diff options
664 files changed, 2281 insertions, 659 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index cc3614c99..81b9cfce4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml | |||
@@ -14,7 +14,7 @@ build_ubuntu_package: | |||
14 | - python3 contrib/sort.py etc/*.{profile,inc} | 14 | - python3 contrib/sort.py etc/*.{profile,inc} |
15 | 15 | ||
16 | build_debian_package: | 16 | build_debian_package: |
17 | image: debian:jessie | 17 | image: debian:stretch |
18 | script: | 18 | script: |
19 | - apt-get update -qq | 19 | - apt-get update -qq |
20 | - apt-get install -y -qq build-essential lintian pkg-config | 20 | - apt-get install -y -qq build-essential lintian pkg-config |
@@ -39,6 +39,7 @@ Committers | |||
39 | - crass (https://github.com/crass) | 39 | - crass (https://github.com/crass) |
40 | - glitsj16 (https://github.com/glitsj16) | 40 | - glitsj16 (https://github.com/glitsj16) |
41 | - Fred-Barclay (https://github.com/Fred-Barclay) | 41 | - Fred-Barclay (https://github.com/Fred-Barclay) |
42 | - Kristóf Marussy (https://github.com/kris7t) | ||
42 | - Reiner Herrmann (https://github.com/reinerh - Debian/Ubuntu maintainer) | 43 | - Reiner Herrmann (https://github.com/reinerh - Debian/Ubuntu maintainer) |
43 | - rusty-snake (https://github.com/rusty-snake) | 44 | - rusty-snake (https://github.com/rusty-snake) |
44 | - smithsohu (https://github.com/smitsohu) | 45 | - smithsohu (https://github.com/smitsohu) |
@@ -160,6 +161,7 @@ Cat (https://github.com/ecat3) | |||
160 | - prevent tmux connecting to an existing session | 161 | - prevent tmux connecting to an existing session |
161 | creideiki (https://github.com/creideiki) | 162 | creideiki (https://github.com/creideiki) |
162 | - make the sandbox process reap all children | 163 | - make the sandbox process reap all children |
164 | - tor browser profile fix | ||
163 | chiraag-nataraj (https://github.com/chiraag-nataraj) | 165 | chiraag-nataraj (https://github.com/chiraag-nataraj) |
164 | - support for newer Xpra versions (2.1+) | 166 | - support for newer Xpra versions (2.1+) |
165 | - added Viber, amule, ardour5, brackets, calligra, cin, fetchmail profiles | 167 | - added Viber, amule, ardour5, brackets, calligra, cin, fetchmail profiles |
@@ -242,6 +244,9 @@ Fabian Würfl (https://github.com/BafDyce) | |||
242 | - Liferea profile | 244 | - Liferea profile |
243 | Felipe Barriga Richards (https://github.com/fbarriga) | 245 | Felipe Barriga Richards (https://github.com/fbarriga) |
244 | - --private-etc fix | 246 | - --private-etc fix |
247 | Florian Begusch (https://github.com/florianbegusch) | ||
248 | - (la)tex profiles | ||
249 | - fixed transmission-common.profile | ||
245 | floxo (https://github.com/floxo) | 250 | floxo (https://github.com/floxo) |
246 | - fixed qml disk cache issue | 251 | - fixed qml disk cache issue |
247 | Franco (nextime) Lanza (https://github.com/nextime) | 252 | Franco (nextime) Lanza (https://github.com/nextime) |
@@ -332,6 +337,8 @@ glitsj16 (https://github.com/glitsj16) | |||
332 | - new profiles: masterpdfeditor | 337 | - new profiles: masterpdfeditor |
333 | gm10 (https://github.com/gm10) | 338 | gm10 (https://github.com/gm10) |
334 | - get_user() do not use the unreliable getlogin() | 339 | - get_user() do not use the unreliable getlogin() |
340 | GovanifY (https://github.com/GovanifY) | ||
341 | - Blacklisting openrc paths by defaults | ||
335 | graywolf (https://github.com/graywolf) | 342 | graywolf (https://github.com/graywolf) |
336 | - spelling fix | 343 | - spelling fix |
337 | greigdp (https://github.com/greigdp) | 344 | greigdp (https://github.com/greigdp) |
@@ -343,6 +350,8 @@ grizzlyuser (https://github.com/grizzlyuser) | |||
343 | - added support for youtube-dl in smplayer profile | 350 | - added support for youtube-dl in smplayer profile |
344 | GSI (https://github.com/GSI) | 351 | GSI (https://github.com/GSI) |
345 | - added Uzbl browser profile | 352 | - added Uzbl browser profile |
353 | haarp (https://github.com/haarp) | ||
354 | - Allow sound for hexchat | ||
346 | hamzadis (https://github.com/hamzadis) | 355 | hamzadis (https://github.com/hamzadis) |
347 | - added --overlay-named=name and --overlay-path=path | 356 | - added --overlay-named=name and --overlay-path=path |
348 | hawkey116477 (https://github.com/hawkeye116477) | 357 | hawkey116477 (https://github.com/hawkeye116477) |
@@ -444,6 +453,8 @@ Kishore96in (https://github.com/Kishore96in) | |||
444 | - added falkon profile | 453 | - added falkon profile |
445 | KOLANICH (https://github.com/KOLANICH) | 454 | KOLANICH (https://github.com/KOLANICH) |
446 | - added symlink fixer fix_private-bin.py in contrib section | 455 | - added symlink fixer fix_private-bin.py in contrib section |
456 | Kristóf Marussy (https://github.com/kris7t) | ||
457 | - dns support | ||
447 | Kunal Mehta (https://github.com/legoktm) | 458 | Kunal Mehta (https://github.com/legoktm) |
448 | - converted all links to https in manpages | 459 | - converted all links to https in manpages |
449 | laniakea64 (https://github.com/laniakea64) | 460 | laniakea64 (https://github.com/laniakea64) |
@@ -503,6 +514,8 @@ mustaqimM (https://github.com/mustaqimM) | |||
503 | - added profile for Nylas Mail | 514 | - added profile for Nylas Mail |
504 | n1trux (https://github.com/n1trux) | 515 | n1trux (https://github.com/n1trux) |
505 | - fix flashpeak-slimjet profile typos | 516 | - fix flashpeak-slimjet profile typos |
517 | nblock (https://github.com/nblock) | ||
518 | - cmus: allow access to resolv.conf | ||
506 | Nick Fox (https://github.com/njfox) | 519 | Nick Fox (https://github.com/njfox) |
507 | - add a profile alias for code-oss | 520 | - add a profile alias for code-oss |
508 | - add code-oss config directory | 521 | - add code-oss config directory |
@@ -861,4 +874,4 @@ Zack Weinberg (https://github.com/zackw) | |||
861 | with firejail --x11 | 874 | with firejail --x11 |
862 | - support for xpra-extra-params in firejail.config | 875 | - support for xpra-extra-params in firejail.config |
863 | 876 | ||
864 | Copyright (C) 2014-2019 Firejail Authors | 877 | Copyright (C) 2014-2020 Firejail Authors |
@@ -145,14 +145,10 @@ We also keep a list of profile fixes for previous released versions in [etc-fixe | |||
145 | ````` | 145 | ````` |
146 | 146 | ||
147 | ````` | 147 | ````` |
148 | ## Latest released version: 0.9.60 - release 0.9.62 pending | 148 | ## Latest released version: 0.9.62 |
149 | 149 | ||
150 | The development for 0.9.62 is handled on release-0.9.62 branch. | 150 | ## Current development version: 0.9.63 |
151 | |||
152 | I had to cut the release branch again as of this commit - big fixes from @smitsohu and @glitsj16. | ||
153 | Also problems with the configure script as reported by @matu3ba. I am reusing the same | ||
154 | name for the release branch, release-0.9.62, so if you have an old release-0.9.62 branch around, | ||
155 | get rid of it and load the new one. | ||
156 | 151 | ||
152 | ### New profiles: | ||
157 | 153 | ||
158 | ## Current development version: 0.9.63 | 154 | gfeeds, firefox-x11, tvbrowser, rtv, clipgrab, gnome-passwordsafe, bibtex, gummi, latex, pdflatex, tex, wpp, wpspdf, wps, et |
@@ -1,5 +1,11 @@ | |||
1 | firejail (0.9.61) baseline; urgency=low | 1 | firejail (0.9.63) baseline; urgency=low |
2 | * work in progress | 2 | * work in progress |
3 | * DHCP client support | ||
4 | * new profiles: gfeeds, firefox-x11, tvbrowser, rtv, clipgrab | ||
5 | * new profiles: gnome-passwordsafe, bibtex, gummi, latex | ||
6 | * new profiles: pdflatex, tex, wpp, wpspdf, wps, et | ||
7 | |||
8 | firejail (0.9.62) baseline; urgency=low | ||
3 | * added file-copy-limit in /etc/firejail/firejail.config | 9 | * added file-copy-limit in /etc/firejail/firejail.config |
4 | * profile templates (/usr/share/doc/firejail) | 10 | * profile templates (/usr/share/doc/firejail) |
5 | * allow-debuggers support in profiles | 11 | * allow-debuggers support in profiles |
diff --git a/SECURITY.md b/SECURITY.md index 558b6870a..46942a936 100644 --- a/SECURITY.md +++ b/SECURITY.md | |||
@@ -4,7 +4,8 @@ | |||
4 | 4 | ||
5 | | Version | Supported by us | EOL | Supported by distribution | | 5 | | Version | Supported by us | EOL | Supported by distribution | |
6 | | ------- | ------------------ | ---- | --------------------------- | 6 | | ------- | ------------------ | ---- | --------------------------- |
7 | | 0.9.60 | :heavy_check_mark: | | :white_check_mark: Debian 11 (testing/unstable), 10 **backports**; Ubuntu 19.10 | 7 | | 0.9.62 | :heavy_check_mark: | | :white_check_mark: Debian 11 (testing/unstable), 10 **backports**; Ubuntu 20.04 |
8 | | 0.9.60 | :x: | | :white_check_mark: Ubuntu 19.10 | ||
8 | | 0.9.58 | :x: | | :white_check_mark: Ubuntu 19.04; Debian 9 **backports**, 10 | 9 | | 0.9.58 | :x: | | :white_check_mark: Ubuntu 19.04; Debian 9 **backports**, 10 |
9 | | 0.9.56 | :x: | 27 Jan 2019 | | 10 | | 0.9.56 | :x: | 27 Jan 2019 | |
10 | | 0.9.54 | :x: | | :white_check_mark: Ubuntu 18.10 | 11 | | 0.9.54 | :x: | | :white_check_mark: Ubuntu 18.10 |
diff --git a/contrib/fj-mkdeb.py b/contrib/fj-mkdeb.py index 89b4e46a9..429cb9db4 100755 --- a/contrib/fj-mkdeb.py +++ b/contrib/fj-mkdeb.py | |||
@@ -1,6 +1,9 @@ | |||
1 | #!/usr/bin/env python3 | 1 | #!/usr/bin/env python3 |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | # This script is automate the workaround for https://github.com/netblue30/firejail/issues/772 | 6 | # This script automates the workaround for https://github.com/netblue30/firejail/issues/772 |
4 | 7 | ||
5 | import os, re, shlex, subprocess, sys | 8 | import os, re, shlex, subprocess, sys |
6 | 9 | ||
diff --git a/contrib/fjclip.py b/contrib/fjclip.py index e374479a1..66038430d 100755 --- a/contrib/fjclip.py +++ b/contrib/fjclip.py | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/env python3 | 1 | #!/usr/bin/env python3 |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | import sys | 6 | import sys |
4 | import subprocess | 7 | import subprocess |
diff --git a/contrib/fjdisplay.py b/contrib/fjdisplay.py index e6c1476f6..f1880283b 100755 --- a/contrib/fjdisplay.py +++ b/contrib/fjdisplay.py | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/env python3 | 1 | #!/usr/bin/env python3 |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | import re | 6 | import re |
4 | import sys | 7 | import sys |
diff --git a/contrib/fjresize.py b/contrib/fjresize.py index b29b170ef..6ab963c58 100755 --- a/contrib/fjresize.py +++ b/contrib/fjresize.py | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/env python3 | 1 | #!/usr/bin/env python3 |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | import sys | 6 | import sys |
4 | import fjdisplay | 7 | import fjdisplay |
diff --git a/contrib/gdb-firejail.sh b/contrib/gdb-firejail.sh index 3ee3fffb3..7a351c065 100755 --- a/contrib/gdb-firejail.sh +++ b/contrib/gdb-firejail.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | set -x | 5 | set -x |
3 | 6 | ||
4 | # gdb setuid helper script. | 7 | # gdb setuid helper script. |
@@ -18,4 +21,4 @@ else | |||
18 | fi | 21 | fi |
19 | 22 | ||
20 | bash -c "kill -STOP \$\$; exec \"\$0\" \"\$@\"" "$@" & | 23 | bash -c "kill -STOP \$\$; exec \"\$0\" \"\$@\"" "$@" & |
21 | sudo gdb -e "$FIREJAIL" -p "$!" \ No newline at end of file | 24 | sudo gdb -e "$FIREJAIL" -p "$!" |
diff --git a/contrib/jail_prober.py b/contrib/jail_prober.py index b18834820..6f8e98b6a 100755 --- a/contrib/jail_prober.py +++ b/contrib/jail_prober.py | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/env python3 | 1 | #!/usr/bin/env python3 |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | """ | 5 | """ |
3 | Figure out which profile options may be causing a particular program to break | 6 | Figure out which profile options may be causing a particular program to break |
4 | when run in firejail. | 7 | when run in firejail. |
diff --git a/contrib/sort.py b/contrib/sort.py index f77e2a1fc..e2f82012b 100755 --- a/contrib/sort.py +++ b/contrib/sort.py | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/env python3 | 1 | #!/usr/bin/env python3 |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | """ | 5 | """ |
3 | Sort the items of multi-item options in profiles, the following options are supported: | 6 | Sort the items of multi-item options in profiles, the following options are supported: |
4 | private-bin, private-etc, private-lib, caps.drop, caps.keep, seccomp.drop, seccomp.drop, protocol | 7 | private-bin, private-etc, private-lib, caps.drop, caps.keep, seccomp.drop, seccomp.drop, protocol |
diff --git a/contrib/syscalls.sh b/contrib/syscalls.sh index 9ab6acf5b..c9cbad4a6 100755 --- a/contrib/syscalls.sh +++ b/contrib/syscalls.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | STRACE_OUTPUT_FILE="$(pwd)/strace_output.txt" | 6 | STRACE_OUTPUT_FILE="$(pwd)/strace_output.txt" |
4 | SYSCALLS_OUTPUT_FILE="$(pwd)/syscalls.txt" | 7 | SYSCALLS_OUTPUT_FILE="$(pwd)/syscalls.txt" |
diff --git a/contrib/update_deb.sh b/contrib/update_deb.sh index fa1b2d692..d417a09ea 100755 --- a/contrib/update_deb.sh +++ b/contrib/update_deb.sh | |||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | # Purpose: Fetch, compile, and install firejail from GitHub source. For | 6 | # Purpose: Fetch, compile, and install firejail from GitHub source. For |
3 | # Debian-based distros only (Ubuntu, Mint, etc). | 7 | # Debian-based distros only (Ubuntu, Mint, etc). |
4 | set -e | 8 | set -e |
@@ -1,3 +1,7 @@ | |||
1 | // This file is part of Firejail project | ||
2 | // Copyright (C) 2014-2020 Firejail Authors | ||
3 | // License GPL v2 | ||
4 | |||
1 | int main(void) { | 5 | int main(void) { |
2 | return 0; | 6 | return 0; |
3 | } | 7 | } |
diff --git a/etc/7z.profile b/etc/7z.profile index 5ff02e1c0..b60bb9ee9 100644 --- a/etc/7z.profile +++ b/etc/7z.profile | |||
@@ -7,6 +7,8 @@ include 7z.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/allow-common-devel.inc b/etc/allow-common-devel.inc index 1d794462c..63174eda6 100644 --- a/etc/allow-common-devel.inc +++ b/etc/allow-common-devel.inc | |||
@@ -1,17 +1,21 @@ | |||
1 | # Rust | 1 | # This file is overwritten during software install. |
2 | noblacklist ${HOME}/.cargo/config | 2 | # Persistent customizations should go in a .local file. |
3 | noblacklist ${HOME}/.cargo/registry | 3 | include allow-common-devel.local |
4 | 4 | ||
5 | # Git | 5 | # Git |
6 | noblacklist ${HOME}/.config/git | 6 | noblacklist ${HOME}/.config/git |
7 | noblacklist ${HOME}/.gitconfig | 7 | noblacklist ${HOME}/.gitconfig |
8 | noblacklist ${HOME}/.git-credentials | 8 | noblacklist ${HOME}/.git-credentials |
9 | 9 | ||
10 | # Java | ||
11 | noblacklist ${HOME}/.gradle | ||
12 | noblacklist ${HOME}/.java | ||
13 | |||
10 | # Python | 14 | # Python |
11 | noblacklist ${HOME}/.python-history | 15 | noblacklist ${HOME}/.python-history |
12 | noblacklist ${HOME}/.python_history | 16 | noblacklist ${HOME}/.python_history |
13 | noblacklist ${HOME}/.pythonhist | 17 | noblacklist ${HOME}/.pythonhist |
14 | 18 | ||
15 | # Java | 19 | # Rust |
16 | noblacklist ${HOME}/.gradle | 20 | noblacklist ${HOME}/.cargo/config |
17 | noblacklist ${HOME}/.java | 21 | noblacklist ${HOME}/.cargo/registry |
diff --git a/etc/allow-gjs.inc b/etc/allow-gjs.inc new file mode 100644 index 000000000..f552ede9d --- /dev/null +++ b/etc/allow-gjs.inc | |||
@@ -0,0 +1,10 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-gjs.local | ||
4 | |||
5 | noblacklist ${PATH}/gjs | ||
6 | noblacklist ${PATH}/gjs-console | ||
7 | noblacklist /usr/lib/gjs | ||
8 | noblacklist /usr/lib64/gjs | ||
9 | noblacklist /usr/lib/libgjs* | ||
10 | noblacklist /usr/lib64/libgjs* | ||
diff --git a/etc/allow-java.inc b/etc/allow-java.inc index 5204d2dea..24d18fb77 100644 --- a/etc/allow-java.inc +++ b/etc/allow-java.inc | |||
@@ -1,6 +1,9 @@ | |||
1 | noblacklist ${HOME}/.java | 1 | # This file is overwritten during software install. |
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-java.local | ||
2 | 4 | ||
5 | noblacklist ${HOME}/.java | ||
3 | noblacklist ${PATH}/java | 6 | noblacklist ${PATH}/java |
4 | noblacklist /usr/lib/java | ||
5 | noblacklist /etc/java | 7 | noblacklist /etc/java |
8 | noblacklist /usr/lib/java | ||
6 | noblacklist /usr/share/java | 9 | noblacklist /usr/share/java |
diff --git a/etc/allow-lua.inc b/etc/allow-lua.inc index 51d76f9b1..fbdee22ee 100644 --- a/etc/allow-lua.inc +++ b/etc/allow-lua.inc | |||
@@ -1,3 +1,7 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-lua.local | ||
4 | |||
1 | noblacklist ${PATH}/lua* | 5 | noblacklist ${PATH}/lua* |
2 | noblacklist /usr/include/lua* | 6 | noblacklist /usr/include/lua* |
3 | noblacklist /usr/lib/lua | 7 | noblacklist /usr/lib/lua |
diff --git a/etc/allow-perl.inc b/etc/allow-perl.inc index d37328936..f44e1e3cc 100644 --- a/etc/allow-perl.inc +++ b/etc/allow-perl.inc | |||
@@ -1,5 +1,9 @@ | |||
1 | noblacklist ${PATH}/cpan* | 1 | # This file is overwritten during software install. |
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-perl.local | ||
4 | |||
2 | noblacklist ${PATH}/core_perl | 5 | noblacklist ${PATH}/core_perl |
6 | noblacklist ${PATH}/cpan* | ||
3 | noblacklist ${PATH}/perl | 7 | noblacklist ${PATH}/perl |
4 | noblacklist ${PATH}/site_perl | 8 | noblacklist ${PATH}/site_perl |
5 | noblacklist ${PATH}/vendor_perl | 9 | noblacklist ${PATH}/vendor_perl |
diff --git a/etc/allow-php.inc b/etc/allow-php.inc new file mode 100644 index 000000000..a0950dc26 --- /dev/null +++ b/etc/allow-php.inc | |||
@@ -0,0 +1,7 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-php.local | ||
4 | |||
5 | noblacklist ${PATH}/php* | ||
6 | noblacklist /usr/lib/php* | ||
7 | noblacklist /usr/share/php* | ||
diff --git a/etc/allow-python2.inc b/etc/allow-python2.inc index 8ea61648b..b0525e2e1 100644 --- a/etc/allow-python2.inc +++ b/etc/allow-python2.inc | |||
@@ -1,3 +1,7 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-python2.local | ||
4 | |||
1 | noblacklist ${PATH}/python2* | 5 | noblacklist ${PATH}/python2* |
2 | noblacklist /usr/include/python2* | 6 | noblacklist /usr/include/python2* |
3 | noblacklist /usr/lib/python2* | 7 | noblacklist /usr/lib/python2* |
diff --git a/etc/allow-python3.inc b/etc/allow-python3.inc index 91c7ffca4..d968886b0 100644 --- a/etc/allow-python3.inc +++ b/etc/allow-python3.inc | |||
@@ -1,5 +1,10 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-python3.local | ||
4 | |||
1 | noblacklist ${PATH}/python3* | 5 | noblacklist ${PATH}/python3* |
2 | noblacklist /usr/include/python3* | 6 | noblacklist /usr/include/python3* |
3 | noblacklist /usr/lib/python3* | 7 | noblacklist /usr/lib/python3* |
8 | noblacklist /usr/lib64/python3* | ||
4 | noblacklist /usr/local/lib/python3* | 9 | noblacklist /usr/local/lib/python3* |
5 | noblacklist /usr/share/python3* | 10 | noblacklist /usr/share/python3* |
diff --git a/etc/allow-ruby.inc b/etc/allow-ruby.inc index 3165a981a..a8c701219 100644 --- a/etc/allow-ruby.inc +++ b/etc/allow-ruby.inc | |||
@@ -1,2 +1,6 @@ | |||
1 | # This file is overwritten during software install. | ||
2 | # Persistent customizations should go in a .local file. | ||
3 | include allow-ruby.local | ||
4 | |||
1 | noblacklist ${PATH}/ruby | 5 | noblacklist ${PATH}/ruby |
2 | noblacklist /usr/lib/ruby | 6 | noblacklist /usr/lib/ruby |
diff --git a/etc/anki.profile b/etc/anki.profile index c349376ff..a0a79ef48 100644 --- a/etc/anki.profile +++ b/etc/anki.profile | |||
@@ -42,7 +42,8 @@ notv | |||
42 | nou2f | 42 | nou2f |
43 | novideo | 43 | novideo |
44 | protocol unix,inet,inet6 | 44 | protocol unix,inet,inet6 |
45 | seccomp | 45 | # QtWebengine needs chroot to set up its own sandbox |
46 | seccomp !chroot | ||
46 | shell none | 47 | shell none |
47 | tracelog | 48 | tracelog |
48 | 49 | ||
diff --git a/etc/ar.profile b/etc/ar.profile index 6b1fb830c..e28370450 100644 --- a/etc/ar.profile +++ b/etc/ar.profile | |||
@@ -7,6 +7,8 @@ include ar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/aria2c.profile b/etc/aria2c.profile index 2fb6dd25f..7819300af 100644 --- a/etc/aria2c.profile +++ b/etc/aria2c.profile | |||
@@ -7,8 +7,11 @@ include aria2c.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.aria2 | 9 | noblacklist ${HOME}/.aria2 |
10 | noblacklist ${HOME}/.config/aria2 | ||
11 | noblacklist ${HOME}/.netrc | ||
10 | 12 | ||
11 | blacklist /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | blacklist ${RUNUSER}/wayland-* | ||
12 | 15 | ||
13 | include disable-common.inc | 16 | include disable-common.inc |
14 | include disable-devel.inc | 17 | include disable-devel.inc |
@@ -37,6 +40,7 @@ seccomp | |||
37 | shell none | 40 | shell none |
38 | 41 | ||
39 | # disable-mnt | 42 | # disable-mnt |
43 | # Add your custom event hook commands to 'private-bin' in your aria2c.local | ||
40 | private-bin aria2c,gzip | 44 | private-bin aria2c,gzip |
41 | # Uncomment the next line (or put 'private-cache' in your aria2c.local) if you don't use Lutris/winetricks (see issue #2772) | 45 | # Uncomment the next line (or put 'private-cache' in your aria2c.local) if you don't use Lutris/winetricks (see issue #2772) |
42 | #private-cache | 46 | #private-cache |
diff --git a/etc/artha.profile b/etc/artha.profile index 31f8887c4..aaaede7ee 100644 --- a/etc/artha.profile +++ b/etc/artha.profile | |||
@@ -11,6 +11,7 @@ noblacklist ${HOME}/.config/artha.log | |||
11 | noblacklist ${HOME}/.config/enchant | 11 | noblacklist ${HOME}/.config/enchant |
12 | 12 | ||
13 | blacklist /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | blacklist ${RUNUSER}/wayland-* | ||
14 | 15 | ||
15 | include disable-common.inc | 16 | include disable-common.inc |
16 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/atool.profile b/etc/atool.profile index fb75c8408..0250451fc 100644 --- a/etc/atool.profile +++ b/etc/atool.profile | |||
@@ -7,6 +7,8 @@ include atool.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | # Allow perl (blacklisted by disable-interpreters.inc) | 12 | # Allow perl (blacklisted by disable-interpreters.inc) |
11 | include allow-perl.inc | 13 | include allow-perl.inc |
12 | 14 | ||
diff --git a/etc/audio-recorder.profile b/etc/audio-recorder.profile index afd1033de..b2ed3b030 100644 --- a/etc/audio-recorder.profile +++ b/etc/audio-recorder.profile | |||
@@ -40,7 +40,6 @@ protocol unix | |||
40 | seccomp | 40 | seccomp |
41 | shell none | 41 | shell none |
42 | tracelog | 42 | tracelog |
43 | x11 none | ||
44 | 43 | ||
45 | disable-mnt | 44 | disable-mnt |
46 | # private-bin audio-recorder | 45 | # private-bin audio-recorder |
diff --git a/etc/baobab.profile b/etc/baobab.profile index e8287b448..18c862a4d 100644 --- a/etc/baobab.profile +++ b/etc/baobab.profile | |||
@@ -12,6 +12,7 @@ include disable-exec.inc | |||
12 | include disable-interpreters.inc | 12 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | 13 | include disable-passwdmgr.inc |
14 | # include disable-programs.inc | 14 | # include disable-programs.inc |
15 | # include disable-xdg.inc | ||
15 | 16 | ||
16 | caps.drop all | 17 | caps.drop all |
17 | net none | 18 | net none |
@@ -32,3 +33,5 @@ shell none | |||
32 | private-bin baobab | 33 | private-bin baobab |
33 | private-dev | 34 | private-dev |
34 | private-tmp | 35 | private-tmp |
36 | |||
37 | read-only ${HOME} | ||
diff --git a/etc/beaker.profile b/etc/beaker.profile index 21eeac4b3..cc1886a49 100644 --- a/etc/beaker.profile +++ b/etc/beaker.profile | |||
@@ -13,7 +13,6 @@ include disable-interpreters.inc | |||
13 | 13 | ||
14 | mkdir ${HOME}/.config/Beaker Browser | 14 | mkdir ${HOME}/.config/Beaker Browser |
15 | whitelist ${HOME}/.config/Beaker Browser | 15 | whitelist ${HOME}/.config/Beaker Browser |
16 | whitelist ${DOWNLOADS} | ||
17 | include whitelist-common.inc | 16 | include whitelist-common.inc |
18 | 17 | ||
19 | # Redirect | 18 | # Redirect |
diff --git a/etc/bibtex.profile b/etc/bibtex.profile new file mode 100644 index 000000000..e868dcbab --- /dev/null +++ b/etc/bibtex.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Firejail profile for bibtex | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include bibtex.local | ||
5 | # Persistent global definitions | ||
6 | include globals.local | ||
7 | |||
8 | private-bin bibtex | ||
9 | |||
10 | # Redirect | ||
11 | include latex-common.profile | ||
12 | |||
diff --git a/etc/bsdtar.profile b/etc/bsdtar.profile index 17c67ed26..5ce9b6406 100644 --- a/etc/bsdtar.profile +++ b/etc/bsdtar.profile | |||
@@ -6,6 +6,8 @@ include bsdtar.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | include disable-common.inc | 11 | include disable-common.inc |
10 | # include disable-devel.inc | 12 | # include disable-devel.inc |
11 | include disable-exec.inc | 13 | include disable-exec.inc |
diff --git a/etc/celluloid.profile b/etc/celluloid.profile index ab68c7f13..d099ba11e 100644 --- a/etc/celluloid.profile +++ b/etc/celluloid.profile | |||
@@ -24,12 +24,13 @@ include disable-passwdmgr.inc | |||
24 | include disable-programs.inc | 24 | include disable-programs.inc |
25 | include disable-xdg.inc | 25 | include disable-xdg.inc |
26 | 26 | ||
27 | include whitelist-usr-share-common.inc | ||
27 | include whitelist-var-common.inc | 28 | include whitelist-var-common.inc |
28 | 29 | ||
29 | apparmor | 30 | apparmor |
30 | caps.drop all | 31 | caps.drop all |
31 | netfilter | 32 | netfilter |
32 | # nodbus -- uses dconf | 33 | # nodbus -- uses dconf, MPRIS |
33 | nogroups | 34 | nogroups |
34 | nonewprivs | 35 | nonewprivs |
35 | noroot | 36 | noroot |
@@ -45,3 +46,5 @@ private-etc alternatives,ca-certificates,crypto-policies,dconf,drirc,fonts,gtk-3 | |||
45 | private-dev | 46 | private-dev |
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
49 | read-only ${HOME} | ||
50 | read-write ${HOME}/.config/celluloid | ||
diff --git a/etc/checkbashisms.profile b/etc/checkbashisms.profile index c66776b9f..e15131dca 100644 --- a/etc/checkbashisms.profile +++ b/etc/checkbashisms.profile | |||
@@ -7,6 +7,8 @@ include checkbashisms.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
11 | 13 | ||
12 | # Allow perl (blacklisted by disable-interpreters.inc) | 14 | # Allow perl (blacklisted by disable-interpreters.inc) |
diff --git a/etc/chromium-common.profile b/etc/chromium-common.profile index 7b88e417a..c54fb0e19 100644 --- a/etc/chromium-common.profile +++ b/etc/chromium-common.profile | |||
@@ -37,7 +37,7 @@ notv | |||
37 | shell none | 37 | shell none |
38 | 38 | ||
39 | disable-mnt | 39 | disable-mnt |
40 | private-dev | 40 | ?BROWSER_DISABLE_U2F: private-dev |
41 | # private-tmp - problems with multiple browser sessions | 41 | # private-tmp - problems with multiple browser sessions |
42 | 42 | ||
43 | # the file dialog needs to work without d-bus | 43 | # the file dialog needs to work without d-bus |
diff --git a/etc/clamav.profile b/etc/clamav.profile index 45e7723eb..51bc58108 100644 --- a/etc/clamav.profile +++ b/etc/clamav.profile | |||
@@ -7,6 +7,8 @@ include clamav.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-exec.inc | 12 | include disable-exec.inc |
11 | 13 | ||
12 | caps.drop all | 14 | caps.drop all |
diff --git a/etc/claws-mail.profile b/etc/claws-mail.profile index f07e2039b..24954b2d8 100644 --- a/etc/claws-mail.profile +++ b/etc/claws-mail.profile | |||
@@ -7,43 +7,16 @@ include claws-mail.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.claws-mail | 9 | noblacklist ${HOME}/.claws-mail |
10 | noblacklist ${HOME}/.gnupg | ||
11 | noblacklist ${HOME}/.signature | ||
12 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your claws-mail.local | ||
13 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications | ||
14 | noblacklist ${HOME}/Mail | ||
15 | 10 | ||
16 | include disable-common.inc | 11 | mkdir ${HOME}/.claws-mail |
17 | include disable-devel.inc | 12 | whitelist ${HOME}/.claws-mail |
18 | include disable-interpreters.inc | ||
19 | include disable-passwdmgr.inc | ||
20 | include disable-programs.inc | ||
21 | 13 | ||
22 | whitelist /usr/share/doc/claws-mail | 14 | # If you use python-based plugins you need to uncomment the below (or put them in your claws-mail.local) |
23 | whitelist /usr/share/gnupg | 15 | # Allow python (blacklisted by disable-interpreters.inc) |
24 | whitelist /usr/share/gnupg2 | 16 | #include allow-python2.inc |
25 | include whitelist-usr-share-common.inc | 17 | #include allow-python3.inc |
26 | |||
27 | caps.drop all | ||
28 | netfilter | ||
29 | no3d | ||
30 | nodvd | ||
31 | nogroups | ||
32 | nonewprivs | ||
33 | noroot | ||
34 | nosound | ||
35 | notv | ||
36 | nou2f | ||
37 | novideo | ||
38 | protocol unix,inet,inet6 | ||
39 | seccomp | ||
40 | shell none | ||
41 | 18 | ||
42 | private-cache | 19 | whitelist /usr/share/doc/claws-mail |
43 | private-dev | ||
44 | private-tmp | ||
45 | 20 | ||
46 | # If you want to read local mail stored in /var/mail, add the following to claws-mail.local: | 21 | # Redirect |
47 | # noblacklist /var/mail | 22 | include email-common.profile |
48 | # noblacklist /var/spool/mail | ||
49 | # writable-var | ||
diff --git a/etc/clipgrab.profile b/etc/clipgrab.profile new file mode 100644 index 000000000..786d1c866 --- /dev/null +++ b/etc/clipgrab.profile | |||
@@ -0,0 +1,45 @@ | |||
1 | # Firejail profile for clipgrab | ||
2 | # Description: A free video downloader and converter | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include clipgrab.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/Philipp Schmieder | ||
10 | noblacklist ${HOME}/.pki | ||
11 | noblacklist ${VIDEOS} | ||
12 | |||
13 | include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | ||
17 | include disable-passwdmgr.inc | ||
18 | include disable-programs.inc | ||
19 | include disable-xdg.inc | ||
20 | |||
21 | include whitelist-usr-share-common.inc | ||
22 | include whitelist-var-common.inc | ||
23 | |||
24 | apparmor | ||
25 | caps.drop all | ||
26 | machine-id | ||
27 | netfilter | ||
28 | # Breaks tray-icon, uncommend or add to clipgrab.local if you don't need it. | ||
29 | #nodbus | ||
30 | nodvd | ||
31 | nogroups | ||
32 | nonewprivs | ||
33 | noroot | ||
34 | nosound | ||
35 | notv | ||
36 | nou2f | ||
37 | novideo | ||
38 | protocol unix,inet,inet6,netlink | ||
39 | seccomp !chroot | ||
40 | shell none | ||
41 | |||
42 | disable-mnt | ||
43 | private-cache | ||
44 | private-dev | ||
45 | private-tmp | ||
diff --git a/etc/cmus.profile b/etc/cmus.profile index 7e12a06de..fa1e5d722 100644 --- a/etc/cmus.profile +++ b/etc/cmus.profile | |||
@@ -27,4 +27,4 @@ seccomp | |||
27 | shell none | 27 | shell none |
28 | 28 | ||
29 | private-bin cmus | 29 | private-bin cmus |
30 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,group,machine-id,pki,pulse,ssl | 30 | private-etc alternatives,asound.conf,ca-certificates,crypto-policies,group,machine-id,pki,pulse,resolv.conf,ssl |
diff --git a/etc/cpio.profile b/etc/cpio.profile index 17a765700..1156b7439 100644 --- a/etc/cpio.profile +++ b/etc/cpio.profile | |||
@@ -7,6 +7,8 @@ include cpio.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist /sbin | 12 | noblacklist /sbin |
11 | noblacklist /usr/sbin | 13 | noblacklist /usr/sbin |
12 | 14 | ||
diff --git a/etc/curl.profile b/etc/curl.profile index 2624e5545..3f93e5f7e 100644 --- a/etc/curl.profile +++ b/etc/curl.profile | |||
@@ -9,10 +9,14 @@ include globals.local | |||
9 | 9 | ||
10 | noblacklist ${HOME}/.curlrc | 10 | noblacklist ${HOME}/.curlrc |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | ||
13 | |||
12 | include disable-common.inc | 14 | include disable-common.inc |
13 | include disable-exec.inc | 15 | include disable-exec.inc |
14 | include disable-passwdmgr.inc | 16 | include disable-passwdmgr.inc |
15 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | # depending on workflow you can uncomment the below or put 'include disable-xdg.inc' in your curl.local | ||
19 | #include disable-xdg.inc | ||
16 | 20 | ||
17 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
18 | 22 | ||
@@ -33,6 +37,7 @@ novideo | |||
33 | protocol inet,inet6 | 37 | protocol inet,inet6 |
34 | seccomp | 38 | seccomp |
35 | shell none | 39 | shell none |
40 | tracelog | ||
36 | 41 | ||
37 | # private-bin curl | 42 | # private-bin curl |
38 | private-cache | 43 | private-cache |
diff --git a/etc/dconf.profile b/etc/dconf.profile index ebb362fb6..2ee573463 100644 --- a/etc/dconf.profile +++ b/etc/dconf.profile | |||
@@ -6,6 +6,8 @@ include dconf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | include disable-common.inc | 11 | include disable-common.inc |
10 | include disable-devel.inc | 12 | include disable-devel.inc |
11 | include disable-exec.inc | 13 | include disable-exec.inc |
diff --git a/etc/ddgtk.profile b/etc/ddgtk.profile index ef65046e1..3dfc657bc 100644 --- a/etc/ddgtk.profile +++ b/etc/ddgtk.profile | |||
@@ -43,7 +43,6 @@ protocol unix | |||
43 | seccomp | 43 | seccomp |
44 | shell none | 44 | shell none |
45 | tracelog | 45 | tracelog |
46 | x11 none | ||
47 | 46 | ||
48 | disable-mnt | 47 | disable-mnt |
49 | private-bin bash,dd,ddgtk,grep,lsblk,python*,sed,sh,tr | 48 | private-bin bash,dd,ddgtk,grep,lsblk,python*,sed,sh,tr |
diff --git a/etc/devhelp.profile b/etc/devhelp.profile index 5c1935835..cc9553e73 100644 --- a/etc/devhelp.profile +++ b/etc/devhelp.profile | |||
@@ -16,6 +16,8 @@ include disable-programs.inc | |||
16 | include disable-xdg.inc | 16 | include disable-xdg.inc |
17 | 17 | ||
18 | whitelist /usr/share/devhelp | 18 | whitelist /usr/share/devhelp |
19 | whitelist /usr/share/doc | ||
20 | whitelist /usr/share/gtk-doc/html | ||
19 | include whitelist-common.inc | 21 | include whitelist-common.inc |
20 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
21 | 23 | ||
diff --git a/etc/devilspie.profile b/etc/devilspie.profile index ad891ffaf..b561787d8 100644 --- a/etc/devilspie.profile +++ b/etc/devilspie.profile | |||
@@ -6,6 +6,8 @@ include devilspie.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${HOME}/.devilspie | 11 | noblacklist ${HOME}/.devilspie |
10 | 12 | ||
11 | include disable-common.inc | 13 | include disable-common.inc |
@@ -41,6 +43,7 @@ protocol unix | |||
41 | seccomp | 43 | seccomp |
42 | shell none | 44 | shell none |
43 | tracelog | 45 | tracelog |
46 | x11 none | ||
44 | 47 | ||
45 | disable-mnt | 48 | disable-mnt |
46 | private-bin devilspie | 49 | private-bin devilspie |
diff --git a/etc/devilspie2.profile b/etc/devilspie2.profile index f2bacda9a..9eab3f536 100644 --- a/etc/devilspie2.profile +++ b/etc/devilspie2.profile | |||
@@ -4,55 +4,21 @@ | |||
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include devilspie2.local | 5 | include devilspie2.local |
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | #include globals.local |
8 | |||
9 | blacklist ${HOME}/.devilspie | ||
10 | |||
11 | blacklist ${RUNUSER}/wayland-* | ||
8 | 12 | ||
9 | noblacklist ${HOME}/.config/devilspie2 | 13 | noblacklist ${HOME}/.config/devilspie2 |
10 | 14 | ||
11 | # Allow lua (blacklisted by disable-interpreters.inc) | 15 | # Allow lua (blacklisted by disable-interpreters.inc) |
12 | include allow-lua.inc | 16 | include allow-lua.inc |
13 | 17 | ||
14 | include disable-common.inc | ||
15 | include disable-devel.inc | ||
16 | include disable-exec.inc | ||
17 | include disable-interpreters.inc | ||
18 | include disable-passwdmgr.inc | ||
19 | include disable-programs.inc | ||
20 | include disable-xdg.inc | ||
21 | |||
22 | mkdir ${HOME}/.config/devilspie2 | 18 | mkdir ${HOME}/.config/devilspie2 |
23 | whitelist ${HOME}/.config/devilspie2 | 19 | whitelist ${HOME}/.config/devilspie2 |
24 | include whitelist-common.inc | ||
25 | include whitelist-usr-share-common.inc | ||
26 | include whitelist-var-common.inc | ||
27 | 20 | ||
28 | apparmor | ||
29 | caps.drop all | ||
30 | ipc-namespace | ||
31 | machine-id | ||
32 | net none | ||
33 | no3d | ||
34 | nodbus | ||
35 | nodvd | ||
36 | nogroups | ||
37 | nonewprivs | ||
38 | noroot | ||
39 | nosound | ||
40 | notv | ||
41 | nou2f | ||
42 | novideo | ||
43 | protocol unix | ||
44 | seccomp | ||
45 | shell none | ||
46 | tracelog | ||
47 | |||
48 | disable-mnt | ||
49 | private-bin devilspie2 | 21 | private-bin devilspie2 |
50 | private-cache | ||
51 | private-dev | ||
52 | private-etc alternatives | ||
53 | private-lib gconv | ||
54 | private-tmp | ||
55 | |||
56 | memory-deny-write-execute | ||
57 | 22 | ||
58 | read-only ${HOME} | 23 | # Redirect |
24 | include devilspie.profile | ||
diff --git a/etc/dig.profile b/etc/dig.profile index af71ff17f..054e4891d 100644 --- a/etc/dig.profile +++ b/etc/dig.profile | |||
@@ -9,6 +9,8 @@ include globals.local | |||
9 | 9 | ||
10 | noblacklist ${HOME}/.digrc | 10 | noblacklist ${HOME}/.digrc |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | ||
13 | |||
12 | include disable-common.inc | 14 | include disable-common.inc |
13 | # include disable-devel.inc | 15 | # include disable-devel.inc |
14 | include disable-exec.inc | 16 | include disable-exec.inc |
@@ -24,7 +26,7 @@ include whitelist-usr-share-common.inc | |||
24 | include whitelist-var-common.inc | 26 | include whitelist-var-common.inc |
25 | 27 | ||
26 | caps.drop all | 28 | caps.drop all |
27 | # ipc-namespace | 29 | ipc-namespace |
28 | machine-id | 30 | machine-id |
29 | netfilter | 31 | netfilter |
30 | no3d | 32 | no3d |
@@ -40,6 +42,7 @@ novideo | |||
40 | protocol unix,inet,inet6 | 42 | protocol unix,inet,inet6 |
41 | seccomp | 43 | seccomp |
42 | shell none | 44 | shell none |
45 | tracelog | ||
43 | 46 | ||
44 | disable-mnt | 47 | disable-mnt |
45 | private | 48 | private |
diff --git a/etc/digikam.profile b/etc/digikam.profile index 1b80981f7..e66434444 100644 --- a/etc/digikam.profile +++ b/etc/digikam.profile | |||
@@ -32,7 +32,8 @@ nonewprivs | |||
32 | noroot | 32 | noroot |
33 | notv | 33 | notv |
34 | protocol unix,inet,inet6,netlink | 34 | protocol unix,inet,inet6,netlink |
35 | seccomp | 35 | # QtWebengine needs chroot to set up its own sandbox |
36 | seccomp !chroot | ||
36 | shell none | 37 | shell none |
37 | 38 | ||
38 | # private-dev - prevents libdc1394 loading; this lib is used to connect to a camera device | 39 | # private-dev - prevents libdc1394 loading; this lib is used to connect to a camera device |
diff --git a/etc/disable-common.inc b/etc/disable-common.inc index f50e10a00..9f351a673 100644 --- a/etc/disable-common.inc +++ b/etc/disable-common.inc | |||
@@ -151,6 +151,11 @@ blacklist /var/lib/systemd | |||
151 | # blacklist /var/run/systemd | 151 | # blacklist /var/run/systemd |
152 | # creates problems on Arch where /etc/resolv.conf is a symlink to /var/run/systemd/resolve/resolv.conf | 152 | # creates problems on Arch where /etc/resolv.conf is a symlink to /var/run/systemd/resolve/resolv.conf |
153 | 153 | ||
154 | # openrc | ||
155 | blacklist /etc/runlevels/ | ||
156 | blacklist /etc/init.d/ | ||
157 | blacklist /etc/rc.conf | ||
158 | |||
154 | # VirtualBox | 159 | # VirtualBox |
155 | blacklist ${HOME}/.VirtualBox | 160 | blacklist ${HOME}/.VirtualBox |
156 | blacklist ${HOME}/.config/VirtualBox | 161 | blacklist ${HOME}/.config/VirtualBox |
@@ -193,7 +198,7 @@ blacklist /var/lib/mysqld/mysql.sock | |||
193 | blacklist /var/lib/pacman | 198 | blacklist /var/lib/pacman |
194 | blacklist /var/lib/upower | 199 | blacklist /var/lib/upower |
195 | # blacklist /var/log - a virtual /var/log directory (mostly empty) is build up by default for | 200 | # blacklist /var/log - a virtual /var/log directory (mostly empty) is build up by default for |
196 | # every sandbox, unless --writeble-var-log switch is activated | 201 | # every sandbox, unless --writable-var-log switch is activated |
197 | blacklist /var/mail | 202 | blacklist /var/mail |
198 | blacklist /var/opt | 203 | blacklist /var/opt |
199 | blacklist /var/run/acpid.socket | 204 | blacklist /var/run/acpid.socket |
diff --git a/etc/disable-interpreters.inc b/etc/disable-interpreters.inc index 4c4eed25d..ae539e1bc 100644 --- a/etc/disable-interpreters.inc +++ b/etc/disable-interpreters.inc | |||
@@ -2,6 +2,14 @@ | |||
2 | # Persistent customizations should go in a .local file. | 2 | # Persistent customizations should go in a .local file. |
3 | include disable-interpreters.local | 3 | include disable-interpreters.local |
4 | 4 | ||
5 | # gjs | ||
6 | blacklist ${PATH}/gjs | ||
7 | blacklist ${PATH}/gjs-console | ||
8 | blacklist /usr/lib/gjs | ||
9 | blacklist /usr/lib64/gjs | ||
10 | blacklist /usr/lib/libgjs* | ||
11 | blacklist /usr/lib64/libgjs* | ||
12 | |||
5 | # Lua | 13 | # Lua |
6 | blacklist ${PATH}/lua* | 14 | blacklist ${PATH}/lua* |
7 | blacklist /usr/include/lua* | 15 | blacklist /usr/include/lua* |
@@ -47,5 +55,6 @@ blacklist /usr/share/python2* | |||
47 | blacklist ${PATH}/python3* | 55 | blacklist ${PATH}/python3* |
48 | blacklist /usr/include/python3* | 56 | blacklist /usr/include/python3* |
49 | blacklist /usr/lib/python3* | 57 | blacklist /usr/lib/python3* |
58 | blacklist /usr/lib64/python3* | ||
50 | blacklist /usr/local/lib/python3* | 59 | blacklist /usr/local/lib/python3* |
51 | blacklist /usr/share/python3* | 60 | blacklist /usr/share/python3* |
diff --git a/etc/disable-programs.inc b/etc/disable-programs.inc index 1c97ed8d6..baa9c3fab 100644 --- a/etc/disable-programs.inc +++ b/etc/disable-programs.inc | |||
@@ -85,6 +85,7 @@ blacklist ${HOME}/.config/Gpredict | |||
85 | blacklist ${HOME}/.config/INRIA | 85 | blacklist ${HOME}/.config/INRIA |
86 | blacklist ${HOME}/.config/InSilmaril | 86 | blacklist ${HOME}/.config/InSilmaril |
87 | blacklist ${HOME}/.config/Kid3 | 87 | blacklist ${HOME}/.config/Kid3 |
88 | blacklist ${HOME}/.config/Kingsoft | ||
88 | blacklist ${HOME}/.config/Luminance | 89 | blacklist ${HOME}/.config/Luminance |
89 | blacklist ${HOME}/.config/Meltytech | 90 | blacklist ${HOME}/.config/Meltytech |
90 | blacklist ${HOME}/.config/Mendeley Ltd. | 91 | blacklist ${HOME}/.config/Mendeley Ltd. |
@@ -97,6 +98,7 @@ blacklist ${HOME}/.config/MusicBrainz | |||
97 | blacklist ${HOME}/.config/Nathan Osman | 98 | blacklist ${HOME}/.config/Nathan Osman |
98 | blacklist ${HOME}/.config/Nylas Mail | 99 | blacklist ${HOME}/.config/Nylas Mail |
99 | blacklist ${HOME}/.config/PBE | 100 | blacklist ${HOME}/.config/PBE |
101 | blacklist ${HOME}/.config/Philipp Schmieder | ||
100 | blacklist ${HOME}/.config/QGIS | 102 | blacklist ${HOME}/.config/QGIS |
101 | blacklist ${HOME}/.config/QMediathekView | 103 | blacklist ${HOME}/.config/QMediathekView |
102 | blacklist ${HOME}/.config/Qlipper | 104 | blacklist ${HOME}/.config/Qlipper |
@@ -118,6 +120,7 @@ blacklist ${HOME}/.config/akonadi* | |||
118 | blacklist ${HOME}/.config/akregatorrc | 120 | blacklist ${HOME}/.config/akregatorrc |
119 | blacklist ${HOME}/.config/ardour4 | 121 | blacklist ${HOME}/.config/ardour4 |
120 | blacklist ${HOME}/.config/ardour5 | 122 | blacklist ${HOME}/.config/ardour5 |
123 | blacklist ${HOME}/.config/aria2 | ||
121 | blacklist ${HOME}/.config/arkrc | 124 | blacklist ${HOME}/.config/arkrc |
122 | blacklist ${HOME}/.config/artha.conf | 125 | blacklist ${HOME}/.config/artha.conf |
123 | blacklist ${HOME}/.config/artha.log | 126 | blacklist ${HOME}/.config/artha.log |
@@ -198,6 +201,7 @@ blacklist ${HOME}/.config/google-chrome-beta | |||
198 | blacklist ${HOME}/.config/google-chrome-unstable | 201 | blacklist ${HOME}/.config/google-chrome-unstable |
199 | blacklist ${HOME}/.config/gpicview | 202 | blacklist ${HOME}/.config/gpicview |
200 | blacklist ${HOME}/.config/gthumb | 203 | blacklist ${HOME}/.config/gthumb |
204 | blacklist ${HOME}/.config/gummi | ||
201 | blacklist ${HOME}/.config/gwenviewrc | 205 | blacklist ${HOME}/.config/gwenviewrc |
202 | blacklist ${HOME}/.config/hexchat | 206 | blacklist ${HOME}/.config/hexchat |
203 | blacklist ${HOME}/.config/i2p | 207 | blacklist ${HOME}/.config/i2p |
@@ -290,6 +294,7 @@ blacklist ${HOME}/.config/redshift | |||
290 | blacklist ${HOME}/.config/redshift.conf | 294 | blacklist ${HOME}/.config/redshift.conf |
291 | blacklist ${HOME}/.config/remmina | 295 | blacklist ${HOME}/.config/remmina |
292 | blacklist ${HOME}/.config/ristretto | 296 | blacklist ${HOME}/.config/ristretto |
297 | blacklist ${HOME}/.config/rtv | ||
293 | blacklist ${HOME}/.config/scribus | 298 | blacklist ${HOME}/.config/scribus |
294 | blacklist ${HOME}/.config/scribusrc | 299 | blacklist ${HOME}/.config/scribusrc |
295 | blacklist ${HOME}/.config/sinew.in | 300 | blacklist ${HOME}/.config/sinew.in |
@@ -311,6 +316,7 @@ blacklist ${HOME}/.config/tox | |||
311 | blacklist ${HOME}/.config/transgui | 316 | blacklist ${HOME}/.config/transgui |
312 | blacklist ${HOME}/.config/transmission | 317 | blacklist ${HOME}/.config/transmission |
313 | blacklist ${HOME}/.config/truecraft | 318 | blacklist ${HOME}/.config/truecraft |
319 | blacklist ${HOME}/.config/tvbrowser | ||
314 | blacklist ${HOME}/.config/uGet | 320 | blacklist ${HOME}/.config/uGet |
315 | blacklist ${HOME}/.config/uzbl | 321 | blacklist ${HOME}/.config/uzbl |
316 | blacklist ${HOME}/.config/viewnior | 322 | blacklist ${HOME}/.config/viewnior |
@@ -454,6 +460,7 @@ blacklist ${HOME}/.kde4/share/config/ktorrentrc | |||
454 | blacklist ${HOME}/.kde4/share/config/okularpartrc | 460 | blacklist ${HOME}/.kde4/share/config/okularpartrc |
455 | blacklist ${HOME}/.kde4/share/config/okularrc | 461 | blacklist ${HOME}/.kde4/share/config/okularrc |
456 | blacklist ${HOME}/.killingfloor | 462 | blacklist ${HOME}/.killingfloor |
463 | blacklist ${HOME}/.kingsoft | ||
457 | blacklist ${HOME}/.kino-history | 464 | blacklist ${HOME}/.kino-history |
458 | blacklist ${HOME}/.kinorc | 465 | blacklist ${HOME}/.kinorc |
459 | blacklist ${HOME}/.klatexformula | 466 | blacklist ${HOME}/.klatexformula |
@@ -470,6 +477,7 @@ blacklist ${HOME}/.local/share/Anki2 | |||
470 | blacklist ${HOME}/.local/share/Empathy | 477 | blacklist ${HOME}/.local/share/Empathy |
471 | blacklist ${HOME}/.local/share/Enpass | 478 | blacklist ${HOME}/.local/share/Enpass |
472 | blacklist ${HOME}/.local/share/JetBrains | 479 | blacklist ${HOME}/.local/share/JetBrains |
480 | blacklist ${HOME}/.local/share/Kingsoft | ||
473 | blacklist ${HOME}/.local/share/Mendeley Ltd. | 481 | blacklist ${HOME}/.local/share/Mendeley Ltd. |
474 | blacklist ${HOME}/.local/share/Mumble | 482 | blacklist ${HOME}/.local/share/Mumble |
475 | blacklist ${HOME}/.local/share/PBE | 483 | blacklist ${HOME}/.local/share/PBE |
@@ -573,6 +581,7 @@ blacklist ${HOME}/.local/share/qpdfview | |||
573 | blacklist ${HOME}/.local/share/qutebrowser | 581 | blacklist ${HOME}/.local/share/qutebrowser |
574 | blacklist ${HOME}/.local/share/remmina | 582 | blacklist ${HOME}/.local/share/remmina |
575 | blacklist ${HOME}/.local/share/rhythmbox | 583 | blacklist ${HOME}/.local/share/rhythmbox |
584 | blacklist ${HOME}/.local/share/rtv | ||
576 | blacklist ${HOME}/.local/share/scribus | 585 | blacklist ${HOME}/.local/share/scribus |
577 | blacklist ${HOME}/.local/share/signal-cli | 586 | blacklist ${HOME}/.local/share/signal-cli |
578 | blacklist ${HOME}/.local/share/spotify | 587 | blacklist ${HOME}/.local/share/spotify |
@@ -662,6 +671,7 @@ blacklist ${HOME}/.torcs | |||
662 | blacklist ${HOME}/.tremulous | 671 | blacklist ${HOME}/.tremulous |
663 | blacklist ${HOME}/.ts3client | 672 | blacklist ${HOME}/.ts3client |
664 | blacklist ${HOME}/.tuxguitar* | 673 | blacklist ${HOME}/.tuxguitar* |
674 | blacklist ${HOME}/.tvbrowser | ||
665 | blacklist ${HOME}/.unknown-horizons | 675 | blacklist ${HOME}/.unknown-horizons |
666 | blacklist ${HOME}/.viking | 676 | blacklist ${HOME}/.viking |
667 | blacklist ${HOME}/.viking-maps | 677 | blacklist ${HOME}/.viking-maps |
@@ -737,15 +747,17 @@ blacklist ${HOME}/.cache/freecol | |||
737 | blacklist ${HOME}/.cache/gajim | 747 | blacklist ${HOME}/.cache/gajim |
738 | blacklist ${HOME}/.cache/gegl-0.4 | 748 | blacklist ${HOME}/.cache/gegl-0.4 |
739 | blacklist ${HOME}/.cache/geeqie | 749 | blacklist ${HOME}/.cache/geeqie |
750 | blacklist ${HOME}/.cache/gfeeds | ||
740 | blacklist ${HOME}/.cache/gimp | 751 | blacklist ${HOME}/.cache/gimp |
752 | blacklist ${HOME}/.cache/gnome-builder | ||
753 | blacklist ${HOME}/.cache/gnome-recipes | ||
754 | blacklist ${HOME}/.cache/gnome-twitch | ||
741 | blacklist ${HOME}/.cache/godot | 755 | blacklist ${HOME}/.cache/godot |
742 | blacklist ${HOME}/.cache/google-chrome | 756 | blacklist ${HOME}/.cache/google-chrome |
743 | blacklist ${HOME}/.cache/google-chrome-beta | 757 | blacklist ${HOME}/.cache/google-chrome-beta |
744 | blacklist ${HOME}/.cache/google-chrome-unstable | 758 | blacklist ${HOME}/.cache/google-chrome-unstable |
745 | blacklist ${HOME}/.cache/gnome-builder | ||
746 | blacklist ${HOME}/.cache/gnome-recipes | ||
747 | blacklist ${HOME}/.cache/gnome-twitch | ||
748 | blacklist ${HOME}/.cache/gradio | 759 | blacklist ${HOME}/.cache/gradio |
760 | blacklist ${HOME}/.cache/gummi | ||
749 | blacklist ${HOME}/.cache/icedove | 761 | blacklist ${HOME}/.cache/icedove |
750 | blacklist ${HOME}/.cache/INRIA/Natron | 762 | blacklist ${HOME}/.cache/INRIA/Natron |
751 | blacklist ${HOME}/.cache/inkscape | 763 | blacklist ${HOME}/.cache/inkscape |
diff --git a/etc/dnscrypt-proxy.profile b/etc/dnscrypt-proxy.profile index d0430d5ca..6637b8d02 100644 --- a/etc/dnscrypt-proxy.profile +++ b/etc/dnscrypt-proxy.profile | |||
@@ -7,6 +7,9 @@ include dnscrypt-proxy.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | ||
11 | blacklist ${RUNUSER}/wayland-* | ||
12 | |||
10 | noblacklist /sbin | 13 | noblacklist /sbin |
11 | noblacklist /usr/sbin | 14 | noblacklist /usr/sbin |
12 | 15 | ||
@@ -20,10 +23,13 @@ include disable-xdg.inc | |||
20 | 23 | ||
21 | whitelist /usr/share/dnscrypt-proxy | 24 | whitelist /usr/share/dnscrypt-proxy |
22 | include whitelist-usr-share-common.inc | 25 | include whitelist-usr-share-common.inc |
26 | include whitelist-var-common.inc | ||
23 | 27 | ||
28 | apparmor | ||
24 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot | 29 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot |
25 | ipc-namespace | 30 | ipc-namespace |
26 | machine-id | 31 | machine-id |
32 | netfilter | ||
27 | no3d | 33 | no3d |
28 | nodbus | 34 | nodbus |
29 | nodvd | 35 | nodvd |
@@ -34,6 +40,8 @@ nou2f | |||
34 | novideo | 40 | novideo |
35 | protocol inet,inet6 | 41 | protocol inet,inet6 |
36 | seccomp.drop _sysctl,acct,add_key,adjtimex,clock_adjtime,delete_module,fanotify_init,finit_module,get_mempolicy,init_module,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioperm,iopl,kcmp,kexec_file_load,kexec_load,keyctl,lookup_dcookie,mbind,migrate_pages,modify_ldt,mount,move_pages,open_by_handle_at,perf_event_open,perf_event_open,pivot_root,process_vm_readv,process_vm_writev,ptrace,remap_file_pages,request_key,set_mempolicy,swapoff,swapon,sysfs,syslog,umount2,uselib,vmsplice | 42 | seccomp.drop _sysctl,acct,add_key,adjtimex,clock_adjtime,delete_module,fanotify_init,finit_module,get_mempolicy,init_module,io_cancel,io_destroy,io_getevents,io_setup,io_submit,ioperm,iopl,kcmp,kexec_file_load,kexec_load,keyctl,lookup_dcookie,mbind,migrate_pages,modify_ldt,mount,move_pages,open_by_handle_at,perf_event_open,perf_event_open,pivot_root,process_vm_readv,process_vm_writev,ptrace,remap_file_pages,request_key,set_mempolicy,swapoff,swapon,sysfs,syslog,umount2,uselib,vmsplice |
43 | shell none | ||
44 | tracelog | ||
37 | 45 | ||
38 | disable-mnt | 46 | disable-mnt |
39 | private | 47 | private |
diff --git a/etc/dnsmasq.profile b/etc/dnsmasq.profile index dfb1b61c1..6db71bd49 100644 --- a/etc/dnsmasq.profile +++ b/etc/dnsmasq.profile | |||
@@ -11,6 +11,7 @@ noblacklist /sbin | |||
11 | noblacklist /usr/sbin | 11 | noblacklist /usr/sbin |
12 | 12 | ||
13 | blacklist /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | blacklist ${RUNUSER}/wayland-* | ||
14 | 15 | ||
15 | include disable-common.inc | 16 | include disable-common.inc |
16 | include disable-devel.inc | 17 | include disable-devel.inc |
diff --git a/etc/easystroke.profile b/etc/easystroke.profile index 623a4cadc..1297f5f40 100644 --- a/etc/easystroke.profile +++ b/etc/easystroke.profile | |||
@@ -16,7 +16,11 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 16 | include disable-programs.inc |
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.easystroke | ||
20 | whitelist ${HOME}/.easystroke | ||
21 | include whitelist-common.inc | ||
19 | include whitelist-usr-share-common.inc | 22 | include whitelist-usr-share-common.inc |
23 | include whitelist-var-common.inc | ||
20 | 24 | ||
21 | apparmor | 25 | apparmor |
22 | caps.drop all | 26 | caps.drop all |
@@ -35,6 +39,7 @@ novideo | |||
35 | protocol unix | 39 | protocol unix |
36 | seccomp | 40 | seccomp |
37 | shell none | 41 | shell none |
42 | tracelog | ||
38 | 43 | ||
39 | disable-mnt | 44 | disable-mnt |
40 | # breaks custom shell command functionality | 45 | # breaks custom shell command functionality |
diff --git a/etc/elinks.profile b/etc/elinks.profile index 94f4179c7..82d1ba528 100644 --- a/etc/elinks.profile +++ b/etc/elinks.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | noblacklist ${HOME}/.elinks | 9 | noblacklist ${HOME}/.elinks |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | blacklist ${RUNUSER}/wayland-* | ||
12 | 13 | ||
13 | include disable-common.inc | 14 | include disable-common.inc |
14 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/email-common.profile b/etc/email-common.profile new file mode 100644 index 000000000..f9d96858b --- /dev/null +++ b/etc/email-common.profile | |||
@@ -0,0 +1,68 @@ | |||
1 | # Firejail profile for email-common | ||
2 | # Description: Common profile for claws-mail and sylpheed email clients | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include email-common.local | ||
6 | # Persistent global definitions | ||
7 | # added by caller profile | ||
8 | #include globals.local | ||
9 | |||
10 | noblacklist ${HOME}/.gnupg | ||
11 | noblacklist ${HOME}/.signature | ||
12 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your email-common.local | ||
13 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications | ||
14 | noblacklist ${HOME}/Mail | ||
15 | |||
16 | noblacklist ${DOCUMENTS} | ||
17 | |||
18 | include disable-common.inc | ||
19 | include disable-devel.inc | ||
20 | include disable-interpreters.inc | ||
21 | include disable-passwdmgr.inc | ||
22 | include disable-programs.inc | ||
23 | include disable-xdg.inc | ||
24 | |||
25 | whitelist ${DOCUMENTS} | ||
26 | whitelist ${DOWNLOADS} | ||
27 | mkfile ${HOME}/.config/mimeapps.list | ||
28 | mkdir ${HOME}/.gnupg | ||
29 | mkfile ${HOME}/.signature | ||
30 | whitelist ${HOME}/.config/mimeapps.list | ||
31 | whitelist ${HOME}/.gnupg | ||
32 | whitelist ${HOME}/.signature | ||
33 | # when storing mail outside the default ${HOME}/Mail path, 'whitelist' the custom path in your email-common.local | ||
34 | whitelist ${HOME}/Mail | ||
35 | whitelist /usr/share/gnupg | ||
36 | whitelist /usr/share/gnupg2 | ||
37 | include whitelist-common.inc | ||
38 | include whitelist-usr-share-common.inc | ||
39 | include whitelist-var-common.inc | ||
40 | |||
41 | caps.drop all | ||
42 | netfilter | ||
43 | no3d | ||
44 | nodvd | ||
45 | nogroups | ||
46 | nonewprivs | ||
47 | noroot | ||
48 | nosound | ||
49 | notv | ||
50 | nou2f | ||
51 | novideo | ||
52 | protocol unix,inet,inet6 | ||
53 | seccomp | ||
54 | shell none | ||
55 | tracelog | ||
56 | |||
57 | private-cache | ||
58 | private-dev | ||
59 | private-tmp | ||
60 | |||
61 | # encrypting and signing email | ||
62 | read-only ${HOME}/.config/mimeapps.list | ||
63 | writable-run-user | ||
64 | |||
65 | # If you want to read local mail stored in /var/mail, add the following to email-common.local: | ||
66 | # whitelist /var/mail | ||
67 | # whitelist /var/spool/mail | ||
68 | # writable-var | ||
diff --git a/etc/enchant.profile b/etc/enchant.profile index d276cec84..fa556c7d2 100644 --- a/etc/enchant.profile +++ b/etc/enchant.profile | |||
@@ -6,6 +6,8 @@ include enchant.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${HOME}/.config/enchant | 11 | noblacklist ${HOME}/.config/enchant |
10 | 12 | ||
11 | include disable-common.inc | 13 | include disable-common.inc |
@@ -16,7 +18,11 @@ include disable-passwdmgr.inc | |||
16 | include disable-programs.inc | 18 | include disable-programs.inc |
17 | include disable-xdg.inc | 19 | include disable-xdg.inc |
18 | 20 | ||
21 | mkdir ${HOME}/.config/enchant | ||
22 | whitelist ${HOME}/.config/enchant | ||
23 | include whitelist-common.inc | ||
19 | include whitelist-usr-share-common.inc | 24 | include whitelist-usr-share-common.inc |
25 | include whitelist-var-common.inc | ||
20 | 26 | ||
21 | apparmor | 27 | apparmor |
22 | caps.drop all | 28 | caps.drop all |
diff --git a/etc/ephemeral.profile b/etc/ephemeral.profile index fa7746da5..c688c2324 100644 --- a/etc/ephemeral.profile +++ b/etc/ephemeral.profile | |||
@@ -55,7 +55,7 @@ tracelog | |||
55 | 55 | ||
56 | disable-mnt | 56 | disable-mnt |
57 | private-cache | 57 | private-cache |
58 | private-dev | 58 | ?BROWSER_DISABLE_U2F: private-dev |
59 | # private-etc below works fine on most distributions. There are some problems on CentOS. | 59 | # private-etc below works fine on most distributions. There are some problems on CentOS. |
60 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,login.defs,machine-id,mailcap,mime.types,nsswitch.conf,os-release,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 60 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,login.defs,machine-id,mailcap,mime.types,nsswitch.conf,os-release,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
61 | private-tmp | 61 | private-tmp |
diff --git a/etc/et.profile b/etc/et.profile new file mode 100644 index 000000000..4e70bb114 --- /dev/null +++ b/etc/et.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # Firejail profile for et | ||
2 | # Description: WPS Office - Spreadsheets | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include et.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include globals.local | ||
9 | |||
10 | # Redirect | ||
11 | include wps.profile | ||
diff --git a/etc/evince.profile b/etc/evince.profile index 570d7d63d..143a347e6 100644 --- a/etc/evince.profile +++ b/etc/evince.profile | |||
@@ -17,6 +17,7 @@ include disable-passwdmgr.inc | |||
17 | include disable-programs.inc | 17 | include disable-programs.inc |
18 | include disable-xdg.inc | 18 | include disable-xdg.inc |
19 | 19 | ||
20 | whitelist /usr/share/doc | ||
20 | whitelist /usr/share/evince | 21 | whitelist /usr/share/evince |
21 | whitelist /usr/share/poppler | 22 | whitelist /usr/share/poppler |
22 | whitelist /usr/share/tracker | 23 | whitelist /usr/share/tracker |
diff --git a/etc/exfalso.profile b/etc/exfalso.profile index 7d91f2854..04bafdde4 100644 --- a/etc/exfalso.profile +++ b/etc/exfalso.profile | |||
@@ -31,6 +31,7 @@ include whitelist-usr-share-common.inc | |||
31 | include whitelist-var-common.inc | 31 | include whitelist-var-common.inc |
32 | 32 | ||
33 | caps.drop all | 33 | caps.drop all |
34 | ipc-namespace | ||
34 | machine-id | 35 | machine-id |
35 | netfilter | 36 | netfilter |
36 | no3d | 37 | no3d |
diff --git a/etc/exiftool.profile b/etc/exiftool.profile index e9c7d290a..9316a0585 100644 --- a/etc/exiftool.profile +++ b/etc/exiftool.profile | |||
@@ -6,6 +6,8 @@ include exiftool.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | # Allow perl (blacklisted by disable-interpreters.inc) | 11 | # Allow perl (blacklisted by disable-interpreters.inc) |
10 | include allow-perl.inc | 12 | include allow-perl.inc |
11 | 13 | ||
diff --git a/etc/feedreader.profile b/etc/feedreader.profile index c12ab2399..5a72b60ea 100644 --- a/etc/feedreader.profile +++ b/etc/feedreader.profile | |||
@@ -40,8 +40,10 @@ novideo | |||
40 | protocol unix,inet,inet6 | 40 | protocol unix,inet,inet6 |
41 | seccomp | 41 | seccomp |
42 | shell none | 42 | shell none |
43 | tracelog | ||
43 | 44 | ||
44 | disable-mnt | 45 | disable-mnt |
46 | private-cache | ||
45 | private-dev | 47 | private-dev |
46 | private-tmp | 48 | private-tmp |
47 | 49 | ||
diff --git a/etc/ffmpeg.profile b/etc/ffmpeg.profile index 67c0ed311..b392087e8 100644 --- a/etc/ffmpeg.profile +++ b/etc/ffmpeg.profile | |||
@@ -47,7 +47,7 @@ tracelog | |||
47 | private-bin ffmpeg | 47 | private-bin ffmpeg |
48 | private-cache | 48 | private-cache |
49 | private-dev | 49 | private-dev |
50 | private-etc alternatives,ca-certificates,hosts,pkcs11,pki,resolv.conf,ssl | 50 | private-etc alternatives,ca-certificates,crypto-policies,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,nsswitch.conf,pkcs11,pki,resolv.conf,ssl |
51 | private-tmp | 51 | private-tmp |
52 | 52 | ||
53 | # memory-deny-write-execute - it breaks old versions of ffmpeg | 53 | # memory-deny-write-execute - it breaks old versions of ffmpeg |
diff --git a/etc/file.profile b/etc/file.profile index 37c7ee9e7..9b21818f8 100644 --- a/etc/file.profile +++ b/etc/file.profile | |||
@@ -7,6 +7,8 @@ include file.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-exec.inc | 13 | include disable-exec.inc |
12 | include disable-passwdmgr.inc | 14 | include disable-passwdmgr.inc |
diff --git a/etc/firefox-common.profile b/etc/firefox-common.profile index 7777d07ce..323070289 100644 --- a/etc/firefox-common.profile +++ b/etc/firefox-common.profile | |||
@@ -52,7 +52,7 @@ shell none | |||
52 | #tracelog | 52 | #tracelog |
53 | 53 | ||
54 | disable-mnt | 54 | disable-mnt |
55 | private-dev | 55 | ?BROWSER_DISABLE_U2F: private-dev |
56 | # private-etc below works fine on most distributions. There are some problems on CentOS. | 56 | # private-etc below works fine on most distributions. There are some problems on CentOS. |
57 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg | 57 | #private-etc alternatives,asound.conf,ca-certificates,crypto-policies,dconf,fonts,group,gtk-2.0,gtk-3.0,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,localtime,machine-id,mailcap,mime.types,nsswitch.conf,pango,passwd,pki,pulse,resolv.conf,selinux,ssl,X11,xdg |
58 | private-tmp | 58 | private-tmp |
diff --git a/etc/firefox-x11.profile b/etc/firefox-x11.profile new file mode 100644 index 000000000..ffd64aad7 --- /dev/null +++ b/etc/firefox-x11.profile | |||
@@ -0,0 +1,10 @@ | |||
1 | # Firejail profile alias for firefox-x11 | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include firefox-x11.local | ||
5 | # Persistent global definitions | ||
6 | # added by included profile | ||
7 | #include globals.local | ||
8 | |||
9 | # Redirect | ||
10 | include firefox.profile | ||
diff --git a/etc/firefox.profile b/etc/firefox.profile index 0278c70f2..0530516d8 100644 --- a/etc/firefox.profile +++ b/etc/firefox.profile | |||
@@ -14,7 +14,10 @@ mkdir ${HOME}/.mozilla | |||
14 | whitelist ${HOME}/.cache/mozilla/firefox | 14 | whitelist ${HOME}/.cache/mozilla/firefox |
15 | whitelist ${HOME}/.mozilla | 15 | whitelist ${HOME}/.mozilla |
16 | 16 | ||
17 | whitelist /usr/share/doc | ||
18 | whitelist /usr/share/gtk-doc/html | ||
17 | whitelist /usr/share/mozilla | 19 | whitelist /usr/share/mozilla |
20 | whitelist /usr/share/webext | ||
18 | include whitelist-usr-share-common.inc | 21 | include whitelist-usr-share-common.inc |
19 | 22 | ||
20 | # firefox requires a shell to launch on Arch. | 23 | # firefox requires a shell to launch on Arch. |
diff --git a/etc/firejail.config b/etc/firejail.config index 3bff2f7ed..6fb7d829a 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -62,9 +62,9 @@ | |||
62 | # root user can always join sandboxes. | 62 | # root user can always join sandboxes. |
63 | # join yes | 63 | # join yes |
64 | 64 | ||
65 | # Timeout when joining a sandbox, default five seconds. Wait up to | 65 | # Timeout when joining a sandbox, default five seconds. It is not |
66 | # the specified period of time to allow sandbox setup to finish. | 66 | # possible to join a sandbox while it is still starting up. Wait up |
67 | # It is not possible to join a sandbox while it is still starting up. | 67 | # to the specified period of time to allow sandbox setup to finish. |
68 | # join-timeout 5 | 68 | # join-timeout 5 |
69 | 69 | ||
70 | # Enable or disable sandbox name change, default enabled. | 70 | # Enable or disable sandbox name change, default enabled. |
diff --git a/etc/freecad.profile b/etc/freecad.profile index 079c85fb1..6f0f52a55 100644 --- a/etc/freecad.profile +++ b/etc/freecad.profile | |||
@@ -9,6 +9,10 @@ include globals.local | |||
9 | noblacklist ${HOME}/.config/FreeCAD | 9 | noblacklist ${HOME}/.config/FreeCAD |
10 | noblacklist ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
11 | 11 | ||
12 | # Allow python (blacklisted by disable-interpreters.inc) | ||
13 | include allow-python2.inc | ||
14 | include allow-python3.inc | ||
15 | |||
12 | include disable-common.inc | 16 | include disable-common.inc |
13 | include disable-devel.inc | 17 | include disable-devel.inc |
14 | include disable-exec.inc | 18 | include disable-exec.inc |
@@ -33,7 +37,7 @@ protocol unix | |||
33 | seccomp | 37 | seccomp |
34 | shell none | 38 | shell none |
35 | 39 | ||
36 | private-bin freecad,freecadcmd | 40 | private-bin freecad,freecadcmd,python* |
37 | private-cache | 41 | private-cache |
38 | private-dev | 42 | private-dev |
39 | private-tmp | 43 | private-tmp |
diff --git a/etc/gconf-editor.profile b/etc/gconf-editor.profile index a2c441a20..cb39174e5 100644 --- a/etc/gconf-editor.profile +++ b/etc/gconf-editor.profile | |||
@@ -9,7 +9,8 @@ include gconf-editor.local | |||
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | 11 | ||
12 | ignore net none | 12 | whitelist /usr/share/gconf-editor |
13 | |||
13 | ignore x11 none | 14 | ignore x11 none |
14 | 15 | ||
15 | # Redirect | 16 | # Redirect |
diff --git a/etc/gconf.profile b/etc/gconf.profile index 25145c77d..f070e6944 100644 --- a/etc/gconf.profile +++ b/etc/gconf.profile | |||
@@ -6,6 +6,8 @@ include gconf.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${HOME}/.config/gconf | 11 | noblacklist ${HOME}/.config/gconf |
10 | 12 | ||
11 | # Allow python (blacklisted by disable-interpreters.inc) | 13 | # Allow python (blacklisted by disable-interpreters.inc) |
diff --git a/etc/gedit.profile b/etc/gedit.profile index 7dd6f270e..a4471077a 100644 --- a/etc/gedit.profile +++ b/etc/gedit.profile | |||
@@ -42,6 +42,7 @@ tracelog | |||
42 | 42 | ||
43 | # private-bin gedit | 43 | # private-bin gedit |
44 | private-dev | 44 | private-dev |
45 | private-lib aspell,gconv,gedit,libgspell-1.so.*,libgtksourceview-*,libpeas-gtk-1.0.so.*,libreadline.so.*,libtinfo.so.* | 45 | # private-lib breaks python plugins, uncomment or add to your gedit.local if you don't use them. |
46 | #private-lib aspell,gconv,gedit,libgspell-1.so.*,libgtksourceview-*,libpeas-gtk-1.0.so.*,libreadline.so.*,libtinfo.so.* | ||
46 | private-tmp | 47 | private-tmp |
47 | 48 | ||
diff --git a/etc/geekbench.profile b/etc/geekbench.profile index bf9d27788..36f9f2a55 100644 --- a/etc/geekbench.profile +++ b/etc/geekbench.profile | |||
@@ -43,7 +43,7 @@ private-bin bash,geekbenc*,sh | |||
43 | private-cache | 43 | private-cache |
44 | private-dev | 44 | private-dev |
45 | private-etc alternatives,group,lsb-release,passwd | 45 | private-etc alternatives,group,lsb-release,passwd |
46 | private-lib libstdc++.so.* | 46 | private-lib gcc/*/*/libstdc++.so.* |
47 | private-opt none | 47 | private-opt none |
48 | private-tmp | 48 | private-tmp |
49 | 49 | ||
diff --git a/etc/gfeeds.profile b/etc/gfeeds.profile index dcb33bc38..d332c1bbe 100644 --- a/etc/gfeeds.profile +++ b/etc/gfeeds.profile | |||
@@ -6,6 +6,7 @@ include gfeeds.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | noblacklist ${HOME}/.cache/gfeeds | ||
9 | noblacklist ${HOME}/.cache/org.gabmus.gfeeds | 10 | noblacklist ${HOME}/.cache/org.gabmus.gfeeds |
10 | noblacklist ${HOME}/.config/org.gabmus.gfeeds.json | 11 | noblacklist ${HOME}/.config/org.gabmus.gfeeds.json |
11 | 12 | ||
@@ -20,8 +21,10 @@ include disable-passwdmgr.inc | |||
20 | include disable-programs.inc | 21 | include disable-programs.inc |
21 | include disable-xdg.inc | 22 | include disable-xdg.inc |
22 | 23 | ||
24 | mkdir ${HOME}/.cache/gfeeds | ||
23 | mkdir ${HOME}/.cache/org.gabmus.gfeeds | 25 | mkdir ${HOME}/.cache/org.gabmus.gfeeds |
24 | mkfile ${HOME}/.config/org.gabmus.gfeeds.json | 26 | mkfile ${HOME}/.config/org.gabmus.gfeeds.json |
27 | whitelist ${HOME}/.cache/gfeeds | ||
25 | whitelist ${HOME}/.cache/org.gabmus.gfeeds | 28 | whitelist ${HOME}/.cache/org.gabmus.gfeeds |
26 | whitelist ${HOME}/.config/org.gabmus.gfeeds.json | 29 | whitelist ${HOME}/.config/org.gabmus.gfeeds.json |
27 | whitelist /usr/share/gfeeds | 30 | whitelist /usr/share/gfeeds |
diff --git a/etc/gimp.profile b/etc/gimp.profile index 5c0631eb2..57cea28f9 100644 --- a/etc/gimp.profile +++ b/etc/gimp.profile | |||
@@ -21,6 +21,7 @@ noblacklist ${PICTURES} | |||
21 | 21 | ||
22 | include disable-common.inc | 22 | include disable-common.inc |
23 | include disable-exec.inc | 23 | include disable-exec.inc |
24 | include disable-devel.inc | ||
24 | include disable-passwdmgr.inc | 25 | include disable-passwdmgr.inc |
25 | include disable-programs.inc | 26 | include disable-programs.inc |
26 | include disable-xdg.inc | 27 | include disable-xdg.inc |
@@ -44,7 +45,7 @@ nosound | |||
44 | notv | 45 | notv |
45 | nou2f | 46 | nou2f |
46 | protocol unix | 47 | protocol unix |
47 | seccomp | 48 | seccomp !mbind |
48 | shell none | 49 | shell none |
49 | tracelog | 50 | tracelog |
50 | 51 | ||
diff --git a/etc/gist.profile b/etc/gist.profile index 7413238c8..59fcb2775 100644 --- a/etc/gist.profile +++ b/etc/gist.profile | |||
@@ -8,6 +8,7 @@ include gist.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | blacklist ${RUNUSER}/wayland-* | ||
11 | 12 | ||
12 | noblacklist ${HOME}/.gist | 13 | noblacklist ${HOME}/.gist |
13 | 14 | ||
diff --git a/etc/git.profile b/etc/git.profile index dbaaefcc4..da55f8744 100644 --- a/etc/git.profile +++ b/etc/git.profile | |||
@@ -20,6 +20,7 @@ noblacklist ${HOME}/.vim | |||
20 | noblacklist ${HOME}/.viminfo | 20 | noblacklist ${HOME}/.viminfo |
21 | 21 | ||
22 | blacklist /tmp/.X11-unix | 22 | blacklist /tmp/.X11-unix |
23 | blacklist ${RUNUSER}/wayland-* | ||
23 | 24 | ||
24 | include disable-common.inc | 25 | include disable-common.inc |
25 | include disable-exec.inc | 26 | include disable-exec.inc |
diff --git a/etc/gjs.profile b/etc/gjs.profile index 871020ae0..aba020bc7 100644 --- a/etc/gjs.profile +++ b/etc/gjs.profile | |||
@@ -13,6 +13,9 @@ noblacklist ${HOME}/.cache/org.gnome.Books | |||
13 | noblacklist ${HOME}/.config/libreoffice | 13 | noblacklist ${HOME}/.config/libreoffice |
14 | noblacklist ${HOME}/.local/share/gnome-photos | 14 | noblacklist ${HOME}/.local/share/gnome-photos |
15 | 15 | ||
16 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
17 | include allow-gjs.inc | ||
18 | |||
16 | include disable-common.inc | 19 | include disable-common.inc |
17 | include disable-devel.inc | 20 | include disable-devel.inc |
18 | include disable-interpreters.inc | 21 | include disable-interpreters.inc |
diff --git a/etc/gnome-books.profile b/etc/gnome-books.profile index 25cd94f0c..84e38d0e1 100644 --- a/etc/gnome-books.profile +++ b/etc/gnome-books.profile | |||
@@ -10,6 +10,9 @@ include globals.local | |||
10 | noblacklist ${HOME}/.cache/org.gnome.Books | 10 | noblacklist ${HOME}/.cache/org.gnome.Books |
11 | noblacklist ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
12 | 12 | ||
13 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
14 | include allow-gjs.inc | ||
15 | |||
13 | include disable-common.inc | 16 | include disable-common.inc |
14 | include disable-devel.inc | 17 | include disable-devel.inc |
15 | include disable-exec.inc | 18 | include disable-exec.inc |
diff --git a/etc/gnome-characters.profile b/etc/gnome-characters.profile index c3e9466d7..2d4724610 100644 --- a/etc/gnome-characters.profile +++ b/etc/gnome-characters.profile | |||
@@ -6,6 +6,9 @@ include gnome-characters.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
10 | include allow-gjs.inc | ||
11 | |||
9 | include disable-common.inc | 12 | include disable-common.inc |
10 | include disable-devel.inc | 13 | include disable-devel.inc |
11 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/gnome-documents.profile b/etc/gnome-documents.profile index 078e8c34e..705fe624e 100644 --- a/etc/gnome-documents.profile +++ b/etc/gnome-documents.profile | |||
@@ -11,6 +11,9 @@ include globals.local | |||
11 | noblacklist ${HOME}/.config/libreoffice | 11 | noblacklist ${HOME}/.config/libreoffice |
12 | noblacklist ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
13 | 13 | ||
14 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
15 | include allow-gjs.inc | ||
16 | |||
14 | include disable-common.inc | 17 | include disable-common.inc |
15 | include disable-devel.inc | 18 | include disable-devel.inc |
16 | include disable-exec.inc | 19 | include disable-exec.inc |
diff --git a/etc/gnome-maps.profile b/etc/gnome-maps.profile index 78f5ddc3a..6540186fe 100644 --- a/etc/gnome-maps.profile +++ b/etc/gnome-maps.profile | |||
@@ -13,6 +13,9 @@ noblacklist ${HOME}/.cache/org.gnome.Maps | |||
13 | noblacklist ${HOME}/.local/share/flatpak | 13 | noblacklist ${HOME}/.local/share/flatpak |
14 | noblacklist ${HOME}/.local/share/maps-places.json | 14 | noblacklist ${HOME}/.local/share/maps-places.json |
15 | 15 | ||
16 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
17 | include allow-gjs.inc | ||
18 | |||
16 | include disable-common.inc | 19 | include disable-common.inc |
17 | include disable-devel.inc | 20 | include disable-devel.inc |
18 | include disable-exec.inc | 21 | include disable-exec.inc |
diff --git a/etc/gnome-passwordsafe.profile b/etc/gnome-passwordsafe.profile new file mode 100644 index 000000000..685a5cc3f --- /dev/null +++ b/etc/gnome-passwordsafe.profile | |||
@@ -0,0 +1,56 @@ | |||
1 | # Firejail profile for gnome-passwordsafe | ||
2 | # Description: Password manager for GNOME | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include gnome-passwordsafe.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${DOCUMENTS} | ||
10 | noblacklist ${HOME}/*.kdb | ||
11 | noblacklist ${HOME}/*.kdbx | ||
12 | |||
13 | # Allow python (blacklisted by disable-interpreters.inc) | ||
14 | include allow-python3.inc | ||
15 | |||
16 | include disable-common.inc | ||
17 | include disable-devel.inc | ||
18 | include disable-exec.inc | ||
19 | include disable-interpreters.inc | ||
20 | include disable-passwdmgr.inc | ||
21 | include disable-programs.inc | ||
22 | include disable-xdg.inc | ||
23 | |||
24 | whitelist ${RUNUSER}/bus | ||
25 | whitelist ${RUNUSER}/wayland-? | ||
26 | whitelist ${RUNUSER}/gdm/Xauthority | ||
27 | |||
28 | whitelist /usr/share/cracklib | ||
29 | whitelist /usr/share/passwordsafe | ||
30 | include whitelist-usr-share-common.inc | ||
31 | include whitelist-var-common.inc | ||
32 | |||
33 | apparmor | ||
34 | caps.drop all | ||
35 | machine-id | ||
36 | net none | ||
37 | no3d | ||
38 | nodvd | ||
39 | nogroups | ||
40 | nonewprivs | ||
41 | noroot | ||
42 | nosound | ||
43 | notv | ||
44 | nou2f | ||
45 | novideo | ||
46 | protocol unix | ||
47 | seccomp | ||
48 | shell none | ||
49 | tracelog | ||
50 | |||
51 | disable-mnt | ||
52 | private-bin gnome-passwordsafe,python3* | ||
53 | private-cache | ||
54 | private-dev | ||
55 | private-etc dconf,fonts,gtk-3.0,passwd | ||
56 | private-tmp | ||
diff --git a/etc/gnome-sound-recorder.profile b/etc/gnome-sound-recorder.profile index 135106c1e..7f8fc8a0c 100644 --- a/etc/gnome-sound-recorder.profile +++ b/etc/gnome-sound-recorder.profile | |||
@@ -10,6 +10,9 @@ noblacklist ${MUSIC} | |||
10 | noblacklist ${HOME}/.local/share/flatpak | 10 | noblacklist ${HOME}/.local/share/flatpak |
11 | noblacklist ${HOME}/.local/share/Trash | 11 | noblacklist ${HOME}/.local/share/Trash |
12 | 12 | ||
13 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
14 | include allow-gjs.inc | ||
15 | |||
13 | include disable-common.inc | 16 | include disable-common.inc |
14 | include disable-devel.inc | 17 | include disable-devel.inc |
15 | include disable-exec.inc | 18 | include disable-exec.inc |
diff --git a/etc/gnome-weather.profile b/etc/gnome-weather.profile index a43db7e2f..10db6296b 100644 --- a/etc/gnome-weather.profile +++ b/etc/gnome-weather.profile | |||
@@ -10,6 +10,9 @@ include globals.local | |||
10 | 10 | ||
11 | noblacklist ${HOME}/.cache/libgweather | 11 | noblacklist ${HOME}/.cache/libgweather |
12 | 12 | ||
13 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
14 | include allow-gjs.inc | ||
15 | |||
13 | include disable-common.inc | 16 | include disable-common.inc |
14 | include disable-devel.inc | 17 | include disable-devel.inc |
15 | include disable-exec.inc | 18 | include disable-exec.inc |
diff --git a/etc/gpg-agent.profile b/etc/gpg-agent.profile index c11773147..2710ac88e 100644 --- a/etc/gpg-agent.profile +++ b/etc/gpg-agent.profile | |||
@@ -10,6 +10,7 @@ include globals.local | |||
10 | noblacklist ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | blacklist ${RUNUSER}/wayland-* | ||
13 | 14 | ||
14 | include disable-common.inc | 15 | include disable-common.inc |
15 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/gpg.profile b/etc/gpg.profile index 5eb18a0bc..a60d42cf8 100644 --- a/etc/gpg.profile +++ b/etc/gpg.profile | |||
@@ -10,6 +10,7 @@ include globals.local | |||
10 | noblacklist ${HOME}/.gnupg | 10 | noblacklist ${HOME}/.gnupg |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | blacklist ${RUNUSER}/wayland-* | ||
13 | 14 | ||
14 | include disable-common.inc | 15 | include disable-common.inc |
15 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/gtk-update-icon-cache.profile b/etc/gtk-update-icon-cache.profile index fd35a563b..668a48f9a 100644 --- a/etc/gtk-update-icon-cache.profile +++ b/etc/gtk-update-icon-cache.profile | |||
@@ -7,6 +7,8 @@ include gtk-update-icon-cache.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/gummi.profile b/etc/gummi.profile new file mode 100644 index 000000000..922b2cbde --- /dev/null +++ b/etc/gummi.profile | |||
@@ -0,0 +1,19 @@ | |||
1 | # Firejail profile for gummi | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include gummi.local | ||
5 | # Persistent global definitions | ||
6 | include globals.local | ||
7 | |||
8 | noblacklist ${HOME}/.cache/gummi | ||
9 | noblacklist ${HOME}/.config/gummi | ||
10 | |||
11 | include allow-lua.inc | ||
12 | include allow-perl.inc | ||
13 | include allow-python3.inc | ||
14 | |||
15 | private-bin dvipdf,dvips,env,gummi,latex,latexmk,lua*,lualatex,luatex,pdflatex,pdftex,perl,ps2pdf,python3*,rubber,synctex,tex,xelatex,xetex | ||
16 | |||
17 | # Redirect | ||
18 | include latex-common.profile | ||
19 | |||
diff --git a/etc/gzip.profile b/etc/gzip.profile index 48e495c60..1af15d227 100644 --- a/etc/gzip.profile +++ b/etc/gzip.profile | |||
@@ -7,6 +7,8 @@ include gzip.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. | 12 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. |
11 | noblacklist /var/lib/pacman | 13 | noblacklist /var/lib/pacman |
12 | 14 | ||
diff --git a/etc/hashcat.profile b/etc/hashcat.profile index da59984d7..b4d6d52f0 100644 --- a/etc/hashcat.profile +++ b/etc/hashcat.profile | |||
@@ -7,6 +7,8 @@ include hashcat.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${HOME}/.hashcat | 12 | noblacklist ${HOME}/.hashcat |
11 | noblacklist /usr/include | 13 | noblacklist /usr/include |
12 | noblacklist ${DOCUMENTS} | 14 | noblacklist ${DOCUMENTS} |
diff --git a/etc/hexchat.profile b/etc/hexchat.profile index d032c93e6..7723cbd6b 100644 --- a/etc/hexchat.profile +++ b/etc/hexchat.profile | |||
@@ -19,6 +19,7 @@ include disable-exec.inc | |||
19 | include disable-interpreters.inc | 19 | include disable-interpreters.inc |
20 | include disable-passwdmgr.inc | 20 | include disable-passwdmgr.inc |
21 | include disable-programs.inc | 21 | include disable-programs.inc |
22 | include disable-xdg.inc | ||
22 | 23 | ||
23 | mkdir ${HOME}/.config/hexchat | 24 | mkdir ${HOME}/.config/hexchat |
24 | whitelist ${HOME}/.config/hexchat | 25 | whitelist ${HOME}/.config/hexchat |
@@ -26,14 +27,13 @@ include whitelist-common.inc | |||
26 | include whitelist-var-common.inc | 27 | include whitelist-var-common.inc |
27 | 28 | ||
28 | caps.drop all | 29 | caps.drop all |
29 | machine-id | 30 | #machine-id -- breaks sound |
30 | netfilter | 31 | netfilter |
31 | no3d | 32 | no3d |
32 | nodvd | 33 | nodvd |
33 | nogroups | 34 | nogroups |
34 | nonewprivs | 35 | nonewprivs |
35 | noroot | 36 | noroot |
36 | nosound | ||
37 | notv | 37 | notv |
38 | nou2f | 38 | nou2f |
39 | novideo | 39 | novideo |
diff --git a/etc/highlight.profile b/etc/highlight.profile index 249d5cd17..036de8d99 100644 --- a/etc/highlight.profile +++ b/etc/highlight.profile | |||
@@ -6,6 +6,8 @@ include highlight.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | include disable-common.inc | 11 | include disable-common.inc |
10 | include disable-devel.inc | 12 | include disable-devel.inc |
11 | include disable-interpreters.inc | 13 | include disable-interpreters.inc |
diff --git a/etc/i2prouter.profile b/etc/i2prouter.profile index e46fb3317..9ffdb9e9b 100644 --- a/etc/i2prouter.profile +++ b/etc/i2prouter.profile | |||
@@ -6,19 +6,19 @@ include i2prouter.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Notice: default browser will not be able to automatically open, due to sandbox. | 9 | # Notice: default browser will most likely not be able to automatically open, due to sandbox. |
10 | # Auto-opening default browser can be disabled in the I2P router console. | 10 | # Auto-opening default browser can be disabled in the I2P router console. |
11 | # This profile will not currently work with any Arch User Repository i2p packages, | 11 | # This profile will not currently work with any Arch User Repository I2P packages, |
12 | # use the distro-independent official java installer instead | 12 | # use the distro-independent official I2P java installer instead |
13 | 13 | ||
14 | # Only needed if i2prouter binary is in home directory, java installer does this | 14 | # Only needed if i2prouter binary is in home directory, official I2P java installer does this |
15 | ignore noexec ${HOME} | 15 | ignore noexec ${HOME} |
16 | 16 | ||
17 | noblacklist ${HOME}/.config/i2p | 17 | noblacklist ${HOME}/.config/i2p |
18 | noblacklist ${HOME}/.i2p | 18 | noblacklist ${HOME}/.i2p |
19 | noblacklist ${HOME}/.local/share/i2p | 19 | noblacklist ${HOME}/.local/share/i2p |
20 | noblacklist ${HOME}/i2p | 20 | noblacklist ${HOME}/i2p |
21 | # Only needed if wrapper is placed in /usr/sbin/, ubuntu official ppa package does this | 21 | # Only needed if wrapper is placed in /usr/sbin/, ubuntu official I2P ppa package does this |
22 | noblacklist /usr/sbin | 22 | noblacklist /usr/sbin |
23 | 23 | ||
24 | # Allow java (blacklisted by disable-devel.inc) | 24 | # Allow java (blacklisted by disable-devel.inc) |
@@ -40,13 +40,13 @@ whitelist ${HOME}/.config/i2p | |||
40 | whitelist ${HOME}/.i2p | 40 | whitelist ${HOME}/.i2p |
41 | whitelist ${HOME}/.local/share/i2p | 41 | whitelist ${HOME}/.local/share/i2p |
42 | whitelist ${HOME}/i2p | 42 | whitelist ${HOME}/i2p |
43 | # Only needed if wrapper is placed in /usr/sbin/, ubuntu official ppa package does this | 43 | # Only needed if wrapper is placed in /usr/sbin/, ubuntu official I2P ppa package does this |
44 | whitelist /usr/sbin/wrapper* | 44 | whitelist /usr/sbin/wrapper* |
45 | 45 | ||
46 | include whitelist-common.inc | 46 | include whitelist-common.inc |
47 | 47 | ||
48 | # May break I2P if wrapper is placed in the home directory | 48 | # May break I2P if wrapper is placed in the home directory; official I2P java installer does this |
49 | # If using ubuntu official ppa, this should be fine to uncomment, as it puts wrapper in /usr/sbin/ | 49 | # If using ubuntu official I2P ppa, this should be fine to uncomment, as it puts wrapper in /usr/sbin/ |
50 | #apparmor | 50 | #apparmor |
51 | caps.drop all | 51 | caps.drop all |
52 | ipc-namespace | 52 | ipc-namespace |
@@ -67,5 +67,5 @@ shell none | |||
67 | disable-mnt | 67 | disable-mnt |
68 | private-cache | 68 | private-cache |
69 | private-dev | 69 | private-dev |
70 | private-etc alternatives,ca-certificates,crypto-policies,i2p,java-8-openjdk,pki,ssl | 70 | private-etc alternatives,ca-certificates,crypto-policies,dconf,group,hostname,hosts,i2p,java-10-openjdk,java-11-openjdk,java-12-openjdk,java-13-openjdk,java-8-openjdk,java-9-openjdk,java-openjdk,ld.so.cache,localtime,machine-id,nsswitch.conf,passwd,pki,resolv.conf,ssl |
71 | private-tmp | 71 | private-tmp |
diff --git a/etc/img2txt.profile b/etc/img2txt.profile index c17e82870..419da765d 100644 --- a/etc/img2txt.profile +++ b/etc/img2txt.profile | |||
@@ -5,6 +5,8 @@ include img2txt.local | |||
5 | # Persistent global definitions | 5 | # Persistent global definitions |
6 | include globals.local | 6 | include globals.local |
7 | 7 | ||
8 | blacklist ${RUNUSER}/wayland-* | ||
9 | |||
8 | noblacklist ${DOCUMENTS} | 10 | noblacklist ${DOCUMENTS} |
9 | noblacklist ${PICTURES} | 11 | noblacklist ${PICTURES} |
10 | 12 | ||
diff --git a/etc/keepass.profile b/etc/keepass.profile index 57a24d821..9852f8a79 100644 --- a/etc/keepass.profile +++ b/etc/keepass.profile | |||
@@ -34,7 +34,7 @@ nosound | |||
34 | notv | 34 | notv |
35 | nou2f | 35 | nou2f |
36 | novideo | 36 | novideo |
37 | protocol unix,inet,inet6 | 37 | protocol unix,inet,inet6,netlink |
38 | seccomp | 38 | seccomp |
39 | shell none | 39 | shell none |
40 | 40 | ||
diff --git a/etc/latex-common.profile b/etc/latex-common.profile new file mode 100644 index 000000000..712ada722 --- /dev/null +++ b/etc/latex-common.profile | |||
@@ -0,0 +1,39 @@ | |||
1 | # Firejail profile for latex-common | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include latex-common.local | ||
5 | # Persistent global definitions | ||
6 | # added by caller profile | ||
7 | #include globals.local | ||
8 | |||
9 | include disable-common.inc | ||
10 | include disable-devel.inc | ||
11 | include disable-exec.inc | ||
12 | include disable-interpreters.inc | ||
13 | include disable-passwdmgr.inc | ||
14 | include disable-programs.inc | ||
15 | |||
16 | whitelist /var/lib | ||
17 | include whitelist-var-common.inc | ||
18 | |||
19 | caps.drop all | ||
20 | net none | ||
21 | no3d | ||
22 | nodbus | ||
23 | nodvd | ||
24 | nogroups | ||
25 | nonewprivs | ||
26 | noroot | ||
27 | nosound | ||
28 | notv | ||
29 | nou2f | ||
30 | novideo | ||
31 | protocol unix | ||
32 | seccomp | ||
33 | shell none | ||
34 | tracelog | ||
35 | |||
36 | private-cache | ||
37 | private-dev | ||
38 | private-tmp | ||
39 | |||
diff --git a/etc/latex.profile b/etc/latex.profile new file mode 100644 index 000000000..2230dd570 --- /dev/null +++ b/etc/latex.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Firejail profile for latex | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include latex.local | ||
5 | # Persistent global definitions | ||
6 | include globals.local | ||
7 | |||
8 | private-bin latex | ||
9 | |||
10 | # Redirect | ||
11 | include latex-common.profile | ||
12 | |||
diff --git a/etc/less.profile b/etc/less.profile index 282b033a6..00624e0f1 100644 --- a/etc/less.profile +++ b/etc/less.profile | |||
@@ -7,6 +7,8 @@ include less.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${HOME}/.lesshst | 12 | noblacklist ${HOME}/.lesshst |
11 | 13 | ||
12 | include disable-devel.inc | 14 | include disable-devel.inc |
diff --git a/etc/links.profile b/etc/links.profile index bd0b0cc92..a31001c87 100644 --- a/etc/links.profile +++ b/etc/links.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | noblacklist ${HOME}/.links | 9 | noblacklist ${HOME}/.links |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | blacklist ${RUNUSER}/wayland-* | ||
12 | 13 | ||
13 | include disable-common.inc | 14 | include disable-common.inc |
14 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/lynx.profile b/etc/lynx.profile index 063285316..fb6fe94ec 100644 --- a/etc/lynx.profile +++ b/etc/lynx.profile | |||
@@ -7,6 +7,7 @@ include lynx.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | blacklist ${RUNUSER}/wayland-* | ||
10 | 11 | ||
11 | include disable-common.inc | 12 | include disable-common.inc |
12 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/mediainfo.profile b/etc/mediainfo.profile index 00730c00b..fb8db3e3d 100644 --- a/etc/mediainfo.profile +++ b/etc/mediainfo.profile | |||
@@ -6,6 +6,8 @@ include mediainfo.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | include disable-common.inc | 11 | include disable-common.inc |
10 | include disable-devel.inc | 12 | include disable-devel.inc |
11 | include disable-exec.inc | 13 | include disable-exec.inc |
diff --git a/etc/meld.profile b/etc/meld.profile index 22ec2b999..f360b1ded 100644 --- a/etc/meld.profile +++ b/etc/meld.profile | |||
@@ -22,8 +22,8 @@ noblacklist ${HOME}/.ssh | |||
22 | noblacklist ${HOME}/.subversion | 22 | noblacklist ${HOME}/.subversion |
23 | 23 | ||
24 | # Allow python (blacklisted by disable-interpreters.inc) | 24 | # Allow python (blacklisted by disable-interpreters.inc) |
25 | include allow-python2.inc | 25 | # Python 2 is EOL (see #3164). Uncomment the next line (or put it into your meld.local) if you understand the risks but want python 2 support for older meld versions. |
26 | include allow-python3.inc | 26 | #include allow-python3.inc |
27 | 27 | ||
28 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-common.inc. | 28 | # Uncomment the next line (or put it into your meld.local) if you don't need to compare files in disable-common.inc. |
29 | #include disable-common.inc | 29 | #include disable-common.inc |
diff --git a/etc/midori.profile b/etc/midori.profile index ffae4919f..e11e2acaa 100644 --- a/etc/midori.profile +++ b/etc/midori.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | # noexec ${HOME} breaks DRM binaries. | 9 | # noexec ${HOME} breaks DRM binaries. |
10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} | 10 | ?BROWSER_ALLOW_DRM: ignore noexec ${HOME} |
11 | 11 | ||
12 | noblacklist ${HOME}/.cache/midori | ||
12 | noblacklist ${HOME}/.config/midori | 13 | noblacklist ${HOME}/.config/midori |
13 | noblacklist ${HOME}/.local/share/midori | 14 | noblacklist ${HOME}/.local/share/midori |
14 | # noblacklist ${HOME}/.local/share/webkit | 15 | # noblacklist ${HOME}/.local/share/webkit |
@@ -16,11 +17,17 @@ noblacklist ${HOME}/.local/share/midori | |||
16 | noblacklist ${HOME}/.pki | 17 | noblacklist ${HOME}/.pki |
17 | noblacklist ${HOME}/.local/share/pki | 18 | noblacklist ${HOME}/.local/share/pki |
18 | 19 | ||
20 | noblacklist ${HOME}/.cache/gnome-mplayer | ||
21 | noblacklist ${HOME}/.config/gnome-mplayer | ||
22 | noblacklist ${HOME}/.lastpass | ||
23 | |||
19 | include disable-common.inc | 24 | include disable-common.inc |
20 | include disable-devel.inc | 25 | include disable-devel.inc |
21 | include disable-exec.inc | 26 | include disable-exec.inc |
22 | include disable-interpreters.inc | 27 | include disable-interpreters.inc |
28 | #include disable-passwdmgr.inc | ||
23 | include disable-programs.inc | 29 | include disable-programs.inc |
30 | include disable-xdg.inc | ||
24 | 31 | ||
25 | mkdir ${HOME}/.cache/midori | 32 | mkdir ${HOME}/.cache/midori |
26 | mkdir ${HOME}/.config/midori | 33 | mkdir ${HOME}/.config/midori |
diff --git a/etc/mp3splt.profile b/etc/mp3splt.profile index 95173a890..7754d276b 100644 --- a/etc/mp3splt.profile +++ b/etc/mp3splt.profile | |||
@@ -6,6 +6,8 @@ include mp3splt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${MUSIC} | 11 | noblacklist ${MUSIC} |
10 | 12 | ||
11 | include disable-common.inc | 13 | include disable-common.inc |
diff --git a/etc/multimc.profile b/etc/multimc.profile new file mode 100644 index 000000000..338f494c9 --- /dev/null +++ b/etc/multimc.profile | |||
@@ -0,0 +1,5 @@ | |||
1 | # Firejail profile alias for multimc5 | ||
2 | # This file is overwritten after every install/update | ||
3 | |||
4 | # Redirect | ||
5 | include multimc5.profile | ||
diff --git a/etc/musescore.profile b/etc/musescore.profile index 9750a31f4..b3693c956 100644 --- a/etc/musescore.profile +++ b/etc/musescore.profile | |||
@@ -33,7 +33,8 @@ noroot | |||
33 | notv | 33 | notv |
34 | novideo | 34 | novideo |
35 | protocol unix,inet,inet6 | 35 | protocol unix,inet,inet6 |
36 | seccomp | 36 | # QtWebengine needs chroot to set up its own sandbox |
37 | seccomp !chroot | ||
37 | shell none | 38 | shell none |
38 | tracelog | 39 | tracelog |
39 | 40 | ||
diff --git a/etc/mutt.profile b/etc/mutt.profile index 92babd50f..1fc412955 100644 --- a/etc/mutt.profile +++ b/etc/mutt.profile | |||
@@ -32,6 +32,7 @@ noblacklist ${HOME}/postponed | |||
32 | noblacklist ${HOME}/sent | 32 | noblacklist ${HOME}/sent |
33 | 33 | ||
34 | blacklist /tmp/.X11-unix | 34 | blacklist /tmp/.X11-unix |
35 | blacklist ${RUNUSER}/wayland-* | ||
35 | 36 | ||
36 | include disable-common.inc | 37 | include disable-common.inc |
37 | include disable-devel.inc | 38 | include disable-devel.inc |
diff --git a/etc/nano.profile b/etc/nano.profile index af6fcc3fe..bc8c3dde0 100644 --- a/etc/nano.profile +++ b/etc/nano.profile | |||
@@ -7,6 +7,8 @@ include nano.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${HOME}/.config/nano | 12 | noblacklist ${HOME}/.config/nano |
11 | noblacklist ${HOME}/.nanorc | 13 | noblacklist ${HOME}/.nanorc |
12 | 14 | ||
diff --git a/etc/ncdu.profile b/etc/ncdu.profile index 0d7915839..9fda6ebe0 100644 --- a/etc/ncdu.profile +++ b/etc/ncdu.profile | |||
@@ -6,6 +6,8 @@ include ncdu.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | include disable-exec.inc | 11 | include disable-exec.inc |
10 | 12 | ||
11 | caps.drop all | 13 | caps.drop all |
diff --git a/etc/odt2txt.profile b/etc/odt2txt.profile index 719753c87..c0c5b671c 100644 --- a/etc/odt2txt.profile +++ b/etc/odt2txt.profile | |||
@@ -6,6 +6,8 @@ include odt2txt.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
10 | 12 | ||
11 | include disable-common.inc | 13 | include disable-common.inc |
diff --git a/etc/pandoc.profile b/etc/pandoc.profile index 57b5d7e39..9a8d82a96 100644 --- a/etc/pandoc.profile +++ b/etc/pandoc.profile | |||
@@ -7,6 +7,8 @@ include pandoc.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
11 | 13 | ||
12 | include disable-common.inc | 14 | include disable-common.inc |
diff --git a/etc/patch.profile b/etc/patch.profile index 03f5a4b71..4a3365378 100644 --- a/etc/patch.profile +++ b/etc/patch.profile | |||
@@ -7,6 +7,8 @@ include patch.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
11 | 13 | ||
12 | include disable-common.inc | 14 | include disable-common.inc |
diff --git a/etc/pdflatex.profile b/etc/pdflatex.profile new file mode 100644 index 000000000..caf980d4d --- /dev/null +++ b/etc/pdflatex.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Firejail profile for pdflatex | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include pdflatex.local | ||
5 | # Persistent global definitions | ||
6 | include globals.local | ||
7 | |||
8 | private-bin pdflatex | ||
9 | |||
10 | # Redirect | ||
11 | include latex-common.profile | ||
12 | |||
diff --git a/etc/pdftotext.profile b/etc/pdftotext.profile index e9572d914..73ebf4615 100644 --- a/etc/pdftotext.profile +++ b/etc/pdftotext.profile | |||
@@ -6,6 +6,8 @@ include pdftotext.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${DOCUMENTS} | 11 | noblacklist ${DOCUMENTS} |
10 | 12 | ||
11 | include disable-common.inc | 13 | include disable-common.inc |
@@ -22,6 +24,7 @@ include whitelist-usr-share-common.inc | |||
22 | include whitelist-var-common.inc | 24 | include whitelist-var-common.inc |
23 | 25 | ||
24 | caps.drop all | 26 | caps.drop all |
27 | ipc-namespace | ||
25 | machine-id | 28 | machine-id |
26 | net none | 29 | net none |
27 | no3d | 30 | no3d |
@@ -41,6 +44,7 @@ tracelog | |||
41 | x11 none | 44 | x11 none |
42 | 45 | ||
43 | private-bin pdftotext | 46 | private-bin pdftotext |
47 | private-cache | ||
44 | private-dev | 48 | private-dev |
45 | private-etc alternatives | 49 | private-etc alternatives |
46 | private-tmp | 50 | private-tmp |
diff --git a/etc/pngquant.profile b/etc/pngquant.profile index 8c06cef1a..f9ce43c4c 100644 --- a/etc/pngquant.profile +++ b/etc/pngquant.profile | |||
@@ -7,6 +7,8 @@ include pngquant.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/polari.profile b/etc/polari.profile index b9f81eece..939e2537e 100644 --- a/etc/polari.profile +++ b/etc/polari.profile | |||
@@ -6,6 +6,8 @@ include polari.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
10 | include allow-gjs.inc | ||
9 | 11 | ||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
diff --git a/etc/psi-plus.profile b/etc/psi-plus.profile index 087f90966..16fffe517 100644 --- a/etc/psi-plus.profile +++ b/etc/psi-plus.profile | |||
@@ -36,10 +36,10 @@ notv | |||
36 | nou2f | 36 | nou2f |
37 | novideo | 37 | novideo |
38 | protocol unix,inet,inet6 | 38 | protocol unix,inet,inet6 |
39 | seccomp | 39 | # QtWebengine needs chroot to set up its own sandbox |
40 | seccomp !chroot | ||
40 | shell none | 41 | shell none |
41 | 42 | ||
42 | disable-mnt | 43 | disable-mnt |
43 | private-dev | 44 | private-dev |
44 | private-tmp | 45 | private-tmp |
45 | |||
diff --git a/etc/quassel.profile b/etc/quassel.profile index a78d1edcd..c65089e20 100644 --- a/etc/quassel.profile +++ b/etc/quassel.profile | |||
@@ -19,7 +19,8 @@ nonewprivs | |||
19 | noroot | 19 | noroot |
20 | notv | 20 | notv |
21 | protocol unix,inet,inet6 | 21 | protocol unix,inet,inet6 |
22 | seccomp | 22 | # QtWebengine needs chroot to set up its own sandbox |
23 | seccomp !chroot | ||
23 | 24 | ||
24 | private-cache | 25 | private-cache |
25 | private-tmp | 26 | private-tmp |
diff --git a/etc/rsync-download_only.profile b/etc/rsync-download_only.profile index bda3bca92..84147f0a5 100644 --- a/etc/rsync-download_only.profile +++ b/etc/rsync-download_only.profile | |||
@@ -13,6 +13,7 @@ include globals.local | |||
13 | # Usage: firejail --profile=rsync-download_only rsync | 13 | # Usage: firejail --profile=rsync-download_only rsync |
14 | 14 | ||
15 | blacklist /tmp/.X11-unix | 15 | blacklist /tmp/.X11-unix |
16 | blacklist ${RUNUSER}/wayland-* | ||
16 | 17 | ||
17 | include disable-common.inc | 18 | include disable-common.inc |
18 | include disable-devel.inc | 19 | include disable-devel.inc |
diff --git a/etc/rtv.profile b/etc/rtv.profile new file mode 100644 index 000000000..af4b7e94b --- /dev/null +++ b/etc/rtv.profile | |||
@@ -0,0 +1,56 @@ | |||
1 | # Firejail profile for rtv | ||
2 | # Description: Browse Reddit from your terminal | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include rtv.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | blacklist /tmp/.X11-unix | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
12 | noblacklist ${HOME}/.config/rtv | ||
13 | noblacklist ${HOME}/.local/share/rtv | ||
14 | |||
15 | # Allow python (blacklisted by disable-interpreters.inc) | ||
16 | include allow-python2.inc | ||
17 | include allow-python3.inc | ||
18 | |||
19 | include disable-common.inc | ||
20 | include disable-devel.inc | ||
21 | include disable-exec.inc | ||
22 | include disable-interpreters.inc | ||
23 | include disable-passwdmgr.inc | ||
24 | include disable-programs.inc | ||
25 | include disable-xdg.inc | ||
26 | |||
27 | mkdir ${HOME}/.config/rtv | ||
28 | mkdir ${HOME}/.local/share/rtv | ||
29 | whitelist ${HOME}/.config/rtv | ||
30 | whitelist ${HOME}/.local/share/rtv | ||
31 | include whitelist-var-common.inc | ||
32 | |||
33 | apparmor | ||
34 | caps.drop all | ||
35 | machine-id | ||
36 | netfilter | ||
37 | no3d | ||
38 | nodbus | ||
39 | nodvd | ||
40 | nogroups | ||
41 | nonewprivs | ||
42 | noroot | ||
43 | nosound | ||
44 | notv | ||
45 | nou2f | ||
46 | novideo | ||
47 | protocol unix,inet,inet6 | ||
48 | seccomp | ||
49 | shell none | ||
50 | tracelog | ||
51 | |||
52 | disable-mnt | ||
53 | private-bin python*,rtv,sh,xdg-settings | ||
54 | private-cache | ||
55 | private-dev | ||
56 | private-etc alternatives,ca-certificates,crypto-policies,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,mime.types,nsswitch.conf,pki,protocols,resolv.conf,rpc,services,ssl,terminfo,xdg | ||
diff --git a/etc/server.profile b/etc/server.profile index 6e077ff84..ce318a828 100644 --- a/etc/server.profile +++ b/etc/server.profile | |||
@@ -14,6 +14,7 @@ noblacklist /usr/sbin | |||
14 | # noblacklist /var/opt | 14 | # noblacklist /var/opt |
15 | 15 | ||
16 | blacklist /tmp/.X11-unix | 16 | blacklist /tmp/.X11-unix |
17 | blacklist ${RUNUSER}/wayland-* | ||
17 | 18 | ||
18 | include disable-common.inc | 19 | include disable-common.inc |
19 | # include disable-devel.inc | 20 | # include disable-devel.inc |
diff --git a/etc/shellcheck.profile b/etc/shellcheck.profile index d26096c77..f8744bdf8 100644 --- a/etc/shellcheck.profile +++ b/etc/shellcheck.profile | |||
@@ -7,6 +7,8 @@ include shellcheck.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | noblacklist ${DOCUMENTS} | 12 | noblacklist ${DOCUMENTS} |
11 | 13 | ||
12 | include disable-common.inc | 14 | include disable-common.inc |
diff --git a/etc/shotcut.profile b/etc/shotcut.profile index 5b3c5439d..072cc2c0d 100644 --- a/etc/shotcut.profile +++ b/etc/shotcut.profile | |||
@@ -29,6 +29,7 @@ nou2f | |||
29 | protocol unix | 29 | protocol unix |
30 | seccomp | 30 | seccomp |
31 | shell none | 31 | shell none |
32 | tracelog | ||
32 | 33 | ||
33 | #private-bin melt,nice,qmelt,shotcut | 34 | #private-bin melt,nice,qmelt,shotcut |
34 | private-cache | 35 | private-cache |
diff --git a/etc/signal-cli.profile b/etc/signal-cli.profile index bb1bf732d..6a2f5c434 100644 --- a/etc/signal-cli.profile +++ b/etc/signal-cli.profile | |||
@@ -7,6 +7,7 @@ include signal-cli.local | |||
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist /tmp/.X11-unix | 9 | blacklist /tmp/.X11-unix |
10 | blacklist ${RUNUSER}/wayland-* | ||
10 | 11 | ||
11 | noblacklist ${HOME}/.local/share/signal-cli | 12 | noblacklist ${HOME}/.local/share/signal-cli |
12 | 13 | ||
diff --git a/etc/spectre-meltdown-checker.profile b/etc/spectre-meltdown-checker.profile index 3306181e4..e27df4cc8 100644 --- a/etc/spectre-meltdown-checker.profile +++ b/etc/spectre-meltdown-checker.profile | |||
@@ -6,6 +6,8 @@ include spectre-meltdown-checker.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | blacklist ${RUNUSER}/wayland-* | ||
10 | |||
9 | noblacklist ${PATH}/mount | 11 | noblacklist ${PATH}/mount |
10 | noblacklist ${PATH}/umount | 12 | noblacklist ${PATH}/umount |
11 | 13 | ||
diff --git a/etc/ssh-agent.profile b/etc/ssh-agent.profile index 8e355a176..cf509852a 100644 --- a/etc/ssh-agent.profile +++ b/etc/ssh-agent.profile | |||
@@ -11,6 +11,7 @@ noblacklist /tmp/ssh-* | |||
11 | noblacklist ${HOME}/.ssh | 11 | noblacklist ${HOME}/.ssh |
12 | 12 | ||
13 | blacklist /tmp/.X11-unix | 13 | blacklist /tmp/.X11-unix |
14 | blacklist ${RUNUSER}/wayland-* | ||
14 | 15 | ||
15 | include disable-common.inc | 16 | include disable-common.inc |
16 | include disable-passwdmgr.inc | 17 | include disable-passwdmgr.inc |
diff --git a/etc/standardnotes-desktop.profile b/etc/standardnotes-desktop.profile index aa6902854..a402aca5a 100644 --- a/etc/standardnotes-desktop.profile +++ b/etc/standardnotes-desktop.profile | |||
@@ -39,5 +39,5 @@ seccomp !chroot | |||
39 | disable-mnt | 39 | disable-mnt |
40 | private-dev | 40 | private-dev |
41 | private-tmp | 41 | private-tmp |
42 | private-etc alternatives,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,pki,resolv.conf,ssl,xdg | 42 | private-etc alternatives,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,pki,resolv.conf,ssl,xdg |
43 | 43 | ||
diff --git a/etc/start-tor-browser.profile b/etc/start-tor-browser.profile index a8b5d109e..f9daf8f09 100644 --- a/etc/start-tor-browser.profile +++ b/etc/start-tor-browser.profile | |||
@@ -36,5 +36,5 @@ shell none | |||
36 | disable-mnt | 36 | disable-mnt |
37 | private-bin bash,cat,cp,cut,dirname,env,getconf,gpg,grep,gxmessage,id,kdialog,ln,mkdir,pwd,readlink,realpath,rm,sed,sh,tail,test,update-desktop-database,xmessage,zenity | 37 | private-bin bash,cat,cp,cut,dirname,env,getconf,gpg,grep,gxmessage,id,kdialog,ln,mkdir,pwd,readlink,realpath,rm,sed,sh,tail,test,update-desktop-database,xmessage,zenity |
38 | private-dev | 38 | private-dev |
39 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.cache,machine-id,pki,pulse,resolv.conf,ssl | 39 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl |
40 | private-tmp | 40 | private-tmp |
diff --git a/etc/strings.profile b/etc/strings.profile index 52b762108..7dc453b1f 100644 --- a/etc/strings.profile +++ b/etc/strings.profile | |||
@@ -7,6 +7,8 @@ include strings.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | #include disable-common.inc | 12 | #include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/sylpheed.profile b/etc/sylpheed.profile index 8e99fe1d6..4344fe73a 100644 --- a/etc/sylpheed.profile +++ b/etc/sylpheed.profile | |||
@@ -4,17 +4,14 @@ | |||
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include sylpheed.local | 5 | include sylpheed.local |
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | # added by included profile | 7 | include globals.local |
8 | #include globals.local | ||
9 | 8 | ||
10 | noblacklist ${HOME}/.sylpheed-2.0 | 9 | noblacklist ${HOME}/.sylpheed-2.0 |
11 | # when storing mail outside the default ${HOME}/Mail path, 'noblacklist' the custom path in your sylpheed.local | ||
12 | # and 'blacklist' it in your disable-common.local too so it is kept hidden from other applications | ||
13 | 10 | ||
14 | blacklist ${HOME}/.claws-mail | 11 | mkdir ${HOME}/.sylpheed-2.0 |
12 | whitelist ${HOME}/.sylpheed-2.0 | ||
15 | 13 | ||
16 | nowhitelist /usr/share/doc/claws-mail | ||
17 | whitelist /usr/share/sylpheed | 14 | whitelist /usr/share/sylpheed |
18 | 15 | ||
19 | # Redirect | 16 | # Redirect |
20 | include claws-mail.profile | 17 | include email-common.profile |
diff --git a/etc/tar.profile b/etc/tar.profile index 455a370de..0858dcb26 100644 --- a/etc/tar.profile +++ b/etc/tar.profile | |||
@@ -7,6 +7,8 @@ include tar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. | 12 | # Arch Linux (based distributions) need access to /var/lib/pacman. As we drop all capabilities this is automatically read-only. |
11 | noblacklist /var/lib/pacman | 13 | noblacklist /var/lib/pacman |
12 | 14 | ||
diff --git a/etc/teams-for-linux.profile b/etc/teams-for-linux.profile index d9e874be2..882d8d0f3 100644 --- a/etc/teams-for-linux.profile +++ b/etc/teams-for-linux.profile | |||
@@ -1,37 +1,27 @@ | |||
1 | # Firejail profile for teams-for-linux | 1 | # Firejail profile for teams-for-linux |
2 | # Description: Teams for Linux is an Electron application for Microsoft's team collaboration and chat program | 2 | # Description: Unofficial Microsoft Teams client for Linux using Electron. |
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include teams-for-linux.local | 5 | include teams-for-linux.local |
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | # added by included profile |
8 | #include globals.local | ||
9 | |||
10 | ignore nodbus | ||
8 | 11 | ||
9 | noblacklist ${HOME}/.config/teams-for-linux | 12 | noblacklist ${HOME}/.config/teams-for-linux |
10 | 13 | ||
11 | include disable-common.inc | ||
12 | include disable-devel.inc | 14 | include disable-devel.inc |
13 | include disable-exec.inc | 15 | include disable-exec.inc |
14 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | ||
16 | include disable-programs.inc | ||
17 | 17 | ||
18 | mkdir ${HOME}/.config/teams-for-linux | 18 | mkdir ${HOME}/.config/teams-for-linux |
19 | whitelist ${HOME}/.config/teams-for-linux | 19 | whitelist ${HOME}/.config/teams-for-linux |
20 | whitelist ${DOWNLOADS} | ||
21 | include whitelist-common.inc | 20 | include whitelist-common.inc |
22 | include whitelist-var-common.inc | 21 | include whitelist-var-common.inc |
23 | 22 | ||
24 | caps.drop all | ||
25 | netfilter | ||
26 | nodvd | ||
27 | nogroups | ||
28 | nonewprivs | ||
29 | noroot | ||
30 | notv | ||
31 | nou2f | 23 | nou2f |
32 | novideo | 24 | novideo |
33 | protocol unix,inet,inet6,netlink | ||
34 | seccomp | ||
35 | shell none | 25 | shell none |
36 | 26 | ||
37 | disable-mnt | 27 | disable-mnt |
@@ -40,3 +30,6 @@ private-cache | |||
40 | private-dev | 30 | private-dev |
41 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl | 31 | private-etc ca-certificates,crypto-policies,fonts,ld.so.cache,localtime,machine-id,pki,resolv.conf,ssl |
42 | private-tmp | 32 | private-tmp |
33 | |||
34 | # Redirect | ||
35 | include electron.profile | ||
diff --git a/etc/templates/profile.template b/etc/templates/profile.template index 7bfc3cf0d..0362b82af 100644 --- a/etc/templates/profile.template +++ b/etc/templates/profile.template | |||
@@ -42,6 +42,7 @@ | |||
42 | # ${HOME} (user's home) | 42 | # ${HOME} (user's home) |
43 | # ${PATH} (contents of PATH envvar) | 43 | # ${PATH} (contents of PATH envvar) |
44 | # ${MUSIC} | 44 | # ${MUSIC} |
45 | # ${RUNUSER} (/run/user/UID) | ||
45 | # ${VIDEOS} | 46 | # ${VIDEOS} |
46 | # | 47 | # |
47 | # Check contents of ~/.config/user-dirs.dirs to see how they translate to actual paths. | 48 | # Check contents of ~/.config/user-dirs.dirs to see how they translate to actual paths. |
@@ -59,6 +60,8 @@ include globals.local | |||
59 | ##blacklist PATH | 60 | ##blacklist PATH |
60 | # Disable X11 (CLI only), see also 'x11 none' below | 61 | # Disable X11 (CLI only), see also 'x11 none' below |
61 | #blacklist /tmp/.X11-unix | 62 | #blacklist /tmp/.X11-unix |
63 | # Disable Wayland | ||
64 | #blacklist ${RUNUSER}/wayland-* | ||
62 | 65 | ||
63 | # It is common practice to add files/dirs containing program-specific configuration | 66 | # It is common practice to add files/dirs containing program-specific configuration |
64 | # (often ${HOME}/PROGRAMNAME or ${HOME}/.config/PROGRAMNAME) into disable-programs.inc | 67 | # (often ${HOME}/PROGRAMNAME or ${HOME}/.config/PROGRAMNAME) into disable-programs.inc |
@@ -90,6 +93,9 @@ include globals.local | |||
90 | # Allow ruby (blacklisted by disable-interpreters.inc) | 93 | # Allow ruby (blacklisted by disable-interpreters.inc) |
91 | #include allow-ruby.inc | 94 | #include allow-ruby.inc |
92 | 95 | ||
96 | # Allow gjs (blacklisted by disable-interpreters.inc) | ||
97 | #include allow-gjs.inc | ||
98 | |||
93 | # Allows files commonly used by IDEs | 99 | # Allows files commonly used by IDEs |
94 | #include allow-common-devel.inc | 100 | #include allow-common-devel.inc |
95 | 101 | ||
diff --git a/etc/tex.profile b/etc/tex.profile new file mode 100644 index 000000000..f56c3038e --- /dev/null +++ b/etc/tex.profile | |||
@@ -0,0 +1,12 @@ | |||
1 | # Firejail profile for tex | ||
2 | # This file is overwritten after every install/update | ||
3 | # Persistent local customizations | ||
4 | include tex.local | ||
5 | # Persistent global definitions | ||
6 | include globals.local | ||
7 | |||
8 | private-bin tex | ||
9 | |||
10 | # Redirect | ||
11 | include latex-common.profile | ||
12 | |||
diff --git a/etc/thunderbird.profile b/etc/thunderbird.profile index e30b57498..6e888c163 100644 --- a/etc/thunderbird.profile +++ b/etc/thunderbird.profile | |||
@@ -6,13 +6,16 @@ include thunderbird.local | |||
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | include globals.local |
8 | 8 | ||
9 | # Users have thunderbird set to open a browser by clicking a link in an email | 9 | # writable-run-user and dbus are needed by enigmail |
10 | # We are not allowed to blacklist browser-specific directories | 10 | ignore nodbus |
11 | writable-run-user | ||
11 | 12 | ||
12 | noblacklist ${HOME}/.cache/thunderbird | 13 | # If you want to read local mail stored in /var/mail, add the following to thunderbird.local: |
13 | noblacklist ${HOME}/.gnupg | 14 | #noblacklist /var/mail |
14 | # noblacklist ${HOME}/.icedove | 15 | #noblacklist /var/spool/mail |
15 | noblacklist ${HOME}/.thunderbird | 16 | #whitelist /var/mail |
17 | #whitelist /var/spool/mail | ||
18 | #writable-var | ||
16 | 19 | ||
17 | # Uncomment the next 4 lines or put them in your thunderbird.local to | 20 | # Uncomment the next 4 lines or put them in your thunderbird.local to |
18 | # allow Firefox to load your profile when clicking a link in an email | 21 | # allow Firefox to load your profile when clicking a link in an email |
@@ -21,6 +24,14 @@ noblacklist ${HOME}/.thunderbird | |||
21 | #whitelist ${HOME}/.cache/mozilla/firefox | 24 | #whitelist ${HOME}/.cache/mozilla/firefox |
22 | #whitelist ${HOME}/.mozilla | 25 | #whitelist ${HOME}/.mozilla |
23 | 26 | ||
27 | noblacklist ${HOME}/.cache/thunderbird | ||
28 | noblacklist ${HOME}/.gnupg | ||
29 | # noblacklist ${HOME}/.icedove | ||
30 | noblacklist ${HOME}/.thunderbird | ||
31 | |||
32 | include disable-passwdmgr.inc | ||
33 | include disable-xdg.inc | ||
34 | |||
24 | # If you have setup Thunderbird to archive emails to a local folder, | 35 | # If you have setup Thunderbird to archive emails to a local folder, |
25 | # make sure you add the path to that folder to the mkdir and whitelist | 36 | # make sure you add the path to that folder to the mkdir and whitelist |
26 | # rules below. Otherwise they will be deleted when you close Thunderbird. | 37 | # rules below. Otherwise they will be deleted when you close Thunderbird. |
@@ -34,23 +45,19 @@ whitelist ${HOME}/.gnupg | |||
34 | # whitelist ${HOME}/.icedove | 45 | # whitelist ${HOME}/.icedove |
35 | whitelist ${HOME}/.thunderbird | 46 | whitelist ${HOME}/.thunderbird |
36 | 47 | ||
37 | #whitelist /usr/share/mozilla | 48 | whitelist /usr/share/gnupg |
38 | #include whitelist-usr-share-common.inc | 49 | whitelist /usr/share/mozilla |
50 | whitelist /usr/share/webext | ||
51 | include whitelist-usr-share-common.inc | ||
52 | |||
53 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required | ||
54 | #machine-id | ||
55 | novideo | ||
39 | 56 | ||
40 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE | 57 | # We need the real /tmp for data exchange when xdg-open handles email attachments on KDE |
41 | ignore private-tmp | 58 | ignore private-tmp |
42 | # machine-id breaks audio in browsers; enable or put it in your thunderbird.local when sound is not required | ||
43 | # machine-id | ||
44 | read-only ${HOME}/.config/mimeapps.list | ||
45 | # writable-run-user and dbus are needed by enigmail | ||
46 | writable-run-user | ||
47 | ignore nodbus | ||
48 | 59 | ||
49 | # If you want to read local mail stored in /var/mail, add the following to thunderbird.local: | 60 | read-only ${HOME}/.config/mimeapps.list |
50 | # noblacklist /var/mail | ||
51 | # noblacklist /var/spool/mail | ||
52 | # writable-var | ||
53 | 61 | ||
54 | # allow browsers | ||
55 | # Redirect | 62 | # Redirect |
56 | include firefox-common.profile | 63 | include firefox-common.profile |
diff --git a/etc/torbrowser-launcher.profile b/etc/torbrowser-launcher.profile index be03afdb5..72bdf9fa1 100644 --- a/etc/torbrowser-launcher.profile +++ b/etc/torbrowser-launcher.profile | |||
@@ -50,5 +50,5 @@ shell none | |||
50 | disable-mnt | 50 | disable-mnt |
51 | private-bin bash,cat,cp,cut,dirname,env,expr,file,gpg,grep,gxmessage,id,kdialog,ln,mkdir,mv,python*,rm,sed,sh,tail,tar,tclsh,test,tor-browser,tor-browser-en,torbrowser-launcher,update-desktop-database,xmessage,xz,zenity | 51 | private-bin bash,cat,cp,cut,dirname,env,expr,file,gpg,grep,gxmessage,id,kdialog,ln,mkdir,mv,python*,rm,sed,sh,tail,tar,tclsh,test,tor-browser,tor-browser-en,torbrowser-launcher,update-desktop-database,xmessage,xz,zenity |
52 | private-dev | 52 | private-dev |
53 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,ld.so.cache,machine-id,pki,pulse,resolv.conf,ssl | 53 | private-etc alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id,pki,pulse,resolv.conf,ssl |
54 | private-tmp | 54 | private-tmp |
diff --git a/etc/tracker.profile b/etc/tracker.profile index 6e107d99e..d47185b1d 100644 --- a/etc/tracker.profile +++ b/etc/tracker.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | # Tracker is started by systemd on most systems. Therefore it is not firejailed by default | 9 | # Tracker is started by systemd on most systems. Therefore it is not firejailed by default |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | blacklist ${RUNUSER}/wayland-* | ||
12 | 13 | ||
13 | include disable-common.inc | 14 | include disable-common.inc |
14 | include disable-devel.inc | 15 | include disable-devel.inc |
diff --git a/etc/transmission-common.profile b/etc/transmission-common.profile index a8b667e91..b9f49c4a4 100644 --- a/etc/transmission-common.profile +++ b/etc/transmission-common.profile | |||
@@ -3,6 +3,9 @@ | |||
3 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include transmission-common.local | 5 | include transmission-common.local |
6 | # Persistent global definitions | ||
7 | # added by caller profile | ||
8 | #include globals.local | ||
6 | 9 | ||
7 | noblacklist ${HOME}/.cache/transmission | 10 | noblacklist ${HOME}/.cache/transmission |
8 | noblacklist ${HOME}/.config/transmission | 11 | noblacklist ${HOME}/.config/transmission |
@@ -40,6 +43,7 @@ seccomp | |||
40 | shell none | 43 | shell none |
41 | tracelog | 44 | tracelog |
42 | 45 | ||
46 | private-cache | ||
43 | private-dev | 47 | private-dev |
44 | private-lib | 48 | private-lib |
45 | private-tmp | 49 | private-tmp |
diff --git a/etc/transmission-daemon.profile b/etc/transmission-daemon.profile index f1e7fcb17..1841b8ed0 100644 --- a/etc/transmission-daemon.profile +++ b/etc/transmission-daemon.profile | |||
@@ -7,6 +7,8 @@ include transmission-daemon.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | mkdir ${HOME}/.config/transmission-daemon | ||
11 | whitelist ${HOME}/.config/transmission-daemon | ||
10 | whitelist /var/lib/transmission | 12 | whitelist /var/lib/transmission |
11 | 13 | ||
12 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot | 14 | caps.keep ipc_lock,net_bind_service,setgid,setuid,sys_chroot |
diff --git a/etc/tvbrowser.profile b/etc/tvbrowser.profile new file mode 100644 index 000000000..6e028b086 --- /dev/null +++ b/etc/tvbrowser.profile | |||
@@ -0,0 +1,51 @@ | |||
1 | # Firejail profile for tvbrowser | ||
2 | # Description: java tv programm form tvbrowser.org | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include tvbrowser.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.config/tvbrowser | ||
10 | noblacklist ${HOME}/.tvbrowser | ||
11 | |||
12 | # Allow java (blacklisted by disable-devel.inc) | ||
13 | include allow-java.inc | ||
14 | |||
15 | include disable-common.inc | ||
16 | include disable-devel.inc | ||
17 | include disable-exec.inc | ||
18 | include disable-interpreters.inc | ||
19 | include disable-passwdmgr.inc | ||
20 | include disable-programs.inc | ||
21 | include disable-xdg.inc | ||
22 | |||
23 | mkdir ${HOME}/.config/tvbrowser | ||
24 | mkdir ${HOME}/.tvbrowser | ||
25 | whitelist ${HOME}/.config/tvbrowser | ||
26 | whitelist ${HOME}/.tvbrowser | ||
27 | whitelist /usr/share/tvbrowser | ||
28 | include whitelist-common.inc | ||
29 | include whitelist-usr-share-common.inc | ||
30 | include whitelist-var-common.inc | ||
31 | |||
32 | caps.drop all | ||
33 | netfilter | ||
34 | no3d | ||
35 | nodbus | ||
36 | nodvd | ||
37 | nogroups | ||
38 | nonewprivs | ||
39 | noroot | ||
40 | notv | ||
41 | nou2f | ||
42 | novideo | ||
43 | protocol unix,inet,inet6 | ||
44 | seccomp | ||
45 | shell none | ||
46 | tracelog | ||
47 | |||
48 | disable-mnt | ||
49 | private-cache | ||
50 | private-dev | ||
51 | private-tmp | ||
diff --git a/etc/udiskie.profile b/etc/udiskie.profile index f6e85d60e..265f6429d 100644 --- a/etc/udiskie.profile +++ b/etc/udiskie.profile | |||
@@ -31,7 +31,7 @@ notv | |||
31 | nou2f | 31 | nou2f |
32 | novideo | 32 | novideo |
33 | protocol unix | 33 | protocol unix |
34 | seccomp | 34 | seccomp !request_key |
35 | shell none | 35 | shell none |
36 | tracelog | 36 | tracelog |
37 | 37 | ||
diff --git a/etc/unbound.profile b/etc/unbound.profile index 67448d766..36533a762 100644 --- a/etc/unbound.profile +++ b/etc/unbound.profile | |||
@@ -10,6 +10,7 @@ noblacklist /sbin | |||
10 | noblacklist /usr/sbin | 10 | noblacklist /usr/sbin |
11 | 11 | ||
12 | blacklist /tmp/.X11-unix | 12 | blacklist /tmp/.X11-unix |
13 | blacklist ${RUNUSER}/wayland-* | ||
13 | 14 | ||
14 | include disable-common.inc | 15 | include disable-common.inc |
15 | include disable-devel.inc | 16 | include disable-devel.inc |
diff --git a/etc/unf.profile b/etc/unf.profile index 1f0b2aa32..b8eccf4dc 100644 --- a/etc/unf.profile +++ b/etc/unf.profile | |||
@@ -7,6 +7,8 @@ include unf.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
@@ -48,7 +50,7 @@ private-cache | |||
48 | ?HAS_APPIMAGE: ignore private-dev | 50 | ?HAS_APPIMAGE: ignore private-dev |
49 | private-dev | 51 | private-dev |
50 | private-etc alternatives | 52 | private-etc alternatives |
51 | private-lib libgcc_s.so.* | 53 | private-lib gcc/*/*/libgcc_s.so.* |
52 | private-tmp | 54 | private-tmp |
53 | 55 | ||
54 | memory-deny-write-execute | 56 | memory-deny-write-execute |
diff --git a/etc/unrar.profile b/etc/unrar.profile index 428173e7d..bf28746b0 100644 --- a/etc/unrar.profile +++ b/etc/unrar.profile | |||
@@ -7,6 +7,8 @@ include unrar.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/unzip.profile b/etc/unzip.profile index 60e447049..7882f2b63 100644 --- a/etc/unzip.profile +++ b/etc/unzip.profile | |||
@@ -7,6 +7,8 @@ include unzip.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | # GNOME Shell integration (chrome-gnome-shell) | 12 | # GNOME Shell integration (chrome-gnome-shell) |
11 | noblacklist ${HOME}/.local/share/gnome-shell | 13 | noblacklist ${HOME}/.local/share/gnome-shell |
12 | 14 | ||
diff --git a/etc/uudeview.profile b/etc/uudeview.profile index 60a7f0d20..bd2ee01d5 100644 --- a/etc/uudeview.profile +++ b/etc/uudeview.profile | |||
@@ -7,6 +7,8 @@ include uudeview.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/w3m.profile b/etc/w3m.profile index 76531d315..97465baa1 100644 --- a/etc/w3m.profile +++ b/etc/w3m.profile | |||
@@ -9,6 +9,7 @@ include globals.local | |||
9 | noblacklist ${HOME}/.w3m | 9 | noblacklist ${HOME}/.w3m |
10 | 10 | ||
11 | blacklist /tmp/.X11-unix | 11 | blacklist /tmp/.X11-unix |
12 | blacklist ${RUNUSER}/wayland-* | ||
12 | 13 | ||
13 | include allow-perl.inc | 14 | include allow-perl.inc |
14 | 15 | ||
diff --git a/etc/wget.profile b/etc/wget.profile index c1f7dfc3f..401926e2d 100644 --- a/etc/wget.profile +++ b/etc/wget.profile | |||
@@ -12,6 +12,7 @@ noblacklist ${HOME}/.wget-hsts | |||
12 | noblacklist ${HOME}/.wgetrc | 12 | noblacklist ${HOME}/.wgetrc |
13 | 13 | ||
14 | blacklist /tmp/.X11-unix | 14 | blacklist /tmp/.X11-unix |
15 | blacklist ${RUNUSER}/wayland-* | ||
15 | 16 | ||
16 | include disable-common.inc | 17 | include disable-common.inc |
17 | include disable-devel.inc | 18 | include disable-devel.inc |
diff --git a/etc/whalebird.profile b/etc/whalebird.profile index 26932b6b3..2e24dd8e0 100644 --- a/etc/whalebird.profile +++ b/etc/whalebird.profile | |||
@@ -4,37 +4,27 @@ | |||
4 | # Persistent local customizations | 4 | # Persistent local customizations |
5 | include whalebird.local | 5 | include whalebird.local |
6 | # Persistent global definitions | 6 | # Persistent global definitions |
7 | include globals.local | 7 | # added by included profile |
8 | #include globals.local | ||
9 | |||
10 | ignore nodbus | ||
8 | 11 | ||
9 | noblacklist ${HOME}/.config/Whalebird | 12 | noblacklist ${HOME}/.config/Whalebird |
10 | 13 | ||
11 | include disable-common.inc | ||
12 | include disable-devel.inc | 14 | include disable-devel.inc |
13 | include disable-exec.inc | 15 | include disable-exec.inc |
14 | include disable-interpreters.inc | 16 | include disable-interpreters.inc |
15 | include disable-passwdmgr.inc | ||
16 | include disable-programs.inc | ||
17 | include disable-xdg.inc | 17 | include disable-xdg.inc |
18 | 18 | ||
19 | mkdir ${HOME}/.config/Whalebird | 19 | mkdir ${HOME}/.config/Whalebird |
20 | whitelist ${HOME}/.config/Whalebird | 20 | whitelist ${HOME}/.config/Whalebird |
21 | whitelist ${DOWNLOADS} | ||
22 | include whitelist-common.inc | 21 | include whitelist-common.inc |
23 | include whitelist-var-common.inc | 22 | include whitelist-var-common.inc |
24 | 23 | ||
25 | apparmor | ||
26 | caps.drop all | ||
27 | netfilter | ||
28 | no3d | 24 | no3d |
29 | nodvd | ||
30 | nogroups | ||
31 | nonewprivs | ||
32 | noroot | ||
33 | notv | ||
34 | nou2f | 25 | nou2f |
35 | novideo | 26 | novideo |
36 | protocol unix,inet,inet6 | 27 | protocol unix,inet,inet6 |
37 | seccomp | ||
38 | shell none | 28 | shell none |
39 | 29 | ||
40 | disable-mnt | 30 | disable-mnt |
@@ -43,3 +33,6 @@ private-cache | |||
43 | private-dev | 33 | private-dev |
44 | private-etc fonts,machine-id | 34 | private-etc fonts,machine-id |
45 | private-tmp | 35 | private-tmp |
36 | |||
37 | # Redirect | ||
38 | include electron.profile | ||
diff --git a/etc/whitelist-usr-share-common.inc b/etc/whitelist-usr-share-common.inc index 322bdefe9..710007163 100644 --- a/etc/whitelist-usr-share-common.inc +++ b/etc/whitelist-usr-share-common.inc | |||
@@ -13,6 +13,7 @@ whitelist /usr/share/distro-info | |||
13 | whitelist /usr/share/drirc.d | 13 | whitelist /usr/share/drirc.d |
14 | whitelist /usr/share/enchant | 14 | whitelist /usr/share/enchant |
15 | whitelist /usr/share/enchant-2 | 15 | whitelist /usr/share/enchant-2 |
16 | whitelist /usr/share/file | ||
16 | whitelist /usr/share/fontconfig | 17 | whitelist /usr/share/fontconfig |
17 | whitelist /usr/share/fonts | 18 | whitelist /usr/share/fonts |
18 | whitelist /usr/share/gir-1.0 | 19 | whitelist /usr/share/gir-1.0 |
@@ -26,6 +27,7 @@ whitelist /usr/share/gtksourceview-4 | |||
26 | whitelist /usr/share/hunspell | 27 | whitelist /usr/share/hunspell |
27 | whitelist /usr/share/hwdata | 28 | whitelist /usr/share/hwdata |
28 | whitelist /usr/share/icons | 29 | whitelist /usr/share/icons |
30 | whitelist /usr/share/icu | ||
29 | whitelist /usr/share/knotifications5 | 31 | whitelist /usr/share/knotifications5 |
30 | whitelist /usr/share/kservices5 | 32 | whitelist /usr/share/kservices5 |
31 | whitelist /usr/share/Kvantum | 33 | whitelist /usr/share/Kvantum |
diff --git a/etc/whois.profile b/etc/whois.profile index bd0870bea..0e60e18ab 100644 --- a/etc/whois.profile +++ b/etc/whois.profile | |||
@@ -8,6 +8,7 @@ include whois.local | |||
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist /tmp/.X11-unix | 10 | blacklist /tmp/.X11-unix |
11 | blacklist ${RUNUSER}/wayland-* | ||
11 | 12 | ||
12 | include disable-common.inc | 13 | include disable-common.inc |
13 | include disable-devel.inc | 14 | include disable-devel.inc |
@@ -45,8 +46,8 @@ private | |||
45 | private-bin bash,sh,whois | 46 | private-bin bash,sh,whois |
46 | private-cache | 47 | private-cache |
47 | private-dev | 48 | private-dev |
48 | private-etc alternatives,hosts,jwhois.conf,services,whois.conf | 49 | private-etc alternatives,hosts,jwhois.conf,resolv.conf,services,whois.conf |
49 | private-lib | 50 | private-lib gconv |
50 | private-tmp | 51 | private-tmp |
51 | 52 | ||
52 | memory-deny-write-execute | 53 | memory-deny-write-execute |
diff --git a/etc/wire-desktop.profile b/etc/wire-desktop.profile index 490255fa6..3c783322b 100644 --- a/etc/wire-desktop.profile +++ b/etc/wire-desktop.profile | |||
@@ -1,40 +1,35 @@ | |||
1 | # Firejail profile for wire-desktop | 1 | # Firejail profile for wire-desktop |
2 | # Description: End-to-end encrypted messenger with file sharing, voice calls and video conferences | ||
2 | # This file is overwritten after every install/update | 3 | # This file is overwritten after every install/update |
3 | # Persistent local customizations | 4 | # Persistent local customizations |
4 | include wire-desktop.local | 5 | include wire-desktop.local |
5 | # Persistent global definitions | 6 | # Persistent global definitions |
6 | include globals.local | 7 | # added by included profile |
8 | #include globals.local | ||
9 | |||
10 | # Debian/Ubuntu use /opt/Wire. As that is not in PATH by default, run `firejail /opt/Wire/wire-desktop` to start it. | ||
11 | |||
12 | ignore caps.drop all | ||
13 | ignore nodbus | ||
7 | 14 | ||
8 | noblacklist ${HOME}/.config/Wire | 15 | noblacklist ${HOME}/.config/Wire |
9 | 16 | ||
10 | include disable-common.inc | ||
11 | include disable-devel.inc | 17 | include disable-devel.inc |
12 | include disable-interpreters.inc | 18 | include disable-interpreters.inc |
13 | include disable-passwdmgr.inc | ||
14 | include disable-programs.inc | ||
15 | 19 | ||
16 | mkdir ${HOME}/.config/Wire | 20 | mkdir ${HOME}/.config/Wire |
17 | whitelist ${HOME}/.config/Wire | 21 | whitelist ${HOME}/.config/Wire |
18 | whitelist ${DOWNLOADS} | ||
19 | include whitelist-common.inc | 22 | include whitelist-common.inc |
20 | 23 | ||
21 | caps.drop all | 24 | caps.keep sys_admin,sys_chroot |
22 | netfilter | ||
23 | nodvd | ||
24 | nogroups | ||
25 | nonewprivs | ||
26 | noroot | ||
27 | notv | ||
28 | nou2f | 25 | nou2f |
29 | protocol unix,inet,inet6,netlink | ||
30 | seccomp | ||
31 | shell none | 26 | shell none |
32 | 27 | ||
33 | # Note: The current version of Wire is located in /opt/wire-desktop/wire-desktop, and therefore | ||
34 | # it is not in PATH. To use Wire with firejail, run "firejail /opt/wire-desktop/wire-desktop" | ||
35 | |||
36 | disable-mnt | 28 | disable-mnt |
37 | private-bin bash,electron,electron4,env,sh,wire-desktop | 29 | private-bin bash,electron,electron4,env,sh,wire-desktop |
38 | private-dev | 30 | private-dev |
39 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl | 31 | private-etc alternatives,ca-certificates,crypto-policies,fonts,machine-id,pki,resolv.conf,ssl |
40 | private-tmp | 32 | private-tmp |
33 | |||
34 | # Redirect | ||
35 | include electron.profile | ||
diff --git a/etc/wpp.profile b/etc/wpp.profile new file mode 100644 index 000000000..a219397a9 --- /dev/null +++ b/etc/wpp.profile | |||
@@ -0,0 +1,14 @@ | |||
1 | # Firejail profile for wpp | ||
2 | # Description: WPS Office - Presentation | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include wpp.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include globals.local | ||
9 | |||
10 | ignore machine-id | ||
11 | ignore nosound | ||
12 | |||
13 | # Redirect | ||
14 | include wps.profile | ||
diff --git a/etc/wps.profile b/etc/wps.profile new file mode 100644 index 000000000..47bba2dda --- /dev/null +++ b/etc/wps.profile | |||
@@ -0,0 +1,47 @@ | |||
1 | # Firejail profile for wps | ||
2 | # Description: WPS Office - Writer | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include wps.local | ||
6 | # Persistent global definitions | ||
7 | include globals.local | ||
8 | |||
9 | noblacklist ${HOME}/.kingsoft | ||
10 | noblacklist ${HOME}/.config/Kingsoft | ||
11 | noblacklist ${HOME}/.local/share/Kingsoft | ||
12 | |||
13 | include disable-common.inc | ||
14 | include disable-devel.inc | ||
15 | include disable-exec.inc | ||
16 | include disable-interpreters.inc | ||
17 | include disable-passwdmgr.inc | ||
18 | include disable-programs.inc | ||
19 | |||
20 | include whitelist-usr-share-common.inc | ||
21 | include whitelist-var-common.inc | ||
22 | |||
23 | apparmor | ||
24 | caps.drop all | ||
25 | machine-id | ||
26 | # Uncomment the next line (or add to wps.local) if you don't use network features. | ||
27 | #net none | ||
28 | netfilter | ||
29 | no3d | ||
30 | nodbus | ||
31 | nodvd | ||
32 | nogroups | ||
33 | nonewprivs | ||
34 | noroot | ||
35 | nosound | ||
36 | notv | ||
37 | nou2f | ||
38 | novideo | ||
39 | protocol unix,inet,inet6 | ||
40 | # seccomp cause some minor issues, if you can live with them enable it. | ||
41 | #seccomp | ||
42 | shell none | ||
43 | tracelog | ||
44 | |||
45 | private-cache | ||
46 | private-dev | ||
47 | private-tmp | ||
diff --git a/etc/wpspdf.profile b/etc/wpspdf.profile new file mode 100644 index 000000000..82080acbc --- /dev/null +++ b/etc/wpspdf.profile | |||
@@ -0,0 +1,11 @@ | |||
1 | # Firejail profile for wpspdf | ||
2 | # Description: Kingsoft Pdf Reader | ||
3 | # This file is overwritten after every install/update | ||
4 | # Persistent local customizations | ||
5 | include et.local | ||
6 | # Persistent global definitions | ||
7 | # added by included profile | ||
8 | #include globals.local | ||
9 | |||
10 | # Redirect | ||
11 | include wps.profile | ||
diff --git a/etc/xzdec.profile b/etc/xzdec.profile index 93c288d6e..ca6aaf1d5 100644 --- a/etc/xzdec.profile +++ b/etc/xzdec.profile | |||
@@ -7,6 +7,8 @@ include xzdec.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
diff --git a/etc/yelp.profile b/etc/yelp.profile index 41138cd17..acd483209 100644 --- a/etc/yelp.profile +++ b/etc/yelp.profile | |||
@@ -18,6 +18,7 @@ include disable-xdg.inc | |||
18 | 18 | ||
19 | mkdir ${HOME}/.config/yelp | 19 | mkdir ${HOME}/.config/yelp |
20 | whitelist ${HOME}/.config/yelp | 20 | whitelist ${HOME}/.config/yelp |
21 | whitelist /usr/share/doc | ||
21 | whitelist /usr/share/help | 22 | whitelist /usr/share/help |
22 | whitelist /usr/share/yelp | 23 | whitelist /usr/share/yelp |
23 | whitelist /usr/share/yelp-xsl | 24 | whitelist /usr/share/yelp-xsl |
diff --git a/etc/youtube-dl.profile b/etc/youtube-dl.profile index 5fa72c9dc..19effef47 100644 --- a/etc/youtube-dl.profile +++ b/etc/youtube-dl.profile | |||
@@ -21,6 +21,7 @@ include allow-python2.inc | |||
21 | include allow-python3.inc | 21 | include allow-python3.inc |
22 | 22 | ||
23 | blacklist /tmp/.X11-unix | 23 | blacklist /tmp/.X11-unix |
24 | blacklist ${RUNUSER}/wayland-* | ||
24 | 25 | ||
25 | include disable-common.inc | 26 | include disable-common.inc |
26 | include disable-devel.inc | 27 | include disable-devel.inc |
diff --git a/etc/zathura.profile b/etc/zathura.profile index 68a5701ee..703c8edd4 100644 --- a/etc/zathura.profile +++ b/etc/zathura.profile | |||
@@ -18,10 +18,18 @@ include disable-passwdmgr.inc | |||
18 | include disable-programs.inc | 18 | include disable-programs.inc |
19 | include disable-xdg.inc | 19 | include disable-xdg.inc |
20 | 20 | ||
21 | mkdir ${HOME}/.config/zathura | ||
22 | mkdir ${HOME}/.local/share/zathura | ||
23 | whitelist /usr/share/doc | ||
24 | whitelist /usr/share/zathura | ||
25 | include whitelist-usr-share-common.inc | ||
26 | include whitelist-var-common.inc | ||
27 | |||
21 | caps.drop all | 28 | caps.drop all |
29 | ipc-namespace | ||
22 | machine-id | 30 | machine-id |
23 | # net none | 31 | net none |
24 | # nodbus | 32 | nodbus |
25 | nodvd | 33 | nodvd |
26 | nogroups | 34 | nogroups |
27 | nonewprivs | 35 | nonewprivs |
@@ -38,11 +46,10 @@ tracelog | |||
38 | private-bin zathura | 46 | private-bin zathura |
39 | private-cache | 47 | private-cache |
40 | private-dev | 48 | private-dev |
41 | private-etc alternatives,fonts,machine-id | 49 | private-etc alternatives,fonts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,machine-id |
50 | private-lib gcc/*/*/libgcc_s.so.*,gcc/*/*/libstdc++.so.*,libarchive.so.*,libdjvulibre.so.*,libgirara-gtk*,libpoppler-glib.so.*,libspectre.so.*,zathura | ||
42 | private-tmp | 51 | private-tmp |
43 | 52 | ||
44 | mkdir ${HOME}/.config/zathura | ||
45 | mkdir ${HOME}/.local/share/zathura | ||
46 | read-only ${HOME} | 53 | read-only ${HOME} |
47 | read-write ${HOME}/.config/zathura | 54 | read-write ${HOME}/.config/zathura |
48 | read-write ${HOME}/.local/share/zathura | 55 | read-write ${HOME}/.local/share/zathura |
diff --git a/etc/zstd.profile b/etc/zstd.profile index ea7bbfb0d..93b849568 100644 --- a/etc/zstd.profile +++ b/etc/zstd.profile | |||
@@ -7,6 +7,8 @@ include zstd.local | |||
7 | # Persistent global definitions | 7 | # Persistent global definitions |
8 | include globals.local | 8 | include globals.local |
9 | 9 | ||
10 | blacklist ${RUNUSER}/wayland-* | ||
11 | |||
10 | include disable-common.inc | 12 | include disable-common.inc |
11 | include disable-devel.inc | 13 | include disable-devel.inc |
12 | include disable-exec.inc | 14 | include disable-exec.inc |
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | gcov_init() { | 6 | gcov_init() { |
4 | USER=`whoami` | 7 | USER=`whoami` |
diff --git a/install.sh b/install.sh index a8a506096..2fa61cc0a 100755 --- a/install.sh +++ b/install.sh | |||
@@ -1,2 +1,6 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | echo "installing..." | 6 | echo "installing..." |
diff --git a/linecnt.sh b/linecnt.sh index 8d77a65ee..1bf834015 100755 --- a/linecnt.sh +++ b/linecnt.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | gcov_init() { | 6 | gcov_init() { |
4 | USER=`whoami` | 7 | USER=`whoami` |
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | echo "Calculationg SHA256 for all files in /transfer - firejail version $1" | 6 | echo "Calculationg SHA256 for all files in /transfer - firejail version $1" |
4 | 7 | ||
diff --git a/mkdeb-apparmor.sh b/mkdeb-apparmor.sh index 152165d60..3c560179c 100755 --- a/mkdeb-apparmor.sh +++ b/mkdeb-apparmor.sh | |||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | # based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/ | 6 | # based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/ |
3 | # a code archive should already be available | 7 | # a code archive should already be available |
4 | 8 | ||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | # based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/ | 6 | # based on http://tldp.org/HOWTO/html_single/Debian-Binary-Package-Building-HOWTO/ |
3 | # a code archive should already be available | 7 | # a code archive should already be available |
4 | 8 | ||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | rm -fr .etc | 6 | rm -fr .etc |
3 | mkdir .etc | 7 | mkdir .etc |
4 | 8 | ||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | sed "s/VERSION/$1/g" $2 > $3 | 6 | sed "s/VERSION/$1/g" $2 > $3 |
4 | MONTH=`LC_ALL=C date -u --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%b` | 7 | MONTH=`LC_ALL=C date -u --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%b` |
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | echo "extracting UID_MIN and GID_MIN" | 6 | echo "extracting UID_MIN and GID_MIN" |
4 | echo "#ifndef FIREJAIL_UIDS_H" > uids.h | 7 | echo "#ifndef FIREJAIL_UIDS_H" > uids.h |
diff --git a/platform/debian/copyright b/platform/debian/copyright index 2c15356c4..c0f98104d 100644 --- a/platform/debian/copyright +++ b/platform/debian/copyright | |||
@@ -7,7 +7,7 @@ This is the Debian/Ubuntu prepackaged version of firejail. | |||
7 | and networking stack isolation, and it runs on any recent Linux system. It | 7 | and networking stack isolation, and it runs on any recent Linux system. It |
8 | includes a sandbox profile for Mozilla Firefox. | 8 | includes a sandbox profile for Mozilla Firefox. |
9 | 9 | ||
10 | Copyright (C) 2014-2019 Firejail Authors (see README file for more details) | 10 | Copyright (C) 2014-2020 Firejail Authors (see README file for more details) |
11 | 11 | ||
12 | This program is free software; you can redistribute it and/or modify | 12 | This program is free software; you can redistribute it and/or modify |
13 | it under the terms of the GNU General Public License as published by | 13 | it under the terms of the GNU General Public License as published by |
diff --git a/platform/rpm/mkrpm.sh b/platform/rpm/mkrpm.sh index 351b92beb..348bea7f2 100755 --- a/platform/rpm/mkrpm.sh +++ b/platform/rpm/mkrpm.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # Usage: ./platform/rpm/mkrpm.sh firejail <version> | 6 | # Usage: ./platform/rpm/mkrpm.sh firejail <version> |
4 | # | 7 | # |
diff --git a/src/faudit/caps.c b/src/faudit/caps.c index 644a69b82..6687fce5a 100644 --- a/src/faudit/caps.c +++ b/src/faudit/caps.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/dbus.c b/src/faudit/dbus.c index 2e4a7550b..8c26c5271 100644 --- a/src/faudit/dbus.c +++ b/src/faudit/dbus.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/dev.c b/src/faudit/dev.c index 3b5921aee..9c80f99df 100644 --- a/src/faudit/dev.c +++ b/src/faudit/dev.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/faudit.h b/src/faudit/faudit.h index ec01dde32..20189a0ff 100644 --- a/src/faudit/faudit.h +++ b/src/faudit/faudit.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/files.c b/src/faudit/files.c index 33d68efbf..6dd3874b9 100644 --- a/src/faudit/files.c +++ b/src/faudit/files.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/main.c b/src/faudit/main.c index 06dcbece0..f6df9772d 100644 --- a/src/faudit/main.c +++ b/src/faudit/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/network.c b/src/faudit/network.c index 214cb972c..f28aff554 100644 --- a/src/faudit/network.c +++ b/src/faudit/network.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/pid.c b/src/faudit/pid.c index 6be2483ae..a45b6e31a 100644 --- a/src/faudit/pid.c +++ b/src/faudit/pid.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/seccomp.c b/src/faudit/seccomp.c index 346b4b457..ca9d34b84 100644 --- a/src/faudit/seccomp.c +++ b/src/faudit/seccomp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c index 3cdbf7407..a8aa572a7 100644 --- a/src/faudit/syscall.c +++ b/src/faudit/syscall.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/faudit/x11.c b/src/faudit/x11.c index d41c3698d..5907ca761 100644 --- a/src/faudit/x11.c +++ b/src/faudit/x11.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/build_bin.c b/src/fbuilder/build_bin.c index d62ec3f17..a44546699 100644 --- a/src/fbuilder/build_bin.c +++ b/src/fbuilder/build_bin.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/build_fs.c b/src/fbuilder/build_fs.c index 4feb8d9bc..b08afb939 100644 --- a/src/fbuilder/build_fs.c +++ b/src/fbuilder/build_fs.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c index 1f30fe5be..8db17a942 100644 --- a/src/fbuilder/build_home.c +++ b/src/fbuilder/build_home.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/build_profile.c b/src/fbuilder/build_profile.c index a0f71ae03..ea9e9a4a0 100644 --- a/src/fbuilder/build_profile.c +++ b/src/fbuilder/build_profile.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/build_seccomp.c b/src/fbuilder/build_seccomp.c index 6fe4c56d8..041d14d0e 100644 --- a/src/fbuilder/build_seccomp.c +++ b/src/fbuilder/build_seccomp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/fbuilder.h b/src/fbuilder/fbuilder.h index 66bf8c544..5c043ffec 100644 --- a/src/fbuilder/fbuilder.h +++ b/src/fbuilder/fbuilder.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/filedb.c b/src/fbuilder/filedb.c index 89fe72c29..bf4e911dd 100644 --- a/src/fbuilder/filedb.c +++ b/src/fbuilder/filedb.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/main.c b/src/fbuilder/main.c index 159af9ae8..5612c21d5 100644 --- a/src/fbuilder/main.c +++ b/src/fbuilder/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fbuilder/utils.c b/src/fbuilder/utils.c index c1cd05f39..2ae829403 100644 --- a/src/fbuilder/utils.c +++ b/src/fbuilder/utils.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fcopy/main.c b/src/fcopy/main.c index 00cbe8d12..5c4a76753 100644 --- a/src/fcopy/main.c +++ b/src/fcopy/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fgit/fgit-install.sh b/src/fgit/fgit-install.sh index 1f710c688..262b6f112 100755 --- a/src/fgit/fgit-install.sh +++ b/src/fgit/fgit-install.sh | |||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | # | ||
2 | # Purpose: Fetch, compile, and install firejail from GitHub source. Package-manager agnostic. | 6 | # Purpose: Fetch, compile, and install firejail from GitHub source. Package-manager agnostic. |
3 | # | 7 | # |
4 | 8 | ||
diff --git a/src/fgit/fgit-uninstall.sh b/src/fgit/fgit-uninstall.sh index bc7cc9563..d40f90320 100644 --- a/src/fgit/fgit-uninstall.sh +++ b/src/fgit/fgit-uninstall.sh | |||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | # | ||
2 | # Purpose: Fetch, compile, and install firejail from GitHub source. Package-manager agnostic. | 6 | # Purpose: Fetch, compile, and install firejail from GitHub source. Package-manager agnostic. |
3 | # | 7 | # |
4 | 8 | ||
diff --git a/src/firecfg/desktop_files.c b/src/firecfg/desktop_files.c index c8f684abc..16aa638b3 100644 --- a/src/firecfg/desktop_files.c +++ b/src/firecfg/desktop_files.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 011d6c7e1..040ad3827 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -122,6 +122,7 @@ clawsker | |||
122 | clementine | 122 | clementine |
123 | clion | 123 | clion |
124 | clipit | 124 | clipit |
125 | clipgrab | ||
125 | cliqz | 126 | cliqz |
126 | clocks | 127 | clocks |
127 | cmus | 128 | cmus |
@@ -179,6 +180,7 @@ eog | |||
179 | eom | 180 | eom |
180 | ephemeral | 181 | ephemeral |
181 | #epiphany | 182 | #epiphany |
183 | et | ||
182 | etr | 184 | etr |
183 | evince | 185 | evince |
184 | evince-previewer | 186 | evince-previewer |
@@ -202,6 +204,7 @@ firefox-developer-edition | |||
202 | firefox-esr | 204 | firefox-esr |
203 | firefox-nightly | 205 | firefox-nightly |
204 | firefox-wayland | 206 | firefox-wayland |
207 | firefox-x11 | ||
205 | flacsplt | 208 | flacsplt |
206 | flameshot | 209 | flameshot |
207 | flashpeak-slimjet | 210 | flashpeak-slimjet |
@@ -265,6 +268,7 @@ gnome-mplayer | |||
265 | gnome-mpv | 268 | gnome-mpv |
266 | gnome-music | 269 | gnome-music |
267 | gnome-nettool | 270 | gnome-nettool |
271 | gnome-passwordsafe | ||
268 | gnome-photos | 272 | gnome-photos |
269 | gnome-recipes | 273 | gnome-recipes |
270 | gnome-schedule | 274 | gnome-schedule |
@@ -288,6 +292,7 @@ gramps | |||
288 | gthumb | 292 | gthumb |
289 | guayadeque | 293 | guayadeque |
290 | gucharmap | 294 | gucharmap |
295 | gummi | ||
291 | gwenview | 296 | gwenview |
292 | handbrake | 297 | handbrake |
293 | handbrake-gtk | 298 | handbrake-gtk |
@@ -296,7 +301,6 @@ hedgewars | |||
296 | hexchat | 301 | hexchat |
297 | highlight | 302 | highlight |
298 | hugin | 303 | hugin |
299 | i2prouter | ||
300 | icecat | 304 | icecat |
301 | icedove | 305 | icedove |
302 | iceweasel | 306 | iceweasel |
@@ -427,6 +431,7 @@ ms-outlook | |||
427 | ms-powerpoint | 431 | ms-powerpoint |
428 | ms-skype | 432 | ms-skype |
429 | ms-word | 433 | ms-word |
434 | multimc | ||
430 | multimc5 | 435 | multimc5 |
431 | mumble | 436 | mumble |
432 | mupdf | 437 | mupdf |
@@ -642,6 +647,7 @@ tremulous | |||
642 | truecraft | 647 | truecraft |
643 | tshark | 648 | tshark |
644 | tuxguitar | 649 | tuxguitar |
650 | tvbrowser | ||
645 | udiskie | 651 | udiskie |
646 | uefitool | 652 | uefitool |
647 | uget-gtk | 653 | uget-gtk |
@@ -683,6 +689,9 @@ wire-desktop | |||
683 | wireshark | 689 | wireshark |
684 | wireshark-gtk | 690 | wireshark-gtk |
685 | wireshark-qt | 691 | wireshark-qt |
692 | wpp | ||
693 | wps | ||
694 | wpspdf | ||
686 | xcalc | 695 | xcalc |
687 | xchat | 696 | xchat |
688 | xed | 697 | xed |
diff --git a/src/firecfg/firecfg.h b/src/firecfg/firecfg.h index 71e5d625d..4dfc4194e 100644 --- a/src/firecfg/firecfg.h +++ b/src/firecfg/firecfg.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firecfg/main.c b/src/firecfg/main.c index 9a2efebd2..1e49a2fc7 100644 --- a/src/firecfg/main.c +++ b/src/firecfg/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firecfg/sound.c b/src/firecfg/sound.c index 2d38e4cfb..e7670c94c 100644 --- a/src/firecfg/sound.c +++ b/src/firecfg/sound.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firecfg/util.c b/src/firecfg/util.c index 23a66ba67..b46da0be3 100644 --- a/src/firecfg/util.c +++ b/src/firecfg/util.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c index 520960db2..6190b6f01 100644 --- a/src/firejail/appimage.c +++ b/src/firejail/appimage.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/appimage_size.c b/src/firejail/appimage_size.c index 2868a1f88..a58f9a8ca 100644 --- a/src/firejail/appimage_size.c +++ b/src/firejail/appimage_size.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/arp.c b/src/firejail/arp.c index 843d00ce0..3714af9a3 100644 --- a/src/firejail/arp.c +++ b/src/firejail/arp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/bandwidth.c b/src/firejail/bandwidth.c index 30f387765..edef823fd 100644 --- a/src/firejail/bandwidth.c +++ b/src/firejail/bandwidth.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/caps.c b/src/firejail/caps.c index 738675766..b89e3009a 100644 --- a/src/firejail/caps.c +++ b/src/firejail/caps.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/cgroup.c b/src/firejail/cgroup.c index 21eee6b45..30cd96c42 100644 --- a/src/firejail/cgroup.c +++ b/src/firejail/cgroup.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index d6b591133..fbe150b34 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/chroot.c b/src/firejail/chroot.c index ec5363ced..cae52e20b 100644 --- a/src/firejail/chroot.c +++ b/src/firejail/chroot.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/cmdline.c b/src/firejail/cmdline.c index 134000a3d..91279a977 100644 --- a/src/firejail/cmdline.c +++ b/src/firejail/cmdline.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/cpu.c b/src/firejail/cpu.c index 702186eaf..66fa9fadf 100644 --- a/src/firejail/cpu.c +++ b/src/firejail/cpu.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/dbus.c b/src/firejail/dbus.c index b856ff809..7acbd338c 100644 --- a/src/firejail/dbus.c +++ b/src/firejail/dbus.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/dhcp.c b/src/firejail/dhcp.c new file mode 100644 index 000000000..7593a47f2 --- /dev/null +++ b/src/firejail/dhcp.c | |||
@@ -0,0 +1,161 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2020 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include "firejail.h" | ||
21 | #include <sys/types.h> | ||
22 | #include <sys/wait.h> | ||
23 | #include <errno.h> | ||
24 | #include <stddef.h> | ||
25 | #include <stdio.h> | ||
26 | #include <string.h> | ||
27 | |||
28 | pid_t dhclient4_pid = 0; | ||
29 | pid_t dhclient6_pid = 0; | ||
30 | |||
31 | typedef struct { | ||
32 | char *version_arg; | ||
33 | char *pid_file; | ||
34 | char *leases_file; | ||
35 | uint8_t generate_duid; | ||
36 | char *duid_leases_file; | ||
37 | pid_t *pid; | ||
38 | ptrdiff_t arg_offset; | ||
39 | } Dhclient; | ||
40 | |||
41 | static const Dhclient dhclient4 = { | ||
42 | .version_arg = "-4", | ||
43 | .pid_file = RUN_DHCLIENT_4_PID_FILE, | ||
44 | .leases_file = RUN_DHCLIENT_4_LEASES_FILE, | ||
45 | .generate_duid = 1, | ||
46 | .pid = &dhclient4_pid, | ||
47 | .arg_offset = offsetof(Bridge, arg_ip_dhcp) | ||
48 | }; | ||
49 | |||
50 | static const Dhclient dhclient6 = { | ||
51 | .version_arg = "-6", | ||
52 | .pid_file = RUN_DHCLIENT_6_PID_FILE, | ||
53 | .leases_file = RUN_DHCLIENT_6_LEASES_FILE, | ||
54 | .duid_leases_file = RUN_DHCLIENT_4_LEASES_FILE, | ||
55 | .pid = &dhclient6_pid, | ||
56 | .arg_offset = offsetof(Bridge, arg_ip6_dhcp) | ||
57 | }; | ||
58 | |||
59 | static void dhcp_run_dhclient(const Dhclient *client) { | ||
60 | char *argv[256] = { | ||
61 | "dhclient", | ||
62 | client->version_arg, | ||
63 | "-pf", client->pid_file, | ||
64 | "-lf", client->leases_file, | ||
65 | }; | ||
66 | int i = 6; | ||
67 | if (client->generate_duid) | ||
68 | argv[i++] = "-i"; | ||
69 | if (client->duid_leases_file) { | ||
70 | argv[i++] = "-df"; | ||
71 | argv[i++] = client->duid_leases_file; | ||
72 | } | ||
73 | if (arg_debug) | ||
74 | argv[i++] = "-v"; | ||
75 | if (*(uint8_t *)((char *)&cfg.bridge0 + client->arg_offset)) | ||
76 | argv[i++] = cfg.bridge0.devsandbox; | ||
77 | if (*(uint8_t *)((char *)&cfg.bridge1 + client->arg_offset)) | ||
78 | argv[i++] = cfg.bridge1.devsandbox; | ||
79 | if (*(uint8_t *)((char *)&cfg.bridge2 + client->arg_offset)) | ||
80 | argv[i++] = cfg.bridge2.devsandbox; | ||
81 | if (*(uint8_t *)((char *)&cfg.bridge3 + client->arg_offset)) | ||
82 | argv[i++] = cfg.bridge3.devsandbox; | ||
83 | |||
84 | sbox_run_v(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_CAPS_NET_SERVICE | SBOX_SECCOMP, argv); | ||
85 | } | ||
86 | |||
87 | static pid_t dhcp_read_pidfile(const Dhclient *client) { | ||
88 | // We have to run dhclient as a forking daemon (not pass the -d option), | ||
89 | // because we want to be notified of a successful DHCP lease by the parent process exit. | ||
90 | // However, try to be extra paranoid with race conditions, | ||
91 | // because dhclient only writes the daemon pid into the pidfile | ||
92 | // after its parent process has exited. | ||
93 | int tries = 0; | ||
94 | pid_t found = 0; | ||
95 | while (found == 0 && tries < 10) { | ||
96 | if (tries >= 1) | ||
97 | usleep(100000); | ||
98 | FILE *pidfile = fopen(client->pid_file, "r"); | ||
99 | if (pidfile) { | ||
100 | long pid; | ||
101 | if (fscanf(pidfile, "%ld", &pid) == 1) { | ||
102 | char *pidname = pid_proc_comm((pid_t) pid); | ||
103 | if (pidname && strcmp(pidname, "dhclient") == 0) | ||
104 | found = (pid_t) pid; | ||
105 | } | ||
106 | fclose(pidfile); | ||
107 | } | ||
108 | ++tries; | ||
109 | } | ||
110 | if (found == 0) { | ||
111 | fprintf(stderr, "Error: Cannot get dhclient %s PID from %s\n", | ||
112 | client->version_arg, client->pid_file); | ||
113 | exit(1); | ||
114 | } | ||
115 | return found; | ||
116 | } | ||
117 | |||
118 | static void dhcp_start_dhclient(const Dhclient *client) { | ||
119 | dhcp_run_dhclient(client); | ||
120 | *(client->pid) = dhcp_read_pidfile(client); | ||
121 | } | ||
122 | |||
123 | static void dhcp_waitll(const char *ifname) { | ||
124 | sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 3, PATH_FNET, "waitll", ifname); | ||
125 | } | ||
126 | |||
127 | static void dhcp_waitll_all() { | ||
128 | if (cfg.bridge0.arg_ip6_dhcp) | ||
129 | dhcp_waitll(cfg.bridge0.devsandbox); | ||
130 | if (cfg.bridge1.arg_ip6_dhcp) | ||
131 | dhcp_waitll(cfg.bridge1.devsandbox); | ||
132 | if (cfg.bridge2.arg_ip6_dhcp) | ||
133 | dhcp_waitll(cfg.bridge2.devsandbox); | ||
134 | if (cfg.bridge3.arg_ip6_dhcp) | ||
135 | dhcp_waitll(cfg.bridge3.devsandbox); | ||
136 | } | ||
137 | |||
138 | void dhcp_start(void) { | ||
139 | if (!any_dhcp()) | ||
140 | return; | ||
141 | |||
142 | EUID_ROOT(); | ||
143 | if (mkdir(RUN_DHCLIENT_DIR, 0700)) | ||
144 | errExit("mkdir"); | ||
145 | |||
146 | if (any_ip_dhcp()) { | ||
147 | dhcp_start_dhclient(&dhclient4); | ||
148 | if (arg_debug) | ||
149 | printf("Running dhclient -4 in the background as pid %ld\n", (long) dhclient4_pid); | ||
150 | } | ||
151 | if (any_ip6_dhcp()) { | ||
152 | dhcp_waitll_all(); | ||
153 | dhcp_start_dhclient(&dhclient6); | ||
154 | if (arg_debug) | ||
155 | printf("Running dhclient -6 in the background as pid %ld\n", (long) dhclient6_pid); | ||
156 | if (dhclient4_pid == dhclient6_pid) { | ||
157 | fprintf(stderr, "Error: dhclient -4 and -6 have the same PID: %ld\n", (long) dhclient4_pid); | ||
158 | exit(1); | ||
159 | } | ||
160 | } | ||
161 | } | ||
diff --git a/src/firejail/env.c b/src/firejail/env.c index f15e1362f..a8b344544 100644 --- a/src/firejail/env.c +++ b/src/firejail/env.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 03bcbda46..4dc580a5e 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -103,6 +103,8 @@ typedef struct bridge_t { | |||
103 | 103 | ||
104 | // flags | 104 | // flags |
105 | uint8_t arg_ip_none; // --ip=none | 105 | uint8_t arg_ip_none; // --ip=none |
106 | uint8_t arg_ip_dhcp; | ||
107 | uint8_t arg_ip6_dhcp; | ||
106 | uint8_t macvlan; // set by --net=eth0 (or eth1, ...); reset by --net=br0 (or br1, ...) | 108 | uint8_t macvlan; // set by --net=eth0 (or eth1, ...); reset by --net=br0 (or br1, ...) |
107 | uint8_t configured; | 109 | uint8_t configured; |
108 | uint8_t scan; // set by --scan | 110 | uint8_t scan; // set by --scan |
@@ -237,6 +239,24 @@ static inline int any_interface_configured(void) { | |||
237 | return 0; | 239 | return 0; |
238 | } | 240 | } |
239 | 241 | ||
242 | static inline int any_ip_dhcp(void) { | ||
243 | if (cfg.bridge0.arg_ip_dhcp || cfg.bridge1.arg_ip_dhcp || cfg.bridge2.arg_ip_dhcp || cfg.bridge3.arg_ip_dhcp) | ||
244 | return 1; | ||
245 | else | ||
246 | return 0; | ||
247 | } | ||
248 | |||
249 | static inline int any_ip6_dhcp(void) { | ||
250 | if (cfg.bridge0.arg_ip6_dhcp || cfg.bridge1.arg_ip6_dhcp || cfg.bridge2.arg_ip6_dhcp || cfg.bridge3.arg_ip6_dhcp) | ||
251 | return 1; | ||
252 | else | ||
253 | return 0; | ||
254 | } | ||
255 | |||
256 | static inline int any_dhcp(void) { | ||
257 | return any_ip_dhcp() || any_ip6_dhcp(); | ||
258 | } | ||
259 | |||
240 | extern int arg_private; // mount private /home | 260 | extern int arg_private; // mount private /home |
241 | extern int arg_private_cache; // private home/.cache | 261 | extern int arg_private_cache; // private home/.cache |
242 | extern int arg_debug; // print debug messages | 262 | extern int arg_debug; // print debug messages |
@@ -792,9 +812,11 @@ void build_appimage_cmdline(char **command_line, char **window_title, int argc, | |||
792 | #define SBOX_ALLOW_STDIN (1 << 5) // don't close stdin | 812 | #define SBOX_ALLOW_STDIN (1 << 5) // don't close stdin |
793 | #define SBOX_STDIN_FROM_FILE (1 << 6) // open file and redirect it to stdin | 813 | #define SBOX_STDIN_FROM_FILE (1 << 6) // open file and redirect it to stdin |
794 | #define SBOX_CAPS_HIDEPID (1 << 7) // hidepid caps filter for running firemon | 814 | #define SBOX_CAPS_HIDEPID (1 << 7) // hidepid caps filter for running firemon |
815 | #define SBOX_CAPS_NET_SERVICE (1 << 8) // caps filter for programs running network services | ||
795 | 816 | ||
796 | // run sbox | 817 | // run sbox |
797 | int sbox_run(unsigned filter, int num, ...); | 818 | int sbox_run(unsigned filter, int num, ...); |
819 | int sbox_run_v(unsigned filter, char * const arg[]); | ||
798 | 820 | ||
799 | // run_files.c | 821 | // run_files.c |
800 | void delete_run_files(pid_t pid); | 822 | void delete_run_files(pid_t pid); |
@@ -806,4 +828,9 @@ void set_profile_run_file(pid_t pid, const char *fname); | |||
806 | // dbus.c | 828 | // dbus.c |
807 | void dbus_disable(void); | 829 | void dbus_disable(void); |
808 | 830 | ||
831 | // dhcp.c | ||
832 | extern pid_t dhclient4_pid; | ||
833 | extern pid_t dhclient6_pid; | ||
834 | void dhcp_start(void); | ||
835 | |||
809 | #endif | 836 | #endif |
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 316057ec5..c7dd91b06 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -521,12 +521,16 @@ void fs_remount(const char *dir, OPERATION op, unsigned check_mnt) { | |||
521 | if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0 || | 521 | if (mount(dir, dir, NULL, MS_BIND|MS_REC, NULL) < 0 || |
522 | mount(NULL, dir, NULL, flags|MS_BIND|MS_REMOUNT, NULL) < 0) | 522 | mount(NULL, dir, NULL, flags|MS_BIND|MS_REMOUNT, NULL) < 0) |
523 | errExit("remounting"); | 523 | errExit("remounting"); |
524 | // run a sanity check on /proc/self/mountinfo | ||
524 | if (check_mnt) { | 525 | if (check_mnt) { |
525 | // run a sanity check on /proc/self/mountinfo | 526 | // confirm target of the last mount operation was dir; if there are other |
527 | // mount points contained inside dir, one of those will show up as target | ||
528 | // of the last mount operation instead | ||
526 | MountData *mptr = get_last_mount(); | 529 | MountData *mptr = get_last_mount(); |
527 | size_t len = strlen(dir); | 530 | size_t len = strlen(dir); |
528 | if (strncmp(mptr->dir, dir, len) != 0 || | 531 | if ((strncmp(mptr->dir, dir, len) != 0 || |
529 | (*(mptr->dir + len) != '\0' && *(mptr->dir + len) != '/')) | 532 | (*(mptr->dir + len) != '\0' && *(mptr->dir + len) != '/')) |
533 | && strcmp(dir, "/") != 0) // support read-only=/ | ||
530 | errLogExit("invalid %s mount", opstr[op]); | 534 | errLogExit("invalid %s mount", opstr[op]); |
531 | } | 535 | } |
532 | fs_logger2(opstr[op], dir); | 536 | fs_logger2(opstr[op], dir); |
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c index 17db45bf1..7150fd3eb 100644 --- a/src/firejail/fs_bin.c +++ b/src/firejail/fs_bin.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -185,12 +185,12 @@ static void duplicate(char *fname) { | |||
185 | // add to private-lib list | 185 | // add to private-lib list |
186 | if (cfg.bin_private_lib == NULL) { | 186 | if (cfg.bin_private_lib == NULL) { |
187 | if (asprintf(&cfg.bin_private_lib, "%s,%s",fname, full_path) == -1) | 187 | if (asprintf(&cfg.bin_private_lib, "%s,%s",fname, full_path) == -1) |
188 | errExit("asprinf"); | 188 | errExit("asprintf"); |
189 | } | 189 | } |
190 | else { | 190 | else { |
191 | char *tmp; | 191 | char *tmp; |
192 | if (asprintf(&tmp, "%s,%s,%s", cfg.bin_private_lib, fname, full_path) == -1) | 192 | if (asprintf(&tmp, "%s,%s,%s", cfg.bin_private_lib, fname, full_path) == -1) |
193 | errExit("asprinf"); | 193 | errExit("asprintf"); |
194 | free(cfg.bin_private_lib); | 194 | free(cfg.bin_private_lib); |
195 | cfg.bin_private_lib = tmp; | 195 | cfg.bin_private_lib = tmp; |
196 | } | 196 | } |
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index d807f527d..63911ab9e 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 082f8b4a0..26e010d0d 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index cfa0af078..bdfaba480 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c index 9da01b24c..fd5e1bbd3 100644 --- a/src/firejail/fs_hostname.c +++ b/src/firejail/fs_hostname.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -89,7 +89,7 @@ errexit: | |||
89 | } | 89 | } |
90 | 90 | ||
91 | void fs_resolvconf(void) { | 91 | void fs_resolvconf(void) { |
92 | if (cfg.dns1 == NULL) | 92 | if (cfg.dns1 == NULL && !any_dhcp()) |
93 | return; | 93 | return; |
94 | 94 | ||
95 | if (arg_debug) | 95 | if (arg_debug) |
@@ -108,7 +108,8 @@ void fs_resolvconf(void) { | |||
108 | if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) | 108 | if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) |
109 | continue; | 109 | continue; |
110 | // for resolv.conf we create a brand new file | 110 | // for resolv.conf we create a brand new file |
111 | if (strcmp(entry->d_name, "resolv.conf") == 0) | 111 | if (strcmp(entry->d_name, "resolv.conf") == 0 || |
112 | strcmp(entry->d_name, "resolv.conf.dhclient-new") == 0) | ||
112 | continue; | 113 | continue; |
113 | // printf("linking %s\n", entry->d_name); | 114 | // printf("linking %s\n", entry->d_name); |
114 | 115 | ||
@@ -169,8 +170,11 @@ void fs_resolvconf(void) { | |||
169 | exit(1); | 170 | exit(1); |
170 | } | 171 | } |
171 | 172 | ||
172 | if (cfg.dns1) | 173 | if (cfg.dns1) { |
174 | if (any_dhcp()) | ||
175 | fwarning("network setup uses DHCP, nameservers will likely be overwritten\n"); | ||
173 | fprintf(fp, "nameserver %s\n", cfg.dns1); | 176 | fprintf(fp, "nameserver %s\n", cfg.dns1); |
177 | } | ||
174 | if (cfg.dns2) | 178 | if (cfg.dns2) |
175 | fprintf(fp, "nameserver %s\n", cfg.dns2); | 179 | fprintf(fp, "nameserver %s\n", cfg.dns2); |
176 | if (cfg.dns3) | 180 | if (cfg.dns3) |
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 70c6ac88a..c539ce83c 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index 9923190b5..2982c4cbb 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_logger.c b/src/firejail/fs_logger.c index 31e0147ca..892c91e3f 100644 --- a/src/firejail/fs_logger.c +++ b/src/firejail/fs_logger.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_mkdir.c b/src/firejail/fs_mkdir.c index 09e5c3200..eb660df90 100644 --- a/src/firejail/fs_mkdir.c +++ b/src/firejail/fs_mkdir.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c index c1b821cce..1894784a8 100644 --- a/src/firejail/fs_trace.c +++ b/src/firejail/fs_trace.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index 75369b47c..303d6f9aa 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index d2ea495ed..be5bcc4c0 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/join.c b/src/firejail/join.c index 1494c782f..531f8c06a 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -322,8 +322,8 @@ bool is_ready_for_join(const pid_t pid) { | |||
322 | void check_join_permission(pid_t pid) { | 322 | void check_join_permission(pid_t pid) { |
323 | // check if pid belongs to a fully set up firejail sandbox | 323 | // check if pid belongs to a fully set up firejail sandbox |
324 | unsigned long i; | 324 | unsigned long i; |
325 | for (i = 0; is_ready_for_join(pid) == false; i += SNOOZE) { // give sandbox some time to start up | 325 | for (i = SNOOZE; is_ready_for_join(pid) == false; i += SNOOZE) { // give sandbox some time to start up |
326 | if (i >= join_timeout) { | 326 | if (i > join_timeout) { |
327 | fprintf(stderr, "Error: no valid sandbox\n"); | 327 | fprintf(stderr, "Error: no valid sandbox\n"); |
328 | exit(1); | 328 | exit(1); |
329 | } | 329 | } |
@@ -531,6 +531,7 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
531 | 531 | ||
532 | // it will never get here!!! | 532 | // it will never get here!!! |
533 | } | 533 | } |
534 | EUID_USER(); | ||
534 | 535 | ||
535 | int status = 0; | 536 | int status = 0; |
536 | //***************************** | 537 | //***************************** |
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index 75333fdc2..aa33d838b 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/macros.c b/src/firejail/macros.c index ef64178b5..6901b7d44 100644 --- a/src/firejail/macros.c +++ b/src/firejail/macros.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 179f8ddf9..78717ab41 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -2144,7 +2144,10 @@ int main(int argc, char **argv) { | |||
2144 | // configure this IP address for the last bridge defined | 2144 | // configure this IP address for the last bridge defined |
2145 | if (strcmp(argv[i] + 5, "none") == 0) | 2145 | if (strcmp(argv[i] + 5, "none") == 0) |
2146 | br->arg_ip_none = 1; | 2146 | br->arg_ip_none = 1; |
2147 | else { | 2147 | else if (strcmp(argv[i] + 5, "dhcp") == 0) { |
2148 | br->arg_ip_none = 1; | ||
2149 | br->arg_ip_dhcp = 1; | ||
2150 | } else { | ||
2148 | if (atoip(argv[i] + 5, &br->ipsandbox)) { | 2151 | if (atoip(argv[i] + 5, &br->ipsandbox)) { |
2149 | fprintf(stderr, "Error: invalid IP address\n"); | 2152 | fprintf(stderr, "Error: invalid IP address\n"); |
2150 | exit(1); | 2153 | exit(1); |
@@ -2184,20 +2187,24 @@ int main(int argc, char **argv) { | |||
2184 | fprintf(stderr, "Error: no network device configured\n"); | 2187 | fprintf(stderr, "Error: no network device configured\n"); |
2185 | exit(1); | 2188 | exit(1); |
2186 | } | 2189 | } |
2187 | if (br->ip6sandbox) { | 2190 | if (br->arg_ip6_dhcp || br->ip6sandbox) { |
2188 | fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n"); | 2191 | fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n"); |
2189 | exit(1); | 2192 | exit(1); |
2190 | } | 2193 | } |
2191 | 2194 | ||
2192 | // configure this IP address for the last bridge defined | 2195 | // configure this IP address for the last bridge defined |
2193 | if (check_ip46_address(argv[i] + 6) == 0) { | 2196 | if (strcmp(argv[i] + 6, "dhcp") == 0) |
2194 | fprintf(stderr, "Error: invalid IPv6 address\n"); | 2197 | br->arg_ip6_dhcp = 1; |
2195 | exit(1); | 2198 | else { |
2196 | } | 2199 | if (check_ip46_address(argv[i] + 6) == 0) { |
2200 | fprintf(stderr, "Error: invalid IPv6 address\n"); | ||
2201 | exit(1); | ||
2202 | } | ||
2197 | 2203 | ||
2198 | br->ip6sandbox = strdup(argv[i] + 6); | 2204 | br->ip6sandbox = strdup(argv[i] + 6); |
2199 | if (br->ip6sandbox == NULL) | 2205 | if (br->ip6sandbox == NULL) |
2200 | errExit("strdup"); | 2206 | errExit("strdup"); |
2207 | } | ||
2201 | } | 2208 | } |
2202 | else | 2209 | else |
2203 | exit_err_feature("networking"); | 2210 | exit_err_feature("networking"); |
diff --git a/src/firejail/mountinfo.c b/src/firejail/mountinfo.c index 162f5dbec..34d8d1700 100644 --- a/src/firejail/mountinfo.c +++ b/src/firejail/mountinfo.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c index bec32cfde..e0a2ce086 100644 --- a/src/firejail/netfilter.c +++ b/src/firejail/netfilter.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/netns.c b/src/firejail/netns.c index 3d8edf5ae..104453376 100644 --- a/src/firejail/netns.c +++ b/src/firejail/netns.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2018 Firejail Authors | 2 | * Copyright (C) 2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/network.c b/src/firejail/network.c index 93249a29b..aa05e3bd0 100644 --- a/src/firejail/network.c +++ b/src/firejail/network.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c index 6800bde8d..85896e528 100644 --- a/src/firejail/network_main.c +++ b/src/firejail/network_main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -246,6 +246,10 @@ void net_check_cfg(void) { | |||
246 | if (cfg.defaultgw) | 246 | if (cfg.defaultgw) |
247 | check_default_gw(cfg.defaultgw); | 247 | check_default_gw(cfg.defaultgw); |
248 | else { | 248 | else { |
249 | // if the first network has no assigned address, | ||
250 | // do not try to set up a gateway, because it will fail | ||
251 | if (cfg.bridge0.arg_ip_none) | ||
252 | return; | ||
249 | // first network is a regular bridge | 253 | // first network is a regular bridge |
250 | if (cfg.bridge0.macvlan == 0) | 254 | if (cfg.bridge0.macvlan == 0) |
251 | cfg.defaultgw = cfg.bridge0.ip; | 255 | cfg.defaultgw = cfg.bridge0.ip; |
diff --git a/src/firejail/no_sandbox.c b/src/firejail/no_sandbox.c index dca36a4d8..8bf8adecc 100644 --- a/src/firejail/no_sandbox.c +++ b/src/firejail/no_sandbox.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/output.c b/src/firejail/output.c index bd7e44788..d4a7f464a 100644 --- a/src/firejail/output.c +++ b/src/firejail/output.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/paths.c b/src/firejail/paths.c index 960412acf..f03d98e29 100644 --- a/src/firejail/paths.c +++ b/src/firejail/paths.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c index a2dea0339..278099e55 100644 --- a/src/firejail/preproc.c +++ b/src/firejail/preproc.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 9a724331b..969209869 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -672,7 +672,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
672 | // configure this IP address for the last bridge defined | 672 | // configure this IP address for the last bridge defined |
673 | if (strcmp(ptr + 3, "none") == 0) | 673 | if (strcmp(ptr + 3, "none") == 0) |
674 | br->arg_ip_none = 1; | 674 | br->arg_ip_none = 1; |
675 | else { | 675 | else if (strcmp(ptr + 3, "dhcp") == 0) { |
676 | br->arg_ip_none = 1; | ||
677 | br->arg_ip_dhcp = 1; | ||
678 | } else { | ||
676 | if (atoip(ptr + 3, &br->ipsandbox)) { | 679 | if (atoip(ptr + 3, &br->ipsandbox)) { |
677 | fprintf(stderr, "Error: invalid IP address\n"); | 680 | fprintf(stderr, "Error: invalid IP address\n"); |
678 | exit(1); | 681 | exit(1); |
@@ -693,21 +696,24 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
693 | fprintf(stderr, "Error: no network device configured\n"); | 696 | fprintf(stderr, "Error: no network device configured\n"); |
694 | exit(1); | 697 | exit(1); |
695 | } | 698 | } |
696 | if (br->ip6sandbox) { | 699 | if (br->arg_ip6_dhcp || br->ip6sandbox) { |
697 | fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n"); | 700 | fprintf(stderr, "Error: cannot configure the IP address twice for the same interface\n"); |
698 | exit(1); | 701 | exit(1); |
699 | } | 702 | } |
700 | 703 | ||
701 | // configure this IP address for the last bridge defined | 704 | // configure this IP address for the last bridge defined |
702 | if (check_ip46_address(ptr + 4) == 0) { | 705 | if (strcmp(ptr + 4, "dhcp") == 0) |
703 | fprintf(stderr, "Error: invalid IPv6 address\n"); | 706 | br->arg_ip6_dhcp = 1; |
704 | exit(1); | 707 | else { |
705 | } | 708 | if (check_ip46_address(ptr + 4) == 0) { |
706 | 709 | fprintf(stderr, "Error: invalid IPv6 address\n"); | |
707 | br->ip6sandbox = strdup(ptr + 4); | 710 | exit(1); |
708 | if (br->ip6sandbox == NULL) | 711 | } |
709 | errExit("strdup"); | ||
710 | 712 | ||
713 | br->ip6sandbox = strdup(ptr + 4); | ||
714 | if (br->ip6sandbox == NULL) | ||
715 | errExit("strdup"); | ||
716 | } | ||
711 | } | 717 | } |
712 | else | 718 | else |
713 | warning_feature_disabled("networking"); | 719 | warning_feature_disabled("networking"); |
diff --git a/src/firejail/protocol.c b/src/firejail/protocol.c index d3a9e0153..6402afbc6 100644 --- a/src/firejail/protocol.c +++ b/src/firejail/protocol.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index b82473476..57095a53c 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c index ee2e497cb..b51172219 100644 --- a/src/firejail/restrict_users.c +++ b/src/firejail/restrict_users.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/restricted_shell.c b/src/firejail/restricted_shell.c index ce809c697..b80d4ae55 100644 --- a/src/firejail/restricted_shell.c +++ b/src/firejail/restricted_shell.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/rlimit.c b/src/firejail/rlimit.c index ea9fb2d6b..0ca4a34df 100644 --- a/src/firejail/rlimit.c +++ b/src/firejail/rlimit.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/run_files.c b/src/firejail/run_files.c index 521a8aa02..b9c80c459 100644 --- a/src/firejail/run_files.c +++ b/src/firejail/run_files.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/run_symlink.c b/src/firejail/run_symlink.c index a63f29322..ea3889024 100644 --- a/src/firejail/run_symlink.c +++ b/src/firejail/run_symlink.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 995e98f9f..96ad30bed 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -337,6 +337,8 @@ static int monitor_application(pid_t app_pid) { | |||
337 | continue; | 337 | continue; |
338 | if (pid == 1) | 338 | if (pid == 1) |
339 | continue; | 339 | continue; |
340 | if ((pid_t) pid == dhclient4_pid || (pid_t) pid == dhclient6_pid) | ||
341 | continue; | ||
340 | 342 | ||
341 | // todo: make this generic | 343 | // todo: make this generic |
342 | // Dillo browser leaves a dpid process running, we need to shut it down | 344 | // Dillo browser leaves a dpid process running, we need to shut it down |
@@ -993,7 +995,7 @@ int sandbox(void* sandbox_arg) { | |||
993 | fs_dev_disable_dvd(); | 995 | fs_dev_disable_dvd(); |
994 | 996 | ||
995 | if (arg_nou2f) | 997 | if (arg_nou2f) |
996 | fs_dev_disable_u2f(); | 998 | fs_dev_disable_u2f(); |
997 | 999 | ||
998 | if (arg_novideo) | 1000 | if (arg_novideo) |
999 | fs_dev_disable_video(); | 1001 | fs_dev_disable_video(); |
@@ -1016,6 +1018,11 @@ int sandbox(void* sandbox_arg) { | |||
1016 | fs_logger_change_owner(); | 1018 | fs_logger_change_owner(); |
1017 | 1019 | ||
1018 | //**************************** | 1020 | //**************************** |
1021 | // start dhcp client | ||
1022 | //**************************** | ||
1023 | dhcp_start(); | ||
1024 | |||
1025 | //**************************** | ||
1019 | // set application environment | 1026 | // set application environment |
1020 | //**************************** | 1027 | //**************************** |
1021 | EUID_USER(); | 1028 | EUID_USER(); |
diff --git a/src/firejail/sbox.c b/src/firejail/sbox.c index e5739ecb5..203c0fc03 100644 --- a/src/firejail/sbox.c +++ b/src/firejail/sbox.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -105,23 +105,34 @@ static struct sock_fprog prog = { | |||
105 | }; | 105 | }; |
106 | 106 | ||
107 | int sbox_run(unsigned filtermask, int num, ...) { | 107 | int sbox_run(unsigned filtermask, int num, ...) { |
108 | EUID_ROOT(); | ||
109 | |||
110 | int i; | ||
111 | va_list valist; | 108 | va_list valist; |
112 | va_start(valist, num); | 109 | va_start(valist, num); |
113 | 110 | ||
114 | // build argument list | 111 | // build argument list |
115 | char *arg[num + 1]; | 112 | char **arg = malloc((num + 1) * sizeof(char *)); |
113 | int i; | ||
116 | for (i = 0; i < num; i++) | 114 | for (i = 0; i < num; i++) |
117 | arg[i] = va_arg(valist, char*); | 115 | arg[i] = va_arg(valist, char*); |
118 | arg[i] = NULL; | 116 | arg[i] = NULL; |
119 | va_end(valist); | 117 | va_end(valist); |
120 | 118 | ||
119 | int status = sbox_run_v(filtermask, arg); | ||
120 | |||
121 | free(arg); | ||
122 | |||
123 | return status; | ||
124 | } | ||
125 | |||
126 | int sbox_run_v(unsigned filtermask, char * const arg[]) { | ||
127 | EUID_ROOT(); | ||
128 | |||
121 | if (arg_debug) { | 129 | if (arg_debug) { |
122 | printf("sbox run: "); | 130 | printf("sbox run: "); |
123 | for (i = 0; i <= num; i++) | 131 | int i = 0; |
132 | while (arg[i]) { | ||
124 | printf("%s ", arg[i]); | 133 | printf("%s ", arg[i]); |
134 | i++; | ||
135 | } | ||
125 | printf("\n"); | 136 | printf("\n"); |
126 | } | 137 | } |
127 | 138 | ||
@@ -171,6 +182,7 @@ int sbox_run(unsigned filtermask, int num, ...) { | |||
171 | 182 | ||
172 | // close all other file descriptors | 183 | // close all other file descriptors |
173 | int max = 20; // getdtablesize() is overkill for a firejail process | 184 | int max = 20; // getdtablesize() is overkill for a firejail process |
185 | int i = 3; | ||
174 | for (i = 3; i < max; i++) | 186 | for (i = 3; i < max; i++) |
175 | close(i); // close open files | 187 | close(i); // close open files |
176 | 188 | ||
@@ -179,20 +191,31 @@ int sbox_run(unsigned filtermask, int num, ...) { | |||
179 | // apply filters | 191 | // apply filters |
180 | if (filtermask & SBOX_CAPS_NONE) { | 192 | if (filtermask & SBOX_CAPS_NONE) { |
181 | caps_drop_all(); | 193 | caps_drop_all(); |
182 | } | 194 | } else { |
183 | else if (filtermask & SBOX_CAPS_NETWORK) { | 195 | uint64_t set = 0; |
196 | if (filtermask & SBOX_CAPS_NETWORK) { | ||
184 | #ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files | 197 | #ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files |
185 | uint64_t set = ((uint64_t) 1) << CAP_NET_ADMIN; | 198 | set |= ((uint64_t) 1) << CAP_NET_ADMIN; |
186 | set |= ((uint64_t) 1) << CAP_NET_RAW; | 199 | set |= ((uint64_t) 1) << CAP_NET_RAW; |
187 | caps_set(set); | ||
188 | #endif | 200 | #endif |
189 | } | 201 | } |
190 | else if (filtermask & SBOX_CAPS_HIDEPID) { | 202 | if (filtermask & SBOX_CAPS_HIDEPID) { |
203 | #ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files | ||
204 | set |= ((uint64_t) 1) << CAP_SYS_PTRACE; | ||
205 | set |= ((uint64_t) 1) << CAP_SYS_PACCT; | ||
206 | #endif | ||
207 | } | ||
208 | if (filtermask & SBOX_CAPS_NET_SERVICE) { | ||
191 | #ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files | 209 | #ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files |
192 | uint64_t set = ((uint64_t) 1) << CAP_SYS_PTRACE; | 210 | set |= ((uint64_t) 1) << CAP_NET_BIND_SERVICE; |
193 | set |= ((uint64_t) 1) << CAP_SYS_PACCT; | 211 | set |= ((uint64_t) 1) << CAP_NET_BROADCAST; |
194 | caps_set(set); | ||
195 | #endif | 212 | #endif |
213 | } | ||
214 | if (set != 0) { // some SBOX_CAPS_ flag was specified, drop all other capabilities | ||
215 | #ifndef HAVE_GCOV // the following filter will prevent GCOV from saving info in .gcda files | ||
216 | caps_set(set); | ||
217 | #endif | ||
218 | } | ||
196 | } | 219 | } |
197 | 220 | ||
198 | if (filtermask & SBOX_SECCOMP) { | 221 | if (filtermask & SBOX_SECCOMP) { |
diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c index 648ce1612..10a2a5665 100644 --- a/src/firejail/seccomp.c +++ b/src/firejail/seccomp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/shutdown.c b/src/firejail/shutdown.c index 24b3665fc..a7d0b2fbe 100644 --- a/src/firejail/shutdown.c +++ b/src/firejail/shutdown.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index fbace7374..52d4f7c03 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -82,7 +82,9 @@ static char *usage_str = | |||
82 | " --interface=name - move interface in sandbox.\n" | 82 | " --interface=name - move interface in sandbox.\n" |
83 | " --ip=address - set interface IP address.\n" | 83 | " --ip=address - set interface IP address.\n" |
84 | " --ip=none - no IP address and no default gateway are configured.\n" | 84 | " --ip=none - no IP address and no default gateway are configured.\n" |
85 | " --ip=dhcp - acquire IP address by running dhclient.\n" | ||
85 | " --ip6=address - set interface IPv6 address.\n" | 86 | " --ip6=address - set interface IPv6 address.\n" |
87 | " --ip6=dhcp - acquire IPv6 address by running dhclient.\n" | ||
86 | " --iprange=address,address - configure an IP address in this range.\n" | 88 | " --iprange=address,address - configure an IP address in this range.\n" |
87 | #endif | 89 | #endif |
88 | " --ipc-namespace - enable a new IPC namespace.\n" | 90 | " --ipc-namespace - enable a new IPC namespace.\n" |
diff --git a/src/firejail/util.c b/src/firejail/util.c index 18d121ca9..6bfc80903 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index b390ad38e..9a50532c2 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/apparmor.c b/src/firemon/apparmor.c index cf5808b00..028dbc212 100644 --- a/src/firemon/apparmor.c +++ b/src/firemon/apparmor.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/arp.c b/src/firemon/arp.c index 9c8cb9f52..a43593ced 100644 --- a/src/firemon/arp.c +++ b/src/firemon/arp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/caps.c b/src/firemon/caps.c index c3e1aa5f1..951bd21a5 100644 --- a/src/firemon/caps.c +++ b/src/firemon/caps.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/cgroup.c b/src/firemon/cgroup.c index f2020eafb..251db0077 100644 --- a/src/firemon/cgroup.c +++ b/src/firemon/cgroup.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/cpu.c b/src/firemon/cpu.c index 6186ff3f0..6170ef8c1 100644 --- a/src/firemon/cpu.c +++ b/src/firemon/cpu.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index dad3b0afb..39c05d63e 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/firemon.h b/src/firemon/firemon.h index 7f8bc698c..7a55a64fb 100644 --- a/src/firemon/firemon.h +++ b/src/firemon/firemon.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/interface.c b/src/firemon/interface.c index 0a0801fee..325ffd80e 100644 --- a/src/firemon/interface.c +++ b/src/firemon/interface.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/list.c b/src/firemon/list.c index 68a066604..8a07f9eb2 100644 --- a/src/firemon/list.c +++ b/src/firemon/list.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/netstats.c b/src/firemon/netstats.c index e7a4354d1..c746cc127 100644 --- a/src/firemon/netstats.c +++ b/src/firemon/netstats.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c index 762d22514..c823943c0 100644 --- a/src/firemon/procevent.c +++ b/src/firemon/procevent.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/route.c b/src/firemon/route.c index 105814434..9fd46505f 100644 --- a/src/firemon/route.c +++ b/src/firemon/route.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/seccomp.c b/src/firemon/seccomp.c index 099ac8819..7bc700ee6 100644 --- a/src/firemon/seccomp.c +++ b/src/firemon/seccomp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/top.c b/src/firemon/top.c index 514b9710e..ba707ef19 100644 --- a/src/firemon/top.c +++ b/src/firemon/top.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/tree.c b/src/firemon/tree.c index 9e9900c53..f3610eaec 100644 --- a/src/firemon/tree.c +++ b/src/firemon/tree.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/usage.c b/src/firemon/usage.c index 196fc32c3..0c3da00f8 100644 --- a/src/firemon/usage.c +++ b/src/firemon/usage.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/firemon/x11.c b/src/firemon/x11.c index 3eb06390a..a41f4825f 100644 --- a/src/firemon/x11.c +++ b/src/firemon/x11.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fldd/main.c b/src/fldd/main.c index d085ea59b..dd22e601e 100644 --- a/src/fldd/main.c +++ b/src/fldd/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fnet/arp.c b/src/fnet/arp.c index a4fe02987..122d0007c 100644 --- a/src/fnet/arp.c +++ b/src/fnet/arp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fnet/fnet.h b/src/fnet/fnet.h index 4900967f7..b9cf96c64 100644 --- a/src/fnet/fnet.h +++ b/src/fnet/fnet.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -47,6 +47,7 @@ int net_get_mac(const char *ifname, unsigned char mac[6]); | |||
47 | void net_if_ip(const char *ifname, uint32_t ip, uint32_t mask, int mtu); | 47 | void net_if_ip(const char *ifname, uint32_t ip, uint32_t mask, int mtu); |
48 | int net_if_mac(const char *ifname, const unsigned char mac[6]); | 48 | int net_if_mac(const char *ifname, const unsigned char mac[6]); |
49 | void net_if_ip6(const char *ifname, const char *addr6); | 49 | void net_if_ip6(const char *ifname, const char *addr6); |
50 | void net_if_waitll(const char *ifname); | ||
50 | 51 | ||
51 | 52 | ||
52 | // arp.c | 53 | // arp.c |
diff --git a/src/fnet/interface.c b/src/fnet/interface.c index 7e7cceeed..62df0930e 100644 --- a/src/fnet/interface.c +++ b/src/fnet/interface.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -28,6 +28,8 @@ | |||
28 | #include <net/if_arp.h> | 28 | #include <net/if_arp.h> |
29 | #include <net/route.h> | 29 | #include <net/route.h> |
30 | #include <linux/if_bridge.h> | 30 | #include <linux/if_bridge.h> |
31 | #include <linux/netlink.h> | ||
32 | #include <linux/rtnetlink.h> | ||
31 | 33 | ||
32 | static void check_if_name(const char *ifname) { | 34 | static void check_if_name(const char *ifname) { |
33 | if (strlen(ifname) > IFNAMSIZ) { | 35 | if (strlen(ifname) > IFNAMSIZ) { |
@@ -370,3 +372,129 @@ void net_if_ip6(const char *ifname, const char *addr6) { | |||
370 | 372 | ||
371 | close(sock); | 373 | close(sock); |
372 | } | 374 | } |
375 | |||
376 | static int net_netlink_address_tentative(struct nlmsghdr *current_header) { | ||
377 | struct ifaddrmsg *msg = NLMSG_DATA(current_header); | ||
378 | int has_flags = 0; | ||
379 | #ifdef IFA_FLAGS | ||
380 | struct rtattr *rta = IFA_RTA(msg); | ||
381 | size_t msg_len = IFA_PAYLOAD(current_header); | ||
382 | while (RTA_OK(rta, msg_len)) { | ||
383 | if (rta->rta_type == IFA_FLAGS) { | ||
384 | has_flags = 1; | ||
385 | uint32_t *flags = RTA_DATA(rta); | ||
386 | if (*flags & IFA_F_TENTATIVE) | ||
387 | return 1; | ||
388 | } | ||
389 | rta = RTA_NEXT(rta, msg_len); | ||
390 | } | ||
391 | #endif | ||
392 | // According to <linux/if_addr.h>, if an IFA_FLAGS attribute is present, | ||
393 | // the field ifa_flags should be ignored. | ||
394 | return !has_flags && (msg->ifa_flags & IFA_F_TENTATIVE); | ||
395 | } | ||
396 | |||
397 | static int net_netlink_if_has_ll(int sock, uint32_t index) { | ||
398 | struct { | ||
399 | struct nlmsghdr header; | ||
400 | struct ifaddrmsg message; | ||
401 | } req; | ||
402 | memset(&req, 0, sizeof(req)); | ||
403 | req.header.nlmsg_len = NLMSG_LENGTH(sizeof(req.message)); | ||
404 | req.header.nlmsg_flags = NLM_F_REQUEST | NLM_F_DUMP; | ||
405 | req.header.nlmsg_type = RTM_GETADDR; | ||
406 | req.message.ifa_family = AF_INET6; | ||
407 | if (send(sock, &req, req.header.nlmsg_len, 0) != req.header.nlmsg_len) | ||
408 | errExit("send"); | ||
409 | |||
410 | int found = 0; | ||
411 | int all_parts_processed = 0; | ||
412 | while (!all_parts_processed) { | ||
413 | char buf[16384]; | ||
414 | ssize_t len = recv(sock, buf, sizeof(buf), 0); | ||
415 | if (len < 0) | ||
416 | errExit("recv"); | ||
417 | if (len < (ssize_t) sizeof(struct nlmsghdr)) { | ||
418 | fprintf(stderr, "Received incomplete netlink message\n"); | ||
419 | exit(1); | ||
420 | } | ||
421 | |||
422 | struct nlmsghdr *current_header = (struct nlmsghdr *) buf; | ||
423 | while (NLMSG_OK(current_header, len)) { | ||
424 | switch (current_header->nlmsg_type) { | ||
425 | case RTM_NEWADDR: { | ||
426 | struct ifaddrmsg *msg = NLMSG_DATA(current_header); | ||
427 | if (!found && msg->ifa_index == index && msg->ifa_scope == RT_SCOPE_LINK && | ||
428 | !net_netlink_address_tentative(current_header)) | ||
429 | found = 1; | ||
430 | } | ||
431 | break; | ||
432 | case NLMSG_NOOP: | ||
433 | break; | ||
434 | case NLMSG_DONE: | ||
435 | all_parts_processed = 1; | ||
436 | break; | ||
437 | case NLMSG_ERROR: { | ||
438 | struct nlmsgerr *err = NLMSG_DATA(current_header); | ||
439 | fprintf(stderr, "Netlink error: %d\n", err->error); | ||
440 | exit(1); | ||
441 | } | ||
442 | break; | ||
443 | default: | ||
444 | fprintf(stderr, "Unknown netlink message type: %u\n", current_header->nlmsg_type); | ||
445 | exit(1); | ||
446 | break; | ||
447 | } | ||
448 | |||
449 | current_header = NLMSG_NEXT(current_header, len); | ||
450 | } | ||
451 | } | ||
452 | |||
453 | return found; | ||
454 | } | ||
455 | |||
456 | // wait for a link-local IPv6 address for DHCPv6 | ||
457 | // ex: firejail --net=br0 --ip6=dhcp | ||
458 | void net_if_waitll(const char *ifname) { | ||
459 | // find interface index | ||
460 | int inet6_sock = socket(PF_INET6, SOCK_DGRAM, IPPROTO_IP); | ||
461 | if (inet6_sock < 0) { | ||
462 | fprintf(stderr, "Error fnet: IPv6 is not supported on this system\n"); | ||
463 | exit(1); | ||
464 | } | ||
465 | struct ifreq ifr; | ||
466 | memset(&ifr, 0, sizeof(ifr)); | ||
467 | strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1); | ||
468 | ifr.ifr_addr.sa_family = AF_INET; | ||
469 | if (ioctl(inet6_sock, SIOGIFINDEX, &ifr) < 0) { | ||
470 | perror("ioctl SIOGIFINDEX"); | ||
471 | exit(1); | ||
472 | } | ||
473 | close(inet6_sock); | ||
474 | if (ifr.ifr_ifindex < 0) { | ||
475 | fprintf(stderr, "Error fnet: interface index is negative\n"); | ||
476 | exit(1); | ||
477 | } | ||
478 | uint32_t index = (uint32_t) ifr.ifr_ifindex; | ||
479 | |||
480 | // poll for link-local address | ||
481 | int netlink_sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); | ||
482 | if (netlink_sock < 0) | ||
483 | errExit("socket"); | ||
484 | int tries = 0; | ||
485 | int found = 0; | ||
486 | while (tries < 60 && !found) { | ||
487 | if (tries >= 1) | ||
488 | usleep(500000); | ||
489 | |||
490 | found = net_netlink_if_has_ll(netlink_sock, index); | ||
491 | |||
492 | tries++; | ||
493 | } | ||
494 | close(netlink_sock); | ||
495 | |||
496 | if (!found) { | ||
497 | fprintf(stderr, "Waiting for link-local IPv6 address of %s timed out\n", ifname); | ||
498 | exit(1); | ||
499 | } | ||
500 | } | ||
diff --git a/src/fnet/main.c b/src/fnet/main.c index 890f842f6..95e12164e 100644 --- a/src/fnet/main.c +++ b/src/fnet/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -47,6 +47,7 @@ static void usage(void) { | |||
47 | printf("\tfnet config mac addr\n"); | 47 | printf("\tfnet config mac addr\n"); |
48 | printf("\tfnet config ipv6 dev ip\n"); | 48 | printf("\tfnet config ipv6 dev ip\n"); |
49 | printf("\tfnet ifup dev\n"); | 49 | printf("\tfnet ifup dev\n"); |
50 | printf("\tfnet waitll dev\n"); | ||
50 | } | 51 | } |
51 | 52 | ||
52 | int main(int argc, char **argv) { | 53 | int main(int argc, char **argv) { |
@@ -141,6 +142,9 @@ printf("\n"); | |||
141 | else if (argc == 5 && strcmp(argv[1], "config") == 0 && strcmp(argv[2], "ipv6") == 0) { | 142 | else if (argc == 5 && strcmp(argv[1], "config") == 0 && strcmp(argv[2], "ipv6") == 0) { |
142 | net_if_ip6(argv[3], argv[4]); | 143 | net_if_ip6(argv[3], argv[4]); |
143 | } | 144 | } |
145 | else if (argc == 3 && strcmp(argv[1], "waitll") == 0) { | ||
146 | net_if_waitll(argv[2]); | ||
147 | } | ||
144 | else { | 148 | else { |
145 | fprintf(stderr, "Error fnet: invalid arguments\n"); | 149 | fprintf(stderr, "Error fnet: invalid arguments\n"); |
146 | return 1; | 150 | return 1; |
diff --git a/src/fnet/veth.c b/src/fnet/veth.c index 7a32da2d1..777e4e07e 100644 --- a/src/fnet/veth.c +++ b/src/fnet/veth.c | |||
@@ -26,7 +26,7 @@ | |||
26 | * | 26 | * |
27 | */ | 27 | */ |
28 | /* | 28 | /* |
29 | * Copyright (C) 2014-2019 Firejail Authors | 29 | * Copyright (C) 2014-2020 Firejail Authors |
30 | * | 30 | * |
31 | * This file is part of firejail project | 31 | * This file is part of firejail project |
32 | * | 32 | * |
diff --git a/src/fnetfilter/main.c b/src/fnetfilter/main.c index 7be6390e5..8124beb1a 100644 --- a/src/fnetfilter/main.c +++ b/src/fnetfilter/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-optimize/fsec_optimize.h b/src/fsec-optimize/fsec_optimize.h index 279118bee..211111641 100644 --- a/src/fsec-optimize/fsec_optimize.h +++ b/src/fsec-optimize/fsec_optimize.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-optimize/main.c b/src/fsec-optimize/main.c index b968bd5f3..416d85b88 100644 --- a/src/fsec-optimize/main.c +++ b/src/fsec-optimize/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-optimize/optimizer.c b/src/fsec-optimize/optimizer.c index 69b99f595..776beaa75 100644 --- a/src/fsec-optimize/optimizer.c +++ b/src/fsec-optimize/optimizer.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-print/fsec_print.h b/src/fsec-print/fsec_print.h index 777bc609a..0237fd020 100644 --- a/src/fsec-print/fsec_print.h +++ b/src/fsec-print/fsec_print.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-print/main.c b/src/fsec-print/main.c index ed942c806..728308dac 100644 --- a/src/fsec-print/main.c +++ b/src/fsec-print/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-print/print.c b/src/fsec-print/print.c index 8a5d69120..5c244b000 100644 --- a/src/fsec-print/print.c +++ b/src/fsec-print/print.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fsec-print/syscall_list.c b/src/fsec-print/syscall_list.c index db443f5e2..274908cef 100644 --- a/src/fsec-print/syscall_list.c +++ b/src/fsec-print/syscall_list.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/errno.c b/src/fseccomp/errno.c index d4c2b9249..9c5aa770c 100644 --- a/src/fseccomp/errno.c +++ b/src/fseccomp/errno.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/fseccomp.h b/src/fseccomp/fseccomp.h index e1579d098..bf55870f2 100644 --- a/src/fseccomp/fseccomp.h +++ b/src/fseccomp/fseccomp.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/main.c b/src/fseccomp/main.c index faf38ade1..82b96f476 100644 --- a/src/fseccomp/main.c +++ b/src/fseccomp/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/protocol.c b/src/fseccomp/protocol.c index cdd9f3a40..7a21eb2c2 100644 --- a/src/fseccomp/protocol.c +++ b/src/fseccomp/protocol.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/seccomp.c b/src/fseccomp/seccomp.c index 95c20d388..29aa2f2f5 100644 --- a/src/fseccomp/seccomp.c +++ b/src/fseccomp/seccomp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/seccomp_file.c b/src/fseccomp/seccomp_file.c index 266ef0c55..e47e8db25 100644 --- a/src/fseccomp/seccomp_file.c +++ b/src/fseccomp/seccomp_file.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/seccomp_secondary.c b/src/fseccomp/seccomp_secondary.c index fd0bc5a50..9a00d1884 100644 --- a/src/fseccomp/seccomp_secondary.c +++ b/src/fseccomp/seccomp_secondary.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fseccomp/syscall.c b/src/fseccomp/syscall.c index 1683d3140..2b112245c 100644 --- a/src/fseccomp/syscall.c +++ b/src/fseccomp/syscall.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/fshaper/fshaper.sh b/src/fshaper/fshaper.sh index 30a07fb86..936a23512 100755 --- a/src/fshaper/fshaper.sh +++ b/src/fshaper/fshaper.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | usage() { | 6 | usage() { |
4 | echo "Usage:" | 7 | echo "Usage:" |
diff --git a/src/ftee/ftee.h b/src/ftee/ftee.h index 0b026aa7f..aec64595d 100644 --- a/src/ftee/ftee.h +++ b/src/ftee/ftee.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/ftee/main.c b/src/ftee/main.c index f488c10a2..a1e42ed32 100644 --- a/src/ftee/main.c +++ b/src/ftee/main.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/common.h b/src/include/common.h index 699ed765d..c65ba0d55 100644 --- a/src/include/common.h +++ b/src/include/common.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/euid_common.h b/src/include/euid_common.h index 9975c72bf..d8277ade7 100644 --- a/src/include/euid_common.h +++ b/src/include/euid_common.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/firejail_user.h b/src/include/firejail_user.h index 21311bc5d..a8d269daa 100644 --- a/src/include/firejail_user.h +++ b/src/include/firejail_user.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/ldd_utils.h b/src/include/ldd_utils.h index c9e8b4098..29dd8926e 100644 --- a/src/include/ldd_utils.h +++ b/src/include/ldd_utils.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/pid.h b/src/include/pid.h index 9d4735bdd..1f15d3c68 100644 --- a/src/include/pid.h +++ b/src/include/pid.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/rundefs.h b/src/include/rundefs.h index df135b9ca..7f9c68be2 100644 --- a/src/include/rundefs.h +++ b/src/include/rundefs.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -49,6 +49,12 @@ | |||
49 | #define RUN_LIB_DIR RUN_MNT_DIR "/lib" | 49 | #define RUN_LIB_DIR RUN_MNT_DIR "/lib" |
50 | #define RUN_LIB_FILE RUN_MNT_DIR "/libfiles" | 50 | #define RUN_LIB_FILE RUN_MNT_DIR "/libfiles" |
51 | #define RUN_DNS_ETC RUN_MNT_DIR "/dns-etc" | 51 | #define RUN_DNS_ETC RUN_MNT_DIR "/dns-etc" |
52 | #define RUN_DHCLIENT_DIR RUN_MNT_DIR "/dhclient" | ||
53 | #define RUN_DHCLIENT_4_LEASES_FILE RUN_DHCLIENT_DIR "/dhclient.leases" | ||
54 | #define RUN_DHCLIENT_6_LEASES_FILE RUN_DHCLIENT_DIR "/dhclient6.leases" | ||
55 | #define RUN_DHCLIENT_4_LEASES_FILE RUN_DHCLIENT_DIR "/dhclient.leases" | ||
56 | #define RUN_DHCLIENT_4_PID_FILE RUN_DHCLIENT_DIR "/dhclient.pid" | ||
57 | #define RUN_DHCLIENT_6_PID_FILE RUN_DHCLIENT_DIR "/dhclient6.pid" | ||
52 | 58 | ||
53 | #define RUN_SECCOMP_DIR RUN_MNT_DIR "/seccomp" | 59 | #define RUN_SECCOMP_DIR RUN_MNT_DIR "/seccomp" |
54 | #define RUN_SECCOMP_LIST RUN_SECCOMP_DIR "/seccomp.list" // list of seccomp files installed | 60 | #define RUN_SECCOMP_LIST RUN_SECCOMP_DIR "/seccomp.list" // list of seccomp files installed |
diff --git a/src/include/seccomp.h b/src/include/seccomp.h index 6af84f821..80a83df34 100644 --- a/src/include/seccomp.h +++ b/src/include/seccomp.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/include/syscall.h b/src/include/syscall.h index 766f771cf..e11c56a05 100644 --- a/src/include/syscall.h +++ b/src/include/syscall.h | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/lib/common.c b/src/lib/common.c index 3a7f910e1..1fd317d4f 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/lib/firejail_user.c b/src/lib/firejail_user.c index f7234cc08..dbf2ca94b 100644 --- a/src/lib/firejail_user.c +++ b/src/lib/firejail_user.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/lib/ldd_utils.c b/src/lib/ldd_utils.c index 453c7e9dc..32bfb0974 100644 --- a/src/lib/ldd_utils.c +++ b/src/lib/ldd_utils.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/lib/pid.c b/src/lib/pid.c index 04bc8d132..cad0e5424 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
@@ -17,6 +17,7 @@ | |||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | 17 | * with this program; if not, write to the Free Software Foundation, Inc., |
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | 18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. |
19 | */ | 19 | */ |
20 | |||
20 | #include "../include/common.h" | 21 | #include "../include/common.h" |
21 | #include "../include/pid.h" | 22 | #include "../include/pid.h" |
22 | #include <string.h> | 23 | #include <string.h> |
diff --git a/src/libpostexecseccomp/libpostexecseccomp.c b/src/libpostexecseccomp/libpostexecseccomp.c index b2f64f18e..c86faa329 100644 --- a/src/libpostexecseccomp/libpostexecseccomp.c +++ b/src/libpostexecseccomp/libpostexecseccomp.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/libtrace/libtrace.c b/src/libtrace/libtrace.c index 93fa9d5f8..a27fa7a03 100644 --- a/src/libtrace/libtrace.c +++ b/src/libtrace/libtrace.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/libtracelog/libtracelog.c b/src/libtracelog/libtracelog.c index 3641a81af..9102a8ef6 100644 --- a/src/libtracelog/libtracelog.c +++ b/src/libtracelog/libtracelog.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 719a80c2c..84aed41a4 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -582,6 +582,33 @@ net eth0 | |||
582 | ip none | 582 | ip none |
583 | 583 | ||
584 | .TP | 584 | .TP |
585 | \fBip dhcp | ||
586 | Acquire an IP address and default gateway for the last interface defined by a | ||
587 | net command, as well as set the DNS servers according to the DHCP response. | ||
588 | This command requires the ISC dhclient DHCP client to be installed and will start | ||
589 | it automatically inside the sandbox. | ||
590 | .br | ||
591 | |||
592 | .br | ||
593 | Example: | ||
594 | .br | ||
595 | net br0 | ||
596 | .br | ||
597 | ip dhcp | ||
598 | .br | ||
599 | |||
600 | .br | ||
601 | This command should not be used in conjunction with the dns command if the | ||
602 | DHCP server is set to configure DNS servers for the clients, because the | ||
603 | manually specified DNS servers will be overwritten. | ||
604 | |||
605 | .br | ||
606 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
607 | If your DHCP server requires leases to be explicitly released, consider running | ||
608 | a DHCP client and releasing the lease manually in conjunction with the | ||
609 | net none command. | ||
610 | |||
611 | .TP | ||
585 | \fBip6 address | 612 | \fBip6 address |
586 | Assign IPv6 addresses to the last network interface defined by a net command. | 613 | Assign IPv6 addresses to the last network interface defined by a net command. |
587 | .br | 614 | .br |
@@ -594,6 +621,32 @@ net eth0 | |||
594 | ip6 2001:0db8:0:f101::1/64 | 621 | ip6 2001:0db8:0:f101::1/64 |
595 | 622 | ||
596 | .TP | 623 | .TP |
624 | \fBip6 dhcp | ||
625 | Acquire an IPv6 address and default gateway for the last interface defined by a | ||
626 | net command, as well as set the DNS servers according to the DHCP response. | ||
627 | This command requires the ISC dhclient DHCP client to be installed and will start | ||
628 | it automatically inside the sandbox. | ||
629 | .br | ||
630 | |||
631 | .br | ||
632 | Example: | ||
633 | .br | ||
634 | net br0 | ||
635 | .br | ||
636 | ip6 dhcp | ||
637 | .br | ||
638 | |||
639 | .br | ||
640 | This command should not be used in conjunction with the dns command if the | ||
641 | DHCP server is set to configure DNS servers for the clients, because the | ||
642 | manually specified DNS servers will be overwritten. | ||
643 | |||
644 | .br | ||
645 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
646 | If your DHCP server requires leases to be explicitly released, consider running | ||
647 | a DHCP client and releasing the lease manually. | ||
648 | |||
649 | .TP | ||
597 | \fBiprange address,address | 650 | \fBiprange address,address |
598 | Assign an IP address in the provided range to the last network | 651 | Assign an IP address in the provided range to the last network |
599 | interface defined by a net command. A default gateway is assigned by default. | 652 | interface defined by a net command. A default gateway is assigned by default. |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 32ac07d72..4b1134686 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -567,6 +567,31 @@ If the corresponding interface doesn't have an IP address configured, this | |||
567 | option is enabled by default. | 567 | option is enabled by default. |
568 | 568 | ||
569 | .TP | 569 | .TP |
570 | \fB\-\-ip=dhcp | ||
571 | Acquire an IP address and default gateway for the last interface defined by a | ||
572 | \-\-net option, as well as set the DNS servers according to the DHCP response. | ||
573 | This option requires the ISC dhclient DHCP client to be installed and will start | ||
574 | it automatically inside the sandbox. | ||
575 | .br | ||
576 | |||
577 | .br | ||
578 | Example: | ||
579 | .br | ||
580 | $ firejail \-\-net=br0 \-\-ip=dhcp | ||
581 | .br | ||
582 | |||
583 | .br | ||
584 | This option should not be used in conjunction with the \-\-dns option if the | ||
585 | DHCP server is set to configure DNS servers for the clients, because the | ||
586 | manually specified DNS servers will be overwritten. | ||
587 | |||
588 | .br | ||
589 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
590 | If your DHCP server requires leases to be explicitly released, consider running | ||
591 | a DHCP client and releasing the lease manually in conjunction with the | ||
592 | \-\-net=none option. | ||
593 | |||
594 | .TP | ||
570 | \fB\-\-ip6=address | 595 | \fB\-\-ip6=address |
571 | Assign IPv6 addresses to the last network interface defined by a \-\-net option. | 596 | Assign IPv6 addresses to the last network interface defined by a \-\-net option. |
572 | .br | 597 | .br |
@@ -579,6 +604,30 @@ $ firejail \-\-net=eth0 \-\-ip6=2001:0db8:0:f101::1/64 firefox | |||
579 | Note: you don't need this option if you obtain your ip6 address from router via SLAAC (your ip6 address and default route will be configured by kernel automatically). | 604 | Note: you don't need this option if you obtain your ip6 address from router via SLAAC (your ip6 address and default route will be configured by kernel automatically). |
580 | 605 | ||
581 | .TP | 606 | .TP |
607 | \fB\-\-ip6=dhcp | ||
608 | Acquire an IPv6 address and default gateway for the last interface defined by a | ||
609 | \-\-net option, as well as set the DNS servers according to the DHCP response. | ||
610 | This option requires the ISC dhclient DHCP client to be installed and will start | ||
611 | it automatically inside the sandbox. | ||
612 | .br | ||
613 | |||
614 | .br | ||
615 | Example: | ||
616 | .br | ||
617 | $ firejail \-\-net=br0 \-\-ip6=dhcp | ||
618 | .br | ||
619 | |||
620 | .br | ||
621 | This option should not be used in conjunction with the \-\-dns option if the | ||
622 | DHCP server is set to configure DNS servers for the clients, because the | ||
623 | manually specified DNS servers will be overwritten. | ||
624 | |||
625 | .br | ||
626 | The DHCP client will NOT release the DHCP lease when the sandbox terminates. | ||
627 | If your DHCP server requires leases to be explicitly released, consider running | ||
628 | a DHCP client and releasing the lease manually. | ||
629 | |||
630 | .TP | ||
582 | \fB\-\-iprange=address,address | 631 | \fB\-\-iprange=address,address |
583 | Assign an IP address in the provided range to the last network interface defined by a \-\-net option. A | 632 | Assign an IP address in the provided range to the last network interface defined by a \-\-net option. A |
584 | default gateway is assigned by default. | 633 | default gateway is assigned by default. |
@@ -2235,7 +2284,7 @@ $ firejail --tunnel firefox | |||
2235 | .br | 2284 | .br |
2236 | .TP | 2285 | .TP |
2237 | \fB\-\-version | 2286 | \fB\-\-version |
2238 | Print program version and exit. | 2287 | Print program version/compile time support and exit. |
2239 | .br | 2288 | .br |
2240 | 2289 | ||
2241 | .br | 2290 | .br |
@@ -2245,6 +2294,20 @@ $ firejail \-\-version | |||
2245 | .br | 2294 | .br |
2246 | firejail version 0.9.27 | 2295 | firejail version 0.9.27 |
2247 | 2296 | ||
2297 | Compile time support: | ||
2298 | - AppArmor support is enabled | ||
2299 | - AppImage support is enabled | ||
2300 | - chroot support is enabled | ||
2301 | - file and directory whitelisting support is enabled | ||
2302 | - file transfer support is enabled | ||
2303 | - firetunnel support is enabled | ||
2304 | - networking support is enabled | ||
2305 | - overlayfs support is enabled | ||
2306 | - private-home support is enabled | ||
2307 | - seccomp-bpf support is enabled | ||
2308 | - user namespace support is enabled | ||
2309 | - X11 sandboxing support is enabled | ||
2310 | .br | ||
2248 | .TP | 2311 | .TP |
2249 | \fB\-\-veth-name=name | 2312 | \fB\-\-veth-name=name |
2250 | Use this name for the interface connected to the bridge for --net=bridge_interface commands, | 2313 | Use this name for the interface connected to the bridge for --net=bridge_interface commands, |
diff --git a/src/tools/check-caps.sh b/src/tools/check-caps.sh index 13525677b..34ac5993d 100755 --- a/src/tools/check-caps.sh +++ b/src/tools/check-caps.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | if [ $# -eq 0 ] | 6 | if [ $# -eq 0 ] |
4 | then | 7 | then |
diff --git a/src/tools/extract_caps.c b/src/tools/extract_caps.c index 24c2b1bd1..d76749e44 100644 --- a/src/tools/extract_caps.c +++ b/src/tools/extract_caps.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/tools/extract_errnos.sh b/src/tools/extract_errnos.sh index 43b225828..286fdd767 100644 --- a/src/tools/extract_errnos.sh +++ b/src/tools/extract_errnos.sh | |||
@@ -1,3 +1,8 @@ | |||
1 | #!/bin/bash | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
1 | echo -e "#include <errno.h>\n#include <attr/xattr.h>" | \ | 6 | echo -e "#include <errno.h>\n#include <attr/xattr.h>" | \ |
2 | cpp -dD | \ | 7 | cpp -dD | \ |
3 | grep "^#define E" | \ | 8 | grep "^#define E" | \ |
diff --git a/src/tools/extract_syscalls.c b/src/tools/extract_syscalls.c index d762d283b..83c2f65f3 100644 --- a/src/tools/extract_syscalls.c +++ b/src/tools/extract_syscalls.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/tools/mkcoverit.sh b/src/tools/mkcoverit.sh index d4a68e397..b21418d5c 100755 --- a/src/tools/mkcoverit.sh +++ b/src/tools/mkcoverit.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | # unpack firejail archive | 6 | # unpack firejail archive |
4 | ARCFIREJAIL=`ls *.tar.xz| grep firejail` | 7 | ARCFIREJAIL=`ls *.tar.xz| grep firejail` |
diff --git a/src/tools/testuid.c b/src/tools/testuid.c index 2f85d0252..ad3d2be5f 100644 --- a/src/tools/testuid.c +++ b/src/tools/testuid.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/src/tools/ttytest.c b/src/tools/ttytest.c index a449bf9ba..beaeb4fbe 100644 --- a/src/tools/ttytest.c +++ b/src/tools/ttytest.c | |||
@@ -1,3 +1,23 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2020 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | |||
1 | #define _XOPEN_SOURCE 600 | 21 | #define _XOPEN_SOURCE 600 |
2 | #include <stdlib.h> | 22 | #include <stdlib.h> |
3 | #include <stdio.h> | 23 | #include <stdio.h> |
diff --git a/src/tools/unixsocket.c b/src/tools/unixsocket.c index c4302eed3..0987deb7a 100644 --- a/src/tools/unixsocket.c +++ b/src/tools/unixsocket.c | |||
@@ -1,3 +1,23 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2020 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | |||
1 | #include <stdio.h> | 21 | #include <stdio.h> |
2 | #include <sys/types.h> | 22 | #include <sys/types.h> |
3 | #include <sys/socket.h> | 23 | #include <sys/socket.h> |
diff --git a/test/appimage/appimage-args.exp b/test/appimage/appimage-args.exp index 4c6a778b2..03c7218ac 100755 --- a/test/appimage/appimage-args.exp +++ b/test/appimage/appimage-args.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/appimage/appimage-trace.exp b/test/appimage/appimage-trace.exp index 574bd5a97..07a0aac0d 100755 --- a/test/appimage/appimage-trace.exp +++ b/test/appimage/appimage-trace.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/appimage/appimage-v1.exp b/test/appimage/appimage-v1.exp index 4522afa9b..7b6fa2120 100755 --- a/test/appimage/appimage-v1.exp +++ b/test/appimage/appimage-v1.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/appimage/appimage-v2.exp b/test/appimage/appimage-v2.exp index 50466958d..ccdeae0aa 100755 --- a/test/appimage/appimage-v2.exp +++ b/test/appimage/appimage-v2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/appimage/appimage.sh b/test/appimage/appimage.sh index 937ae9f31..fa1a53195 100755 --- a/test/appimage/appimage.sh +++ b/test/appimage/appimage.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/appimage/filename.exp b/test/appimage/filename.exp index 48bea4b3f..e4c7d3a95 100755 --- a/test/appimage/filename.exp +++ b/test/appimage/filename.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11-xorg/apps-x11-xorg.sh b/test/apps-x11-xorg/apps-x11-xorg.sh index 40ae4017c..843fdc50b 100755 --- a/test/apps-x11-xorg/apps-x11-xorg.sh +++ b/test/apps-x11-xorg/apps-x11-xorg.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/apps-x11-xorg/firefox.exp b/test/apps-x11-xorg/firefox.exp index 39b18aec0..0a43db568 100755 --- a/test/apps-x11-xorg/firefox.exp +++ b/test/apps-x11-xorg/firefox.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11-xorg/thunderbird.exp b/test/apps-x11-xorg/thunderbird.exp index c46a5b6f0..8cf0ac244 100755 --- a/test/apps-x11-xorg/thunderbird.exp +++ b/test/apps-x11-xorg/thunderbird.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11-xorg/transmission-gtk.exp b/test/apps-x11-xorg/transmission-gtk.exp index 5dfabd611..fdbf388e9 100755 --- a/test/apps-x11-xorg/transmission-gtk.exp +++ b/test/apps-x11-xorg/transmission-gtk.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/apps-x11.sh b/test/apps-x11/apps-x11.sh index 8badbc3be..609eb5dc9 100755 --- a/test/apps-x11/apps-x11.sh +++ b/test/apps-x11/apps-x11.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/apps-x11/chromium.exp b/test/apps-x11/chromium.exp index 8ec03674b..14f8ff616 100755 --- a/test/apps-x11/chromium.exp +++ b/test/apps-x11/chromium.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/firefox.exp b/test/apps-x11/firefox.exp index 8201b829f..8de9d939b 100755 --- a/test/apps-x11/firefox.exp +++ b/test/apps-x11/firefox.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/thunderbird.exp b/test/apps-x11/thunderbird.exp index cde842697..73133fa1b 100755 --- a/test/apps-x11/thunderbird.exp +++ b/test/apps-x11/thunderbird.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/transmission-gtk.exp b/test/apps-x11/transmission-gtk.exp index 19dc1a24f..a8ce1d940 100755 --- a/test/apps-x11/transmission-gtk.exp +++ b/test/apps-x11/transmission-gtk.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/x11-none.exp b/test/apps-x11/x11-none.exp index 43adf67e2..3f56a3072 100755 --- a/test/apps-x11/x11-none.exp +++ b/test/apps-x11/x11-none.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/x11-xephyr.exp b/test/apps-x11/x11-xephyr.exp index 6b8fa7da7..4efdbc4f0 100755 --- a/test/apps-x11/x11-xephyr.exp +++ b/test/apps-x11/x11-xephyr.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/xterm-xephyr.exp b/test/apps-x11/xterm-xephyr.exp index 5cbab4eb1..7dc193110 100755 --- a/test/apps-x11/xterm-xephyr.exp +++ b/test/apps-x11/xterm-xephyr.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/xterm-xorg.exp b/test/apps-x11/xterm-xorg.exp index 2ec25e6c3..893306830 100755 --- a/test/apps-x11/xterm-xorg.exp +++ b/test/apps-x11/xterm-xorg.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps-x11/xterm-xpra.exp b/test/apps-x11/xterm-xpra.exp index 9134dbdce..0b35a7009 100755 --- a/test/apps-x11/xterm-xpra.exp +++ b/test/apps-x11/xterm-xpra.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/apps.sh b/test/apps/apps.sh index c129846dd..1e5f0f8c5 100755 --- a/test/apps/apps.sh +++ b/test/apps/apps.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/apps/chromium.exp b/test/apps/chromium.exp index 664d4918f..d6375323e 100755 --- a/test/apps/chromium.exp +++ b/test/apps/chromium.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/deluge.exp b/test/apps/deluge.exp index 8d685e0c5..92f50fc8a 100755 --- a/test/apps/deluge.exp +++ b/test/apps/deluge.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/fbreader.exp b/test/apps/fbreader.exp index 52d7ff268..55f7dd49f 100755 --- a/test/apps/fbreader.exp +++ b/test/apps/fbreader.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/filezilla.exp b/test/apps/filezilla.exp index 74f478ace..9952a4d29 100755 --- a/test/apps/filezilla.exp +++ b/test/apps/filezilla.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/firefox.exp b/test/apps/firefox.exp index 34164d780..9869972f0 100755 --- a/test/apps/firefox.exp +++ b/test/apps/firefox.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/gnome-mplayer.exp b/test/apps/gnome-mplayer.exp index 12d0a880d..1d00cdd9b 100755 --- a/test/apps/gnome-mplayer.exp +++ b/test/apps/gnome-mplayer.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/gthumb.exp b/test/apps/gthumb.exp index 0631dff6f..9fba8a98e 100755 --- a/test/apps/gthumb.exp +++ b/test/apps/gthumb.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/hexchat.exp b/test/apps/hexchat.exp index ec859df25..b933e1edb 100755 --- a/test/apps/hexchat.exp +++ b/test/apps/hexchat.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/kcalc.exp b/test/apps/kcalc.exp index fac1a7344..ae743cf23 100755 --- a/test/apps/kcalc.exp +++ b/test/apps/kcalc.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/ktorrent.exp b/test/apps/ktorrent.exp index 527de98fe..ef177bd08 100755 --- a/test/apps/ktorrent.exp +++ b/test/apps/ktorrent.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/midori.exp b/test/apps/midori.exp index 4dd4160f9..78a55313f 100755 --- a/test/apps/midori.exp +++ b/test/apps/midori.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/opera.exp b/test/apps/opera.exp index 72ad5e27a..b88368ec6 100755 --- a/test/apps/opera.exp +++ b/test/apps/opera.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/qbittorrent.exp b/test/apps/qbittorrent.exp index f0f3c5c6c..67dfa73c7 100755 --- a/test/apps/qbittorrent.exp +++ b/test/apps/qbittorrent.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/thunderbird.exp b/test/apps/thunderbird.exp index 1d2711694..319ebbccf 100755 --- a/test/apps/thunderbird.exp +++ b/test/apps/thunderbird.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/transmission-qt.exp b/test/apps/transmission-qt.exp index 0fe70f659..4aec7d094 100755 --- a/test/apps/transmission-qt.exp +++ b/test/apps/transmission-qt.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/uget-gtk.exp b/test/apps/uget-gtk.exp index 00e6d1b17..397c63846 100755 --- a/test/apps/uget-gtk.exp +++ b/test/apps/uget-gtk.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/vlc.exp b/test/apps/vlc.exp index 04e8a3757..8110a6d93 100755 --- a/test/apps/vlc.exp +++ b/test/apps/vlc.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/wine.exp b/test/apps/wine.exp index f045e47da..af8c5dca8 100755 --- a/test/apps/wine.exp +++ b/test/apps/wine.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/apps/xchat.exp b/test/apps/xchat.exp index dae8638ef..1d88ef7e4 100755 --- a/test/apps/xchat.exp +++ b/test/apps/xchat.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/arguments/arguments.sh b/test/arguments/arguments.sh index fc1bc64e1..12e2aac6d 100755 --- a/test/arguments/arguments.sh +++ b/test/arguments/arguments.sh | |||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | export LC_ALL=C | 6 | export LC_ALL=C |
3 | 7 | ||
4 | if [ -f /etc/debian_version ]; then | 8 | if [ -f /etc/debian_version ]; then |
diff --git a/test/arguments/bashrun.exp b/test/arguments/bashrun.exp index a3c9e382d..782484cad 100755 --- a/test/arguments/bashrun.exp +++ b/test/arguments/bashrun.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/arguments/bashrun.sh b/test/arguments/bashrun.sh index a4773fd6c..433d92436 100755 --- a/test/arguments/bashrun.sh +++ b/test/arguments/bashrun.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | echo "TESTING: 1.1 - simple args" | 6 | echo "TESTING: 1.1 - simple args" |
4 | firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet faudit arg1 arg2 | 7 | firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --quiet faudit arg1 arg2 |
diff --git a/test/arguments/joinrun.exp b/test/arguments/joinrun.exp index 97972e5e8..8359b4819 100755 --- a/test/arguments/joinrun.exp +++ b/test/arguments/joinrun.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/arguments/joinrun.sh b/test/arguments/joinrun.sh index b00ea0e80..0019563be 100755 --- a/test/arguments/joinrun.sh +++ b/test/arguments/joinrun.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | echo "TESTING: 3.1 - simple args" | 6 | echo "TESTING: 3.1 - simple args" |
4 | firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --join=joinrun faudit arg1 arg2 | 7 | firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --join=joinrun faudit arg1 arg2 |
diff --git a/test/arguments/outrun.exp b/test/arguments/outrun.exp index d28e75661..46a226870 100755 --- a/test/arguments/outrun.exp +++ b/test/arguments/outrun.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/arguments/outrun.sh b/test/arguments/outrun.sh index 5bc3b1e37..4e8b52417 100755 --- a/test/arguments/outrun.sh +++ b/test/arguments/outrun.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | echo "TESTING: 4.1 - simple args" | 6 | echo "TESTING: 4.1 - simple args" |
4 | firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --output=out faudit arg1 arg2 | 7 | firejail --env=FIREJAIL_TEST_ARGUMENTS=yes --output=out faudit arg1 arg2 |
diff --git a/test/arguments/symrun.exp b/test/arguments/symrun.exp index 10e7ac6c8..49e0d28e0 100755 --- a/test/arguments/symrun.exp +++ b/test/arguments/symrun.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/arguments/symrun.sh b/test/arguments/symrun.sh index db5f06835..00c17df69 100755 --- a/test/arguments/symrun.sh +++ b/test/arguments/symrun.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | mkdir symtest | 6 | mkdir symtest |
4 | ln -s /usr/bin/firejail symtest/faudit | 7 | ln -s /usr/bin/firejail symtest/faudit |
diff --git a/test/chroot/chroot.sh b/test/chroot/chroot.sh index ecadb899a..7f65b2188 100755 --- a/test/chroot/chroot.sh +++ b/test/chroot/chroot.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/chroot/configure b/test/chroot/configure index 26a516931..465092abb 100755 --- a/test/chroot/configure +++ b/test/chroot/configure | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | # build a very small chroot | 6 | # build a very small chroot |
4 | ROOTDIR="/tmp/chroot" # default chroot directory | 7 | ROOTDIR="/tmp/chroot" # default chroot directory |
diff --git a/test/chroot/fs_chroot.exp b/test/chroot/fs_chroot.exp index a071027e5..1db8269b9 100755 --- a/test/chroot/fs_chroot.exp +++ b/test/chroot/fs_chroot.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/chroot/unchroot-as-root.exp b/test/chroot/unchroot-as-root.exp index e4bedd539..844bd7450 100755 --- a/test/chroot/unchroot-as-root.exp +++ b/test/chroot/unchroot-as-root.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/chroot/unchroot.c b/test/chroot/unchroot.c index 4919637d6..4454dd1c4 100644 --- a/test/chroot/unchroot.c +++ b/test/chroot/unchroot.c | |||
@@ -1,3 +1,7 @@ | |||
1 | // This file is part of Firejail project | ||
2 | // Copyright (C) 2014-2020 Firejail Authors | ||
3 | // License GPL v2 | ||
4 | |||
1 | // simple unchroot example from http://linux-vserver.org/Secure_chroot_Barrier | 5 | // simple unchroot example from http://linux-vserver.org/Secure_chroot_Barrier |
2 | #include <unistd.h> | 6 | #include <unistd.h> |
3 | #include <stdlib.h> | 7 | #include <stdlib.h> |
diff --git a/test/compile/compile.sh b/test/compile/compile.sh index e662b4d30..ccf37dc40 100755 --- a/test/compile/compile.sh +++ b/test/compile/compile.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | arr[1]="TEST 1: standard compilation" | 6 | arr[1]="TEST 1: standard compilation" |
4 | arr[2]="TEST 2: compile seccomp disabled" | 7 | arr[2]="TEST 2: compile seccomp disabled" |
diff --git a/test/environment/allow-debuggers.exp b/test/environment/allow-debuggers.exp index f92ec5ddf..c2f4be64c 100755 --- a/test/environment/allow-debuggers.exp +++ b/test/environment/allow-debuggers.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | cd /home | 7 | cd /home |
diff --git a/test/environment/csh.exp b/test/environment/csh.exp index 7b5ab9b33..ff61e6a83 100755 --- a/test/environment/csh.exp +++ b/test/environment/csh.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | cd /home | 7 | cd /home |
diff --git a/test/environment/dash.exp b/test/environment/dash.exp index cad4422a0..82e2f5cad 100755 --- a/test/environment/dash.exp +++ b/test/environment/dash.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | cd /home | 7 | cd /home |
diff --git a/test/environment/deterministic-exit-code.exp b/test/environment/deterministic-exit-code.exp index 165b9ebe0..a92203b2d 100755 --- a/test/environment/deterministic-exit-code.exp +++ b/test/environment/deterministic-exit-code.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 4 | 6 | set timeout 4 |
diff --git a/test/environment/dns.exp b/test/environment/dns.exp index d1f3f650f..801a7e2b1 100755 --- a/test/environment/dns.exp +++ b/test/environment/dns.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/doubledash.exp b/test/environment/doubledash.exp index ed0419f2d..60d4700dd 100755 --- a/test/environment/doubledash.exp +++ b/test/environment/doubledash.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/env.exp b/test/environment/env.exp index da16f81b3..107a41beb 100755 --- a/test/environment/env.exp +++ b/test/environment/env.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/environment/environment.sh b/test/environment/environment.sh index f860f7c24..e88036d3d 100755 --- a/test/environment/environment.sh +++ b/test/environment/environment.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/environment/extract_command.exp b/test/environment/extract_command.exp index 72d7501aa..50a933ec3 100755 --- a/test/environment/extract_command.exp +++ b/test/environment/extract_command.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/firejail-in-firejail.exp b/test/environment/firejail-in-firejail.exp index 53ddde807..be422a294 100755 --- a/test/environment/firejail-in-firejail.exp +++ b/test/environment/firejail-in-firejail.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/environment/hostfile.exp b/test/environment/hostfile.exp index 86acd7f3c..7f5034931 100755 --- a/test/environment/hostfile.exp +++ b/test/environment/hostfile.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | 6 | ||
diff --git a/test/environment/ibus.exp b/test/environment/ibus.exp index 75c7f5450..857cef38c 100755 --- a/test/environment/ibus.exp +++ b/test/environment/ibus.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | cd /home | 7 | cd /home |
diff --git a/test/environment/machineid.exp b/test/environment/machineid.exp index 7d3bdee43..ecfd70f55 100755 --- a/test/environment/machineid.exp +++ b/test/environment/machineid.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | 6 | ||
diff --git a/test/environment/nice.exp b/test/environment/nice.exp index 81f81e0b8..b4afc28d2 100755 --- a/test/environment/nice.exp +++ b/test/environment/nice.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/environment/output.exp b/test/environment/output.exp index d175ddae2..0ad5250c1 100755 --- a/test/environment/output.exp +++ b/test/environment/output.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/output.sh b/test/environment/output.sh index 2be188e3a..14c20a79a 100755 --- a/test/environment/output.sh +++ b/test/environment/output.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | i="0" | 6 | i="0" |
4 | 7 | ||
diff --git a/test/environment/quiet.exp b/test/environment/quiet.exp index 28b1a9f4f..0a22051f5 100755 --- a/test/environment/quiet.exp +++ b/test/environment/quiet.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 4 | 6 | set timeout 4 |
diff --git a/test/environment/rlimit-bad-profile.exp b/test/environment/rlimit-bad-profile.exp index cd77402fd..35d9b4479 100755 --- a/test/environment/rlimit-bad-profile.exp +++ b/test/environment/rlimit-bad-profile.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/rlimit-bad.exp b/test/environment/rlimit-bad.exp index 0a2fe9c98..7eaac27b6 100755 --- a/test/environment/rlimit-bad.exp +++ b/test/environment/rlimit-bad.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/rlimit-profile.exp b/test/environment/rlimit-profile.exp index 43d6a3ee0..721e2196e 100755 --- a/test/environment/rlimit-profile.exp +++ b/test/environment/rlimit-profile.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | #cd /home | 7 | #cd /home |
diff --git a/test/environment/rlimit.exp b/test/environment/rlimit.exp index 38cdc3eea..757faf1f9 100755 --- a/test/environment/rlimit.exp +++ b/test/environment/rlimit.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | cd /home | 7 | cd /home |
diff --git a/test/environment/shell-none.exp b/test/environment/shell-none.exp index 89d4cfda5..aed9adbd4 100755 --- a/test/environment/shell-none.exp +++ b/test/environment/shell-none.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/environment/sound.exp b/test/environment/sound.exp index c44268708..fadad9eed 100755 --- a/test/environment/sound.exp +++ b/test/environment/sound.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | 6 | ||
diff --git a/test/environment/timeout.exp b/test/environment/timeout.exp index 83aefabb9..c8b215084 100755 --- a/test/environment/timeout.exp +++ b/test/environment/timeout.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/environment/umask.exp b/test/environment/umask.exp index e93d71bd4..a3b80bd1c 100755 --- a/test/environment/umask.exp +++ b/test/environment/umask.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/environment/zsh.exp b/test/environment/zsh.exp index a1b94a326..8c493ac23 100755 --- a/test/environment/zsh.exp +++ b/test/environment/zsh.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | cd /home | 7 | cd /home |
diff --git a/test/fcopy/cmdline.exp b/test/fcopy/cmdline.exp index a10aab463..f0416d51e 100755 --- a/test/fcopy/cmdline.exp +++ b/test/fcopy/cmdline.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fcopy/dircopy.exp b/test/fcopy/dircopy.exp index d9e361d05..a74ce1616 100755 --- a/test/fcopy/dircopy.exp +++ b/test/fcopy/dircopy.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | # | 6 | # |
diff --git a/test/fcopy/fcopy.sh b/test/fcopy/fcopy.sh index b87518e03..96b515238 100755 --- a/test/fcopy/fcopy.sh +++ b/test/fcopy/fcopy.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/fcopy/filecopy.exp b/test/fcopy/filecopy.exp index ffad16911..7f7fbea9e 100755 --- a/test/fcopy/filecopy.exp +++ b/test/fcopy/filecopy.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | # | 6 | # |
diff --git a/test/fcopy/linkcopy.exp b/test/fcopy/linkcopy.exp index a82faf7bd..a9b3a067f 100755 --- a/test/fcopy/linkcopy.exp +++ b/test/fcopy/linkcopy.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | # | 6 | # |
diff --git a/test/features/1.1.exp b/test/features/1.1.exp index 2273a3b98..5cf3b724e 100755 --- a/test/features/1.1.exp +++ b/test/features/1.1.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # disable /boot | 6 | # disable /boot |
4 | # | 7 | # |
diff --git a/test/features/1.10.exp b/test/features/1.10.exp index b668f5cd1..b37b6c568 100755 --- a/test/features/1.10.exp +++ b/test/features/1.10.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # disable /selinux | 6 | # disable /selinux |
4 | # | 7 | # |
diff --git a/test/features/1.2.exp b/test/features/1.2.exp index 81f9531cb..c9a9480a7 100755 --- a/test/features/1.2.exp +++ b/test/features/1.2.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # new /proc | 6 | # new /proc |
4 | # | 7 | # |
diff --git a/test/features/1.4.exp b/test/features/1.4.exp index de05536f0..a19589b6e 100755 --- a/test/features/1.4.exp +++ b/test/features/1.4.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # mask other users | 6 | # mask other users |
4 | # | 7 | # |
diff --git a/test/features/1.5.exp b/test/features/1.5.exp index 194c7859e..cd296bbd8 100755 --- a/test/features/1.5.exp +++ b/test/features/1.5.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # PID namespace | 6 | # PID namespace |
4 | # | 7 | # |
diff --git a/test/features/1.6.exp b/test/features/1.6.exp index 111aca3c8..24951d27a 100755 --- a/test/features/1.6.exp +++ b/test/features/1.6.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # new /var/log | 6 | # new /var/log |
4 | # | 7 | # |
diff --git a/test/features/1.7.exp b/test/features/1.7.exp index dc73ae529..701aa0ca5 100755 --- a/test/features/1.7.exp +++ b/test/features/1.7.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # new /var/tmp | 6 | # new /var/tmp |
4 | # | 7 | # |
diff --git a/test/features/1.8.exp b/test/features/1.8.exp index 3bb43718e..bd7d7add2 100755 --- a/test/features/1.8.exp +++ b/test/features/1.8.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # disable /etc/firejail and ~/.config/firejail | 6 | # disable /etc/firejail and ~/.config/firejail |
4 | # | 7 | # |
diff --git a/test/features/2.1.exp b/test/features/2.1.exp index d560d1a36..4ad3f3bff 100755 --- a/test/features/2.1.exp +++ b/test/features/2.1.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # hostname | 6 | # hostname |
4 | # | 7 | # |
diff --git a/test/features/2.2.exp b/test/features/2.2.exp index 00ed20e1f..c8c6461dd 100755 --- a/test/features/2.2.exp +++ b/test/features/2.2.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # DNS | 6 | # DNS |
4 | # | 7 | # |
diff --git a/test/features/2.3.exp b/test/features/2.3.exp index 9d3320d78..ccc2bd168 100755 --- a/test/features/2.3.exp +++ b/test/features/2.3.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # mac-vlan | 6 | # mac-vlan |
4 | # | 7 | # |
diff --git a/test/features/2.4.exp b/test/features/2.4.exp index 6784e1add..fb64d84c1 100755 --- a/test/features/2.4.exp +++ b/test/features/2.4.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # bridge | 6 | # bridge |
4 | # - todo: ping test or equivalent on chroot | 7 | # - todo: ping test or equivalent on chroot |
diff --git a/test/features/2.5.exp b/test/features/2.5.exp index 2d4c7a9bc..74f47e1a1 100755 --- a/test/features/2.5.exp +++ b/test/features/2.5.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # interface | 6 | # interface |
4 | # | 7 | # |
diff --git a/test/features/2.6.exp b/test/features/2.6.exp index 63a9b3b90..27347d43d 100755 --- a/test/features/2.6.exp +++ b/test/features/2.6.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # default gateway | 6 | # default gateway |
4 | # | 7 | # |
diff --git a/test/features/3.1.exp b/test/features/3.1.exp index 3178cda42..c1167f296 100755 --- a/test/features/3.1.exp +++ b/test/features/3.1.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # private | 6 | # private |
4 | # | 7 | # |
diff --git a/test/features/3.10.exp b/test/features/3.10.exp index d6d858322..fdec33d1b 100755 --- a/test/features/3.10.exp +++ b/test/features/3.10.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # whitelist tmp | 6 | # whitelist tmp |
4 | # | 7 | # |
diff --git a/test/features/3.11.exp b/test/features/3.11.exp index 4e89aa372..27daaf752 100755 --- a/test/features/3.11.exp +++ b/test/features/3.11.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # mkdir | 6 | # mkdir |
4 | # | 7 | # |
diff --git a/test/features/3.2.exp b/test/features/3.2.exp index 271bbdda1..eae820dd7 100755 --- a/test/features/3.2.exp +++ b/test/features/3.2.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # read-only | 6 | # read-only |
4 | # | 7 | # |
diff --git a/test/features/3.3.exp b/test/features/3.3.exp index c662410dc..9f58a1e1a 100755 --- a/test/features/3.3.exp +++ b/test/features/3.3.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # blacklist | 6 | # blacklist |
4 | # | 7 | # |
diff --git a/test/features/3.4.exp b/test/features/3.4.exp index 2e0f7cae7..343f2a37c 100755 --- a/test/features/3.4.exp +++ b/test/features/3.4.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # whitelist home | 6 | # whitelist home |
4 | # | 7 | # |
diff --git a/test/features/3.5.exp b/test/features/3.5.exp index abaf42a0e..37e492ea4 100755 --- a/test/features/3.5.exp +++ b/test/features/3.5.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # private-dev | 6 | # private-dev |
4 | # | 7 | # |
diff --git a/test/features/3.6.exp b/test/features/3.6.exp index 043a24121..ca76f6a38 100755 --- a/test/features/3.6.exp +++ b/test/features/3.6.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # private-etc | 6 | # private-etc |
4 | # | 7 | # |
diff --git a/test/features/3.7.exp b/test/features/3.7.exp index bcd50c389..532c157af 100755 --- a/test/features/3.7.exp +++ b/test/features/3.7.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # private-tmp | 6 | # private-tmp |
4 | # | 7 | # |
diff --git a/test/features/3.8.exp b/test/features/3.8.exp index 4497b9f19..80cdf7306 100755 --- a/test/features/3.8.exp +++ b/test/features/3.8.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # private-bin | 6 | # private-bin |
4 | # | 7 | # |
diff --git a/test/features/3.9.exp b/test/features/3.9.exp index e6cefa0f6..56a1fc006 100755 --- a/test/features/3.9.exp +++ b/test/features/3.9.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # whitelist dev | 6 | # whitelist dev |
4 | # | 7 | # |
diff --git a/test/features/test.sh b/test/features/test.sh index cb3f6f871..431a6491b 100755 --- a/test/features/test.sh +++ b/test/features/test.sh | |||
@@ -1,4 +1,8 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
2 | export LC_ALL=C | 6 | export LC_ALL=C |
3 | OVERLAY="overlay" | 7 | OVERLAY="overlay" |
4 | CHROOT="chroot" | 8 | CHROOT="chroot" |
diff --git a/test/filters/apparmor.exp b/test/filters/apparmor.exp index 9238a1148..32edba72a 100755 --- a/test/filters/apparmor.exp +++ b/test/filters/apparmor.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/caps-join.exp b/test/filters/caps-join.exp index 3e12d23bb..5b80b2b48 100755 --- a/test/filters/caps-join.exp +++ b/test/filters/caps-join.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/caps-print.exp b/test/filters/caps-print.exp index d145d4d23..e78ab5275 100755 --- a/test/filters/caps-print.exp +++ b/test/filters/caps-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/caps.exp b/test/filters/caps.exp index 515da744f..b9aa8d22e 100755 --- a/test/filters/caps.exp +++ b/test/filters/caps.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/debug.exp b/test/filters/debug.exp index 25c499e6a..4a5a11639 100755 --- a/test/filters/debug.exp +++ b/test/filters/debug.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/filters.sh b/test/filters/filters.sh index 6a8ce1f99..fba90522d 100755 --- a/test/filters/filters.sh +++ b/test/filters/filters.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/filters/fseccomp.exp b/test/filters/fseccomp.exp index 70f85ccfa..c7062b395 100755 --- a/test/filters/fseccomp.exp +++ b/test/filters/fseccomp.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/memwrexe-32.exp b/test/filters/memwrexe-32.exp index d012ada55..d7fad9091 100755 --- a/test/filters/memwrexe-32.exp +++ b/test/filters/memwrexe-32.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/memwrexe.c b/test/filters/memwrexe.c index 12787f3a5..797e7881d 100644 --- a/test/filters/memwrexe.c +++ b/test/filters/memwrexe.c | |||
@@ -1,3 +1,7 @@ | |||
1 | // This file is part of Firejail project | ||
2 | // Copyright (C) 2014-2020 Firejail Authors | ||
3 | // License GPL v2 | ||
4 | |||
1 | #include <stdio.h> | 5 | #include <stdio.h> |
2 | #include <stdlib.h> | 6 | #include <stdlib.h> |
3 | #include <string.h> | 7 | #include <string.h> |
diff --git a/test/filters/memwrexe.exp b/test/filters/memwrexe.exp index d437d1ac5..244f2477f 100755 --- a/test/filters/memwrexe.exp +++ b/test/filters/memwrexe.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/noroot.exp b/test/filters/noroot.exp index 9b8d2e91c..e9f01443f 100755 --- a/test/filters/noroot.exp +++ b/test/filters/noroot.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/protocol.exp b/test/filters/protocol.exp index 8ff9bb7c9..0fecd645d 100755 --- a/test/filters/protocol.exp +++ b/test/filters/protocol.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-bad-empty.exp b/test/filters/seccomp-bad-empty.exp index c5efd09be..269ea1a40 100755 --- a/test/filters/seccomp-bad-empty.exp +++ b/test/filters/seccomp-bad-empty.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-chmod-profile.exp b/test/filters/seccomp-chmod-profile.exp index 19db2177f..9b61397ca 100755 --- a/test/filters/seccomp-chmod-profile.exp +++ b/test/filters/seccomp-chmod-profile.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-chmod.exp b/test/filters/seccomp-chmod.exp index f87c28691..01b9cbaac 100755 --- a/test/filters/seccomp-chmod.exp +++ b/test/filters/seccomp-chmod.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-chown.exp b/test/filters/seccomp-chown.exp index 934b572c6..f6094c965 100755 --- a/test/filters/seccomp-chown.exp +++ b/test/filters/seccomp-chown.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-debug-32.exp b/test/filters/seccomp-debug-32.exp index 990520424..08e590041 100755 --- a/test/filters/seccomp-debug-32.exp +++ b/test/filters/seccomp-debug-32.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-debug.exp b/test/filters/seccomp-debug.exp index dc4bf34f2..c3ba9c084 100755 --- a/test/filters/seccomp-debug.exp +++ b/test/filters/seccomp-debug.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-dualfilter.exp b/test/filters/seccomp-dualfilter.exp index 32efbdacf..b6204fc64 100755 --- a/test/filters/seccomp-dualfilter.exp +++ b/test/filters/seccomp-dualfilter.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 1 | 6 | set timeout 1 |
diff --git a/test/filters/seccomp-empty.exp b/test/filters/seccomp-empty.exp index 36f4bc53f..81411218f 100755 --- a/test/filters/seccomp-empty.exp +++ b/test/filters/seccomp-empty.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-errno.exp b/test/filters/seccomp-errno.exp index 1147c1060..d125a90dc 100755 --- a/test/filters/seccomp-errno.exp +++ b/test/filters/seccomp-errno.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-join.exp b/test/filters/seccomp-join.exp index f1d57238b..bb693e94d 100755 --- a/test/filters/seccomp-join.exp +++ b/test/filters/seccomp-join.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-numeric.exp b/test/filters/seccomp-numeric.exp index 77f6d60b0..6e8402cfa 100755 --- a/test/filters/seccomp-numeric.exp +++ b/test/filters/seccomp-numeric.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-postexec.exp b/test/filters/seccomp-postexec.exp index 75a935575..164230482 100755 --- a/test/filters/seccomp-postexec.exp +++ b/test/filters/seccomp-postexec.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-ptrace.exp b/test/filters/seccomp-ptrace.exp index 64912a005..39cd6a393 100755 --- a/test/filters/seccomp-ptrace.exp +++ b/test/filters/seccomp-ptrace.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-run-files.exp b/test/filters/seccomp-run-files.exp index 3f4e506af..fd3033a69 100755 --- a/test/filters/seccomp-run-files.exp +++ b/test/filters/seccomp-run-files.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/seccomp-su.exp b/test/filters/seccomp-su.exp index 8417cadaf..6a3d99916 100755 --- a/test/filters/seccomp-su.exp +++ b/test/filters/seccomp-su.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/filters/syscall_test.c b/test/filters/syscall_test.c index 2005f2109..f153e8b3f 100644 --- a/test/filters/syscall_test.c +++ b/test/filters/syscall_test.c | |||
@@ -1,5 +1,5 @@ | |||
1 | // This file is part of Firejail project | 1 | // This file is part of Firejail project |
2 | // Copyright (C) 2014-2019 Firejail Authors | 2 | // Copyright (C) 2014-2020 Firejail Authors |
3 | // License GPL v2 | 3 | // License GPL v2 |
4 | 4 | ||
5 | #include <stdlib.h> | 5 | #include <stdlib.h> |
diff --git a/test/fnetfilter/cmdline.exp b/test/fnetfilter/cmdline.exp index dcffba35b..944fcda52 100755 --- a/test/fnetfilter/cmdline.exp +++ b/test/fnetfilter/cmdline.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fnetfilter/copy.exp b/test/fnetfilter/copy.exp index c490c2fe2..4702a5d02 100755 --- a/test/fnetfilter/copy.exp +++ b/test/fnetfilter/copy.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fnetfilter/default.exp b/test/fnetfilter/default.exp index b059852b6..2b5bdbb69 100755 --- a/test/fnetfilter/default.exp +++ b/test/fnetfilter/default.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fnetfilter/fnetfilter.sh b/test/fnetfilter/fnetfilter.sh index a37931422..636a9d086 100755 --- a/test/fnetfilter/fnetfilter.sh +++ b/test/fnetfilter/fnetfilter.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/fnetfilter/template.exp b/test/fnetfilter/template.exp index 153c21f8a..03a8d6229 100755 --- a/test/fnetfilter/template.exp +++ b/test/fnetfilter/template.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 2509638fc..dd24f5922 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/fs/fs_dev_shm.exp b/test/fs/fs_dev_shm.exp index afd13053e..5f1013339 100755 --- a/test/fs/fs_dev_shm.exp +++ b/test/fs/fs_dev_shm.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/fs_var_lock.exp b/test/fs/fs_var_lock.exp index 45a2ca1a8..762027b5b 100755 --- a/test/fs/fs_var_lock.exp +++ b/test/fs/fs_var_lock.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/fs_var_tmp.exp b/test/fs/fs_var_tmp.exp index 8c1cf10af..886e773d8 100755 --- a/test/fs/fs_var_tmp.exp +++ b/test/fs/fs_var_tmp.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/fscheck-bindnoroot.exp b/test/fs/fscheck-bindnoroot.exp index 431092f05..eff8c4fad 100755 --- a/test/fs/fscheck-bindnoroot.exp +++ b/test/fs/fscheck-bindnoroot.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/fscheck-private.exp b/test/fs/fscheck-private.exp index 1972a683b..2cf985a9a 100755 --- a/test/fs/fscheck-private.exp +++ b/test/fs/fscheck-private.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/fscheck-readonly.exp b/test/fs/fscheck-readonly.exp index 4d7528e50..c591e4670 100755 --- a/test/fs/fscheck-readonly.exp +++ b/test/fs/fscheck-readonly.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/fscheck-tmpfs.exp b/test/fs/fscheck-tmpfs.exp index fa3971b4a..ebd3eeb9c 100755 --- a/test/fs/fscheck-tmpfs.exp +++ b/test/fs/fscheck-tmpfs.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/invalid_filename.exp b/test/fs/invalid_filename.exp index 4155e4ef5..bfefcec68 100755 --- a/test/fs/invalid_filename.exp +++ b/test/fs/invalid_filename.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/kmsg.exp b/test/fs/kmsg.exp index 253267299..8ae520836 100755 --- a/test/fs/kmsg.exp +++ b/test/fs/kmsg.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/macro.exp b/test/fs/macro.exp index 31a80452b..fd9928222 100755 --- a/test/fs/macro.exp +++ b/test/fs/macro.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/mkdir.exp b/test/fs/mkdir.exp index 6685f4ee3..8a7ac9d97 100755 --- a/test/fs/mkdir.exp +++ b/test/fs/mkdir.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 3 | 6 | set timeout 3 |
diff --git a/test/fs/mkdir_mkfile.exp b/test/fs/mkdir_mkfile.exp index 680ae1178..109984035 100755 --- a/test/fs/mkdir_mkfile.exp +++ b/test/fs/mkdir_mkfile.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/noblacklist-blacklist-noexec.exp b/test/fs/noblacklist-blacklist-noexec.exp index 5d0581a8c..31f5ab054 100755 --- a/test/fs/noblacklist-blacklist-noexec.exp +++ b/test/fs/noblacklist-blacklist-noexec.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/noblacklist-blacklist-readonly.exp b/test/fs/noblacklist-blacklist-readonly.exp index c31bd6948..367d835b0 100755 --- a/test/fs/noblacklist-blacklist-readonly.exp +++ b/test/fs/noblacklist-blacklist-readonly.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/option_bind_user.exp b/test/fs/option_bind_user.exp index 7ec55d82f..f74d4e994 100755 --- a/test/fs/option_bind_user.exp +++ b/test/fs/option_bind_user.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/option_blacklist.exp b/test/fs/option_blacklist.exp index b3f7497cd..f703c0f79 100755 --- a/test/fs/option_blacklist.exp +++ b/test/fs/option_blacklist.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/option_blacklist_file.exp b/test/fs/option_blacklist_file.exp index 6f789a792..3c2a6c3df 100755 --- a/test/fs/option_blacklist_file.exp +++ b/test/fs/option_blacklist_file.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/option_blacklist_glob.exp b/test/fs/option_blacklist_glob.exp index cf6709322..8afdeff5f 100755 --- a/test/fs/option_blacklist_glob.exp +++ b/test/fs/option_blacklist_glob.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-bin.exp b/test/fs/private-bin.exp index d432b3b87..3f74a196f 100755 --- a/test/fs/private-bin.exp +++ b/test/fs/private-bin.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-cache.exp b/test/fs/private-cache.exp index ddff2d02d..0597e8921 100755 --- a/test/fs/private-cache.exp +++ b/test/fs/private-cache.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/private-cwd.exp b/test/fs/private-cwd.exp index 0fa87a92f..d439e2c1e 100755 --- a/test/fs/private-cwd.exp +++ b/test/fs/private-cwd.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-etc-empty.exp b/test/fs/private-etc-empty.exp index db8810da1..f6c5405bf 100755 --- a/test/fs/private-etc-empty.exp +++ b/test/fs/private-etc-empty.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-etc.exp b/test/fs/private-etc.exp index 83f95dc5c..e727eee5c 100755 --- a/test/fs/private-etc.exp +++ b/test/fs/private-etc.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-home-dir.exp b/test/fs/private-home-dir.exp index af93d021d..bf4296010 100755 --- a/test/fs/private-home-dir.exp +++ b/test/fs/private-home-dir.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-home.exp b/test/fs/private-home.exp index 2c5831f40..a46071b3a 100755 --- a/test/fs/private-home.exp +++ b/test/fs/private-home.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-homedir.exp b/test/fs/private-homedir.exp index ba815b332..36d61786e 100755 --- a/test/fs/private-homedir.exp +++ b/test/fs/private-homedir.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private-lib.exp b/test/fs/private-lib.exp index 777424ebe..ed04de1f9 100755 --- a/test/fs/private-lib.exp +++ b/test/fs/private-lib.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | 6 | ||
diff --git a/test/fs/private-whitelist.exp b/test/fs/private-whitelist.exp index 67c75355a..c988bce7f 100755 --- a/test/fs/private-whitelist.exp +++ b/test/fs/private-whitelist.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/private.exp b/test/fs/private.exp index a16acc6e6..e59f64085 100755 --- a/test/fs/private.exp +++ b/test/fs/private.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/read-write.exp b/test/fs/read-write.exp index a2c397a43..2ff4cda7c 100755 --- a/test/fs/read-write.exp +++ b/test/fs/read-write.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/sys_fs.exp b/test/fs/sys_fs.exp index ba002fe91..60e935a4c 100755 --- a/test/fs/sys_fs.exp +++ b/test/fs/sys_fs.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/whitelist-dev.exp b/test/fs/whitelist-dev.exp index 09448e03a..0db5b571c 100755 --- a/test/fs/whitelist-dev.exp +++ b/test/fs/whitelist-dev.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
@@ -49,6 +49,8 @@ sleep 1 | |||
49 | send -- "ls /dev | wc -l\r" | 49 | send -- "ls /dev | wc -l\r" |
50 | expect { | 50 | expect { |
51 | timeout {puts "TESTING ERROR 5\n";exit} | 51 | timeout {puts "TESTING ERROR 5\n";exit} |
52 | "10" {puts "OK\n"} | ||
53 | "11" {puts "OK\n"} | ||
52 | "12" {puts "OK\n"} | 54 | "12" {puts "OK\n"} |
53 | "13" {puts "OK\n"} | 55 | "13" {puts "OK\n"} |
54 | "14" {puts "OK\n"} | 56 | "14" {puts "OK\n"} |
diff --git a/test/fs/whitelist-double.exp b/test/fs/whitelist-double.exp index a983099ac..90cfbaf11 100755 --- a/test/fs/whitelist-double.exp +++ b/test/fs/whitelist-double.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/whitelist-empty.exp b/test/fs/whitelist-empty.exp index bc0c13688..c4810963f 100755 --- a/test/fs/whitelist-empty.exp +++ b/test/fs/whitelist-empty.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 30 | 6 | set timeout 30 |
diff --git a/test/fs/whitelist-noexec.exp b/test/fs/whitelist-noexec.exp index f05316a30..ee601c12d 100755 --- a/test/fs/whitelist-noexec.exp +++ b/test/fs/whitelist-noexec.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/whitelist-readonly.exp b/test/fs/whitelist-readonly.exp index 784fc36bd..0e5794a17 100755 --- a/test/fs/whitelist-readonly.exp +++ b/test/fs/whitelist-readonly.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/fs/whitelist-whitespace.exp b/test/fs/whitelist-whitespace.exp index 959fb9409..9534568c4 100755 --- a/test/fs/whitelist-whitespace.exp +++ b/test/fs/whitelist-whitespace.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/fs/whitelist.exp b/test/fs/whitelist.exp index 8553ad94a..11dfa98c8 100755 --- a/test/fs/whitelist.exp +++ b/test/fs/whitelist.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/4bridges_arp.exp b/test/network/4bridges_arp.exp index d96d4e497..4e191ffd6 100755 --- a/test/network/4bridges_arp.exp +++ b/test/network/4bridges_arp.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/4bridges_ip.exp b/test/network/4bridges_ip.exp index cd4d88de9..a613b3e54 100755 --- a/test/network/4bridges_ip.exp +++ b/test/network/4bridges_ip.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/bandwidth.exp b/test/network/bandwidth.exp index de812b602..b8497d936 100755 --- a/test/network/bandwidth.exp +++ b/test/network/bandwidth.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/configure b/test/network/configure index 5220f838a..64d098931 100755 --- a/test/network/configure +++ b/test/network/configure | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | brctl addbr br0 | 6 | brctl addbr br0 |
diff --git a/test/network/dns-print.exp b/test/network/dns-print.exp index 9cdc14a6d..a002daeca 100755 --- a/test/network/dns-print.exp +++ b/test/network/dns-print.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/network/firemon-arp.exp b/test/network/firemon-arp.exp index 71fa1660f..70d129165 100755 --- a/test/network/firemon-arp.exp +++ b/test/network/firemon-arp.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/network/firemon-interfaces.exp b/test/network/firemon-interfaces.exp index f628f2daa..17b9f7535 100755 --- a/test/network/firemon-interfaces.exp +++ b/test/network/firemon-interfaces.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/firemon-route.exp b/test/network/firemon-route.exp index 19a705778..fe2f5a952 100755 --- a/test/network/firemon-route.exp +++ b/test/network/firemon-route.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/network/hostname.exp b/test/network/hostname.exp index 748404e30..205ae8078 100755 --- a/test/network/hostname.exp +++ b/test/network/hostname.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/interface.exp b/test/network/interface.exp index f631b805b..35b22daaf 100755 --- a/test/network/interface.exp +++ b/test/network/interface.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | # | 5 | # |
3 | # interface | 6 | # interface |
4 | # | 7 | # |
diff --git a/test/network/ip6.exp b/test/network/ip6.exp index e4da3a8a6..e1583c22f 100755 --- a/test/network/ip6.exp +++ b/test/network/ip6.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/iprange.exp b/test/network/iprange.exp index 1d360599d..5d270166f 100755 --- a/test/network/iprange.exp +++ b/test/network/iprange.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_arp.exp b/test/network/net_arp.exp index 57a30bf6a..5b170bad5 100755 --- a/test/network/net_arp.exp +++ b/test/network/net_arp.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_badip.exp b/test/network/net_badip.exp index f844885f9..4e20f9040 100755 --- a/test/network/net_badip.exp +++ b/test/network/net_badip.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_defaultgw.exp b/test/network/net_defaultgw.exp index fad4f52aa..9093c7ad4 100755 --- a/test/network/net_defaultgw.exp +++ b/test/network/net_defaultgw.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_defaultgw2.exp b/test/network/net_defaultgw2.exp index 163a2caf3..3ecb1cb51 100755 --- a/test/network/net_defaultgw2.exp +++ b/test/network/net_defaultgw2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_defaultgw3.exp b/test/network/net_defaultgw3.exp index bee80d818..fe745d326 100755 --- a/test/network/net_defaultgw3.exp +++ b/test/network/net_defaultgw3.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_ip.exp b/test/network/net_ip.exp index d51dec994..e67dfd587 100755 --- a/test/network/net_ip.exp +++ b/test/network/net_ip.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_local.exp b/test/network/net_local.exp index 0ce648c0b..c1794f200 100755 --- a/test/network/net_local.exp +++ b/test/network/net_local.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_mac.exp b/test/network/net_mac.exp index 55962ac65..d62a78e39 100755 --- a/test/network/net_mac.exp +++ b/test/network/net_mac.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_macvlan2.exp b/test/network/net_macvlan2.exp index 5a347ed5d..80c85a788 100755 --- a/test/network/net_macvlan2.exp +++ b/test/network/net_macvlan2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_mtu.exp b/test/network/net_mtu.exp index c5f74b5d3..19a488376 100755 --- a/test/network/net_mtu.exp +++ b/test/network/net_mtu.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_netfilter.exp b/test/network/net_netfilter.exp index 1a04212ca..bce067c43 100755 --- a/test/network/net_netfilter.exp +++ b/test/network/net_netfilter.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_noip.exp b/test/network/net_noip.exp index ee0930e01..46ef6f9fb 100755 --- a/test/network/net_noip.exp +++ b/test/network/net_noip.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_noip2.exp b/test/network/net_noip2.exp index d33280047..579661fbc 100755 --- a/test/network/net_noip2.exp +++ b/test/network/net_noip2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_none.exp b/test/network/net_none.exp index ba0722032..6ec4187d3 100755 --- a/test/network/net_none.exp +++ b/test/network/net_none.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_profile.exp b/test/network/net_profile.exp index cc7a3ee53..f31527984 100755 --- a/test/network/net_profile.exp +++ b/test/network/net_profile.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_scan.exp b/test/network/net_scan.exp index 8da1031d9..6cd3804be 100755 --- a/test/network/net_scan.exp +++ b/test/network/net_scan.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_unconfigured.exp b/test/network/net_unconfigured.exp index f66469e5f..349d4c042 100755 --- a/test/network/net_unconfigured.exp +++ b/test/network/net_unconfigured.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/net_veth.exp b/test/network/net_veth.exp index eb140fb9c..ada2d7bd9 100755 --- a/test/network/net_veth.exp +++ b/test/network/net_veth.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/netfilter-template.exp b/test/network/netfilter-template.exp index 2801b4e06..72dfa1653 100755 --- a/test/network/netfilter-template.exp +++ b/test/network/netfilter-template.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/netns.exp b/test/network/netns.exp index 53a3d3dac..cec3151ef 100755 --- a/test/network/netns.exp +++ b/test/network/netns.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/netstats.exp b/test/network/netstats.exp index 1a3b55108..4b47c389d 100755 --- a/test/network/netstats.exp +++ b/test/network/netstats.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/network/network.sh b/test/network/network.sh index c8ff3f1e1..a216f5563 100755 --- a/test/network/network.sh +++ b/test/network/network.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/network/tcpserver.c b/test/network/tcpserver.c index 9de965858..f7f8a41bc 100644 --- a/test/network/tcpserver.c +++ b/test/network/tcpserver.c | |||
@@ -1,5 +1,5 @@ | |||
1 | /* | 1 | /* |
2 | * Copyright (C) 2014-2019 Firejail Authors | 2 | * Copyright (C) 2014-2020 Firejail Authors |
3 | * | 3 | * |
4 | * This file is part of firejail project | 4 | * This file is part of firejail project |
5 | * | 5 | * |
diff --git a/test/network/veth-name.exp b/test/network/veth-name.exp index 8d065da9f..4ad5f868c 100755 --- a/test/network/veth-name.exp +++ b/test/network/veth-name.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/overlay/firefox-x11-xorg.exp b/test/overlay/firefox-x11-xorg.exp index 8a02eb8eb..395a91a1f 100755 --- a/test/overlay/firefox-x11-xorg.exp +++ b/test/overlay/firefox-x11-xorg.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/overlay/firefox-x11.exp b/test/overlay/firefox-x11.exp index b2fa5cfdc..1b3f779bb 100755 --- a/test/overlay/firefox-x11.exp +++ b/test/overlay/firefox-x11.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/overlay/firefox.exp b/test/overlay/firefox.exp index b0e2fd561..fd3c73d32 100755 --- a/test/overlay/firefox.exp +++ b/test/overlay/firefox.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/overlay/fs-named.exp b/test/overlay/fs-named.exp index 0356720bc..abfddabc3 100755 --- a/test/overlay/fs-named.exp +++ b/test/overlay/fs-named.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/overlay/fs-tmpfs.exp b/test/overlay/fs-tmpfs.exp index 20fa315b6..130159ad0 100755 --- a/test/overlay/fs-tmpfs.exp +++ b/test/overlay/fs-tmpfs.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/overlay/fs.exp b/test/overlay/fs.exp index 9debe6536..f8c8150d3 100755 --- a/test/overlay/fs.exp +++ b/test/overlay/fs.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/overlay/overlay.sh b/test/overlay/overlay.sh index bedd66a87..3d4ec06d4 100755 --- a/test/overlay/overlay.sh +++ b/test/overlay/overlay.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/private-lib/atril.exp b/test/private-lib/atril.exp index 391dc09b3..effdf0b7f 100755 --- a/test/private-lib/atril.exp +++ b/test/private-lib/atril.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/dig.exp b/test/private-lib/dig.exp index 2d997076b..a15d5e44a 100755 --- a/test/private-lib/dig.exp +++ b/test/private-lib/dig.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/eog.exp b/test/private-lib/eog.exp index 3a4b403a0..85f9b3e3d 100755 --- a/test/private-lib/eog.exp +++ b/test/private-lib/eog.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/eom.exp b/test/private-lib/eom.exp index cd6bfadb5..a8caf1b01 100755 --- a/test/private-lib/eom.exp +++ b/test/private-lib/eom.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/evince.exp b/test/private-lib/evince.exp index 32538c338..184d9e6e6 100755 --- a/test/private-lib/evince.exp +++ b/test/private-lib/evince.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/galculator.exp b/test/private-lib/galculator.exp index 3ff0b6111..2fc05772e 100755 --- a/test/private-lib/galculator.exp +++ b/test/private-lib/galculator.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/gedit.exp b/test/private-lib/gedit.exp index 90eb9a5c0..00ecfb184 100755 --- a/test/private-lib/gedit.exp +++ b/test/private-lib/gedit.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/gnome-calculator.exp b/test/private-lib/gnome-calculator.exp index 3ec484e05..31c139738 100755 --- a/test/private-lib/gnome-calculator.exp +++ b/test/private-lib/gnome-calculator.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/gnome-logs.exp b/test/private-lib/gnome-logs.exp index ecec5b50c..c143f5c99 100755 --- a/test/private-lib/gnome-logs.exp +++ b/test/private-lib/gnome-logs.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/gnome-nettool.exp b/test/private-lib/gnome-nettool.exp index 6e6e0395b..09841c4a8 100755 --- a/test/private-lib/gnome-nettool.exp +++ b/test/private-lib/gnome-nettool.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/gnome-system-log.exp b/test/private-lib/gnome-system-log.exp index bdc09b8bc..3a81cff8f 100755 --- a/test/private-lib/gnome-system-log.exp +++ b/test/private-lib/gnome-system-log.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/gpicview.exp b/test/private-lib/gpicview.exp index b01df4cbf..cb8b2b040 100755 --- a/test/private-lib/gpicview.exp +++ b/test/private-lib/gpicview.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/leafpad.exp b/test/private-lib/leafpad.exp index 7a4dcd86e..9ef36641a 100755 --- a/test/private-lib/leafpad.exp +++ b/test/private-lib/leafpad.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/mousepad.exp b/test/private-lib/mousepad.exp index 0a69ae432..3bd0f4b77 100755 --- a/test/private-lib/mousepad.exp +++ b/test/private-lib/mousepad.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/pavucontrol.exp b/test/private-lib/pavucontrol.exp index ade658d51..078c29592 100755 --- a/test/private-lib/pavucontrol.exp +++ b/test/private-lib/pavucontrol.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/pluma.exp b/test/private-lib/pluma.exp index 4ba95353c..ac274cbfc 100755 --- a/test/private-lib/pluma.exp +++ b/test/private-lib/pluma.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/private-lib.sh b/test/private-lib/private-lib.sh index 6a5588d5b..724fa4303 100755 --- a/test/private-lib/private-lib.sh +++ b/test/private-lib/private-lib.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3g | 6 | export MALLOC_CHECK_=3g |
diff --git a/test/private-lib/transmission-gtk.exp b/test/private-lib/transmission-gtk.exp index 394e2a58e..1d4b4193e 100755 --- a/test/private-lib/transmission-gtk.exp +++ b/test/private-lib/transmission-gtk.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/whois.exp b/test/private-lib/whois.exp index a15a63569..19cd55d16 100755 --- a/test/private-lib/whois.exp +++ b/test/private-lib/whois.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/private-lib/xcalc.exp b/test/private-lib/xcalc.exp index 768d01773..46d8903ae 100755 --- a/test/private-lib/xcalc.exp +++ b/test/private-lib/xcalc.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/conditional.exp b/test/profiles/conditional.exp index e124f22cd..fc84581c2 100755 --- a/test/profiles/conditional.exp +++ b/test/profiles/conditional.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/ignore.exp b/test/profiles/ignore.exp index 0b5d92b70..7c065ef5c 100755 --- a/test/profiles/ignore.exp +++ b/test/profiles/ignore.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/profile_appname.exp b/test/profiles/profile_appname.exp index aadb86975..1148fd764 100755 --- a/test/profiles/profile_appname.exp +++ b/test/profiles/profile_appname.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/profile_followlnk.exp b/test/profiles/profile_followlnk.exp index eb3d04852..272f4437d 100755 --- a/test/profiles/profile_followlnk.exp +++ b/test/profiles/profile_followlnk.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/profiles/profile_noperm.exp b/test/profiles/profile_noperm.exp index 9f8cb54e2..d5f29b0ee 100755 --- a/test/profiles/profile_noperm.exp +++ b/test/profiles/profile_noperm.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/profiles/profile_readonly.exp b/test/profiles/profile_readonly.exp index c1c9544a6..57f1a61a6 100755 --- a/test/profiles/profile_readonly.exp +++ b/test/profiles/profile_readonly.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/profiles/profile_recursivity.exp b/test/profiles/profile_recursivity.exp index 0485573a1..22a97c96c 100755 --- a/test/profiles/profile_recursivity.exp +++ b/test/profiles/profile_recursivity.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/profile_syntax.exp b/test/profiles/profile_syntax.exp index fc9a8f1c8..8d4b13f74 100755 --- a/test/profiles/profile_syntax.exp +++ b/test/profiles/profile_syntax.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/profile_syntax2.exp b/test/profiles/profile_syntax2.exp index 74dcd429a..c0d0656da 100755 --- a/test/profiles/profile_syntax2.exp +++ b/test/profiles/profile_syntax2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/profiles.sh b/test/profiles/profiles.sh index 52ee74234..69f0dc086 100755 --- a/test/profiles/profiles.sh +++ b/test/profiles/profiles.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/profiles/test-profile.exp b/test/profiles/test-profile.exp index 7b552a1ca..51f87d51d 100755 --- a/test/profiles/test-profile.exp +++ b/test/profiles/test-profile.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/profiles/test.profile b/test/profiles/test.profile index 1d69cc960..26d6de849 100644 --- a/test/profiles/test.profile +++ b/test/profiles/test.profile | |||
@@ -1,5 +1,5 @@ | |||
1 | blacklist /sbin/iptables | 1 | blacklist /sbin/iptables |
2 | blacklist /etc/shadow | 2 | blacklist /etc/shadow |
3 | blacklist /bin/rmdir | 3 | blacklist /bin/rmdir |
4 | blacklist ${PATH}/umount | 4 | blacklist ${PATH}/umount |
5 | blacklist ${PATH}/mount | 5 | blacklist ${PATH}/mount |
diff --git a/test/root/apache2.exp b/test/root/apache2.exp index 88678d666..4d2379325 100755 --- a/test/root/apache2.exp +++ b/test/root/apache2.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 5 | 6 | set timeout 5 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/cgroup.exp b/test/root/cgroup.exp index 06e2448e4..3b7db5139 100755 --- a/test/root/cgroup.exp +++ b/test/root/cgroup.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/checkcfg.exp b/test/root/checkcfg.exp index 5c5dcc055..ff40035e3 100755 --- a/test/root/checkcfg.exp +++ b/test/root/checkcfg.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/firecfg.exp b/test/root/firecfg.exp index 872365570..b182eee13 100755 --- a/test/root/firecfg.exp +++ b/test/root/firecfg.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/firemon-events.exp b/test/root/firemon-events.exp index 8f6dd583b..398342566 100755 --- a/test/root/firemon-events.exp +++ b/test/root/firemon-events.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/isc-dhcp.exp b/test/root/isc-dhcp.exp index 24243d6bb..13177d383 100755 --- a/test/root/isc-dhcp.exp +++ b/test/root/isc-dhcp.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 5 | 6 | set timeout 5 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/join.exp b/test/root/join.exp index 54a86a8f0..c9b9de110 100755 --- a/test/root/join.exp +++ b/test/root/join.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/login_nobody.exp b/test/root/login_nobody.exp index 7f5294af8..448b0957a 100755 --- a/test/root/login_nobody.exp +++ b/test/root/login_nobody.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/nginx.exp b/test/root/nginx.exp index b98b50af6..5db6a4573 100755 --- a/test/root/nginx.exp +++ b/test/root/nginx.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 5 | 6 | set timeout 5 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/option_bind_directory.exp b/test/root/option_bind_directory.exp index 2156c7dfa..1df318be1 100755 --- a/test/root/option_bind_directory.exp +++ b/test/root/option_bind_directory.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/option_bind_file.exp b/test/root/option_bind_file.exp index 107d8bccb..9631ae39d 100755 --- a/test/root/option_bind_file.exp +++ b/test/root/option_bind_file.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/option_tmpfs.exp b/test/root/option_tmpfs.exp index cac692cb2..ab0a9f0f1 100755 --- a/test/root/option_tmpfs.exp +++ b/test/root/option_tmpfs.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/private.exp b/test/root/private.exp index 3e93683ba..ef4cf2ee2 100755 --- a/test/root/private.exp +++ b/test/root/private.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/profile_tmpfs.exp b/test/root/profile_tmpfs.exp index bcb632c20..c56b827e4 100755 --- a/test/root/profile_tmpfs.exp +++ b/test/root/profile_tmpfs.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/root.sh b/test/root/root.sh index 363865fad..0c88e67d1 100755 --- a/test/root/root.sh +++ b/test/root/root.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | # set a new firejail config file | 6 | # set a new firejail config file |
4 | #cp firejail.config /etc/firejail/firejail.config | 7 | #cp firejail.config /etc/firejail/firejail.config |
diff --git a/test/root/seccomp-chmod.exp b/test/root/seccomp-chmod.exp index ac8f9121b..219c8cf60 100755 --- a/test/root/seccomp-chmod.exp +++ b/test/root/seccomp-chmod.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/seccomp-chown.exp b/test/root/seccomp-chown.exp index 9b8fe05ef..80d3eb92e 100755 --- a/test/root/seccomp-chown.exp +++ b/test/root/seccomp-chown.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/seccomp-umount.exp b/test/root/seccomp-umount.exp index 706fa6d00..37ae71736 100755 --- a/test/root/seccomp-umount.exp +++ b/test/root/seccomp-umount.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/root/snmpd.exp b/test/root/snmpd.exp index 610fdb13a..7e6deca04 100755 --- a/test/root/snmpd.exp +++ b/test/root/snmpd.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 5 | 6 | set timeout 5 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/unbound.exp b/test/root/unbound.exp index 9c496306a..87d840323 100755 --- a/test/root/unbound.exp +++ b/test/root/unbound.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 5 | 6 | set timeout 5 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/root/whitelist.exp b/test/root/whitelist.exp index 51611bda2..e5bcaac24 100755 --- a/test/root/whitelist.exp +++ b/test/root/whitelist.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/ssh/login.exp b/test/ssh/login.exp index 479292c91..67667576e 100755 --- a/test/ssh/login.exp +++ b/test/ssh/login.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/ssh/scp.exp b/test/ssh/scp.exp index 355125751..a6583545c 100755 --- a/test/ssh/scp.exp +++ b/test/ssh/scp.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/ssh/sftp.exp b/test/ssh/sftp.exp index 3b0124ec7..0d9792de8 100755 --- a/test/ssh/sftp.exp +++ b/test/ssh/sftp.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/ssh/ssh.sh b/test/ssh/ssh.sh index e7de1babd..77dc89f2f 100755 --- a/test/ssh/ssh.sh +++ b/test/ssh/ssh.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/stress/blacklist.exp b/test/stress/blacklist.exp index 5ea39779d..149f8f3df 100755 --- a/test/stress/blacklist.exp +++ b/test/stress/blacklist.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/stress/env.exp b/test/stress/env.exp index 85c9e4bf6..2ac0c6226 100755 --- a/test/stress/env.exp +++ b/test/stress/env.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/stress/net_macvlan.exp b/test/stress/net_macvlan.exp index 7a732bf48..b8d192d2c 100755 --- a/test/stress/net_macvlan.exp +++ b/test/stress/net_macvlan.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/stress/stress.sh b/test/stress/stress.sh index 6853c5a13..f3488a0cf 100755 --- a/test/stress/stress.sh +++ b/test/stress/stress.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/sysutils/cpio.exp b/test/sysutils/cpio.exp index 9d13b4e44..1d0d43543 100755 --- a/test/sysutils/cpio.exp +++ b/test/sysutils/cpio.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/file.exp b/test/sysutils/file.exp index f530dc152..74d5c3064 100755 --- a/test/sysutils/file.exp +++ b/test/sysutils/file.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/gzip.exp b/test/sysutils/gzip.exp index 38313fd11..d81b78aba 100755 --- a/test/sysutils/gzip.exp +++ b/test/sysutils/gzip.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/less.exp b/test/sysutils/less.exp index 436abfc2b..2bfb60302 100755 --- a/test/sysutils/less.exp +++ b/test/sysutils/less.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/ping.exp b/test/sysutils/ping.exp index d92aaa44f..58bcb6111 100755 --- a/test/sysutils/ping.exp +++ b/test/sysutils/ping.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/strings.exp b/test/sysutils/strings.exp index 0be00fc7c..2b6c3848a 100755 --- a/test/sysutils/strings.exp +++ b/test/sysutils/strings.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/sysutils.sh b/test/sysutils/sysutils.sh index 3f5ed33cb..fe931b045 100755 --- a/test/sysutils/sysutils.sh +++ b/test/sysutils/sysutils.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/sysutils/tar.exp b/test/sysutils/tar.exp index 29e156acd..4ed7bace4 100755 --- a/test/sysutils/tar.exp +++ b/test/sysutils/tar.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/xz.exp b/test/sysutils/xz.exp index 93c83e814..63b1ad3c7 100755 --- a/test/sysutils/xz.exp +++ b/test/sysutils/xz.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/sysutils/xzdec.exp b/test/sysutils/xzdec.exp index 6fec59d58..02621bbf0 100755 --- a/test/sysutils/xzdec.exp +++ b/test/sysutils/xzdec.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/audit.exp b/test/utils/audit.exp index 15400da31..6ce763e3f 100755 --- a/test/utils/audit.exp +++ b/test/utils/audit.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/build.exp b/test/utils/build.exp index 44b73179c..ae46ffa6e 100755 --- a/test/utils/build.exp +++ b/test/utils/build.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/caps-print.exp b/test/utils/caps-print.exp index bfa88f3de..753511536 100755 --- a/test/utils/caps-print.exp +++ b/test/utils/caps-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/catchsignal-master.sh b/test/utils/catchsignal-master.sh index 62a1801cc..e8a5205bb 100755 --- a/test/utils/catchsignal-master.sh +++ b/test/utils/catchsignal-master.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | ./catchsignal.sh & | 6 | ./catchsignal.sh & |
4 | ./catchsignal.sh & | 7 | ./catchsignal.sh & |
diff --git a/test/utils/catchsignal.sh b/test/utils/catchsignal.sh index 87a1d0adf..de2c068b3 100755 --- a/test/utils/catchsignal.sh +++ b/test/utils/catchsignal.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | _term() { | 6 | _term() { |
4 | echo "Caught Signal" | 7 | echo "Caught Signal" |
diff --git a/test/utils/catchsignal2.sh b/test/utils/catchsignal2.sh index 424350397..6499972d8 100755 --- a/test/utils/catchsignal2.sh +++ b/test/utils/catchsignal2.sh | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | _term() { | 6 | _term() { |
4 | echo "Caught Signal" | 7 | echo "Caught Signal" |
diff --git a/test/utils/command.exp b/test/utils/command.exp index a55d5436c..a2f7e4204 100755 --- a/test/utils/command.exp +++ b/test/utils/command.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/cpu-print.exp b/test/utils/cpu-print.exp index 311a031f8..8b3b51dba 100755 --- a/test/utils/cpu-print.exp +++ b/test/utils/cpu-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/dns-print.exp b/test/utils/dns-print.exp index be55d3db2..edbe66a51 100755 --- a/test/utils/dns-print.exp +++ b/test/utils/dns-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-caps.exp b/test/utils/firemon-caps.exp index ec92a0383..a51e5a765 100755 --- a/test/utils/firemon-caps.exp +++ b/test/utils/firemon-caps.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-cgroup.exp b/test/utils/firemon-cgroup.exp index 91a1eb891..f7c6e0adb 100755 --- a/test/utils/firemon-cgroup.exp +++ b/test/utils/firemon-cgroup.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-cpu.exp b/test/utils/firemon-cpu.exp index eb98993f9..90bb702a3 100755 --- a/test/utils/firemon-cpu.exp +++ b/test/utils/firemon-cpu.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-interface.exp b/test/utils/firemon-interface.exp index ba3ecf9ac..ff3cea8bb 100755 --- a/test/utils/firemon-interface.exp +++ b/test/utils/firemon-interface.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-name.exp b/test/utils/firemon-name.exp index 883c516fc..88e41d96d 100755 --- a/test/utils/firemon-name.exp +++ b/test/utils/firemon-name.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-seccomp.exp b/test/utils/firemon-seccomp.exp index db5ea7d8a..a8c7fc24d 100755 --- a/test/utils/firemon-seccomp.exp +++ b/test/utils/firemon-seccomp.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/firemon-version.exp b/test/utils/firemon-version.exp index e1bb3e931..837bf0f92 100755 --- a/test/utils/firemon-version.exp +++ b/test/utils/firemon-version.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/fs-print.exp b/test/utils/fs-print.exp index 20153829d..736c309ec 100755 --- a/test/utils/fs-print.exp +++ b/test/utils/fs-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/help.exp b/test/utils/help.exp index 0105c74f4..77c2e6ec3 100755 --- a/test/utils/help.exp +++ b/test/utils/help.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/join-profile.exp b/test/utils/join-profile.exp index 716bd2947..b44f44cfe 100755 --- a/test/utils/join-profile.exp +++ b/test/utils/join-profile.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/utils/join.exp b/test/utils/join.exp index 1d2ad2a26..1f1a905b2 100755 --- a/test/utils/join.exp +++ b/test/utils/join.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/join2.exp b/test/utils/join2.exp index ea40a80b3..6c26db4e9 100755 --- a/test/utils/join2.exp +++ b/test/utils/join2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/join3.exp b/test/utils/join3.exp index eeb5ccc30..74dad7070 100755 --- a/test/utils/join3.exp +++ b/test/utils/join3.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/join4.exp b/test/utils/join4.exp index 80dcae93a..d04cbee46 100755 --- a/test/utils/join4.exp +++ b/test/utils/join4.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/list.exp b/test/utils/list.exp index 82f6324e5..fefdd4787 100755 --- a/test/utils/list.exp +++ b/test/utils/list.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/ls.exp b/test/utils/ls.exp index ff6867c51..b70f53a74 100755 --- a/test/utils/ls.exp +++ b/test/utils/ls.exp | |||
@@ -1,4 +1,7 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2020 Firejail Authors | ||
4 | # License GPL v2 | ||
2 | 5 | ||
3 | set timeout 10 | 6 | set timeout 10 |
4 | spawn $env(SHELL) | 7 | spawn $env(SHELL) |
diff --git a/test/utils/man.exp b/test/utils/man.exp index da2a8a565..3cde9f2c8 100755 --- a/test/utils/man.exp +++ b/test/utils/man.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/name.exp b/test/utils/name.exp index 456f55252..3a1dfb640 100755 --- a/test/utils/name.exp +++ b/test/utils/name.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/profile_print.exp b/test/utils/profile_print.exp index 83faaf74d..ddeeb8af6 100755 --- a/test/utils/profile_print.exp +++ b/test/utils/profile_print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/protocol-print.exp b/test/utils/protocol-print.exp index fb181f564..c44a659e1 100755 --- a/test/utils/protocol-print.exp +++ b/test/utils/protocol-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/seccomp-print.exp b/test/utils/seccomp-print.exp index 2dc4a8287..41a6ce778 100755 --- a/test/utils/seccomp-print.exp +++ b/test/utils/seccomp-print.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/shutdown.exp b/test/utils/shutdown.exp index 0d5ec5d63..0f6cab8bb 100755 --- a/test/utils/shutdown.exp +++ b/test/utils/shutdown.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/shutdown2.exp b/test/utils/shutdown2.exp index a07241340..463c2fb78 100755 --- a/test/utils/shutdown2.exp +++ b/test/utils/shutdown2.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/shutdown3.exp b/test/utils/shutdown3.exp index 847e63706..9e92889dc 100755 --- a/test/utils/shutdown3.exp +++ b/test/utils/shutdown3.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/shutdown4.exp b/test/utils/shutdown4.exp index 3d4f718cb..e7733ca41 100755 --- a/test/utils/shutdown4.exp +++ b/test/utils/shutdown4.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/top.exp b/test/utils/top.exp index 3faf69080..2ef6f0375 100755 --- a/test/utils/top.exp +++ b/test/utils/top.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/trace.exp b/test/utils/trace.exp index 1b6db17be..5df44c1ca 100755 --- a/test/utils/trace.exp +++ b/test/utils/trace.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 30 | 6 | set timeout 30 |
diff --git a/test/utils/tree.exp b/test/utils/tree.exp index 09eb29029..82045e8c9 100755 --- a/test/utils/tree.exp +++ b/test/utils/tree.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |
diff --git a/test/utils/utils.sh b/test/utils/utils.sh index b5b90a22d..82ccc82bb 100755 --- a/test/utils/utils.sh +++ b/test/utils/utils.sh | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | export MALLOC_CHECK_=3 | 6 | export MALLOC_CHECK_=3 |
diff --git a/test/utils/version.exp b/test/utils/version.exp index aad3b72e0..c78a087bb 100755 --- a/test/utils/version.exp +++ b/test/utils/version.exp | |||
@@ -1,6 +1,6 @@ | |||
1 | #!/usr/bin/expect -f | 1 | #!/usr/bin/expect -f |
2 | # This file is part of Firejail project | 2 | # This file is part of Firejail project |
3 | # Copyright (C) 2014-2019 Firejail Authors | 3 | # Copyright (C) 2014-2020 Firejail Authors |
4 | # License GPL v2 | 4 | # License GPL v2 |
5 | 5 | ||
6 | set timeout 10 | 6 | set timeout 10 |