| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Configure summary: autoconf essentially only parses configure.ac and
generates the configure script (that is, the "./configure" shell
script). The latter is what actually checks what is available on the
system and internally sets the value of the output variables. It then,
for every filename foo in AC_CONFIG_FILES (and for every output variable
name BAR in AC_SUBST), reads foo.in, replaces every occurrence of
`@BAR@` with the value of the shell variable `$BAR` and generates the
file foo from the result. After this, configure is finished and `make`
could be executed to start the build.
Now that (as of #5140) all output variables are only defined on
config.mk.in and on config.sh.in, there is no need to generate any
makefile nor any other mkfile or shell script at configure time. So
rename every "Makefile.in" to "Makefile", mkdeb.sh.in to mkdeb.sh,
src/common.mk.in to src/common.mk and leave just config.mk and config.sh
as the files to be generated at configure time.
This allows editing and committing all makefiles directly, without
potentially having to run ./configure in between.
Commands used to rename the makefiles:
$ git ls-files -z -- '*Makefile.in' | xargs -0 -I '{}' sh -c \
"git mv '{}' \"\$(dirname '{}')/Makefile\""
Additionally, from my (rudimentary) testing, this commit reduces the
time it takes to run ./configure by about 20~25% compared to commit
72ece92ea ("Transmission fixes: drop private-lib (#5213)", 2022-06-22).
Environment: dash 0.5.11.5-1, gcc 12.1.0-2, Artix Linux, ext4 on an HDD.
Commands used for benchmarking each commit:
$ : >time_configure && ./configure && make distclean &&
for i in $(seq 1 10); do
{ time -p ./configure; } 2>>time_configure; done
$ grep real time_configure |
awk '{ total += $2 } END { print total/NR }'
|
| |
|
|
|
|
|
| |
This amends commit 9a0fbbd71 ("mkdeb.sh.in: pass remaining arguments to
./configure", 2022-05-13) / PR #5154.
See also #5176.
|
| |
|
|
|
|
|
| |
The "cgroup" option was removed from etc/firejail.config on commit
73b089092 ("disable cgroup code", 2022-06-13).
Relates to #5200.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit b4d0b24c533c8aebb8961bf658e3b41580b073e2.
This amends commit 56b86f8ac ("Revert "Makefile.in: stop running
distclean on dist"", 2022-06-08) / PR #5182. Since the revert, `make
dist` itself already runs `make distclean`.
This also means that it is no longer necessary to run ./configure (to
generate "Makefile" from "Makefile.in") before running
./contrib/fj-mkdeb.py.
Misc: This is not a clean revert.
Relates to #5154.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, mkdeb.sh (which is used to make a .deb package) runs
./configure with hardcoded options (some of which are automatically
detected based on configure-time variables). To work around the
hardcoding, contrib/fj-mkdeb.py is used to add additional options by
rewriting the actual call to ./configure on mkdeb.sh. For example, the
following invocation adds --disable-firetunnel to mkdeb.sh:
$ ./configure && ./contrib/fj-mkdeb.py --disable-firetunnel
To avoid depending on another script and to avoid re-generating
mkdeb.sh, just let the latter pass the remaining arguments (the first
one is an optional package filename suffix) to ./configure directly.
Example:
$ make distclean && ./configure && make dist &&
./mkdeb.sh "" --disable-firetunnel
Additionally, change contrib/fj-mkdeb.py to do roughly the same as the
above example, by simply forwarding the arguments that it receives to
./mkdeb.sh (which then forwards them to ./configure). Also, remove the
--only-fix-mkdeb option, since the script does not change mkdeb.sh
anymore. With these changes, the script's usage (other than when using
--only-fix-mkdeb) should remain the same.
Note: To clean the generated files and then make a .deb package using
the default configuration, the invocation is still the same:
$ make distclean && ./configure && make deb
Note2: Running ./configure in the above examples is only needed for
generating Makefile/mkdeb.sh from Makefile.in/mkdeb.sh.in after running
distclean, so that running `make` / `./mkdeb.sh` afterwards works.
Should fully fix #772.
Relates to #1205 #3414 #5148.
|
| |
|
|
|
|
|
| |
This (mostly) restores the behavior from before commit 1fb814e51
("Makefile.in: stop running distclean on dist", 2022-05-13) / PR #5142.
./configure still has to be called before calling ./contrib/fj-mkdeb.py
(to generate Makefile from Makefile.in before calling `make distclean`).
|
| | |
|
| | |
|
| |\
| |
| | |
noprinters: add missing items & add to profile.template
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
See CONTRIBUTING.md.
The changes are based on what was done on commit 5a612029b ("rename
noautopulse to keep-config-pulse", 2021-05-13) / PR #4278.
This amends commit bd15e763e ("--noprinter option", 2021-10-20) and
commit d9403dcdc ("small fix", 2021-10-20).
Relates to #4607.
|
| |/ |
|
| | |
|
| |\
| |
| | |
Add new condition ALLOW_TRAY
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Curerently sys.argv is accessed without checks, resulting in an
IndexError:
```
Traceback (most recent call last):
File "/home/rusty-snake/Projects/firejail/contrib/jail_prober.py", line 205, in <module>
main()
File "/home/rusty-snake/Projects/firejail/contrib/jail_prober.py", line 170, in main
profile_path = sys.argv[1]
IndexError: list index out of range
```
This commit catches this IndexError and prints a more helpfull message
instaed:
```
USAGE: jail_prober.py <PROFILE-PATH> <PROGRAM>
```
|
| | |
|
| | |
|
| |
|
|
|
| |
this is a bit nicer, as it does not overwrite the filetype if it
already has been set.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
* add the keep-config-pulse option
* make noautopulse an alias for keep-config-pulse
* deprecate the noautopulse option
* misc: fix indentation of --keep-dev-shm on src/firejail/usage.c
Even though noautopulse is not intended for hardening, it looks like it
is, because it starts with "no", just like no3d, noroot, etc). In fact,
it is the only "no" option that differs in such a way.
And it has been accidentally misused as such before; see PR #4269 and
commit e4beaeaa8 ("drop noautopulse from agetpkg").
So effectively rename it to keep-config-pulse in order to avoid
confusion. This is similar to the keep-var-tmp and keep-dev-shm
options, which are used to "leave a path alone", just like noautopulse.
Note: The changes on this patch are based on the ones from commit
617ff40c9 ("add --noautopulse arg for complex pulse setups") / PR #1854.
See #4269 for the discussion.
|
| |
|
|
|
|
|
|
|
| |
Added on commit a90386d77 ("Map /dev/input with "--private-dev", add
"--no-input" option to disable it") / PR #4209. See also commit
0cee0ba5a ("Add noinput to all profiles with private-dev") / PR #4239.
Misc: I noticed that it was missing due to the lack of syntax
highlighting on etc/profile-m-z/webstorm.profile.
|
| |
|
| |
Support "+", "-" and "=" prefixes (introduced in cddc4832 + 5ffd9287)
|
| |\
| |
| | |
contrib/firejail-welcome.sh: fix copyright year
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Append the current year rather than replace the previous one.
This amends commit 2609e5cf0 ("copyright update").
Commands that helped catch this:
$ git show --pretty='' 2609e5cf0 | sed -n 's/^-.*Copyright //p' |
LC_ALL=C sort | uniq
(C) 2014-2020 Firejail Authors
(C) 2014-2020 Firejail Authors (see README file for more details)
(C) 2020 Firejail Authors
(C) 2020 Firejail and systemd authors
(c) 2019,2020 rusty-snake
$ git show --pretty='' 2609e5cf0 | sed -n 's/^+.*Copyright //p' |
LC_ALL=C sort | uniq
(C) 2014-2021 Firejail Authors
(C) 2014-2021 Firejail Authors (see README file for more details)
(C) 2020-2021 Firejail Authors
(C) 2020-2021 Firejail and systemd authors
(C) 2021 Firejail Authors
(c) 2019-2021 rusty-snake
|
| |\ \
| |/
|/| |
Sort.py updates
|
| | |
| |
| | |
Co-authored-by: Kelvin M. Klann <kmk3.code@protonmail.com>
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| |
|
|
| |
typos, spelling and other fixes. thanks @reinerh for all these
|
| |
|
|
| |
fix #3797 -- Get ride of all these u2f and drm issues
|
| | |
|
| |
|
|
|
|
|
| |
As is, this will not execute because env attempts to locate the
executable 'python\r', which does not exist.
Signed-off-by: Hank Leininger <hlein@korelogic.com>
|
| |
|
|
| |
Will do a more in-depth review later, these are just style improvements
|
| |
|
|
|
|
| |
This will simplify some distro packagings of firejail.
Signed-off-by: Hank Leininger <hlein@korelogic.com>
|
| | |
|
| | |
|
| | |
|
Kelvin M. Klann
netblue30
smitsohu
rusty-snake
a1346054
Florian Begusch
Reiner Herrmann
glitsj16
startx2017
Hank Leininger
Fred Barclay
alpha
laniakea64