]) | 161 | ]) |
148 | 162 | ||
@@ -198,7 +212,9 @@ echo " file transfer support: $HAVE_FILE_TRANSFER" | |||
198 | echo " overlayfs support: $HAVE_OVERLAYFS" | 212 | echo " overlayfs support: $HAVE_OVERLAYFS" |
199 | echo " git install support: $HAVE_GIT_INSTALL" | 213 | echo " git install support: $HAVE_GIT_INSTALL" |
200 | echo " busybox workaround: $BUSYBOX_WORKAROUND" | 214 | echo " busybox workaround: $BUSYBOX_WORKAROUND" |
215 | echo " Spectre compiler patch: $HAVE_SPECTRE" | ||
201 | echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS" | 216 | echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS" |
217 | echo " EXTRA_CFLAGS: $EXTRA_CFLAGS" | ||
202 | echo " fatal warnings: $HAVE_FATAL_WARNINGS" | 218 | echo " fatal warnings: $HAVE_FATAL_WARNINGS" |
203 | echo " Gcov instrumentation: $HAVE_GCOV" | 219 | echo " Gcov instrumentation: $HAVE_GCOV" |
204 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" | 220 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" |
diff --git a/dummy.c b/dummy.c new file mode 100644 index 000000000..061ed7eef --- /dev/null +++ b/dummy.c | |||
@@ -0,0 +1,3 @@ | |||
1 | int main(void) { | ||
2 | return 0; | ||
3 | } | ||
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 586c50a60..3f0d7b337 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -374,6 +374,7 @@ blacklist ${HOME}/.local/share/gnome-2048 | |||
374 | blacklist ${HOME}/.local/share/gnome-chess | 374 | blacklist ${HOME}/.local/share/gnome-chess |
375 | blacklist ${HOME}/.local/share/gnome-music | 375 | blacklist ${HOME}/.local/share/gnome-music |
376 | blacklist ${HOME}/.local/share/gnome-photos | 376 | blacklist ${HOME}/.local/share/gnome-photos |
377 | blacklist ${HOME}/.local/share/gnome-recipes | ||
377 | blacklist ${HOME}/.local/share/gnome-ring | 378 | blacklist ${HOME}/.local/share/gnome-ring |
378 | blacklist ${HOME}/.local/share/gnome-twitch | 379 | blacklist ${HOME}/.local/share/gnome-twitch |
379 | blacklist ${HOME}/.local/share/gwenview | 380 | blacklist ${HOME}/.local/share/gwenview |
diff --git a/etc/gnome-recipes.profile b/etc/gnome-recipes.profile new file mode 100644 index 000000000..2392440a6 --- /dev/null +++ b/etc/gnome-recipes.profile | |||
@@ -0,0 +1,45 @@ | |||
1 | # Firejail profile for gnome-recipes | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include /etc/firejail/gnome-recipes.local | ||
5 | # Persistent global definitions | ||
6 | include /etc/firejail/globals.local | ||
7 | |||
8 | |||
9 | noblacklist ${HOME}/.local/share/gnome-recipes | ||
10 | |||
11 | include /etc/firejail/disable-common.inc | ||
12 | include /etc/firejail/disable-devel.inc | ||
13 | include /etc/firejail/disable-passwdmgr.inc | ||
14 | include /etc/firejail/disable-programs.inc | ||
15 | |||
16 | mkdir ${HOME}/.cache/gnome-recipes | ||
17 | whitelist ${HOME}/.cache/gnome-recipes | ||
18 | include /etc/firejail/whitelist-common.inc | ||
19 | include /etc/firejail/whitelist-var-common.inc | ||
20 | |||
21 | caps.drop all | ||
22 | ipc-namespace | ||
23 | netfilter | ||
24 | nodvd | ||
25 | nogroups | ||
26 | nonewprivs | ||
27 | noroot | ||
28 | nosound | ||
29 | notv | ||
30 | novideo | ||
31 | protocol unix,inet,inet6 | ||
32 | seccomp | ||
33 | shell none | ||
34 | |||
35 | disable-mnt | ||
36 | private-bin gnome-recipes,tar | ||
37 | private-dev | ||
38 | private-etc ca-certificates,fonts,ssl | ||
39 | # private-lib works for me with Gnome Shell 3.26.2, Mutter WM (Arch Linux) | ||
40 | # not widely tested though, leaving it to devs discretion to enable it later | ||
41 | #private-lib gdk-pixbuf-2.0,gio,gvfs/libgvfscommon.so,libgconf-2.so.4,libgnutls.so.30,libjpeg.so.8,libp11-kit.so.0,libproxy.so.1,librsvg-2.so.2 | ||
42 | private-tmp | ||
43 | |||
44 | noexec ${HOME} | ||
45 | noexec /tmp | ||
diff --git a/etc/libreoffice.profile b/etc/libreoffice.profile index 8b801f11e..ceb680951 100644 --- a/etc/libreoffice.profile +++ b/etc/libreoffice.profile | |||
@@ -10,7 +10,8 @@ noblacklist /usr/local/sbin | |||
10 | noblacklist ${HOME}/.config/libreoffice | 10 | noblacklist ${HOME}/.config/libreoffice |
11 | 11 | ||
12 | include /etc/firejail/disable-common.inc | 12 | include /etc/firejail/disable-common.inc |
13 | include /etc/firejail/disable-devel.inc | 13 | # libreoffice uses java; if you don't care about java functionality, uncomment this line; |
14 | #include /etc/firejail/disable-devel.inc | ||
14 | include /etc/firejail/disable-passwdmgr.inc | 15 | include /etc/firejail/disable-passwdmgr.inc |
15 | include /etc/firejail/disable-programs.inc | 16 | include /etc/firejail/disable-programs.inc |
16 | 17 | ||
diff --git a/src/fbuilder/Makefile.in b/src/fbuilder/Makefile.in index dd8e2ce6e..5bf78f92a 100644 --- a/src/fbuilder/Makefile.in +++ b/src/fbuilder/Makefile.in | |||
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ | |||
22 | HAVE_APPARMOR=@HAVE_APPARMOR@ | 22 | HAVE_APPARMOR=@HAVE_APPARMOR@ |
23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | 23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ |
24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | ||
26 | HAVE_GCOV=@HAVE_GCOV@ | 25 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 26 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
27 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 28 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 29 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 30 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 35 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h | 36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 37 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 38 | ||
39 | fbuilder: $(OBJS) | 39 | fbuilder: $(OBJS) |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fcopy/Makefile.in b/src/fcopy/Makefile.in index ad08f543e..519240c3d 100644 --- a/src/fcopy/Makefile.in +++ b/src/fcopy/Makefile.in | |||
@@ -25,6 +25,7 @@ HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | |||
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
26 | HAVE_GCOV=@HAVE_GCOV@ | 26 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
28 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 29 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 30 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 31 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +35,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 35 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 36 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h | 37 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 38 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 39 | ||
39 | fcopy: $(OBJS) | 40 | fcopy: $(OBJS) |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 41 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/firecfg/Makefile.in b/src/firecfg/Makefile.in index 0b2b03275..f0d389e36 100644 --- a/src/firecfg/Makefile.in +++ b/src/firecfg/Makefile.in | |||
@@ -19,6 +19,7 @@ HAVE_X11=@HAVE_X11@ | |||
19 | HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ | 19 | HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ |
20 | HAVE_GCOV=@HAVE_GCOV@ | 20 | HAVE_GCOV=@HAVE_GCOV@ |
21 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 21 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
22 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
22 | 23 | ||
23 | 24 | ||
24 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 25 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
@@ -29,7 +30,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
29 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 30 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
30 | 31 | ||
31 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h | 32 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h |
32 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 33 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
33 | 34 | ||
34 | firecfg: $(OBJS) ../lib/common.o | 35 | firecfg: $(OBJS) ../lib/common.o |
35 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) | 36 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index c39c1144e..73510c951 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -155,6 +155,7 @@ gnome-maps | |||
155 | gnome-mplayer | 155 | gnome-mplayer |
156 | gnome-music | 156 | gnome-music |
157 | gnome-photos | 157 | gnome-photos |
158 | gnome-recipes | ||
158 | gnome-twitch | 159 | gnome-twitch |
159 | gnome-weather | 160 | gnome-weather |
160 | goobox | 161 | goobox |
diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in index 01cb929e2..543924103 100644 --- a/src/firejail/Makefile.in +++ b/src/firejail/Makefile.in | |||
@@ -25,6 +25,7 @@ HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | |||
25 | HAVE_GCOV=@HAVE_GCOV@ | 25 | HAVE_GCOV=@HAVE_GCOV@ |
26 | HAVE_GIT_INSTALL=@HAVE_GIT_INSTALL@ | 26 | HAVE_GIT_INSTALL=@HAVE_GIT_INSTALL@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
28 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 29 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 30 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 31 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +35,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 35 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 36 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h | 37 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 38 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 39 | ||
39 | firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o ../lib/ldd_utils.o | 40 | firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o ../lib/ldd_utils.o |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) | 41 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/firemon/Makefile.in b/src/firemon/Makefile.in index 326c305d9..ede25f6b5 100644 --- a/src/firemon/Makefile.in +++ b/src/firemon/Makefile.in | |||
@@ -17,10 +17,11 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$ | |||
17 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now | 17 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now |
18 | HAVE_GCOV=@HAVE_GCOV@ | 18 | HAVE_GCOV=@HAVE_GCOV@ |
19 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 19 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
20 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
20 | 21 | ||
21 | 22 | ||
22 | %.o : %.c $(H_FILE_LIST) | 23 | %.o : %.c $(H_FILE_LIST) |
23 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 24 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
24 | 25 | ||
25 | firemon: $(OBJS) ../lib/common.o ../lib/pid.o | 26 | firemon: $(OBJS) ../lib/common.o ../lib/pid.o |
26 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/pid.o $(LIBS) $(EXTRA_LDFLAGS) | 27 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/pid.o $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fldd/Makefile.in b/src/fldd/Makefile.in index e2bf4b787..e199d517d 100644 --- a/src/fldd/Makefile.in +++ b/src/fldd/Makefile.in | |||
@@ -24,7 +24,7 @@ HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | |||
24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
26 | HAVE_GCOV=@HAVE_GCOV@ | 26 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 27 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ |
28 | 28 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 29 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 30 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 35 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h ../include/ldd_utils.h | 36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h ../include/ldd_utils.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 37 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 38 | ||
39 | fldd: $(OBJS) ../lib/ldd_utils.o | 39 | fldd: $(OBJS) ../lib/ldd_utils.o |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) | 40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fnet/Makefile.in b/src/fnet/Makefile.in index 3288e6354..06b8bbee7 100644 --- a/src/fnet/Makefile.in +++ b/src/fnet/Makefile.in | |||
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ | |||
22 | HAVE_APPARMOR=@HAVE_APPARMOR@ | 22 | HAVE_APPARMOR=@HAVE_APPARMOR@ |
23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | 23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ |
24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | ||
26 | HAVE_GCOV=@HAVE_GCOV@ | 25 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 26 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
27 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 28 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 29 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 30 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 35 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/libnetlink.h | 36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/libnetlink.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 37 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 38 | ||
39 | fnet: $(OBJS) ../lib/libnetlink.o | 39 | fnet: $(OBJS) ../lib/libnetlink.o |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o $(LIBS) $(EXTRA_LDFLAGS) | 40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fnetfilter/Makefile.in b/src/fnetfilter/Makefile.in index 1063737e1..0a0a8acc0 100644 --- a/src/fnetfilter/Makefile.in +++ b/src/fnetfilter/Makefile.in | |||
@@ -24,7 +24,7 @@ HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | |||
24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
26 | HAVE_GCOV=@HAVE_GCOV@ | 26 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 27 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ |
28 | 28 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 29 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 30 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 35 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h | 36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 37 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 38 | ||
39 | fnetfilter: $(OBJS) | 39 | fnetfilter: $(OBJS) |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fsec-optimize/Makefile.in b/src/fsec-optimize/Makefile.in index 6ddbfc075..faa1aa476 100644 --- a/src/fsec-optimize/Makefile.in +++ b/src/fsec-optimize/Makefile.in | |||
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ | |||
22 | HAVE_APPARMOR=@HAVE_APPARMOR@ | 22 | HAVE_APPARMOR=@HAVE_APPARMOR@ |
23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | 23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ |
24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | ||
26 | HAVE_GCOV=@HAVE_GCOV@ | 25 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 26 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
27 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 28 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 29 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 30 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 35 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h | 36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 37 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 38 | ||
39 | fsec-optimize: $(OBJS) ../lib/libnetlink.o | 39 | fsec-optimize: $(OBJS) ../lib/libnetlink.o |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fsec-print/Makefile.in b/src/fsec-print/Makefile.in index 5d23382f7..177b23f06 100644 --- a/src/fsec-print/Makefile.in +++ b/src/fsec-print/Makefile.in | |||
@@ -25,6 +25,7 @@ HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | |||
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
26 | HAVE_GCOV=@HAVE_GCOV@ | 26 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
28 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 29 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 30 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 31 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +35,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 35 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 36 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h | 37 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 38 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 39 | ||
39 | fsec-print: $(OBJS) ../lib/libnetlink.o | 40 | fsec-print: $(OBJS) ../lib/libnetlink.o |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 41 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/fsec-print/print.c b/src/fsec-print/print.c index e3b53c44c..faf59aa35 100644 --- a/src/fsec-print/print.c +++ b/src/fsec-print/print.c | |||
@@ -269,7 +269,7 @@ static void bpf_decode_args(const struct sock_filter *bpf, unsigned int line) { | |||
269 | native_arch = (ARCH_NR == ARCH_64)? 1: 0; | 269 | native_arch = (ARCH_NR == ARCH_64)? 1: 0; |
270 | } | 270 | } |
271 | else if (bpf->k == X32_SYSCALL_BIT) | 271 | else if (bpf->k == X32_SYSCALL_BIT) |
272 | printf("X32_ABI true:%.4x (false %.4x)", | 272 | printf("X32_ABI %.4x (false %.4x)", |
273 | (line + 1) + bpf->jt, | 273 | (line + 1) + bpf->jt, |
274 | (line + 1) + bpf->jf); | 274 | (line + 1) + bpf->jf); |
275 | else if (name) | 275 | else if (name) |
diff --git a/src/fseccomp/Makefile.in b/src/fseccomp/Makefile.in index df4343d36..3fd73bc5c 100644 --- a/src/fseccomp/Makefile.in +++ b/src/fseccomp/Makefile.in | |||
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@ | |||
22 | HAVE_APPARMOR=@HAVE_APPARMOR@ | 22 | HAVE_APPARMOR=@HAVE_APPARMOR@ |
23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ | 23 | HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ |
24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ | 24 | HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ |
25 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | ||
26 | HAVE_GCOV=@HAVE_GCOV@ | 25 | HAVE_GCOV=@HAVE_GCOV@ |
27 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 26 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
27 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
28 | 28 | ||
29 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 29 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
30 | C_FILE_LIST = $(sort $(wildcard *.c)) | 30 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 34 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
35 | 35 | ||
36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h | 36 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h |
37 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 37 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
38 | 38 | ||
39 | fseccomp: $(OBJS) | 39 | fseccomp: $(OBJS) |
40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | 40 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) |
diff --git a/src/ftee/Makefile.in b/src/ftee/Makefile.in index fd39f0cb7..8846126f8 100644 --- a/src/ftee/Makefile.in +++ b/src/ftee/Makefile.in | |||
@@ -7,6 +7,7 @@ NAME=@PACKAGE_NAME@ | |||
7 | HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ | 7 | HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ |
8 | HAVE_GCOV=@HAVE_GCOV@ | 8 | HAVE_GCOV=@HAVE_GCOV@ |
9 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 9 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
10 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
10 | 11 | ||
11 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 12 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
12 | C_FILE_LIST = $(sort $(wildcard *.c)) | 13 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -16,7 +17,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | |||
16 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 17 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
17 | 18 | ||
18 | %.o : %.c $(H_FILE_LIST) | 19 | %.o : %.c $(H_FILE_LIST) |
19 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 20 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
20 | 21 | ||
21 | ftee: $(OBJS) | 22 | ftee: $(OBJS) |
22 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(EXTRA_LDFLAGS) | 23 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(EXTRA_LDFLAGS) |
diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in index a49e56ad2..a25014c74 100644 --- a/src/lib/Makefile.in +++ b/src/lib/Makefile.in | |||
@@ -5,6 +5,7 @@ NAME=@PACKAGE_NAME@ | |||
5 | HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ | 5 | HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ |
6 | HAVE_GCOV=@HAVE_GCOV@ | 6 | HAVE_GCOV=@HAVE_GCOV@ |
7 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 7 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
8 | EXTRA_CFLAGS +=@EXTRA_CFLAGS@ | ||
8 | 9 | ||
9 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 10 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
10 | C_FILE_LIST = $(sort $(wildcard *.c)) | 11 | C_FILE_LIST = $(sort $(wildcard *.c)) |
@@ -16,7 +17,7 @@ LDFLAGS:=-pic -Wl,-z,relro -Wl,-z,now | |||
16 | all: $(OBJS) | 17 | all: $(OBJS) |
17 | 18 | ||
18 | %.o : %.c $(H_FILE_LIST) | 19 | %.o : %.c $(H_FILE_LIST) |
19 | $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ | 20 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ |
20 | 21 | ||
21 | clean:; rm -f $(OBJS) *.gcov *.gcda *.gcno | 22 | clean:; rm -f $(OBJS) *.gcov *.gcda *.gcno |
22 | 23 | ||