aboutsummaryrefslogtreecommitdiffstats
path: root/Makefile.in
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@protonmail.com>2020-08-22 06:41:56 -0500
committerLibravatar GitHub <noreply@github.com>2020-08-22 06:41:56 -0500
commit14f7b4decb811eb2e0d2c4d5a10bfd16351a7a5a (patch)
tree2dfd331b7bededc4bb4d12c25386652d8dc4bff0 /Makefile.in
parentMerge pull request #3594 from smitsohu/ls (diff)
parentcleanup (diff)
downloadfirejail-14f7b4decb811eb2e0d2c4d5a10bfd16351a7a5a.tar.gz
firejail-14f7b4decb811eb2e0d2c4d5a10bfd16351a7a5a.tar.zst
firejail-14f7b4decb811eb2e0d2c4d5a10bfd16351a7a5a.zip
Merge pull request #3572 from smitsohu/dumpable
hardening: run plugins with dumpable flag cleared
Diffstat (limited to 'Makefile.in')
-rw-r--r--Makefile.in12
1 files changed, 8 insertions, 4 deletions
diff --git a/Makefile.in b/Makefile.in
index f1002f892..890ba1b0a 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -18,15 +18,16 @@ HAVE_SUID=@HAVE_SUID@
18 18
19all: all_items man filters 19all: all_items man filters
20APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats 20APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats
21SBOX_APPS = src/faudit/faudit src/fbuilder/fbuilder src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter src/ftee/ftee 21SBOX_APPS = src/faudit/faudit src/fbuilder/fbuilder src/ftee/ftee
22SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter
22MYDIRS = src/lib 23MYDIRS = src/lib
23MYLIBS = src/libpostexecseccomp/libpostexecseccomp.so src/libtrace/libtrace.so src/libtracelog/libtracelog.so 24MYLIBS = src/libpostexecseccomp/libpostexecseccomp.so src/libtrace/libtrace.so src/libtracelog/libtracelog.so
24MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5 firejail-users.5 25MANPAGES = firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5 firejail-users.5
25ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP) 26ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP)
26SBOX_APPS += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp 27SBOX_APPS_NON_DUMPABLE += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp
27SECCOMP_FILTERS = seccomp seccomp.debug seccomp.32 seccomp.block_secondary seccomp.mdwx seccomp.mdwx.32 28SECCOMP_FILTERS = seccomp seccomp.debug seccomp.32 seccomp.block_secondary seccomp.mdwx seccomp.mdwx.32
28endif 29endif
29ALL_ITEMS = $(APPS) $(SBOX_APPS) $(MYLIBS) 30ALL_ITEMS = $(APPS) $(SBOX_APPS) $(SBOX_APPS_NON_DUMPABLE) $(MYLIBS)
30 31
31.PHONY: all_items $(ALL_ITEMS) 32.PHONY: all_items $(ALL_ITEMS)
32all_items: $(ALL_ITEMS) 33all_items: $(ALL_ITEMS)
@@ -43,7 +44,7 @@ $(MANPAGES): $(wildcard src/man/*.txt)
43 44
44man: $(MANPAGES) 45man: $(MANPAGES)
45 46
46filters: $(SECCOMP_FILTERS) $(SBOX_APPS) 47filters: $(SECCOMP_FILTERS) $(SBOX_APPS_NON_DUMPABLE)
47ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP) 48ifeq ($(HAVE_SECCOMP),-DHAVE_SECCOMP)
48seccomp: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize 49seccomp: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
49 src/fseccomp/fseccomp default seccomp 50 src/fseccomp/fseccomp default seccomp
@@ -106,7 +107,10 @@ endif
106 install -m 0755 -d $(DESTDIR)$(libdir)/firejail 107 install -m 0755 -d $(DESTDIR)$(libdir)/firejail
107 install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS) src/firecfg/firecfg.config 108 install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS) src/firecfg/firecfg.config
108 install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS) 109 install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS)
110 # non-dumpable plugins
111 install -m 0711 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS_NON_DUMPABLE)
109ifeq ($(HAVE_CONTRIB_INSTALL),yes) 112ifeq ($(HAVE_CONTRIB_INSTALL),yes)
113 # contrib scripts
110 install -m 0755 -t $(DESTDIR)$(libdir)/firejail contrib/*.py contrib/*.sh 114 install -m 0755 -t $(DESTDIR)$(libdir)/firejail contrib/*.py contrib/*.sh
111 # vim syntax 115 # vim syntax
112 install -m 0755 -d $(DESTDIR)$(datarootdir)/vim/vimfiles/ftdetect 116 install -m 0755 -d $(DESTDIR)$(datarootdir)/vim/vimfiles/ftdetect
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-26 07:57:14 +0000