release 0.9.300.9.30

author: netblue30 <netblue30@yahoo.com> 2015-09-14 09:50:12 -0400
committer: netblue30 <netblue30@yahoo.com> 2015-09-14 09:50:12 -0400
commit: 4d4ef74041fe82b99738529a259585e16bb0ea53 (patch)
tree: 97cbdc35f6a554d9933bc28dbe26d7ee7918ba37
parent: coverity scan (diff)
download: firejail-4d4ef74041fe82b99738529a259585e16bb0ea53.tar.gz
firejail-4d4ef74041fe82b99738529a259585e16bb0ea53.tar.zst
firejail-4d4ef74041fe82b99738529a259585e16bb0ea53.zip
6 files changed, 90 insertions, 15 deletions
diff --git a/README b/README
index b40b937cf..2bcfd8222 100644
--- a/README
+++ b/README
@@ -43,7 +43,7 @@ Michael Haas (https://github.com/mhaas)
 mjudtmann (https://github.com/mjudtmann)
        - lock firejail configuration in disable-mgmt.inc
 iiotx (https://github.com/iiotx)
-        - use generci.profile by default
+        - use generic.profile by default
 pstn (https://github.com/pstn)
        - added install-strip, make install without strip
 Alexey Kuznetsov (kuznet@ms2.inr.ac.ru)
diff --git a/RELNOTES b/RELNOTES
index a83d7957c..3c7b2dcdf 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -1,4 +1,4 @@
-firejail (0.9.30-rc1) baseline; urgency=low
+firejail (0.9.30) baseline; urgency=low
  * added a disable-history.inc profile as a result of Firefox PDF.js exploit;
    disable-history.inc included in all default profiles
  * Firefox PDF.js exploit (CVE-2015-4495) fixes
@@ -14,9 +14,9 @@ firejail (0.9.30-rc1) baseline; urgency=low
  * added build --enable-fatal-warnings configure option
  * added persistence to --overlay option
  * added --overlay-tmpfs option
-  * make install renamed make install-strip
+  * make install-strip implemented, make install renamed
  * bugfixes
- -- netblue30 <netblue30@yahoo.com>  Wed, 9 Sept 2015 08:00:00 -0500
+ -- netblue30 <netblue30@yahoo.com>  Mon, 14 Sept 2015 08:00:00 -0500
 firejail (0.9.28) baseline; urgency=low
  * network scanning, --scan option
diff --git a/configure b/configure
index f66bdaecc..2e95be9d2 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for firejail 0.9.30-rc2-development.
+# Generated by GNU Autoconf 2.69 for firejail 0.9.30.
 #
 # Report bugs to <netblue30@yahoo.com>.
 #
@@ -580,8 +580,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='firejail'
 PACKAGE_TARNAME='firejail'
-PACKAGE_VERSION='0.9.30-rc2-development'
+PACKAGE_VERSION='0.9.30'
-PACKAGE_STRING='firejail 0.9.30-rc2-development'
+PACKAGE_STRING='firejail 0.9.30'
 PACKAGE_BUGREPORT='netblue30@yahoo.com'
 PACKAGE_URL='http://firejail.sourceforge.net'
@@ -1238,7 +1238,7 @@ if test "$ac_init_help" = "long"; then
  # Omit some internal or obsolete options to make the list less imposing.
  # This message is too long to be a string in the A/UX 3.1 sh.
  cat <<_ACEOF
-\`configure' configures firejail 0.9.30-rc2-development to adapt to many kinds of systems.
+\`configure' configures firejail 0.9.30 to adapt to many kinds of systems.
 Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1299,7 +1299,7 @@ fi
 if test -n "$ac_init_help"; then
  case $ac_init_help in
-     short | recursive ) echo "Configuration of firejail 0.9.30-rc2-development:";;
+     short | recursive ) echo "Configuration of firejail 0.9.30:";;
   esac
  cat <<\_ACEOF
@@ -1389,7 +1389,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
  cat <<\_ACEOF
-firejail configure 0.9.30-rc2-development
+firejail configure 0.9.30
 generated by GNU Autoconf 2.69
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1691,7 +1691,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
-It was created by firejail $as_me 0.9.30-rc2-development, which was
+It was created by firejail $as_me 0.9.30, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
  $ $0 $@
@@ -4102,7 +4102,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by firejail $as_me 0.9.30-rc2-development, which was
+This file was extended by firejail $as_me 0.9.30, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
  CONFIG_FILES    = $CONFIG_FILES
@@ -4156,7 +4156,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-firejail config.status 0.9.30-rc2-development
+firejail config.status 0.9.30
 configured by $0, generated by GNU Autoconf 2.69,
  with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index 1ef911aac..ff11d95b6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,5 +1,5 @@
 AC_PREREQ([2.68])
-AC_INIT(firejail, 0.9.30-rc2-development, netblue30@yahoo.com, , http://firejail.sourceforge.net)
+AC_INIT(firejail, 0.9.30, netblue30@yahoo.com, , http://firejail.sourceforge.net)
 AC_CONFIG_SRCDIR([src/firejail/main.c])
 #AC_CONFIG_HEADERS([config.h])
diff --git a/platform/rpm/mkrpm.sh b/platform/rpm/mkrpm.sh
index adac1de46..4413b2fcb 100755
--- a/platform/rpm/mkrpm.sh
+++ b/platform/rpm/mkrpm.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-VERSION="0.9.26"
+VERSION="0.9.30"
 rm -fr ~/rpmbuild
 rm -f firejail-$VERSION-1.x86_64.rpm
@@ -19,6 +19,7 @@ install -m 755 /usr/bin/firemon firejail-$VERSION/usr/bin/.
 mkdir -p  firejail-$VERSION/usr/lib/firejail
 install -m 644 /usr/lib/firejail/libtrace.so  firejail-$VERSION/usr/lib/firejail/.
 install -m 755 /usr/lib/firejail/ftee  firejail-$VERSION/usr/lib/firejail/.
+install -m 755 /usr/lib/firejail/fshaper.sh  firejail-$VERSION/usr/lib/firejail/.
 mkdir -p firejail-$VERSION/usr/share/man/man1
 install -m 644 /usr/share/man/man1/firejail.1.gz firejail-$VERSION/usr/share/man/man1/.
@@ -26,6 +27,7 @@ install -m 644 /usr/share/man/man1/firemon.1.gz firejail-$VERSION/usr/share/man/
 mkdir -p firejail-$VERSION/usr/share/man/man5
 install -m 644 /usr/share/man/man5/firejail-profile.5.gz firejail-$VERSION/usr/share/man/man5/.
+install -m 644 /usr/share/man/man5/firejail-login.5.gz firejail-$VERSION/usr/share/man/man5/.
 mkdir -p firejail-$VERSION/usr/share/doc/packages/firejail
 install -m 644 /usr/share/doc/firejail/COPYING firejail-$VERSION/usr/share/doc/packages/firejail/.
@@ -33,9 +35,17 @@ install -m 644 /usr/share/doc/firejail/README firejail-$VERSION/usr/share/doc/pa
 install -m 644 /usr/share/doc/firejail/RELNOTES firejail-$VERSION/usr/share/doc/packages/firejail/.
 mkdir -p firejail-$VERSION/etc/firejail
+install -m 644 /etc/firejail/xchat.profile firejail-$VERSION/etc/firejail/xchat.profile
+install -m 644 /etc/firejail/server.profile firejail-$VERSION/etc/firejail/server.profile
+install -m 644 /etc/firejail/quassel.profile firejail-$VERSION/etc/firejail/quassel.profile
+install -m 644 /etc/firejail/pidgin.profile firejail-$VERSION/etc/firejail/pidgin.profile
+install -m 644 /etc/firejail/icecat.profile firejail-$VERSION/etc/firejail/icecat.profile
+install -m 644 /etc/firejail/filezilla.profile firejail-$VERSION/etc/firejail/filezilla.profile
 install -m 644 /etc/firejail/chromium-browser.profile firejail-$VERSION/etc/firejail/chromium-browser.profile
 install -m 644 /etc/firejail/chromium.profile firejail-$VERSION/etc/firejail/chromium.profile
 install -m 644 /etc/firejail/dropbox.profile firejail-$VERSION/etc/firejail/dropbox.profile
+install -m 644 /etc/firejail/disable-common.inc firejail-$VERSION/etc/firejail/disable-common.inc
+install -m 644 /etc/firejail/disable-history.inc firejail-$VERSION/etc/firejail/disable-history.inc
 install -m 644 /etc/firejail/disable-secret.inc firejail-$VERSION/etc/firejail/disable-secret.inc
 install -m 644 /etc/firejail/disable-mgmt.inc firejail-$VERSION/etc/firejail/disable-mgmt.inc
 install -m 644 /etc/firejail/evince.profile firejail-$VERSION/etc/firejail/evince.profile
@@ -57,9 +67,13 @@ install -m 644 /etc/firejail/deluge.profile firejail-$VERSION/etc/firejail/delug
 install -m 644 /etc/firejail/qbittorrent.profile firejail-$VERSION/etc/firejail/qbittorrent.profile
 install -m 644 /etc/firejail/generic.profile firejail-$VERSION/etc/firejail/generic.profile
 install -m 644 /etc/firejail/login.users firejail-$VERSION/etc/firejail/login.users
+install -m 644 /etc/firejail/deadbeef.profile firejail-$VERSION/etc/firejail/deadbeef.profile
+install -m 644 /etc/firejail/empathy.profile firejail-$VERSION/etc/firejail/empathy.profile
 mkdir -p firejail-$VERSION/usr/share/bash-completion/completions
 install -m 644 /usr/share/bash-completion/completions/firejail  firejail-$VERSION/usr/share/bash-completion/completions/.
+install -m 644 /usr/share/bash-completion/completions/firemon  firejail-$VERSION/usr/share/bash-completion/completions/.
 echo "building tar.gz archive"
 tar -czvf firejail-$VERSION.tar.gz firejail-$VERSION
@@ -130,23 +144,72 @@ rm -rf %{buildroot}
 %config(noreplace) %{_sysconfdir}/%{name}/deluge.profile
 %config(noreplace) %{_sysconfdir}/%{name}/qbittorrent.profile
 %config(noreplace) %{_sysconfdir}/%{name}/generic.profile
+%config(noreplace) %{_sysconfdir}/%{name}/deadbeef.profile
+%config(noreplace) %{_sysconfdir}/%{name}/disable-common.inc
+%config(noreplace) %{_sysconfdir}/%{name}/disable-history.inc
+%config(noreplace) %{_sysconfdir}/%{name}/empathy.profile
+%config(noreplace) %{_sysconfdir}/%{name}/filezilla.profile
+%config(noreplace) %{_sysconfdir}/%{name}/icecat.profile
+%config(noreplace) %{_sysconfdir}/%{name}/pidgin.profile
+%config(noreplace) %{_sysconfdir}/%{name}/quassel.profile
+%config(noreplace) %{_sysconfdir}/%{name}/server.profile
+%config(noreplace) %{_sysconfdir}/%{name}/xchat.profile
 /usr/bin/firejail
 /usr/bin/firemon
 /usr/lib/firejail/libtrace.so
 /usr/lib/firejail/ftee
+/usr/lib/firejail/fshaper.sh
 /usr/share/doc/packages/firejail/COPYING
 /usr/share/doc/packages/firejail/README
 /usr/share/doc/packages/firejail/RELNOTES
 /usr/share/man/man1/firejail.1.gz
 /usr/share/man/man1/firemon.1.gz
 /usr/share/man/man5/firejail-profile.5.gz
+/usr/share/man/man5/firejail-login.5.gz
 /usr/share/bash-completion/completions/firejail
+/usr/share/bash-completion/completions/firemon
 
 %post
 chmod u+s /usr/bin/firejail
 %changelog
+* Mon Sep 14 2015 netblue30 <netblue30@yahoo.com> 0.9.30-1
+ - added a disable-history.inc profile as a result of Firefox PDF.js exploit;
+   disable-history.inc included in all default profiles
+ - Firefox PDF.js exploit (CVE-2015-4495) fixes
+ - added --private-etc option
+ - added --env option
+ - added --whitelist option
+ - support ${HOME} token in include directive in profile files
+ - --private.keep is transitioned to --private-home
+ - support ~ and blanks in blacklist option
+ - support "net none" command in profile files
+ - using /etc/firejail/generic.profile by default for user sessions
+ - using /etc/firejail/server.profile by default for root sessions
+ - added build --enable-fatal-warnings configure option
+ - added persistence to --overlay option
+ - added --overlay-tmpfs option
+ - make install-strip implemented, make install renamed
+ - bugfixes
+* Sat Aug 1 2015 netblue30 <netblue30@yahoo.com> 0.9.28-1
+ - network scanning, --scan option
+ - interface MAC address support, --mac option
+ - IP address range, --iprange option
+ - traffic shaping, --bandwidth option
+ - reworked printing of network status at startup
+ - man pages rework
+ - added firejail-login man page
+ - added GNU Icecat, FileZilla, Pidgin, XChat, Empathy, DeaDBeeF default
+   profiles
+ - added an /etc/firejail/disable-common.inc file to hold common directory
+   blacklists
+ - blacklist Opera and Chrome/Chromium config directories in profile files
+ - support noroot option for profile files
+ - enabled noroot in default profile files
+ - bugfixes
 * Thu Apr 30 2015 netblue30 <netblue30@yahoo.com> 0.9.26-1
 - private dev directory
 - private.keep option for whitelisting home files in a new private directory
diff --git a/todo b/todo
index f5be62d9f..3e329f3c4 100644
--- a/todo
+++ b/todo
@@ -31,3 +31,15 @@ $
 4. Remove exclude-token from profile include in 0.9.34 (deprecated in 0.9.30)
+5. Debian 32bit compile with --enable-fatal-warnings
+make[1]: Entering directory `/home/netblue/work/firejail-0.9.30/src/firejail'
+cc -ggdb -W -Wall -Werror -O2 -DVERSION='"0.9.30"' -DPREFIX='"/usr"' -DHAVE_SECCOMP  -DHAVE_CHROOT -DHAVE_BIND -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security  -c seccomp.c -o seccomp.o
+seccomp.c: In function ‘write_seccomp_file’:
+seccomp.c:337:81: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 2 has type ‘unsigned int’ [-Werror=format]
+seccomp.c: In function ‘read_seccomp_file’:
+seccomp.c:391:81: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 2 has type ‘unsigned int’ [-Werror=format]
+cc1: all warnings being treated as errors
+make[1]: *** [seccomp.o] Error 1
+6. Debian 32bit - multiple problems with the testing utility
author	netblue30 <netblue30@yahoo.com>	2015-09-14 09:50:12 -0400
committer	netblue30 <netblue30@yahoo.com>	2015-09-14 09:50:12 -0400
commit	4d4ef74041fe82b99738529a259585e16bb0ea53 (patch)
tree	97cbdc35f6a554d9933bc28dbe26d7ee7918ba37
parent	coverity scan (diff)
download	firejail-4d4ef74041fe82b99738529a259585e16bb0ea53.tar.gz firejail-4d4ef74041fe82b99738529a259585e16bb0ea53.tar.zst firejail-4d4ef74041fe82b99738529a259585e16bb0ea53.zip