Update spec file

author: Jon Griffiths <jon_p_griffiths@yahoo.com> 2016-02-16 02:47:25 +1300
committer: Jon Griffiths <jon_p_griffiths@yahoo.com> 2016-02-16 02:47:25 +1300
commit: 497b755f6edd8a28af42dff02aaf2b7b7c49a546 (patch)
tree: 2d548f208ba6ffaf4b3f30c119e6dae6184479f1 /platform/rpm
parent: centos6 fix (diff)
download: firejail-497b755f6edd8a28af42dff02aaf2b7b7c49a546.tar.gz
firejail-497b755f6edd8a28af42dff02aaf2b7b7c49a546.tar.zst
firejail-497b755f6edd8a28af42dff02aaf2b7b7c49a546.zip
1 files changed, 1 insertions, 136 deletions
diff --git a/platform/rpm/firejail.spec b/platform/rpm/firejail.spec
index f1bf7ad7b..98b556d56 100644
--- a/platform/rpm/firejail.spec
+++ b/platform/rpm/firejail.spec
@@ -29,7 +29,6 @@ rm -rf %{buildroot}
 %clean
 rm -rf %{buildroot}
 %files
 %doc
 %defattr(-, root, root, -)
@@ -38,6 +37,7 @@ rm -rf %{buildroot}
 %{_libdir}/firejail/ftee
 %{_libdir}/firejail/fshaper.sh
 %{_libdir}/firejail/libtrace.so
+%{_libdir}/firejail/libtracelog.so
 %{_datarootdir}/bash-completion/completions/firejail
 %{_datarootdir}/bash-completion/completions/firemon
 %{_docdir}/firejail
@@ -47,138 +47,3 @@ rm -rf %{buildroot}
 %{_mandir}/man5/firejail-profile.5.gz
 %config %{_sysconfdir}/firejail
-%changelog
-* Mon Sep 14 2015 netblue30 <netblue30@yahoo.com> 0.9.30-1
- - added a disable-history.inc profile as a result of Firefox PDF.js exploit;
-   disable-history.inc included in all default profiles
- - Firefox PDF.js exploit (CVE-2015-4495) fixes
- - added --private-etc option
- - added --env option
- - added --whitelist option
- - support ${HOME} token in include directive in profile files
- - --private.keep is transitioned to --private-home
- - support ~ and blanks in blacklist option
- - support "net none" command in profile files
- - using /etc/firejail/generic.profile by default for user sessions
- - using /etc/firejail/server.profile by default for root sessions
- - added build --enable-fatal-warnings configure option
- - added persistence to --overlay option
- - added --overlay-tmpfs option
- - make install-strip implemented, make install renamed
- - bugfixes
-* Sat Aug 1 2015 netblue30 <netblue30@yahoo.com> 0.9.28-1
- - network scanning, --scan option
- - interface MAC address support, --mac option
- - IP address range, --iprange option
- - traffic shaping, --bandwidth option
- - reworked printing of network status at startup
- - man pages rework
- - added firejail-login man page
- - added GNU Icecat, FileZilla, Pidgin, XChat, Empathy, DeaDBeeF default
-   profiles
- - added an /etc/firejail/disable-common.inc file to hold common directory
-   blacklists
- - blacklist Opera and Chrome/Chromium config directories in profile files
- - support noroot option for profile files
- - enabled noroot in default profile files
- - bugfixes
-* Thu Apr 30 2015 netblue30 <netblue30@yahoo.com> 0.9.26-1
- - private dev directory
- - private.keep option for whitelisting home files in a new private directory
- - user namespaces support, noroot option
- - added Deluge and qBittorent profiles
- - bugfixes
-* Sun Apr 5 2015  netblue30 <netblue30@yahoo.com> 0.9.24-1
- - whitelist and blacklist seccomp filters
- - doubledash option
- - --shell=none support
- - netfilter file support in profile files
- - dns server support in profile files
- - added --dns.print option
- - added default profiles for Audoacious, Clementine, Rhythmbox and Totem.
- - added --caps.drop=all in default profiles
- - new syscalls in default seccomp filter: sysfs, sysctl, adjtimex, kcmp
- -        clock_adjtime, lookup_dcookie, perf_event_open, fanotify_init
- - Bugfix: using /proc/sys/kernel/pid_max for the max number of pids
- - two build patches from Reiner Herman (tickets 11, 12)
- - man page patch from Reiner Herman (ticket 13)
- - output patch (ticket 15) from sshirokov
-* Mon Mar 9 2015  netblue30 <netblue30@yahoo.com> 0.9.22-1
- - Replaced --noip option with --ip=none
- - Container stdout logging and log rotation
- - Added process_vm_readv, process_vm_writev and mknod to
-     default seccomp blacklist
- - Added CAP_MKNOD to default caps blacklist
- - Blacklist and whitelist custom Linux capabilities filters
- - macvlan device driver support for --net option
- - DNS server support, --dns option
- - Netfilter support
- - Monitor network statistics, --netstats option
- - Added profile for Mozilla Thunderbird/Icedove
- - --overlay support for Linux kernels 3.18+
- - Bugfix: preserve .Xauthority file in private mode (test with ssh -X)
- - Bugfix: check uid/gid for cgroup
-* Fri Feb 6 2015   netblue30 <netblue30@yahoo.com> 0.9.20-1
- - utmp, btmp and wtmp enhancements
- -    create empty /var/log/wtmp and /var/log/btmp files in sandbox
- -    generate a new /var/run/utmp file in sandbox
- - CPU affinity, --cpu option
- - Linux control groups support, --cgroup option
- - Opera web browser support
- - VLC support
- - Added "empty" attribute to seccomp command to remove the default
- -    syscall list form seccomp blacklist
- - Added --nogroups option to disable supplementary groups for regular
- -   users. root user always runs without supplementary groups.
- - firemon enhancements
- -   display the command that started the sandbox
- -   added --caps option to display capabilities for all sandboxes
- -   added --cgroup option to display the control groups for all sandboxes
- -   added --cpu option to display CPU affinity for all sandboxes
- -   added --seccomp option to display seccomp setting for all sandboxes
- - New compile time options: --disable-chroot, --disable-bind
- - bugfixes
-* Sat Dec 27 2014  netblue30 <netblue30@yahoo.com> 0.9.18-1
- - Support for tracing system, setuid, setgid, setfsuid, setfsgid syscalls
- - Support for tracing setreuid, setregid, setresuid, setresguid syscalls
- - Added profiles for transmission-gtk and transmission-qt
- - bugfixes
-* Tue Nov 4 2014  netblue30 <netblue30@yahoo.com> 0.9.16-1
- - Configurable private home directory
- - Configurable default user shell
- - Software configuration support for --docdir and DESTDIR
- - Profile file support for include, caps, seccomp and private keywords
- - Dropbox profile file
- - Linux capabilities and seccomp filters enabled by default for Firefox,
-  Midori, Evince and Dropbox
- - bugfixes
-* Wed Oct 8 2014  netblue30 <netblue30@yahoo.com> 0.9.14-1
- - Linux capabilities and seccomp filters are automatically enabled in 
-   chroot mode (--chroot option) if the sandbox is started as regular
-   user
- - Added support for user defined seccomp blacklists
- - Added syscall trace support
- - Added --tmpfs option
- - Added --balcklist option
- - Added --read-only option
- - Added --bind option
- - Logging enhancements
- - --overlay option was reactivated
- - Added firemon support to print the ARP table for each sandbox
- - Added firemon support to print the route table for each sandbox
- - Added firemon support to print interface information for each sandbox
- - bugfixes
-* Tue Sep 16 2014 netblue30 <netblue30@yahoo.com> 0.9.12-1
- - Added capabilities support
- - Added support for CentOS 7
- - bugfixes
author	Jon Griffiths <jon_p_griffiths@yahoo.com>	2016-02-16 02:47:25 +1300
committer	Jon Griffiths <jon_p_griffiths@yahoo.com>	2016-02-16 02:47:25 +1300
commit	497b755f6edd8a28af42dff02aaf2b7b7c49a546 (patch)
tree	2d548f208ba6ffaf4b3f30c119e6dae6184479f1 /platform/rpm
parent	centos6 fix (diff)
download	firejail-497b755f6edd8a28af42dff02aaf2b7b7c49a546.tar.gz firejail-497b755f6edd8a28af42dff02aaf2b7b7c49a546.tar.zst firejail-497b755f6edd8a28af42dff02aaf2b7b7c49a546.zip

diff --git a/platform/rpm/firejail.spec b/platform/rpm/firejail.spec index f1bf7ad7b..98b556d56 100644 --- a/platform/rpm/firejail.spec +++ b/platform/rpm/firejail.spec
@@ -29,7 +29,6 @@ rm -rf %{buildroot}
29	%clean	29	%clean
30	rm -rf %{buildroot}	30	rm -rf %{buildroot}
31		31
32
33	%files	32	%files
34	%doc	33	%doc
35	%defattr(-, root, root, -)	34	%defattr(-, root, root, -)
@@ -38,6 +37,7 @@ rm -rf %{buildroot}
38	%{_libdir}/firejail/ftee	37	%{_libdir}/firejail/ftee
39	%{_libdir}/firejail/fshaper.sh	38	%{_libdir}/firejail/fshaper.sh
40	%{_libdir}/firejail/libtrace.so	39	%{_libdir}/firejail/libtrace.so
		40	%{_libdir}/firejail/libtracelog.so
41	%{_datarootdir}/bash-completion/completions/firejail	41	%{_datarootdir}/bash-completion/completions/firejail
42	%{_datarootdir}/bash-completion/completions/firemon	42	%{_datarootdir}/bash-completion/completions/firemon
43	%{_docdir}/firejail	43	%{_docdir}/firejail
@@ -47,138 +47,3 @@ rm -rf %{buildroot}
47	%{_mandir}/man5/firejail-profile.5.gz	47	%{_mandir}/man5/firejail-profile.5.gz
48	%config %{_sysconfdir}/firejail	48	%config %{_sysconfdir}/firejail
49		49
50	%changelog
51	* Mon Sep 14 2015 netblue30 <netblue30@yahoo.com> 0.9.30-1
52	- added a disable-history.inc profile as a result of Firefox PDF.js exploit;
53	disable-history.inc included in all default profiles
54	- Firefox PDF.js exploit (CVE-2015-4495) fixes
55	- added --private-etc option
56	- added --env option
57	- added --whitelist option
58	- support ${HOME} token in include directive in profile files
59	- --private.keep is transitioned to --private-home
60	- support ~ and blanks in blacklist option
61	- support "net none" command in profile files
62	- using /etc/firejail/generic.profile by default for user sessions
63	- using /etc/firejail/server.profile by default for root sessions
64	- added build --enable-fatal-warnings configure option
65	- added persistence to --overlay option
66	- added --overlay-tmpfs option
67	- make install-strip implemented, make install renamed
68	- bugfixes
69
70	* Sat Aug 1 2015 netblue30 <netblue30@yahoo.com> 0.9.28-1
71	- network scanning, --scan option
72	- interface MAC address support, --mac option
73	- IP address range, --iprange option
74	- traffic shaping, --bandwidth option
75	- reworked printing of network status at startup
76	- man pages rework
77	- added firejail-login man page
78	- added GNU Icecat, FileZilla, Pidgin, XChat, Empathy, DeaDBeeF default
79	profiles
80	- added an /etc/firejail/disable-common.inc file to hold common directory
81	blacklists
82	- blacklist Opera and Chrome/Chromium config directories in profile files
83	- support noroot option for profile files
84	- enabled noroot in default profile files
85	- bugfixes
86
87	* Thu Apr 30 2015 netblue30 <netblue30@yahoo.com> 0.9.26-1
88	- private dev directory
89	- private.keep option for whitelisting home files in a new private directory
90	- user namespaces support, noroot option
91	- added Deluge and qBittorent profiles
92	- bugfixes
93
94	* Sun Apr 5 2015 netblue30 <netblue30@yahoo.com> 0.9.24-1
95	- whitelist and blacklist seccomp filters
96	- doubledash option
97	- --shell=none support
98	- netfilter file support in profile files
99	- dns server support in profile files
100	- added --dns.print option
101	- added default profiles for Audoacious, Clementine, Rhythmbox and Totem.
102	- added --caps.drop=all in default profiles
103	- new syscalls in default seccomp filter: sysfs, sysctl, adjtimex, kcmp
104	- clock_adjtime, lookup_dcookie, perf_event_open, fanotify_init
105	- Bugfix: using /proc/sys/kernel/pid_max for the max number of pids
106	- two build patches from Reiner Herman (tickets 11, 12)
107	- man page patch from Reiner Herman (ticket 13)
108	- output patch (ticket 15) from sshirokov
109
110	* Mon Mar 9 2015 netblue30 <netblue30@yahoo.com> 0.9.22-1
111	- Replaced --noip option with --ip=none
112	- Container stdout logging and log rotation
113	- Added process_vm_readv, process_vm_writev and mknod to
114	default seccomp blacklist
115	- Added CAP_MKNOD to default caps blacklist
116	- Blacklist and whitelist custom Linux capabilities filters
117	- macvlan device driver support for --net option
118	- DNS server support, --dns option
119	- Netfilter support
120	- Monitor network statistics, --netstats option
121	- Added profile for Mozilla Thunderbird/Icedove
122	- --overlay support for Linux kernels 3.18+
123	- Bugfix: preserve .Xauthority file in private mode (test with ssh -X)
124	- Bugfix: check uid/gid for cgroup
125
126	* Fri Feb 6 2015 netblue30 <netblue30@yahoo.com> 0.9.20-1
127	- utmp, btmp and wtmp enhancements
128	- create empty /var/log/wtmp and /var/log/btmp files in sandbox
129	- generate a new /var/run/utmp file in sandbox
130	- CPU affinity, --cpu option
131	- Linux control groups support, --cgroup option
132	- Opera web browser support
133	- VLC support
134	- Added "empty" attribute to seccomp command to remove the default
135	- syscall list form seccomp blacklist
136	- Added --nogroups option to disable supplementary groups for regular
137	- users. root user always runs without supplementary groups.
138	- firemon enhancements
139	- display the command that started the sandbox
140	- added --caps option to display capabilities for all sandboxes
141	- added --cgroup option to display the control groups for all sandboxes
142	- added --cpu option to display CPU affinity for all sandboxes
143	- added --seccomp option to display seccomp setting for all sandboxes
144	- New compile time options: --disable-chroot, --disable-bind
145	- bugfixes
146
147	* Sat Dec 27 2014 netblue30 <netblue30@yahoo.com> 0.9.18-1
148	- Support for tracing system, setuid, setgid, setfsuid, setfsgid syscalls
149	- Support for tracing setreuid, setregid, setresuid, setresguid syscalls
150	- Added profiles for transmission-gtk and transmission-qt
151	- bugfixes
152
153	* Tue Nov 4 2014 netblue30 <netblue30@yahoo.com> 0.9.16-1
154	- Configurable private home directory
155	- Configurable default user shell
156	- Software configuration support for --docdir and DESTDIR
157	- Profile file support for include, caps, seccomp and private keywords
158	- Dropbox profile file
159	- Linux capabilities and seccomp filters enabled by default for Firefox,
160	Midori, Evince and Dropbox
161	- bugfixes
162
163	* Wed Oct 8 2014 netblue30 <netblue30@yahoo.com> 0.9.14-1
164	- Linux capabilities and seccomp filters are automatically enabled in
165	chroot mode (--chroot option) if the sandbox is started as regular
166	user
167	- Added support for user defined seccomp blacklists
168	- Added syscall trace support
169	- Added --tmpfs option
170	- Added --balcklist option
171	- Added --read-only option
172	- Added --bind option
173	- Logging enhancements
174	- --overlay option was reactivated
175	- Added firemon support to print the ARP table for each sandbox
176	- Added firemon support to print the route table for each sandbox
177	- Added firemon support to print interface information for each sandbox
178	- bugfixes
179
180	* Tue Sep 16 2014 netblue30 <netblue30@yahoo.com> 0.9.12-1
181	- Added capabilities support
182	- Added support for CentOS 7
183	- bugfixes
184