diff options
| author |   Dennis Lamm <expeditioneer@gentoo.org> | 2019-07-29 06:20:27 +0200 |
|---|---|---|
| committer | Dennis Lamm <expeditioneer@gentoo.org> | 2019-07-29 06:21:12 +0200 |
| commit | ce1c4232290943a5132bd7f4cce426b8fc8521a0 (patch) | |
| tree | 6a7bcecaa06433dc495f9ade5c3f931b73b9c466 /sys-apps/firejail | |
| parent | media-libs/mesa: introduce X USE flag (diff) | |
| download | gentoo-ce1c4232290943a5132bd7f4cce426b8fc8521a0.tar.gz gentoo-ce1c4232290943a5132bd7f4cce426b8fc8521a0.tar.bz2 gentoo-ce1c4232290943a5132bd7f4cce426b8fc8521a0.zip | |
sys-apps/firejail: bump 0.9.60
Bug: https://bugs.gentoo.org/656360
Bug: https://bugs.gentoo.org/678976
Signed-off-by: Dennis Lamm <expeditioneer@gentoo.org>
Package-Manager: Portage-2.3.66, Repoman-2.3.16
Diffstat (limited to 'sys-apps/firejail')
| -rw-r--r-- | sys-apps/firejail/Manifest | 1 | ||||
| -rw-r--r-- | sys-apps/firejail/firejail-0.9.60.ebuild | 53 | ||||
| -rw-r--r-- | sys-apps/firejail/metadata.xml | 36 |
3 files changed, 72 insertions, 18 deletions
diff --git a/sys-apps/firejail/Manifest b/sys-apps/firejail/Manifest index 6f30a7cf3054..ea5468b9f4e1 100644 --- a/sys-apps/firejail/Manifest +++ b/sys-apps/firejail/Manifest @@ -1,2 +1,3 @@ +DIST 0.9.60.tar.gz 1067102 BLAKE2B c5fd9a9c60fe17fc7ae24946ae5ea2f666d1dd20d982c540783dd2e56d30859a24258c4f3426e2bafaff3530557f5865bc73af9573e399039e8d5b097e5cddee SHA512 cb3eeff2f77801b4593a719a6b63da09cdc6c7f96f8ea8ea1aaa7e8538b080421a284441c6e43ce036fdf8510e08a73816c58d22f0af048344b8752f4a02759a DIST firejail-0.9.50.tar.xz 279488 BLAKE2B 96d8e9161f0631ebfa400fd79c1d8d139d014da46cc2bf7fd3683f75ef7dced6a435e09e1733b675bc549662d50fddca9bd8811872a5ed186d731bb3c16903ea SHA512 766fe8a0c65ddc717759f0ea54a4fe72213f43ecf241c385e484eb7e47bebd5896976998c76e6a5ef9c153d4007c2a01e9d942cc9f352c4b085fb02fe708a87d DIST firejail-0.9.56.tar.xz 327336 BLAKE2B 4fe2276c3007e995ca2113ef870918287e1178ff0effdcd5d635fce6d170b6c3df2f75b45315fed1e58e1c993324b84091f7e6912493608233f96661c85ce7e2 SHA512 f9685be0cbfdf45f8f895041c63e005da483d9b09482ebda2776633ae0b048cd355b57bf4431348295507059633dfda45b0c8b2c1f4a83ad02ff661d32448d24 diff --git a/sys-apps/firejail/firejail-0.9.60.ebuild b/sys-apps/firejail/firejail-0.9.60.ebuild new file mode 100644 index 000000000000..763ae58dfbd4 --- /dev/null +++ b/sys-apps/firejail/firejail-0.9.60.ebuild @@ -0,0 +1,53 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit eutils + +DESCRIPTION="Security sandbox for any type of processes" +HOMEPAGE="https://firejail.wordpress.com/" + +SRC_URI="https://github.com/netblue30/${PN}/archive/${PV}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="apparmor +chroot contrib debug +file-transfer +globalcfg +network +overlayfs +private-home +seccomp +suid test +userns +whitelist x11" + +DEPEND="!sys-apps/firejail-lts + apparmor? ( sys-libs/libapparmor ) + test? ( dev-tcltk/expect )" + +RDEPEND=" apparmor? ( sys-libs/libapparmor )" + +RESTRICT="test" + +src_prepare() { + default + + find ./contrib -type f -name '*.py' | xargs sed --in-place 's-#!/usr/bin/python3-#!/usr/bin/env python3-g' + + find -type f -name Makefile.in | xargs sed --inplace --regexp-extended \ + --expression='/^\tinstall .*COPYING /d' \ + --expression='/CFLAGS/s: (-O2|-ggdb) : :g' + + sed --inplace --regexp-extended '/CFLAGS/s: (-O2|-ggdb) : :g' ./src/common.mk.in +} + +src_configure() { + econf \ + $(use_enable apparmor) \ + $(use_enable chroot) \ + $(use_enable contrib contrib-install) \ + $(use_enable file-transfer) \ + $(use_enable globalcfg) \ + $(use_enable network) \ + $(use_enable overlayfs) \ + $(use_enable private-home) + $(use_enable seccomp) \ + $(use_enable suid) \ + $(use_enable userns) \ + $(use_enable whitelist) \ + $(use_enable x11) +} diff --git a/sys-apps/firejail/metadata.xml b/sys-apps/firejail/metadata.xml index ab427dfd4c8a..ff858199d284 100644 --- a/sys-apps/firejail/metadata.xml +++ b/sys-apps/firejail/metadata.xml @@ -1,36 +1,36 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> - <!-- maintainer-needed --> + <maintainer type="person"> + <email>expeditioneer@gentoo.org</email> + <name>Dennis Lamm</name> + </maintainer> <longdescription lang="en"> - Firejail is a SUID program that reduces the risk of security breaches - by restricting the running environment of untrusted applications using - Linux namespaces and seccomp-bpf. It allows a process and all its - descendants to have their own private view of the globally shared - kernel resources, such as the network stack, process table, mount - table. + Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of + untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to + have their own private view of the globally shared kernel resources, such as the network stack, process table, + mount table. - This is bleeding edge branch. For long term support version see - sys-apps/firejail-lts. + This is the regular version. For a long term support version see sys-apps/firejail-lts. </longdescription> <upstream> <remote-id type="sourceforge">firejail</remote-id> </upstream> <use> - <flag name="apparmor">Enable support for custom AppArmor - profiles</flag> + <flag name="apparmor">Enable support for custom AppArmor profiles</flag> <flag name="bind">Enable custom bind mounts</flag> <flag name="chroot">Enable chrooting to custom directory</flag> <flag name="contrib">Install contrib scripts</flag> - <flag name="file-transfer">Enable file transfers between sandboxes and - the host system</flag> + <flag name="file-transfer">Enable file transfers between sandboxes and the host system</flag> + <flag name="globalcfg">Enable global config file</flag> <flag name="network">Enable networking features</flag> - <flag name="network-restricted">Grant access to --interface, - --net=ethXXX and --netfilter only to root user; regular users are - only allowed --net=none</flag> + <flag name="network-restricted">Grant access to --interface, --net=ethXXX and --netfilter only to root user; + regular users are only allowed --net=none</flag> + <flag name="overlayfs">Enable overlayfs</flag> + <flag name="private-home">Enable private home feature</flag> <flag name="seccomp">Enable system call filtering</flag> - <flag name="userns">Enable attaching a new user namespace to a - sandbox (--noroot option)</flag> + <flag name="userns">Enable attaching a new user namespace to a sandbox (--noroot option)</flag> + <flag name="whitelist">Enable whitelist</flag> <flag name="x11">Enable X11 sandboxing</flag> </use> </pkgmetadata> |