From d2c8740488ae58d78cd3a2446a90ebeab3f55562 Mon Sep 17 00:00:00 2001 From: Duncaen Date: Mon, 9 Nov 2015 15:30:32 +0100 Subject: [PATCH] firejail: update to 0.9.34. --- .../patches/firejail-0.9.32-musl.patch | 69 ------------------- .../patches/firejail-0.9.32-seccomp.patch | 37 ---------- srcpkgs/firejail/template | 13 ++-- 3 files changed, 9 insertions(+), 110 deletions(-) delete mode 100644 srcpkgs/firejail/patches/firejail-0.9.32-musl.patch delete mode 100644 srcpkgs/firejail/patches/firejail-0.9.32-seccomp.patch diff --git a/srcpkgs/firejail/patches/firejail-0.9.32-musl.patch b/srcpkgs/firejail/patches/firejail-0.9.32-musl.patch deleted file mode 100644 index 0ceaea07120..00000000000 --- a/srcpkgs/firejail/patches/firejail-0.9.32-musl.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 14b435a43ab54a718f1a899573fe1ce6bb06fe7a Mon Sep 17 00:00:00 2001 -From: Duncaen -Date: Sun, 25 Oct 2015 15:30:09 +0100 -Subject: [PATCH] libtrace: only include fopen64, freopen64 and stat64 if - __GLIBC__ is defined - ---- - src/libtrace/libtrace.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git src/libtrace/libtrace.c src/libtrace/libtrace.c -index 1eb1cf9..12a8c7f 100644 ---- src/libtrace/libtrace.c -+++ src/libtrace/libtrace.c -@@ -312,6 +312,7 @@ FILE *fopen(const char *pathname, const char *mode) { - return rv; - } - -+#ifdef __GLIBC__ - FILE *fopen64(const char *pathname, const char *mode) { - if (!orig_fopen64) - orig_fopen64 = (orig_fopen_t)dlsym(RTLD_NEXT, "fopen64"); -@@ -320,6 +321,7 @@ FILE *fopen64(const char *pathname, const char *mode) { - printf("%u:%s:fopen64 %s\n", pid(), name(), pathname); - return rv; - } -+#endif /* __GLIBC__ */ - - - // freopen -@@ -334,6 +336,7 @@ FILE *freopen(const char *pathname, const char *mode, FILE *stream) { - return rv; - } - -+#ifdef __GLIBC__ - typedef FILE *(*orig_freopen64_t)(const char *pathname, const char *mode, FILE *stream); - static orig_freopen64_t orig_freopen64 = NULL; - FILE *freopen64(const char *pathname, const char *mode, FILE *stream) { -@@ -344,6 +347,7 @@ FILE *freopen64(const char *pathname, const char *mode, FILE *stream) { - printf("%u:%s:freopen64 %s\n", pid(), name(), pathname); - return rv; - } -+#endif /* __GLIBC__ */ - - // unlink - typedef int (*orig_unlink_t)(const char *pathname); -@@ -414,6 +418,7 @@ int stat(const char *pathname, struct stat *buf) { - return rv; - } - -+#ifdef __GLIBC__ - typedef int (*orig_stat64_t)(const char *pathname, struct stat64 *buf); - static orig_stat64_t orig_stat64 = NULL; - int stat64(const char *pathname, struct stat64 *buf) { -@@ -424,6 +429,7 @@ int stat64(const char *pathname, struct stat64 *buf) { - printf("%u:%s:stat %s\n", pid(), name(), pathname); - return rv; - } -+#endif /* __GLIBC__ */ - - - // access -@@ -625,4 +631,4 @@ int setresgid(gid_t rgid, gid_t egid, gid_t sgid) { - printf("%u:%s:setresgid %d %d %d\n", pid(), name(), rgid, egid, sgid); - - return rv; --} -\ No newline at end of file -+} diff --git a/srcpkgs/firejail/patches/firejail-0.9.32-seccomp.patch b/srcpkgs/firejail/patches/firejail-0.9.32-seccomp.patch deleted file mode 100644 index c2813fa4ce7..00000000000 --- a/srcpkgs/firejail/patches/firejail-0.9.32-seccomp.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 8014c8d3aa022c851443cbb4226a9481684c9704 Mon Sep 17 00:00:00 2001 -From: netblue30 -Date: Sat, 24 Oct 2015 09:41:11 -0400 -Subject: [PATCH] fixed compilation error for --disable-seccomp - ---- - src/firejail/main.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git src/firejail/main.c src/firejail/main.c -index 422a391..e76f1b4 100644 ---- src/firejail/main.c -+++ src/firejail/main.c -@@ -396,7 +396,9 @@ int main(int argc, char **argv) { - int arg_cgroup = 0; - int custom_profile = 0; // custom profile loaded - int arg_noprofile = 0; // use generic.profile if none other found/specified -+#ifdef HAVE_SECCOMP - int highest_errno = errno_highest_nr(); -+#endif - - // check if we already have a sandbox running - int rv = check_kernel_procs(); -@@ -1366,11 +1368,13 @@ int main(int argc, char **argv) { - waitpid(child, NULL, 0); - - // free globals -+#ifdef HAVE_SECCOMP - if (arg_seccomp_list_errno) { - for (i = 0; i < highest_errno; i++) - free(arg_seccomp_list_errno[i]); - free(arg_seccomp_list_errno); - } -+#endif - - myexit(0); - diff --git a/srcpkgs/firejail/template b/srcpkgs/firejail/template index 44fd76c747b..1c544388fcc 100644 --- a/srcpkgs/firejail/template +++ b/srcpkgs/firejail/template @@ -1,7 +1,7 @@ # Template file for 'firejail' pkgname=firejail -version=0.9.32 -revision=2 +version=0.9.34 +revision=1 build_style=gnu-configure build_pie=yes conf_files=" @@ -9,10 +9,11 @@ conf_files=" /etc/firejail/chromium-browser.profile /etc/firejail/chromium.profile /etc/firejail/clementine.profile + /etc/firejail/conkeror.profile /etc/firejail/deadbeef.profile /etc/firejail/deluge.profile /etc/firejail/disable-common.inc - /etc/firejail/disable-history.inc + /etc/firejail/disable-devel.inc /etc/firejail/disable-mgmt.inc /etc/firejail/disable-secret.inc /etc/firejail/dropbox.profile @@ -23,6 +24,7 @@ conf_files=" /etc/firejail/firefox.profile /etc/firejail/generic.profile /etc/firejail/gnome-mplayer.profile + /etc/firejail/google-chrome.profile /etc/firejail/icecat.profile /etc/firejail/icedove.profile /etc/firejail/iceweasel.profile @@ -35,18 +37,21 @@ conf_files=" /etc/firejail/rhythmbox.profile /etc/firejail/server.profile /etc/firejail/spotify.profile + /etc/firejail/skype.profile + /etc/firejail/steam.profile /etc/firejail/thunderbird.profile /etc/firejail/totem.profile /etc/firejail/transmission-gtk.profile /etc/firejail/transmission-qt.profile /etc/firejail/vlc.profile + /etc/firejail/wine.profile /etc/firejail/xchat.profile" short_desc="SUID security sandbox program" maintainer="Duncaen " license="GPL-2" homepage="https://l3net.wordpress.com/projects/firejail/" distfiles="${SOURCEFORGE_SITE}/${pkgname}/${pkgname}-${version}.tar.bz2" -checksum=0084728e1b65b87a7564520c2d1e978d4f47ea1bc9d769e0275dfd5bbb865c48 +checksum=37add3c0737206777472484591bcb742fc6c14096e4064ccc556c6bcea274ae9 case "$XBPS_TARGET_MACHINE" in arm*)