aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Makefile.in4
-rw-r--r--RELNOTES4
-rwxr-xr-xconfigure30
-rw-r--r--configure.ac20
-rw-r--r--dummy.c3
-rw-r--r--src/fbuilder/Makefile.in4
-rw-r--r--src/fcopy/Makefile.in3
-rw-r--r--src/firecfg/Makefile.in3
-rw-r--r--src/firejail/Makefile.in3
-rw-r--r--src/firemon/Makefile.in3
-rw-r--r--src/fldd/Makefile.in4
-rw-r--r--src/fnet/Makefile.in4
-rw-r--r--src/fnetfilter/Makefile.in4
-rw-r--r--src/fsec-optimize/Makefile.in4
-rw-r--r--src/fsec-print/Makefile.in3
-rw-r--r--src/fseccomp/Makefile.in4
-rw-r--r--src/ftee/Makefile.in3
-rw-r--r--src/lib/Makefile.in3
18 files changed, 83 insertions, 23 deletions
diff --git a/Makefile.in b/Makefile.in
index 27187f53a..21055b694 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -75,7 +75,7 @@ distclean: clean
75 for dir in $(APPS) $(MYLIBS); do \ 75 for dir in $(APPS) $(MYLIBS); do \
76 $(MAKE) -C $$dir distclean; \ 76 $(MAKE) -C $$dir distclean; \
77 done 77 done
78 rm -fr Makefile autom4te.cache config.log config.status config.h uids.h 78 rm -fr Makefile autom4te.cache config.log config.status config.h uids.h dummy.o
79 79
80realinstall: 80realinstall:
81 # firejail executable 81 # firejail executable
@@ -195,7 +195,7 @@ uninstall:
195 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon 195 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
196 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg 196 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
197 197
198DISTFILES = "src etc platform contrib configure configure.ac Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES" 198DISTFILES = "src etc platform contrib configure configure.ac dummy.c Makefile.in install.sh mkman.sh mketc.sh mkdeb.sh mkuid.sh COPYING README RELNOTES"
199DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot" 199DISTFILES_TEST = "test/apps test/apps-x11 test/apps-x11-xorg test/root test/fcopy test/environment test/profiles test/utils test/compile test/filters test/network test/arguments test/fs test/sysutils test/chroot"
200 200
201dist: 201dist:
diff --git a/RELNOTES b/RELNOTES
index e7852663e..a031e697e 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -26,8 +26,8 @@ firejail (0.9.53) baseline; urgency=low
26 * added sandbox name support in firemon 26 * added sandbox name support in firemon
27 * new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed, 27 * new profiles: basilisk, Tor Browser language packs, PlayOnLinux, sylpheed,
28 * new profiles: discord-canary, pycharm-community, pycharm-professional, 28 * new profiles: discord-canary, pycharm-community, pycharm-professional,
29 * new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine, VS Code, 29 * new profiles: pdfchain, tilp, vivaldi-snapshot, bitcoin-qt, kaffeine,
30 * new profiles: falkon, gnome-builder, asunder 30 * new profiles: falkon, gnome-builder, asunder, VS Code,
31 -- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500 31 -- netblue30 <netblue30@yahoo.com> Thu, 1 Mar 2018 08:00:00 -0500
32 32
33firejail (0.9.52) baseline; urgency=low 33firejail (0.9.52) baseline; urgency=low
diff --git a/configure b/configure
index 761cebc1e..80f66f8b3 100755
--- a/configure
+++ b/configure
@@ -646,6 +646,7 @@ EGREP
646GREP 646GREP
647CPP 647CPP
648HAVE_APPARMOR 648HAVE_APPARMOR
649EXTRA_CFLAGS
649RANLIB 650RANLIB
650INSTALL_DATA 651INSTALL_DATA
651INSTALL_SCRIPT 652INSTALL_SCRIPT
@@ -3105,6 +3106,33 @@ else
3105fi 3106fi
3106 3107
3107 3108
3109
3110HAVE_SPECTRE="no"
3111{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for Spectre mitigation support in gcc compiler" >&5
3112$as_echo_n "checking for Spectre mitigation support in gcc compiler... " >&6; }
3113if test "$CC" = "gcc"; then :
3114
3115 HAVE_SPECTRE="yes"
3116 $CC -mindirect-branch=thunk -c dummy.c || HAVE_SPECTRE="no"
3117 rm -f dummy.o
3118
3119fi
3120if test "$HAVE_SPECTRE" = "yes"; then :
3121
3122 { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
3123$as_echo "yes" >&6; }
3124 EXTRA_CFLAGS+="-mindirect-branch=thunk"
3125
3126fi
3127if test "$HAVE_SPECTRE" = "no"; then :
3128
3129 { $as_echo "$as_me:${as_lineno-$LINENO}: result: ... not available" >&5
3130$as_echo "... not available" >&6; }
3131
3132fi
3133
3134
3135
3108HAVE_APPARMOR="" 3136HAVE_APPARMOR=""
3109# Check whether --enable-apparmor was given. 3137# Check whether --enable-apparmor was given.
3110if test "${enable_apparmor+set}" = set; then : 3138if test "${enable_apparmor+set}" = set; then :
@@ -5024,7 +5052,9 @@ echo " file transfer support: $HAVE_FILE_TRANSFER"
5024echo " overlayfs support: $HAVE_OVERLAYFS" 5052echo " overlayfs support: $HAVE_OVERLAYFS"
5025echo " git install support: $HAVE_GIT_INSTALL" 5053echo " git install support: $HAVE_GIT_INSTALL"
5026echo " busybox workaround: $BUSYBOX_WORKAROUND" 5054echo " busybox workaround: $BUSYBOX_WORKAROUND"
5055echo " Spectre compiler patch: $HAVE_SPECTRE"
5027echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS" 5056echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS"
5057echo " EXTRA_CFLAGS: $EXTRA_CFLAGS"
5028echo " fatal warnings: $HAVE_FATAL_WARNINGS" 5058echo " fatal warnings: $HAVE_FATAL_WARNINGS"
5029echo " Gcov instrumentation: $HAVE_GCOV" 5059echo " Gcov instrumentation: $HAVE_GCOV"
5030echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" 5060echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL"
diff --git a/configure.ac b/configure.ac
index 952dec3b8..d6d4eb874 100644
--- a/configure.ac
+++ b/configure.ac
@@ -9,6 +9,24 @@ AC_PROG_CC
9AC_PROG_INSTALL 9AC_PROG_INSTALL
10AC_PROG_RANLIB 10AC_PROG_RANLIB
11 11
12
13HAVE_SPECTRE="no"
14AC_MSG_CHECKING(for Spectre mitigation support in gcc compiler)
15AS_IF([test "$CC" = "gcc"], [
16 HAVE_SPECTRE="yes"
17 $CC -mindirect-branch=thunk -c dummy.c || HAVE_SPECTRE="no"
18 rm -f dummy.o
19])
20AS_IF([test "$HAVE_SPECTRE" = "yes"], [
21 AC_MSG_RESULT(yes)
22 EXTRA_CFLAGS+="-mindirect-branch=thunk"
23])
24AS_IF([test "$HAVE_SPECTRE" = "no"], [
25 AC_MSG_RESULT(... not available)
26])
27AC_SUBST([EXTRA_CFLAGS])
28
29
12HAVE_APPARMOR="" 30HAVE_APPARMOR=""
13AC_ARG_ENABLE([apparmor], 31AC_ARG_ENABLE([apparmor],
14 AS_HELP_STRING([--enable-apparmor], [enable apparmor])) 32 AS_HELP_STRING([--enable-apparmor], [enable apparmor]))
@@ -198,7 +216,9 @@ echo " file transfer support: $HAVE_FILE_TRANSFER"
198echo " overlayfs support: $HAVE_OVERLAYFS" 216echo " overlayfs support: $HAVE_OVERLAYFS"
199echo " git install support: $HAVE_GIT_INSTALL" 217echo " git install support: $HAVE_GIT_INSTALL"
200echo " busybox workaround: $BUSYBOX_WORKAROUND" 218echo " busybox workaround: $BUSYBOX_WORKAROUND"
219echo " Spectre compiler patch: $HAVE_SPECTRE"
201echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS" 220echo " EXTRA_LDFLAGS: $EXTRA_LDFLAGS"
221echo " EXTRA_CFLAGS: $EXTRA_CFLAGS"
202echo " fatal warnings: $HAVE_FATAL_WARNINGS" 222echo " fatal warnings: $HAVE_FATAL_WARNINGS"
203echo " Gcov instrumentation: $HAVE_GCOV" 223echo " Gcov instrumentation: $HAVE_GCOV"
204echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL" 224echo " Install contrib scripts: $HAVE_CONTRIB_INSTALL"
diff --git a/dummy.c b/dummy.c
new file mode 100644
index 000000000..061ed7eef
--- /dev/null
+++ b/dummy.c
@@ -0,0 +1,3 @@
1int main(void) {
2 return 0;
3}
diff --git a/src/fbuilder/Makefile.in b/src/fbuilder/Makefile.in
index dd8e2ce6e..5bf78f92a 100644
--- a/src/fbuilder/Makefile.in
+++ b/src/fbuilder/Makefile.in
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@
22HAVE_APPARMOR=@HAVE_APPARMOR@ 22HAVE_APPARMOR=@HAVE_APPARMOR@
23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ 23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ 24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 25HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 26EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
27EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 28
29H_FILE_LIST = $(sort $(wildcard *.[h])) 29H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 30C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 35
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h 36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 37 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 38
39fbuilder: $(OBJS) 39fbuilder: $(OBJS)
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) 40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fcopy/Makefile.in b/src/fcopy/Makefile.in
index ad08f543e..519240c3d 100644
--- a/src/fcopy/Makefile.in
+++ b/src/fcopy/Makefile.in
@@ -25,6 +25,7 @@ HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 26HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
28EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 29
29H_FILE_LIST = $(sort $(wildcard *.[h])) 30H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 31C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +35,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 35LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 36
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h 37%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 38 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 39
39fcopy: $(OBJS) 40fcopy: $(OBJS)
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) 41 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/firecfg/Makefile.in b/src/firecfg/Makefile.in
index 0b2b03275..f0d389e36 100644
--- a/src/firecfg/Makefile.in
+++ b/src/firecfg/Makefile.in
@@ -19,6 +19,7 @@ HAVE_X11=@HAVE_X11@
19HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@ 19HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@
20HAVE_GCOV=@HAVE_GCOV@ 20HAVE_GCOV=@HAVE_GCOV@
21EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 21EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
22EXTRA_CFLAGS +=@EXTRA_CFLAGS@
22 23
23 24
24H_FILE_LIST = $(sort $(wildcard *.[h])) 25H_FILE_LIST = $(sort $(wildcard *.[h]))
@@ -29,7 +30,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
29LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 30LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
30 31
31%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h 32%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h
32 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 33 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
33 34
34firecfg: $(OBJS) ../lib/common.o 35firecfg: $(OBJS) ../lib/common.o
35 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS) 36 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in
index 01cb929e2..543924103 100644
--- a/src/firejail/Makefile.in
+++ b/src/firejail/Makefile.in
@@ -25,6 +25,7 @@ HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25HAVE_GCOV=@HAVE_GCOV@ 25HAVE_GCOV=@HAVE_GCOV@
26HAVE_GIT_INSTALL=@HAVE_GIT_INSTALL@ 26HAVE_GIT_INSTALL=@HAVE_GIT_INSTALL@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
28EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 29
29H_FILE_LIST = $(sort $(wildcard *.[h])) 30H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 31C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +35,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 35LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 36
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h 37%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/pid.h ../include/seccomp.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 38 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 39
39firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o ../lib/ldd_utils.o 40firejail: $(OBJS) ../lib/libnetlink.o ../lib/common.o ../lib/ldd_utils.o
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) 41 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/firemon/Makefile.in b/src/firemon/Makefile.in
index 326c305d9..ede25f6b5 100644
--- a/src/firemon/Makefile.in
+++ b/src/firemon/Makefile.in
@@ -17,10 +17,11 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$
17LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now 17LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now
18HAVE_GCOV=@HAVE_GCOV@ 18HAVE_GCOV=@HAVE_GCOV@
19EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 19EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
20EXTRA_CFLAGS +=@EXTRA_CFLAGS@
20 21
21 22
22%.o : %.c $(H_FILE_LIST) 23%.o : %.c $(H_FILE_LIST)
23 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 24 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
24 25
25firemon: $(OBJS) ../lib/common.o ../lib/pid.o 26firemon: $(OBJS) ../lib/common.o ../lib/pid.o
26 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/pid.o $(LIBS) $(EXTRA_LDFLAGS) 27 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o ../lib/pid.o $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fldd/Makefile.in b/src/fldd/Makefile.in
index e2bf4b787..e199d517d 100644
--- a/src/fldd/Makefile.in
+++ b/src/fldd/Makefile.in
@@ -24,7 +24,7 @@ HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ 24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 26HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 27EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 28
29H_FILE_LIST = $(sort $(wildcard *.[h])) 29H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 30C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 35
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h ../include/ldd_utils.h 36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h ../include/ldd_utils.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 37 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 38
39fldd: $(OBJS) ../lib/ldd_utils.o 39fldd: $(OBJS) ../lib/ldd_utils.o
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS) 40 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/ldd_utils.o $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fnet/Makefile.in b/src/fnet/Makefile.in
index 3288e6354..06b8bbee7 100644
--- a/src/fnet/Makefile.in
+++ b/src/fnet/Makefile.in
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@
22HAVE_APPARMOR=@HAVE_APPARMOR@ 22HAVE_APPARMOR=@HAVE_APPARMOR@
23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ 23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ 24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 25HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 26EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
27EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 28
29H_FILE_LIST = $(sort $(wildcard *.[h])) 29H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 30C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 35
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/libnetlink.h 36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/libnetlink.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 37 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 38
39fnet: $(OBJS) ../lib/libnetlink.o 39fnet: $(OBJS) ../lib/libnetlink.o
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o $(LIBS) $(EXTRA_LDFLAGS) 40 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/libnetlink.o $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fnetfilter/Makefile.in b/src/fnetfilter/Makefile.in
index 1063737e1..0a0a8acc0 100644
--- a/src/fnetfilter/Makefile.in
+++ b/src/fnetfilter/Makefile.in
@@ -24,7 +24,7 @@ HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ 24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 26HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 27EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 28
29H_FILE_LIST = $(sort $(wildcard *.[h])) 29H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 30C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 35
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h 36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 37 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 38
39fnetfilter: $(OBJS) 39fnetfilter: $(OBJS)
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) 40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fsec-optimize/Makefile.in b/src/fsec-optimize/Makefile.in
index 6ddbfc075..faa1aa476 100644
--- a/src/fsec-optimize/Makefile.in
+++ b/src/fsec-optimize/Makefile.in
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@
22HAVE_APPARMOR=@HAVE_APPARMOR@ 22HAVE_APPARMOR=@HAVE_APPARMOR@
23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ 23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ 24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 25HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 26EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
27EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 28
29H_FILE_LIST = $(sort $(wildcard *.[h])) 29H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 30C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 35
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h 36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 37 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 38
39fsec-optimize: $(OBJS) ../lib/libnetlink.o 39fsec-optimize: $(OBJS) ../lib/libnetlink.o
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) 40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fsec-print/Makefile.in b/src/fsec-print/Makefile.in
index 5d23382f7..177b23f06 100644
--- a/src/fsec-print/Makefile.in
+++ b/src/fsec-print/Makefile.in
@@ -25,6 +25,7 @@ HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 26HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
28EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 29
29H_FILE_LIST = $(sort $(wildcard *.[h])) 30H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 31C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +35,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 35LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 36
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h 37%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/seccomp.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 38 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 39
39fsec-print: $(OBJS) ../lib/libnetlink.o 40fsec-print: $(OBJS) ../lib/libnetlink.o
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) 41 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/fseccomp/Makefile.in b/src/fseccomp/Makefile.in
index df4343d36..3fd73bc5c 100644
--- a/src/fseccomp/Makefile.in
+++ b/src/fseccomp/Makefile.in
@@ -22,9 +22,9 @@ HAVE_GLOBALCFG=@HAVE_GLOBALCFG@
22HAVE_APPARMOR=@HAVE_APPARMOR@ 22HAVE_APPARMOR=@HAVE_APPARMOR@
23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@ 23HAVE_OVERLAYFS=@HAVE_OVERLAYFS@
24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@ 24HAVE_PRIVATE_HOME=@HAVE_PRIVATE_HOME@
25EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
26HAVE_GCOV=@HAVE_GCOV@ 25HAVE_GCOV=@HAVE_GCOV@
27EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 26EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
27EXTRA_CFLAGS +=@EXTRA_CFLAGS@
28 28
29H_FILE_LIST = $(sort $(wildcard *.[h])) 29H_FILE_LIST = $(sort $(wildcard *.[h]))
30C_FILE_LIST = $(sort $(wildcard *.c)) 30C_FILE_LIST = $(sort $(wildcard *.c))
@@ -34,7 +34,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 34LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
35 35
36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h 36%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/syscall.h
37 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 37 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
38 38
39fseccomp: $(OBJS) 39fseccomp: $(OBJS)
40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) 40 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
diff --git a/src/ftee/Makefile.in b/src/ftee/Makefile.in
index fd39f0cb7..8846126f8 100644
--- a/src/ftee/Makefile.in
+++ b/src/ftee/Makefile.in
@@ -7,6 +7,7 @@ NAME=@PACKAGE_NAME@
7HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ 7HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
8HAVE_GCOV=@HAVE_GCOV@ 8HAVE_GCOV=@HAVE_GCOV@
9EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 9EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
10EXTRA_CFLAGS +=@EXTRA_CFLAGS@
10 11
11H_FILE_LIST = $(sort $(wildcard *.[h])) 12H_FILE_LIST = $(sort $(wildcard *.[h]))
12C_FILE_LIST = $(sort $(wildcard *.c)) 13C_FILE_LIST = $(sort $(wildcard *.c))
@@ -16,7 +17,7 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV)
16LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread 17LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
17 18
18%.o : %.c $(H_FILE_LIST) 19%.o : %.c $(H_FILE_LIST)
19 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 20 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
20 21
21ftee: $(OBJS) 22ftee: $(OBJS)
22 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(EXTRA_LDFLAGS) 23 $(CC) $(LDFLAGS) -o $@ $(OBJS) $(EXTRA_LDFLAGS)
diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in
index a49e56ad2..a25014c74 100644
--- a/src/lib/Makefile.in
+++ b/src/lib/Makefile.in
@@ -5,6 +5,7 @@ NAME=@PACKAGE_NAME@
5HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ 5HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
6HAVE_GCOV=@HAVE_GCOV@ 6HAVE_GCOV=@HAVE_GCOV@
7EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ 7EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
8EXTRA_CFLAGS +=@EXTRA_CFLAGS@
8 9
9H_FILE_LIST = $(sort $(wildcard *.[h])) 10H_FILE_LIST = $(sort $(wildcard *.[h]))
10C_FILE_LIST = $(sort $(wildcard *.c)) 11C_FILE_LIST = $(sort $(wildcard *.c))
@@ -16,7 +17,7 @@ LDFLAGS:=-pic -Wl,-z,relro -Wl,-z,now
16all: $(OBJS) 17all: $(OBJS)
17 18
18%.o : %.c $(H_FILE_LIST) 19%.o : %.c $(H_FILE_LIST)
19 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@ 20 $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
20 21
21clean:; rm -f $(OBJS) *.gcov *.gcda *.gcno 22clean:; rm -f $(OBJS) *.gcov *.gcda *.gcno
22 23
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-06-29 05:28:58 +0000