diff --git a/firejail-0.9.64.4.tar.xz b/firejail-0.9.64.4.tar.xz deleted file mode 100644 index b0fe2cf..0000000 --- a/firejail-0.9.64.4.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:2bdaf71fff00d7551b6a4f584f3f7152821b6f9b9d416ee098f4aeaf3a02dff1 -size 431116 diff --git a/firejail-0.9.64.4.tar.xz.asc b/firejail-0.9.64.4.tar.xz.asc deleted file mode 100644 index be0b5b2..0000000 --- a/firejail-0.9.64.4.tar.xz.asc +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQEzBAABCgAdFiEE+VEWSZX1xABqc0EeLMs2rfxYSacFAmAgaDAACgkQLMs2rfxY -Saf3hAf9F3DpYlTEO2TXter+Losk9UOi7S91SqN644ApBnRL9pwkXodHYR77F1R5 -nnh8NVVdBBfS1jCMUaGf5N0Wlyv0E9SlbG74iNCvhRQawiv0ugyTVmcV6L5DfRHu -/BXcHWtEZmgNzQUTO6+0wqrr4pTG5O2Bz1TtgZn7/xl9c9QmiRv8iXkRN3mR1SSt -9/7SpUyri1hERXMD9AmpIf5XVbcJq+LJ08cO8VNbYY4zfqUB5NLRmCi3Yxf620Cs -hF7CWy9IIXNpt2/YFBThfX681Y5YkPpnZjt/T0VVE7wNzAhLkYGKsltBaAuml7is -dFJD6rUkwy1h/yxdHerUrRPQt4mhcw== -=YX4R ------END PGP SIGNATURE----- diff --git a/firejail-0.9.66.tar.xz b/firejail-0.9.66.tar.xz new file mode 100644 index 0000000..665e173 --- /dev/null +++ b/firejail-0.9.66.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8a849ea2f3922901033a407b9498d48915260e7c3381f6cf151c51a73c952d0f +size 449992 diff --git a/firejail-0.9.66.tar.xz.asc b/firejail-0.9.66.tar.xz.asc new file mode 100644 index 0000000..7c8e799 --- /dev/null +++ b/firejail-0.9.66.tar.xz.asc @@ -0,0 +1,11 @@ +-----BEGIN PGP SIGNATURE----- + +iQEzBAABCgAdFiEE+VEWSZX1xABqc0EeLMs2rfxYSacFAmDbUqwACgkQLMs2rfxY +SaeDMQf/W9LgIG/QsVz3Xl442zT4gijZGK6llnT5Ca5eDkqLCizCPbRdDJ54eldF +kfLQiy21K7KTnrr9S5Y5UFy4452q4ewKIVe/PCfN++f38cN40tWefyBsO5hgJq6Z +t61bx54+5RxJl9qz5cm8eJFvXi1G9rkZPcVn4KBjUoY5vbyirElfHdgH6KcCPN3J +benndbPlXfzw4673P7LqNRsbri8wLsM20KoeBahIMj0SUQ6hOOTItKYxUtx19N93 +gXB/Sa9JTVGVK9PYhRZiuLeCXBe76PkNV6WJngFDQ8GyYG+AnRETBXiTzkR7Jxcn +hhoGnbOKRdIvXKcDXHdeAd2nxOJm5g== +=pisc +-----END PGP SIGNATURE----- diff --git a/firejail.changes b/firejail.changes index d3c177b..af453cc 100644 --- a/firejail.changes +++ b/firejail.changes @@ -1,3 +1,29 @@ +------------------------------------------------------------------- +Sun Jul 18 11:47:42 UTC 2021 - Andreas Stieger + +- firejail 0.9.66: + * deprecated --audit options, relpaced by jailcheck utility + * deprecated follow-symlink-as-user from firejail.config + * new firejail.config settings: private-bin, private-etc + * new firejail.config settings: private-opt, private-srv + * new firejail.config settings: whitelist-disable-topdir + * new firejail.config settings: seccomp-filter-add + * removed kcmp syscall from seccomp default filter + * rename --noautopulse to keep-config-pulse + * filtering environment variables + * zsh completion + * command line: --mkdir, --mkfile + * --protocol now accumulates + * jailtest utility for testing running sandboxes + * faccessat2 syscall support + * --private-dev keeps /dev/input + * added --noinput to disable /dev/input + * add support for subdirs in --private-etc + * subdirs support in private-etc + * input devices support in private-dev, --no-input + * support trailing comments on profile lines + * many new profiles + ------------------------------------------------------------------- Sun Feb 7 23:09:58 UTC 2021 - Илья Индиго diff --git a/firejail.keyring b/firejail.keyring new file mode 100644 index 0000000..e631645 --- /dev/null +++ b/firejail.keyring @@ -0,0 +1,30 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQENBFRaIzYBCACvfLk+0CpSK+03h0svI3XfbSuGppB1jSd70QoX6jgjcJ6ble+G +V8gQEd8hU6Rhw4oa6klY+sVY2Si+7ZLaGQAiucERNG0aJA23gYVw91OyaARNZ1SZ +8Ju7GowCxLOT6Ie8RyWCCv1yXGxQT36j2I1Z9/UvYHvIJISZ48K4Dk8OuF5lcCH7 +jN5X/7pqhmBKKx3Ve4UWmiKjisZcEdhJ9U5nyrHNSngPYSia+YIK/wG4nqY3ooZi +HvLA21HeaVBaILmRuRCO7akqxFB9SfJTHDqC0czZ0/3NJ3AyQv/qEkIkxGOHogKx +hNqGUBxYhba9Hl9Sl3IX72aQ28CxUngpXLNJABEBAAG0LG5ldGJsdWUgKGZpcmVq +YWlsIGtleSkgPG5ldGJsdWUzMEB5YWhvby5jb20+iQE4BBMBAgAiBQJUWiM2AhsD +BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAsyzat/FhJp7daB/0UlljRMtJ7 +/Ht9gDcQm1pqsShGw29QtLSxDWV7A250GdveGNs2yZTCJQIyoK1Pa+Q5GOUwv0I2 +VOxqTgnG3j1pCtcCbb7rkRQa6dix71IgKG+F4wUlWLdgaVsH7h1MtVobZ+nNSQAY +Bl+9vd9cKuyIYI+e6pdlLP/yCT78ehI/wVDD2V/w3ixnvnSLIgoRQRX9gAbRIf3i +/cXpyVn7wLYNMUwBrH3hPDTJPTdNih75ZcMMBWDnkt+IMijtxM++4J+45odoPKb6 +bCvq0e0WtWmscOx/jN5cgOyC/87lcQuHSyjiSJowJzJUnO0sL9r1X1RFsU+XhGfN +8Ml/9flP/ojYuQENBFRaIzYBCADCE9S6rB7FI4z07H0PZ97XKh5U7r5hIxWrt1nC +yzD/Hprfy9ZZRJklAa+XlMMIPHHv3h8JEL2B5TWKxCa7KbNYfoLoLGywp6aIw6+X +kDhKXesEDN5WFUCW186hlmEExgNpOGZlbBLqJnaFfxhunSGgdHd5YHiASkts5Uwd +zzo2uFMcn0q0HlLLGAVwI787P6xAsAvgf4BCFuc4XGCWl8XDQbChZ8LC/ovHPq4Q +H8g6cIzya6f5E/VT2+dYGpME0bPmjTm0ZzvTHWfjw+B2d5AO5mNQiewHejnPxrcq +qJkO+Y6S80R/JPfmOI3RCHcoyB+QJ1I2I4yQ6G5dFwKl/IknABEBAAGJAR8EGAEC +AAkFAlRaIzYCGwwACgkQLMs2rfxYSad2pAf8CaKsDD1yj1mvYcUX1chrUlYmZVuR +PSFKf90OETlGSCYqdi4yyeJJnis4HBDcGPa+hFpLVksJlRCKqKQiqjndaNHhRgyM +ZouoeJvBiwCdwpQmZHgpgTv1V8n4PJ4anqISC5/ZGN9HDJ68gDx2hzeuilc+6umK +E99f7Qo8rdaeu5IGhujQhxnemAyTBNGZh3tABZcni5m7uVJKihdDUogghXSnIBxh +ilSqRQrPqyCjic8MUB9S+eBQC4Z67i9YqJaBfb80x9HqINLncGFDHKIajwy8f7Sh +k67z733GYXrAnyHsia4IF4UGRLW4+1xtKE9xmUThmwMdkgqtJ9eqBpAF9A== +=/BT3 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/firejail.spec b/firejail.spec index 16012a1..126ee3f 100644 --- a/firejail.spec +++ b/firejail.spec @@ -17,7 +17,7 @@ Name: firejail -Version: 0.9.64.4 +Version: 0.9.66 Release: 0 Summary: Linux namepaces sandbox program License: GPL-2.0-only @@ -25,11 +25,13 @@ Group: Productivity/Security URL: https://firejail.wordpress.com Source0: https://github.com/netblue30/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz Source1: https://github.com/netblue30/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz.asc +# https://firejail.wordpress.com/download-2/ +Source2: %{name}.keyring BuildRequires: fdupes BuildRequires: gcc-c++ BuildRequires: libapparmor-devel +Requires(post): permissions Requires(pre): shadow -PreReq: permissions %description Firejail is a SUID sandbox program that reduces the risk of security @@ -47,7 +49,7 @@ sed -i '1s/^#!\/usr\/bin\/env /#!\/usr\/bin\//' contrib/fj-mkdeb.py contrib/fjcl %build %configure --docdir=%{_docdir}/%{name} \ --enable-apparmor -make %{?_smp_mflags} VERBOSE=1 +%make_build %pre getent group firejail >/dev/null || groupadd -r firejail @@ -68,7 +70,9 @@ exit 0 %attr(4750,root,firejail) %verify(not user group mode) %{_bindir}/firejail %{_bindir}/firecfg %{_bindir}/firemon +%{_bindir}/jailcheck %{_datadir}/bash-completion +%{_datadir}/zsh/site-functions/_firejail %{_libdir}/%{name} %doc %{_docdir}/%{name} %{_mandir}/man1/*