diff options
-rw-r--r-- | README.md | 48 | ||||
-rwxr-xr-x | configure | 423 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | video.png | bin | 192787 -> 0 bytes |
4 files changed, 79 insertions, 394 deletions
@@ -18,8 +18,41 @@ The sandbox is lightweight, the overhead is low. There are no complicated config | |||
18 | no socket connections open, no daemons running in the background. All security features are | 18 | no socket connections open, no daemons running in the background. All security features are |
19 | implemented directly in Linux kernel and available on any Linux computer. | 19 | implemented directly in Linux kernel and available on any Linux computer. |
20 | 20 | ||
21 | [![Firejail Firefox Demo](video.png)](https://www.youtube.com/watch?v=kCnAxD144nU) | 21 | <table><tr> |
22 | 22 | ||
23 | <td> | ||
24 | <a href="http://www.youtube.com/watch?feature=player_embedded&v=7RMz7tePA98 | ||
25 | " target="_blank"><img src="http://img.youtube.com/vi/7RMz7tePA98/0.jpg" | ||
26 | alt="Firejail Intro video" width="240" height="180" border="10" /><br/>Firejail Intro</a> | ||
27 | </td> | ||
28 | |||
29 | <td> | ||
30 | <a href="http://www.youtube.com/watch?feature=player_embedded&v=J1ZsXrpAgBU | ||
31 | " target="_blank"><img src="http://img.youtube.com/vi/J1ZsXrpAgBU/0.jpg" | ||
32 | alt="Firejail Intro video" width="240" height="180" border="10" /><br/>Firejail Demo</a> | ||
33 | </td> | ||
34 | |||
35 | <td> | ||
36 | <a href="http://www.youtube.com/watch?feature=player_embedded&v=EyEz65RYfw4 | ||
37 | " target="_blank"><img src="http://img.youtube.com/vi/EyEz65RYfw4/0.jpg" | ||
38 | alt="Firejail Intro video" width="240" height="180" border="10" /><br/>Debian Install</a> | ||
39 | </td> | ||
40 | |||
41 | |||
42 | </tr><tr> | ||
43 | <td> | ||
44 | <a href="http://www.youtube.com/watch?feature=player_embedded&v=Uy2ZTHc4s0w | ||
45 | " target="_blank"><img src="http://img.youtube.com/vi/Uy2ZTHc4s0w/0.jpg" | ||
46 | alt="Firejail Intro video" width="240" height="180" border="10" /><br/>Arch Linux Install</a> | ||
47 | |||
48 | </td> | ||
49 | <td> | ||
50 | <a href="http://www.youtube.com/watch?feature=player_embedded&v=xuMxRx0zSfQ | ||
51 | " target="_blank"><img src="http://img.youtube.com/vi/xuMxRx0zSfQ/0.jpg" | ||
52 | alt="Firejail Intro video" width="240" height="180" border="10" /><br/>Disable Network Access</a> | ||
53 | |||
54 | </td> | ||
55 | </tr></table> | ||
23 | 56 | ||
24 | Project webpage: https://firejail.wordpress.com/ | 57 | Project webpage: https://firejail.wordpress.com/ |
25 | 58 | ||
@@ -112,14 +145,9 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
112 | ````` | 145 | ````` |
113 | 146 | ||
114 | ````` | 147 | ````` |
115 | ## Latest released version: 0.9.60 | 148 | ## Latest released version: 0.9.60 - release 0.9.62 pending |
116 | 149 | ||
117 | ## Current development version: 0.9.61 | 150 | The development for 0.9.62 is handled on release-0.9.62 branch. Please put only fixes there. Thanks! |
118 | 151 | ||
119 | ## New profiles: | ||
120 | 152 | ||
121 | gnome-sound-recorder, godot, jerry, keepassxc-cli, keepassxc-proxy, klatexformula, klatexformula_cmdl, links, newsbeuter, OpenArena, | 153 | ## Current development version: 0.9.63 |
122 | pandoc, qgis, rhythmbox-client, tcpdump, teams-for-linux, tshark, xlinks, zeal, mpg123, conplay, mpg123.bin, mpg123-alsa, mpg123-id3dump, | ||
123 | mpg123-jack, mpg123-nas, mpg123-openal, mpg123-oss, mpg123-portaudio, mpg123-pulse, mpg123-strip, out123, pavucontrol-qt, | ||
124 | gnome-characters, gnome-character-map, rsync, Whalebird, tor-browser (AUR), Zulip, tb-starter-wrapper, bzcat, kiwix-desktop, ar, | ||
125 | gnome-latex, pngquant, kalgebra, kalgebramobile, signal-cli, amuled, kfind, profanity, audio-recorder, cameramonitor, ddgtk, drawio, electron-mail, gmpc, unf, gist, gist-paste | ||
@@ -1,6 +1,6 @@ | |||
1 | #! /bin/sh | 1 | #! /bin/sh |
2 | # Guess values for system-dependent variables and create Makefiles. | 2 | # Guess values for system-dependent variables and create Makefiles. |
3 | # Generated by GNU Autoconf 2.69 for firejail 0.9.61. | 3 | # Generated by GNU Autoconf 2.69 for firejail 0.9.63. |
4 | # | 4 | # |
5 | # Report bugs to <netblue30@yahoo.com>. | 5 | # Report bugs to <netblue30@yahoo.com>. |
6 | # | 6 | # |
@@ -580,8 +580,8 @@ MAKEFLAGS= | |||
580 | # Identity of this package. | 580 | # Identity of this package. |
581 | PACKAGE_NAME='firejail' | 581 | PACKAGE_NAME='firejail' |
582 | PACKAGE_TARNAME='firejail' | 582 | PACKAGE_TARNAME='firejail' |
583 | PACKAGE_VERSION='0.9.61' | 583 | PACKAGE_VERSION='0.9.63' |
584 | PACKAGE_STRING='firejail 0.9.61' | 584 | PACKAGE_STRING='firejail 0.9.63' |
585 | PACKAGE_BUGREPORT='netblue30@yahoo.com' | 585 | PACKAGE_BUGREPORT='netblue30@yahoo.com' |
586 | PACKAGE_URL='https://firejail.wordpress.com' | 586 | PACKAGE_URL='https://firejail.wordpress.com' |
587 | 587 | ||
@@ -647,11 +647,6 @@ HAVE_OVERLAYFS | |||
647 | EXTRA_LDFLAGS | 647 | EXTRA_LDFLAGS |
648 | EXTRA_CFLAGS | 648 | EXTRA_CFLAGS |
649 | HAVE_APPARMOR | 649 | HAVE_APPARMOR |
650 | AA_LIBS | ||
651 | AA_CFLAGS | ||
652 | PKG_CONFIG_LIBDIR | ||
653 | PKG_CONFIG_PATH | ||
654 | PKG_CONFIG | ||
655 | RANLIB | 650 | RANLIB |
656 | INSTALL_DATA | 651 | INSTALL_DATA |
657 | INSTALL_SCRIPT | 652 | INSTALL_SCRIPT |
@@ -682,6 +677,7 @@ infodir | |||
682 | docdir | 677 | docdir |
683 | oldincludedir | 678 | oldincludedir |
684 | includedir | 679 | includedir |
680 | runstatedir | ||
685 | localstatedir | 681 | localstatedir |
686 | sharedstatedir | 682 | sharedstatedir |
687 | sysconfdir | 683 | sysconfdir |
@@ -730,11 +726,6 @@ CFLAGS | |||
730 | LDFLAGS | 726 | LDFLAGS |
731 | LIBS | 727 | LIBS |
732 | CPPFLAGS | 728 | CPPFLAGS |
733 | PKG_CONFIG | ||
734 | PKG_CONFIG_PATH | ||
735 | PKG_CONFIG_LIBDIR | ||
736 | AA_CFLAGS | ||
737 | AA_LIBS | ||
738 | CPP' | 729 | CPP' |
739 | 730 | ||
740 | 731 | ||
@@ -774,6 +765,7 @@ datadir='${datarootdir}' | |||
774 | sysconfdir='${prefix}/etc' | 765 | sysconfdir='${prefix}/etc' |
775 | sharedstatedir='${prefix}/com' | 766 | sharedstatedir='${prefix}/com' |
776 | localstatedir='${prefix}/var' | 767 | localstatedir='${prefix}/var' |
768 | runstatedir='${localstatedir}/run' | ||
777 | includedir='${prefix}/include' | 769 | includedir='${prefix}/include' |
778 | oldincludedir='/usr/include' | 770 | oldincludedir='/usr/include' |
779 | docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' | 771 | docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' |
@@ -1026,6 +1018,15 @@ do | |||
1026 | | -silent | --silent | --silen | --sile | --sil) | 1018 | | -silent | --silent | --silen | --sile | --sil) |
1027 | silent=yes ;; | 1019 | silent=yes ;; |
1028 | 1020 | ||
1021 | -runstatedir | --runstatedir | --runstatedi | --runstated \ | ||
1022 | | --runstate | --runstat | --runsta | --runst | --runs \ | ||
1023 | | --run | --ru | --r) | ||
1024 | ac_prev=runstatedir ;; | ||
1025 | -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ | ||
1026 | | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ | ||
1027 | | --run=* | --ru=* | --r=*) | ||
1028 | runstatedir=$ac_optarg ;; | ||
1029 | |||
1029 | -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) | 1030 | -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) |
1030 | ac_prev=sbindir ;; | 1031 | ac_prev=sbindir ;; |
1031 | -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ | 1032 | -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ |
@@ -1163,7 +1164,7 @@ fi | |||
1163 | for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ | 1164 | for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ |
1164 | datadir sysconfdir sharedstatedir localstatedir includedir \ | 1165 | datadir sysconfdir sharedstatedir localstatedir includedir \ |
1165 | oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ | 1166 | oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ |
1166 | libdir localedir mandir | 1167 | libdir localedir mandir runstatedir |
1167 | do | 1168 | do |
1168 | eval ac_val=\$$ac_var | 1169 | eval ac_val=\$$ac_var |
1169 | # Remove trailing slashes. | 1170 | # Remove trailing slashes. |
@@ -1276,7 +1277,7 @@ if test "$ac_init_help" = "long"; then | |||
1276 | # Omit some internal or obsolete options to make the list less imposing. | 1277 | # Omit some internal or obsolete options to make the list less imposing. |
1277 | # This message is too long to be a string in the A/UX 3.1 sh. | 1278 | # This message is too long to be a string in the A/UX 3.1 sh. |
1278 | cat <<_ACEOF | 1279 | cat <<_ACEOF |
1279 | \`configure' configures firejail 0.9.61 to adapt to many kinds of systems. | 1280 | \`configure' configures firejail 0.9.63 to adapt to many kinds of systems. |
1280 | 1281 | ||
1281 | Usage: $0 [OPTION]... [VAR=VALUE]... | 1282 | Usage: $0 [OPTION]... [VAR=VALUE]... |
1282 | 1283 | ||
@@ -1316,6 +1317,7 @@ Fine tuning of the installation directories: | |||
1316 | --sysconfdir=DIR read-only single-machine data [PREFIX/etc] | 1317 | --sysconfdir=DIR read-only single-machine data [PREFIX/etc] |
1317 | --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] | 1318 | --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] |
1318 | --localstatedir=DIR modifiable single-machine data [PREFIX/var] | 1319 | --localstatedir=DIR modifiable single-machine data [PREFIX/var] |
1320 | --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] | ||
1319 | --libdir=DIR object code libraries [EPREFIX/lib] | 1321 | --libdir=DIR object code libraries [EPREFIX/lib] |
1320 | --includedir=DIR C header files [PREFIX/include] | 1322 | --includedir=DIR C header files [PREFIX/include] |
1321 | --oldincludedir=DIR C header files for non-gcc [/usr/include] | 1323 | --oldincludedir=DIR C header files for non-gcc [/usr/include] |
@@ -1337,7 +1339,7 @@ fi | |||
1337 | 1339 | ||
1338 | if test -n "$ac_init_help"; then | 1340 | if test -n "$ac_init_help"; then |
1339 | case $ac_init_help in | 1341 | case $ac_init_help in |
1340 | short | recursive ) echo "Configuration of firejail 0.9.61:";; | 1342 | short | recursive ) echo "Configuration of firejail 0.9.63:";; |
1341 | esac | 1343 | esac |
1342 | cat <<\_ACEOF | 1344 | cat <<\_ACEOF |
1343 | 1345 | ||
@@ -1374,13 +1376,6 @@ Some influential environment variables: | |||
1374 | LIBS libraries to pass to the linker, e.g. -l<library> | 1376 | LIBS libraries to pass to the linker, e.g. -l<library> |
1375 | CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if | 1377 | CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if |
1376 | you have headers in a nonstandard directory <include dir> | 1378 | you have headers in a nonstandard directory <include dir> |
1377 | PKG_CONFIG path to pkg-config utility | ||
1378 | PKG_CONFIG_PATH | ||
1379 | directories to add to pkg-config's search path | ||
1380 | PKG_CONFIG_LIBDIR | ||
1381 | path overriding pkg-config's built-in search path | ||
1382 | AA_CFLAGS C compiler flags for AA, overriding pkg-config | ||
1383 | AA_LIBS linker flags for AA, overriding pkg-config | ||
1384 | CPP C preprocessor | 1379 | CPP C preprocessor |
1385 | 1380 | ||
1386 | Use these variables to override the choices made by `configure' or to help | 1381 | Use these variables to override the choices made by `configure' or to help |
@@ -1450,7 +1445,7 @@ fi | |||
1450 | test -n "$ac_init_help" && exit $ac_status | 1445 | test -n "$ac_init_help" && exit $ac_status |
1451 | if $ac_init_version; then | 1446 | if $ac_init_version; then |
1452 | cat <<\_ACEOF | 1447 | cat <<\_ACEOF |
1453 | firejail configure 0.9.61 | 1448 | firejail configure 0.9.63 |
1454 | generated by GNU Autoconf 2.69 | 1449 | generated by GNU Autoconf 2.69 |
1455 | 1450 | ||
1456 | Copyright (C) 2012 Free Software Foundation, Inc. | 1451 | Copyright (C) 2012 Free Software Foundation, Inc. |
@@ -1752,7 +1747,7 @@ cat >config.log <<_ACEOF | |||
1752 | This file contains any messages produced by compilers while | 1747 | This file contains any messages produced by compilers while |
1753 | running configure, to aid debugging if configure makes a mistake. | 1748 | running configure, to aid debugging if configure makes a mistake. |
1754 | 1749 | ||
1755 | It was created by firejail $as_me 0.9.61, which was | 1750 | It was created by firejail $as_me 0.9.63, which was |
1756 | generated by GNU Autoconf 2.69. Invocation command line was | 1751 | generated by GNU Autoconf 2.69. Invocation command line was |
1757 | 1752 | ||
1758 | $ $0 $@ | 1753 | $ $0 $@ |
@@ -3109,151 +3104,22 @@ fi | |||
3109 | 3104 | ||
3110 | 3105 | ||
3111 | HAVE_SPECTRE="no" | 3106 | HAVE_SPECTRE="no" |
3112 | 3107 | AX_CHECK_COMPILE_FLAG( | |
3113 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -mindirect-branch=thunk" >&5 | 3108 | -mindirect-branch=thunk, |
3114 | $as_echo_n "checking whether C compiler accepts -mindirect-branch=thunk... " >&6; } | 3109 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mindirect-branch=thunk" |
3115 | if ${ax_cv_check_cflags___mindirect_branch_thunk+:} false; then : | 3110 | ) |
3116 | $as_echo_n "(cached) " >&6 | 3111 | AX_CHECK_COMPILE_FLAG( |
3117 | else | 3112 | -mretpoline, |
3118 | 3113 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mretpoline" | |
3119 | ax_check_save_flags=$CFLAGS | 3114 | ) |
3120 | CFLAGS="$CFLAGS -mindirect-branch=thunk" | 3115 | AX_CHECK_COMPILE_FLAG( |
3121 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | 3116 | -fstack-clash-protection, |
3122 | /* end confdefs.h. */ | 3117 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -fstack-clash-protection" |
3123 | 3118 | ) | |
3124 | int | 3119 | AX_CHECK_COMPILE_FLAG( |
3125 | main () | 3120 | -fstack-protector-strong, |
3126 | { | 3121 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -fstack-protector-strong" |
3127 | 3122 | ) | |
3128 | ; | ||
3129 | return 0; | ||
3130 | } | ||
3131 | _ACEOF | ||
3132 | if ac_fn_c_try_compile "$LINENO"; then : | ||
3133 | ax_cv_check_cflags___mindirect_branch_thunk=yes | ||
3134 | else | ||
3135 | ax_cv_check_cflags___mindirect_branch_thunk=no | ||
3136 | fi | ||
3137 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | ||
3138 | CFLAGS=$ax_check_save_flags | ||
3139 | fi | ||
3140 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___mindirect_branch_thunk" >&5 | ||
3141 | $as_echo "$ax_cv_check_cflags___mindirect_branch_thunk" >&6; } | ||
3142 | if test "x$ax_cv_check_cflags___mindirect_branch_thunk" = xyes; then : | ||
3143 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mindirect-branch=thunk" | ||
3144 | |||
3145 | else | ||
3146 | : | ||
3147 | fi | ||
3148 | |||
3149 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -mretpoline" >&5 | ||
3150 | $as_echo_n "checking whether C compiler accepts -mretpoline... " >&6; } | ||
3151 | if ${ax_cv_check_cflags___mretpoline+:} false; then : | ||
3152 | $as_echo_n "(cached) " >&6 | ||
3153 | else | ||
3154 | |||
3155 | ax_check_save_flags=$CFLAGS | ||
3156 | CFLAGS="$CFLAGS -mretpoline" | ||
3157 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
3158 | /* end confdefs.h. */ | ||
3159 | |||
3160 | int | ||
3161 | main () | ||
3162 | { | ||
3163 | |||
3164 | ; | ||
3165 | return 0; | ||
3166 | } | ||
3167 | _ACEOF | ||
3168 | if ac_fn_c_try_compile "$LINENO"; then : | ||
3169 | ax_cv_check_cflags___mretpoline=yes | ||
3170 | else | ||
3171 | ax_cv_check_cflags___mretpoline=no | ||
3172 | fi | ||
3173 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | ||
3174 | CFLAGS=$ax_check_save_flags | ||
3175 | fi | ||
3176 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___mretpoline" >&5 | ||
3177 | $as_echo "$ax_cv_check_cflags___mretpoline" >&6; } | ||
3178 | if test "x$ax_cv_check_cflags___mretpoline" = xyes; then : | ||
3179 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -mretpoline" | ||
3180 | |||
3181 | else | ||
3182 | : | ||
3183 | fi | ||
3184 | |||
3185 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-clash-protection" >&5 | ||
3186 | $as_echo_n "checking whether C compiler accepts -fstack-clash-protection... " >&6; } | ||
3187 | if ${ax_cv_check_cflags___fstack_clash_protection+:} false; then : | ||
3188 | $as_echo_n "(cached) " >&6 | ||
3189 | else | ||
3190 | |||
3191 | ax_check_save_flags=$CFLAGS | ||
3192 | CFLAGS="$CFLAGS -fstack-clash-protection" | ||
3193 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
3194 | /* end confdefs.h. */ | ||
3195 | |||
3196 | int | ||
3197 | main () | ||
3198 | { | ||
3199 | |||
3200 | ; | ||
3201 | return 0; | ||
3202 | } | ||
3203 | _ACEOF | ||
3204 | if ac_fn_c_try_compile "$LINENO"; then : | ||
3205 | ax_cv_check_cflags___fstack_clash_protection=yes | ||
3206 | else | ||
3207 | ax_cv_check_cflags___fstack_clash_protection=no | ||
3208 | fi | ||
3209 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | ||
3210 | CFLAGS=$ax_check_save_flags | ||
3211 | fi | ||
3212 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fstack_clash_protection" >&5 | ||
3213 | $as_echo "$ax_cv_check_cflags___fstack_clash_protection" >&6; } | ||
3214 | if test "x$ax_cv_check_cflags___fstack_clash_protection" = xyes; then : | ||
3215 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -fstack-clash-protection" | ||
3216 | |||
3217 | else | ||
3218 | : | ||
3219 | fi | ||
3220 | |||
3221 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts -fstack-protector-strong" >&5 | ||
3222 | $as_echo_n "checking whether C compiler accepts -fstack-protector-strong... " >&6; } | ||
3223 | if ${ax_cv_check_cflags___fstack_protector_strong+:} false; then : | ||
3224 | $as_echo_n "(cached) " >&6 | ||
3225 | else | ||
3226 | |||
3227 | ax_check_save_flags=$CFLAGS | ||
3228 | CFLAGS="$CFLAGS -fstack-protector-strong" | ||
3229 | cat confdefs.h - <<_ACEOF >conftest.$ac_ext | ||
3230 | /* end confdefs.h. */ | ||
3231 | |||
3232 | int | ||
3233 | main () | ||
3234 | { | ||
3235 | |||
3236 | ; | ||
3237 | return 0; | ||
3238 | } | ||
3239 | _ACEOF | ||
3240 | if ac_fn_c_try_compile "$LINENO"; then : | ||
3241 | ax_cv_check_cflags___fstack_protector_strong=yes | ||
3242 | else | ||
3243 | ax_cv_check_cflags___fstack_protector_strong=no | ||
3244 | fi | ||
3245 | rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext | ||
3246 | CFLAGS=$ax_check_save_flags | ||
3247 | fi | ||
3248 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags___fstack_protector_strong" >&5 | ||
3249 | $as_echo "$ax_cv_check_cflags___fstack_protector_strong" >&6; } | ||
3250 | if test "x$ax_cv_check_cflags___fstack_protector_strong" = xyes; then : | ||
3251 | HAVE_SPECTRE="yes" && EXTRA_CFLAGS+=" -fstack-protector-strong" | ||
3252 | |||
3253 | else | ||
3254 | : | ||
3255 | fi | ||
3256 | |||
3257 | 3123 | ||
3258 | HAVE_APPARMOR="" | 3124 | HAVE_APPARMOR="" |
3259 | # Check whether --enable-apparmor was given. | 3125 | # Check whether --enable-apparmor was given. |
@@ -3261,220 +3127,10 @@ if test "${enable_apparmor+set}" = set; then : | |||
3261 | enableval=$enable_apparmor; | 3127 | enableval=$enable_apparmor; |
3262 | fi | 3128 | fi |
3263 | 3129 | ||
3264 | |||
3265 | |||
3266 | |||
3267 | |||
3268 | |||
3269 | |||
3270 | |||
3271 | if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then | ||
3272 | if test -n "$ac_tool_prefix"; then | ||
3273 | # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. | ||
3274 | set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 | ||
3275 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | ||
3276 | $as_echo_n "checking for $ac_word... " >&6; } | ||
3277 | if ${ac_cv_path_PKG_CONFIG+:} false; then : | ||
3278 | $as_echo_n "(cached) " >&6 | ||
3279 | else | ||
3280 | case $PKG_CONFIG in | ||
3281 | [\\/]* | ?:[\\/]*) | ||
3282 | ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path. | ||
3283 | ;; | ||
3284 | *) | ||
3285 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | ||
3286 | for as_dir in $PATH | ||
3287 | do | ||
3288 | IFS=$as_save_IFS | ||
3289 | test -z "$as_dir" && as_dir=. | ||
3290 | for ac_exec_ext in '' $ac_executable_extensions; do | ||
3291 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | ||
3292 | ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" | ||
3293 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | ||
3294 | break 2 | ||
3295 | fi | ||
3296 | done | ||
3297 | done | ||
3298 | IFS=$as_save_IFS | ||
3299 | |||
3300 | ;; | ||
3301 | esac | ||
3302 | fi | ||
3303 | PKG_CONFIG=$ac_cv_path_PKG_CONFIG | ||
3304 | if test -n "$PKG_CONFIG"; then | ||
3305 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKG_CONFIG" >&5 | ||
3306 | $as_echo "$PKG_CONFIG" >&6; } | ||
3307 | else | ||
3308 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
3309 | $as_echo "no" >&6; } | ||
3310 | fi | ||
3311 | |||
3312 | |||
3313 | fi | ||
3314 | if test -z "$ac_cv_path_PKG_CONFIG"; then | ||
3315 | ac_pt_PKG_CONFIG=$PKG_CONFIG | ||
3316 | # Extract the first word of "pkg-config", so it can be a program name with args. | ||
3317 | set dummy pkg-config; ac_word=$2 | ||
3318 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 | ||
3319 | $as_echo_n "checking for $ac_word... " >&6; } | ||
3320 | if ${ac_cv_path_ac_pt_PKG_CONFIG+:} false; then : | ||
3321 | $as_echo_n "(cached) " >&6 | ||
3322 | else | ||
3323 | case $ac_pt_PKG_CONFIG in | ||
3324 | [\\/]* | ?:[\\/]*) | ||
3325 | ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path. | ||
3326 | ;; | ||
3327 | *) | ||
3328 | as_save_IFS=$IFS; IFS=$PATH_SEPARATOR | ||
3329 | for as_dir in $PATH | ||
3330 | do | ||
3331 | IFS=$as_save_IFS | ||
3332 | test -z "$as_dir" && as_dir=. | ||
3333 | for ac_exec_ext in '' $ac_executable_extensions; do | ||
3334 | if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then | ||
3335 | ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext" | ||
3336 | $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 | ||
3337 | break 2 | ||
3338 | fi | ||
3339 | done | ||
3340 | done | ||
3341 | IFS=$as_save_IFS | ||
3342 | |||
3343 | ;; | ||
3344 | esac | ||
3345 | fi | ||
3346 | ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG | ||
3347 | if test -n "$ac_pt_PKG_CONFIG"; then | ||
3348 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKG_CONFIG" >&5 | ||
3349 | $as_echo "$ac_pt_PKG_CONFIG" >&6; } | ||
3350 | else | ||
3351 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
3352 | $as_echo "no" >&6; } | ||
3353 | fi | ||
3354 | |||
3355 | if test "x$ac_pt_PKG_CONFIG" = x; then | ||
3356 | PKG_CONFIG="" | ||
3357 | else | ||
3358 | case $cross_compiling:$ac_tool_warned in | ||
3359 | yes:) | ||
3360 | { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 | ||
3361 | $as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} | ||
3362 | ac_tool_warned=yes ;; | ||
3363 | esac | ||
3364 | PKG_CONFIG=$ac_pt_PKG_CONFIG | ||
3365 | fi | ||
3366 | else | ||
3367 | PKG_CONFIG="$ac_cv_path_PKG_CONFIG" | ||
3368 | fi | ||
3369 | |||
3370 | fi | ||
3371 | if test -n "$PKG_CONFIG"; then | ||
3372 | _pkg_min_version=0.9.0 | ||
3373 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking pkg-config is at least version $_pkg_min_version" >&5 | ||
3374 | $as_echo_n "checking pkg-config is at least version $_pkg_min_version... " >&6; } | ||
3375 | if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then | ||
3376 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | ||
3377 | $as_echo "yes" >&6; } | ||
3378 | else | ||
3379 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
3380 | $as_echo "no" >&6; } | ||
3381 | PKG_CONFIG="" | ||
3382 | fi | ||
3383 | fi | ||
3384 | if test "x$enable_apparmor" = "xyes"; then : | 3130 | if test "x$enable_apparmor" = "xyes"; then : |
3385 | 3131 | ||
3386 | HAVE_APPARMOR="-DHAVE_APPARMOR" | 3132 | HAVE_APPARMOR="-DHAVE_APPARMOR" |
3387 | 3133 | PKG_CHECK_MODULES(AA, libapparmor, EXTRA_CFLAGS+=" $AA_CFLAGS" && EXTRA_LDFLAGS+=" $AA_LIBS") | |
3388 | pkg_failed=no | ||
3389 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libapparmor" >&5 | ||
3390 | $as_echo_n "checking for libapparmor... " >&6; } | ||
3391 | |||
3392 | if test -n "$AA_CFLAGS"; then | ||
3393 | pkg_cv_AA_CFLAGS="$AA_CFLAGS" | ||
3394 | elif test -n "$PKG_CONFIG"; then | ||
3395 | if test -n "$PKG_CONFIG" && \ | ||
3396 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libapparmor\""; } >&5 | ||
3397 | ($PKG_CONFIG --exists --print-errors "libapparmor") 2>&5 | ||
3398 | ac_status=$? | ||
3399 | $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 | ||
3400 | test $ac_status = 0; }; then | ||
3401 | pkg_cv_AA_CFLAGS=`$PKG_CONFIG --cflags "libapparmor" 2>/dev/null` | ||
3402 | test "x$?" != "x0" && pkg_failed=yes | ||
3403 | else | ||
3404 | pkg_failed=yes | ||
3405 | fi | ||
3406 | else | ||
3407 | pkg_failed=untried | ||
3408 | fi | ||
3409 | if test -n "$AA_LIBS"; then | ||
3410 | pkg_cv_AA_LIBS="$AA_LIBS" | ||
3411 | elif test -n "$PKG_CONFIG"; then | ||
3412 | if test -n "$PKG_CONFIG" && \ | ||
3413 | { { $as_echo "$as_me:${as_lineno-$LINENO}: \$PKG_CONFIG --exists --print-errors \"libapparmor\""; } >&5 | ||
3414 | ($PKG_CONFIG --exists --print-errors "libapparmor") 2>&5 | ||
3415 | ac_status=$? | ||
3416 | $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 | ||
3417 | test $ac_status = 0; }; then | ||
3418 | pkg_cv_AA_LIBS=`$PKG_CONFIG --libs "libapparmor" 2>/dev/null` | ||
3419 | test "x$?" != "x0" && pkg_failed=yes | ||
3420 | else | ||
3421 | pkg_failed=yes | ||
3422 | fi | ||
3423 | else | ||
3424 | pkg_failed=untried | ||
3425 | fi | ||
3426 | |||
3427 | |||
3428 | |||
3429 | if test $pkg_failed = yes; then | ||
3430 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
3431 | $as_echo "no" >&6; } | ||
3432 | |||
3433 | if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then | ||
3434 | _pkg_short_errors_supported=yes | ||
3435 | else | ||
3436 | _pkg_short_errors_supported=no | ||
3437 | fi | ||
3438 | if test $_pkg_short_errors_supported = yes; then | ||
3439 | AA_PKG_ERRORS=`$PKG_CONFIG --short-errors --print-errors --cflags --libs "libapparmor" 2>&1` | ||
3440 | else | ||
3441 | AA_PKG_ERRORS=`$PKG_CONFIG --print-errors --cflags --libs "libapparmor" 2>&1` | ||
3442 | fi | ||
3443 | # Put the nasty error message in config.log where it belongs | ||
3444 | echo "$AA_PKG_ERRORS" >&5 | ||
3445 | |||
3446 | as_fn_error $? "Package requirements (libapparmor) were not met: | ||
3447 | |||
3448 | $AA_PKG_ERRORS | ||
3449 | |||
3450 | Consider adjusting the PKG_CONFIG_PATH environment variable if you | ||
3451 | installed software in a non-standard prefix. | ||
3452 | |||
3453 | Alternatively, you may set the environment variables AA_CFLAGS | ||
3454 | and AA_LIBS to avoid the need to call pkg-config. | ||
3455 | See the pkg-config man page for more details." "$LINENO" 5 | ||
3456 | elif test $pkg_failed = untried; then | ||
3457 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 | ||
3458 | $as_echo "no" >&6; } | ||
3459 | { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 | ||
3460 | $as_echo "$as_me: error: in \`$ac_pwd':" >&2;} | ||
3461 | as_fn_error $? "The pkg-config script could not be found or is too old. Make sure it | ||
3462 | is in your PATH or set the PKG_CONFIG environment variable to the full | ||
3463 | path to pkg-config. | ||
3464 | |||
3465 | Alternatively, you may set the environment variables AA_CFLAGS | ||
3466 | and AA_LIBS to avoid the need to call pkg-config. | ||
3467 | See the pkg-config man page for more details. | ||
3468 | |||
3469 | To get pkg-config, see <http://pkg-config.freedesktop.org/>. | ||
3470 | See \`config.log' for more details" "$LINENO" 5; } | ||
3471 | else | ||
3472 | AA_CFLAGS=$pkg_cv_AA_CFLAGS | ||
3473 | AA_LIBS=$pkg_cv_AA_LIBS | ||
3474 | { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 | ||
3475 | $as_echo "yes" >&6; } | ||
3476 | EXTRA_CFLAGS+=" $AA_CFLAGS" && EXTRA_LDFLAGS+=" $AA_LIBS" | ||
3477 | fi | ||
3478 | 3134 | ||
3479 | 3135 | ||
3480 | fi | 3136 | fi |
@@ -3696,6 +3352,7 @@ fi | |||
3696 | 3352 | ||
3697 | 3353 | ||
3698 | # checking pthread library | 3354 | # checking pthread library |
3355 | |||
3699 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lpthread" >&5 | 3356 | { $as_echo "$as_me:${as_lineno-$LINENO}: checking for main in -lpthread" >&5 |
3700 | $as_echo_n "checking for main in -lpthread... " >&6; } | 3357 | $as_echo_n "checking for main in -lpthread... " >&6; } |
3701 | if ${ac_cv_lib_pthread_main+:} false; then : | 3358 | if ${ac_cv_lib_pthread_main+:} false; then : |
@@ -4701,7 +4358,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 | |||
4701 | # report actual input values of CONFIG_FILES etc. instead of their | 4358 | # report actual input values of CONFIG_FILES etc. instead of their |
4702 | # values after options handling. | 4359 | # values after options handling. |
4703 | ac_log=" | 4360 | ac_log=" |
4704 | This file was extended by firejail $as_me 0.9.61, which was | 4361 | This file was extended by firejail $as_me 0.9.63, which was |
4705 | generated by GNU Autoconf 2.69. Invocation command line was | 4362 | generated by GNU Autoconf 2.69. Invocation command line was |
4706 | 4363 | ||
4707 | CONFIG_FILES = $CONFIG_FILES | 4364 | CONFIG_FILES = $CONFIG_FILES |
@@ -4755,7 +4412,7 @@ _ACEOF | |||
4755 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 | 4412 | cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 |
4756 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" | 4413 | ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" |
4757 | ac_cs_version="\\ | 4414 | ac_cs_version="\\ |
4758 | firejail config.status 0.9.61 | 4415 | firejail config.status 0.9.63 |
4759 | configured by $0, generated by GNU Autoconf 2.69, | 4416 | configured by $0, generated by GNU Autoconf 2.69, |
4760 | with options \\"\$ac_cs_config\\" | 4417 | with options \\"\$ac_cs_config\\" |
4761 | 4418 | ||
diff --git a/configure.ac b/configure.ac index 27dcb39c5..8ee2fbadc 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -12,7 +12,7 @@ | |||
12 | # | 12 | # |
13 | 13 | ||
14 | AC_PREREQ([2.68]) | 14 | AC_PREREQ([2.68]) |
15 | AC_INIT(firejail, 0.9.61, netblue30@yahoo.com, , https://firejail.wordpress.com) | 15 | AC_INIT(firejail, 0.9.63, netblue30@yahoo.com, , https://firejail.wordpress.com) |
16 | AC_CONFIG_SRCDIR([src/firejail/main.c]) | 16 | AC_CONFIG_SRCDIR([src/firejail/main.c]) |
17 | 17 | ||
18 | AC_CONFIG_MACRO_DIR([m4]) | 18 | AC_CONFIG_MACRO_DIR([m4]) |
diff --git a/video.png b/video.png deleted file mode 100644 index bbebaa040..000000000 --- a/video.png +++ /dev/null | |||
Binary files differ | |||