From 6cc001b20d6a474947f586d6b7180aed3620631e Mon Sep 17 00:00:00 2001 From: netblue30 Date: Tue, 10 Oct 2017 20:47:08 -0400 Subject: private-lib cleanup --- RELNOTES | 1 + etc/kcalc.profile | 2 +- etc/ktorrent.profile | 2 +- etc/qbittorrent.profile | 2 +- etc/transmission-qt.profile | 2 +- src/firejail/fs_lib2.c | 4 ++-- src/fldd/main.c | 6 +++--- test/private-lib/private-lib.sh | 4 ++-- 8 files changed, 12 insertions(+), 11 deletions(-) diff --git a/RELNOTES b/RELNOTES index 4c272ccee..0e685ec9b 100644 --- a/RELNOTES +++ b/RELNOTES @@ -2,6 +2,7 @@ firejail (0.9.51) baseline; urgency=low * work in progress! * enhancement: support Firejail user config directory in firecfg * enhancement: disable DBus activation in firecfg + * feature: GTK2, GTK3 and Qt4 private-lib support * feature: --writable-run-user * feature: profile build tool (--build) -- netblue30 Thu, 14 Sep 2017 20:00:00 -0500 diff --git a/etc/kcalc.profile b/etc/kcalc.profile index f827d7651..48c339082 100644 --- a/etc/kcalc.profile +++ b/etc/kcalc.profile @@ -31,7 +31,7 @@ disable-mnt private private-bin kcalc private-dev -private-lib +# private-lib - problems on Arch private-tmp noexec ${HOME} diff --git a/etc/ktorrent.profile b/etc/ktorrent.profile index b597e29c1..99e185ce3 100644 --- a/etc/ktorrent.profile +++ b/etc/ktorrent.profile @@ -49,7 +49,7 @@ shell none private-bin ktorrent private-dev -private-lib +# private-lib - problems on Arch private-tmp # memory-deny-write-execute diff --git a/etc/qbittorrent.profile b/etc/qbittorrent.profile index 0636482b5..32eb7de5b 100644 --- a/etc/qbittorrent.profile +++ b/etc/qbittorrent.profile @@ -44,7 +44,7 @@ shell none private-bin qbittorrent private-dev # private-etc X11,fonts,xdg,resolv.conf -private-lib +# private-lib - problems on Arch private-tmp memory-deny-write-execute diff --git a/etc/transmission-qt.profile b/etc/transmission-qt.profile index 50c876250..1da9afb5a 100644 --- a/etc/transmission-qt.profile +++ b/etc/transmission-qt.profile @@ -36,7 +36,7 @@ tracelog private-bin transmission-qt private-dev -private-lib +# private-lib - problems on Arch private-tmp memory-deny-write-execute diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index 4c2c15ebd..307a6b11b 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c @@ -191,14 +191,14 @@ SysLib syslibs[] = { "", // dir2 "Enchant (speller)" // message }, - { + { // Qt5 - lots of problems on Arch Linux, Qt5 version 5.9.1 - disabled in all apps profiles "libQt5", // library 0, 0, // len and found flag "qt5", // dir1 "gdk-pixbuf-2.0", // dir2 "Qt5, GdkPixbuf" // message }, - { + { // Qt4 "libQtCore", // library 0, 0, // len and found flag "qt4", // dir1 diff --git a/src/fldd/main.c b/src/fldd/main.c index fd5c835b3..0d8292a76 100644 --- a/src/fldd/main.c +++ b/src/fldd/main.c @@ -52,9 +52,9 @@ static const char * const default_lib_paths[] = { "/usr/lib/x86_64-linux-gnu", LIBDIR, "/usr/local/lib", - "/usr/lib/x86_64-linux-gnu/mesa", // libGL.so is sometimes a symlink into this directory - "/usr/lib/x86_64-linux-gnu/mesa-egl", // libGL.so is sometimes a symlink into this directory - "/usr/lib/x86_64-linux-gnu/plasma-discover", + "/usr/lib/x86_64-linux-gnu/mesa", // libGL.so is sometimes a symlink into this directory + "/usr/lib/x86_64-linux-gnu/mesa-egl", // libGL.so is sometimes a symlink into this directory +// "/usr/lib/x86_64-linux-gnu/plasma-discover", NULL }; diff --git a/test/private-lib/private-lib.sh b/test/private-lib/private-lib.sh index 26a8d7420..5718d33d7 100755 --- a/test/private-lib/private-lib.sh +++ b/test/private-lib/private-lib.sh @@ -5,7 +5,8 @@ export MALLOC_CHECK_=3 export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) -LIST="evince galculator gnome-calculator hexchat kcalc ktorrent leafpad mousepad qbittorrent transmission-gtk transmission-qt xcalc" +# LIST="evince galculator gnome-calculator hexchat kcalc ktorrent leafpad mousepad qbittorrent transmission-gtk transmission-qt xcalc" +LIST="evince galculator gnome-calculator hexchat leafpad mousepad transmission-gtk xcalc" for app in $LIST; do @@ -18,4 +19,3 @@ for app in $LIST; do echo "TESTING SKIP: $app not found" fi done -exit -- cgit v1.2.3-54-g00ecf