diff options
author | netblue30 <netblue30@yahoo.com> | 2019-01-27 09:52:44 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2019-01-27 09:52:44 -0500 |
commit | 7b94018634fc364cd0b099ec9b925eb4b3230b90 (patch) | |
tree | 33232175bd73c55bf3c8785e222db32806d8ac27 | |
parent | Merge branch 'master' of http://github.com/netblue30/firejail (diff) | |
download | firejail-7b94018634fc364cd0b099ec9b925eb4b3230b90.tar.gz firejail-7b94018634fc364cd0b099ec9b925eb4b3230b90.tar.zst firejail-7b94018634fc364cd0b099ec9b925eb4b3230b90.zip |
moving to 0.9.59
-rw-r--r-- | README.md | 57 | ||||
-rw-r--r-- | RELNOTES | 4 | ||||
-rwxr-xr-x | configure | 18 | ||||
-rw-r--r-- | configure.ac | 2 |
4 files changed, 15 insertions, 66 deletions
@@ -99,61 +99,6 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
99 | ````` | 99 | ````` |
100 | 100 | ||
101 | ````` | 101 | ````` |
102 | ## Current development version: 0.9.57 | 102 | ## Current development version: 0.9.59 |
103 | |||
104 | ## New Long Term Support (0.9.56-LTS) version released | ||
105 | |||
106 | The new version updates the code base to 0.9.56. We target a reduction of approx. 40% of the code by removing rarely | ||
107 | used features (chroot, overlay, rlimits, cgroups), incomplete features (private-bin, private-lib), | ||
108 | and a lot of instrumentation (build profile feature, tracing, auditing, etc). Sandbox-specific security features such as | ||
109 | seccomp, capabilities, filesystem whitelist/blacklist and networking are updated and hardened. | ||
110 | |||
111 | ````` | ||
112 | firejail (0.9.56-LTS) baseline; urgency=low | ||
113 | * code based on Firejail version 0.9.56 | ||
114 | * much smaller code base for SUID executable | ||
115 | * command line options removed: | ||
116 | --audit, --build, --cgroup, --chroot, --get, --ls, --output, | ||
117 | --output-stderr, --overlay, --overlay-named, --overlay-tmpfs, | ||
118 | --overlay-clean, --private-home, --private-bin, --private-etc, | ||
119 | --private-opt, --private-srv, --put, --rlimit*, --trace, --tracelog, | ||
120 | --x11*, --xephyr* | ||
121 | * compile-time options: --enable-apparmor, --disable-seccomp, | ||
122 | --disable-globalcfg, --disable-network, --disable-userns, | ||
123 | --disable-whitelist, --disable-suid, --enable-fatal-warnings, | ||
124 | --enable-busybox-workaround | ||
125 | -- netblue30 <netblue30@yahoo.com> Sun, 21 Oct 2018 08:00:00 -0500 | ||
126 | ````` | ||
127 | |||
128 | The new LTS branch is here: https://github.com/netblue30/firejail/tree/LTSbase | ||
129 | |||
130 | ## New commands: | ||
131 | ````` | ||
132 | --net.print=name|pid | ||
133 | If a new network namespace is enabled, print network interface | ||
134 | configuration for the sandbox specified by name or PID. Exam‐ | ||
135 | ple: | ||
136 | |||
137 | $ firejail --net.print=browser | ||
138 | Switching to pid 1853, the first child process inside the | ||
139 | sandbox | ||
140 | Interface MAC IP Mask Status | ||
141 | lo 127.0.0.1 255.0.0.0 UP | ||
142 | eth0-1852 5e:fb:8e:27:29:26 192.168.1.186 255.255.255.0 UP | ||
143 | ````` | ||
144 | 103 | ||
145 | ## New profiles: | 104 | ## New profiles: |
146 | |||
147 | ````` | ||
148 | $ ls etc/*.profile | wc -l | ||
149 | 608 | ||
150 | ````` | ||
151 | We have more than 600 application profiles on mainline! | ||
152 | |||
153 | |||
154 | QMediathekView, aria2c, Authenticator, checkbashisms, devilspie, devilspie2, easystroke, github-desktop, min, | ||
155 | bsdcat, bsdcpio, bsdtar, lzmadec, lbunzip2, lbzcat, lbzip2, lzcat, lzcmp, lzdiff, lzegrep, lzfgrep, lzgrep, | ||
156 | lzless, lzma, lzmainfo, lzmore, unlzma, unxz, xzcat, xzcmp, xzdiff, xzegrep, xzfgrep, xzgrep, xzless, xzmore, | ||
157 | lzip, artha, nitroshare, nitroshare-cli, nitroshare-nmh, nirtoshare-send, nitroshare-ui, mencoder, gnome-pie, | ||
158 | masterpdfeditor, QOwnNotes, aisleriot, Mendeley, feedreader, ocenaudio, mpsyt, | ||
159 | thunderbird-wayland, supertuxkart, ghostwriter, gajim-history-manager | ||
@@ -1,3 +1,7 @@ | |||
1 | firejail (0.9.59) baseline; urgency=low | ||
2 | * work in progress | ||
3 | -- netblue30 <netblue30@yahoo.com> Sun, 27 Jan 2019 08:00:00 -0500 | ||
4 | |||
1 | firejail (0.9.58) baseline; urgency=low | 5 | firejail (0.9.58) baseline; urgency=low |
2 | * --disable-mnt rework | 6 | * --disable-mnt rework |
3 | * --net.print command | 7 | * --net.print command |
@@ -1,6 +1,6 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh |
2 | # Guess values for system-dependent variables and create Makefiles. | 2 | # Guess values for system-dependent variables and create Makefiles. |
3 | # Generated by GNU Autoconf 2.69 for firejail 0.9.58. | 3 | # Generated by GNU Autoconf 2.69 for firejail 0.9.59. |
4 | # | 4 | # |
5 | # Report bugs to <netblue30@yahoo.com>. | 5 | # Report bugs to <netblue30@yahoo.com>. |
6 | # | 6 | # |
@@ -580,8 +580,8 @@ MAKEFLAGS= | |||
580 | # Identity of this package. | 580 | # Identity of this package. |
581 | PACKAGE_NAME='firejail' | 581 | PACKAGE_NAME='firejail' |
582 | PACKAGE_TARNAME='firejail' | 582 | PACKAGE_TARNAME='firejail' |
583 | PACKAGE_VERSION='0.9.58' | 583 | PACKAGE_VERSION='0.9.59' |
584 | PACKAGE_STRING='firejail 0.9.58' | 584 | PACKAGE_STRING='firejail 0.9.59' |
585 | PACKAGE_BUGREPORT='netblue30@yahoo.com' | 585 | PACKAGE_BUGREPORT='netblue30@yahoo.com' |
586 | PACKAGE_URL='https://firejail.wordpress.com' | 586 | PACKAGE_URL='https://firejail.wordpress.com' |
587 | 587 | ||
@@ -1275,7 +1275,7 @@ if test "$ac_init_help" = "long"; then | |||
1275 | # Omit some internal or obsolete options to make the list less imposing. | 1275 | # Omit some internal or obsolete options to make the list less imposing. |
1276 | # This message is too long to be a string in the A/UX 3.1 sh. | 1276 | # This message is too long to be a string in the A/UX 3.1 sh. |
1277 | cat <<_ACEOF | 1277 | cat <<_ACEOF |
1278 | \`configure' configures firejail 0.9.58 to adapt to many kinds of systems. | 1278 | \`configure' configures firejail 0.9.59 to adapt to many kinds of systems. |
1279 | 1279 | ||
1280 | Usage: $0 [OPTION]... [VAR=VALUE]... | 1280 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1281 | 1281 | ||
@@ -1337,7 +1337,7 @@ fi | |||
1337 | 1337 | ||
1338 | if test -n "$ac_init_help"; then | 1338 | if test -n "$ac_init_help"; then |
1339 | case $ac_init_help in | 1339 | case $ac_init_help in |
1340 | short | recursive ) echo "Configuration of firejail 0.9.58:";; | 1340 | short | recursive ) echo "Configuration of firejail 0.9.59:";; |
1341 | esac | 1341 | esac |
1342 | cat <<\_ACEOF | 1342 | cat <<\_ACEOF |
1343 | 1343 | ||
@@ -1442,7 +1442,7 @@ fi | |||
1442 | test -n "$ac_init_help" && exit $ac_status | 1442 | test -n "$ac_init_help" && exit $ac_status |
1443 | if $ac_init_version; then | 1443 | if $ac_init_version; then |
1444 | cat <<\_ACEOF | 1444 | cat <<\_ACEOF |
1445 | firejail configure 0.9.58 | 1445 | firejail configure 0.9.59 |
1446 | generated by GNU Autoconf 2.69 | 1446 | generated by GNU Autoconf 2.69 |
1447 | 1447 | ||
1448 | Copyright (C) 2012 Free Software Foundation, Inc. | 1448 | Copyright (C) 2012 Free Software Foundation, Inc. |
@@ -1744,7 +1744,7 @@ cat >config.log <<_ACEOF | |||
1744 | This file contains any messages produced by compilers while | 1744 | This file contains any messages produced by compilers while |
1745 | running configure, to aid debugging if configure makes a mistake. | 1745 | running configure, to aid debugging if configure makes a mistake. |
1746 | 1746 | ||
1747 | It was created by firejail $as_me 0.9.58, which was | 1747 | It was created by firejail $as_me 0.9.59, which was |
1748 | generated by GNU Autoconf 2.69. Invocation command line was | 1748 | generated by GNU Autoconf 2.69. Invocation command line was |
1749 | 1749 | ||
1750 | $ $0 $@ | 1750 | $ $0 $@ |
@@ -4379,7 +4379,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 | |||
4379 | # report actual input values of CONFIG_FILES etc. instead of their | 4379 | # report actual input values of CONFIG_FILES etc. instead of their |
4380 | # values after options handling. | 4380 | # values after options handling. |
4381 | ac_log=" | 4381 | ac_log=" |
4382 | This file was extended by firejail $as_me 0.9.58, which was | 4382 | This file was extended by firejail $as_me 0.9.59, which was |
4383 | generated by GNU Autoconf 2.69. Invocation command line was | 4383 | generated by GNU Autoconf 2.69. Invocation command line was |
4384 | 4384 | ||
4385 | CONFIG_FILES = $CONFIG_FILES | 4385 | CONFIG_FILES = $CONFIG_FILES |
@@ -4433,7 +4433,7 @@ _ACEOF | |||
4433 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 | 4433 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
4434 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" | 4434 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
4435 | ac_cs_version="\\ | 4435 | ac_cs_version="\\ |
4436 | firejail config.status 0.9.58 | 4436 | firejail config.status 0.9.59 |
4437 | configured by $0, generated by GNU Autoconf 2.69, | 4437 | configured by $0, generated by GNU Autoconf 2.69, |
4438 | with options \\"\$ac_cs_config\\" | 4438 | with options \\"\$ac_cs_config\\" |
4439 | 4439 | ||
diff --git a/configure.ac b/configure.ac index fcc5c5df4..17faf5b30 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,5 +1,5 @@ | |||
1 | AC_PREREQ([2.68]) | 1 | AC_PREREQ([2.68]) |
2 | AC_INIT(firejail, 0.9.58, netblue30@yahoo.com, , https://firejail.wordpress.com) | 2 | AC_INIT(firejail, 0.9.59, netblue30@yahoo.com, , https://firejail.wordpress.com) |
3 | AC_CONFIG_SRCDIR([src/firejail/main.c]) | 3 | AC_CONFIG_SRCDIR([src/firejail/main.c]) |
4 | #AC_CONFIG_HEADERS([config.h]) | 4 | #AC_CONFIG_HEADERS([config.h]) |
5 | 5 | ||