diff options
-rw-r--r-- | Makefile.in | 19 | ||||
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | RELNOTES | 8 | ||||
-rwxr-xr-x | configure | 3 | ||||
-rw-r--r-- | configure.ac | 3 | ||||
-rwxr-xr-x | gcov.sh | 4 | ||||
-rwxr-xr-x | mkasc.sh | 1 | ||||
-rwxr-xr-x | mkdeb.sh | 7 |
8 files changed, 15 insertions, 33 deletions
diff --git a/Makefile.in b/Makefile.in index e9aab83c9..0b2455292 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -122,11 +122,11 @@ endif | |||
122 | done | 122 | done |
123 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 123 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
124 | rm -fr .etc | 124 | rm -fr .etc |
125 | ifeq ($(HAVE_APPARMOR),-DHAVE_APPARMOR) | 125 | ifeq ($(HAVE_APPARMOR),-DHAVE_APPARMOR) |
126 | # install apparmor profile | 126 | # install apparmor profile |
127 | sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d; fi;" | 127 | sh -c "if [ ! -d $(DESTDIR)/$(sysconfdir)/apparmor.d ]; then install -d -m 755 $(DESTDIR)/$(sysconfdir)/apparmor.d; fi;" |
128 | install -c -m 0644 etc/firejail-default $(DESTDIR)/$(sysconfdir)/apparmor.d/. | 128 | install -c -m 0644 etc/firejail-default $(DESTDIR)/$(sysconfdir)/apparmor.d/. |
129 | endif | 129 | endif |
130 | # man pages | 130 | # man pages |
131 | install -m 0755 -d $(DESTDIR)/$(mandir)/man1 | 131 | install -m 0755 -d $(DESTDIR)/$(mandir)/man1 |
132 | install -m 0755 -d $(DESTDIR)/$(mandir)/man5 | 132 | install -m 0755 -d $(DESTDIR)/$(mandir)/man5 |
@@ -174,7 +174,7 @@ uninstall: | |||
174 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail | 174 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail |
175 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon | 175 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon |
176 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg | 176 | rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg |
177 | 177 | ||
178 | DISTFILES = "src etc platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" | 178 | DISTFILES = "src etc platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" |
179 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils" | 179 | DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils" |
180 | 180 | ||
@@ -211,7 +211,7 @@ rpms: | |||
211 | 211 | ||
212 | extras: all | 212 | extras: all |
213 | $(MAKE) -C extras/firetools | 213 | $(MAKE) -C extras/firetools |
214 | 214 | ||
215 | cppcheck: clean | 215 | cppcheck: clean |
216 | cppcheck --force . | 216 | cppcheck --force . |
217 | 217 | ||
@@ -238,7 +238,7 @@ test-apps-x11-xorg: | |||
238 | 238 | ||
239 | test-sysutils: | 239 | test-sysutils: |
240 | cd test/sysutils; ./sysutils.sh | grep TESTING | 240 | cd test/sysutils; ./sysutils.sh | grep TESTING |
241 | 241 | ||
242 | test-utils: | 242 | test-utils: |
243 | cd test/utils; ./utils.sh | grep TESTING | 243 | cd test/utils; ./utils.sh | grep TESTING |
244 | 244 | ||
@@ -252,13 +252,13 @@ endif | |||
252 | 252 | ||
253 | test-arguments: | 253 | test-arguments: |
254 | cd test/arguments; ./arguments.sh | grep TESTING | 254 | cd test/arguments; ./arguments.sh | grep TESTING |
255 | 255 | ||
256 | test-fs: | 256 | test-fs: |
257 | cd test/fs; ./fs.sh | grep TESTING | 257 | cd test/fs; ./fs.sh | grep TESTING |
258 | 258 | ||
259 | test-fcopy: | 259 | test-fcopy: |
260 | cd test/fcopy; ./fcopy.sh | grep TESTING | 260 | cd test/fcopy; ./fcopy.sh | grep TESTING |
261 | 261 | ||
262 | test: test-profiles test-fcopy test-fs test-utils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments | 262 | test: test-profiles test-fcopy test-fs test-utils test-environment test-apps test-apps-x11 test-apps-x11-xorg test-filters test-arguments |
263 | echo "TEST COMPLETE" | 263 | echo "TEST COMPLETE" |
264 | 264 | ||
@@ -284,11 +284,11 @@ test-network: | |||
284 | # requires the same setup as test-network | 284 | # requires the same setup as test-network |
285 | test-stress: | 285 | test-stress: |
286 | cd test/stress; ./stress.sh | grep TESTING | 286 | cd test/stress; ./stress.sh | grep TESTING |
287 | 287 | ||
288 | # Tesets running a root user | 288 | # Tesets running a root user |
289 | test-root: | 289 | test-root: |
290 | cd test/root; su -c ./root.sh | grep TESTING | 290 | cd test/root; su -c ./root.sh | grep TESTING |
291 | 291 | ||
292 | # OverlayFS is not available on all platforms | 292 | # OverlayFS is not available on all platforms |
293 | test-overlay: | 293 | test-overlay: |
294 | cd test/overlay; ./overlay.sh | grep TESTING | 294 | cd test/overlay; ./overlay.sh | grep TESTING |
@@ -297,4 +297,3 @@ test-overlay: | |||
297 | 297 | ||
298 | test-all: test-root test-chroot test-network test-appimage test-overlay | 298 | test-all: test-root test-chroot test-network test-appimage test-overlay |
299 | echo "TEST COMPLETE" | 299 | echo "TEST COMPLETE" |
300 | |||
@@ -70,6 +70,3 @@ Release 0.9.46 was moved on 0.9.46-bugfixes branch: https://github.com/netblue30 | |||
70 | 70 | ||
71 | All profiles include /etc/firejail/globals.local for persistent customizations across all applications. For example, you | 71 | All profiles include /etc/firejail/globals.local for persistent customizations across all applications. For example, you |
72 | can set here a global DNS "dns 8.8.8.8". The file is not overwritten during install. | 72 | can set here a global DNS "dns 8.8.8.8". The file is not overwritten during install. |
73 | |||
74 | |||
75 | |||
@@ -25,7 +25,7 @@ firejail (0.9.46) baseline; urgency=low | |||
25 | * feature: allow non-seccomp setup for OverlayFS sandboxes - more work to come | 25 | * feature: allow non-seccomp setup for OverlayFS sandboxes - more work to come |
26 | * feature: added a number of Python scripts for handling sandboxes | 26 | * feature: added a number of Python scripts for handling sandboxes |
27 | * feature: allow local customization using .local files under /etc/firejail | 27 | * feature: allow local customization using .local files under /etc/firejail |
28 | * feature: follow-symlink-as-user runtime config option in | 28 | * feature: follow-symlink-as-user runtime config option in |
29 | /etc/firejail/firejail.config | 29 | /etc/firejail/firejail.config |
30 | * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config | 30 | * feature: follow-symlink-private-bin option in /etc/firejail/firejail.config |
31 | * feature: xvfb X11 server support (--x11=xvfb) | 31 | * feature: xvfb X11 server support (--x11=xvfb) |
@@ -37,7 +37,7 @@ firejail (0.9.46) baseline; urgency=low | |||
37 | * feature: support overlay, overlay-named and overlay-tmpfs in profile files | 37 | * feature: support overlay, overlay-named and overlay-tmpfs in profile files |
38 | * feature: allow PulseAudio sockets in --private-tmp | 38 | * feature: allow PulseAudio sockets in --private-tmp |
39 | * feature: --fix-sound support in firecfg | 39 | * feature: --fix-sound support in firecfg |
40 | * feature: added support for sandboxing Xpra, Xvfb and Xephyr in | 40 | * feature: added support for sandboxing Xpra, Xvfb and Xephyr in |
41 | independent sandboxes when started with firejail --x11 | 41 | independent sandboxes when started with firejail --x11 |
42 | * feature: enable automatic X server sandboxing for --x11=xpra | 42 | * feature: enable automatic X server sandboxing for --x11=xpra |
43 | and --x11=xephyr | 43 | and --x11=xephyr |
@@ -65,7 +65,7 @@ firejail (0.9.44.10) baseline; urgency=low | |||
65 | the return code of /usr/bin/xauth could end up in starting the | 65 | the return code of /usr/bin/xauth could end up in starting the |
66 | sandbox without X11 security extension installed. Problem found/fixed | 66 | sandbox without X11 security extension installed. Problem found/fixed |
67 | by Zack Weinberg | 67 | by Zack Weinberg |
68 | * bugfix: ~/.pki directory whitelisted and later blacklisted. This affects | 68 | * bugfix: ~/.pki directory whitelisted and later blacklisted. This affects |
69 | most browsers, and disables the custom certificates installed by the user | 69 | most browsers, and disables the custom certificates installed by the user |
70 | * bugfix: firecfg config fix | 70 | * bugfix: firecfg config fix |
71 | * bugfix: gajim security profile fix | 71 | * bugfix: gajim security profile fix |
@@ -258,7 +258,7 @@ firejail (0.9.38.6) baseline; urgency=low | |||
258 | 258 | ||
259 | firejail (0.9.38.4) baseline; urgency=low | 259 | firejail (0.9.38.4) baseline; urgency=low |
260 | * CVE-2016-7545 submitted by Aleksey Manevich | 260 | * CVE-2016-7545 submitted by Aleksey Manevich |
261 | * bugfixes | 261 | * bugfixes |
262 | -- netblue30 <netblue30@yahoo.com> Mon, 10 Oct 2016 10:00:00 -0500 | 262 | -- netblue30 <netblue30@yahoo.com> Mon, 10 Oct 2016 10:00:00 -0500 |
263 | 263 | ||
264 | firejail (0.9.38.2) baseline; urgency=low | 264 | firejail (0.9.38.2) baseline; urgency=low |
@@ -5011,6 +5011,3 @@ echo " fatal warnings: $HAVE_FATAL_WARNINGS" | |||
5011 | echo " Gcov instrumentation: $HAVE_GCOV" | 5011 | echo " Gcov instrumentation: $HAVE_GCOV" |
5012 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" | 5012 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" |
5013 | echo | 5013 | echo |
5014 | |||
5015 | |||
5016 | |||
diff --git a/configure.ac b/configure.ac index 594a7abf8..dc59e5b15 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -203,6 +203,3 @@ echo " fatal warnings: $HAVE_FATAL_WARNINGS" | |||
203 | echo " Gcov instrumentation: $HAVE_GCOV" | 203 | echo " Gcov instrumentation: $HAVE_GCOV" |
204 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" | 204 | echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" |
205 | echo | 205 | echo |
206 | |||
207 | |||
208 | |||
@@ -85,11 +85,11 @@ make test-apps-x11 | |||
85 | generate | 85 | generate |
86 | sleep 2 | 86 | sleep 2 |
87 | 87 | ||
88 | make test-apps-x11-xorg | 88 | make test-apps-x11-xorg |
89 | generate | 89 | generate |
90 | sleep 2 | 90 | sleep 2 |
91 | 91 | ||
92 | make test-filters | 92 | make test-filters |
93 | generate | 93 | generate |
94 | sleep 2 | 94 | sleep 2 |
95 | 95 | ||
@@ -8,4 +8,3 @@ gpg --clearsign --digest-algo SHA256 < firejail-$1-unsigned > firejail-$1.asc | |||
8 | gpg --verify firejail-$1.asc | 8 | gpg --verify firejail-$1.asc |
9 | gpg --detach-sign --armor firejail-$1.tar.xz | 9 | gpg --detach-sign --armor firejail-$1.tar.xz |
10 | rm firejail-$1-unsigned | 10 | rm firejail-$1-unsigned |
11 | |||
@@ -48,10 +48,3 @@ mv debian.deb ../firejail_$2_1_amd64.deb | |||
48 | echo "if building a 32bit package, rename the deb file manually" | 48 | echo "if building a 32bit package, rename the deb file manually" |
49 | cd .. | 49 | cd .. |
50 | rm -fr $CODE_DIR | 50 | rm -fr $CODE_DIR |
51 | |||
52 | |||
53 | |||
54 | |||
55 | |||
56 | |||
57 | |||