0.9.34 released0.9.34

5 files changed, 21 insertions, 76 deletions

diff --git a/README.md b/README.md
index 5e39b8765..ecae2d38a 100644
--- a/README.md
+++ b/README.md
@@ -34,74 +34,3 @@ FAQ: https://l3net.wordpress.com/projects/firejail/firejail-faq/
 
 
 
-## New features in the development version
-
-### Whitelisting in default Firefox profile
-
-The next release will bring in default whitelisting for Firefox files and folders under /home/user.
-If you start the sandbox without any other options, this is what you'll get:
-
-![Whitelisted home directory](firefox-whitelist.png?raw=true)
-
-The code is located in etc/firefox.inc file:
-
-`````
-whitelist ~/.mozilla
-whitelist ~/Downloads
-whitelist ~/dwhelper
-whitelist ~/.zotero
-whitelist ~/.lastpass
-whitelist ~/.gtkrc-2.0
-whitelist ~/.vimperatorrc
-whitelist ~/.vimperator
-whitelist ~/.pentadactylrc
-whitelist ~/.pentadactyl
-`````
-
-I intend to bring in all files and directories used by Firefox addons and plugins. So far I have
-[Video DownloadHelper](https://addons.mozilla.org/en-US/firefox/addon/video-downloadhelper/),
-[Zotero](https://www.zotero.org/download/), 
-[LastPass](https://addons.mozilla.org/en-US/firefox/addon/lastpass-password-manager/),
-[Vimperator](https://addons.mozilla.org/en-US/firefox/addon/vimperator/)
-and [Pentadactyl](http://5digits.org/pentadactyl/)
-If you're using anything else, please let me know.
-
-### Whitelisting in default Chromium profile
-
-![Whitelisted home directory](chromium-whitelist.png?raw=true)
-
-### --ignore option
-
-Ignore commands in profile files. Example:
-`````
-$ firejail --ignore=seccomp wine
-`````
-
-### --protocol option
-
-Enable protocol filter. It is based on seccomp and it filters the first argument to socket system call.
-If the value is not recognized, seccomp will kill the process.
-Valid values: unix, inet, inet6, netlink and packet.
-
-Example:
-`````
-$ firejail --protocol=unix,inet,inet6
-`````
-
-"unix" describes the regular Unix socket connections,
-and "inet" and "inet6" describe the regular IPv4 and IPv6 traffic. Most GUI applications need "unix,inet,inet6". "netlink" is the protocol
-used to talk to Linux kernel. You'll only need this for applications such as [iproute2](http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2)
-used in system administration, and "packet" is used by sniffers to talk directly with the Ethernet layer.
-
-Protocol filter is enabled in all default security profiles for GUI applications ("protocol unix,inet,inet6").
-
-### Dual i386/amd64 seccomp filter
-
---seccomp option now installs a dual i386/amd64 default filter.
-32bit applications, such as Skype, running on regular 64bit computers, are protected by i386 seccomp filter.
-
-### New security profiles
-
-Steam, Skype, Wine. The dual seccomp filter is enabled by default for these applications.
-
-
diff --git a/RELNOTES b/RELNOTES
index e450ba5a1..46231ed6d 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -1,11 +1,11 @@
-firejail (0.9.34-rc1) baseline; urgency=low
+firejail (0.9.34) baseline; urgency=low
   * added --ignore option
   * added --protocol option
   * support dual i386/amd64 seccomp filters
   * added Google Chrome profile
   * added Steam, Skype, Wine and Conkeror profiles
   * bugfixes
- -- netblue30 <netblue30@yahoo.com>  Thu, 29 Oct 2015 08:00:00 -0500
+ -- netblue30 <netblue30@yahoo.com>  Sat, 7 Nov 2015 08:00:00 -0500
 
 firejail (0.9.32) baseline; urgency=low
   * added --interface option
diff --git a/chromium-whitelist.png b/chromium-whitelist.png
deleted file mode 100644
index a90f2aa1f..000000000
--- a/chromium-whitelist.png
+++ /dev/null
diff --git a/firefox-whitelist.png b/firefox-whitelist.png
deleted file mode 100644
index e98cb4b02..000000000
--- a/firefox-whitelist.png
+++ /dev/null
diff --git a/platform/rpm/old-mkrpm.sh b/platform/rpm/old-mkrpm.sh
index 30aba0462..c65544cb5 100755
--- a/platform/rpm/old-mkrpm.sh
+++ b/platform/rpm/old-mkrpm.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-VERSION="0.9.32"
+VERSION="0.9.34"
 rm -fr ~/rpmbuild
 rm -f firejail-$VERSION-1.x86_64.rpm
 
@@ -45,7 +45,6 @@ install -m 644 /etc/firejail/chromium-browser.profile firejail-$VERSION/etc/fire
 install -m 644 /etc/firejail/chromium.profile firejail-$VERSION/etc/firejail/chromium.profile
 install -m 644 /etc/firejail/dropbox.profile firejail-$VERSION/etc/firejail/dropbox.profile
 install -m 644 /etc/firejail/disable-common.inc firejail-$VERSION/etc/firejail/disable-common.inc
-install -m 644 /etc/firejail/disable-history.inc firejail-$VERSION/etc/firejail/disable-history.inc
 install -m 644 /etc/firejail/disable-secret.inc firejail-$VERSION/etc/firejail/disable-secret.inc
 install -m 644 /etc/firejail/disable-mgmt.inc firejail-$VERSION/etc/firejail/disable-mgmt.inc
 install -m 644 /etc/firejail/evince.profile firejail-$VERSION/etc/firejail/evince.profile
@@ -71,6 +70,11 @@ install -m 644 /etc/firejail/deadbeef.profile firejail-$VERSION/etc/firejail/dea
 install -m 644 /etc/firejail/empathy.profile firejail-$VERSION/etc/firejail/empathy.profile
 install -m 644 /etc/firejail/fbreader.profile firejail-$VERSION/etc/firejail/fbreader.profile
 install -m 644 /etc/firejail/spotify.profile firejail-$VERSION/etc/firejail/spotify.profile
+install -m 644 /etc/firejail/google-chrome.profile firejail-$VERSION/etc/firejail/google-chrome.profile
+install -m 644 /etc/firejail/skype.profile firejail-$VERSION/etc/firejail/skype.profile
+install -m 644 /etc/firejail/steam.profile firejail-$VERSION/etc/firejail/steam.profile
+install -m 644 /etc/firejail/wine.profile firejail-$VERSION/etc/firejail/wine.profile
+install -m 644 /etc/firejail/disable-devel.inc firejail-$VERSION/etc/firejail/disable-devel.inc
 
 
 mkdir -p firejail-$VERSION/usr/share/bash-completion/completions
@@ -148,7 +152,6 @@ rm -rf %{buildroot}
 %config(noreplace) %{_sysconfdir}/%{name}/generic.profile
 %config(noreplace) %{_sysconfdir}/%{name}/deadbeef.profile
 %config(noreplace) %{_sysconfdir}/%{name}/disable-common.inc
-%config(noreplace) %{_sysconfdir}/%{name}/disable-history.inc
 %config(noreplace) %{_sysconfdir}/%{name}/empathy.profile
 %config(noreplace) %{_sysconfdir}/%{name}/filezilla.profile
 %config(noreplace) %{_sysconfdir}/%{name}/icecat.profile
@@ -158,6 +161,11 @@ rm -rf %{buildroot}
 %config(noreplace) %{_sysconfdir}/%{name}/xchat.profile
 %config(noreplace) %{_sysconfdir}/%{name}/fbreader.profile
 %config(noreplace) %{_sysconfdir}/%{name}/spotify.profile
+%config(noreplace) %{_sysconfdir}/%{name}/google-chrome.profile
+%config(noreplace) %{_sysconfdir}/%{name}/skype.profile
+%config(noreplace) %{_sysconfdir}/%{name}/steam.profile
+%config(noreplace) %{_sysconfdir}/%{name}/wine.profile
+%config(noreplace) %{_sysconfdir}/%{name}/disable-devel.inc
 
 /usr/bin/firejail
 /usr/bin/firemon
@@ -178,6 +186,14 @@ rm -rf %{buildroot}
 chmod u+s /usr/bin/firejail
 
 %changelog
+* Sat Nov 7 2015 netblue30 <netblue30@yahoo.com> 0.9.34-1
+ - added --ignore option
+ - added --protocol option
+ - support dual i386/amd64 seccomp filters
+ - added Google Chrome profile
+ - added Steam, Skype, Wine and Conkeror profiles
+ - bugfixes
+
 * Wed Oct 21 2015 netblue30 <netblue30@yahoo.com> 0.9.32-1
  - added --interface option
  - added --mtu option