rpm/firejail
SHA256
1
0
Fork 0
forked from pool/firejail
Code Pull Requests Activity

Accepting request 906960 from Virtualization

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/906960
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/firejail?expand=0&rev=13
This commit is contained in:
Dominique Leuenberger 2021-07-18 21:45:05 +00:00 committed by Git OBS Bridge
commit 4804987735
7 changed files with 110 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
firejail-0.9.64.4.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2bdaf71fff00d7551b6a4f584f3f7152821b6f9b9d416ee098f4aeaf3a02dff1
size 431116

11
firejail-0.9.64.4.tar.xz.asc
View File

@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEE+VEWSZX1xABqc0EeLMs2rfxYSacFAmAgaDAACgkQLMs2rfxY
Saf3hAf9F3DpYlTEO2TXter+Losk9UOi7S91SqN644ApBnRL9pwkXodHYR77F1R5
nnh8NVVdBBfS1jCMUaGf5N0Wlyv0E9SlbG74iNCvhRQawiv0ugyTVmcV6L5DfRHu
/BXcHWtEZmgNzQUTO6+0wqrr4pTG5O2Bz1TtgZn7/xl9c9QmiRv8iXkRN3mR1SSt
9/7SpUyri1hERXMD9AmpIf5XVbcJq+LJ08cO8VNbYY4zfqUB5NLRmCi3Yxf620Cs
hF7CWy9IIXNpt2/YFBThfX681Y5YkPpnZjt/T0VVE7wNzAhLkYGKsltBaAuml7is
dFJD6rUkwy1h/yxdHerUrRPQt4mhcw==
=YX4R
-----END PGP SIGNATURE-----

3
firejail-0.9.66.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8a849ea2f3922901033a407b9498d48915260e7c3381f6cf151c51a73c952d0f
size 449992

11
firejail-0.9.66.tar.xz.asc Normal file
View File

@ -0,0 +1,11 @@
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEE+VEWSZX1xABqc0EeLMs2rfxYSacFAmDbUqwACgkQLMs2rfxY
SaeDMQf/W9LgIG/QsVz3Xl442zT4gijZGK6llnT5Ca5eDkqLCizCPbRdDJ54eldF
kfLQiy21K7KTnrr9S5Y5UFy4452q4ewKIVe/PCfN++f38cN40tWefyBsO5hgJq6Z
t61bx54+5RxJl9qz5cm8eJFvXi1G9rkZPcVn4KBjUoY5vbyirElfHdgH6KcCPN3J
benndbPlXfzw4673P7LqNRsbri8wLsM20KoeBahIMj0SUQ6hOOTItKYxUtx19N93
gXB/Sa9JTVGVK9PYhRZiuLeCXBe76PkNV6WJngFDQ8GyYG+AnRETBXiTzkR7Jxcn
hhoGnbOKRdIvXKcDXHdeAd2nxOJm5g==
=pisc
-----END PGP SIGNATURE-----

27
firejail.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Sun Jul 18 16:45:49 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>
- firejail 0.9.66:
* deprecated --audit options, relpaced by jailcheck utility
* deprecated follow-symlink-as-user from firejail.config
* new firejail.config settings: private-bin, private-etc
* new firejail.config settings: private-opt, private-srv
* new firejail.config settings: whitelist-disable-topdir
* new firejail.config settings: seccomp-filter-add
* removed kcmp syscall from seccomp default filter
* rename --noautopulse to keep-config-pulse
* filtering environment variables
* zsh completion
* command line: --mkdir, --mkfile
* --protocol now accumulates
* jailtest utility for testing running sandboxes
* faccessat2 syscall support
* --private-dev keeps /dev/input
* added --noinput to disable /dev/input
* add support for subdirs in --private-etc
* subdirs support in private-etc
* input devices support in private-dev, --no-input
* support trailing comments on profile lines
* many new profiles
- split shell completion into standard subpackages
------------------------------------------------------------------- -------------------------------------------------------------------
Sun Feb 7 23:09:58 UTC 2021 - Илья Индиго <ilya@ilya.pp.ua> Sun Feb 7 23:09:58 UTC 2021 - Илья Индиго <ilya@ilya.pp.ua>

30
firejail.keyring Normal file
View File

@ -0,0 +1,30 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBFRaIzYBCACvfLk+0CpSK+03h0svI3XfbSuGppB1jSd70QoX6jgjcJ6ble+G
V8gQEd8hU6Rhw4oa6klY+sVY2Si+7ZLaGQAiucERNG0aJA23gYVw91OyaARNZ1SZ
8Ju7GowCxLOT6Ie8RyWCCv1yXGxQT36j2I1Z9/UvYHvIJISZ48K4Dk8OuF5lcCH7
jN5X/7pqhmBKKx3Ve4UWmiKjisZcEdhJ9U5nyrHNSngPYSia+YIK/wG4nqY3ooZi
HvLA21HeaVBaILmRuRCO7akqxFB9SfJTHDqC0czZ0/3NJ3AyQv/qEkIkxGOHogKx
hNqGUBxYhba9Hl9Sl3IX72aQ28CxUngpXLNJABEBAAG0LG5ldGJsdWUgKGZpcmVq
YWlsIGtleSkgPG5ldGJsdWUzMEB5YWhvby5jb20+iQE4BBMBAgAiBQJUWiM2AhsD
BgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAsyzat/FhJp7daB/0UlljRMtJ7
/Ht9gDcQm1pqsShGw29QtLSxDWV7A250GdveGNs2yZTCJQIyoK1Pa+Q5GOUwv0I2
VOxqTgnG3j1pCtcCbb7rkRQa6dix71IgKG+F4wUlWLdgaVsH7h1MtVobZ+nNSQAY
Bl+9vd9cKuyIYI+e6pdlLP/yCT78ehI/wVDD2V/w3ixnvnSLIgoRQRX9gAbRIf3i
/cXpyVn7wLYNMUwBrH3hPDTJPTdNih75ZcMMBWDnkt+IMijtxM++4J+45odoPKb6
bCvq0e0WtWmscOx/jN5cgOyC/87lcQuHSyjiSJowJzJUnO0sL9r1X1RFsU+XhGfN
8Ml/9flP/ojYuQENBFRaIzYBCADCE9S6rB7FI4z07H0PZ97XKh5U7r5hIxWrt1nC
yzD/Hprfy9ZZRJklAa+XlMMIPHHv3h8JEL2B5TWKxCa7KbNYfoLoLGywp6aIw6+X
kDhKXesEDN5WFUCW186hlmEExgNpOGZlbBLqJnaFfxhunSGgdHd5YHiASkts5Uwd
zzo2uFMcn0q0HlLLGAVwI787P6xAsAvgf4BCFuc4XGCWl8XDQbChZ8LC/ovHPq4Q
H8g6cIzya6f5E/VT2+dYGpME0bPmjTm0ZzvTHWfjw+B2d5AO5mNQiewHejnPxrcq
qJkO+Y6S80R/JPfmOI3RCHcoyB+QJ1I2I4yQ6G5dFwKl/IknABEBAAGJAR8EGAEC
AAkFAlRaIzYCGwwACgkQLMs2rfxYSad2pAf8CaKsDD1yj1mvYcUX1chrUlYmZVuR
PSFKf90OETlGSCYqdi4yyeJJnis4HBDcGPa+hFpLVksJlRCKqKQiqjndaNHhRgyM
ZouoeJvBiwCdwpQmZHgpgTv1V8n4PJ4anqISC5/ZGN9HDJ68gDx2hzeuilc+6umK
E99f7Qo8rdaeu5IGhujQhxnemAyTBNGZh3tABZcni5m7uVJKihdDUogghXSnIBxh
ilSqRQrPqyCjic8MUB9S+eBQC4Z67i9YqJaBfb80x9HqINLncGFDHKIajwy8f7Sh
k67z733GYXrAnyHsia4IF4UGRLW4+1xtKE9xmUThmwMdkgqtJ9eqBpAF9A==
=/BT3
-----END PGP PUBLIC KEY BLOCK-----

43
firejail.spec
View File

@ -17,7 +17,7 @@
Name: firejail Name: firejail
Version: 0.9.64.4 Version: 0.9.66
Release: 0 Release: 0
Summary: Linux namepaces sandbox program Summary: Linux namepaces sandbox program
License: GPL-2.0-only License: GPL-2.0-only
@ -25,11 +25,13 @@ Group: Productivity/Security
URL: https://firejail.wordpress.com URL: https://firejail.wordpress.com
Source0: https://github.com/netblue30/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz Source0: https://github.com/netblue30/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz
Source1: https://github.com/netblue30/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz.asc Source1: https://github.com/netblue30/%{name}/releases/download/%{version}/%{name}-%{version}.tar.xz.asc
# https://firejail.wordpress.com/download-2/
Source2: %{name}.keyring
BuildRequires: fdupes BuildRequires: fdupes
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: libapparmor-devel BuildRequires: libapparmor-devel
Requires(post): permissions
Requires(pre): shadow Requires(pre): shadow
PreReq: permissions
%description %description
Firejail is a SUID sandbox program that reduces the risk of security Firejail is a SUID sandbox program that reduces the risk of security
@ -40,6 +42,26 @@ many existing applications like Iceweasel/Mozilla Firefox and Chromium.
Firejail also expands the restricted shell facility found in bash by adding Firejail also expands the restricted shell facility found in bash by adding
Linux namespace support. It supports sandboxing specific users upon login. Linux namespace support. It supports sandboxing specific users upon login.
%package bash-completion
Summary: Firejail Bash completion
Group: System/Shells
Requires: %{name} = %{version}
Requires: bash-completion
Supplements: (%{name} and bash-completion)
%description bash-completion
Optional dependency offering bash completion for firejail
%package zsh-completion
Summary: Firejail zsh completion
Group: System/Shells
Requires: %{name} = %{version}
Requires: zsh
Supplements: (%{name} and zsh)
%description zsh-completion
Optional dependency offering zsh completion for firejail
%prep %prep
%setup -q %setup -q
sed -i '1s/^#!\/usr\/bin\/env /#!\/usr\/bin\//' contrib/fj-mkdeb.py contrib/fjclip.py contrib/fjdisplay.py contrib/fjresize.py contrib/sort.py contrib/fix_private-bin.py contrib/jail_prober.py sed -i '1s/^#!\/usr\/bin\/env /#!\/usr\/bin\//' contrib/fj-mkdeb.py contrib/fjclip.py contrib/fjdisplay.py contrib/fjresize.py contrib/sort.py contrib/fix_private-bin.py contrib/jail_prober.py
@ -47,7 +69,7 @@ sed -i '1s/^#!\/usr\/bin\/env /#!\/usr\/bin\//' contrib/fj-mkdeb.py contrib/fjcl
%build %build
%configure --docdir=%{_docdir}/%{name} \ %configure --docdir=%{_docdir}/%{name} \
--enable-apparmor --enable-apparmor
make %{?_smp_mflags} VERBOSE=1 %make_build
%pre %pre
getent group firejail >/dev/null || groupadd -r firejail getent group firejail >/dev/null || groupadd -r firejail
@ -55,6 +77,7 @@ exit 0
%install %install
%make_install %make_install
rm %{buildroot}%{_docdir}/firejail/COPYING
%fdupes -s %{buildroot} %fdupes -s %{buildroot}
%post %post
@ -68,7 +91,7 @@ exit 0
%attr(4750,root,firejail) %verify(not user group mode) %{_bindir}/firejail %attr(4750,root,firejail) %verify(not user group mode) %{_bindir}/firejail
%{_bindir}/firecfg %{_bindir}/firecfg
%{_bindir}/firemon %{_bindir}/firemon
%{_datadir}/bash-completion %{_bindir}/jailcheck
%{_libdir}/%{name} %{_libdir}/%{name}
%doc %{_docdir}/%{name} %doc %{_docdir}/%{name}
%{_mandir}/man1/* %{_mandir}/man1/*
@ -86,4 +109,16 @@ exit 0
%{_datadir}/vim/vimfiles/ftdetect/firejail.vim %{_datadir}/vim/vimfiles/ftdetect/firejail.vim
%{_datadir}/vim/vimfiles/syntax/firejail.vim %{_datadir}/vim/vimfiles/syntax/firejail.vim
%files bash-completion
%license COPYING
%dir %{_datadir}/bash-completion
%dir %{_datadir}/bash-completion/completions
%{_datadir}/bash-completion/completions/*
%files zsh-completion
%license COPYING
%dir %{_datarootdir}/zsh
%dir %{_datarootdir}/zsh/site-functions/
%{_datadir}/zsh/site-functions/_firejail
%changelog %changelog