Stig Palmquist
b31db15de0
firejail: patches for CVE-2022-31214
...
https://seclists.org/oss-sec/2022/q2/188
2022-06-08 16:09:08 +02:00
Jonas Heinrich
e87b171be6
firejail: Fix opengl support for various apps
2022-05-09 15:55:05 +02:00
Jonas Heinrich
5d2dfa253e
firejail: Fix resolve binary paths in user environment
2022-05-07 11:39:02 +02:00
Zane van Iperen
36b1dedddd
firejail: 0.9.66 -> 0.9.68
...
Fixes #153430
2022-02-07 00:27:25 +10:00
Reed Riley
b2445ca613
firejail: add apparmor support
2022-01-19 13:35:19 -05:00
Reed Riley
e0bc22ad7b
firejail: improve local profile customization support
2022-01-19 11:14:28 -05:00
Reed Riley
881972bfa6
firejail: remove deprecated flag, see: 4909fa7efc
2022-01-19 10:56:39 -05:00
Jonas Heinrich
defe183dad
firejail: Remove symlink check patch
2021-09-19 11:55:30 +02:00
R. RyanTM
91466bb62a
firejail: 0.9.64.4 -> 0.9.66
2021-06-30 02:28:53 +00:00
0x4A6F
75351261fc
firejail: 0.9.64.2 -> 0.9.64.4
2021-02-07 23:40:58 +00:00
0x4A6F
2451c4d1d6
firejail: 0.9.64 -> 0.9.64.2
2021-01-28 19:42:59 +00:00
volth
bc0d605cf1
treewide: fix double quoted strings in meta.description
...
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
2021-01-24 19:56:59 +07:00
Ben Siraphob
16d91ee628
pkgs/os-specific: stdenv.lib -> lib
2021-01-17 23:26:08 +07:00
Roosembert Palacios
831c700c5d
firejail: fix -overlay and -build functionality on NixOS
...
- The `-overlay` flag runs the specified binary inside an OverlayFS,
since the /nix store may be in a different mount point than the user
home, this patch explicitly bind mounts it so it's available inside
the overlay.
- profile builder: firejail provides facilities to build a new profiles.
To do so, it execute the helper binary `fbuilder`, which in turn will
execute firejail back with different options. This patch makes it use
the binary available in PATH instead of the one produced at compile time.
The compiled firejail binary doesn't have the necessary permissions,
so the firejail NixOS module wraps it in a SUID wrapper available on
PATH at runtime.
Signed-off-by: Roosembert Palacios <roosemberth@posteo.ch>
2020-11-27 23:14:58 +01:00
snicket2100
ffeb2af920
firejail: fixing the 'xdg-dbus-proxy' dependency
...
xdg-dbus-proxy path is hardcoded in the common.h file in the firejail
source code. if this binary is not found, dbus filtering capabilities
of firejail get limited i.e. you can only entirely disable or entirely
enable dbus communication.
2020-11-22 13:35:09 +01:00
snicket2100
cd1c5633af
firejail: 0.9.62 -> 0.9.64
2020-11-08 23:25:59 +01:00
Stig Palmquist
15c53cf0fa
nixos/tests: add test for firejail
2020-08-10 06:54:26 +02:00
Stig Palmquist
e15cab8e9c
firejail: add patches to fix CVE-2020-17367 and CVE-2020-17368
2020-08-09 15:08:29 +02:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs
2020-04-10 17:54:53 +01:00
snicket2100
a63f6a7d47
firejail: local profile handling fixed
...
made it possible to place local profiles in `~/.config/firejail`,
as well as in `/etc/firejail`.
2020-03-27 18:34:52 +01:00
snicket2100
a43a5479a5
firejail: updated the homepage address
2020-01-20 23:07:18 +01:00
snicket2100
d914e9d1db
firejail: 0.9.60 -> 0.9.62
2020-01-18 11:56:07 +01:00
snicket2100
0778f0aee6
firejail: local profile handling fixed
...
The sed expression wasn't really catching anything (as local profiles are
included in the provided set of profiles by `include aaa.local` and not by
`include xx/firejail/aaa.local` as the sed expression used to expect).
As a result, it was not possible to create local profiles in any
accessible location. This fix makes it possible to create them in
`/etc/firejail/` which seems pretty standard.
2020-01-11 20:49:48 +01:00
Will Dietz
aadd2a6bc7
firejail: 0.9.58.2 -> 0.9.60
2019-05-28 19:22:56 -05:00
R. RyanTM
9944d2e91d
firejail: 0.9.58 -> 0.9.58.2
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/firejail/versions
2019-03-01 21:47:37 -08:00
R. RyanTM
0e28f3c318
firejail: 0.9.56 -> 0.9.58
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/firejail/versions
2019-02-06 01:55:03 -08:00
Ivan Kozik
9314c6a563
firejail: disable parallel building
...
firejail was frequently failing to build on my Hydra machine at -j16, and
the error looked like a typical parallel build problem:
<3>make[1]: Entering directory '/build/firejail-0.9.56/src/fcopy'
<3>gcc -ggdb -O2 -DVERSION='"0.9.56"' -DPREFIX='"/nix/store/0dm1agiwiggn8pmnqkknil7mkh25il0k-firejail-0.9.56"' -DSYSCONFDIR='"/nix/store/0dm1agiwiggn8pmnqkknil7mkh25il0k-firejail-0.9.56/etc/firejail"' -DLIBDIR='"/nix/store/0dm1agiwiggn8pmnqkknil7mkh25il0k-firejail-0.9.56/lib"' -DHAVE_X11 -DHAVE_PRIVATE_HOME -DHAVE_OVERLAYFS -DHAVE_SECCOMP -DHAVE_GLOBALCFG -DHAVE_SECCOMP_H -DHAVE_CHROOT -DHAVE_NETWORK -DHAVE_USERNS -DHAVE_FILE_TRANSFER -DHAVE_WHITELIST -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -c main.c -o main.o
<3>gcc -pie -Wl,-z,relro -Wl,-z,now -lpthread -o fcopy main.o
<3>make[1]: Leaving directory '/build/firejail-0.9.56/src/fcopy'
<3>make -C src/fldd
<3>make[1]: Entering directory '/build/firejail-0.9.56/src/fldd'
<3>gcc -ggdb -O2 -DVERSION='"0.9.56"' -DPREFIX='"/nix/store/0dm1agiwiggn8pmnqkknil7mkh25il0k-firejail-0.9.56"' -DSYSCONFDIR='"/nix/store/0dm1agiwiggn8pmnqkknil7mkh25il0k-firejail-0.9.56/etc/firejail"' -DLIBDIR='"/nix/store/0dm1agiwiggn8pmnqkknil7mkh25il0k-firejail-0.9.56/lib"' -DHAVE_X11 -DHAVE_PRIVATE_HOME -DHAVE_OVERLAYFS -DHAVE_SECCOMP -DHAVE_GLOBALCFG -DHAVE_SECCOMP_H -DHAVE_CHROOT -DHAVE_NETWORK -DHAVE_USERNS -DHAVE_FILE_TRANSFER -DHAVE_WHITELIST -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security -mindirect-branch=thunk -c main.c -o main.o
<3>gcc -pie -Wl,-z,relro -Wl,-z,now -lpthread -o fldd main.o ../lib/ldd_utils.o
<3>make[1]: Leaving directory '/build/firejail-0.9.56/src/fldd'
<3>make -C src/libpostexecseccomp
<3>make[1]: Entering directory '/build/firejail-0.9.56/src/libpostexecseccomp'
<3>gcc -ggdb -O2 -DVERSION='"0.9.56"' -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIC -Wformat -Wformat-security -c libpostexecseccomp.c -o libpostexecseccomp.o
<3>gcc -pie -Wl,-z,relro -Wl,-z,now -shared -fPIC -z relro -o libpostexecseccomp.so libpostexecseccomp.o -ldl
<3>make[1]: Leaving directory '/build/firejail-0.9.56/src/libpostexecseccomp'
<3>src/fseccomp/fseccomp default seccomp
<3>src/fsec-optimize/fsec-optimize seccomp
<3>/nix/store/6abyjgibafsbhlc7v7lab50mb3dj81jg-bash-4.4-p23/bin/bash: src/fsec-optimize/fsec-optimize: No such file or directory
<3>make: *** [Makefile:43: filters] Error 127
<3>builder for '/nix/store/30srqmpqrjyr11nhx4jbpr84m9pnmyv5-firejail-0.9.56.drv' failed with exit code 2
2018-12-17 06:41:44 +00:00
c0bw3b
0ea604ac1d
Treewide: use https for SourceForge
2018-11-24 19:58:03 +01:00
Peter Hoeg
04bbb2ab6b
firejail: override files should be in /etc/firejail
2018-10-03 16:08:39 +08:00
R. RyanTM
dd33a9dc0b
firejail: 0.9.54 -> 0.9.56
...
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/firejail/versions
2018-09-20 14:31:57 -07:00
R. RyanTM
b1890946af
firejail: 0.9.52 -> 0.9.54
...
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/firejail/versions .
These checks were done:
- built on NixOS
- Warning: no invocation of /nix/store/5zjr9idl48c08apan8gh45wh971i49i9-firejail-0.9.54/bin/firejail had a zero exit code or showed the expected version
- /nix/store/5zjr9idl48c08apan8gh45wh971i49i9-firejail-0.9.54/bin/firemon passed the binary check.
- /nix/store/5zjr9idl48c08apan8gh45wh971i49i9-firejail-0.9.54/bin/firecfg passed the binary check.
- 2 of 3 passed binary check by having a zero exit code.
- 2 of 3 passed binary check by having the new version present in output.
- found 0.9.54 with grep in /nix/store/5zjr9idl48c08apan8gh45wh971i49i9-firejail-0.9.54
- directory tree listing: https://gist.github.com/3fb76054296d9e45fea3c47ae6a9f03f
- du listing: https://gist.github.com/a732bad0be0159f527ca4e8c532400ed
2018-05-17 07:32:04 -07:00
adisbladis
c2f57b0099
firejail: 0.9.50 -> 0.9.52
2018-01-18 02:24:24 +08:00
adisbladis
0af15f6f45
firejail: 0.9.48 -> 0.9.50
2017-11-06 17:21:03 +08:00
mimadrid
09e0cc7cc7
Update homepage attributes: http -> https
...
Homepage link "http://.../ " is a permanent redirect to "https://.../ " and should be updated
https://repology.org/repository/nix_stable/problems
2017-08-03 11:56:15 +02:00
Silvan Mosberger
f5fa5fa4d6
pkgs: refactor needless quoting of homepage meta attribute ( #27809 )
...
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
2017-08-01 22:03:30 +02:00
Johannes Frankenau
fcf7b6761b
firejail: 0.9.44.10 -> 0.9.48
2017-07-25 14:30:36 +02:00
Will Dietz
707145a955
firejail: don't try to set setuid bit
2017-06-28 14:31:47 -05:00
Michael Raskin
c4bdec77a0
firejail: 0.9.44.8 -> 0.9.44.10
2017-04-10 00:14:34 +02:00
Michael Raskin
a9e55a2a8e
firejail: 0.9.44.4 -> 0.9.44.8
2017-02-01 19:28:45 +01:00
Michael Raskin
9653be493a
firejail: 0.9.44.2 -> 0.9.44.4
2017-01-08 13:58:24 +01:00
Michael Raskin
11bfe01846
firejail: 0.9.42 -> 0.9.44.2
2017-01-02 20:18:47 +01:00
Michael Raskin
11bc6ea4ae
firejail: 0.9.42-rc1 -> 0.9.42
2016-09-12 13:01:34 +02:00
Michael Raskin
b893d84d53
firejail: 0.9.40-rc1 -> 0.9.42-rc1
2016-08-11 17:57:35 +02:00
Michael Raskin
80db55610c
firejail: 0.9.38 -> 0.9.40
2016-04-13 14:47:04 +02:00
Michael Raskin
4f45082915
firejail: 0.9.36 -> 0.9.38
2016-02-14 21:17:07 +01:00
Michael Raskin
0f9a361064
firejail: 0.9.26 -> 0.9.36
2016-01-01 12:30:17 +03:00
Tuomas Tynkkynen
91cbd8a3b2
firejail: Fix source URL
...
This particular sf.net mirror is down.
2015-07-12 21:12:06 +02:00
Michael Raskin
c25495bcff
Update firejail
2015-05-10 13:36:44 +03:00
Michael Raskin
93bf2f8ba9
Update firejail
2015-04-05 20:27:25 +03:00
Michael Raskin
8fcc960e6e
Update firejail
2015-03-09 01:03:01 +03:00