pool/firejail
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
555d6e90b4
firejail/firejail.spec
Olaf Hering 555d6e90b4 Accepting request 431498 from home:tiwai:branches:Virtualization 
- Update to version 0.9.42:
  Security fixes:
  * –whitelist deleted files
  * disable x32 ABI in seccomp
  * tighten –chroot
  * terminal sandbox escape
  * several TOCTOU fixes
  Behavior changes:
  * bringing back –private-home option
  * deprecated –user option, please use “sudo -u username firejail”
  * allow symlinks in home directory for –whitelist option
  * Firejail prompt is enabled by env variable FIREJAIL_PROMPT=”yes”
  * recursive mkdir
  * include /dev/snd in –private-dev
  * seccomp filter update
  * release archives moved to .xz format
  New features:
  * AppImage support (–appimage)
  * AppArmor support (–apparmor)
  * Ubuntu snap support (/etc/firejail/snap.profile)
  * Sandbox auditing support (–audit)
  * remove environment variable (–rmenv)
  * noexec support (–noexec)
  * clean local overlay storage directory (–overlay-clean)
  * store and reuse overlay (–overlay-named)
  * allow debugging inside the sandbox with gdb and strace (–allow-debuggers)
  * mkfile profile command
  * quiet profile command
  * x11 profile command
  * option to fix desktop files (firecfg –fix)

OBS-URL: https://build.opensuse.org/request/show/431498
OBS-URL: https://build.opensuse.org/package/show/Virtualization/firejail?expand=0&rev=3
2016-10-13 08:58:49 +00:00

76 lines
2.1 KiB
RPMSpec
Raw Blame History

#
# spec file for package firejail
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: firejail
Version: 0.9.42
Release: 0
Summary: Linux namepaces sandbox program
License: GPL-2.0
Group: Productivity/Security
Url: https://firejail.wordpress.com/
Source0: %{name}-%{version}.tar.xz
Source1: %{name}.rpmlintrc
BuildRequires: libapparmor-devel
BuildRequires: gcc-c++
Requires(pre): permissions
%description
Firejail is a SUID sandbox program that reduces the risk of security
breaches by restricting the running environment of untrusted applications
using Linux namespaces and seccomp-bpf. It includes sandbox profiles for
many existing applications like Iceweasel/Mozilla Firefox and Chromium.
Firejail also expands the restricted shell facility found in bash by adding
Linux namespace support. It supports sandboxing specific users upon login.
%prep
%setup -q
%build
%configure --docdir=%{_docdir}/%{name} \
--enable-apparmor
make %{?_smp_mflags} VERBOSE=1
%install
make %{?_smp_mflags} DESTDIR=%{buildroot} install
%post
/sbin/ldconfig
%set_permissions %{_bindir}/firejail
%verifyscript
%verify_permissions -e %{_bindir}/firejail
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root)
%verify(not user group mode) %{_bindir}/firejail
%{_bindir}/firecfg
%{_bindir}/firemon
%{_datadir}/bash-completion
%{_libdir}/%{name}
%doc %{_docdir}/%{name}
%{_mandir}/man1/*
%{_mandir}/man5/*
%dir %{_sysconfdir}/%{name}
%config %{_sysconfdir}/%{name}/*
/etc/apparmor.d
%changelog
Reference in New Issue View Git Blame Copy Permalink