From 981ba13ec0b8a88f79b128a09b36bc1474c0f0a1 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Fri, 21 Oct 2016 09:44:58 -0400 Subject: 0.9.44 testing --- RELNOTES | 7 ++++--- configure | 18 +++++++++--------- configure.ac | 2 +- src/firejail/main.c | 1 - src/man/firejail-login.txt | 4 ++++ 5 files changed, 18 insertions(+), 14 deletions(-) diff --git a/RELNOTES b/RELNOTES index f1d6a8da1..8617d2db7 100644 --- a/RELNOTES +++ b/RELNOTES @@ -1,6 +1,5 @@ -firejail (0.9.44~rc1) baseline; urgency=low +firejail (0.9.44) baseline; urgency=low * CVE-2016-7545 submitted by Aleksey Manevich - * development version * modifs: removed man firejail-config * modifs: --private-tmp whitelists /tmp/.X11-unix directory * modifs: Nvidia drivers added to --private-dev @@ -18,12 +17,14 @@ firejail (0.9.44~rc1) baseline; urgency=low * feature: disable 3D hardware acceleration (--no3d) * feature: x11 xpra, x11 xephyr, x11 block, allusers, no3d profile commands * feature: move files in sandbox (--put) + * feature: accept wildcard patterns in user name field of restricted + shell login feature * new profiles: qpdfview, mupdf, Luminance HDR, Synfig Studio, Gimp, Inkscape * new profiles: feh, ranger, zathura, 7z, keepass, keepassx, * new profiles: claws-mail, mutt, git, emacs, vim, xpdf, VirtualBox, OpenShot * new profiles: Flowblade, Eye of GNOME (eog), Evolution * bugfixes - -- netblue30 Sat, 15 Sept 2016 08:00:00 -0500 + -- netblue30 Fri, 21 Oct 2016 08:00:00 -0500 firejail (0.9.42) baseline; urgency=low * security: --whitelist deleted files, submitted by Vasya Novikov diff --git a/configure b/configure index 9a33f0401..b92d9071c 100755 --- a/configure +++ b/configure @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for firejail 0.9.44~rc2. +# Generated by GNU Autoconf 2.69 for firejail 0.9.44. # # Report bugs to . # @@ -580,8 +580,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='firejail' PACKAGE_TARNAME='firejail' -PACKAGE_VERSION='0.9.44~rc2' -PACKAGE_STRING='firejail 0.9.44~rc2' +PACKAGE_VERSION='0.9.44' +PACKAGE_STRING='firejail 0.9.44' PACKAGE_BUGREPORT='netblue30@yahoo.com' PACKAGE_URL='http://firejail.wordpress.com' @@ -1259,7 +1259,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures firejail 0.9.44~rc2 to adapt to many kinds of systems. +\`configure' configures firejail 0.9.44 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1320,7 +1320,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of firejail 0.9.44~rc2:";; + short | recursive ) echo "Configuration of firejail 0.9.44:";; esac cat <<\_ACEOF @@ -1424,7 +1424,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -firejail configure 0.9.44~rc2 +firejail configure 0.9.44 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1726,7 +1726,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by firejail $as_me 0.9.44~rc2, which was +It was created by firejail $as_me 0.9.44, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -4303,7 +4303,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by firejail $as_me 0.9.44~rc2, which was +This file was extended by firejail $as_me 0.9.44, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -4357,7 +4357,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -firejail config.status 0.9.44~rc2 +firejail config.status 0.9.44 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index 4496550fd..da4b31591 100644 --- a/configure.ac +++ b/configure.ac @@ -1,5 +1,5 @@ AC_PREREQ([2.68]) -AC_INIT(firejail, 0.9.44~rc2, netblue30@yahoo.com, , http://firejail.wordpress.com) +AC_INIT(firejail, 0.9.44, netblue30@yahoo.com, , http://firejail.wordpress.com) AC_CONFIG_SRCDIR([src/firejail/main.c]) #AC_CONFIG_HEADERS([config.h]) diff --git a/src/firejail/main.c b/src/firejail/main.c index 0872a11bb..b5a97c71e 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -2579,7 +2579,6 @@ int main(int argc, char **argv) { g = get_group_id("games"); if (g) { sprintf(ptr, "%d %d 1\n", g, g); - ptr += strlen(ptr); } EUID_ROOT(); diff --git a/src/man/firejail-login.txt b/src/man/firejail-login.txt index 691217253..796179d0b 100644 --- a/src/man/firejail-login.txt +++ b/src/man/firejail-login.txt @@ -13,6 +13,10 @@ Example: netblue:--net=none --protocol=unix +Wildcard patterns are accepted in the user name field: + + user*: --private + .SH RESTRICTED SHELL To configure a restricted shell, replace /bin/bash with /usr/bin/firejail in /etc/passwd file for each user that needs to be restricted. Alternatively, -- cgit v1.2.3-54-g00ecf